Speaker
Neill Kapron
(Google)
Description
Android lacks Compile Once Run Everywhere (CO-RE) support, limiting a BPF program’s access to kernel data structures. BPF use could increase if CO-RE is enabled in Android. However, due to the complex ecosystem, care must be taken in developing this support. SOC vendors and OEM Partners are currently limited to BPF socket filters only, but have requested access to kprobes and tracepoints, which would open up access to internal kernel data structures and therefore extend the kernel ABI. What approach should be taken to limit access to BPF attach points and ensure program compatibility across Android and kernel versions?
Primary author
Neill Kapron
(Google)
