After learning the basics with BCC and bpftrace, I ended up experimenting a lot with BPF lately. Eventually, I moved to C++ and LLVM IR to generate my programs on the fly. Here are some of the tools and libraries I have recently released:
| Name | Description |
|---|---|
| ebpf-common | A collection of classes and functions that are useful to write new BPF-based tools. |
| ebpfpub | A library and tool to perform system call tracing. |
| ebpfault | A BPF-based syscall fault injector that can work per-process or system-wide without requiring a kernel driver. |