Yureka Lilian <yureka@cyberchaos.dev> writes:
The xdp-forwarder's purpose is implementing the functionality needed within the net-vm (a VM running the Linux drivers for any physical interfaces on the spectrum system).
In the future, the net-vm will load the included XDP programs on the passed-through physical interfaces as well as the downstream virtio interface going into the router (recognized by its special MAC address).
The net-vm needs to multiplex between the physical interfaces, as there might be several interfaces in the same IOMMU-group.
For this, the XDP program loaded on the physical interfaces (`prog_physical.o`) applies a VLAN tag corresponding to the interface id and redirects the packets to the router interface (identified by the `router_iface` bpf map). In the other direction the XDP program loaded on the router interface (`prog_router.o`) removes one layer of VLAN tagging and redirects the packets to the interface read from the VLAN tag.
The helper program `set_router_iface` is used to update the `router_iface` bpf map to point to the interface passed as argument to the program.
Co-authored-by: Demi Marie Obenour <demiobenour@gmail.com> Signed-off-by: Yureka Lilian <yureka@cyberchaos.dev> --- pkgs/default.nix | 4 + release/checks/pkg-tests.nix | 1 + tools/default.nix | 15 +- tools/meson.build | 4 + tools/meson_options.txt | 3 + tools/xdp-forwarder/include/parsing_helpers.h | 274 ++++++++++++++++++ tools/xdp-forwarder/include/rewrite_helpers.h | 146 ++++++++++ tools/xdp-forwarder/meson.build | 48 +++ tools/xdp-forwarder/prog_physical.c | 39 +++ tools/xdp-forwarder/prog_router.c | 43 +++ tools/xdp-forwarder/set_router_iface.c | 30 ++ 11 files changed, 604 insertions(+), 3 deletions(-) create mode 100644 tools/xdp-forwarder/include/parsing_helpers.h create mode 100644 tools/xdp-forwarder/include/rewrite_helpers.h create mode 100644 tools/xdp-forwarder/meson.build create mode 100644 tools/xdp-forwarder/prog_physical.c create mode 100644 tools/xdp-forwarder/prog_router.c create mode 100644 tools/xdp-forwarder/set_router_iface.c
diff --git a/tools/default.nix b/tools/default.nix index 201afae..e92f453 100644 --- a/tools/default.nix +++ b/tools/default.nix @@ -1,13 +1,16 @@ # SPDX-License-Identifier: MIT # SPDX-FileCopyrightText: 2022-2025 Alyssa Ross <hi@alyssa.is> +# SPDX-FileCopyrightText: 2025 Yureka Lilian <yureka@cyberchaos.dev>
import ../lib/call-package.nix ( { src, lib, stdenv, fetchCrate, fetchurl, runCommand, buildPackages , meson, ninja, pkg-config, rustc , clang-tools, clippy , dbus +, clang_21, libbpf
Could you explain in a comment why we have the pin, so it's clear when it can be removed?
, appSupport ? true , hostSupport ? false +, driverSupport ? false }:
let @@ -70,15 +73,18 @@ stdenv.mkDerivation (finalAttrs: { ./lsvm ./start-vmm ./subprojects + ] ++ lib.optionals driverSupport [ + ./xdp-forwarder ])); }; sourceRoot = "source/tools";
depsBuildBuild = lib.optionals hostSupport [ buildPackages.stdenv.cc ]; nativeBuildInputs = [ meson ninja ] - ++ lib.optionals appSupport [ pkg-config ] - ++ lib.optionals hostSupport [ rustc ]; - buildInputs = lib.optionals appSupport [ dbus ]; + ++ lib.optionals (appSupport || driverSupport) [ pkg-config ] + ++ lib.optionals hostSupport [ rustc ] + ++ lib.optionals driverSupport [ clang_21 ]; + buildInputs = lib.optionals appSupport [ dbus ] ++ lib.optionals driverSupport [ libbpf ];
postPatch = lib.optionals hostSupport (lib.concatMapStringsSep "\n" (crate: '' mkdir -p subprojects/packagecache @@ -88,12 +94,15 @@ stdenv.mkDerivation (finalAttrs: { mesonFlags = [ (lib.mesonBool "app" appSupport) (lib.mesonBool "host" hostSupport) + (lib.mesonBool "driver" driverSupport) "-Dhostfsrootdir=/run/virtiofs/virtiofs0" "-Dtests=false" "-Dunwind=false" "-Dwerror=true" ];
+ hardeningDisable = lib.optionals driverSupport [ "zerocallusedregs" ]; +
Could we instead do this in bpf_o_cmd, so it's not disabled for userspace programs?
diff --git a/tools/xdp-forwarder/meson.build b/tools/xdp-forwarder/meson.build new file mode 100644 index 0000000..e6d91ca --- /dev/null +++ b/tools/xdp-forwarder/meson.build @@ -0,0 +1,48 @@ +# SPDX-License-Identifier: EUPL-1.2+ +# SPDX-FileCopyrightText: 2025 Yureka Lilian <yureka@cyberchaos.dev> +# SPDX-FileCopyrightText: 2025 Demi Marie Obenour <demiobenour@gmail.com> + +libbpf = dependency('libbpf', version : '1.6.2') + +executable('set-router-iface', 'set_router_iface.c', + dependencies : libbpf, + install : true) + +clang = find_program('clang')
Should be native: true I think.