- https://ebpf.io/what-is-ebpf/
- deep dive articles: https://docs.cilium.io/en/v1.12/bpf/#further-reading
- bpf linux docs: https://docs.kernel.org/bpf/programs.html
- eBPF spec: https://github.com/iovisor/bpf-docs/blob/master/eBPF.md
- map types https://www.ferrisellis.com/content/ebpf_syscall_and_maps/
- https://www.spinics.net/lists/xdp-newbies/msg00179.html
https://www.browserling.com/tools/dec-to-ip
- https://github.com/microsoft/ebpf-for-windows/blob/main/tests/sample/cgroup_sock_addr.c
- Attach types: https://microsoft.github.io/ebpf-for-windows/ebpf__structs_8h.html#aac6b4c09fa267f53c1d213551e0ccd5a
- type "\Program Files\ebpf-for-windows\ebpf-printk.guid"
- services don't start after install
- microsoft/ebpf-for-windows#1408
- export_program_info.exe (microsoft/ebpf-for-windows#1406)
which finally calls invoke_ioctl https://github.com/microsoft/ebpf-for-windows/blob/f93f0d58ee08aa5cdea0fea5d895df7b44d3d973/libs/api/ebpf_api.cpp#L1003
invoke_ioctl - https://github.com/microsoft/ebpf-for-windows/blob/17379737cf7c4383ef03c6eeedab93e9a9b2b934/libs/api_common/device_helper.hpp which calls deviceio sys call: https://github.com/microsoft/ebpf-for-windows/blob/17379737cf7c4383ef03c6eeedab93e9a9b2b934/libs/thunk/windows/platform.cpp#L49