undump-aya

Learning how to write ebpf kprobe's in Rust with aya-rs that can work with Unix Domain Sockets.

This is a pseudo-re-implementing of undump.bt from bpftrace

Prerequisites

1. Install bpf-linker: cargo install bpf-linker

Build eBPF

cargo xtask build-ebpf

To perform a release build you can use the --release flag. You may also change the target architecture with the --target flag.

Build Userspace

cargo build

Build eBPF and Userspace

cargo xtask build

Run

RUST_LOG=info cargo xtask run