Back to Search
ISBN 9798367994193 is currently unpriced. Please contact us for pricing.
Available options are listed below:

Oxidize eBPF: eBPF programming with Rust

AUTHOR Patil, Vishal
PUBLISHER Independently Published (12/11/2022)
PRODUCT TYPE Paperback (Paperback)
Description
eBPF (extended Berkeley Packet Filter) is a virtual machine that can run custom programs inside the Linux kernel. It is a powerful tool that allows low-level system operations without modifying the kernel itself. This is achieved via the sandboxed eBPF VM that verifies and safely runs the program inside the Linux kernel. eBPF does to Linux what JavaScript does to web browsers. eBPF enables the dynamic addition of new functionality or instrumentation to the Linux kernel without modification. This book will teach you to write eBPF programs in Rust that will be compiled to run directly inside the Linux kernel.

To ease the learning curve, the book is divided into two parts. The first part will cover the basics of the eBPF Virtual Machine (VM), the VM instruction set, eBPF maps, and eBPF program types. The first part will also cover the setup required to run an eBPF Rust program and the tools needed to debug eBPF programs.

The book's second part will perform a thorough code walkthrough of several eBPF programs covering topics such as adding new instrumentation and modifying kernel behavior. The sample programs included cover topics such as

  • Tracepoints
  • kprobes (Kernel probes)
  • uprobes (User Space probes)
  • Socket filters
  • XDP (eXpress Data Path)
  • LSM (Linux Security Module)
  • Traffic Control Classifier
The above examples are open source and can be found at https: //github.com/vishpat/oxidize-ebpf

The book aims to simplify the understanding of eBPF and provide a practical overview for the user to use the technology quickly.

Show More
Product Format
Product Details
ISBN-13: 9798367994193
Binding: Paperback or Softback (Trade Paperback (Us))
Content Language: English
More Product Details
Page Count: 114
Carton Quantity: 70
Product Dimensions: 6.00 x 0.24 x 9.00 inches
Weight: 0.36 pound(s)
Country of Origin: US
Subject Information
BISAC Categories
Computers | Security - General
Descriptions, Reviews, Etc.
publisher marketing
eBPF (extended Berkeley Packet Filter) is a virtual machine that can run custom programs inside the Linux kernel. It is a powerful tool that allows low-level system operations without modifying the kernel itself. This is achieved via the sandboxed eBPF VM that verifies and safely runs the program inside the Linux kernel. eBPF does to Linux what JavaScript does to web browsers. eBPF enables the dynamic addition of new functionality or instrumentation to the Linux kernel without modification. This book will teach you to write eBPF programs in Rust that will be compiled to run directly inside the Linux kernel.

To ease the learning curve, the book is divided into two parts. The first part will cover the basics of the eBPF Virtual Machine (VM), the VM instruction set, eBPF maps, and eBPF program types. The first part will also cover the setup required to run an eBPF Rust program and the tools needed to debug eBPF programs.

The book's second part will perform a thorough code walkthrough of several eBPF programs covering topics such as adding new instrumentation and modifying kernel behavior. The sample programs included cover topics such as

  • Tracepoints
  • kprobes (Kernel probes)
  • uprobes (User Space probes)
  • Socket filters
  • XDP (eXpress Data Path)
  • LSM (Linux Security Module)
  • Traffic Control Classifier
The above examples are open source and can be found at https: //github.com/vishpat/oxidize-ebpf

The book aims to simplify the understanding of eBPF and provide a practical overview for the user to use the technology quickly.

Show More
Paperback