BPF updates 08

This is issue 08 of the regular newsletter around BPF written by Alexander Alemayhu. It summarizes ongoing development, presentations, videos and other information related to BPF and XDP. It is released roughly once a week.

---

Linux 4.12 was released and net-next is closed. The Kernel Newbies release notes is still under construction but worth checking out for the BPF commits in 4.12.

Most of the new patches from the lists should show up in the next release candidate for 4.13. Some highlights from the recent activity are

• i40e gets XDP support for drop, pass and tx actions.
• Iterations of the alignment tracking work. The main changes; dropped RFC tag and added more tests.
• NFP flag for XDP offload mode to offer more flexibility for programs that can be offloaded.
• The new BPF_PROG_TYPE_SOCKET_OPS series got merged.

More interesting topics

• iproute gets support for IFLA_XDP_PROG_ID. Also cls_bpf and act_bpf start using the BPF program id.
• BPF program id available for i40e via XDP_QUERY_PROG.
• A new function helper bpf_skb_adjust_room for adjusting net headroom.

One issue reoccurring is the header asm issue. While BPF can mix and match headers from kernel and userspace, the asm headers seem to be causing pain. Will one more hack be added on top of BPF, or will we see a clean / nice solution emerge from the disccusions?

Presentations

Videos

SmartNIC Architecture, Open Programming Models Overview - DXDD Europe

Netronome has support for offloading XDP programs. The talk covers the options for programming their cards, and shows how BPF fits into their architecture.

Slides

Velocity 2017 Performance analysis superpowers with Linux eBPF

The slides are mostly focusing on the BCC tool chain. Very informative diagrams on the tracing options.

The BSD Packet Filter A New Architecture for User-level Packet Capture

This is walk-through of the original BPF paper. The slides are really good. This serves as a great introduction or reviewing the concepts of the old and new BPF.

In case you missed it

Notes on BPF & eBPF

The post describes the basics. Also nice to see a short explanation on control flow graph. The links to all of the example programs / code are useful for beginners.

[iovisor-dev] minutes: IO Visor TSC/Dev Call

Looks like there will be more XDP patches showing up soon :)

Projects

Below is a list of random projects on Github. Check them out and Remember to give a star, if you like the project ;)

tbpoc-bpf

Stateful packet processing: two-color token-bucket PoC in BPF

VALE BPF Extention Module

Vale-bpf module is an extention of VALE software switch.

This module makes VALE possible to program with eBPF.

Linux Tracing Workshops Materials

This repository contains examples and hands-on labs for various Linux tracing workshops, focusing on modern tracing tools

bpf-map

A small tool to generically introspect BPF maps without requiring to be aware of the specific data structures stored inside. Can print the metadata of the map or its contents in hexadecimal form.

ebpf-disasm

A simple eBPF disassembler, based on rbpf.

It loads the compiled eBPF code from an ELF file and prints it out.

Patches

• Lawrence Brakmo, [PATCH net-next] bpf: fix to bpf_setsockops
• Daniel Borkmann, [PATCH net-next 0/7] Misc BPF helper/verifier improvements
  • [PATCH net-next 1/7] bpf, net: add skb_mac_header_len helper
  • [PATCH net-next 2/7] bpf: add bpf_skb_adjust_room helper
  • [PATCH net-next 3/7] bpf: simplify narrower ctx access
  • [PATCH net-next 4/7] bpf: export whether tail call has jited owner
  • [PATCH net-next 5/7] bpf: extend bpf_trace_printk to support %i
  • [PATCH net-next 6/7] bpf, verifier: add additional patterns to evaluate_reg_imm_alu
  • [PATCH net-next 7/7] bpf: add various test cases for verifier selftest
• Lawrence Brakmo, [PATCH net-next v6 00/16] bpf: Adds support for sock_ops
  • [PATCH net-next v6 01/16] bpf: BPF support for sock_ops
  • [PATCH net-next v6 02/16] bpf: program to load and attach sock_ops BPF progs
  • [PATCH net-next v6 03/16] bpf: Support for per connection SYN/SYN-ACK RTOs
  • [PATCH net-next v6 04/16] bpf: Sample bpf program to set SYN/SYN-ACK RTOs
  • [PATCH net-next v6 05/16] bpf: Support for setting initial receive window
  • [PATCH net-next v6 06/16] bpf: Sample bpf program to set initial window
  • [PATCH net-next v6 07/16] bpf: Add setsockopt helper function to bpf
  • [PATCH net-next v6 08/16] bpf: Add TCP connection BPF callbacks
  • [PATCH net-next v6 09/16] bpf: Sample BPF program to set buffer sizes
  • [PATCH net-next v6 10/16] bpf: Add support for changing congestion control
  • [PATCH net-next v6 11/16] bpf: Sample BPF program to set congestion control
  • [PATCH net-next v6 12/16] bpf: Adds support for setting initial cwnd
  • [PATCH net-next v6 13/16] bpf: Sample BPF program to set initial cwnd
  • [PATCH net-next v6 14/16] bpf: Adds support for setting sndcwnd clamp
  • [PATCH net-next v6 15/16] bpf: Sample bpf program to set sndcwnd clamp
  • [PATCH net-next v6 16/16] bpf: update tools/include/uapi/linux/bpf.h
• Edward Cree, [TEST PATCH] bpf/verifier: roll back ptr&const handling, and fix signed bounds
• Yonghong Song, [llvm] r306685 - bpf: remove unnecessary truncate operation
• Daniel Borkmann, [PATCH net] bpf: prevent leaking pointer via xadd on unpriviledged
• Edward Cree, [iovisor-dev] [PATCH v3 net-next 00/12] bpf: rewrite value tracking in verifier
  • [iovisor-dev] [PATCH v3 net-next 01/12] selftests/bpf: add test for mixed signed and unsigned bounds checks
  • [iovisor-dev] [PATCH v3 net-next 02/12] bpf/verifier: rework value tracking
  • [iovisor-dev] [PATCH v3 net-next 03/12] nfp: change bpf verifier hooks to match new verifier data structures
  • [iovisor-dev] [PATCH v3 net-next 04/12] bpf/verifier: track signed and unsigned min/max values
  • [iovisor-dev] [PATCH v3 net-next 05/12] bpf/verifier: more concise register state logs for constant var_off
  • [iovisor-dev] [PATCH v3 net-next 06/12] selftests/bpf: change test_verifier expectations
  • [iovisor-dev] [PATCH v3 net-next 07/12] selftests/bpf: rewrite test_align
  • [iovisor-dev] [PATCH v3 net-next 08/12] selftests/bpf: add a test to test_align
  • [iovisor-dev] [PATCH v3 net-next 09/12] selftests/bpf: add test for bogus operations on pointers
  • [iovisor-dev] [PATCH v3 net-next 10/12] selftests/bpf: don't try to access past MAX_PACKET_OFF in test_verifier
  • [iovisor-dev] [PATCH v3 net-next 11/12] selftests/bpf: add tests for subtraction & negative numbers
  • [iovisor-dev] [PATCH v3 net-next 12/12] selftests/bpf: variable offset negative tests
• Martin KaFai Lau, [PATCH net-next] bpf: Fix out-of-bound access on interpreters[]
• Jason Wang, [PATCH net] virtio-net: unbreak cusmed packet for small buffer XDP
• Martin KaiFai Lau, [PATCH net-next 0/2] bpf: Add syscall lookup support for fd array and htab
  • [PATCH net-next 1/2] bpf: Add syscall lookup support for fd array and htab
  • [PATCH net-next 2/2] bpf: Add test for syscall on fd array/htab lookup
• Daniel Borkmann, [PATCH iproute2] bpf: indicate lderr when bpf_apply_relo_data fails
• Jakub Kicinski, [PATCH iproute2 0/3] ip-link: XDP flags and offload mode
  • [PATCH iproute2 1/3] bpf: print xdp offloaded mode
  • [PATCH iproute2 2/3] bpf: add xdpdrv for requesting XDP driver mode
  • [PATCH iproute2 3/3] bpf: allow requesting XDP HW offload
• Yonghong Song, [PATCH net-next] bpf: possibly avoid extra masking for narrower load in verifier
• Shubham Bansal, [PATCH] Added Support for BPF_CALL | BPF_JMP.
• David Daney, [PATCH RFC 0/3] bpf/arm64/mips: Avoid inline asm in BPF
  • [PATCH RFC 1/3] arm64: Gate inclusion of asm/sysreg.h by EMITTING_BPF
  • [PATCH RFC 2/3] samples/bpf: Add define EMITTING_BPF when building BPF
  • [PATCH RFC 3/3] MIPS: Include file changes to enable building BPF code with llvm
• Martin KaFai La, [PATCH v3 net-next 0/9] bpf: xdp: Report bpf_prog ID in IFLA_XDP
  • [PATCH v3 net-next 1/9] net: Add IFLA_XDP_PROG_ID
  • [PATCH v3 net-next 2/9] bpf: mlx4: Report bpf_prog ID during XDP_QUERY_PROG
  • [PATCH v3 net-next 3/9] bpf: mlx5e: Report bpf_prog ID during XDP_QUERY_PROG
  • [PATCH v3 net-next 4/9] bpf: virtio_net: Report bpf_prog ID during XDP_QUERY_PROG
  • [PATCH v3 net-next 5/9] bpf: bnxt: Report bpf_prog ID during XDP_QUERY_PROG
  • [PATCH v3 net-next 6/9] bpf: thunderx: Report bpf_prog ID during XDP_QUERY_PROG
  • [PATCH v3 net-next 7/9] bpf: ixgbe: Report bpf_prog ID during XDP_QUERY_PROG
  • [PATCH v3 net-next 8/9] bpf: nfp: Report bpf_prog ID during XDP_QUERY_PROG
  • [PATCH v3 net-next 9/9] bpf: qede: Report bpf_prog ID during XDP_QUERY_PROG
• Yonghong Song, [llvm] r305559 - bpf: set missing types in insn tablegen file
• Yonghong Song, [llvm] r305560 - bpf: avoid load from read-only sections
• Yonghong Song, [llvm] r305608 - bpf: fix a strict-aliasing issue
• Jakub Kicinski, [PATCH net-next 0/8] xdp: offload mode
  • [PATCH net-next 1/8] xdp: pass XDP flags into install handlers
  • [PATCH net-next 2/8] xdp: add HW offload mode flag for installing programs
  • [PATCH net-next 3/8] nfp: xdp: move driver XDP setup into a separate function
  • [PATCH net-next 4/8] nfp: bpf: don't offload XDP programs in DRV_MODE
  • [PATCH net-next 5/8] nfp: bpf: release the reference on offloaded programs
  • [PATCH net-next 6/8] nfp: bpf: add support for XDP_FLAGS_HW_MODE
  • [PATCH net-next 7/8] xdp: add reporting of offload mode
  • [PATCH net-next 8/8] nfp: xdp: report if program is offloaded
• Wang Nan, [PATCH] perf test llvm: Avoid error when PROFILE_ALL_BRANCHES is set
• Jeff Kirsher, [net-next 00/15][pull request] 40GbE Intel Wired LAN Driver Updates 2017-06-20
  • [net-next 01/15] i40e: add XDP support for pass and drop actions
  • [net-next 02/15] i40e: add support for XDP_TX action
  • [net-next 03/15] i40evf: assign num_active_queues inside i40evf_alloc_queues
  • [net-next 04/15] i40e/i40evf: update WOL and I40E_AQC_ADDR_VALID_MASK flags
  • [net-next 05/15] i40e: use dev_dbg instead of dev_info when warning about missing routine
  • [net-next 06/15] i40e: comment that udp_port must be in host byte order
  • [net-next 07/15] i40e: Fix potential out of bound array access
  • [net-next 08/15] i40e: Support firmware CEE DCB UP to TC map re-definition
  • [net-next 09/15] i40e: Add message for unsupported MFP mode
  • [net-next 10/15] i40e: genericize the partition bandwidth control
  • [net-next 11/15] i40e: Add support for OEM firmware version
  • [net-next 12/15] i40e: fix disabling overflow promiscuous mode
  • [net-next 13/15] i40e: clear only cause_ena bit
  • [net-next 14/15] i40e: Handle PE_CRITERR properly with IWARP enabled
  • [net-next 15/15] i40e: don't hold RTNL lock for the entire reset
• Daniel Borkmann, [PATCH net-next] bpf, i40e: Report bpf_prog id during XDP_QUERY_PROG
• Yonghong Song, [PATCH] samples/bpf: fix a build problem
• Daniel Borkmann, [PATCH net-next] bpf: expose prog id for cls_bpf and act_bpf
• Martin KaFai Lau, [PATCH iproute2 net-next] bpf: Add support for IFLA_XDP_PROG_ID

Please note that netdev receives a lot of patches and the list above is not meant to be comprehensive.

Happy eBPF hacking!