Rafael David Tinoco
Rafael David Tinoco
Related to #289
Hello Ramon, just inform here you are working on the issue - like you did - and you can opt to send a patch to project maintainers (Cyril and Jan)...
@brycekahle Please make sure to constantly rebase as I'm documenting the code and changing some variable names for better "first readers" understanding. Of course, if you are tackling this offline....
Done by: https://github.com/aquasecurity/btfhub/pull/95 https://github.com/aquasecurity/btfhub/pull/96 Unfortunately, with the mentioned downside. The bpftool compilation is agnostic to distro (depends on available -dev packages so it can be built). Maybe I should create...
Im still missing bringing the example back to the repository.
OBS: I'm not yet doing a PR for this, just keeping a branch in my github account so you can follow. ## Item 1 and 2 * ebpf kprobes on...
Before answering you, I did some more code reading, including kernels, and I would like to recall the initial theory. I think it could have some inaccurate premises, please advice...
Couldn't play as hard as I wanted yet (libvirt backports and tests all week =() but.. this last commit adds 2 kprobes, like we discussed, and only sends arguments if...
In order to have a good test case for the feature, I have played a bit with BPF programs and maps pinning and there is some cool stuff to report...
I have used a [systemtap script]( https://github.com/rafaeldtinoco/portablebpf/blob/hijack/hijack.stp) to play with **bpftool** and MAPS reading, just to check about what you have asked. When executing `$ sudo bpftool map list` and...