Idomatic Rust bindings for eBPF programs, probes, and maps.
The motive behind this crate and sister crates: btf, btf-derive, bpf-ins, and bpf-script, aside from learning more about eBPF, was to be able to have a fully Rust eBPF solution. That is, the ability to easily write, compile, and attach BPF programs and use maps without any dependencies on bcc, libbpf or any other non-Rust BPF dependencies.
For usage examples, see code located in examples/ :
| Examples | Description |
|----------|-------------|
|array| A short example using a BPF array|
|print-programs| A short example that attachs a probe to sched_process_exec and prints program executions|
|user-tracer| A short example that attachs a uprobe to cat's entry-point|