A BPF-based syscall fault injector
This tool is a syscall fault injector built on top of eBPF that has no requirements on the target machine other than a kernel version good enough to support the required features.
The configuration supports both integers and errno value names.
{
"fault_injectors": [
{
"syscall_name": "fchmodat",
"error_list": [
{
"exit_code": "-ENOENT",
"probability": 50
},
{
"exit_code": -100,
"probability": 30
}
]
},
{
"syscall_name": "openat",
"error_list": [
{
"exit_code": "-ENOENT",
"probability": 50
}
]
}
]
}
ebpfault --config /path/to/config.json --exec /path/to/program arg1 arg2
ebpfault --config /path/to/config.json --pid_list pid1,pid2,pid3,...
ebpfault --config /path/to/config.json --except-pid-list --pid_list pid1,pid2,pid3,...
CONFIG_BPF_KPROBE_OVERRIDE
option enabledTOOLCHAIN_PATH
environment variable to its locationgit clone --recursive https://github.com/trailofbits/ebpfault
--recursive
flag was not provided, run git submodule update --init --recursive
cmake -S ebpfault -B build-ebpfault -DCMAKE_TOOLCHAIN_FILE=cmake/toolchain.cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo -DEBPFAULT_ENABLE_INSTALL=true
cmake --build build-ebpfault