Part of the GCC compiler suite
In addition to the backend for generating bytecode, GCC includes a port of libgcc for eBPF and tools for generating ELF files, which make it possible to execute code in the eBPF virtual machine using the loaders provided by the kernel. Patches to support eBPF in GCC are prepared by engineers from Oracle, who have already
eBPF programs can be defined in a subset of the C language, compiled, and loaded into the kernel. Before execution, the eBPF interpreter checks the bytecode for allowed instructions and imposes certain rules on the code (for example, no loops).
Initially, LLVM-based tools were used to compile eBPF on Linux. eBPF support in GCC is interesting because it allows you to use one toolkit to build the Linux kernel and eBPF programs without installing additional dependencies.
In the form of eBPF programs, you can create network operations handlers, filter traffic, manage bandwidth, monitor systems, intercept system calls, control access, calculate the frequency and time of operations, and perform tracing using kprobes/uprobes/tracepoints.
Source: opennet.ru