Tag: Linux
-
Linux network sysctls
https://github.com/leandromoreira/linux-network-performance-parameters The QDisc section isn’t correct but it is a good overview.
-
New kernel releases and security
From https://lwn.net/Articles/743363/ Meltdown and Spectre provide more evidence, if it really is needed, that continuing to run old, out-of-date kernels is a terrifically risky thing to do.
-
XDP CPUMap
An update on XDP and CPUMap. http://vger.kernel.org/netconf2017_files/XDP_devel_update_NetConf2017_Seoul.pdf
-
Routing and Switching in XDP
https://lkml.org/lkml/2017/10/10/88 https://lkml.org/lkml/2017/10/10/90 Updated patches: https://lkml.org/lkml/2017/11/4/192 https://lkml.org/lkml/2017/11/4/193
-
Tracing Packets Through the Kernel
https://blog.yadutaf.fr/2017/07/28/tracing-a-packet-journey-using-linux-tracepoints-perf-ebpf/ Very interesting. The key is that eBPF programs can be attached to tracepoints.
-
eBPF and XDP Stuff
Worked example of DDOS protection using XDP. It also has this interesting slide: BPF and XDP Reference Guide eBPF, part 1: Past, Present, and Future
-
eBPF Longest Prefix Match Maps
Coming soon to a 4.11 kernel near you, eBPF maps that can do longest prefix matches for things like IP routing. Awesome.
-
XDP
There is a lot happening on the XDP front in the Linux kernel these days. This presentation provides a good overview. I love the idea that eBPF is becoming a policy language for the kernel.
-
Linux 4.10
As always, KernelNewbies is the place to go for a great summary of new kernel features. Here’s some 4.10 highlights I’m interested in. BPF for lightweight tunnel encapsulation commit, https://git.kernel.org/torvalds/c/f74599f7c5309b21151233b98139e9b723fd1110 TCP: sender chronographs instrumentation. This feature exports the sender chronograph stats via the socket SO_TIMESTAMPING channel. Currently it can instrument how long a particular…
-
eBPF Map Size Limits
Recently, I’ve done some work with eBPF and specifically the in-kernel maps that are manipulated and shared by both kernel and user space code. When doing this I ran into permission errors when installing large maps. It took a little while to figure out that the cause of this was the root user’s locked memory…