11 releases

✓ Uses Rust 2018 edition

new 0.9.10 Feb 13, 2020
0.9.9 Jan 10, 2020
0.9.7 Dec 17, 2019
0.9.6 Nov 9, 2019
0.9.0 Oct 31, 2019

#2 in #ebpf

Download history 86/week @ 2019-10-31 164/week @ 2019-11-07 55/week @ 2019-11-14 24/week @ 2019-11-21 21/week @ 2019-11-28 9/week @ 2019-12-05 183/week @ 2019-12-12 17/week @ 2019-12-19 13/week @ 2019-12-26 22/week @ 2020-01-02 39/week @ 2020-01-09 41/week @ 2020-01-16 4/week @ 2020-01-23 3/week @ 2020-01-30 12/week @ 2020-02-06

147 downloads per month

MIT/Apache

57KB
1K SLoC

RedBPF

LICENSE CircleCI

A Rust eBPF toolchain.

Overview

The RedBPF project is a collection of Rust libraries to work with eBPF programs. It includes:

  • redbpf-probes - an idiomatic Rust API to write programs that can be compiled to eBPF bytecode and executed by the linux in-kernel eBPF virtual machine.

    Documentation

  • redbpf-macros - companion crate to redbpf-probes which provides procedural macros to reduce the amount of boilerplate needed to produce eBPF programs.

    Documentation

  • redbpf, a user space library that can be used to parse and load eBPF programs written using redbpf-probes and redbpf-macros.

    Documentation

  • cargo-bpf, a cargo subcommand for creating, developing and building eBPF programs in Rust using the RedBPF APIs.

    Documentation

Usage

The easiest way to get started is to install cargo-bpf, see the cargo bpf documentation for more info.

To see how and what RedBPF can be used for, check out the ingraind project.

Requirements

In order to build some of the code here, you will need the following:

  • Linux 4.19+, with a build tree. The build tree is picked up from standard locations, or the KERNEL_SOURCE environment variable.
  • LLVM 9, or an LLVM version compatible with the Rust release you're using to build
  • The latest stable Rust compiler. We only promise to build with the latest stable and nightly compilers.

License

This repository contains code from other software in the following directories, licensed under their own particular licenses:

  • bpf-sys/libelf/*: GPL2 + LGPL3
  • bpf-sys/bcc/*: Apache2, public domain
  • include/bpf_helpers.h LGPL2 + BSD-2
  • include/bpf_helper_defs.h: LGPL2 + BSD-2
  • bpf-sys/libbpf: LGPL2 + BSD-2

Where '+' means they are dual licensed.

RedBPF and its components, unless otherwise stated, are licensed under either of

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

Dependencies

~0.6–3.5MB
~83K SLoC