Lightnews — Scholar-powered news

Paul Chaignon @pchaigno.bsky.social · 4d

This was made possible by an idea from Hari Vishwanathan et al. implemented in March 2024 and further extended in August this year.

Next step is Agni formally verifying patchset submitted to the mailing list!

Pull request: github.com/bpfverif/agn....

1 1

Paul Chaignon @pchaigno.bsky.social · 4d

Agni is now able to formally verify core #eBPF verifier logic in ~10 minutes! And all LTS kernels are covered daily!
github.com/bpfverif/agn...

1 1 4

Paul Chaignon @pchaigno.bsky.social · 5d

At Kernel Recipes, Roman Gushchin presented his work on customizing the Linux out-of-memory handling with #eBPF. It allows you to control when the OOM killer is triggered and how to free memory (typically, what to kill).

Code: lore.kernel.org/bpf/20250818...
Video: www.youtube.com/watch?v=pgDI...

Slide showing a kernel stack trace when using BPF OOM to control what is killed. The blue part is the normal OOM killer being triggered. The green part is the BPF program being called. The yellow part shows the call to the new kfunc to kill a process. And finally, the orange text displays which BPF policy was used for the OOM.

1 2

Paul Chaignon @pchaigno.bsky.social · 12d

The list of talks accepted for the #eBPF track at Linux Plumbers 2025 has been published: lpc.events/event/19/ses...! See you in Tokyo!

(You may need to click on Contribution list to see the talks.)

The Linux Plumbers background picture with giant eBPF bees circling around the Tokyo and Roppongi Hills Mori towers.

1 2

Paul Chaignon @pchaigno.bsky.social · 14d

I've added 6 recent research papers on eBPF to my list, from SIGCOMM'25, SOSP'25, and IEEE S&P'25: pchaigno.github.io/bpf/2025/01/....

Screenshot of the top of the list, showing the interactive selectors and the 6 new papers.

2

Paul Chaignon @pchaigno.bsky.social · 27d

I've written a guide on how to test BPF verifier changes using Cilium's collection of #eBPF programs: pchaigno.github.io/ebpf/2025/09...

Test Verifier Changes on Cilium’s BPF Programs

This post describes how to use Cilium’s large BPF programs to test and evaluate your changes to the Linux BPF verifier or to any other aspect of the kernel.

pchaigno.github.io

3

Paul Chaignon @pchaigno.bsky.social · Sep 18

At the eBPF workshop, Panayiotis Gavriil introduced uXDP, a new XDP runtime that allows you to run unmodified XDP programs on top of DPDK or AF_XDP. uXDP was able to improve the performance of an unmodified Katran by 40%!

Slides: drive.google.com/file/d/1xrGE...
Paper: dl.acm.org/doi/pdf/10.1...

Slide showing uXDP's architecture with the BPF runtime, including maps, running in userspace on top of either DPDK or AF_XDP.

3

Paul Chaignon @pchaigno.bsky.social · Sep 18

Traditional profiling tools can introduce a lot of overhead when tracing XDP programs. At the eBPF workshop, Vladimiro Paschali presented a new tool that significantly reduces that overhead.

Slides: drive.google.com/file/d/1qsBS...
Paper: dl.acm.org/doi/pdf/10.1...
Code: github.com/VladimiroPas...

Slide showing how profiling tools like perf and bpftool severely impact the performance of the monitored XDP programs.

2

Reposted by Paul Chaignon

Bill Mulligan 🐝🐝🐝 @breakawaybilly.bsky.social · Sep 17

For its academic research grants, eBPF Foundation received 27 proposals from 23 universities, ranging from improving verifier safety guarantees to enabling new use cases where eBPF can make a difference.

Two proposals will each receive a $50,000 research grant

ebpf.foundation/ebpf-foundat...

1 5

Paul Chaignon @pchaigno.bsky.social · Sep 17

At the eBPF workshop, Srinivas Narayana presented a new approach to synthesize part of the #eBPF verifier. His team used it to improve the addition and subtraction analysis in Linux.

Slides: drive.google.com/file/d/1BbMr...
Paper: people.cs.rutgers.edu/~sn624/paper...
Code: github.com/bpfverif/vayu

Slide from the presentation describing how the verifier uses abstract interpretation to track the values of variables possible at runtime. The slide illustrates how we want the minimal over-approximation to achieve optimal precision.

5

Paul Chaignon @pchaigno.bsky.social · Sep 17

The papers and slides from the SIGCOMM'25 #eBPF workshop are all online now! pchaigno.github.io/ebpf/2025/09...

Thanks to everyone who participated and presented in this third edition!

3 3

Paul Chaignon @pchaigno.bsky.social · Sep 10

At SIGCOMM'25 yesterday, Alibaba Cloud showed how they improved the performance of their L7 LB in part with sk_reuseport #eBPF programs. As a result, they improved the efficiency of their L7 LB by almost 20%!

Video: www.youtube.com/watch?v=J22-...
Paper: dl.acm.org/doi/pdf/10.1...

Screenshot of the Hermes talk, with the slide showing the overall Hermes architecture and how eBPF is used to efficiently dispatch packets to sockets.

2 1

Paul Chaignon @pchaigno.bsky.social · Sep 10

Oh, I missed your paper presentation 😱 Happy to meet when you're available Tianyi!

1

Paul Chaignon @pchaigno.bsky.social · Sep 10

I'm at SIGCOMM'25 until the end of the conference. Ping me if you want to chat about anything eBPF related! I'm interested to see what people are trying to build!

1 1

Paul Chaignon @pchaigno.bsky.social · Sep 4

A lot of AI for networks, networks for AI, and LEO satellite networks, but also video streaming, datacenter networking, and all types of wireless networking.

I spotted four papers using eBPF :)

3

Paul Chaignon @pchaigno.bsky.social · Sep 4

The top networking academic conference, SIGCOMM, is happening next week and the 88 papers are already available!
conferences.sigcomm.org/sigcomm/2025...

Screenshot of part of the list of SIGCOMM papers, with authors omitted for brevity.

1 1 3

Paul Chaignon @pchaigno.bsky.social · Aug 11

The list of papers accepted at the 3rd #eBPF workshop has been published! conferences.sigcomm.org/sigcomm/2025...

Screenshot of the eBPF workshop program, showing Session 3 ("Time for Better and Safer Programming") and the beginning of Session 4 ("Profiling meets Machine Learning and Privacy").

3 4

Paul Chaignon @pchaigno.bsky.social · May 6

🐝🚀 Deadline Extended 🚀🐝
The submission deadline for the 2025 eBPF workshop at SIGCOMM has been extended!

New deadline: May 23rd.

Don't miss out! Submission link: ebpf25.hotcrp.com

3 4

Paul Chaignon @pchaigno.bsky.social · Apr 30

With NSDI'25 coming to an end today, I've updated the list of #eBPF papers to include the three papers published at USENIX NSDI this year! pchaigno.github.io/bpf/2025/01/...

Screenshot of the top of the list, showing the interactive selectors and the three eBPF papers published at NSDI'25.

2 2

Paul Chaignon @pchaigno.bsky.social · Apr 1

Ihor Solodrai started working on a visualization tool to help read #eBPF verifier logs! It shows the current verifier state at any point and tracks data dependencies. Hopefully, it'll make the logs less scary to newcomers!

Code: github.com/libbpf/bpfvv
Example: libbpf.github.io/bpfvv/?url=h...

Screenshot of the example, with the verifier logs showed on the left panel and the current verifier state showed on the right.

1 4

Paul Chaignon @pchaigno.bsky.social · Mar 24

📢 Call for Papers 📢
The CFP for the 2025 eBPF workshop is out!

📅 Deadline: May 8th
🔗 More info: conferences.sigcomm.org/sigcomm/2025...

Don't miss the chance to share your work with the eBPF 🐝community!

5 8

Paul Chaignon @pchaigno.bsky.social · Mar 19

I'll give an introduction to #eBPF next week at the Rennes DevOps meetup!

I'll explain what it is concretely and the many use cases, from tracing to @cilium.io and more. I'll also try to address the many misconceptions around eBPF. Don't miss it if you're around and eBPF isn't yet all clear to you!

rennesdevops.bsky.social @rennesdevops.bsky.social · Mar 19

🚀 Ne manquez pas notre prochain Meetup DevOps Rennes le 27 mars dans les locaux de MaxDS ! 🚀

📋 "Introduction à eBPF : Moderniser Linux pour le cloud" par @pchaigno.bsky.social

Places limitées, inscription obligatoire : 👉 www.meetup.com/fr-FR/rennes...

#DevOps #Rennes #eBPF #Linux #Sécurité

4 9

Paul Chaignon @pchaigno.bsky.social · Mar 18

I see many people asking for #nftables vs. #eBPF comparisons, but I think what they actually want is kube-proxy with nftables vs. Cilium or nftables vs. bpfilter. Whatever the results of such benchmarks, it won't tell us anything on eBPF as a whole.

2

Paul Chaignon @pchaigno.bsky.social · Mar 18

It does not make sense to compare the performance of nftables and eBPF.

eBPF can take many different forms. Its performance will largely depend on its hook point, its maps, the algorithm its implementing. That's the point I tried to illustrate in pchaigno.github.io/ebpf/2020/09....

BPF Isn’t About Speed

This post benchmarks various approaches to filter egress traffic in the Linux kernel. It compares iptables, ipset, tc-bpf, and cgroup-bpf. It demonstrates how diverse aspects of the eBPF implementatio...

pchaigno.github.io

1 2 4

Reposted by Paul Chaignon

Farbod @fshahinfar1.bsky.social · Feb 25

Recently, I have been busy exploring eBPF Arena — a new API that enables eBPF programs to allocate memory pages; similar functionality as mmap and munmap . I've written a blog post about it that I like to share with you: fshahinfar1.github.io/blog/04_ebpf...

eBPF Arena: A Tutorial

fshahinfar1.github.io

5 2