This is issue 02 of the regular newsletter around BPF written by Alexander Alemayhu. It summarizes ongoing development, presentations, videos and other information related to BPF and XDP. It is released roughly once a week.
The BPF virtual machine subsystem has seen a few improvements. Maps are now able to contain other maps, allowing them to be cascaded to multiple levels. There is a new in-kernel testing framework for BPF programs, controlled by the new BPF_PROG_TEST_RUN command to the bpf() system call. And there is now a just-in-time BPF compiler for the SPARC64 architecture.
There is ongoing work to add netlink extended ACK reporting in iproute2, see ip: Initial support for extack errors and iproute: Add support for extended ack to rtnl_talk for more details.
More interesting developments are:
- b0e92279d3ec (Merge branch 'thunderx-xdp', 2017-05-02)
- 85f68fe89832 (bpf, arm64: implement jiting of BPF_XADD, 2017-05-01).
- e3bf4c61da80 (sparc64: Fix BPF JIT wrt. branches and ldimm64 instructions., 2017-05-01)
- 3a5795b83d57 (bpf: lru: Add map-in-map LRU example, 2017-04-14)
Not all of the changes and highlights hitting mainline now are new and might have been partially mentioned in last week's issue.
The talk is mainly on Busy Polling, with one slide on future BPF work with regards to siloing through SO_REUSEPORT, which has recently been addressed upstream.
linux-4.12 changes (cont)
Ideally, we should add eBPF support so that SO_REUSEPORT enabled listeners can choose the appropriate silo (per RX queue listener) directly at SYN time, using an appropriate SO_ATTACH_REUSEPORT_EBPF program.
Same eBPF filter would apply for UDP traffic.
Great beginner friendly slides on XDP. Also worth checking out the cool collection of sample programs in the prototype-kernel repository.
Good overview on tracing. The diagrams throughout the slides are also very informative and help get a overview of the programmer model in BPF land.
Nice slides on HTTP aware networking security enforcement.
In case you missed it
If you are ready to do some BPF programming but not sure where to start? Some interesting projects to make that easier are:
Don't want to write Go, Lua, Python or restricted C code? There is a Rust alternative path in user space.
Translate p4 programs into XDP.
Good overview on some of the BCC tools and overall tracing.
You probably have watched it, but if not this is an awesome demo.
Which is a place where people can talk about getting up to speed with setting up an XDP build environment and writing XDP programs.
You can subscribe by sending a email to
email@example.com, with a message body containing
subscribe xdp-newbies. No subject is needed, but you can of course add one if you like.
Solarflare drivers v188.8.131.522 "XDP: Preview of RX side XDP support; This allows for RX filtering to use the DROP" https://t.co/fwwK2tYa1g
- Alexei Starovoitov, [PATCH net-next] selftests/bpf: get rid of -Dx86_64
- David Miller, [PATCH] selftests: bpf: Use bpf_endian.h in test_xdp.c
- David Miller, [PATCH 0/2] Fix some bpf program testing framework bugs
- Daniel Borkmann, [PATCH] xdp: use common helper for netlink extended ack reporting
- Daniel Borkmann, [PATCH net] bpf, arm64: fix jit branch offset related to ldimm64
- Daniel Borkmann, [PATCH net] bpf: don't let ldimm64 leak map addresses on unprivileged
- Daniel Borkmann, [PATCH net 0/2] Two generic xdp related follow-ups
- Geert Uytterhoeven, [PATCH] test_bpf: Use ULL suffix for 64-bit constants
- Jesper Dangaard Brouer, [net-next PATCH 0/4] Improve bpf ELF-loader under samples/bpf
- [net-next PATCH 1/4] samples/bpf: adjust rlimit RLIMIT_MEMLOCK for traceex2, tracex3 and tracex4
- [net-next PATCH 2/4] samples/bpf: make bpf_load.c code compatible with ELF maps section changes
- [net-next PATCH 3/4] samples/bpf: load_bpf.c make callback fixup more flexible
- [net-next PATCH 4/4] samples/bpf: export map_data for more info on maps
- Sunil Goutham, [PATCH 0/9] net: thunderx: Adds XDP support
- [PATCH 1/9] net: thunderx: Support for page recycling
- [PATCH 2/9] net: thunderx: Optimize RBDR descriptor handling
- [PATCH 3/9] net: thunderx: Optimize CQE_TX handling
- [PATCH 4/9] net: thunderx: Cleanup receive buffer allocation
- [PATCH 5/9] net: thunderx: Add basic XDP support
- [PATCH 6/9] net: thunderx: Add support for XDP_DROP
- [PATCH 7/9] net: thunderx: Add support for XDP_TX
- [PATCH 8/9] net: thunderx: Support for XDP header adjustment
- [PATCH 9/9] net: thunderx: Optimize page recycling for XDP
- Or Gerlitz, [iproute] tc: Reflect HW offload status
- Yuval Mintz, [PATCH net 0/5] qed*: General fixes
- Yonghong Song, [PATCH net-next] selftests/bpf: add a test case to check verifier pointer arithmetic.
- Yonghong Song, [llvm] r302055 - [bpf] add relocation support
- Yonghong Song, [llvm] r302265 - [bpf] fix a bug which causes incorrect big endian reloc fixup
- David Ahern, [PATCH net-next iproute2 0/3] ip: Initial support for extack errors
- Stephen Hemminger, [RFC] iproute: Add support for extended ack to rtnl_talk
Please note that netdev receives a lot of patches and the list above is not meant to be comprehensive.
You can sign up for email notifcations on https://www.cilium.io/learn/
Happy eBPF hacking!