Skip to content

microsoft/SysinternalsEBPF

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

48 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

SysinternalsEBPF Build Status

Build

Please see build instructions here.

Autodiscovery of Offsets

SysinternalsEBPF attempts to automatically discover the offsets of some members of some kernel structs. If this fails, please provide details of the kernel version (and config if possible) plus the error message to the GitHub issues page.

You can then generate a configuration file to override the autodiscovery by building the getOffsets module in the /opt/sysinternals/getOffsets directory. See the README.md in that directory for more information.

If you define EBPF_CO_RE in your own eBPF programs that use SysinternalsEBPF, the library will use the CORE libbpf APIs.

Manual Page

A man page for SysinternalsEBPF can be found in the package directory, and is installed by both deb and rpm packages.

Use 'find' on the package directory to locate it manually.

License

SysinternalsEBPF is licensed under LGPL2.1. SysinternalsEBPF includes libbpf, which is licensed under LGPL2.1. Libbpf can be located at https://github.com/libbpf/libbpf The SysinternalsEBPF library of eBPF code is licensed under GPL2.