发布求助
文献互助 智能选刊 最新文献

Proceedings of the 1st Workshop on eBPF and Kernel Extensions最新文献

筛选
英文 中文
PRAVEGA: Scaling Private 5G RAN via eBPF/XDP PRAVEGA:通过eBPF/XDP扩展私有5G RAN
Proceedings of the 1st Workshop on eBPF and Kernel Extensions Pub Date : 2023-09-10 DOI: 10.1145/3609021.3609303
Udhaya Kumar Dayalan, Ziyan Wu, Gaurav Gautam, Feng Tian, Zhi-Li Zhang
{"title":"PRAVEGA: Scaling Private 5G RAN via eBPF/XDP","authors":"Udhaya Kumar Dayalan, Ziyan Wu, Gaurav Gautam, Feng Tian, Zhi-Li Zhang","doi":"10.1145/3609021.3609303","DOIUrl":"https://doi.org/10.1145/3609021.3609303","url":null,"abstract":"We exploit eBPF+XDP to scale and accelerate software packet processing in (O-RAN compliant) disaggregated 5G RAN (Radio Access Network). We argue that the Central Unit User Plane (CU-UP) component is likely the bottleneck in the 5G RAN user plane data path and therefore focuses on optimizing its performance. We propose an eBPF/XDP-based framework, PRAVEGA, and discuss additional options for further improvements.","PeriodicalId":206230,"journal":{"name":"Proceedings of the 1st Workshop on eBPF and Kernel Extensions","volume":"241 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122472131","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Enabling eBPF on Embedded Systems Through Decoupled Verification 通过解耦验证在嵌入式系统上实现eBPF
Proceedings of the 1st Workshop on eBPF and Kernel Extensions Pub Date : 2023-09-10 DOI: 10.1145/3609021.3609299
Milo Craun, Adam Oswald, Daniel W. Williams
{"title":"Enabling eBPF on Embedded Systems Through Decoupled Verification","authors":"Milo Craun, Adam Oswald, Daniel W. Williams","doi":"10.1145/3609021.3609299","DOIUrl":"https://doi.org/10.1145/3609021.3609299","url":null,"abstract":"eBPF (Extended Berkeley Packet Filter) is a Linux kernel subsystem that aims to allow developers to write safe and efficient kernel extensions by employing an in-kernel verifier and just-in-time compiler (JIT). We find that verification is prohibitively expensive for resource-constrained embedded systems. To solve this we describe a system that allows for verification to occur outside of the embedded kernel and before BPF program load time. The in-kernel verifier and JIT are coupled so they must be decoupled together. A designated verifier kernel accepts a BPF program, then verifies, compiles, and signs a native precompiled executable. The executable can then be loaded onto an embedded device without needing the verifier and JIT on the embedded device. Decoupling verification and JIT from load-time opens the door to much more than running BPF programs on embedded devices. It allows larger and more expressive BPF programs to be verified, provides a way for new approaches to verification to be used without extensive kernel modification and creates the possibility for BPF program verification as a service.","PeriodicalId":206230,"journal":{"name":"Proceedings of the 1st Workshop on eBPF and Kernel Extensions","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114694264","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Supercharge WebRTC: Accelerate TURN Services with eBPF/XDP Supercharge WebRTC:利用eBPF/XDP加速转弯服务
Proceedings of the 1st Workshop on eBPF and Kernel Extensions Pub Date : 2023-09-10 DOI: 10.1145/3609021.3609296
Tamás Lévai, B. Kreith, G. Rétvári
{"title":"Supercharge WebRTC: Accelerate TURN Services with eBPF/XDP","authors":"Tamás Lévai, B. Kreith, G. Rétvári","doi":"10.1145/3609021.3609296","DOIUrl":"https://doi.org/10.1145/3609021.3609296","url":null,"abstract":"Real-time communication (RTC) services, from videoconferencing to cloud gaming and remote rendering, are everywhere. WebRTC, an enabler technology for these applications, traditionally relies on a comprehensive NAT traversal protocol suite, most importantly, TURN, to interconnect clients and media servers behind NATs and firewalls. With the demise of residential public IP addresses, these massive-scale TURN services have become an indispensable component of WebRTC applications. Traditionally implemented as multi-protocol user-space packet relays, TURN servers are notoriously resource hungry. In this paper, we propose an eBPF/XDP offload engine to improve TURN server performance. We design a reusable eBPF/XDP TURN offload architecture, create a prototype on top of pion/turn, a popular WebRTC framework written in Go, and show on a fully functional WebRTC testbed that our offload significantly improves throughput and, more importantly, delay, by 2-3x compared to the state-of-the-art.","PeriodicalId":206230,"journal":{"name":"Proceedings of the 1st Workshop on eBPF and Kernel Extensions","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117045903","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Schooling NOOBs with eBPF 用eBPF培训新手
Proceedings of the 1st Workshop on eBPF and Kernel Extensions Pub Date : 2023-09-10 DOI: 10.1145/3609021.3609302
J. Sommers, Nolan Rudolph, Ramakrishnan Durairajan
{"title":"Schooling NOOBs with eBPF","authors":"J. Sommers, Nolan Rudolph, Ramakrishnan Durairajan","doi":"10.1145/3609021.3609302","DOIUrl":"https://doi.org/10.1145/3609021.3609302","url":null,"abstract":"While networks have evolved in profound ways, the tools to measure them from end hosts have not kept pace. State-of-the-art tools are ill-suited for elucidating observed network performance impairments and path dynamics, and are susceptible to operational policies of the network. Consequently, the semantic gap between the application-view of network performance vs. actual conditions has resulted in network oblivious (NOOB) systems and applications. To address this NOOB problem, we examine the Extended Berkeley Packet Filter (eBPF) as a new way to improve the practice of gathering fine-grained network telemetry from the edge. More specifically, by leveraging the safe and efficient in-kernel programming mechanism of eBPF, we design a high-performance telemetry framework called nooBpf with two tools---namely noobprobe and noobflow---to quantify the actual network performance from end hosts and offer unprecedented insights into the flow-level performance, including in-network queuing and routing-induced delays. We illustrate the potential of these two tools to address the NOOB problem through a variety of experiments. The results of our experiments strongly suggest eBPF as a promising foundation for high-performance telemetry and for addressing the NOOB problem.","PeriodicalId":206230,"journal":{"name":"Proceedings of the 1st Workshop on eBPF and Kernel Extensions","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133695030","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Comparing Security in eBPF and WebAssembly 比较eBPF和WebAssembly的安全性
Proceedings of the 1st Workshop on eBPF and Kernel Extensions Pub Date : 2023-09-10 DOI: 10.1145/3609021.3609306
Jules Dejaeghere, Bolaji Gbadamosi, T. Pulls, F. Rochet
{"title":"Comparing Security in eBPF and WebAssembly","authors":"Jules Dejaeghere, Bolaji Gbadamosi, T. Pulls, F. Rochet","doi":"10.1145/3609021.3609306","DOIUrl":"https://doi.org/10.1145/3609021.3609306","url":null,"abstract":"This paper examines the security of eBPF and WebAssembly (Wasm), two technologies that have gained widespread adoption in recent years, despite being designed for very different use cases and environments. While eBPF is a technology primarily used within operating system kernels such as Linux, Wasm is a binary instruction format designed for a stack-based virtual machine with use cases extending beyond the web. Recognizing the growth and expanding ambitions of eBPF, Wasm may provide instructive insights, given its design around securely executing arbitrary untrusted programs in complex and hostile environments such as web browsers and clouds. We analyze the security goals, community evolution, memory models, and execution models of both technologies, and conduct a comparative security assessment, exploring memory safety, control flow integrity, API access, and side-channels. Our results show that eBPF has a history of focusing on performance first and security second, while Wasm puts more emphasis on security at the cost of some runtime overheads. Considering language-based restrictions for eBPF and a security model for API access are fruitful directions for future work.","PeriodicalId":206230,"journal":{"name":"Proceedings of the 1st Workshop on eBPF and Kernel Extensions","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132049200","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
On Augmenting TCP/IP Stack via eBPF 利用eBPF扩展TCP/IP栈的研究
Proceedings of the 1st Workshop on eBPF and Kernel Extensions Pub Date : 2023-09-10 DOI: 10.1145/3609021.3609300
Sepehr Abbasi Zadeh, Ali Munir, M. Bahnasy, Shiva Ketabi, Y. Ganjali
{"title":"On Augmenting TCP/IP Stack via eBPF","authors":"Sepehr Abbasi Zadeh, Ali Munir, M. Bahnasy, Shiva Ketabi, Y. Ganjali","doi":"10.1145/3609021.3609300","DOIUrl":"https://doi.org/10.1145/3609021.3609300","url":null,"abstract":"As the data center networks' bandwidth-delay product is increasing and the applications are moving to nano services (with many small flows), managing flows in the network is becoming more challenging. Current TCP/IP stack faces fundamental limitations to meet these challenges. First, it lacks the ability to accurately estimate the network state under dynamic network settings. Second, the current stack is not flexible enough to be extended easily. In this work, we propose a framework, Augmenter, that augments (i.e., increases the network visibility of) the TCP/IP stack to address these challenges. Leveraging eBPF, Augmenter gathers the state of ongoing flows and uses this information to manage other flows that are currently active or arriving in the future. We present one specific use case of setting the initial congestion window of flows dynamically based on network conditions. Our initial tests, show that Augmenter can improve the application performance by up to 1.4x compared to the fixed initial window-based solutions. Implementing Augmenter in the TCP/IP stack itself is not trivial. Augmenter employs eBPF to implement its desired functionality as it enables introducing such changes relatively easy. We discuss potential challenges and solutions in designing and implementing Augmenter applications.","PeriodicalId":206230,"journal":{"name":"Proceedings of the 1st Workshop on eBPF and Kernel Extensions","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116197306","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
eXpress Data Path Extensions for High-Capacity 5G User Plane Functions 支持5G大容量用户平面功能的eXpress数据路径扩展
Proceedings of the 1st Workshop on eBPF and Kernel Extensions Pub Date : 2023-09-10 DOI: 10.1145/3609021.3609298
Christian Scheich, M. Corici, Hauke Buhr, T. Magedanz
{"title":"eXpress Data Path Extensions for High-Capacity 5G User Plane Functions","authors":"Christian Scheich, M. Corici, Hauke Buhr, T. Magedanz","doi":"10.1145/3609021.3609298","DOIUrl":"https://doi.org/10.1145/3609021.3609298","url":null,"abstract":"In 5th Generation mobile networks, a dedicated User Plane Function (UPF) is responsible for connecting users in the Access Networks with the destination networks. In this work, we extend the UPF with eXpress Data Path enhancements to speed up the forwarding of user plane traffic in the GPRS Tunneling Protocol (GTP-U). Also, we develop a Receive Side Scaling method in XDP based on GTP-U header information to distribute incoming uplink traffic to the available CPUs.","PeriodicalId":206230,"journal":{"name":"Proceedings of the 1st Workshop on eBPF and Kernel Extensions","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121833987","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
TCP's Third Eye: Leveraging eBPF for Telemetry-Powered Congestion Control TCP的第三只眼睛:利用eBPF进行遥测供电的拥塞控制
Proceedings of the 1st Workshop on eBPF and Kernel Extensions Pub Date : 2023-09-10 DOI: 10.1145/3609021.3609295
Jörn-Thorben Hinz, Vamsi Addanki, Csaba Györgyi, Theo Jepsen, Stefan Schmid
{"title":"TCP's Third Eye: Leveraging eBPF for Telemetry-Powered Congestion Control","authors":"Jörn-Thorben Hinz, Vamsi Addanki, Csaba Györgyi, Theo Jepsen, Stefan Schmid","doi":"10.1145/3609021.3609295","DOIUrl":"https://doi.org/10.1145/3609021.3609295","url":null,"abstract":"For years, congestion control algorithms have been navigating in the dark, blind to the actual state of the network. They were limited to the course-grained signals that are visible from the OS kernel, which are measured locally (e.g., RTT) or hints of imminent congestion (e.g., packet loss and ECN). As applications and OSs are becoming ever more distributed, it is only natural that the kernel have visibility beyond the host, into the network fabric. Network switches already collect telemetry, but it has been impractical to export it for the end-host to react. Although some telemetry-based solutions have been proposed, they require changes to the end-host, like custom hardware or new protocols and network stacks. We address the challenges of efficiency and protocol compatibility, showing that it is possible and practical to run telemetry-based congestion control algorithms in the kernel. We designed a framework that uses eBPF to run CCAs that can execute different control laws by selecting different types of telemetry. It can be deployed in brownfield environments, without requiring all switches be telemetry-enabled, or kernel recompilation at the end-hosts. When our eBPF program is deployed on hosts without hardware or OS changes, TCP incast workloads experience less queuing (thus lower latency), faster convergence and better fairness.","PeriodicalId":206230,"journal":{"name":"Proceedings of the 1st Workshop on eBPF and Kernel Extensions","volume":"57 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116468893","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
RingGuard: Guard io_uring with eBPF RingGuard:使用eBPF保护io_uring
Proceedings of the 1st Workshop on eBPF and Kernel Extensions Pub Date : 2023-09-10 DOI: 10.1145/3609021.3609304
Wanning He, Hongyi Lu, Fengwei Zhang, Shuai Wang
{"title":"RingGuard: Guard io_uring with eBPF","authors":"Wanning He, Hongyi Lu, Fengwei Zhang, Shuai Wang","doi":"10.1145/3609021.3609304","DOIUrl":"https://doi.org/10.1145/3609021.3609304","url":null,"abstract":"io_uring offers a flexible yet efficient asynchronous I/O paradigm for Linux. Despite a significant performance improvement, it also brings many security concerns to the kernel. Not only does io_uring itself contain multiple vulnerabilities, but it can also be used to bypass existing security mechanisms such as seccomp. To address these problems, this paper proposes a security mechanism named RingGuard that safeguards io_uring with eBPF programs. RingGuard is carefully designed to reduce the overhead of I/O request submission and to ensure the security of inserted eBPF programs. Our evaluation shows that RingGuard provides encouraging security benefits with moderate overhead. For instance, the overhead of RingGuard in file I/O scenarios is merely 7.8%.","PeriodicalId":206230,"journal":{"name":"Proceedings of the 1st Workshop on eBPF and Kernel Extensions","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131139954","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Network Profiles for Detecting Application-Characteristic Behavior Using Linux eBPF 基于Linux eBPF检测应用特征行为的网络配置文件
Proceedings of the 1st Workshop on eBPF and Kernel Extensions Pub Date : 2023-09-10 DOI: 10.1145/3609021.3609294
L. Wüstrich, Markus Schacherbauer, Markus Budeus, Dominik Freiherr von Künßberg, Sebastian Gallenmüller, Marc-Oliver Pahl, G. Carle
{"title":"Network Profiles for Detecting Application-Characteristic Behavior Using Linux eBPF","authors":"L. Wüstrich, Markus Schacherbauer, Markus Budeus, Dominik Freiherr von Künßberg, Sebastian Gallenmüller, Marc-Oliver Pahl, G. Carle","doi":"10.1145/3609021.3609294","DOIUrl":"https://doi.org/10.1145/3609021.3609294","url":null,"abstract":"Applications often show unique communication behavior. Knowledge about this behavior is beneficial in various use cases, such as anomaly or dependency detection. In this paper, we present network profiles that characterize typical application behavior. This requires a reliable and accurate association of processes and applications, which is challenging. We, therefore, introduce an eBPF-based matcher for this task that enables the creation of network profiles. In our evaluation we show that eBPF allows us to efficiently collect the relevant data to build application profiles, addressing issues of other data collection approaches. We further evaluate our work by using a network profile to identify emulated botnet activity masqueraded as a benign process.","PeriodicalId":206230,"journal":{"name":"Proceedings of the 1st Workshop on eBPF and Kernel Extensions","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126791517","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信