I noticed a new addition to the Linux Kernel 3.0 which was called the “Berkeley Packet Filter Just in Time compiler”. This seemed intriguing to me though I admit to not knowing how to make use of it. The H Open link on the subject is as follows:
Kernel Log: Coming in 3.0 (Part 1) - Networking - The H Open Source: News and Features
Just in time
The netfilter code now includes a “Berkeley Packet Filter Just-in-Time Compiler” for x86-64 systems. It generates assembler code at rumtime that carries out some of the network packet filtering tasks set by sniffer tools such as Tcpdump. Disabled by default, the JIT compiler can be enabled by writing “1” into the /proc/sys/net/core/bpf_jit_enable file; when testing an earlier version of the compiler, its developer managed to measure savings of 50 nanoseconds per packet. Further background about this approach is available in an article on LWN.net.
So what I have done is to determine just how to activate this option. First, you can download the latest kernel 3.0.1 from here: http://www.kernel.org/pub/linux/kernel/v3.0/linux-3.0.1.tar.bz2
Next, you need to compile this kernel. You can use my bash script here: S.A.K.C. - SUSE Automated Kernel Compiler - Version 2.50 - Blogs - openSUSE Forums
While in the sakc script, you will be asked if you “Would you like to modify your Kernel configurations in a GUI?” you need to answer with a Y for Yes. This starts up the “make menuconfig” command. You then need to select the options:
- Networking Support (select and press enter)
- Networking Options (select and press enter)
- enable BPF Just In Time compiler (Page down to the third page and press the space bar on this option at the bottom)
- Save an Alternate Configuration File (press ESC twice to back up and press ESC twice again to back up one more time)
- Use the default configuration file name of .config
- Select <Exit> at the bottom to leave the menuconfig program.
http://thumbnails49.imagebam.com/14383/bf74b2143825412.jpg](ImageBam)
Once your kernel has been compiled and installed, reboot your PC to load the new kernel. Now, you need to enable the BPF_JIT in order for it to be used. I have created a script you can use for this purpose:
#!/bin/bash
#: Title : jit
#: Date Created: Mon Aug 1 17:57:06 CDT 2011
#: Last Edit : Thu Aug 4 20:40:06 CDT 2011
#: Author : James D. McDaniel
#: Version : 1.00
#: Description : Enable the BPF_JIT
#: Options : None
TITLE=" JIT - (Berkeley Packet Filter) Just In Time Compiler Settings"
#
# This is the folder and file name we are looking for. If this
# file is not present then BPF_JIT was not enabled in the kernel
#
FILE="/proc/sys/net/core/bpf_jit_enable"
#
# BPF_JIT can only be enabled by a root user
#
if $UID -ne 0 ]]; then
echo "Root User Permissions are required, Please Enter the ..."
echo
sudo $0
exit 0
fi
#
# Determine if the /proc/sys/net/core/bpf_jit_enable is present.
#
if ! -e $FILE ] ; then
echo
echo "The File $FILE not a Present - BPF_JIT does not appear to be enabled"
echo
exit 1
fi
#
# Main Program Starts here
#
while true ; do
tput clear
echo
echo " "$TITLE
echo
echo "---------------------------------------------------------------------------"
echo "This enables the Berkeley Packet Filter Just in Time compiler. Currently"
echo "supported on x86_64 architecture, bpf_jit provides a framework to speed"
echo "packet filtering, the one used by tcpdump/libpcap for example. It does"
echo "appear that you have enabled the BPF_JIT Kernel Module as required. Your"
echo "output command options to $FILE are as follows:"
echo "---------------------------------------------------------------------------"
echo " 0 - disable the JIT (default value)"
echo " 1 - enable the JIT"
echo " 2 - enable the JIT and ask the compiler to emit traces on kernel log."
echo "---------------------------------------------------------------------------"
echo
echo -n " Please enter the option number you wish to use (Q=Quit):"
read -n1 choice
#
# Execute commands 0,1 & 2
#
if $choice == [012] ]] ; then
echo
echo
#
# This is the actual command sent to the BPF_JIT
#
echo $choice > $FILE
error_code=$?
#
# Output the result of that BPF_JIT command
#
if $error_code -eq 0 ] ; then
echo "Your command: $choice was sent to $FILE as requested."
echo
exit 0
else
echo "Your command: $choice was folowed by the Error Code: $error_code, Sorry it did not work!"
echo
exit $error_code
fi
fi
#
# Execute command Q=quit if requested
#
if $choice == [Qq] ]] ; then
echo
echo
exit 0
fi
done
exit 0
# End Of Script
To use the new script, copy and past the text in the code block above into a text editor and save it into the ~/bin folder as the file jit (/home/yourname/bin/jit). Now, to make the script executable, open a terminal session and run the following command:
chmod +x ~/bin/jit
To use the script, open another terminal session and enter the command:
jit
You must enter the root user password and then you have three options, they are:
0 - disable the JIT (default value)
1 - enable the JIT
2 - enable the JIT and ask the compiler to emit traces on kernel log.
I ask that you please tell me if you are using the Berkeley Packet Filter Just in Time compiler and if you found any of this useful by chance.
Thank You,
Blogs: asroot : Bash : Packet Filter : C.F.U. : GPU’s : fewrup : F.S.M. : H.I. : nVIDIA : LNVHW : N.S.F. : S.A.K.C. : MMCHECK
S.A.S.I. : S.C.L.U. : S.G.T.B. : S.K.I.M. : S.L.A.V.E. : S.L.R.C. : S.T.A.R.T. : S.U.F.F. : SYSEdit : systemd : YaST Power