An eBPF overview, part 2: Machine and bytecode(collabora.com)
Not very clear “index” or links. Or no dates of other parts available (and update to link to them).
But interesting subject.
I want to use eBPF to run packet inspection and capture on my NIC, but the library functions accessible from eBPF don't include access to a nanosecond-resolution clock counter, or to efficient DMA to host procesd memory, needed for the job. Is anybody working on that?
bpf_ktime_get_ns() returns nanoseconds, is it not adequate?
I can't really speak to the use of dma and memory, I haven't really looked at that.
Thank you, I don't recall finding this when I studied it last.
The ebpf train is really starting to eat Linux from the inside out, and the use cases appear limitless at the point. Only question now is where will ebpf end.
It's funny how everything old is new again. I remember reading a paper in the late 90s about the Pebble kernel which supported a safe bytecode with which you could extend its runtime behaviour.
This might be it:
The first remote kernel exploits. Will signal the beginning of the end.