An update on XDP and CPUMap.
Very interesting. The key is that eBPF programs can be attached to tracepoints.
Coming soon to a 4.11 kernel near you, eBPF maps that can do longest prefix matches for things like IP routing.
Recently, I’ve done some work with eBPF and specifically the in-kernel maps that are manipulated and shared by both kernel and user space code.
When doing this I ran into permission errors when installing large maps. It took a little while to figure out that the cause of this was the root user’s locked memory limit being too low (thanks Daniel Borkmann).
The locked memory limit is modified with ulimit:
ulimit -l unlimited