patches and low-level development discussion
 help / color / mirror / code / Atom feed
From: Yureka Lilian <yureka@cyberchaos.dev>
To: devel@spectrum-os.org
Cc: Yureka Lilian <yureka@cyberchaos.dev>
Subject: [DO_NOT_APPLY 0/2] xdp-forwarder
Date: Sun, 24 Aug 2025 00:21:30 +0200	[thread overview]
Message-ID: <20250823222134.1772413-1-yureka@cyberchaos.dev> (raw)

Hi all,

Since this worsens the networking situation unless combined with the
userspace Router (which is to-be-done), I am formally sending this out
for comments without expecting it to be applied for now.

The net-vm's purpose is running the Linux drivers for any physical
interfaces on the spectrum system.

A net-vm (there could be multiple, one per IOMMU-group) will load the
included XDP programs on the passed-through physical interfaces as well
as the downstream virtio interface going into the router (recognized by
its special MAC address) using mdev events.

The net-vm needs to multiplex between the physical interfaces, as there
might be several interfaces in the same IOMMU-group.

For this, the XDP program loaded on the physical interfaces applies a
VLAN tag corresponding to the interface id, and redirects the packets to
the router interface (identified by the router_iface bpf map).
In the other direction the XDP program loaded on the router interface
removes one layer of VLAN tagging, and redirects the packets to the
interface read from the VLAN tag.

I have verified that when running a wpa_supplicant / iwd in the
interface, a WiFi interface can correctly function as a physical
interface with the XDP forwarder, assuming that the router sends
packets with the correct source MAC address.


Yureka Lilian (2):
  integrate xdp-forwarder into net-vm
  temporary changes for testing

 lib/nixpkgs.default.nix                       |   4 +-
 vm/sys/net/Makefile                           |   8 +-
 vm/sys/net/default.nix                        |  38 +++++--
 vm/sys/net/etc/fstab                          |   1 +
 vm/sys/net/etc/mdev/iface                     |  23 +---
 vm/sys/net/etc/nftables.conf                  |   8 --
 vm/sys/net/etc/s6-rc/connman/dependencies     |   4 -
 vm/sys/net/etc/s6-rc/connman/type             |   1 -
 vm/sys/net/etc/s6-rc/connman/type.license     |   2 -
 vm/sys/net/etc/s6-rc/nftables/type            |   1 -
 vm/sys/net/etc/s6-rc/nftables/type.license    |   2 -
 vm/sys/net/etc/s6-rc/nftables/up              |   6 -
 vm/sys/net/xdp-forwarder/README.md            |   9 ++
 vm/sys/net/xdp-forwarder/default.nix          |  35 ++++++
 .../xdp-forwarder/include/parsing_helpers.h   |  38 +++++++
 .../xdp-forwarder/include/rewrite_helpers.h   | 103 ++++++++++++++++++
 vm/sys/net/xdp-forwarder/load_physical        |   4 +
 vm/sys/net/xdp-forwarder/load_router          |   6 +
 vm/sys/net/xdp-forwarder/prog_physical.c      |  28 +++++
 vm/sys/net/xdp-forwarder/prog_router.c        |  34 ++++++
 vm/sys/net/xdp-forwarder/set_router_iface.c   |  31 ++++++
 21 files changed, 325 insertions(+), 61 deletions(-)
 delete mode 100644 vm/sys/net/etc/nftables.conf
 delete mode 100644 vm/sys/net/etc/s6-rc/connman/dependencies
 delete mode 100644 vm/sys/net/etc/s6-rc/connman/type
 delete mode 100644 vm/sys/net/etc/s6-rc/connman/type.license
 delete mode 100644 vm/sys/net/etc/s6-rc/nftables/type
 delete mode 100644 vm/sys/net/etc/s6-rc/nftables/type.license
 delete mode 100644 vm/sys/net/etc/s6-rc/nftables/up
 create mode 100644 vm/sys/net/xdp-forwarder/README.md
 create mode 100644 vm/sys/net/xdp-forwarder/default.nix
 create mode 100644 vm/sys/net/xdp-forwarder/include/parsing_helpers.h
 create mode 100644 vm/sys/net/xdp-forwarder/include/rewrite_helpers.h
 create mode 100755 vm/sys/net/xdp-forwarder/load_physical
 create mode 100755 vm/sys/net/xdp-forwarder/load_router
 create mode 100644 vm/sys/net/xdp-forwarder/prog_physical.c
 create mode 100644 vm/sys/net/xdp-forwarder/prog_router.c
 create mode 100644 vm/sys/net/xdp-forwarder/set_router_iface.c

-- 
2.50.1


             reply	other threads:[~2025-08-23 22:22 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-08-23 22:21 Yureka Lilian [this message]
2025-08-23 22:21 ` [DO_NOT_APPLY 1/2] integrate xdp-forwarder into net-vm Yureka Lilian
2025-08-30 10:59   ` Alyssa Ross
2025-08-31 17:10     ` Alyssa Ross
2025-08-31 18:06       ` Yureka
2025-08-31 20:50     ` Yureka
2025-09-01 13:59       ` Alyssa Ross
2025-09-01 14:04         ` Yureka
2025-09-01 14:12           ` Alyssa Ross
2025-08-23 22:21 ` [DO_NOT_APPLY 2/2] temporary changes for testing Yureka Lilian

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20250823222134.1772413-1-yureka@cyberchaos.dev \
    --to=yureka@cyberchaos.dev \
    --cc=devel@spectrum-os.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
Code repositories for project(s) associated with this public inbox

	https://spectrum-os.org/git/crosvm
	https://spectrum-os.org/git/doc
	https://spectrum-os.org/git/mktuntap
	https://spectrum-os.org/git/nixpkgs
	https://spectrum-os.org/git/spectrum
	https://spectrum-os.org/git/ucspi-vsock
	https://spectrum-os.org/git/www

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).