ebpf debugging infrastructure current techniques and
play

eBPF Debugging Infrastructure Current Techniques and Additional - PowerPoint PPT Presentation

May 01, 2023 •487 likes •628 views

BPF Microconference 2018-11-15 eBPF Debugging Infrastructure Current Techniques and Additional Proposals Quentin Monnet <quentin.monnet@netronome.com> Debugging Infrastructure What do we want to debug, troubleshoot? To achieve

  1. BPF Microconference • 2018-11-15 eBPF Debugging Infrastructure • Current Techniques and Additional Proposals Quentin Monnet <quentin.monnet@netronome.com>

  2. Debugging Infrastructure What do we want to debug, troubleshoot? To achieve this: Q. Monnet | eBPF Debugging Infrastructure 2/9 • What debugging tools and methods are available? • What is missing?

  3. Q. Monnet | eBPF Debugging Infrastructure What to Debug: Many Levels 3/9 Compile time User space programming Load time User space Kernel Veri fi er development JIT-compiling Kernel Runtime Hardware Agilio SmartNIC

  4. Compile Time Objectives: Make sure the eBPF bytecode is generated as intended when compiling from C to eBPF We have: LLVM backend: compilation llvm-objdump: dump generated bytecode eBPF assembly (LLVM): hack a sequence of instructions Q. Monnet | eBPF Debugging Infrastructure 4/9

  5. Load Time Objectives: Load the program and make it pass the verifier, or understand why it is rejected We have: libbpf / ip / tc : load or list programs libbpf / bpftool (and tc to some extent): eBPF object management Output from verifier logs, kernel logs, extack messages Documentation (filter.txt, Cilium guide) What about: Checking what loads: bpftool prog probe my_file.o (work in progress, idea from Daniel) man pages ( bpf(2) or tc-bpf(8) are badly outdated) Troubleshooting F.A.Q.? (e.g. some items already in filter.txt) Q. Monnet | eBPF Debugging Infrastructure 5/9

  6. Runtime (Limited user space eBPF virtual machines) Q. Monnet | eBPF Debugging Infrastructure Debugger: break points, possibility to dump registers / stack / context? What about: tools/bpf/bpf_dbg.c (cBPF) Objectives: Hooks in binutils-gdb, but no simulator support bpf_trace_printk() , perf events: print items, data Readability improved with BTF bpftool: introspection for maps / programs, object management We have: when processing network packets Understand why a program does not run as intended, for example 6/9 • Complete support in GDB? • Anything doable with LLDB? But how to pass packet data? • Extend BPF_PROG_TEST_RUN infrastructure? (idea: Daniel)

  7. Kernel Development Objectives: Improve the eBPF architecture in the kernel, without breaking existing features We have: Selftests: verifier, test programs Samples programs BPF_PROG_TEST_RUN infrastructure KASAN, syzkaller What about: Having all JITs built-in, dump (then test) images for all architectures (idea: Daniel) Q. Monnet | eBPF Debugging Infrastructure 7/9

  8. User Space Programming Objectives: Debug or enhance a program managing eBPF objects Generally improve eBPF support in the toolchain We have: strace , valgrind support: tracing system calls, memory checks What about: Probing kernel for features (with bpftool)? (idea: Daniel) Bytecode generation: ethtool n-tuples (in progress), libpcap? Q. Monnet | eBPF Debugging Infrastructure 8/9

  9. Thank you! Discussion What do you feel is missing for debugging eBPF? Q. Monnet | eBPF Debugging Infrastructure 9/9

  10. Backup: Dump All JIT Images Kernel JITs: ARM64, ARM32, PowerPC64, s390, Sparc64, MIPS, x86_64, x86_32 Offload: NFP Objectives: Test images for all architectures Find bugs or low hanging perf improvements Idea (Daniel) : All JIT built-in in the kernel Pass a flag to bpf(PROG_LOAD, ...) to JIT-compile for all arch Pass a flag to bpf(OBJ_GET_INFO_BY_ID, ...) to dump all images Simulate execution on several architectures Add tools/ to bootstrap VMs to test the images? Q. Monnet | eBPF Debugging Infrastructure 10/9

  11. Backup: Extend BPF_PROG_TEST_RUN data_out; Q. Monnet | eBPF Debugging Infrastructure Maybe a front-end loader? bpftool? Add fields or buffer to dump internal state: register values, stack, data? Add a field to pass break points (insn number, program entry point?) Idea: Fields data_out , data_out_size , retval , duration are filled by kernel } test; duration; __u32 repeat; __u32 __aligned_u64 Member in union bpf_attr for bpf(BPF_PROG_TEST_RUN, attr, size) : data_in; __aligned_u64 data_size_out; __u32 data_size_in; __u32 retval; __u32 prog_fd; __u32 struct { /* anonymous struct used by BPF_PROG_TEST_RUN command */ 11/9

  12. Backup: Probe Kernel with Bpftool /* HAVE_STACK_MAP_TYPE is not set */ Q. Monnet | eBPF Debugging Infrastructure /* HAVE_BPF_MSG_PUSH_DATA_HELPER is not set */ ... #define HAVE_BPF_MAP_UPDATE_ELEM_HELPER #define HAVE_BPF_MAP_LOOKUP_ELEM_HELPER /* eBPF helper functions */ ... #define HAVE_ARRAY_MAP_TYPE #define HAVE_HASH_MAP_TYPE /* eBPF map types */ ... Example output: #define HAVE_KPROBE_PROG_TYPE #define HAVE_SOCKET_FILTER_PROG_TYPE /* eBPF program types */ #define LINUX_VERSION_CODE 267008 #define JIT_COMPILER_KALLSYMS 0 #define JIT_COMPILER_HARDEN 0 #define JIT_COMPILER_ENABLE 0 #define UNPRIVILEGED_BPF_DISABLED 0 #define HAVE_BPF_SYSCALL /* System configuration */ # bpftool kernel probe 12/9

  13. Backup: Generate eBPF with Libpcap / Ethtool Syntax (004) ldh Q. Monnet | eBPF Debugging Infrastructure <drop incoming SSH packets on a server> # ethtool --config-ntuple eth0 flow-type tcp dst-port 22 action -1 ethtool: implement a library to turn such rules into eBPF programs #0 (019) ret ... jf 6 jt 18 #0x16 (005) jeq [54] jf 19 libpcap: patch the library or create an equivalent to use a similar jt 4 #0x6 (003) jeq [20] (002) ldb jf 8 jt 2 #0x86dd (001) jeq [12] (000) ldh # tcpdump -d ”port ssh” syntax to produce eBPF programs 13/9

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Debugging Techniques for C Programs Debugging Basics Will focus on the gcc/gdb combination.

Debugging Techniques for C Programs Debugging Basics Will focus on the gcc/gdb combination.

Debugging Techniques for C Programs Debugging Basics Will focus on the gcc/gdb combination. Will also talk about the ddd gui for gdb (lots of value added to gdb). First, debugging in the abstract: Program state is a snapshot

475 views • 20 slides
Embedded Software TI2726-B 8. Debugging techniques Koen Langendoen Embedded Software Group

Embedded Software TI2726-B 8. Debugging techniques Koen Langendoen Embedded Software Group

Embedded Software TI2726-B 8. Debugging techniques Koen Langendoen Embedded Software Group Grace Hopper 1947 2 Overview Debugging techniques Debugging a distributed system Preparation for the exam Debugging Write good code!

733 views • 45 slides
Debugging Techniques for Drupal TexasCamp 2016

Debugging Techniques for Drupal TexasCamp 2016

Debugging Techniques for Drupal TexasCamp 2016 https://www.texascamp.org/sessions/debugging-techniques-drupal-and-other-web- applications Rob Ristroph Technical Architect, Acquia @robgr History My first Drupal Camp talk (in Dallas!)

630 views • 25 slides
eBPF Offload to Hardware: cls_bpf and XDP Motivation - Avoiding Whack-a-mole Motivation - Why

eBPF Offload to Hardware: cls_bpf and XDP Motivation - Avoiding Whack-a-mole Motivation - Why

eBPF Offload to Hardware: cls_bpf and XDP Motivation - Avoiding Whack-a-mole Motivation - Why eBPF? Target architecture (NFP based NIC) RX Path Flow of eBPF Packet The Flow Processing Core (Fully Programmable) Mapping eBPF -&gt; NFP

668 views • 24 slides
Endless Network Programming An Update from eBPF Land Quentin Monnet @qeole Outline Q.

Endless Network Programming An Update from eBPF Land Quentin Monnet @qeole Outline Q.

FOSDEM20 Brussels, 2020-02-01 Endless Network Programming An Update from eBPF Land Quentin Monnet @qeole Outline Q. Monnet eBPF Update 2/18 eBPF Basics New Features eBPF Universe eBPF Basics Q. Monnet

531 views • 18 slides
Kernel debugging Tools to understand whatever it is that is happening in there Dominique

Kernel debugging Tools to understand whatever it is that is happening in there Dominique

Kernel debugging Tools to understand whatever it is that is happening in there Dominique Martinet CEA January 9, 2020 CEA | January 9, 2020 | PAGE 1/75 Introduction 1 Foreword Hands on setup Crash 2 3 Perf SystemTap 4 eBPF:

1.43k views • 85 slides
Debugging Debugging with High Level Languages Same goals as low-level debugging Examine and

Debugging Debugging with High Level Languages Same goals as low-level debugging Examine and

Chapter 15 Debugging Debugging with High Level Languages Same goals as low-level debugging Examine and set values in memory Execute portions of program Stop execution when (and where) desired Want debugging tools to operate on

274 views • 9 slides
eBPF and XDP walkthrough and recent updates Daniel Borkmann &lt;daniel@iogearbox.net&gt; cilium

eBPF and XDP walkthrough and recent updates Daniel Borkmann &lt;daniel@iogearbox.net&gt; cilium

eBPF and XDP walkthrough and recent updates Daniel Borkmann &lt;daniel@iogearbox.net&gt; cilium project fosdem17, February 4, 2017 Daniel Borkmann eBPF in tcs cls bpf and XDP February 4, 2017 1 / 11 Big Picture: eBPF and Networking eBPF:

476 views • 11 slides
Improved Debugging Using Automatic Fault-localization Techniques Mary Jean Harrold ADVANCE

Improved Debugging Using Automatic Fault-localization Techniques Mary Jean Harrold ADVANCE

Improved Debugging Using Automatic Fault-localization Techniques Mary Jean Harrold ADVANCE Professor of Computing Georgia Institute of Technology Supported by NSF, NASA Boeing Commercial Airplanes, Tata Consultancy Services MASPLAS 2007 My

736 views • 44 slides
Debugging Debugging Tools Module Overview Introduction to Debugging Problems in Production

Debugging Debugging Tools Module Overview Introduction to Debugging Problems in Production

Welcome to Advanced .NET Debugging Debugging Tools Module Overview Introduction to Debugging Problems in Production Challenges in debugging Production issues Production Environment Debugging Timeline Tools for .NET Debugging Review 3

622 views • 47 slides
Beyond per-CPU atomics and rseq syscall: subset of eBPF bytecode for the do_on_cpu syscall

Beyond per-CPU atomics and rseq syscall: subset of eBPF bytecode for the do_on_cpu syscall

Linux Plumbers Conference 2019 eBPF conf Beyond per-CPU atomics and rseq syscall: subset of eBPF bytecode for the do_on_cpu syscall mathieu.desnoyers@efcios.com Restartable Sequences (RSEQ) in a nutshell System call registering

457 views • 9 slides
Model verification and debugging of EOO models aided by model reduction techniques Anton Sodja,

Model verification and debugging of EOO models aided by model reduction techniques Anton Sodja,

Model verification and debugging of EOO models aided by model reduction techniques Anton Sodja, Borut Zupan ci c EOOLT10, Oslo, 3. 10. 2010 Introduction Model verification assures that implemented model corresponds to the conceptual

562 views • 17 slides
Bri Bring nging ng the the Power r of eB eBPF to to Open vSwitch ch Linux Plumber 2018

Bri Bring nging ng the the Power r of eB eBPF to to Open vSwitch ch Linux Plumber 2018

Bri Bring nging ng the the Power r of eB eBPF to to Open vSwitch ch Linux Plumber 2018 William Tu, Joe Stringer, Yifeng Sun, Yi-Hung Wei VMware Inc. and Cilium.io 1 Outline Introduction and Motivation OVS-eBPF Project

429 views • 39 slides
Bri Bring nging ng the the Power r of eB eBPF to to Open vSwitch ch Linux Plumber 2018

Bri Bring nging ng the the Power r of eB eBPF to to Open vSwitch ch Linux Plumber 2018

Bri Bring nging ng the the Power r of eB eBPF to to Open vSwitch ch Linux Plumber 2018 William Tu, Joe Stringer, Yifeng Sun, Yi-Hung Wei VMware Inc. and Cilium.io 1 Outline Introduction and Motivation OVS-eBPF Project

612 views • 45 slides
Replacing iptables with eBPF in Kubernetes with Cilium Cilium, eBPF, Envoy, Istio, Hubble Michal

Replacing iptables with eBPF in Kubernetes with Cilium Cilium, eBPF, Envoy, Istio, Hubble Michal

Replacing iptables with eBPF in Kubernetes with Cilium Cilium, eBPF, Envoy, Istio, Hubble Michal Rostecki Swaminathan Vasudevan Software Engineer Software Engineer mrostecki@suse.com svasudevan@suse.com mrostecki@opensuse.org Whats

2.06k views • 52 slides
Visual Debugging Software What is Debugging Visualization Visualizing

Visual Debugging Software What is Debugging Visualization Visualizing

Visual Debugging Software What is Debugging Visualization Visualizing Program State Incremental interactive unfolding (DDD) Visual Memory Abstract representations (traversal-based) Debugging Focusing: memory

433 views • 5 slides
An SVM- -based Masquerade Detection based Masquerade Detection An SVM Method with Online Update

An SVM- -based Masquerade Detection based Masquerade Detection An SVM Method with Online Update

An SVM- -based Masquerade Detection based Masquerade Detection An SVM Method with Online Update Using Method with Online Update Using Co- -occurrence Matrix occurrence Matrix Co Liangwen Chen, Masayoshi Chen, Masayoshi Aritsugi Aritsugi

611 views • 27 slides
SMB debugging tools the art of hair pulling Aurlien Aptel &lt;aaptel@suse.com&gt; SUSE Who am

SMB debugging tools the art of hair pulling Aurlien Aptel &lt;aaptel@suse.com&gt; SUSE Who am

SMB debugging tools the art of hair pulling Aurlien Aptel &lt;aaptel@suse.com&gt; SUSE Who am I? Aurlien Aptel Work in SUSE, Samba Team Focus on SMB kernel client aka cifs.ko Cifs-utils, Wireshark, Pike, ... 2 What

575 views • 28 slides
Consistent Views at Recommended Breakpoints (bis) Alexandre Oliva aoliva@redhat.com

Consistent Views at Recommended Breakpoints (bis) Alexandre Oliva aoliva@redhat.com

1 Consistent Views at Recommended Breakpoints (bis) Alexandre Oliva aoliva@redhat.com http://identi.ca/lxoliva/ http://people.redhat.com/~aoliva/ GNU Tools Cauldron, 2017 Consistent Views at Recommended Breakpoints (bis) Alexandre Oliva 2

378 views • 13 slides
How to design a Baseband debugger SSTIC 2020 June the 3rd Synacktiv David Berard, Vincent

How to design a Baseband debugger SSTIC 2020 June the 3rd Synacktiv David Berard, Vincent

How to design a Baseband debugger SSTIC 2020 June the 3rd Synacktiv David Berard, Vincent Fargues Table of Contents 1 Introduction Shannon architecture 2 Debugger injection Conclusion 3 6 Debugger development 4 Examples of use 5

807 views • 79 slides
On Failure Diagnosis of the Storage Stack Duo Zhang , Om Rameshwar Gatla, Runzhou Han, Mai Zheng

On Failure Diagnosis of the Storage Stack Duo Zhang , Om Rameshwar Gatla, Runzhou Han, Mai Zheng

Data Storage Lab On Failure Diagnosis of the Storage Stack Duo Zhang , Om Rameshwar Gatla, Runzhou Han, Mai Zheng Iowa State University Storage System Failures Are Troublesome 2 Data Storage Lab Existing Efforts Are Not Enough Mostly

498 views • 23 slides
Introduction to a microkernel microkernel maybe self supporting initially they are built on a host

Introduction to a microkernel microkernel maybe self supporting initially they are built on a host

slide 1 gaius Introduction to a microkernel microkernel maybe self supporting initially they are built on a host and downloaded to a target during Operating systems we will be developing a microkernel which has been written in: Modula-2, C and

526 views • 28 slides
CS527 Software Security Reverse Engineering Mathias Payer Purdue University, Spring 2018

CS527 Software Security Reverse Engineering Mathias Payer Purdue University, Spring 2018

CS527 Software Security Reverse Engineering Mathias Payer Purdue University, Spring 2018 Mathias Payer CS527 Software Security Basics: encodings Code is data is code is data Learn to read hex numbers: 0x38 == 0011'1000 Python:

710 views • 49 slides
C Programming Basics GCC 8.2.0 &amp; GDB 8.1.1 nike.cs.uga.edu brew macOS gcc-8

C Programming Basics GCC 8.2.0 &amp; GDB 8.1.1 nike.cs.uga.edu brew macOS gcc-8

8/21/18 C Programming Basics GCC 8.2.0 &amp; GDB 8.1.1 nike.cs.uga.edu brew macOS gcc-8 brew install gcc, or brew upgrade gcc Also need Xcode CLT xcode-select install Brew info gcc brew install gdb

399 views • 15 slides

More recommend