Submit your CfP for CiliumCon NA
Aug 16, 2017

BPF updates 09

This is issue 09 of the regular newsletter around BPF written by Alexander Alemayhu. It summarizes ongoing development, presentations, videos and other information related to BPF and XDP. It is released roughly once a week.


The highlights since the previous issue

  • New comparison instructions for reducing register pressure, stack usage and potentially smaller programs.
  • RFC patchset for BPF socket redirect with a awesome new helper function bpf_sk_redirect_map.
  • Verifier fixes, more tests and alignment tracking work got merged.
  • The XDP redirect series got merged.
  • XDP support for tap got merged

The latest couple of iteration of the alignment tracking are really interesting. It now also comes with some documentation describing the register value tracking and the verifier pruning. Checkout the patches section for all the links.

The Linux 4.13 merge window ended several weeks ago weeks ago and net-next opened up around the same time with a brand new status page. No need to ask for the status anymore for people not being attentive enough. :)

Some more interesting topics

  • iproute improvements to error handling reports for tail calls and support for loading map in map.
  • LLVM 5.0.0-rc1 is ready for testing.
  • MIPS eBPF JIT finally merged.
  • Virtio optimizations for XDP.

While a MIPS patch did get applied in June. One file got lost in transmit, but that's now corrected.

Presentations

Videos

Tech Talks @ Kinvolk: Introduction to eBPF Programming by Alban Crequy

Nice introduction to eBPF with demos, code and diagrams.

Jesper Dangaard Brouer - XDP eXpress Data Path

Great technology overview of XDP.

eBPF and IO Visor Project

Mostly high level introductory talk.

Slides

Landlock: programmatic access control

A look at Landlock and how eBPF and some other things are used to reduce security threats.

In case you missed it

Tracing a packet journey using Linux tracepoints, perf and eBPF

Cool tracing tutorial with some perf examples. Also checkout the companion github repository.

The anatomy of “Hello World” python program in bcc

Detailed walkthrough of a BCC example.

XDP Newbies...

Which is a place where people can talk about getting up to speed with setting up an XDP build environment and writing XDP programs.

You can subscribe by sending a email to majordomo@vger.kernel.org, with a message body containing subscribe xdp-newbies. No subject is needed, but you can of course add one if you like.

Projects

A new batch of random projects from Github. Check them out and Remember to give a star, if you like the project ;)

Tracepkt

Trace a ping packet journey across network interfaces and namespace on recent Linux. Supports IPv4 and IPv6.

ocaml-bpf

OCaml embedded eBPF assembler.

bpftrace

BPFtrace is a DTrace-style dynamic tracing tool for linux, based on the extended BPF capabilities available in recent Linux kernels. BPFtrace uses LLVM as a backend to compile scripts to BPF-bytecode and makes use of BCC for interacting with the Linux BPF system.

tcptracer-bpf

tcptracer-bpf is an eBPF program using kprobes to trace TCP events (connect, accept, close). The eBPF program is compiled to an ELF object file.

FlameGraph

Stack trace visualizer http://www.brendangregg.com/flamegraphs.html

BPF userspace tool

The tool allows listing programs and maps on the system as well as simple dumping and modification of the maps.

Random cool note

Netdev 2.2 Call for papers is out! https://www.netdevconf.org/2.2/submit-proposal.html … Dont wait for that last minute rush!

Patches

Please note that netdev receives a lot of patches and the list above is not meant to be comprehensive.

Happy eBPF hacking! ;)

Popular posts

Agentic Bee: How to get AI Agents to talk to Tetragon?
May 15, 2025

Agentic Bee: How to get AI Agents to talk to Tetragon?

Learn how Canopus uses eBPF Tetragon & AI Agents to find top 1% of vulnerabilities

Community
Sinad User Story: Delivering Security and Observability for Workloads with Confidence
Apr 25, 2025

Sinad User Story: Delivering Security and Observability for Workloads with Confidence

Learn why Sinad uses Tetragon for security observability and runtime enforcement

Community
Tetragon User Story: Why This Social Networking Company Made Tetragon a Default for their Kubernetes Clusters
Apr 15, 2025

Tetragon User Story: Why This Social Networking Company Made Tetragon a Default for their Kubernetes Clusters

Why a social networking company secures every Kubernetes cluster with Tetragon

Community