Tag: Linux

  • Linux network sysctls

    https://github.com/leandromoreira/linux-network-performance-parameters The QDisc section isn’t correct but it is a good overview.

  • New kernel releases and security

    From https://lwn.net/Articles/743363/ Meltdown and Spectre provide more evidence, if it really is needed, that continuing to run old, out-of-date kernels is a terrifically risky thing to do.

  • XDP CPUMap

    An update on XDP and CPUMap. http://vger.kernel.org/netconf2017_files/XDP_devel_update_NetConf2017_Seoul.pdf

  • Routing and Switching in XDP

    https://lkml.org/lkml/2017/10/10/88 https://lkml.org/lkml/2017/10/10/90 Updated patches: https://lkml.org/lkml/2017/11/4/192 https://lkml.org/lkml/2017/11/4/193

  • Tracing Packets Through the Kernel

    https://blog.yadutaf.fr/2017/07/28/tracing-a-packet-journey-using-linux-tracepoints-perf-ebpf/ Very interesting. The key is that eBPF programs can be attached to tracepoints.

  • eBPF and XDP Stuff

    Worked example of DDOS protection using XDP. It also has this interesting slide: BPF and XDP Reference Guide eBPF, part 1: Past, Present, and Future

  • eBPF Longest Prefix Match Maps

    Coming soon to a 4.11 kernel near you, eBPF maps that can do longest prefix matches for things like IP routing. Awesome.

  • XDP

    There is a lot happening on the XDP front in the Linux kernel these days. This presentation provides a good overview. I love the idea that eBPF is becoming a policy language for the kernel.

  • Linux 4.10

    As always, KernelNewbies is the place to go for a great summary of new kernel features. Here’s some 4.10 highlights I’m interested in. BPF for lightweight tunnel encapsulation commit, https://git.kernel.org/torvalds/c/f74599f7c5309b21151233b98139e9b723fd1110   TCP: sender chronographs instrumentation. This feature exports the sender chronograph stats via the socket SO_TIMESTAMPING channel. Currently it can instrument how long a particular…

  • eBPF Map Size Limits

    Recently, I’ve done some work with eBPF and specifically the in-kernel maps that are manipulated and shared by both kernel and user space code. When doing this I ran into permission errors when installing large maps. It took a little while to figure out that the cause of this was the root user’s locked memory…