The Internet Engineering Task Force (IETF), the committee that develops the protocols and architecture of the Internet, has completed the RFC for the BPF command set architecture and published the associated specification under the identifier RFC 9669. The RFC has received the status of "Proposed Standard", after which work will begin on giving the RFC the status of a draft standard (Draft Standard), which effectively means complete stabilization and consideration of all comments made.
The published specification describes a set of BPF bytecode instructions and a low-level virtual machine used in the Linux kernel subsystem eBPF to execute external handlers capable of changing system behavior on the fly without requiring kernel code modification. Essentially, eBPF implements a simple virtual processor with its own register set, RISC-like instructions, stack, and program counter. BPF programs are typically written in a subset of the C language and then compiled into bytecode suitable for execution in virtual machineThe virtual machine can execute BPF programs using either interpretation or just-in-time (JIT) compilation to translate bytecode into machine instructions on the fly.
It is expected that standardization of the BPF instruction set architecture will stimulate the creation of third-party implementations compatible with the eBPF virtual machine and capable of running BPF programs written for the Linux kernel. Work is underway to create such virtual machines Some network adapter manufacturers are developing hardware acceleration tools for BPF network packet handlers. The idea is to expand the capabilities of the XDP (eXpress Data Path) subsystem to run BPF programs not only at the network driver level, but also on the network adapter.
For example, Netronome has added BPF support to the Netronome Agilio CX SmartNIC adapter and has provided a collection of generic BPF example programs that can be executed not only by the CPU in the kernel with any XDP-compatible driver, but also on the network card side, allowing decisions to be made on dropping, modifying, or redirecting packets without wasting CPU resources. Separately, the XRP (eXpress Resubmission Path) technology is being developed, allowing BPF to be used to offload some operations with NVMe drives, such as indexing and data aggregation, to the NVMe driver level or to an external device.
It is noted that the wider implementation of such capabilities has so far been hampered by the risks associated with the violation of compatibility and the need to monitor the state of eBPF in the kernel. Due to these risks, some manufacturers have postponed the inclusion of hardware acceleration of BPF in their devices until the standard is formed.
Source: opennet.ru
