* feat: add tcx and bpf token tutorials
* docs: auto-generate documentation
* docs: rewrite tcx and bpf_token tutorials with richer content and consistent style
Rewrote all 4 README files (EN/ZH for both tutorials) to match the
existing tutorial style with detailed background, full code listings,
step-by-step explanations, comparison tables, and proper references.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* style: replace em dashes with colons, commas, and parentheses
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* docs: auto-generate documentation
* ci: add tcx and bpf_token builds to CI; simplify execl in token_userns_demo
- Add make targets for src/50-tcx and src/features/bpf_token to the
test-libbpf CI workflow.
- Replace four separate execl() calls with a single execv() using a
dynamically built argv array, reducing complexity and eliminating
CodeFactor command-injection false positives.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* ci: fix mkdocs path in trigger-sync workflow
Use .venv/bin/mkdocs instead of bare mkdocs, since make install
puts it inside a virtualenv.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: LinuxDev9002 <linuxdev8883@example.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
- Reorder stack processing to place kernel frames at bottom and user frames on top
- Match expected flamegraph.pl input format
- Simplify output to standard folded format: "comm;stack1;stack2 count"
- Remove timestamp and CPU metadata
- Implement BPF program for TC ingress using dynptrs to safely parse packet headers and manage variable-length ringbuf records.
- Create user-space loader for the BPF program, allowing configuration of blocked ports and snapshot lengths for TCP payloads.
- Define necessary data structures and constants in header file for both BPF and user-space contexts.
- Add a comprehensive test script to validate functionality, including basic packet capture and port blocking tests.
- Implemented cgroup-based access control using eBPF with three main functionalities:
1. Block TCP connections to specified ports.
2. Deny access to specified devices.
3. Control sysctl read/write operations.
- Added necessary Makefile and documentation for building and running the policy guard.
This commit introduces a comprehensive Chinese translation of the eBPF tutorial focused on using BPF struct_ops to extend kernel subsystems. The tutorial covers the challenges of kernel development, the benefits of using BPF struct_ops, and provides detailed examples of implementing a kernel module, BPF program, and user-space loader. The content aims to enhance accessibility for Chinese-speaking developers interested in eBPF and kernel programming.
Problem:
`Path(__file__)` can be ".", in such case `self.oncpu_tool` is "oncputime", which can not be found by the shell.
Solution:
Translate `Path(__file__)` to absolute path.
- Added an example flamegraph for Qwen3 LLM inference, highlighting key insights and performance bottlenecks.
- Updated README.md to include detailed explanations of CPU and GPU profiling results, emphasizing the correlation between CPU stacks and GPU kernels.
- Modified gpuperf.py to ensure absolute paths are used for output files, improving reliability across different working directories.
- Enhanced merge_gpu_cpu_trace.py to strip ANSI escape sequences from CPU stack traces, ensuring cleaner output for analysis.
- Introduced a new SVG file for the Qwen3 flamegraph, providing a visual representation of profiling data with interactive features.
- Updated README.zh.md for GPU kernel driver to improve clarity and formatting.
- Added nvidia_driver.bt script for monitoring NVIDIA proprietary GPU driver activity using kernel probes.
- Revised README.md for NPU kernel driver to enhance explanations and correct minor grammatical issues.
- Introduced a new tutorial on using HID-BPF to create virtual mouse devices and modify their input dynamically.
- Explained the common issues with HID devices and how traditional methods are cumbersome.
- Provided detailed implementation steps for creating a virtual HID device using uhid and modifying input with eBPF.
- Included example code for both user space and BPF programs, demonstrating how to intercept and modify HID reports.
- Highlighted the advantages of using virtual devices for learning and experimentation.
- Added references for further reading on HID-BPF and related projects.
- Introduced a comprehensive tutorial in README.md explaining how to fix broken HID devices using eBPF without kernel patches.
- Implemented a userspace program (hid-input-modifier.c) that creates a virtual HID mouse using the uhid interface and sends synthetic mouse events.
- Developed a BPF program (hid-input-modifier.bpf.c) that intercepts HID events and modifies mouse movement data, effectively doubling the X and Y movement.
- Created necessary header files (hid_bpf.h, hid_bpf_defs.h, hid_bpf_helpers.h) to define structures and helper functions for the BPF program.
- Added functionality to find and manage the virtual HID device, ensuring seamless integration with the BPF program.
