Use a constant length to read from BPF

Question

Closed this issue 4 years ago · 1 comments

Sadly the current use of bpf_probe_read() will not pass the BPF verifier on certain kernel versions. Related issue: iovisor/bcc#1260

Use MAX_STR_LEN or sizeof(header_foo) for the time being.

Answer 1 · 2020-04-05T03:37:59.000Z

This was handled a while ago in the Python version.