Hacker News

An eBPF overview, part 2: Machine and bytecode(collabora.com)

95 pointsmfilion posted 3 months ago7 Comments
7 Comments:
ngcc_hk said 3 months ago:

Not very clear “index” or links. Or no dates of other parts available (and update to link to them).

But interesting subject.

ncmncm said 3 months ago:

I want to use eBPF to run packet inspection and capture on my NIC, but the library functions accessible from eBPF don't include access to a nanosecond-resolution clock counter, or to efficient DMA to host procesd memory, needed for the job. Is anybody working on that?

qdog said 3 months ago:

bpf_ktime_get_ns() returns nanoseconds, is it not adequate?

I can't really speak to the use of dma and memory, I haven't really looked at that.

ncmncm said 3 months ago:

Thank you, I don't recall finding this when I studied it last.

ilovecaching said 3 months ago:

The ebpf train is really starting to eat Linux from the inside out, and the use cases appear limitless at the point. Only question now is where will ebpf end.

naasking said 3 months ago:

It's funny how everything old is new again. I remember reading a paper in the late 90s about the Pebble kernel which supported a safe bytecode with which you could extend its runtime behaviour.

This might be it:

https://www.usenix.org/conference/workshop-embedded-systems/...

ungamedplayer said 3 months ago:

The first remote kernel exploits. Will signal the beginning of the end.