# High Velocity Kernel File Systems with Bento * Kernel File System Development is slow * High development and deployment velocity are critical to modern cloud systems * Linux kernel development and deployment are slow * File systems are particularly affected due to advances in storage hardware and new demands by cloud systems * Existing techniques aren't efficient * ![](https://2097630930-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MVORxAomcgtzVVUqmws%2Fuploads%2FGhePIouz2sbEgrVnNZPn%2Fimage.png?alt=media\&token=d7e4f066-2edb-461a-afa6-a1757b8e75f1) * eBPF: in-kernel VM that runs user-provided program at pre-specified points, but quite restricted * Goals * High performance: has low performance overhead * Safety: prevention of bugs in the file system * General programmability: supports a wide variety of potential file systems * Compatibility: works with Linux and existing Linux binaries * Live Upgrade: can redeploy file systems without service downtime * User-level debugging: file system can be debugged easily with a variety of tools * Open Source * Bento * File systems are implemented in safe Rust * Imposes little overhead and supports most designs * How can we integrate a safe Rust system in the kernel? * How can we dynamically replace the file system? * How can we support user-level execution? ![](https://2097630930-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MVORxAomcgtzVVUqmws%2Fuploads%2FETNSfJd1v6iL0keVoyvg%2Fimage.png?alt=media\&token=b2e028c4-9a4b-4e15-9450-5765ac973fdd) BentoFS * Standalone C kernel module that hooks into VFS * Maintains an active list of file systems * Translate VFS calls to FUSE low-level API * Forwards call to the correct FS FS module * Contains the file system and two Rust libraries: libBentoFS and libBentoKS libBentoFS * Between BentoFS and the file system * Converts unsafe C from BentoFS to safe Rust * Converts C types to Rust types * Converts pointers to references libBentoKS * Between the file system and the rest of the kernel * Provides access to efficient, well-tested kernel services * Provides safe abstractions around kernel services * Ensures correct ownership * Handles resource allocation and deallocation Live Upgrade * Live upgrade component in BentoFS * When an upgrade module is inserted * BentoFS stop calls to the file system * Old file system cleans up and returns state struct * New file system initializes using state and returns * BentoFS swaps pointers and allows calls to proceed Userspace Execution * Bento file system can be run in userspace without any changes to the code * Most interfaces provided by libBentoFS and libBentoKS are identical to existing userspace interfaces * File system can be compiled to run in userspace using a build flag Evaluation * Competitive performance? * How does live upgrade impact availability?