ebpf offload to hardware cls bpf and xdp motivation
play

eBPF Offload to Hardware: cls_bpf and XDP Motivation - Avoiding - PowerPoint PPT Presentation

Aug 19, 2023 •416 likes •668 views

eBPF Offload to Hardware: cls_bpf and XDP Motivation - Avoiding Whack-a-mole Motivation - Why eBPF? Target architecture (NFP based NIC) RX Path Flow of eBPF Packet The Flow Processing Core (Fully Programmable) Mapping eBPF -> NFP

  1. eBPF Offload to Hardware: cls_bpf and XDP

  2. Motivation - Avoiding Whack-a-mole

  3. Motivation - Why eBPF?

  4. Target architecture (NFP based NIC) RX Path

  5. Flow of eBPF Packet

  6. The Flow Processing Core (Fully Programmable)

  7. Mapping eBPF -> NFP

  8. Programming Model

  9. Kernel basics ( before ) ● program XDP ● type (sk filter, kprobe, cls, xdp) tc ctrl ● license ● ... user space BPF syscall kernel space fd fd fd BPF TC prog verifier cls_bpf verification host JIT modification driver RX XDP TX

  10. Kernel basics ( flow no offload ) ● program XDP ● type (sk filter, kprobe, cls, xdp) tc ctrl ● license ● ... user space BPF syscall kernel space fd fd fd BPF TC prog verifier cls_bpf s verification host JIT k b modification driver RX XDP TX

  11. Kernel basics ( after ) ● program XDP ● type (sk filter, kprobe, cls, xdp) tc ctrl ● license ● ... user space BPF syscall kernel space fd fd, skip_* flags fd, skip_* flags BPF TC prog verifier cls_bpf verification offload host JIT object modification ndo HW JIT / driver stats setup translator RX XDP TX & tc maps

  12. Kernel basics ( after ) ● program XDP ● type (sk filter, kprobe, cls, xdp) tc ctrl ● license ● ... user space BPF syscall kernel space fd fd, skip_* flags fd, skip_* flags BPF TC prog verifier cls_bpf verification offload host JIT object modification ndo HW JIT / driver stats setup translator RX XDP TX & tc maps

  13. Kernel basics ( flow with offload ) ● program XDP ● type (sk filter, kprobe, cls, xdp) tc ctrl ● license ● ... user space BPF syscall kernel space fd fd, skip_* flags fd, skip_* flags BPF TC prog verifier cls_bpf fallback verification offload host JIT object stats modification metadata ndo HW JIT / driver stats setup translator RX XDP TX & tc maps

  14. Translation and loading ● program XDP ● type (sk filter, kprobe, cls, xdp) tc ctrl ● license ● ... user space BPF syscall kernel space fd fd, skip_* flags fd, skip_* flags BPF TC prog verifier cls_bpf verification offload host JIT object modification ndo HW JIT / driver stats setup translator RX XDP TX & tc maps (1) Check HW capabilities and image parameters

  15. Translation and loading ● program XDP ● type (sk filter, kprobe, cls, xdp) tc ctrl ● license ● ... user space BPF syscall kernel space fd fd, skip_* flags fd, skip_* flags BPF TC prog verifier cls_bpf verification offload host JIT object modification ndo HW JIT / driver stats setup translator RX XDP TX & tc (2) Re-run the verifier maps (1) Check HW capabilities and image parameters

  16. Translation and loading ● program XDP ● type (sk filter, kprobe, cls, xdp) tc ctrl ● license ● ... user space BPF syscall kernel space fd fd, skip_* flags fd, skip_* flags BPF TC prog verifier cls_bpf (3) Collect state/analyze verification offload host JIT object modification ndo HW JIT / driver stats setup translator RX XDP TX & tc (2) Re-run the verifier maps (1) Check HW capabilities and image parameters

  17. Translation and loading ● program XDP ● type (sk filter, kprobe, cls, xdp) tc ctrl ● license ● ... user space BPF syscall kernel space fd fd, skip_* flags fd, skip_* flags BPF TC prog verifier cls_bpf (3) Collect state/analyze verification offload host JIT (4) Optimize object (5) JIT/generate image modification (6) Load image ndo HW JIT / driver stats setup translator RX XDP TX & tc (2) Re-run the verifier maps (1) Check HW capabilities and image parameters

  18. Quick peek at the device path ndo HW JIT / driver descriptor stats setup translator ring RX XDP TX & tc maps kernel space device packet data m bits in descriptors Memory metadata in prepend stats core core core core core core core core maps Data path MAC0 MAC1 MAC2 MAC3

  19. Operations and actions (done or near/mid term) ● ndo HW JIT / driver descriptor stats setup translator ring RX XDP TX & tc maps ● kernel space device ● packet data m bits in descriptors ● Memory metadata in prepend stats ● core core core core core core core core maps Data Path MAC0 MAC1 MAC2 MAC3

  20. Map plans and ideas Use of map by offloaded Map location Mechanism needed program Read only Host + device copy update interception Read/write Device only update/read interception lock out map in kernel space Read + statistics gather update/read interception ● use verifier to check access types; ● add hooks in map code; ● add netdevice for binding the map to the device; ● read + statistics require further investigation; ● only allow read/write offload for skip-sw programs.

  21. Optimizations and verifier future work

  22. Demo Links to eBPF Webinar Start of Webinar: https://www.youtube.com/watch?v=apU5sg0Ui5U Start of Demo: https://youtu.be/apU5sg0Ui5U?t=2003 Also Check out: http://open-nfp.org/the-classroom/

  23. Summary

  24. Kernel basics ( after ) ● program XDP ● type (sk filter, kprobe, cls, xdp) tc ctrl ● license ● ... user space BPF syscall kernel space fd, skip_* flags fd, skip_* flags fd BPF TC prog verifier cls_bpf translation offload host JIT verification object modification ndo HW JIT / driver setup translator RX path XDP TX path tc

Recommend

HIERARCHICAL QOS HARDWARE OFFLOAD Yossi Kuperman, Maxim Mikityanskiy, 2020 AGENDA Hierarchical

HIERARCHICAL QOS HARDWARE OFFLOAD Yossi Kuperman, Maxim Mikityanskiy, 2020 AGENDA Hierarchical

HIERARCHICAL QOS HARDWARE OFFLOAD Yossi Kuperman, Maxim Mikityanskiy, 2020 AGENDA Hierarchical Token Bucket Brief description of HTB and its issues HTB offload solution Modifications to HTB to solve the issues and offload the logic Current

1.06k views • 13 slides
Hardware accelerating Linux network functions Roopa Prabhu, Wilson Kok Proceedings of netdev

Hardware accelerating Linux network functions Roopa Prabhu, Wilson Kok Proceedings of netdev

Hardware accelerating Linux network functions Roopa Prabhu, Wilson Kok Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada Agenda Recap: offload models, offload drivers Introduction to switch asic hardware L2 offload

457 views • 26 slides
Kernel TLS and hardware TLS offload in FreeBSD 13 by Mellanox, Chelsio and Netflix Why crypto?

Kernel TLS and hardware TLS offload in FreeBSD 13 by Mellanox, Chelsio and Netflix Why crypto?

Kernel TLS and hardware TLS offload in FreeBSD 13 by Mellanox, Chelsio and Netflix Why crypto? Bob and Alice and the secret message Mathematical dependance on a relatively small pre-shared key When used right: Prevents

801 views • 30 slides
Hardware offload BOF Shrijeet Mukherjee, Neil Horman https://etherpad.mozilla.org/2PlezMRjCF

Hardware offload BOF Shrijeet Mukherjee, Neil Horman https://etherpad.mozilla.org/2PlezMRjCF

Hardware offload BOF Shrijeet Mukherjee, Neil Horman https://etherpad.mozilla.org/2PlezMRjCF Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada A fantasy agenda Capabilities a.Explicit list Or Query serially, punt to higher level

251 views • 5 slides
Bri Bring nging ng the the Power r of eB eBPF to to Open vSwitch ch Linux Plumber 2018

Bri Bring nging ng the the Power r of eB eBPF to to Open vSwitch ch Linux Plumber 2018

Bri Bring nging ng the the Power r of eB eBPF to to Open vSwitch ch Linux Plumber 2018 William Tu, Joe Stringer, Yifeng Sun, Yi-Hung Wei VMware Inc. and Cilium.io 1 Outline Introduction and Motivation OVS-eBPF Project

429 views • 39 slides
Bri Bring nging ng the the Power r of eB eBPF to to Open vSwitch ch Linux Plumber 2018

Bri Bring nging ng the the Power r of eB eBPF to to Open vSwitch ch Linux Plumber 2018

Bri Bring nging ng the the Power r of eB eBPF to to Open vSwitch ch Linux Plumber 2018 William Tu, Joe Stringer, Yifeng Sun, Yi-Hung Wei VMware Inc. and Cilium.io 1 Outline Introduction and Motivation OVS-eBPF Project

612 views • 45 slides
Endless Network Programming An Update from eBPF Land Quentin Monnet @qeole Outline Q.

Endless Network Programming An Update from eBPF Land Quentin Monnet @qeole Outline Q.

FOSDEM20 Brussels, 2020-02-01 Endless Network Programming An Update from eBPF Land Quentin Monnet @qeole Outline Q. Monnet eBPF Update 2/18 eBPF Basics New Features eBPF Universe eBPF Basics Q. Monnet

531 views • 18 slides
Offload Annotations: Bringing Heterogeneous Computing to Existing Libraries and Workloads Gina

Offload Annotations: Bringing Heterogeneous Computing to Existing Libraries and Workloads Gina

Offload Annotations: Bringing Heterogeneous Computing to Existing Libraries and Workloads Gina Yuan, Shoumik Palkar, Deepak Narayanan, Matei Zaharia Stanford University USENIX ATC 2020 (July 15-17) Background: Hardware Commoditization NVIDIA

838 views • 50 slides
eBPF and XDP walkthrough and recent updates Daniel Borkmann <daniel@iogearbox.net> cilium

eBPF and XDP walkthrough and recent updates Daniel Borkmann <daniel@iogearbox.net> cilium

eBPF and XDP walkthrough and recent updates Daniel Borkmann <daniel@iogearbox.net> cilium project fosdem17, February 4, 2017 Daniel Borkmann eBPF in tcs cls bpf and XDP February 4, 2017 1 / 11 Big Picture: eBPF and Networking eBPF:

476 views • 11 slides
Beyond per-CPU atomics and rseq syscall: subset of eBPF bytecode for the do_on_cpu syscall

Beyond per-CPU atomics and rseq syscall: subset of eBPF bytecode for the do_on_cpu syscall

Linux Plumbers Conference 2019 eBPF conf Beyond per-CPU atomics and rseq syscall: subset of eBPF bytecode for the do_on_cpu syscall mathieu.desnoyers@efcios.com Restartable Sequences (RSEQ) in a nutshell System call registering

457 views • 9 slides
Protocol stacks and multicore scalability The evolving hardware-software interface or Why we

Protocol stacks and multicore scalability The evolving hardware-software interface or Why we

Protocol stacks and multicore scalability The evolving hardware-software interface or Why we love and hate offload MSN 2010 Robert N. M. Watson University of Cambridge Portions of this work supported by Juniper Networks, Inc. Idealised

664 views • 30 slides
Replacing iptables with eBPF in Kubernetes with Cilium Cilium, eBPF, Envoy, Istio, Hubble Michal

Replacing iptables with eBPF in Kubernetes with Cilium Cilium, eBPF, Envoy, Istio, Hubble Michal

Replacing iptables with eBPF in Kubernetes with Cilium Cilium, eBPF, Envoy, Istio, Hubble Michal Rostecki Swaminathan Vasudevan Software Engineer Software Engineer mrostecki@suse.com svasudevan@suse.com mrostecki@opensuse.org Whats

2.06k views • 52 slides
Security Monitoring with eBPF ALEX MAESTRETTI - MANAGER, SIRT BRENDAN GREGG - Sr ARCHITECT,

Security Monitoring with eBPF ALEX MAESTRETTI - MANAGER, SIRT BRENDAN GREGG - Sr ARCHITECT,

Security Monitoring with eBPF ALEX MAESTRETTI - MANAGER, SIRT BRENDAN GREGG - Sr ARCHITECT, PERFORMANCE The Brief. Extended Berkley Packet Filter (eBPF) is a new Linux feature which allows safe and efficient monitoring of kernel functions.

593 views • 27 slides
Motivation for Multithreaded Architectures Processors not executing code at their hardware

Motivation for Multithreaded Architectures Processors not executing code at their hardware

Motivation for Multithreaded Architectures Processors not executing code at their hardware potential late 70s: performance lost to memory latency 90s: performance not in line with the increasingly complex parallel hardware as

591 views • 32 slides
New (and Exciting!) Developments in Linux Tracing Elena Zannoni (elena.zannoni@oracle.com) Linux

New (and Exciting!) Developments in Linux Tracing Elena Zannoni (elena.zannoni@oracle.com) Linux

<Insert Picture Here> New (and Exciting!) Developments in Linux Tracing Elena Zannoni (elena.zannoni@oracle.com) Linux Engineering, Oracle America Linuxcon Japan 2015 Overview BPF eBPF eBPF main concepts and elements eBPF

601 views • 42 slides
Low-Overhead System Tracing With eBPF Akshay Kapoor DevOps Engineer @ SAP Labs May 2018

Low-Overhead System Tracing With eBPF Akshay Kapoor DevOps Engineer @ SAP Labs May 2018

Low-Overhead System Tracing With eBPF Akshay Kapoor DevOps Engineer @ SAP Labs May 2018 Low-Overhead System Tracing With eBPF Low-Overhead System Tracing With eBPF Low-Overhead System Tracing With eBPF You don't need to know how to operate

632 views • 26 slides
eBPF Perf Tools 2019 ^C @usecs: [256, 512) 2 |

eBPF Perf Tools 2019 ^C @usecs: [256, 512) 2 |

# biolatency.bt Attaching 3 probes... Tracing block device I/O... Hit Ctrl-C to end. eBPF Perf Tools 2019 ^C @usecs: [256, 512) 2 | | [512, 1K) 10 |@

933 views • 39 slides
Th The Ne e Next L Linux S x Super erpower er: eBPF eBPF Prime mer Sasha Goldshtein CTO,

Th The Ne e Next L Linux S x Super erpower er: eBPF eBPF Prime mer Sasha Goldshtein CTO,

Europe 2016 @goldshtn h7ps://s.sashag.n Th The Ne e Next L Linux S x Super erpower er: eBPF eBPF Prime mer Sasha Goldshtein CTO, Sela Group @goldshtn Europe 2016 @goldshtn h7ps://s.sashag.n Europe 2016 @goldshtn h7ps://s.sashag.n

248 views • 24 slides
Linux tc and eBPF. Daniel Borkmann <daniel@iogearbox.net> Noiro Networks / Cisco Systems

Linux tc and eBPF. Daniel Borkmann <daniel@iogearbox.net> Noiro Networks / Cisco Systems

Linux tc and eBPF. Daniel Borkmann <daniel@iogearbox.net> Noiro Networks / Cisco Systems fosdem16, January 31, 2016 Daniel Borkmann tc and cls bpf with eBPF January 31, 2016 1 / 16 Background, history. BPF origins as a generic, fast

326 views • 16 slides
Stateful packet processing with eBPF: An implementation of OpenState interface Quentin Monnet

Stateful packet processing with eBPF: An implementation of OpenState interface Quentin Monnet

FOSDEM17 Brussels, 2017-02-04 Stateful packet processing with eBPF: An implementation of OpenState interface Quentin Monnet < quentin.monnet@6wind.com > @qeole Quentin Monnet (6WIND) | BEBA OpenState and eBPF Agenda 2/34 Ill

558 views • 34 slides
Kahawai: High-Quality Mobile Gaming Using GPU Offload Authors:

Kahawai: High-Quality Mobile Gaming Using GPU Offload Authors:

Kahawai: High-Quality Mobile Gaming Using GPU Offload Authors: Eduardo Cuervo, Alec Wolman, Landon P. Cox, Kiron Lebeck, Ali Razeen, Stefan Saroiu and

316 views • 20 slides
I/O Virtualization with Hardware Support Ubaid H. and Vasia P. Trade-offs and Motivation - In

I/O Virtualization with Hardware Support Ubaid H. and Vasia P. Trade-offs and Motivation - In

I/O Virtualization with Hardware Support Ubaid H. and Vasia P. Trade-offs and Motivation - In a fully virtual I/O, we have interposition - Full encapsulation (store, pause, resume), portability, flexibility, live migration - Slow

423 views • 24 slides
TCP/Generic Segmentation Offload and Its Application in Xen Herbert Xu Principal Software

TCP/Generic Segmentation Offload and Its Application in Xen Herbert Xu Principal Software

TCP/Generic Segmentation Offload and Its Application in Xen Herbert Xu Principal Software Engineer Red Hat Asia Pacific What is TSO? Faster Ethernet (Gigabit) => higher CPU load: 1500-byte Ethernet MTU set in 70's. Amount of data

279 views • 13 slides
Calico Networking with eBPF Shaun Crampton, Core Developer for Project Calico Chris Hoge,

Calico Networking with eBPF Shaun Crampton, Core Developer for Project Calico Chris Hoge,

Calico Networking with eBPF Shaun Crampton, Core Developer for Project Calico Chris Hoge, Developer Advocate for Project Calico What prompted the team to add another dataplane to Calico? Calicos Pluggable Dataplane What is eBPF?

312 views • 20 slides

More recommend