4 comments

[ 3.0 ms ] story [ 18.1 ms ] thread
Llvm is a different licence not illegal to examine. How to manage pointer+offset address integrity/legality inside the kernel (for instance) has a proof by examples a-plenty in the other code. You don't have to invent a totally unique way of doing things unless you want to.
I wish these articles would have a one sentence description of what BPF stands for. It would help passers-by.
I generally agree but for BPF they actually just took over the meaning and it no longer means "Berkely Packet Filter"
Here is what I gathered without really ever checking.

It's a safe script that has access to part of the kernel and that unlocks a lot of monitoring. You could use a kernel module that's much unwieldy, error-prone etc.

How correct am I ?