fosr-ebpf
| Crates.io | fosr-ebpf |
| lib.rs | fosr-ebpf |
| version | 0.1.1 |
| created_at | 2025-10-23 13:09:22.461794+00 |
| updated_at | 2025-10-27 10:22:16.989035+00 |
| description | An eBPF program used by Fos-R. |
| homepage | https://fosr.inria.fr |
| repository | https://gitlab.inria.fr/pirat-public/Fos-R |
| max_upload_size | |
| id | 1897093 |
| size | 18,653 |
Pierre-François Gimenez (PFGimenez)
documentation
README
A small eBPF program used by Fos-R.
Description
The eBPF program verifies the "taint bit" added by Fos-R on all generated network communications to make sure that they don't interfere with the operating system network stack (e.g., rejecting some packets since the destination port is not open).
Usage
This crate should be used as a (library) dependency since it will trigger on each build of the library the build of the eBPF program. The latter will then be embedded as aligned bytes into the library, and exported into a static const global variable EBPF_PROGRAM. You can then use aya to load it and use it in your program:
use aya::programs::{Xdp, XdpFlags};
let mut ebpf = aya::Ebpf::load(fosr_ebpf::EBPF_PROGRAM).expect("Couldn't retrieve eBPF program");
let program: &mut Xdp = ebpf
.program_mut("fosr_ebpf")
.expect("Failed to get mut reference of program")
.try_into()
.expect("Failed to get Xdp program reference");
program.load().expect("Failed to load eBPF program");
Please note that you need the bpf-linker dependency to build the eBPF program (and therefore use this crate):
cargo install bpf-linker