One of the Linux kernel features that have gained the most traction in the last
few years is probably (e)BPF. Originally, the "Berkeley Packet Filter" was
intended as a means of filtering network packets in kernel mode. However, BPF
quickly developed into a fully-featured VM used for all kinds of purposes. The
appeal of BPF is not hard to see: It allows you to load kernel mode code at
system runtime (similar to kernel modules) while keeping some degree of
sandboxing and fault tolerance afforded by the VM. It is much more difficult to
break your kernel with a BPF program than with a regular kernel module. One of
the most prominent current users of BPF is
sched_ext
, a framework for writing
scheduler implementations in BPF. This lets you easily tinker with your
scheduler and see results live and without the risk of breaking your kernel if
your implementation crashes.......