eBPF cgroup filters for data usage accounting on Android

*

One Line Summary

Describes current efforts to replace the out-of-tree Android xt_qtaguid kernel code with an upstream solution based on eBPF cgroup filters.

Abstract

The xt_qtaguid kernel code is the foundation of data usage accounting and per-app network policy on Android, but it consists of ~3000 lines of out-of-tree kernel code and is a maintenance, stability and performance burden. Work is underway to replace xt_qtaguid with a mixed kernel/userspace solution based on eBPF cgroup filters.

This talk will cover the basic design, the progress we’ve made so far (most of the kernel infrastructure is already in place), and the challenges faced by the design, such as the limited granularity of security policies and the fact that maps are not resizable.

Tags

networking, android ebpf

Presentation Materials

slides

Speakers

  • Photo

    Biography

    Lorenzo leads the Android core networking team, which maintains layer 3 and layer 4 networking on Android. He mostly focuses on userspace aspects, but has contributed kernel features and bug fixes as well.

  • Fengc

    Biography

    Software Engineer on Android kernel system team. Focus on android kernel networking tools.

    Chenbo has a Master degree from Vanderbilt University major in Computer Science. He earned a bachelor’s degree in 2014 from City University of Hong Kong major in Electronics Engineering