Kashyap Vasant Ekbote
I have 6 plus year experience in c,c++ on Linux. Currently I am back porting desktop apps on older Redhat version.
Redhat
Senior Software Maintenance engineer
Session
eBPF (extended Berkeley Packet Filter) is revolutionizing how we approach Linux kernel tooling, offering unprecedented access to kernel functions and data while maintaining safety and high performance. This session provides a practical deep dive into how modern applications can leverage eBPF to solve critical, long-standing challenges in both system security and application performance. We will begin with a clear explanation of the eBPF paradigm—the kernel's safe, sandboxed virtual machine—and its key components.
We will then explore two major use cases:
Security Enhancement: Demonstrating how eBPF can enforce granular, real-time security policies by implementing custom system call blocking and filtering mechanisms, effectively sandboxing processes directly within the kernel.
Performance Optimization: Analyzing a common system bottleneck (e.g., memory latency, inefficient I/O, or custom tracing) and showing how eBPF programs can be attached to kernel probes to provide deep, low-overhead observability and optimization opportunities that are impossible with traditional user-space tooling.
Attendees will leave with a solid understanding of eBPF's capabilities, its minimal performance footprint, and a framework for applying this powerful technology to their own performance and security requirements.