Talk: BTF is my name, typing my game

This talk gives a technical deep dive into what BTF is, how it works and for what it is used. I gave this talk at the eBPF Vienna meetup. There is sadly no recording of the talk available. You can find the spoken text though in my Github repo. Slides: Link

March 5, 2025 · 1 min · Patrick Pichler

Talk: Beesting - Can't touch this

This talk tells the story of my research project Beesting. It starts from how I came up with the idea, over the different iterations that the project went through. The talk was originally held at CNCF meetup in Linz. Sadly no recording is available for the talk. You can find roughly what I said though in my Github repo. The source code for Beesting can be found here. Slides: Link

January 15, 2025 · 1 min · Patrick Pichler

Figuring out which helpers are available in what kernel version in eBPF

eBPF helpers are a vital part of any eBPF program. It is often not easy to figure out, which helper you have available for a certain program type at a given Linux Kernel Version. The goal of this blog post is, to document some ways of answering the question “Can I use bpf helper abc in a xyz program at Linux Kernel version n”. docs.ebpf.io One pretty amazing resource for anything eBPF related is docs.ebpf.io. It was started by Dylan Reimerink (as far as I can tell). ...

November 10, 2024 · 6 min · Patrick Pichler

Talk: Of bees and Kubernetes Runtime Security

The aim of this talk was to explain some nitty gritty details of how eBPF works a CNCF meetup in Innsbruck. I have to say I went a bit overboard with the details and lost half of the audience during the talk. Oops! The talk ended with an sample on a deep dive how the container drift detection in Kvisor (Cast.AIs eBPF sensor) works. Sadly no recording is available for the talk. ...

October 28, 2024 · 1 min · Patrick Pichler