Submit your CfP for CiliumCon NA
May 10, 2017

BPF updates 02

This is issue 02 of the regular newsletter around BPF written by Alexander Alemayhu. It summarizes ongoing development, presentations, videos and other information related to BPF and XDP. It is released roughly once a week.


The Linux kernel merge window opened up last week and some of the highlights can be found as always in the [GIT] Networking pull requests from 2nd May 2017 and 4th May 2017.

If you are interested in other subsystems LWN.net has a summary on the current merge window status, and their section on BPF says

The BPF virtual machine subsystem has seen a few improvements. Maps are now able to contain other maps, allowing them to be cascaded to multiple levels. There is a new in-kernel testing framework for BPF programs, controlled by the new BPF_PROG_TEST_RUN command to the bpf() system call. And there is now a just-in-time BPF compiler for the SPARC64 architecture.

There is ongoing work to add netlink extended ACK reporting in iproute2, see ip: Initial support for extack errors and iproute: Add support for extended ack to rtnl_talk for more details.

More interesting developments are:

  • b0e92279d3ec (Merge branch 'thunderx-xdp', 2017-05-02)
  • 85f68fe89832 (bpf, arm64: implement jiting of BPF_XADD, 2017-05-01).
  • e3bf4c61da80 (sparc64: Fix BPF JIT wrt. branches and ldimm64 instructions., 2017-05-01)
  • 3a5795b83d57 (bpf: lru: Add map-in-map LRU example, 2017-04-14)

Not all of the changes and highlights hitting mainline now are new and might have been partially mentioned in last week's issue.

Presentations

Videos

Netdev 2.1 - Busy Polling By Eric Dumazet

The talk is mainly on Busy Polling, with one slide on future BPF work with regards to siloing through SO_REUSEPORT, which has recently been addressed upstream.

linux-4.12 changes (cont)

Ideally, we should add eBPF support so that SO_REUSEPORT enabled listeners can choose the appropriate silo (per RX queue listener) directly at SYN time, using an appropriate SO_ATTACH_REUSEPORT_EBPF program.

Same eBPF filter would apply for UDP traffic.

Slides

XDP - eXpress Data Path, Lund Linux Con

Great beginner friendly slides on XDP. Also worth checking out the cool collection of sample programs in the prototype-kernel repository.

Trace Aggregation and Collection with eBPF

Good overview on tracing. The diagrams throughout the slides are also very informative and help get a overview of the programmer model in BPF land.

What impact has CloudNative on kernel networking?

Nice slides on HTTP aware networking security enforcement.

In case you missed it

If you are ready to do some BPF programming but not sure where to start? Some interesting projects to make that easier are:

BPF Compiler Collection (BCC)

The IO Visor Project provides front ends so you can write Python, Lua or Go. They also have a nice collection of useful programs which can discover real bugs. Also worth checking out their XDP intro.

rbpf

Don't want to write Go, Lua, Python or restricted C code? There is a Rust alternative path in user space.

p4c-xdp

Translate p4 programs into XDP.

USENIX/LISA 2016 Linux bcc/BPF Tools

Good overview on some of the BCC tools and overall tracing.

Demo: May the Fourth be with you

You probably have watched it, but if not this is an awesome demo.

Linux Kernel Developers' Netconf 2017

The netconf page for netdev 2.1 got recently updated with more links. Check it out!

XDP Newbies Mailing List

Which is a place where people can talk about getting up to speed with setting up an XDP build environment and writing XDP programs.

You can subscribe by sending a email to majordomo@vger.kernel.org, with a message body containing subscribe xdp-newbies. No subject is needed, but you can of course add one if you like.

Random cool note

Solarflare drivers v4.10.6.1002 "XDP: Preview of RX side XDP support; This allows for RX filtering to use the DROP" https://t.co/fwwK2tYa1g

Patches

Please note that netdev receives a lot of patches and the list above is not meant to be comprehensive.

Happy eBPF hacking!

Popular posts

Agentic Bee: How to get AI Agents to talk to Tetragon?
May 15, 2025

Agentic Bee: How to get AI Agents to talk to Tetragon?

Learn how Canopus uses eBPF Tetragon & AI Agents to find top 1% of vulnerabilities

Community
Sinad User Story: Delivering Security and Observability for Workloads with Confidence
Apr 25, 2025

Sinad User Story: Delivering Security and Observability for Workloads with Confidence

Learn why Sinad uses Tetragon for security observability and runtime enforcement

Community
Tetragon User Story: Why This Social Networking Company Made Tetragon a Default for their Kubernetes Clusters
Apr 15, 2025

Tetragon User Story: Why This Social Networking Company Made Tetragon a Default for their Kubernetes Clusters

Why a social networking company secures every Kubernetes cluster with Tetragon

Community