SLIDE 1
eBPF Offload to Hardware: cls_bpf and XDP Motivation - Avoiding - - PowerPoint PPT Presentation
eBPF Offload to Hardware: cls_bpf and XDP Motivation - Avoiding - - PowerPoint PPT Presentation
eBPF Offload to Hardware: cls_bpf and XDP Motivation - Avoiding Whack-a-mole Motivation - Why eBPF? Target architecture (NFP based NIC) RX Path Flow of eBPF Packet The Flow Processing Core (Fully Programmable) Mapping eBPF -> NFP
SLIDE 2
SLIDE 3
Motivation - Why eBPF?
SLIDE 4
Target architecture (NFP based NIC)
RX Path
SLIDE 5
Flow of eBPF Packet
SLIDE 6
The Flow Processing Core (Fully Programmable)
SLIDE 7
Mapping eBPF -> NFP
SLIDE 8
Programming Model
SLIDE 9
Kernel basics (before)
user space kernel space
BPF syscall
- program
- type (sk filter, kprobe, cls, xdp)
- license
- ...
verifier
fd host JIT
tc TC
cls_bpf modification
XDP ctrl
fd verification fd driver
RX TX XDP BPF prog
SLIDE 10
Kernel basics (flow no offload)
user space kernel space
BPF syscall
- program
- type (sk filter, kprobe, cls, xdp)
- license
- ...
verifier
fd host JIT
tc TC
cls_bpf modification
XDP ctrl
fd fd driver
RX TX XDP BPF prog s k b
verification
SLIDE 11
Kernel basics (after)
user space kernel space
BPF syscall
- program
- type (sk filter, kprobe, cls, xdp)
- license
- ...
verifier
fd host JIT
tc TC
cls_bpf modification
XDP ctrl
- ffload
- bject
fd, skip_* flags verification fd, skip_* flags driver
RX TX XDP
ndo setup tc
HW JIT / translator
stats & maps
BPF prog
SLIDE 12
Kernel basics (after)
user space kernel space
BPF syscall
- program
- type (sk filter, kprobe, cls, xdp)
- license
- ...
verifier
fd host JIT
tc TC
cls_bpf modification
XDP ctrl
- ffload
- bject
fd, skip_* flags fd, skip_* flags driver
RX TX XDP
ndo setup tc
HW JIT / translator
stats & maps
BPF prog
verification
SLIDE 13
Kernel basics (flow with offload)
user space kernel space
BPF syscall
- program
- type (sk filter, kprobe, cls, xdp)
- license
- ...
verifier
fd host JIT
tc TC
cls_bpf modification
XDP ctrl
- ffload
- bject
fd, skip_* flags fd, skip_* flags driver
RX TX XDP
ndo setup tc
HW JIT / translator
stats & maps
BPF prog
fallback
stats metadata
verification
SLIDE 14
Translation and loading
user space kernel space
BPF syscall
- program
- type (sk filter, kprobe, cls, xdp)
- license
- ...
verifier
fd host JIT
tc TC
cls_bpf modification
XDP ctrl
- ffload
- bject
fd, skip_* flags fd, skip_* flags driver
RX TX XDP
ndo setup tc
HW JIT / translator
stats & maps
BPF prog (1) Check HW capabilities and image parameters
verification
SLIDE 15
Translation and loading
user space kernel space
BPF syscall
- program
- type (sk filter, kprobe, cls, xdp)
- license
- ...
verifier
fd host JIT
tc TC
cls_bpf modification
XDP ctrl
- ffload
- bject
fd, skip_* flags fd, skip_* flags driver
RX TX XDP
ndo setup tc
HW JIT / translator
stats & maps
BPF prog (1) Check HW capabilities and image parameters (2) Re-run the verifier
verification
SLIDE 16
Translation and loading
user space kernel space
BPF syscall
- program
- type (sk filter, kprobe, cls, xdp)
- license
- ...
verifier
fd host JIT
tc TC
cls_bpf modification
XDP ctrl
- ffload
- bject
fd, skip_* flags fd, skip_* flags driver
RX TX XDP
ndo setup tc
HW JIT / translator
stats & maps
BPF prog (1) Check HW capabilities and image parameters (2) Re-run the verifier (3) Collect state/analyze
verification
SLIDE 17
Translation and loading
user space kernel space
BPF syscall
- program
- type (sk filter, kprobe, cls, xdp)
- license
- ...
verifier
fd host JIT
tc TC
cls_bpf modification
XDP ctrl
- ffload
- bject
fd, skip_* flags fd, skip_* flags driver
RX TX XDP
ndo setup tc
HW JIT / translator
stats & maps
BPF prog (1) Check HW capabilities and image parameters (2) Re-run the verifier (3) Collect state/analyze (4) Optimize (5) JIT/generate image (6) Load image
verification
SLIDE 18
Quick peek at the device path
device driver
RX TX XDP
ndo setup tc
HW JIT / translator
stats & maps kernel space
core core core core core core core Memory stats maps Data path core
packet data m descriptor ring bits in descriptors metadata in prepend
MAC0 MAC1 MAC2 MAC3
SLIDE 19
Operations and actions (done or near/mid term)
device driver
RX TX XDP
ndo setup tc
HW JIT / translator
stats & maps kernel space
core core core core core core core Memory stats maps core
packet data m descriptor ring bits in descriptors metadata in prepend
MAC0 MAC1 MAC2 MAC3 Data Path
SLIDE 20
Map plans and ideas
Use of map by offloaded program Map location Mechanism needed Read only Host + device copy update interception Read/write Device only update/read interception lock out map in kernel space Read + statistics gather update/read interception
- use verifier to check access types;
- add hooks in map code;
- add netdevice for binding the map to the device;
- read + statistics require further investigation;
- nly allow read/write offload for skip-sw programs.
SLIDE 21
Optimizations and verifier future work
SLIDE 22
Demo Links to eBPF Webinar Start of Webinar: https://www.youtube.com/watch?v=apU5sg0Ui5U Start of Demo: https://youtu.be/apU5sg0Ui5U?t=2003 Also Check out: http://open-nfp.org/the-classroom/
SLIDE 23
Summary
SLIDE 24
Kernel basics (after)
user space kernel space
BPF syscall
- program
- type (sk filter, kprobe, cls, xdp)
- license
- ...
verifier
fd host JIT
tc TC
cls_bpf
driver
modification
RX path TX path XDP XDP ctrl
ndo setup tc
- ffload
- bject
fd, skip_* flags
HW JIT / translator
translation verification fd, skip_* flags
BPF prog