October 10, 2022 2:00PM
Assembly within! BPF tail calls on x86 and ARM
We have first adopted the BPF tail calls when building our XDP-based packet processing pipeline. BPF tail calls have served us well since then. But they do have their caveats...
February 04, 2022 1:58PM
Missing Manuals - io_uring worker pool
Chances are you might have heard of io_uring. It first appeared in Linux 5.1, back in 2019, and was advertised as the new API for asynchronous I/O. Its goal was to be an alternative to the deemed-to-be-broken-beyond-repair AIO, the “old” asynchronous I/O API...
November 03, 2021 2:37PM
The tale of a single register value
It’s not every day that you get to debug what may well be a packet of death. It was certainly the first time for me. What do I mean by “a packet of death”? A software bug where the network stack crashes in reaction to a single received network packet, taking down the whole operating system with it....
March 04, 2021 12:00PM
Conntrack turns a blind eye to dropped SYNs
We have been dealing with conntrack, the connection tracking layer in the Linux kernel, for years. And yet, despite the collected know-how, questions about its inner workings occasionally come up. When they do, it is hard to resist the temptation to go digging for answers....
October 12, 2019 2:00PM
It's crowded in here!
We recently gave a presentation on Programming socket lookup with BPF at the Linux Plumbers Conference 2019 in Lisbon, Portugal. This blog post is a recap of the problem statement and proposed solution we presented....
May 03, 2019 2:00PM
eBPF can't count?!
It is unlikely we can tell you anything new about the extended Berkeley Packet Filter, eBPF for short, if you've read all the great man pages, docs, guides, and some of our blogs out there. But we can tell you a war story, who doesn't like those?...