Description
ebpf is a linux kernel byte-code which can be used for functionality ranging from tracing system calls with kprobe to routing packets with tc. This talk is about a pure-python front-end for ebpf that allows users to write simple python functions to be executed in the kernel. I'll first explain how this was made to work and then I'll show off some of the features/capabilities of this approach with working examples.