[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [RFC PATCH 00/12] Introduce QEMU userspace ebpf support
From: |
Andrew Melnichenko |
Subject: |
Re: [RFC PATCH 00/12] Introduce QEMU userspace ebpf support |
Date: |
Wed, 29 Jun 2022 13:43:10 +0300 |
Hi all,
Nice idea.
It would be great if future patches would add the BPF map support(if
uBPF allows it).
On Fri, Jun 17, 2022 at 10:51 AM Zhang Chen <chen.zhang@intel.com> wrote:
>
> Hi All,
>
> The goal of this series is to bring the power of ebpf to QEMU.
> It makes QEMU have the ability to extend the capabilities without
> requiring changing source code. Just need to load the eBPF binary
> file even at VM runtime. And already have some userspace ebpf
> implementation like: Intel DPDK eBPF, windows eBPF, etc..
> The original idea suggested by Jason Wang.
>
> eBPF is a revolutionary technology with origins in the Linux kernel
> that can run sandboxed programs in an operating system kernel. It is
> used to safely and efficiently extend the capabilities of the kernel
> without requiring to change kernel source code or load kernel
> modules.(from https://ebpf.io/)
>
> KVM already got benefits from it, but QEMU did not. Hence we want
> to bring the power of eBPF to QEMU. It can load binary eBPF program
> even when VM running. At the same time, add some hooks in QEMU as
> the user space eBPF load point. Do the things on different layers.
>
> That’s the advantages of kernel eBPF. Most of the functions can be
> implemented in QEMU. This series just a start of the Power of Programmability.
>
> 1). Safety:
>
> Building on the foundation of seeing and understanding all system
> calls and combining that with a packet and socket-level view of all
> networking operations allows for revolutionary new approaches to
> securing systems.
>
> 2). Tracing & Profiling:
>
> The ability to attach eBPF programs to trace points as well as kernel
> and user application probe points allows unprecedented visibility into
> the runtime behavior of applications and the system itself.
>
> 3). Networking:
>
> The combination of programmability and efficiency makes eBPF a natural
> fit for all packet processing requirements of networking solutions.
>
> 4). Observability & Monitoring:
>
> Instead of relying on static counters and gauges exposed by the
> perating system, eBPF enables the collection & in-kernel aggregation
> of custom metrics and generation of visibility events based on a wide
> range of possible sources.
>
> QEMU userspace ebpf design based on ubpf project
> (https://github.com/iovisor/ubpf).
> The most mature userspace ebpf implementation. This project officially
> support by iovisor(Like BCC and bpftrace). This project includes an eBPF
> assembler, disassembler, interpreter (for all platforms), and JIT compiler
> (for x86-64 and Arm64 targets). Qemu userspace ebpf make the ubpf project
> as the git submodule.
>
> Current implementation support load ebpf program and run it in
> net/filter-ubpf module, this filter can support any user defined rules
> to hanle network packet. At the same time, it's easy for other developers
> to use the ubpf infrastructue in QEMU's other modules from the function
> in /ebpf/ubpf.c, and it support JIT.
>
> For the uBPF License is Apache License 2.0, It's OK to compatible
> with QEMU’s GPLv2 LICENSE same as mason.
>
> TODO: Need to add more comments and test-case for ubpf, current
> implementation not include ebpf verifier. But I think maybe it's not
> a big problem, current ebpf load/unload API exposed by QMP command.
> Qemu is a userspace program, if someone want to hack QEMU, no need to
> load a malicious ubpf program, it can hack QEMU code or crash QEMU on
> host directly(different from kernel ebpf needs strict inspection, but
> yes, it still need basic check).
>
> Any comments are welcome.
>
> Thanks
> Chen
>
>
> Zhang Chen (12):
> configure: Add iovisor/ubpf project as a submodule for QEMU
> meson: Add ubpf build config and misc
> ebpf/uBPF: Introduce userspace ebpf data structure
> ebpf/uBPF: Introduce ubpf initialize functions
> ebpf/uBPF: Add qemu_prepare_ubpf to load ebpf binary
> ebpf/uBPF: Add qemu_ubpf_run_once excute real ebpf program
> net/filter: Introduce filter-ubpf module
> qapi: Add FilterUbpfProperties and qemu-options
> softmmu/vl.c: Add filter-ubpf for netdev as other netfilters
> net/filter-ubpf.c: run the ubpf program to handle network packet
> docs/devel: Add userspace-ebpf.rst
> test/qtest: Add ubpf basic test case
>
> .gitmodules | 3 +
> configure | 20 +++
> docs/devel/userspace-ebpf.rst | 106 ++++++++++++++
> ebpf/meson.build | 1 +
> ebpf/ubpf-stub.c | 35 +++++
> ebpf/ubpf.c | 217 ++++++++++++++++++++++++++++
> ebpf/ubpf.h | 44 ++++++
> meson.build | 47 ++++++
> meson_options.txt | 3 +
> net/filter-ubpf.c | 185 ++++++++++++++++++++++++
> net/meson.build | 1 +
> qapi/qom.json | 18 +++
> qemu-options.hx | 6 +
> scripts/coverity-scan/COMPONENTS.md | 3 +
> scripts/meson-buildoptions.sh | 5 +
> softmmu/vl.c | 3 +-
> tests/qtest/demo_ubpf.o | Bin 0 -> 544 bytes
> tests/qtest/integer_5.mem | Bin 0 -> 4 bytes
> tests/qtest/meson.build | 3 +-
> tests/qtest/ubpf-test.c | 64 ++++++++
> ubpf | 1 +
> 21 files changed, 763 insertions(+), 2 deletions(-)
> create mode 100644 docs/devel/userspace-ebpf.rst
> create mode 100644 ebpf/ubpf-stub.c
> create mode 100644 ebpf/ubpf.c
> create mode 100644 ebpf/ubpf.h
> create mode 100644 net/filter-ubpf.c
> create mode 100644 tests/qtest/demo_ubpf.o
> create mode 100644 tests/qtest/integer_5.mem
> create mode 100644 tests/qtest/ubpf-test.c
> create mode 160000 ubpf
>
> --
> 2.25.1
>
- [RFC PATCH 09/12] softmmu/vl.c: Add filter-ubpf for netdev as other netfilters, (continued)
- [RFC PATCH 09/12] softmmu/vl.c: Add filter-ubpf for netdev as other netfilters, Zhang Chen, 2022/06/17
- [RFC PATCH 08/12] qapi: Add FilterUbpfProperties and qemu-options, Zhang Chen, 2022/06/17
- [RFC PATCH 10/12] net/filter-ubpf.c: run the ubpf program to handle network packet, Zhang Chen, 2022/06/17
- [RFC PATCH 11/12] docs/devel: Add userspace-ebpf.rst, Zhang Chen, 2022/06/17
- [RFC PATCH 12/12] test/qtest: Add ubpf basic test case, Zhang Chen, 2022/06/17
- Re: [RFC PATCH 00/12] Introduce QEMU userspace ebpf support,
Andrew Melnichenko <=