Learning eBPF: Programming the Linux Kernel for Enhanced Observability, Networking, and Security

A powerful technology for programming the Linux kernel to enhance observability, networking, and security. It explains eBPF's fundamentals, including its virtual machine, instruction set, maps, and helper functions, along with the verifier that ensures program safety. The text details how eBPF programs are written in C (and increasingly Rust), compiled, and managed, often using the libbpf library for Compile-Once-Run-Everywhere (CO-RE) portability across different kernel versions. Furthermore, the book explores various eBPF program types and attachment points within the kernel, showcasing practical applications in areas like network security, load balancing, syscall monitoring, and tracing encrypted traffic.

You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cyber_security_summary

Get the Book now from Amazon:
https://www.amazon.com/Learning-eBPF-Programming-Observability-Networking/dp/1098135121?&linkCode=ll1&tag=cvthunderx-20&linkId=1d8689e476e5bd2466d5f05fd160ca22&language=en_US&ref_=as_li_ss_tl