Tag Archives: eBPF

XDP CPUMap

An update on XDP and CPUMap.

http://vger.kernel.org/netconf2017_files/XDP_devel_update_NetConf2017_Seoul.pdf

Routing and Switching in XDP

https://lkml.org/lkml/2017/10/10/88

https://lkml.org/lkml/2017/10/10/90

Updated patches:

https://lkml.org/lkml/2017/11/4/192

https://lkml.org/lkml/2017/11/4/193

Tracing Packets Through the Kernel

https://blog.yadutaf.fr/2017/07/28/tracing-a-packet-journey-using-linux-tracepoints-perf-ebpf/

Very interesting. The key is that eBPF programs can be attached to tracepoints.

eBPF and XDP Stuff

2 Replies

Worked example of DDOS protection using XDP. It also has this interesting slide:

BPF and XDP Reference Guide

eBPF, part 1: Past, Present, and Future

eBPF Longest Prefix Match Maps

Coming soon to a 4.11 kernel near you, eBPF maps that can do longest prefix matches for things like IP routing.

Awesome.

eBPF Map Size Limits

Recently, I’ve done some work with eBPF and specifically the in-kernel maps that are manipulated and shared by both kernel and user space code.

When doing this I ran into permission errors when installing large maps. It took a little while to figure out that the cause of this was the root user’s locked memory limit being too low (thanks Daniel Borkmann).

The locked memory limit is modified with ulimit:

ulimit -l unlimited