Rex is a safe kernel extension framework that allows Rust in the place of eBPF
4 months ago
- #Rust
- #kernel
- #eBPF
- Rex is a kernel extension framework that allows loading and executing Rust kernel extensions in place of eBPF.
- Unlike eBPF, Rex programs are implemented in safe Rust, avoiding the need for in-kernel verifier checks and complexity constraints.
- Rex supports 5 eBPF program types: kprobe, perf_event, tracepoint, xdp, and tc.
- Features include invocation of eBPF helper functions, interaction with eBPF maps, and RAII-style resource management.
- Rex provides kernel stack and termination safety, along with bindings for common kernel data types.
- Example provided: a kprobe program that injects errors into system calls based on process ID.
- Rex addresses eBPF usability issues by leveraging Rust's safety guarantees, allowing more freedom in implementation.
- Demonstrated with the BPF Memcached Cache (BMC) example, showing simpler and more intuitive code in Rex compared to eBPF.
- Rex is licensed under GPLv2, with submodules under their respective licenses.