03/09/2016 59
Restrict C [9]
●
No support for
– Global variables
– Arbitrary function calls,
– Floating point, varargs, exceptions, indirect jumps, arbitrary
pointer arithmetic, alloca, etc.
●
Kernel rejects all programs that it cannot prove safe
– programs with loops
– with memory accesses via arbitrary pointers.
9/3/16 73/75
Reference
[1] Alexei Starovoitov (May. 2014), “tracing: accelerate tracing filters with BPF”, KERNEL
PATCH
[2] Alexei Starovoitov, (Feb. 2015), "BPF – in-kernel virtual machine", presented at
Collaboration Summit 2015
[3] Brendan Gregg, (Feb. 2016), "Linux 4.x Performance Using BPF Superpowers ",
presented at Performance@ scale 2016
[4] Elena Zannoni (Jun. 2015), “New (and Exciting!) Developments in Linux Tracing ”,
presented at Linuxcon Japan 2015
[5] Gary Lin (Mar. 2016), “eBPF: Trace from Kernel to Userspace ”, presented at OpenSUSE
Technology Sharing Day 2016
[6] Jonathan Corbet. (May. 2014), “BPF: the universal in-kernel virtual machine ”, LWN
[7] Kernel documentation, “Using the Linux Kernel Tracepoints”
[8] Suchakrapani D. Sharma (Dec. 2014), “Towards Faster Trace Filtersvusing eBPF and JIT ”
[9] Michael Larabel, (Jan. 2015), “
BPF Backend Merged Into LLVM To Make Use Of New Kernel Functionality ”, Phoronix