Advanced Operating Systems

Q90 / 100

What is an eBPF program and how does it work in the Linux kernel?

Correct! Well done.

Incorrect.

The correct answer is B) A sandboxed bytecode program verified by a kernel verifier and JIT-compiled to run safely inside the kernel for tracing, networking, and security

B

Correct Answer

A sandboxed bytecode program verified by a kernel verifier and JIT-compiled to run safely inside the kernel for tracing, networking, and security

Explanation

eBPF programs pass kernel verification (no unbounded loops, no invalid memory access), are JIT-compiled to native code, and run at kernel hooks (tracepoints, kprobes, XDP). Used by Cilium, bpftrace, Falco.

Previous All Questions Next

Progress

90/100

Browse All Operating Systems Questions

100 questions · beginner to advanced