• Stars
    star
    187
  • Rank 206,464 (Top 5 %)
  • Language
    Rust
  • License
    MIT License
  • Created about 2 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

WebAssembly library, toolchain and runtime for eBPF programs

logo

📦 Wasm-bpf: Wasm library and toolchain for eBPF

Actions Status codecov CodeFactor DeepSource

中文文档 Gitee Github

Wasm-bpf is a WebAssembly eBPF library, toolchain and runtime powered by CO-RE(Compile Once – Run Everywhere) libbpf. It can help you build almost every eBPF programs or usecases to Wasm with nearly zero modification, and run them cross platforms with Wasm sandbox.

Quick start guides

⌨️ Introduction to wasm-bpf
📦 Features
🚀 Running a standalone Wasm program from CLI or Docker
🔌 Embed a Wasm-eBPF function in your Rust program or C/C++ program
🔨 Examples covering the use cases from tracing, networking to security
📚 How it works
🤖 Build the runtime

📚 Check out our more documentations

⌨️ Introduction

WebAssembly (Wasm) is a portable binary format for executable code. The code is executed at a nearly-native speed in a memory-safe (for host) sandbox, with clearly defined resource constraints, and APIs for communicating with the embedding host environment (eg. proxy).The wasm-bpf project combines Wasm and eBPF technologies to enhance the performance and programmability of eBPF applications.

With wasm-bpf, users can dynamically load and securely execute user-defined or community-contributed Wasm-eBPF codes as plug-ins in their software products, such as observability platforms or service proxy. This enables efficient and scalable data collection, while also allowing for advanced processing and analysis of that data.

It also enables developers to write eBPF programs in familiar languages like C/C++, Rust, Go, and more than 30 other programming languages, and deploy them easily across different Linux distributions. Additionally, cloud providers can leverage wasm-bpf to offer a secure and high-performance environment for their customers to develop and deploy eBPF applications in their cloud environments.

🚀 Get started

📦 Install wasm-bpf

Run the following command to install the wasm-bpf CLI tool:

cargo install wasm-bpf 

Running a standalone Wasm-eBPF program

Running the runqlat example with docker:

$ wget https://eunomia-bpf.github.io/wasm-bpf/examples/runqlat/runqlat.wasm
$ docker run --rm -it --privileged -v $(pwd):/examples ghcr.io/eunomia-bpf/wasm-bpf:latest /examples/runqlat.wasm
Tracing run queue latency... Hit Ctrl-C to end.

     usecs               : count    distribution
         0 -> 1          : 72       |*****************************           |
         2 -> 3          : 93       |*************************************   |
         4 -> 7          : 98       |****************************************|
         8 -> 15         : 96       |*************************************** |
        16 -> 31         : 38       |***************                         |
        32 -> 63         : 4        |*                                       |
        64 -> 127        : 5        |**                                      |
       128 -> 255        : 6        |**                                      |
       256 -> 511        : 0        |                                        |
       512 -> 1023       : 0        |                                        |
      1024 -> 2047       : 0        |                                        |
      2048 -> 4095       : 1        |                                        |

For more tools to distribute and deploy Wasm-eBPF programs for usecases from Observability, Networking to Security, please refer to eunomia-bpf repo.

Embed a Wasm-eBPF function in your program

Add the following line to your Cargo.toml to use Wasm-bpf as a library:

wasm-bpf-rs = "0.2.2"

See the main.rs for an example of how to use the wasm-bpf-rs library.

Features

  • General purpose: provide most abilities from eBPF to Wasm, polling from the ring buffer or perf buffer, bidirectional communications between kernel eBPF and userspace Wasm using maps, dynamically loading, attaching or detaching, etc. Supports a large number of eBPF program types and map types.
  • High performance: No serialization overhead for complex data types, using shared memory to avoid copy overhead between host and Wasm.
  • Easy to use: provide a similar developing experience as the libbpf-bootstrap, auto generate the Wasm-eBPF skeleton headers and type definitions for bindings. Write your eBPF programs in C/C++, Rust, Go and compile to Wasm.
  • Ultralightweight: the miminal runtime has only 1.5 MB in binary size. Compiled Wasm module would be only ~90K. With the same toolchain, you can easily build your own Wasm-eBPF runtime in any languages and platforms!

See the examples directory for examples of eBPF programs written in C, Rust, Go and compiled to Wasm, covering the use cases from tracing, networking to security.

For tools to distribute Wasm-eBPF programs in OCI images, please refer to eunomia-bpf repo.

Examples

See the examples directory for examples of eBPF programs written in C, Rust, Go and compiled to WASM.

tracing examples

security example

  • lsm and go-lsm: check the permission to remove a directory

networking example

  • sockfilter: monitoring packet and dealing with __sk_buff.
  • sockops: Add the pid int tcp option in syn packet.

How it works

An eBPF application typically consists of two parts: the user space part and the kernel space part. With wasm-bpf, the user space part is executed in a WebAssembly (Wasm) sandbox while the kernel space part is executed in the eBPF runtime in the Linux kernel. This separation of concerns allows for greater flexibility and security in developing and running eBPF programs, as well as the ability to leverage the benefits of both Wasm and eBPF.

The wasm-bpf runtime require two parts: the host side(Outside the Wasm runtime) and the Wasm guest side(Inside the Wasm runtime).

  • host side: A simple runtime implementation example
    • see runtime/cpp, which would be a sample runtime in C++ built on the top of libbpf and WAMR. Another more complex runtime implement in Rust is runtime/wasm-bpf-rs, based on Wasmtime.
    • You can easily build your own Wasm-eBPF runtime in any languages, any eBPF libraries and any Wasm runtimes with the same System interface.
  • wasm side: toolchains and libraries
    • a libbpf-wasm header only library to provide libbpf APIs for Wasm guest C/C++ code.
    • a bpftool tool to generate the Wasm-eBPF skeleton headers, and C struct definitions for passing data between the host and Wasm guest without serialization.
    • Rust, Go and other language support is similar to the C/C++ support.

For details compile process, please refer to the examples/bootstrap/README.md. The figure below shows the overall interaction between the eBPF and Wasm runtimes:

wasi-bpf

A Wasm module could load and control multiple eBPF programs at the same time, and can call another Wasm module written in other languages to process the data or control with the component model.

We have proposed a new WASI issue wasi-bpf.

Build the runtime

We have two types of runtime samples:

  • A C/C++ runtime example, which is a minimal runtime based on WAMR. see runtime/cpp for more details.
  • A Rust runtime example, which is a more complex runtime based on Wasmtime. see runtime/wasm-bpf-rs for more details.

The runtime can be built as a library or a standalone executable. see docs/build.md to build the runtimes.

Use Nix

This project has nix flake and direnv support. See:

LICENSE

MIT LICENSE

🔗 Links

More Repositories

1

bpf-developer-tutorial

Learn eBPF by examples | eBPF 开发者教程与知识库:通过小工具和示例一步步学习 eBPF,包含性能、网络、安全等多种应用场景
C
597
star
2

eunomia-bpf

Build, Distribute and Run CO-RE eBPF programs easier with JSON and Webassembly OCI images
Rust
281
star
3

GPTtrace

Generate eBPF programs and tracing with ChatGPT and natural language
Python
152
star
4

awesome-ebpf-zh

与 eBPF 相关的精选项目的中文清单
14
star
5

GPTtrace-web

Generate bpftrace eBPF programs online with GPT or LLM
TypeScript
13
star
6

chatrepo

A Github App to chat with Your GitHub Repo's Issues Using ChatGPT
JavaScript
11
star
7

func-call-for-command

Generate GPT function call API from command-line help info
Python
10
star
8

ebpf-knowledge-base

An ebpf knowledge base, based on llama_index and bpf-developer-tutorial
Rust
8
star
9

eunomia-cc

Compile and Run eBPF with WASM (Development move to https://github.com/eunomia-bpf/eunomia-bpf)
Rust
7
star
10

eunomia-exporter

A simple OpenTelemetry collector for custom eBPF metrics with Wasm
Rust
7
star
11

btf2wit

Convert BTF types to wit format
Rust
7
star
12

linux-trace-ai-agent

An experiment AI agent for automatic monitoring of system performance.
Python
6
star
13

ebpm

an eBPF package manager demo (see LMP project)
C
5
star
14

c-struct-bindgen

Generate C structs serialization-free bindings and marshal / unmarshal functions for JSON (Can be used for pass structs between Wasm and eBPF/host)
C++
5
star
15

docsgpt-backend

Python
4
star
16

eunomia-bpf.github.io

documents
4
star
17

eunomia-template

Compile eBPF program with GitHub Actions and Run locally in one line!
C
4
star
18

Clickhouse-Uring

C
4
star
19

libbpf-rs-starter-template

Template designed to get new developers with libbpf-rs development.
C
4
star
20

wasm-bpf-rs

A WebAssembly eBPF runtime based on wasmtime in rust
Rust
3
star
21

add-table-export

A tool to add an export of the table defined in the wasm module
Rust
3
star
22

code-survey

Do we really know how system works? Let’s do code-survey with AI
Python
3
star
23

eunomia.dev

The eunomia-bpf homepage
HTML
2
star
24

ai-func-call-gen

TypeScript
2
star
25

c-rust-component-test

Demonstration on linking components written in different languages together
Rust
2
star
26

Nginx-eBPF-module

Use userspace eBPF runtime as nginx plugin
C
2
star
27

libbpf-starter-template

Template designed to get new developers with libbpf development.
C
2
star
28

wasmtime-test

Rust
1
star
29

inline-hook-demo

A simple example of how to implement an Inline Hook
C
1
star
30

ebpf-wasm-go-sdk

1
star
31

.github

project template
1
star
32

cilium-ebpf-starter-template

Template designed to get new developers with cilium-ebpf development.
C
1
star
33

ebpf-wasm-rust-sdk

1
star
34

ebpf-wasm-cpp-sdk

C
1
star
35

eunomia-repo-frondend

the frontend website of eBPF hub programs
Ruby
1
star
36

ChatGPT-plugin-bpf

ChatGPT-plugin-eBPF
Python
1
star