For as long as operating systems have had kernels, there has been a need to
extract information from data structures stored within those kernels. Over
the years, a wide range of approaches have been taken to make that
information available. In current times, it has become natural to reach
for BPF as the tool of choice for a variety of problems, and getting
information from kernel data structures is no exception. There are two
patches in circulation that take rather different approaches to using BPF
to dump information from kernel data structures to user space.

Source: LWN.net – [$] Dumping kernel data structures with BPF