research-article

On Integrating eBPF into Pluginized Protocols

Authors:
Quentin De Coninck

University of Mons, Belgium

University of Mons, Belgium
View Profile

,
Louis Navarre

UCLouvain, Belgium

UCLouvain, Belgium
View Profile

,
Nicolas Rybowski

UCLouvain, Belgium

UCLouvain, Belgium
View Profile

Authors Info & Claims

ACM SIGCOMM Computer Communication Review Volume 53 Issue 3October 2023pp 2–8https://doi.org/10.1145/3649171.3649173

Published:20 February 2024Publication History

ACM SIGCOMM Computer Communication Review

Abstract

eBPF is a popular technology originating from the Linux kernel that enables safely running user-provided programs in a kernel-context. This technology opened the door for efficient programming in the operating system, especially in its network stack. However, its applicability is not limited to the Linux kernel. Various efforts leveraged the eBPF Instruction Set Architecture (ISA) as the basis of other networking related use cases outside of the Linux kernel. This paper focuses on the pluginized protocols' use case such as PQUIC and xBGP where the eBPF ISA serves as the basis to execute plugins providing per-session protocol behavior. It first quickly describes how the Linux kernel builds around this eBPF ISA to provide enhanced in-kernel network programmability. Then, the paper considers the case of pluginized protocols. Leveraging eBPF outside of the Linux kernel environment requires complementing the eBPF ISA to meet the pluginized protocols' requirements. This paper details these integration efforts. Based on the lessons learned from these, it finally concludes by an applicability discussion of the eBPF ISA to other use cases.

References

PQUIC Authors. 2020. uBPF: Userspace eBPF VM (PQUIC version). (2020). https://github.com/p-quic/ubpf/.Google Scholar
Gilberto Bertin. 2017. XDP in practice: integrating XDP into our DDoS mitigation pipeline. In Technical Conference on Linux Networking, Netdev, Vol. 2. The NetDev Society, 1--5.Google Scholar
Lawrence Brakmo. 2017. Tcp-bpf: Programmatically tuning tcp behavior through bpf. In NetDev 2.2.Google Scholar
Marco Spaziani Brunella, Giacomo Belocchi, Marco Bonola, Salvatore Pontarelli, Giuseppe Siracusano, Giuseppe Bianchi, Aniello Cammarano, Alessandro Palumbo, Luca Petrucci, and Roberto Bifulco. 2022. hXDP: Efficient software packet processing on FPGA NICs. Commun. ACM 65, 8 (2022), 92--100.Google ScholarDigital Library
Byron Cook, Andreas Podelski, and Andrey Rybalchenko. 2006. Terminator: Beyond Safety: (Tool Paper). In Computer Aided Verification: 18th International Conference, CAV 2006, Seattle, WA, USA, August 17-20, 2006. Proceedings 18. Springer, 415--418.Google ScholarDigital Library
Jonathan Corbet. 2014. BPF: the universal in-kernel virtual machine. Linux Weekly News (May 2014). https://lwn.net/Articles/599755/, Accessed: 2021-02-04.Google Scholar
Quentin De Coninck, François Michel, Maxime Piraux, Florentin Rochet, Thomas Given-Wilson, Axel Legay, Olivier Pereira, and Olivier Bonaventure. 2019. Pluginizing QUIC. In Proceedings of the ACM Special Interest Group on Data Communication - SIGCOMM '19. ACM Press, Beijing, China, 59--74. Google ScholarDigital Library
Jake Edge. 2015. A seccomp overview. Linux Weekly News (September 2015). https://old.lwn.net/Articles/656307/.Google Scholar
Clarence Filsfils, Pablo Camarillo, John Leddy, Daniel Voyer, Satoru Matsushima, and Zhenbin Li. 2021. Segment Routing over IPv6 (SRv6) Network Programming. RFC 8986. (Feb. 2021). Google ScholarDigital Library
Matt Fleming. 2017. A thorough introduction to eBPF. Linux Weekly News (Dec. 2017).Google Scholar
Elazar Gershuni, Nadav Amit, Arie Gurfinkel, Nina Narodytska, Jorge A Navas, Noam Rinetzky, Leonid Ryzhyk, and Mooly Sagiv. 2019. Simple and precise static analysis of untrusted linux kernel extensions. In Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation. 1069--1084.Google ScholarDigital Library
Arie Gurfinkel, Temesghen Kahsai, Anvesh Komuravelli, and Jorge A Navas. 2015. The SeaHorn verification framework. In Computer Aided Verification: 27th International Conference, CAV 2015, San Francisco, CA, USA, July 18-24, 2015, Proceedings, Part I. Springer, 343--361.Google ScholarCross Ref
Toke Høiland-Jørgensen, Jesper Dangaard Brouer, Daniel Borkmann, John Fastabend, Tom Herbert, David Ahern, and David Miller. 2018. The express data path: Fast programmable packet processing in the operating system kernel. In Proceedings of the 14th international conference on emerging networking experiments and technologies. 54--66.Google ScholarDigital Library
Christian Huitema. 2023. picoquic. (2023).Google Scholar
IOVisor. 2023. uBPF: Userspace eBPF VM. (2023). https://github.com/iovisor/ubpf.Google Scholar
Jana Iyengar and Martin Thomson. 2021. QUIC: A UDP-Based Multiplexed and Secure Transport. RFC 9000. (May 2021). Google ScholarDigital Library
Mathieu Jadin, Quentin De Coninck, Louis Navarre, Michael Schapira, and Olivier Bonaventure. 2022. Leveraging eBPF to make TCP path-aware. IEEE Transactions on Network and Service Management 19, 3 (2022), 2827--2838.Google ScholarCross Ref
The kernel development community. 2023. BPF Architecture. (2023). https://docs.cilium.io/en/stable/bpf/architecture/#bpf-to-bpf-calls.Google Scholar
The kernel development community. 2023. BPF Type Format (BTF). (2023). https://www.kernel.org/doc/html/v6.2/bpf/btf.html.Google Scholar
The kernel development community. 2023. eBPF Instruction Set Specification, v1.0. (2023). https://www.kernel.org/doc/html/latest/bpf/instruction-set.html.Google Scholar
Joanne Koong. 2021. [PATCH v3 bpf-next 0/4] Add bpf_loop helper. (2021). https://lore.kernel.org/bpf/[email protected]/T/.Google Scholar
Daniel Kroening and Michael Tautschnig. 2014. CBMC-C Bounded Model Checker: (Competition Contribution). In Tools and Algorithms for the Construction and Analysis of Systems: 20th International Conference, TACAS 2014, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2014, Grenoble, France, April 5-13, 2014. Proceedings 20. Springer, 389--391.Google ScholarCross Ref
David Lebrun and Olivier Bonaventure. 2017. Implementing ipv6 segment routing in the linux kernel. In Proceedings of the Applied Networking Research Workshop. 35--41.Google ScholarDigital Library
Steven McCanne and Van Jacobson. 1993. The BSD Packet Filter: A New Architecture for User-level Packet Capture.. In USENIX winter, Vol. 46.Google Scholar
François Michel, Alejandro Cohen, Derya Malak, Quentin De Coninck, Muriel Médard, and Olivier Bonaventure. 2022. FlEC: Enhancing QUIC with application-tailored reliability mechanisms. IEEE/ACM Transactions on Networking (2022).Google Scholar
Quentin Monnet. 2023. rbpf: Rust (user-space) virtual machine for eBPF. (2023). https://github.com/qmonnet/rbpf.Google Scholar
Andrii Nakryiko. 2020. BPF CO-RE (Compile Once - Run Everywhere). (2020). https://nakryiko.com/posts/bpf-portability-and-co-re/.Google Scholar
Akshay Narayan, Frank Cangialosi, Deepti Raghavan, Prateesh Goyal, Srinivas Narayana, Radhika Mittal, Mohammad Alizadeh, and Hari Balakrishnan. 2018. Restructuring endpoint congestion control. In Proceedings of the 2018 Conference of the ACM Special Interest Group on Data Communication. 30--43.Google ScholarDigital Library
Louis Navarre, François Michel, and Olivier Bonaventure. 2021. SRv6-FEC: bringing forward erasure correction to IPv6 segment routing. In Proceedings of the SIGCOMM'21 Poster and Demo Sessions. 45--47.Google ScholarDigital Library
Richard Prinz et al. 2023. hBPF = eBPF in hardware. (2023). https://github.com/rprinz08/hBPF.Google Scholar
Yakov Rekhter, Susan Hares, and Tony Li. 2006. A Border Gateway Protocol 4 (BGP-4). RFC 4271. (Jan. 2006). Google ScholarDigital Library
Nicolas Rybowski, Quentin De Coninck, Tom Rousseaux, Axel Legay, and Olivier Bonaventure. 2021. Implementing the plugin distribution system. In Proceedings of the SIGCOMM'21 Poster and Demo Sessions. 39--41.Google ScholarDigital Library
Dave Thaler. 2023. eBPF ELF Profile Specification, v0.1. Internet-Draft draft-thaler-bpf-elf-00. Internet Engineering Task Force. https://datatracker.ietf.org/doc/draft-thaler-bpf-elf/00/ Work in Progress.Google Scholar
Dave Thaler. 2023. eBPF Instruction Set Specification, v1.0. Internet-Draft draft-thaler-bpf-isa-00. Internet Engineering Task Force. https://datatracker.ietf.org/doc/draft-thaler-bpf-isa/00/ Work in Progress.Google Scholar
Dave Thaler and Poorna Gaddehosur. 2021. Making eBPF work on Windows. (May 2021). https://cloudblogs.microsoft.com/opensource/2021/05/10/making-ebpf-work-on-windows/.Google Scholar
Viet-Hoang Tran and Olivier Bonaventure. 2020. Beyond socket options: Towards fully extensible Linux transport stacks. Computer Communications 162 (2020), 118--138.Google ScholarCross Ref
David Vernet. 2023. [PATCH bpf-next v3] bpf/docs: Document kfunc lifecycle / stability expectations. (2023). https://www.spinics.net/lists/kernel/msg4676660.html.Google Scholar
Robert Wahbe, Steven Lucco, Thomas E Anderson, and Susan L Graham. 1994. Efficient software-based fault isolation. ACM SIGOPS Operating Systems Review 27, 5 (1994), 203--216.Google ScholarDigital Library
Thomas Wirtgen, Quentin De Coninck, Randy Bush, Laurent Vanbever, and Olivier Bonaventure. 2020. Xbgp: When you can't wait for the ietf and vendors. In Proceedings of the 19th ACM Workshop on Hot Topics in Networks. 1--7.Google ScholarDigital Library
Thomas Wirtgen, Tom Rousseaux, Quentin De Coninck, Nicolas Rybowski, Randy Bush, Laurent Vanbever, Axel Legay, and Olivier Bonaventure. 2023. xBGP: Faster Innovation in Routing Protocols. In 20th USENIX Symposium on Networked Systems Design and Implementation (NSDI 23).Google Scholar
xBGP Authors. 2023. LibxBGP. (2023). https://github.com/pluginized-protocols/libxbgp.Google Scholar
Mathieu Xhonneux and Olivier Bonaventure. 2018. Flexible failure detection and fast reroute using eBPF and SRv6. In 2018 14th International Conference on Network and Service Management (CNSM). IEEE, 408--413.Google Scholar
Mathieu Xhonneux, Fabien Duchene, and Olivier Bonaventure. 2018. Leveraging ebpf for programmable network functions with ipv6 segment routing. In Proceedings of the 14th International Conference on emerging Networking EXperiments and Technologies. 67--72.Google ScholarDigital Library
Bennet Yee, David Sehr, Gregory Dardyk, J. Bradley Chen, Robert Muth, Tavis Ormandy, Shiki Okasaka, Neha Narula, and Nicholas Fullagar. 2009. Native Client: A Sandbox for Portable, Untrusted x86 Native Code. In 2009 30th IEEE Symposium on Security and Privacy. 79--93. ISSN: 2375-1207. Google ScholarDigital Library
Jianer Zhou, Xinyi Qiu, Zhenyu Li, Gareth Tyson, Qing Li, Jingpu Duan, and Yi Wang. 2021. Antelope: A framework for dynamic selection of congestion control algorithms. In 2021 IEEE 29th International Conference on Network Protocols (ICNP). IEEE, 1--11.Google ScholarCross Ref

Index Terms

On Integrating eBPF into Pluginized Protocols
1. Networks

Recommendations

Understanding the Security of Linux eBPF Subsystem
APSys '23: Proceedings of the 14th ACM SIGOPS Asia-Pacific Workshop on Systems

Linux eBPF allows a userspace application to execute code inside the Linux kernel without modifying the kernel code or inserting a kernel module. An in-kernel eBPF verifier pre-verifies any untrusted eBPF bytecode before running it in kernel context. ...
Read More
Fast In-kernel Traffic Sketching in eBPF

The extended Berkeley Packet Filter (eBPF) is an infrastructure that allows to dynamically load and run micro-programs directly in the Linux kernel without recompiling it.

In this work, we study how to develop high-performance network measurements in ...
Read More
Verifying the Verifier: eBPF Range Analysis Verification
Computer Aided Verification
Abstract
This paper proposes an automated method to check the correctness of range analysis used in the Linux kernel ’s eBPF verifier. We provide the specification of soundness for range analysis performed by the eBPF verifier. We automatically generate ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM SIGCOMM Computer Communication Review Volume 53, Issue 3
October 2023
22 pages
ISSN:0146-4833
DOI:10.1145/3649171
Editor:
Steve Uhlig
Queen Mary, Univ. of London
Issue’s Table of Contents
Copyright © 2024 Copyright is held by the owner/author(s)
Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 20 February 2024
Check for updates
Author Tags
BGP
QUIC
eBPF
network architecture
plugin
protocol operation
Qualifiers
- research-article
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 0
  Total Citations
  View Citations
- 89
  Total Downloads
- Downloads (Last 12 months)89
- Downloads (Last 6 weeks)39
Other Metrics
View Author Metrics
Cited By
This publication has not been cited yet

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

On Integrating eBPF into Pluginized Protocols

ACM SIGCOMM Computer Communication Review

Abstract

References

Cited By

Index Terms

Recommendations

Understanding the Security of Linux eBPF Subsystem

Fast In-kernel Traffic Sketching in eBPF

Verifying the Verifier: eBPF Range Analysis Verification