BPF Loading: From C Source to Kernel
In this post, we are going to learn how BPF code written in C is loaded into the Linux kernel. We will deep dive into everything that happens in the process of turning C source code into a running kernel program. Before diving into the details, there are some prerequisites. I will briefly touch on each concept so we are all on the same page. What is an ELF? Note: This section introduces ELF concepts in the abstract. If terms like “relocation entries” or “symbol table” feel fuzzy on first read, don’t worry — they will click once we inspect a real compiled ELF in the Inspecting the ELF with readelf section. Come back here as a reference when you need it. ...