Skip to content

Commit 00b03fb

Browse files
committed
readme: add minimal Clang version (v11)
Add the note about needing at least Clang v11 to successfully compile examples. Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
1 parent fea3049 commit 00b03fb

File tree

1 file changed

+14
-13
lines changed

1 file changed

+14
-13
lines changed

README.md

Lines changed: 14 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22

33
[![Github Actions](https://github.com/libbpf/libbpf-bootstrap/actions/workflows/build.yml/badge.svg)](https://github.com/libbpf/libbpf-bootstrap/actions/workflows/build.yml)
44

5-
## Minimal
5+
## minimal
66

77
`minimal` is just that – a minimal practical BPF application example. It
88
doesn't use or require BPF CO-RE, so should run on quite old kernels. It
@@ -22,7 +22,7 @@ $ sudo cat /sys/kernel/debug/tracing/trace_pipe
2222
`minimal` is great as a bare-bones experimental playground to quickly try out
2323
new ideas or BPF features.
2424

25-
## Minimal_ns
25+
## minimal_ns
2626

2727
`minimal_ns` is as same as `minimal` but for namespaced environments.
2828
`minimal` would not work in environments that have namespace, like containers,
@@ -39,7 +39,7 @@ $ sudo cat /sys/kernel/debug/tracing/trace_pipe
3939
<...>-3840345 [022] d...1 8804.331215: bpf_trace_printk: BPF triggered from PID 9087.
4040
```
4141

42-
## Minimal_Legacy
42+
## minimal_Legacy
4343

4444
This version of `minimal` is modified to allow running on even older kernels
4545
that do not allow global variables. bpf_printk uses global variables unless
@@ -58,7 +58,7 @@ $ sudo cat /sys/kernel/debug/tracing/trace_pipe
5858
minimal_legacy-52030 [001] .... 491230.842432: 0x00000001: BPF triggered from PID 52030.
5959
```
6060

61-
## Bootstrap
61+
## bootstrap
6262

6363
`bootstrap` is an example of a simple (but realistic) BPF application. It
6464
tracks process starts (`exec()` family of syscalls, to be precise) and exits
@@ -107,7 +107,7 @@ TIME EVENT COMM PID PPID FILENAME/EXIT CODE
107107
...
108108
```
109109

110-
## Uprobe
110+
## uprobe
111111

112112
`uprobe` is an example of dealing with user-space entry and exit (return) probes,
113113
`uprobe` and `uretprobe` in libbpf lingo. It attached `uprobe` and `uretprobe`
@@ -136,7 +136,7 @@ $ sudo cat /sys/kernel/debug/tracing/trace_pipe
136136
uprobe-1809291 [007] .... 4017234.106701: 0: uprobed_sub EXIT: return = 0
137137
```
138138

139-
## USDT
139+
## usdt
140140

141141
`usdt` is an example of dealing with USDT probe. It attaches USDT BPF programs to
142142
the [libc:setjmp](https://www.gnu.org/software/libc/manual/html_node/Non_002dlocal-Goto-Probes.html) probe, which is triggered by calling `setjmp` in user-space program once per second and logs USDT arguments using `bpf_printk()` macro:
@@ -158,7 +158,7 @@ $ sudo cat /sys/kernel/debug/tracing/trace_pipe
158158
usdt-1919077 [005] d..21 537311.886227: bpf_trace_printk: USDT manual attach to libc:setjmp: arg1 = 55d03d6a42a0, arg2 = 0, arg3 = 55d03d65e54e
159159
```
160160

161-
## Fentry
161+
## fentry
162162

163163
`fentry` is an example that uses fentry and fexit BPF programs for tracing. It
164164
attaches `fentry` and `fexit` traces to `do_unlinkat()` which is called when a
@@ -193,7 +193,7 @@ $ sudo cat /sys/kernel/debug/tracing/trace_pipe
193193
rm-9290 [004] d..2 4637.798843: bpf_trace_printk: fexit: pid = 9290, filename = test_file2, ret = 0
194194
```
195195

196-
## Kprobe
196+
## kprobe
197197

198198
`kprobe` is an example of dealing with kernel-space entry and exit (return)
199199
probes, `kprobe` and `kretprobe` in libbpf lingo. It attaches `kprobe` and
@@ -219,7 +219,7 @@ $ sudo cat /sys/kernel/debug/tracing/trace_pipe
219219
rm-9346 [005] d..4 4710.951895: bpf_trace_printk: KPROBE EXIT: ret = 0
220220
```
221221

222-
## XDP
222+
## xdp
223223

224224
`xdp` is an example written in Rust (using libbpf-rs). It attaches to
225225
the ingress path of networking device and logs the size of each packet,
@@ -242,7 +242,7 @@ $ sudo cat /sys/kernel/debug/tracing/trace_pipe
242242
<...>-2813507 [000] d.s1 602386.696735: bpf_trace_printk: packet size: 66
243243
```
244244

245-
## TC
245+
## tc
246246

247247
`tc` (short for Traffic Control) is an example of handling ingress network traffics.
248248
It creates a qdisc on the `lo` interface and attaches the `tc_ingress` BPF program to it.
@@ -266,7 +266,7 @@ $ sudo cat /sys/kernel/debug/tracing/trace_pipe
266266
node-1254811 [007] ..s1 8737831.674550: 0: Got IP packet: tot_len: 71, ttl: 64
267267
```
268268

269-
## Profile
269+
## profile
270270

271271
`profile` is an example written in Rust and C with BlazeSym. It
272272
attaches to perf events, sampling on every processor periodically. It
@@ -288,7 +288,7 @@ No Userspace Stack
288288

289289
C version and Rust version show the same content. Both of them use BlazeSym to symbolize stacktraces.
290290

291-
## Socket filter
291+
## sockfilter
292292

293293
`sockfilter` is an example of monitoring packet and dealing with `__sk_buff`
294294
structure. It attaches `socket` BPF program to `sock_queue_rcv_skb()` function
@@ -310,7 +310,8 @@ This serves as a cross reference for folks coming from different backgrounds.
310310

311311
## Install Dependencies
312312

313-
You will need `clang`, `libelf` and `zlib` to build the examples, package names may vary across distros.
313+
You will need `clang` (at least v11 or later), `libelf` and `zlib` to build
314+
the examples, package names may vary across distros.
314315

315316
On Ubuntu/Debian, you need:
316317
```shell

0 commit comments

Comments
 (0)