Upgrade to Pro — share decks privately, control downloads, hide ads and more …

eBPF Implementation for FreeBSD

Yutaro Hayakawa
June 06, 2018
Technology
0
260

eBPF Implementation for FreeBSD

Talk at: BSDCan 2018

This talk introduces a work-in-progress implementation of the eBPF(Extended Berkeley Packet Filter) for FreeBSD. First we show an overview of Linux's eBPF system structure and how we implemented that on FreeBSD. After that, we demonstrate how it is useful for the FreeBSD with some concrete use cases such as fast and flexible packet processing with eBPF-enabled VALE/mSwitch software switch with some performance number.

Yutaro Hayakawa

June 06, 2018
Tweet

More Decks by Yutaro Hayakawa

See All by Yutaro Hayakawa
eBPFは何が嬉しいのか?
yutarohayakawa
3
1.2k
BufferbloatとLinux
yutarohayakawa
4
640
Prism: Proxies without the Pain
yutarohayakawa
0
160
ipftrace: A Linux Function Tracer for Network People
yutarohayakawa
4
5.2k
きっと明日から役立つeBPFのしくみ
yutarohayakawa
9
2.6k
eBPFをFreeBSDにポーティングしようとしている話
yutarohayakawa
4
2.5k

Other Decks in Technology

See All in Technology
[k8sjp #56] Kustomize v5 を含む最新機能とテクニックの紹介
koba1t
0
350
赤裸々図解!新卒3年目でマネジメントもこなすフルスタックエンジニアになるまで
mizunohiroaki
0
310
ChatGPTをプロダクトに入れる開発が"毎日がAfter GPT"だった件/ChatGPT LT Link and Motivation
lmi
1
2.5k
Win Testing Trophy Easily / テスティングトロフィーを獲得する / PHPerKaigi 2023
k1low
1
120
AstroNvim を使おう!
ybrliiu
0
120
Invitation to K8s-Docs ja
nasa9084
0
140
Spring Boot 3.0へのアップデートのハマり所 / Findings in Migrating our Application to Spring Boot 3.0
line_developers
PRO
4
420
『登記所備付地図XMLデータ』に触れてみよう〜法務省が公開した大規模オープンデータとは一体何なのか〜 / What is moj map xml
sakaik
0
110
可読性を高めるためのコードレビューテクニック
sbtechnight
PRO
0
480
関数型で表現するイベントソーシングの実装とその教育
tomohisa
0
150
ジョブキューシステムFireworqのアーキテクチャ設計と運用時のベストプラクティス
tarao
1
790
Federated Learning 連合学習
regonn
1
350

Featured

See All Featured
Teambox: Starting and Learning
jrom
124
7.9k
Automating Front-end Workflow
addyosmani
1351
200k
Stop Working from a Prison Cell
hatefulcrawdad
264
18k
Fashionably flexible responsive web design (full day workshop)
malarkey
396
64k
Docker and Python
trallard
30
2k
Embracing the Ebb and Flow
colly
76
3.6k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
44
14k
Bootstrapping a Software Product
garrettdimon
299
110k
Practical Orchestrator
shlominoach
178
9k
Build The Right Thing And Hit Your Dates
maggiecrowley
22
1.5k
Building Your Own Lightsaber
phodgson
96
4.9k
JazzCon 2018 Closing Keynote - Leadership for the Reluctant Leader
reverentgeek
176
9.2k

Transcript

  1. Yutaro Hayakawa
    Mail: [email protected]
    Twitter: @YutaroHayakawa
    1
    eBPF Implementation for FreeBSD

    View Slide

  2. Agenda
    1. Linux eBPF the Basic
    2. eBPF implementation for FreeBSD
    3. Usecase: VALE-BPF
    Yutaro Hayakawa | eBPF implementation for FreeBSD 2

    View Slide

  3. Agenda
    1. Linux eBPF the Basic
    2. eBPF implementation for FreeBSD
    3. VALE-BPF
    Yutaro Hayakawa | eBPF implementation for FreeBSD 3

    View Slide

  4. What’s eBPF?
    Extended general perpose BPF virtual machine ISA
    - Closer to modern CPU ISA (64bit registers * 11, 64bit wide instructions...)
    - C calling convention and LLVM backend
    - Call instruction
    - Maps (in-kernel key-value store shared with user space program)
    - Write data to tracing buffer
    - etc…
    More performance optimization (JIT, static code analysis)
    bpf(2) for loading program, creating maps, manipulating maps ...
    Yutaro Hayakawa | eBPF implementation for FreeBSD 4

    View Slide

  5. Use cases?

    View Slide

  6. Use cases: Dynamic tracing
    Use eBPF as a backend of dynamic tracing (like DTrace)
    Yutaro Hayakawa | eBPF implementation for FreeBSD 6
    https://github.com/iovisor/bcc
    http://www.brendangregg.com/blog/2015-05-15/ebpf-one-small-step.html

    View Slide

  7. Use cases: XDP (eXpress Data Path)
    No “kernel bypass” (e.g. DPDK,
    netmap)
    Hook and process packet right after
    reception inside the driver by eBPF
    - DDos mitigation: Droplet
    - Load balancing: Katran
    - IDS/IPS backend: Surikata
    Hardware offloading
    - Netronome Agilio
    Yutaro Hayakawa | eBPF implementation for FreeBSD 7
    https://www.iovisor.org/technology/xdp

    View Slide

  8. Tooling?

    View Slide

  9. eBPF Tooling
    Linux kernel provides only very premitive API to users
    - bpf(2)
    - Program loader (e.g. Netlink, setsockopt, ioctl... )
    - Some useful libraries (but very primitive)
    Need tooling for better utilization
    Yutaro Hayakawa | eBPF implementation for FreeBSD 9

    View Slide

  10. Tooling: BCC (BPF Compiler Collection)
    Compiler driver and useful libraries for eBPF
    - Deal with restricted C, call clang/llvm
    - Compiler frontend for various languages (C, P4)
    - ELF parsing, Map libraries
    - Language bindings (Python, C++, Lua…)
    Yutaro Hayakawa | eBPF implementation for FreeBSD 10
    Source: https://github.com/iovisor/bcc

    View Slide

  11. View Slide

  12. Embedded C

    View Slide

  13. Embedded C
    Interact with Map

    View Slide

  14. Embedded C
    Interact with Map
    Output

    View Slide

  15. Tooling: PLY
    Tracing frontend which is heavily
    inspired by DTrace
    dtrace -n syscall:::entry'{@syscalls[probefunc] = count();}'
    Yutaro Hayakawa | eBPF implementation for FreeBSD 15
    Source: https://github.com/iovisor/ply

    View Slide

  16. Tooling: PLY
    Tracing frontend which is heavily
    inspired by DTrace
    dtrace -n syscall:::entry'{@syscalls[probefunc] = count();}'
    Yutaro Hayakawa | eBPF implementation for FreeBSD 16
    Source: https://github.com/iovisor/ply

    View Slide

  17. Tooling: bpfilter
    iptables (Linux’s ipfw or pf) which uses XDP as a backend
    Transparently accerelates existing iptables
    RFC patch: https://www.mail-archive.com/[email protected]/msg217095.html
    Yutaro Hayakawa | eBPF implementation for FreeBSD 17
    https://www.netronome.com/blog/bpf-ebpf-xdp-and-bpfilter-what-are-these-things-and-what-do-they-mean-enterprise/

    View Slide

  18. Conclusion for this section
    Recent Linux implements a lot of interesting features using eBPF
    - Dynamic tracing
    - Very fast packet processing framework
    - etc ...
    The community also introduces a lot of interesting tools
    - BCC, PLY, bpfilter
    More information
    - https://qmonnet.github.io/whirl-offload/2016/09/01/dive-into-bpf/
    - Really useful collection of links
    Yutaro Hayakawa | eBPF implementation for FreeBSD 18

    View Slide

  19. Agenda
    1. Linux eBPF the Basic
    2. eBPF implementation for FreeBSD
    3. VALE-BPF
    Yutaro Hayakawa | eBPF implementation for FreeBSD 19

    View Slide

  20. generic-ebpf
    Generalized multi-platform eBPF implementation
    - Currently supports FreeBSD user/kernel, Linux user/kernel and macOS user
    - About 200 lines of glue code for each platform
    - Shares most of the code (easy to test in userspace)
    - Interpreter and JIT compiler for x86-64 based on ubpf
    - Maps which uses tommyds as a backend
    - Verifier is not yet implemented...
    Yutaro Hayakawa | eBPF implementation for FreeBSD 20
    Source: https://github.com/YutaroHayakawa/generic-ebpf

    View Slide

  21. Current status
    /dev/ebpf + ioctl(2) interface (Linux bpf(2))
    - load program, create and manipulate maps, run simple test
    Interpreter and JIT compiler for x86-64
    - Most of the instructions are implemented
    - atomic operations are missing
    Array, Hashtable maps
    Yutaro Hayakawa | eBPF implementation for FreeBSD 21

    View Slide

  22. Hashtable map benchmark
    Yutaro Hayakawa | eBPF implementation for FreeBSD 22
    For more details: https://github.com/YutaroHayakawa/generic-ebpf/tree/master/benchmark

    View Slide

  23. Why is FreeBSD case so slow?
    Experiment
    - Simply returns immediately from ioctl
    handler
    - See latency of ioctl
    Yutaro Hayakawa | eBPF implementation for FreeBSD 23
    ioctl(2) ioctl(2)
    struct cdevsw struct file_operations
    ebpf_dev_ioctl
    ioctl handler ioctl handler
    Map operations
    (update/delete/lookup)
    FreeBSD Linux

    View Slide

  24. Why is FreeBSD case so slow?
    Experiment
    - Simply returns immediately from ioctl
    handler
    - See latency of ioctl
    About 85% of the difference comes from ioctl
    Need more precise analysis...
    Yutaro Hayakawa | eBPF implementation for FreeBSD 24
    ioctl(2) ioctl(2)
    struct cdevsw struct file_operations
    ebpf_dev_ioctl
    ioctl handler ioctl handler
    Map operations
    (update/delete/lookup)
    FreeBSD Linux

    View Slide

  25. Agenda
    1. Linux eBPF the Basic
    2. eBPF implementation for FreeBSD
    3. VALE-BPF
    Yutaro Hayakawa | eBPF implementation for FreeBSD 25

    View Slide

  26. VALE (Virtual Local Ethernet)
    Fast and modular software switch (a.k.a mSwitch)
    Yutaro Hayakawa | eBPF implementation for FreeBSD 26
    Kernel
    User
    netmap API netmap API
    Modular Lookup
    Logic
    uint32_t
    mylookup(struct nm_bdg_fwd *ft, uint8_t *dst_ring,
    struct netmap_vp_adapter *na, void *private_data)
    {
    struct ip *iph;
    iph = (struct ip)(buf + ETHER_HDR_LEN);
    if (iph - ft->ft_buf > ft->ft_len) {
    return NM_BDG_DROP;
    }
    return ntohl(iph->ip_dst) & 0xff;
    }
    mymodule.ko
    VALE

    View Slide

  27. VALE-BPF
    VALE module which enhances eBPF programmability to VALE
    Yutaro Hayakawa | eBPF implementation for FreeBSD 27
    uint32_t
    vale_bpf_lookup(struct vale_bpf_md *md)
    {
    struct ip iph;
    iph = (struct ip)(md->buf + ETHER_HDR_LEN);
    if (iph > md->buf_end) {
    return VALE_BPF_DROP;
    }
    return ntohl(iph->ip_dst) & 0xff;
    }
    Source: https://github.com/YutaroHayakawa/vale-bpf
    Kernel
    User
    netmap API netmap API
    vale-bpf.ko
    VALE
    eBPF lookup logic

    View Slide

  28. Performance evaluation
    Forward packets between two virtual ports with different logic
    - Learning bridge
    - No logic
    Yutaro Hayakawa | eBPF implementation for FreeBSD 28
    Learning Bridge [Mpps] No Logic [Mpps]
    VALE 17.74 27.71
    VALE-BPF 8.52 23.66
    For more details: https://docs.google.com/document/d/1rdrHIeap8gYRh3es4yCnuWkuA6zDDot4UDFgEyiuG3E/edit?usp=sharing

    View Slide

  29. Demo

    View Slide

  30. Miscellaneous ideas
    Networking
    - ng_ebpf: Netgraph module for eBPF
    - XDP emulator: Compatibility with XDP program
    - Hardware offloading
    Security
    - Systemcall filtering like seccomp
    Yutaro Hayakawa | eBPF implementation for FreeBSD 30

    View Slide

  31. Summary
    1. eBPF is a hot technology among Linux community and they introduce
    a lot of interesting features and useful tools around that
    2. eBPF implementation for FreeBSD is going on
    3. VALE-BPF, a extension module which enhances eBPF
    programmability to VALE switch improves the programmability of
    VALE switch
    Yutaro Hayakawa | eBPF implementation for FreeBSD 31

    View Slide

  32. Questions?

    View Slide