This work addresses the high CPU overhead and tail latency in traditional cloud network virtualization caused by multi-layer processing, as well as the inability of existing shared data paths to simultaneously support tenant-defined protocols and strong performance isolation. The authors propose a programmable shared network stack that enforces bounded fast-path contracts via restricted eBPF, while enabling joint compilation between tenant slow paths and infrastructure components. This approach achieves both full protocol customizability and strict performance isolation. Experimental results demonstrate that tenant-programmable TCP achieves a throughput of 9.2 Mreq/s—nearly matching hand-optimized TAS—and that joint compilation reduces programmability overhead from 23.9% to 3.8%. Under adversarial workloads, tail latency for victim tenants remains tightly bounded at 46 microseconds.

Conventional cloud network virtualization sends packets through multiple guest and host layers, inflating CPU cost and tail latency. Shared host datapaths collapse this layering into one optimized path across tenants, but existing shared stacks are fixed-function: tenants cannot specialize their protocols. eBPF is the natural vehicle for restoring programmability to a shared datapath, but today's extensions are hook-sized, and its verifier provides safety -- not performance isolation: one tenant's per-packet work can inflate every other tenant's tail latency. Chamelio is a programmable shared network stack that lets tenants implement full protocols through a bounded eBPF fast path and a tenant slow path, while approaching the performance and preserving the strong isolation of fixed shared stacks. It combines three ideas: a shared-stack architecture for tenant-defined protocols; joint optimisation of tenant handlers with provider infrastructure and co-resident tenants in the shared fast path; and a bounded fast path contract with runtime cycle accounting that keeps tenant programmability compatible with strong performance isolation. A tenant programmable TCP on Chamelio reaches 9.2 Mreq/s, matching the hand-tuned TAS stack; joint compilation shrinks the programmability tax from 23.9% to 3.8%; and under a scaling TCP adversary that drives uninstrumented stacks to 154 microseconds, Chamelio bounds victim tail latency at 46 microseconds.