From: Jesper Dangaard Brouer <brouer@redhat.com>
To: Daniel Borkmann <daniel@iogearbox.net>
Cc: Eric Leblond <eric@regit.org>,
xdp-newbies@vger.kernel.org, brouer@redhat.com,
pavel.odintsov@gmail.com
Subject: Re: What library to use ?
Date: Mon, 21 Aug 2017 10:16:00 +0200 [thread overview]
Message-ID: <20170821101600.4e769785@redhat.com> (raw)
In-Reply-To: <599A11B8.9030906@iogearbox.net>
On Mon, 21 Aug 2017 00:48:24 +0200 Daniel Borkmann <daniel@iogearbox.net> wrote:
> On 08/20/2017 03:03 PM, Eric Leblond wrote:
> [...]
> > I've just started to work again on eBPF and XDP. My target it to work
> > on XDP support for Suricata (Daniel if you read me, yes finally ;)
> > Target is to be able to start Suricata with --xdp eth5 and get
> > everything setup by Suricata to get a working capture.
>
> Great, finally! ;)
This is really great to hear! I would very much like to cooperate in
this area.
I assume that the (currently) recommended interface for transferring
raw XDP packets to userspace is the perf ring buffer via
bpf_perf_event_output() interface?
I want to code-up some benchmarks to establish a baseline of
the expected performance that can be achieved via the perf ring buffer
interface.
Can someone point me to some eBPF+perf-ring example code / docs?
I have noticed that samples/bpf/trace_output_*.c [1][2] contains
something... but I'm hoping someone else have some examples?
[1] https://github.com/torvalds/linux/blob/master/samples/bpf/trace_output_kern.c
[2] https://github.com/torvalds/linux/blob/master/samples/bpf/trace_output_user.c
> > I've done one year ago an implementation of eBPF support in Suricata
> > using the library in tools/lib/bpf. One year later is using this
> > library the way to go or is there another library ?
>
> Yep, the lib in tools/lib/bpf would be recommended (also used in
> tools/testing/selftests/bpf/ for some of the networking selftests
> these days, incl. XDP).
>
> Anyway, patches welcome just in case. ;)
I've been baseing my examples[3] on samples/bpf/bpf_load.c, but I would
very much like to move away from this approach, and instead use
tools/lib/bpf/. Maybe we can do a joined effort and bring
tools/lib/bpf/ into shape?
[3] https://github.com/netoptimizer/prototype-kernel/tree/master/kernel/samples/bpf
--
Best regards,
Jesper Dangaard Brouer
MSc.CS, Principal Kernel Engineer at Red Hat
LinkedIn: http://www.linkedin.com/in/brouer
next prev parent reply other threads:[~2017-08-21 8:16 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-20 13:03 What library to use ? Eric Leblond
2017-08-20 22:48 ` Daniel Borkmann
2017-08-21 8:16 ` Jesper Dangaard Brouer [this message]
2017-08-21 21:57 ` Daniel Borkmann
2017-08-25 18:35 ` Eric Leblond
2017-08-29 23:37 ` Daniel Borkmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170821101600.4e769785@redhat.com \
--to=brouer@redhat.com \
--cc=daniel@iogearbox.net \
--cc=eric@regit.org \
--cc=pavel.odintsov@gmail.com \
--cc=xdp-newbies@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.