ãããããã«ïŒ æžç±ã®çºå£²ãæºåäžã§ããããšããç¥ããããŸããã
BPF ä»®æ³ãã·ã³ã¯é²åãç¶ããå®éã«ç©æ¥µçã«äœ¿çšãããŠããããããã®äž»ãªæ©èœãšçŸåšã®ç¶æ
ã説æããèšäºã翻蚳ããŸããã
è¿å¹Žãé«æ§èœã®ãã±ããåŠçãå¿
èŠãªå Žåã« Linux ã«ãŒãã«ã®å¶éãè£ãããã°ã©ãã³ã° ããŒã«ãæè¡ã人æ°ãéããŠããŸãã ãã®çš®ã®æãäžè¬çãªæ¹æ³ã® XNUMX ã€ã¯æ¬¡ã®ããã«åŒã°ããŸãã ã³ã¢ãã€ãã¹ (ã«ãŒãã« ãã€ãã¹) ã«ãããã«ãŒãã«ã®ãããã¯ãŒã¯å±€ãã¹ãããããŠããŠãŒã¶ãŒç©ºéãããã¹ãŠã®ãã±ããåŠçãå®è¡ã§ããããã«ãªããŸãã ã«ãŒãã«ããã€ãã¹ããã«ã¯ããããã¯ãŒã¯ ã«ãŒãã®ç®¡çãå¿
èŠã«ãªããŸãã ãŠãŒã¶ãŒã¹ããŒã¹ã èšãæããã°ããããã¯ãŒã¯ ã«ãŒãã䜿çšããå Žåããã©ã€ããŒã«äŸåããŸãã ãŠãŒã¶ãŒã¹ããŒã¹.
ãããã¯ãŒã¯ ã«ãŒãã®å®å
šãªå¶åŸ¡ããŠãŒã¶ãŒç©ºéããã°ã©ã ã«ç§»ãããšã§ãã«ãŒãã«ã®ãªãŒããŒããã (ã³ã³ããã¹ã ã¹ã€ããããããã¯ãŒã¯å±€ã®åŠçãå²ã蟌ã¿ãªã©) ãåæžãããŸããããã¯ã10 Gb/s ãŸã㯠XNUMX Gb/s ã®é床ã§å®è¡ããå Žåã«éåžžã«éèŠã§ããããé«ãã ã«ãŒãã«ãšä»ã®æ©èœã®çµã¿åããããã€ãã¹ããŸã (ãããåŠç) ããã³æ
éãªããã©ãŒãã³ã¹ãã¥ãŒãã³ã° (NUMA äŒèš, CPUã®åé¢ããªã©ïŒã¯ãé«æ§èœã®ãŠãŒã¶ãŒç©ºéãããã¯ãŒãã³ã°ã®åºæ¬ã«é©åããŸãã ããããããã±ããåŠçã«å¯Ÿãããã®æ°ããã¢ãããŒãã®å
žåçãªäŸã¯æ¬¡ã®ãšããã§ãã
ãŠãŒã¶ãŒç©ºéã§ã®ãããã¯ãŒã¯ ã€ã³ã¿ã©ã¯ã·ã§ã³ã®çµç¹åã«ã¯ã次ã®ãããªå€ãã®æ¬ ç¹ããããŸãã
- OS ã«ãŒãã«ã¯ãããŒããŠã§ã¢ ãªãœãŒã¹ã®æœè±¡åã¬ã€ã€ãŒã§ãã ãŠãŒã¶ãŒç©ºéããã°ã©ã ã¯ãªãœãŒã¹ãçŽæ¥ç®¡çããå¿ èŠããããããç¬èªã®ããŒããŠã§ã¢ã管çããå¿ èŠããããŸãã ããã¯å€ãã®å Žåãç¬èªã®ãã©ã€ããŒãããã°ã©ãã³ã°ããããšãæå³ããŸãã
- ã«ãŒãã«ç©ºéãå®å šã«æŸæ£ããããšã«ãªãã®ã§ãã«ãŒãã«ã«ãã£ãŠæäŸããããã¹ãŠã®ãããã¯ãŒã¯æ©èœãæŸæ£ããããšã«ãªããŸãã ãŠãŒã¶ãŒç©ºéããã°ã©ã ã¯ãã«ãŒãã«ãŸãã¯ãªãã¬ãŒãã£ã³ã° ã·ã¹ãã ã«ãã£ãŠãã§ã«æäŸãããŠããæ©èœãåå®è£ ããå¿ èŠããããŸãã
- ããã°ã©ã ã¯ãµã³ãããã¯ã¹ ã¢ãŒãã§åäœãããããçžäºäœçšãå€§å¹ ã«å¶éããããªãã¬ãŒãã£ã³ã° ã·ã¹ãã ã®ä»ã®éšåãšçµ±åã§ããªããªããŸãã
åºæ¬çã«ããŠãŒã¶ãŒç©ºéã§ãããã¯ãŒã¯ãæ§ç¯ããå Žåããã±ããåŠçãã«ãŒãã«ãããŠãŒã¶ãŒç©ºéã«ç§»åããããšã§ããã©ãŒãã³ã¹ãåäžããŸãã XDP ã¯ãŸã£ããéã®ããšãè¡ããŸãããããã¯ãŒã¯ ããã°ã©ã ããŠãŒã¶ãŒç©ºé (ãã£ã«ã¿ãŒãã³ã³ããŒã¿ãŒãã«ãŒãã£ã³ã°ãªã©) ããã«ãŒãã«é åã«ç§»åããŸãã XDP ã䜿çšãããšããã±ããããããã¯ãŒã¯ ã€ã³ã¿ãŒãã§ã€ã¹ã«å°éãããšããã«ããã±ãããã«ãŒãã«ã®ãããã¯ãŒã¯ ãµãã·ã¹ãã ã«å°éãå§ããåã«ããããã¯ãŒã¯æ©èœãå®è¡ã§ããŸãã ãã®çµæããã±ããåŠçé床ãå€§å¹ ã«åäžããŸãã ããããã«ãŒãã«ã¯ã©ã®ããã«ããŠãŠãŒã¶ãŒãã«ãŒãã«ç©ºéã§ããã°ã©ã ãå®è¡ã§ããããã«ããã®ã§ãããã? ãã®è³ªåã«çããåã«ãBPF ãšã¯äœããèŠãŠã¿ãŸãããã
BPF ãš eBPF
ååã¯å®å šã«æ確ã§ã¯ãããŸããããBPF (ãã±ãã ãã£ã«ã¿ãªã³ã°ãããŒã¯ã¬ãŒ) ã¯å®éã«ã¯ä»®æ³ãã·ã³ ã¢ãã«ã§ãã ãã®ä»®æ³ãã·ã³ã¯ããšããšãã±ãã ãã£ã«ã¿ãªã³ã°ãåŠçããããã«èšèšãããŠããããããã®ååãä»ããããŸããã
BPF ã䜿çšããæãããç¥ãããããŒã«ã® XNUMX ã€ã¯æ¬¡ã®ãšããã§ãã tcpdump
ã ãã±ããããã£ããã£ããå Žå tcpdump
ãŠãŒã¶ãŒã¯ãã±ãã ãã£ã«ã¿ãªã³ã°ã®åŒãæå®ã§ããŸãã ãã®åŒã«äžèŽãããã±ããã®ã¿ããã£ããã£ãããŸãã ããšãã°ããtcp dst port 80
ãã¯ãããŒã 80 ã«å°çãããã¹ãŠã® TCP ãã±ãããæããŸããã³ã³ãã€ã©ã¯ããã®åŒã BPF ãã€ãã³ãŒãã«å€æããããšã§ççž®ã§ããŸãã
$ sudo tcpdump -d "tcp dst port 80"
(000) ldh [12]
(001) jeq #0x86dd jt 2 jf 6
(002) ldb [20]
(003) jeq #0x6 jt 4 jf 15
(004) ldh [56]
(005) jeq #0x50 jt 14 jf 15
(006) jeq #0x800 jt 7 jf 15
(007) ldb [23]
(008) jeq #0x6 jt 9 jf 15
(009) ldh [20]
(010) jset #0x1fff jt 15 jf 11
(011) ldxb 4*([14]&0xf)
(012) ldh [x + 16]
(013) jeq #0x50 jt 14 jf 15
(014) ret #262144
(015) ret #0
ããã¯åºæ¬çã«äžèšã®ããã°ã©ã ã®åäœã§ãã
- åœä»€ (000): ãªãã»ãã 12 ã®ãã±ããã 16 ããã ã¯ãŒããšããŠã¢ãã¥ã ã¬ãŒã¿ã«ããŒãããŸãã ãªãã»ãã 12 ã¯ãã±ããã®ã€ãŒãµã¿ã€ãã«å¯Ÿå¿ããŸãã
- åœä»€ (001): ã¢ãã¥ã ã¬ãŒã¿å ã®å€ã 0x86ddãã€ãŸã IPv6 ã® ethertype å€ãšæ¯èŒããŸãã çµæãçã®å Žåãããã°ã©ã ã«ãŠã³ã¿ã¯åœä»€ (002) ã«ãžã£ã³ãããããã§ãªãå Žå㯠(006) ã«ãžã£ã³ãããŸãã
- åœä»€ (006): å€ã 0x800 (IPv4 ã® ethertype å€) ãšæ¯èŒããŸãã çããçã®å Žåãããã°ã©ã 㯠(007) ã«é²ã¿ãããã§ãªãå Žåãããã°ã©ã 㯠(015) ã«é²ã¿ãŸãã
ãã±ãã ãã£ã«ã¿ãªã³ã° ããã°ã©ã ãçµæãè¿ããŸã§ãåæ§ã«ç¶ããŸãã éåžžã¯ããŒã«å€ã§ãã ãŒã以å€ã®å€ãè¿ã (åœä»€ (014)) ã¯ãã±ãããäžèŽããããšãæå³ãããŒããè¿ã (åœä»€ (015)) ã¯ãã±ãããäžèŽããªãã£ãããšãæå³ããŸãã
BPF ä»®æ³ãã·ã³ãšãã®ãã€ãã³ãŒãã¯ãSteve McCann ãš Van Jacobson ãè«æãçºè¡šãã 1992 幎æ«ã«ææ¡ãããŸããã
BPF ã¯ä»®æ³ãã·ã³ã§ãããããããã°ã©ã ãå®è¡ãããç°å¢ãå®çŸ©ããŸãã ãã€ãã³ãŒãã«å ããŠããã±ãã ã¡ã¢ãª ã¢ãã« (ããŒãåœä»€ã¯ãã±ããã«æé»çã«é©çšãããŸã)ãã¬ãžã¹ã¿ (A ããã³ Xãã¢ãã¥ã ã¬ãŒã¿ããã³ã€ã³ããã¯ã¹ ã¬ãžã¹ã¿)ãã¹ã¯ã©ãã ã¡ã¢ãª ã¹ãã¬ãŒãžãããã³æé»çãªããã°ã©ã ã«ãŠã³ã¿ãŒãå®çŸ©ãããŸãã èå³æ·±ãããšã«ãBPF ãã€ãã³ãŒã㯠Motorola 6502 ISA ãã¢ãã«ã«ããŠããŸãã ã¹ãã£ãŒãã»ãããã£ã³ãèæžã§æãåºããããã«ã
BPF ãµããŒãã¯ã䞻㫠Jay Schullist ã«ãã£ãŠè¿œå ãããããŒãžã§ã³ v2.5 以éã® Linux ã«ãŒãã«ã«å®è£
ãããŠããŸãã BPF ã³ãŒãã¯ãEric Dumaset ã JIT ã¢ãŒãã§åäœããããã« BPF ã€ã³ã¿ãŒããªã¿ãåèšèšãã 2011 幎ãŸã§å€æŽãããŸããã§ãã (åºå
ž:
ãã®åŸã2014 幎㫠Alexei Starovoitov ã BPF çšã®æ°ãã JIT ã¡ã«ããºã ãææ¡ããŸããã å®éããã®æ°ãã JIT 㯠BPF ã«åºã¥ãæ°ããã¢ãŒããã¯ãã£ãšãªããeBPF ãšåŒã°ããŸããã ãã°ããã®éã¯äž¡æ¹ã® VM ãå ±åããŠãããšæããŸãããçŸåšãã±ãã ãã£ã«ã¿ãªã³ã°ã¯ eBPF ã®äžã«å®è£ ãããŠããŸãã å®éãå€ãã®ææ°ã®ããã¥ã¡ã³ãäŸã§ã¯ãBPF 㯠eBPF ãšåŒã°ããå€å žç㪠BPF ã¯çŸåš cBPF ãšããŠç¥ãããŠããŸãã
eBPF ã¯ãããã€ãã®æ¹æ³ã§åŸæ¥ã® BPF ä»®æ³ãã·ã³ãæ¡åŒµããŸãã
- ææ°ã® 64 ããã ã¢ãŒããã¯ãã£ã«äŸåããŸãã eBPF 㯠64 ããã ã¬ãžã¹ã¿ã䜿çšãã䜿çšå¯èœãªã¬ãžã¹ã¿ã®æ°ã 2 (ã¢ãã¥ã ã¬ãŒã¿ãš X) ãã 10 ã«å¢ãããŸããeBPF ã¯è¿œå ã®ãªãã³ãŒã (BPF_MOVãBPF_JNEãBPF_CALLâŠ) ãæäŸããŸãã
- ãããã¯ãŒã¯å±€ãµãã·ã¹ãã ããåãé¢ãããŠããŸãã BPF ã¯ããã ããŒã¿ ã¢ãã«ã«é¢é£ä»ããããŠããŸããã ããã¯ãã±ããã®ãã£ã«ã¿ãªã³ã°ã«äœ¿çšãããŠããããããã®ã³ãŒãã¯ãããã¯ãŒã¯ ã€ã³ã¿ã©ã¯ã·ã§ã³ãæäŸãããµãã·ã¹ãã å ã«ãããŸããã ãã ããeBPF ä»®æ³ãã·ã³ã¯ããŒã¿ ã¢ãã«ã«æçžãããªããªããããããç®çã«äœ¿çšã§ããããã«ãªããŸãã ããã§ãeBPF ããã°ã©ã ããã¬ãŒã¹ãã€ã³ããŸã㯠kprobe ã«æ¥ç¶ã§ããããã«ãªããŸããã ããã«ãããeBPF ã€ã³ã¹ãã«ã¡ã³ããŒã·ã§ã³ãããã©ãŒãã³ã¹åæãããã³ä»ã®ã«ãŒãã« ãµãã·ã¹ãã ã®ã³ã³ããã¹ãã§ã®ä»ã®å€ãã®ãŠãŒã¹ ã±ãŒã¹ãžã®æãéãããŸãã ããã§ãeBPF ã³ãŒãã¯ç¬èªã®ãã¹ kernel/bpf ã«é 眮ãããŸããã
- ããããšåŒã°ããã°ããŒãã« ããŒã¿ ã¹ãã¢ã ãããã¯ããŠãŒã¶ãŒç©ºéãšã«ãŒãã«ç©ºéã®éã§ããŒã¿äº€æãæäŸããããŒãšå€ã®ã¹ãã¢ã§ãã eBPF ã¯ããã€ãã®ã¿ã€ãã®ã«ãŒããæäŸããŸãã
- äºæ¬¡çãªæ©èœã ç¹ã«ãããã±ãŒãžã®äžæžãããã§ãã¯ãµã ã®èšç®ããŸãã¯ããã±ãŒãžã®ã¯ããŒã³äœæãè¡ããŸãã ãããã®é¢æ°ã¯ã«ãŒãã«å ã§å®è¡ããããŠãŒã¶ãŒç©ºéããã°ã©ã ã«ã¯å±ããŸããã ããã«ãeBPF ããã°ã©ã ããã·ã¹ãã ã³ãŒã«ãå®è¡ã§ããŸãã
- é話ãçµäºããŸãã eBPF ã®ããã°ã©ã ãµã€ãºã¯ 4096 ãã€ãã«å¶éãããŠããŸãã ãšã³ãã³ãŒã«æ©èœã䜿çšãããšãeBPF ããã°ã©ã ãæ°ãã eBPF ããã°ã©ã ã«å¶åŸ¡ã移ãããšãã§ããããããã®å¶éãåé¿ã§ããŸã (ãã®æ¹æ³ã§æ倧 32 åã®ããã°ã©ã ããã§ãŒã³ã§ããŸã)ã
eBPFã®äŸ
Linux ã«ãŒãã« ãœãŒã¹ã«ã¯ eBPF ã®äŸãããã€ããããŸãã ãããã¯ãsamples/bpf/ ã§å ¥æã§ããŸãã ãããã®äŸãã³ã³ãã€ã«ããã«ã¯ã次ã®ããã«å ¥åããã ãã§ãã
$ sudo make samples/bpf/
eBPF ã®æ°ããäŸãèªåã§æžãã€ããã¯ãããŸããããsamples/bpf/ ã«ãããµã³ãã«ã® XNUMX ã€ã䜿çšããŸãã ã³ãŒãã®äžéšãèŠãŠããããã©ã®ããã«æ©èœãããã説æããŸãã äŸãšããŠãç§ãéžãã ããã°ã©ã ã¯ã tracex4
.
äžè¬ã«ãsamples/bpf/ å ã®åãµã³ãã«ã¯ XNUMX ã€ã®ãã¡ã€ã«ã§æ§æãããŠããŸãã ãã®å ŽåïŒ
tracex4_kern.c
ãã«ãŒãã«ã§ eBPF ãã€ãã³ãŒããšããŠå®è¡ããããœãŒã¹ ã³ãŒããå«ãŸããŠããŸããtracex4_user.c
ããŠãŒã¶ãŒç©ºéããã®ããã°ã©ã ãå«ãŸããŠããŸãã
ãã®å Žåãã³ã³ãã€ã«ããå¿
èŠããããŸã tracex4_kern.c
eBPF ãã€ãã³ãŒãã«å€æããŸãã çŸæç¹ã§ã¯ gcc
eBPF ã«ã¯ãµãŒããŒéšåã¯ãããŸããã 幞ããªããšã«ã clang
eBPF ãã€ãã³ãŒããçæã§ããŸãã
䜿çšãã clang
ã³ã³ãã€ã«ããŸã tracex4_kern.c
ãªããžã§ã¯ããã¡ã€ã«ã«ã
äžã§ãeBPF ã®æãèå³æ·±ãæ©èœã® 4 ã€ã¯ãããã§ãããšè¿°ã¹ãŸããã tracexXNUMX_kern 㯠XNUMX ã€ã®ããããå®çŸ©ããŸãã
struct pair {
u64 val;
u64 ip;
};
struct bpf_map_def SEC("maps") my_map = {
.type = BPF_MAP_TYPE_HASH,
.key_size = sizeof(long),
.value_size = sizeof(struct pair),
.max_entries = 1000000,
};
BPF_MAP_TYPE_HASH
eBPF ãæäŸããå€ãã®ã«ãŒã ã¿ã€ãã® XNUMX ã€ã§ãã ãã®å Žåãããã¯åãªãããã·ã¥ã§ãã ããªããåºåã«æ°ã¥ãããããããŸãã SEC("maps")
ã SEC ã¯ããã€ã㪠ãã¡ã€ã«ã®æ°ããã»ã¯ã·ã§ã³ãäœæããããã«äœ¿çšããããã¯ãã§ãã å®éãäŸã§ã¯ tracex4_kern
ããã« XNUMX ã€ã®ã»ã¯ã·ã§ã³ãå®çŸ©ãããŠããŸãã
SEC("kprobe/kmem_cache_free")
int bpf_prog1(struct pt_regs *ctx)
{
long ptr = PT_REGS_PARM2(ctx);
bpf_map_delete_elem(&my_map, &ptr);
return 0;
}
SEC("kretprobe/kmem_cache_alloc_node")
int bpf_prog2(struct pt_regs *ctx)
{
long ptr = PT_REGS_RC(ctx);
long ip = 0;
// пПлÑÑаеЌ ip-аЎÑÐµÑ Ð²ÑзÑваÑÑей ÑÑПÑÐŸÐœÑ kmem_cache_alloc_node()
BPF_KRETPROBE_READ_RET_IP(ip, ctx);
struct pair v = {
.val = bpf_ktime_get_ns(),
.ip = ip,
};
bpf_map_update_elem(&my_map, &ptr, &v, BPF_ANY);
return 0;
}
ããã XNUMX ã€ã®é¢æ°ã䜿çšãããšãããããããšã³ããªãåé€ã§ããŸã (kprobe/kmem_cache_free
) ãããã«æ°ãããšã³ããªãè¿œå ããŸã (kretprobe/kmem_cache_alloc_node
ïŒã 倧æåã§æžããããã¹ãŠã®é¢æ°åã¯ã次ã®ããã«å®çŸ©ããããã¯ãã«å¯Ÿå¿ããŸãã
.
ãªããžã§ã¯ã ãã¡ã€ã«ã®ã»ã¯ã·ã§ã³ããã³ããããšããããã®æ°ããã»ã¯ã·ã§ã³ããã§ã«å®çŸ©ãããŠããããšãããããŸãã
$ objdump -h tracex4_kern.o
tracex4_kern.o: file format elf64-little
Sections:
Idx Name Size VMA LMA File off Algn
0 .text 00000000 0000000000000000 0000000000000000 00000040 2**2
CONTENTS, ALLOC, LOAD, READONLY, CODE
1 kprobe/kmem_cache_free 00000048 0000000000000000 0000000000000000 00000040 2**3
CONTENTS, ALLOC, LOAD, RELOC, READONLY, CODE
2 kretprobe/kmem_cache_alloc_node 000000c0 0000000000000000 0000000000000000 00000088 2**3
CONTENTS, ALLOC, LOAD, RELOC, READONLY, CODE
3 maps 0000001c 0000000000000000 0000000000000000 00000148 2**2
CONTENTS, ALLOC, LOAD, DATA
4 license 00000004 0000000000000000 0000000000000000 00000164 2**0
CONTENTS, ALLOC, LOAD, DATA
5 version 00000004 0000000000000000 0000000000000000 00000168 2**2
CONTENTS, ALLOC, LOAD, DATA
6 .eh_frame 00000050 0000000000000000 0000000000000000 00000170 2**3
CONTENTS, ALLOC, LOAD, RELOC, READONLY, DATA
ãŸã æã£ãŠãã
ãã¡ã€ã³ããã°ã©ã ã åºæ¬çã«ããã®ããã°ã©ã ã¯ã€ãã³ãããªãã¹ã³ããŸãã kmem_cache_alloc_node
ã ãã®ãããªã€ãã³ããçºçãããšã察å¿ãã eBPF ã³ãŒããå®è¡ãããŸãã ãã®ã³ãŒãã¯ãªããžã§ã¯ãã® IP å±æ§ããããã«ä¿åãããªããžã§ã¯ãã¯ã¡ã€ã³ ããã°ã©ã ãéããŠã«ãŒããããŸãã äŸïŒ
$ sudo ./tracex4
obj 0xffff8d6430f60a00 is 2sec old was allocated at ip ffffffff9891ad90
obj 0xffff8d6062ca5e00 is 23sec old was allocated at ip ffffffff98090e8f
obj 0xffff8d5f80161780 is 6sec old was allocated at ip ffffffff98090e8f
ãŠãŒã¶ãŒç©ºéããã°ã©ã ãš eBPF ããã°ã©ã ã¯ã©ã®ããã«é¢é£ããŠããŸãã? åæåæ tracex4_user.c
ãªããžã§ã¯ããã¡ã€ã«ãããŒãããŸã tracex4_kern.o
é¢æ°ã䜿çšã㊠load_bpf_file
.
int main(int ac, char **argv)
{
struct rlimit r = {RLIM_INFINITY, RLIM_INFINITY};
char filename[256];
int i;
snprintf(filename, sizeof(filename), "%s_kern.o", argv[0]);
if (setrlimit(RLIMIT_MEMLOCK, &r)) {
perror("setrlimit(RLIMIT_MEMLOCK, RLIM_INFINITY)");
return 1;
}
if (load_bpf_file(filename)) {
printf("%s", bpf_log_buf);
return 1;
}
for (i = 0; ; i++) {
print_old_objects(map_fd[1]);
sleep(1);
}
return 0;
}
ããªãã
eBPF ãã¡ã€ã«ã§å®çŸ©ããããããŒãã¯ã /sys/kernel/debug/tracing/kprobe_events
ã ããã§ããããã®ã€ãã³ããç£èŠããã€ãã³ããçºçãããšãã«ããã°ã©ã ãäœããå®è¡ã§ããããã«ãªããŸãã
$ sudo cat /sys/kernel/debug/tracing/kprobe_events
p:kprobes/kmem_cache_free kmem_cache_free
r:kprobes/kmem_cache_alloc_node kmem_cache_alloc_node
sample/bpf/ å ã®ä»ã®ãã¹ãŠã®ããã°ã©ã ã¯åæ§ã«æ§é åãããŠããŸãã ãããã«ã¯åžžã« XNUMX ã€ã®ãã¡ã€ã«ãå«ãŸããŠããŸãã
XXX_kern.c
: eBPF ããã°ã©ã ãXXX_user.c
: ã¡ã€ã³ããã°ã©ã ã
eBPF ããã°ã©ã ã¯ãã»ã¯ã·ã§ã³ã«é¢é£ä»ããããããããšé¢æ°ãå®çŸ©ããŸãã ã«ãŒãã«ãç¹å®ã®ã¿ã€ãã®ã€ãã³ã (ããšãã°ã tracepoint
)ããã€ã³ããããé¢æ°ãå®è¡ãããŸãã ãããã¯ãã«ãŒãã« ããã°ã©ã ãšãŠãŒã¶ãŒç©ºéããã°ã©ã éã®éä¿¡ãæäŸããŸãã
ãŸãšã
ãã®èšäºã§ã¯ãBPF ãš eBPF ã«ã€ããŠäžè¬çã«èª¬æããŸããã çŸåšãeBPF ã«é¢ããæ å ±ããªãœãŒã¹ãããããããããšã¯æ¿ç¥ããŠããŸãããã®ããããããªãåŠç¿ã®ããã«ããã«ããã€ãã®è³æããå§ãããŸãã
ç§ã¯èªãããšããå§ãããŸãïŒ
BPF: ãŠãããŒãµã«ã«ãŒãã«å ä»®æ³ãã·ã³ ãžã§ããµã³ã»ã³ãŒãããã BPF ã®æŠèŠãšããããã©ã®ããã« eBPF ã«é²åãããã«ã€ããŠèª¬æããŸããeBPF ã®åŸ¹åºçŽ¹ä» ãã¬ã³ãã³ã»ã°ã¬ãã°ã LWN.netã®èšäºã ãã¬ã³ãã³ã¯ eBPF ã«ã€ããŠé »ç¹ã«ãã€ãŒãããWeb ãµã€ãäžã§ãã®ããŒãã«é¢ãããªãœãŒã¹ã®ãªã¹ãã管çããŠããŸããããã°èšäº .BPF ãš eBPF ã«é¢ãã泚æäºé ãžã¥ãªã¢ã»ãšãŽã¡ã³ã¹ã ã¹ãã£ã¯ã©ã»ã·ã£ã«ãæ°ã®ãã¬ãŒã³ããŒã·ã§ã³ãBSD ãã±ãã ãã£ã«ã¿ãŒ: ãŠãŒã¶ãŒ ã¬ãã«ã®ãã±ãã ãã£ããã£ã®ããã®æ°ããã¢ãŒããã¯ãã£ãã«ã€ããŠã®ã³ã¡ã³ãã ã³ã¡ã³ãã¯çŽ æŽããããã¹ã©ã€ããç解ããã®ã«éåžžã«åœ¹ç«ã¡ãŸããeBPFãããŒã 1: éå»ãçŸåšãæªæ¥ ãã§ãªã¹ã»ãšãªã¹ã ãã³ã°ãªãŒãä»ãç¶ç¶ ããããèªã䟡å€ã¯ãããŸãã ç§ããããŸã§ã«åºäŒã£ãäžã§æé«ã® eBPF èšäºã® XNUMX ã€ã
åºæïŒ habr.com