Home My Library My Account Pocketmags Plus+ Title A-Z Category A-Z Popular Magazines Latest Offers Gift Vouchers Activate a Subscription Blog Help & Support
US
0 Basket
Login Plus+
BEST SELLERS OFFERS Craft & Hobby Aviation & Transport Leisure General Interest Sport
United States  

SITE SETTINGS

LIGHT MODE
All Categories
Art & Photography Art Design Architecture Photography Aviation & Transport Motorcycles Flying & Aviation Car Magazines Trains Home & Family Kids Family Pets & Animals Cooking DIY Gardening Real Estate Home Decor Food and Drink Cooking & Baking Drink Vegetarian & Vegan Gluten Free & Special Diets General Interest History & Knowledge Astrology Education & Literary Spiritual & Religion Industry & Trade National & Regional Books News & Current Affairs Fitness & Health Healthcare Running Women's Fitness Men's Fitness Healthy Eating & Diet Spirituality & Wellbeing Craft & Hobby Collection RC Modelling Scale Modelling Sewing & Knitting Woodworking Arts & Crafts Leisure Interest Travel Boating & Sailing Poker & Gambling RV & Motorhome Outdoor & Camping TV & Movie Tattoo Horse & Equestrian Animal Men's Interest Fashion Gay TV & Movie Men's Fitness Motorcycles Car Magazines Soccer Angling & Fishing Gaming Accessories & Gadgets Newspapers All Music Classical Heavy Metal Alternative Rock Pop Practical & Playing Hi-Fi Sport Soccer Cycling Rugby Golf & Cricket Soccer Programmes Angling & Fishing Guns & Archery Boxing & MMA Horse & Equestrian Other Boards & Watersports Running & Athletics Racing Ski & Snowmobile Outdoor Adventure Gaming and Tech Apple Gaming Internet Gadgets PC Mobile Industry & Trade Money & Finance Architecture & Building Military & Defense Teaching & Education Media Retail Trade Agriculture Hospitality Business Logistics Government Travel Women's Interest Hairstyles Celebrity Gossip Weddings & Bridal Lifestyle & Fashion Weight Loss Fitness
United States  
Digital Subscriptions > Linux Format > FREE Sample Issue > Getting started with the powerful eBPF
15 MIN READ TIME

EBPF

Getting started with the powerful eBPF

Extending things is what Mihalis Tsoukalos loves to do, so his heart leapt at the chance to explain the Extended Berkeley Packet Filter.

Credit: https://ebpf.io

Part One!

Don’t miss next issue! Subscribe on page 16

OUR EXPERT

Mihalis Tsoukalos is a systems engineer and a technical writer. You can reach him at www. mtsoukalos.eu and @mactsouk.

QUICK TIP

Get the code for this tutorial from the Linux Format archive: www. linuxformat. com/archives ?issue=294.

The subject of this tutorial is eBPF and is the first in a series of tutorials about eBPF and its capabilities. eBPF stands for Extended Berkeley Packet Filter, but despite its name it’s not restricted to just network packet filtering.

More accurately, eBPF enables users with root privileges to load and execute custom programs inside the kernel of the operating system, which, in simple terms, is at a really low level. After a custom program is loaded, it’s verified for safety and it might be rejected if there are problems with it. However, if everything is okay then the program is attached to at least one event (this is a compulsory requirement) and is launched when that event takes place.

As a consequence, instead of changing our software and adding extra code to it, we can collect information about our software by using an existing eBPF tool or by writing our own eBPF tools.

The history of eBPF

Let’s first discuss the history of BPF and eBPF, and how they’re connected. BPF was introduced in 1992 for improving the performance of packet capture tools. In 2013 Alexei Starovoitov did a major rewrite of BPF that was included in the Linux kernel in 2014 and replaced BPF. With this rewrite, BPF, which is now called eBPF, became more versatile and can be used for a variety of tasks beyond simple network packet capture.

It’s difficult to describe precisely what eBPF can do because it has so many capabilities. It’s much easier to describe how we can use eBPF. It can be used in three main areas: networking, security and observability. This series of tutorials is going to focus on the observability capabilities (tracing) of eBPF.

The main advantage of eBPF compared to traditional performance tools is that it’s efficient, production safe and part of the Linux kernel. In practice, this means that we can use eBPF without the need to add or load any other components to the Linux kernel.

Most Linux applications are executed in user space, which is a layer without too many privileges. Although using user space is safer and more secure, it has restrictions and requires using system calls to ask the kernel for access to privileged resources. Even the simplest commands use a large amount of system calls when executed.

Unlock this article and thousands more for just 99p Get unlimited access to 650+ titles

30 day trial, then just $9.99 p/ month.
One per customer. Cancel anytime.

Learn more
Pocketmags Plus
Unlock this article and much more with
You can enjoy:
Enjoy this edition in full
Instant access to 600+ titles
Thousands of back issues
No contract or commitment
Try for 99c
SUBSCRIBE NOW
30 day trial, then just $9.99 / month. Cancel anytime. New subscribers only.


Learn more
Pocketmags Plus
Pocketmags Plus
More Options:
SUBSCRIBER LOGIN | PRINT OFFERS | DIGITAL OFFERS | DIGITAL BACK ISSUES
SUBSCRIBER LOGIN
PRINT OFFERS
DIGITAL OFFERS
DIGITAL BACK ISSUES

This article is from...


View Issues
Linux Format
FREE Sample Issue
VIEW IN STORE

Other Articles in this Issue


WELCOME
MEET THE TEAM
This issue we’re seeing how many operating systems
Flexible friend
Things used to be simple: you’d have a
REGULARS AT A GLANCE
Debian embraces DuckDuckGo
The distro’s switch from Google as its default search engine causes controversy over privacy concerns.
Hacked tractor plays Doom…
…but also runs outdated and unpatched hardware.
PINE64 drama as moderator quits
Publicly calls out PinePhone manufacturer’s failings.
STOP THE SPRAWL
Donnie Berkholz is senior vice-president, product at Percona
MANAGING EXPECTATIONS
Keith Edmunds is MD of Tiger Computing Ltd,
Canonical embraces RISC-V
Ubuntu now supported on StarFive’s VisionFive RISC-V boards.
Flathub undergoes key changes
The project will make donating to teams easier.
LibreOffice 7.4 released
Now with greater file support and documentation for scripts.
Distro watch
What’s behind the free software sofa?
AI GETS IN YOUR FACE
Marcus Edel is a senior software engineer at
MY SPACE
Jon Masters is a kernel hacker who’s been
Kernel Watch
Jon Masters summarises the latest happenings in the Linux kernel, so that you don’t have to. 
Answers
Got a burning question about open source or the kernel? Whatever your level, email it to lxf.answers@futurenet.com
Mailserver
WRITE TO US Do you have a burning
HotPicks
THE BEST NEW OPEN SOURCE SOFTWARE ON THE PLANET
Syncthing
Syncthing has one of the best application dashboards
Imagine
Imagine is a handy tool for someone who
HomeBank
HomeBank has an intimidating interface that’ll only start
Jitsi
Since anybody with the meeting room can join
Beets
Beets supports the use of query strings with
Vifm
Vifm would be intuitive to operate for someone
Rclone
New users can experience the dexterity of rclone
Unvanquished
Based on the daemon gaming engine, Unvanquished is
Bitfighter
Frenetic gameplay coupled with 80s-arcade graphics and a
AES Crypt
AES Crypt also has a CLI version that
SMPlayer
SMPlayer also includes several backends that you can
GOING FULL RETRO!
NEXT MONTH
LINUX FORMAT
The #1 open source mag Future Publishing Limited,
REVIEWS
REVIEWS AMD Ryzen 5500
Too little, too late is what Alan Dexter hears a lot...
DragonflyBSD 6.2.2
David Rutland takes a long and confusing journey to the land before time, where things look familiar... but aren’t.
KDE Neon 2022.08
David Rutland finds that KDE is a delight to behold and regardless of whether it’s a ‘real’ distro, it’s a charming and relaxing place to be.
NuTyX 22.07
David Rutland finds this distro with its unique package management system a little less nutty than he had expected. It’s certainly a bit crunchy.
Emmabuntüs 4-1
David Rutland finds that the latest stable distro release is a little lacking in the “zig-a-zig-ah” department. Maybe it was lost in translation…
Psychonauts 2
When Management said they’re implementing a mindfulness policy, Matthew Castle didn’t realise it meant entering his very psyche!
ROUNDUP
Creative-writing tools
Struggling to compose a story? Nick Peers reviews five tools that all provide more than a simple writing environment to help bring your novels to life.
Installation, upgrades
How easy is it to install and get up and running with each tool?
User interface and navigation
Are these tools easy to use and how accessible are their features?
Standout features
Find out what sets each program apart.
Planning your novel’s structure
How do our tools fare with helping you to organise and plot your story?
Keep your stories organised
How does each tool organise your story and let you alter its running order?
Helper and search tools
All writers need a helping hand – what tools do our programs offer?
Write and export your story
How good are these tools for getting your text ready for publication?
The Verdict
Creative-writing tools
MULTI-BOOT MINT 21!
Got a new PC with Windows on it? Jonni Bidwell shows how you can get Linux Mint too, without breaking a thing.
Taking precautions
You might need Windows later so let’s make sure it’s not going to get upset.
Installing stereo operating systems
A few more cross-checks and detours, then we can get the freshest edition of Mint installed on your machine…
Tweaking the Mint
Finish the Mint installation, enjoy a fresh view of your Windows files and learn more about UEFI.
Logical Volume Manager
Multiboot many distros with aplomb through the magick of LVM.
Pi USER
RS Group loses its 10-year Pi licence
RS Components had been a manufacturer and distributor of Raspberry Pi since its launch in 2012.
Low-Profile ICE Tower
Les Pounder’s Raspberry Pi runs cool. In contrast, Les always feels the heat. Could this new cooler make even our expert chill out this summer?
Pimoroni Trilobot
Les Pounder (quite literally) makes a new friend with a powerful and affordable Pi-powered robot.
Stream live data to custom web pages
Les Pounder takes the latest and smallest Raspberry Pi with Wi-Fi and turns it into a £6 web server with live sensor data.
Create a Pi-based media centre with Kodi
Kodi is an open source media centre. Michael Reed installs it on his trusty Raspberry Pi for some couch-based entertainment.
IN DEPTH
SAVING THE SMART HOME
The smart home is dying but Matt Holder is here to save the day by showing us how open source can keep the smart-lights on…
TUTORIALS
Manage kernel modules
There’s a lot to be said about finding inner peace through meditation. Yet Shashank Sharma is confident he’ll find nirvana with classy CLI tools.
Set up your smart phone as a webcam
Nick Peers reveals how to convert your mobile devices into cameras you can use while chatting in Linux.
Get to grips with Solaris
Linux veteran Michael Reed wonders if he can pass for a native in the weird and wonderful land of Solaris-derived OpenIndiana.
Getting started with Cura and 3D printing
Not getting the quality of prints you expected from your 3D printer? Ali Jennings shows you the essential steps the manuals often miss.
How to make better cut-outs in GIMP
We often have photos where certain elements have to be “isolated” from the background. Use GIMP and Karsten Günther for this task!
The art of hiding messages in plain sight
Steganography might not be as well-known as cryptography but, as Mike Bedford reveals, it’s a powerful tool in preserving your security.
TOP OF THE FOSS!
NOURISHMENT FOR THE SOUL
Andrew Lukoshko, benny Vasquez and Jack Aboutboul update Jonni Bidwell on the latest AlmaLinux developments.
CODING ACADEMY
Recreate the classic Pac-Man in Python
Being chased down endless corridors by spectral apparitions is all in a day’s work for Andrew Smith and his Python skills…
Add useful dialogs to terminal scripts
Quickly create dialogs for your shell scripts and even add notifications or menus with the help of Karsten Günther.

Basket -

Your basket is currently empty.
Continue Shopping
Chat
X
Pocketmags Support