|
|
|
|
|
|
by Luminarys
3261 days ago
|
|
|
Having used eBPF/kprobe for work, the main advantage over a precompiled kernel module is convenience. It's much easier to write a C file which hooks a kernel function, then reports that back up to a python script than it is to build and maintain a kernel module and have that talk to some higher level code. |
|
|