Techly NewsGet the app

Get the latest tech news

Cilium eBPF-Go on Windows


Pure-Go library to read, modify and load eBPF programs and attach them to various hooks in the Linux kernel.

eBPF for Windows has a large user-space component which ebpf-go calls into via dynamic runtime linking. Some interfaces such as Linux-specific link types are removed outright, but this is kept to a minimum since it is very cumbersome for users to deal with API that change based on platform. The testmain package has a small bit of instrumentation which enables tracing of the efW subsystem on demand.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Windows

Windows

Photo of Cilium eBPF

Cilium eBPF

Related news:

News photo

Linux kernel 6.14 is a big leap forward in performance and Windows compatibility

News photo

EncryptHub linked to MMC zero-day attacks on Windows systems

News photo

VanHelsing ransomware emerges to put a stake through your Windows heart

« Europen Union creates Fedora-based Linux distribution for the public sector
It's the hottest car company. You can't buy one in America »