This is issue 08 of the regular newsletter around BPF written by Alexander Alemayhu. It summarizes ongoing development, presentations, videos and other information related to BPF and XDP. It is released roughly once a week.
Linux 4.12 was released and net-next is closed. The Kernel Newbies release notes is still under construction but worth checking out for the BPF commits in 4.12.
Most of the new patches from the lists should show up in the next release candidate for 4.13. Some highlights from the recent activity are
- i40e gets XDP support for drop, pass and tx actions.
- Iterations of the alignment tracking work. The main changes; dropped RFC tag and added more tests.
- NFP flag for XDP offload mode to offer more flexibility for programs that can be offloaded.
- The new
BPF_PROG_TYPE_SOCKET_OPSseries got merged.
More interesting topics
- iproute gets support for
act_bpfstart using the BPF program id.
- BPF program id available for i40e via
- A new function helper
bpf_skb_adjust_roomfor adjusting net headroom.
One issue reoccurring is the header asm issue. While BPF can mix and match headers from kernel and userspace, the asm headers seem to be causing pain. Will one more hack be added on top of BPF, or will we see a clean / nice solution emerge from the disccusions?
Netronome has support for offloading XDP programs. The talk covers the options for programming their cards, and shows how BPF fits into their architecture.
The slides are mostly focusing on the BCC tool chain. Very informative diagrams on the tracing options.
This is walk-through of the original BPF paper. The slides are really good. This serves as a great introduction or reviewing the concepts of the old and new BPF.
In case you missed it
The post describes the basics. Also nice to see a short explanation on control flow graph. The links to all of the example programs / code are useful for beginners.
Looks like there will be more XDP patches showing up soon :)
Below is a list of random projects on Github. Check them out and Remember to give a star, if you like the project ;)
Stateful packet processing: two-color token-bucket PoC in BPF
Vale-bpf module is an extention of VALE software switch.
This module makes VALE possible to program with eBPF.
This repository contains examples and hands-on labs for various Linux tracing workshops, focusing on modern tracing tools
A small tool to generically introspect BPF maps without requiring to be aware of the specific data structures stored inside. Can print the metadata of the map or its contents in hexadecimal form.
A simple eBPF disassembler, based on rbpf.
It loads the compiled eBPF code from an ELF file and prints it out.
- Lawrence Brakmo, [PATCH net-next] bpf: fix to bpf_setsockops
Daniel Borkmann, [PATCH net-next 0/7] Misc BPF helper/verifier improvements
- [PATCH net-next 1/7] bpf, net: add
- [PATCH net-next 2/7] bpf: add
- [PATCH net-next 3/7] bpf: simplify narrower ctx access
- [PATCH net-next 4/7] bpf: export whether tail call has jited owner
- [PATCH net-next 5/7] bpf: extend
bpf_trace_printkto support %i
- [PATCH net-next 6/7] bpf, verifier: add additional patterns to
- [PATCH net-next 7/7] bpf: add various test cases for verifier selftest
- [PATCH net-next 1/7] bpf, net: add
Lawrence Brakmo, [PATCH net-next v6 00/16] bpf: Adds support for sock_ops
- [PATCH net-next v6 01/16] bpf: BPF support for sock_ops
- [PATCH net-next v6 02/16] bpf: program to load and attach sock_ops BPF progs
- [PATCH net-next v6 03/16] bpf: Support for per connection SYN/SYN-ACK RTOs
- [PATCH net-next v6 04/16] bpf: Sample bpf program to set SYN/SYN-ACK RTOs
- [PATCH net-next v6 05/16] bpf: Support for setting initial receive window
- [PATCH net-next v6 06/16] bpf: Sample bpf program to set initial window
- [PATCH net-next v6 07/16] bpf: Add setsockopt helper function to bpf
- [PATCH net-next v6 08/16] bpf: Add TCP connection BPF callbacks
- [PATCH net-next v6 09/16] bpf: Sample BPF program to set buffer sizes
- [PATCH net-next v6 10/16] bpf: Add support for changing congestion control
- [PATCH net-next v6 11/16] bpf: Sample BPF program to set congestion control
- [PATCH net-next v6 12/16] bpf: Adds support for setting initial cwnd
- [PATCH net-next v6 13/16] bpf: Sample BPF program to set initial cwnd
- [PATCH net-next v6 14/16] bpf: Adds support for setting sndcwnd clamp
- [PATCH net-next v6 15/16] bpf: Sample bpf program to set sndcwnd clamp
- [PATCH net-next v6 16/16] bpf: update tools/include/uapi/linux/bpf.h
- Edward Cree, [TEST PATCH] bpf/verifier: roll back ptr&const handling, and fix signed bounds
- Yonghong Song, [llvm] r306685 - bpf: remove unnecessary truncate operation
- Daniel Borkmann, [PATCH net] bpf: prevent leaking pointer via xadd on unpriviledged
- [iovisor-dev] [PATCH v3 net-next 01/12] selftests/bpf: add test for mixed signed and unsigned bounds checks
- [iovisor-dev] [PATCH v3 net-next 02/12] bpf/verifier: rework value tracking
- [iovisor-dev] [PATCH v3 net-next 03/12] nfp: change bpf verifier hooks to match new verifier data structures
- [iovisor-dev] [PATCH v3 net-next 04/12] bpf/verifier: track signed and unsigned min/max values
- [iovisor-dev] [PATCH v3 net-next 05/12] bpf/verifier: more concise register state logs for constant var_off
- [iovisor-dev] [PATCH v3 net-next 06/12] selftests/bpf: change test_verifier expectations
- [iovisor-dev] [PATCH v3 net-next 07/12] selftests/bpf: rewrite test_align
- [iovisor-dev] [PATCH v3 net-next 08/12] selftests/bpf: add a test to test_align
- [iovisor-dev] [PATCH v3 net-next 09/12] selftests/bpf: add test for bogus operations on pointers
- [iovisor-dev] [PATCH v3 net-next 10/12] selftests/bpf: don't try to access past
- [iovisor-dev] [PATCH v3 net-next 11/12] selftests/bpf: add tests for subtraction & negative numbers
- [iovisor-dev] [PATCH v3 net-next 12/12] selftests/bpf: variable offset negative tests
- Martin KaFai Lau, [PATCH net-next] bpf: Fix out-of-bound access on interpreters
- Jason Wang, [PATCH net] virtio-net: unbreak cusmed packet for small buffer XDP
Martin KaiFai Lau, [PATCH net-next 0/2] bpf: Add syscall lookup support for fd array and htab
- Daniel Borkmann, [PATCH iproute2] bpf: indicate lderr when
Jakub Kicinski, [PATCH iproute2 0/3] ip-link: XDP flags and offload mode
- Yonghong Song, [PATCH net-next] bpf: possibly avoid extra masking for narrower load in verifier
- Shubham Bansal, [PATCH] Added Support for
Martin KaFai La, [PATCH v3 net-next 0/9] bpf: xdp: Report
- [PATCH v3 net-next 1/9] net: Add
- [PATCH v3 net-next 2/9] bpf: mlx4: Report
- [PATCH v3 net-next 3/9] bpf: mlx5e: Report
- [PATCH v3 net-next 4/9] bpf:
- [PATCH v3 net-next 5/9] bpf: bnxt: Report
- [PATCH v3 net-next 6/9] bpf: thunderx: Report
- [PATCH v3 net-next 7/9] bpf: ixgbe: Report
- [PATCH v3 net-next 8/9] bpf: nfp: Report
- [PATCH v3 net-next 9/9] bpf: qede: Report
- [PATCH v3 net-next 1/9] net: Add
- Yonghong Song, [llvm] r305559 - bpf: set missing types in insn tablegen file
- Yonghong Song, [llvm] r305560 - bpf: avoid load from read-only sections
- Yonghong Song, [llvm] r305608 - bpf: fix a strict-aliasing issue
Jakub Kicinski, [PATCH net-next 0/8] xdp: offload mode
- [PATCH net-next 1/8] xdp: pass XDP flags into install handlers
- [PATCH net-next 2/8] xdp: add HW offload mode flag for installing programs
- [PATCH net-next 3/8] nfp: xdp: move driver XDP setup into a separate function
- [PATCH net-next 4/8] nfp: bpf: don't offload XDP programs in DRV_MODE
- [PATCH net-next 5/8] nfp: bpf: release the reference on offloaded programs
- [PATCH net-next 6/8] nfp: bpf: add support for
- [PATCH net-next 7/8] xdp: add reporting of offload mode
- [PATCH net-next 8/8] nfp: xdp: report if program is offloaded
- Wang Nan, [PATCH] perf test llvm: Avoid error when
- [net-next 01/15] i40e: add XDP support for pass and drop actions
- [net-next 02/15] i40e: add support for XDP_TX action
- [net-next 03/15] i40evf: assign
- [net-next 04/15] i40e/i40evf: update WOL and
- [net-next 05/15] i40e: use
dev_infowhen warning about missing routine
- [net-next 06/15] i40e: comment that udp_port must be in host byte order
- [net-next 07/15] i40e: Fix potential out of bound array access
- [net-next 08/15] i40e: Support firmware CEE DCB UP to TC map re-definition
- [net-next 09/15] i40e: Add message for unsupported MFP mode
- [net-next 10/15] i40e: genericize the partition bandwidth control
- [net-next 11/15] i40e: Add support for OEM firmware version
- [net-next 12/15] i40e: fix disabling overflow promiscuous mode
- [net-next 13/15] i40e: clear only cause_ena bit
- [net-next 14/15] i40e: Handle PE_CRITERR properly with IWARP enabled
- [net-next 15/15] i40e: don't hold RTNL lock for the entire reset
- Daniel Borkmann, [PATCH net-next] bpf, i40e: Report
- Yonghong Song, [PATCH] samples/bpf: fix a build problem
- Daniel Borkmann, [PATCH net-next] bpf: expose prog id for
- Martin KaFai Lau, [PATCH iproute2 net-next] bpf: Add support for
Please note that netdev receives a lot of patches and the list above is not meant to be comprehensive.
You can sign up for email notifcations on https://www.cilium.io/learn/
Happy eBPF hacking!