0 views collected around this technical thread.
This article explains the problem of internal and external memory fragmentation in Linux systems, introduces eBPF as a powerful tracing tool, and provides step‑by‑step guidance for building, loading, and running eBPF programs to analyze and mitigate fragmentation on both Linux and Android platforms.
UprobeStats, introduced in Android 15, uses the Linux kernel eBPF uprobe mechanism to dynamically insert probes into user‑space methods, capture timestamps and arguments, load BPF programs, and forward the data to StatsD via configurable protobufs, enabling flexible, source‑free instrumentation with minimal overhead.
This article explains the fundamentals of TCP RST packets, distinguishes active and passive resets, outlines common kernel scenarios that generate them, and provides practical debugging methods using tcpdump, bpftrace, and source‑code analysis to resolve real‑world network incidents.
Didi’s observability platform leverages non‑intrusive eBPF probes to automatically capture and validate service‑to‑service call tuples, supplement missing SDK data, achieve roughly 80 % core‑path coverage, and address verification challenges while planning future user‑space VM hooks and deeper MTL integration.
The article explains how Android’s shift to Linux kernel 4.x/5.x introduced the eBPF framework, detailing its advantages over iptables, the programming model with helper macros and maps, and its implementation in netd and HAL to collect network statistics, enforce traffic control, and support power‑saving Doze policies.
This article introduces the fundamentals of BPF and its extended version eBPF, explains their kernel‑resident virtual machine architecture, demonstrates simple packet‑filtering examples, outlines the eBPF program lifecycle, describes key BPF system‑call commands, and surveys the various eBPF map types used for efficient data handling in Linux.
The article explains eBPF’s evolution from packet filtering to a C‑compiled, sandboxed kernel framework, describes its core concepts of bytecode, JIT, and maps, and walks through building, loading, and using an Android eBPF program that counts system calls per PID via tracepoint hooks.
This article explains Kubernetes' core networking model, details the various Service types (PodIP, HostPort, NodePort, ExternalIP, LoadBalancer, ClusterIP), describes Cilium's eBPF/XDP implementation for high‑performance load balancing, and presents performance benchmarks and recent BPF kernel extensions.