Re: [PATCH v4 2/5] tools: add xdp-forwarder

23 Sep 2025

Yureka <yuka@yuka.dev> writes:
...
On 9/23/25 17:14, Alyssa Ross wrote:
...
Yureka Lilian <yureka@cyberchaos.dev> writes:
...
@@ -88,12 +94,15 @@ stdenv.mkDerivation (finalAttrs: {
    mesonFlags = [
      (lib.mesonBool "app" appSupport)
      (lib.mesonBool "host" hostSupport)
+    (lib.mesonBool "driver" driverSupport)
      "-Dhostfsrootdir=/run/virtiofs/virtiofs0"
      "-Dtests=false"
      "-Dunwind=false"
      "-Dwerror=true"
    ];
+  hardeningDisable = lib.optionals driverSupport [ "zerocallusedregs" ];
+
Could we instead do this in bpf_o_cmd, so it's not disabled for
userspace programs?
This environment variable works on the stdenv level, so it is difficult 
to mix it in from the meson recipe. Any way to do this would add NixOS 
specifics to the meson recipe and doesn't feel quite right.
The environment variable in stdenv just adds
-fzero-call-used-regs=used-gpr to the compiler flags, before the ones
given on the command line, so I was thinking we could just add
-fzero-call-used-regs=skip (the default) to bpf_o_cmd, to explicitly say
we don't want it for these compiler invocations.  It'll override the
option given by the compiler wrapper, and won't do anything Nix-specific
— it would be the right thing for other distros that change compiler
defaults as well, which I think is not that uncommon.
...
...
...

diff --git a/tools/xdp-forwarder/meson.build b/tools/xdp-forwarder/meson.build
new file mode 100644
index 0000000..e6d91ca
--- /dev/null
+++ b/tools/xdp-forwarder/meson.build
@@ -0,0 +1,48 @@
+# SPDX-License-Identifier: EUPL-1.2+
+# SPDX-FileCopyrightText: 2025 Yureka Lilian <yureka@cyberchaos.dev>
+# SPDX-FileCopyrightText: 2025 Demi Marie Obenour <demiobenour@gmail.com>
+
+libbpf = dependency('libbpf', version : '1.6.2')
+
+executable('set-router-iface', 'set_router_iface.c',
+  dependencies : libbpf,
+  install : true)
+
+clang = find_program('clang')
Should be native: true I think.
I can't find a parameter 'native' for find_program() in the meson docs. 
Can you explain why this option is needed? Is it to prevent passing two 
--target args when cross-compiling?
It's to prevent it trying to execute clang for the system you're
building for.  You'd use find_program(…, native: false) (the default) if
you wanted to embed the path to that program in your binary, for
example.

Documentation is here:
https://mesonbuild.com/Reference-manual_functions.html#find_program_native

    