-
I'm trying to port
https://github.com/aws/aws-imds-packet-analyzer/blob/main/src/bpf.c
to `bpftrace`
However for some reason the buffer is always zeroed out when using bpftrace; whilst it cont…
-
I used the following command to create a project and selected `kprobe`:
```
cargo generate https://github.com/aya-rs/aya-template
```
I checked the kprobe example in the repository and found the…
-
Hey Guys, I'm trying to write a probe that inspects data passed to the kernel. It attaches and instruments the right sys call, but it seems like I'm not casting to the correct types for each parm. Can…
-
i run kprobe consume_skb programe sucees,but to read skb->data parsing HTTP Frame is empty or other character。and parsing http is not exsit. but i can get ssh session body infomation,i don't understa…
-
Sometimes, the `stack[REG_PC]`(in kernel/kprobes.c) was `nvic_handler52`, rather than not the next instruction of breakpoint. The is because the priority of UART is higher than ktimer_handler, the lo…
-
my probe code:
```
#include "vmlinux.h"
#include
#include
SEC("kprobe/ovs_dp_upcall")
int BPF_KPROBE(ovs_dp_upcall, struct datapath *dp, struct sk_buff *skb, const struct sw_flow_key *key,
…
-
Kernel functions we trace were inlined in https://github.com/torvalds/linux/commit/450b7879e345 (5.17+), hence the gadget fail to work on that kernel:
```
$ sudo ./ig top block-io
RUNTIME.CONTAIN…
-
### What reproduces the bug? Provide code if possible.
```
tests/runtime-tests.sh
```
or
```
$ sudo ./src/bpftrace -e 'kprobe:vfs_read+1000000 { printf("SUCCESS %d\n", pid); exit(); }…
-
尝试安装 [dae](https://github.com/daeuniverse/dae/blob/main/docs/zh/README.md) 需要 需要以下内核选项:
```bash
CONFIG_BPF=y
CONFIG_BPF_SYSCALL=y
CONFIG_BPF_JIT=y
CONFIG_CGROUPS=y
CONFIG_KPROBES=y
CONFIG_NET_I…
-
Some eBPF programs have dependencies on kernel features and/or require a specific kernel version (i.e due to a dependency on a given version of vmlinux.h for example).
bpfman program load should al…