From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from atuin.qyliss.net (localhost [IPv6:::1]) by atuin.qyliss.net (Postfix) with ESMTP id 5602F17CD7; Thu, 25 Sep 2025 09:55:38 +0000 (UTC) Received: by atuin.qyliss.net (Postfix, from userid 993) id BAFFB17D04; Thu, 25 Sep 2025 09:55:35 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on atuin.qyliss.net X-Spam-Level: X-Spam-Status: No, score=-0.8 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DMARC_MISSING,RCVD_IN_DNSWL_LOW,SPF_HELO_PASS autolearn=unavailable autolearn_force=no version=4.0.1 Received: from fhigh-b8-smtp.messagingengine.com (fhigh-b8-smtp.messagingengine.com [202.12.124.159]) by atuin.qyliss.net (Postfix) with ESMTPS id 3F5CC17D01 for ; Thu, 25 Sep 2025 09:55:34 +0000 (UTC) Received: from phl-compute-04.internal (phl-compute-04.internal [10.202.2.44]) by mailfhigh.stl.internal (Postfix) with ESMTP id 31A407A0194; Thu, 25 Sep 2025 05:55:33 -0400 (EDT) Received: from phl-mailfrontend-02 ([10.202.2.163]) by phl-compute-04.internal (MEProxy); Thu, 25 Sep 2025 05:55:33 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alyssa.is; h=cc :cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:subject :subject:to:to; s=fm3; t=1758794133; x=1758880533; bh=tPmga9SyV2 SzB3B+pAk4LO3tBSv+bTpciFNdSSwqVGc=; b=aaXioElRQKRPemsBc9VOfYhur3 D1DX3LCyGUEzuTnLmoNhB41SCG3VG3k5hzdG4MCa0mntvfnmSasG3Pco0ds0XHsM IQteog0VQ+Gv2uBcSkY+Rvxy997H+hK+Vnudmn0m9vsIaSyhbkxw78nBXnhs4XrS PnlnO6IxAsyOBOdskxmFnEUCMI2k4VOktImG2XylEXhr4mG/+Eu3KReZdqi+AFnk FDkdhqzit5LmzaKqHy7Q8wlcK6yKOjsmrf0FtyUR90Ty6wLVPkirx31gcF8t0T1/ fcJH5jL47wWf8vHjwTlUSWdexptCIKtIa/4wO/VJAhLtcBNMNsxrACf9GeJQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t= 1758794133; x=1758880533; bh=tPmga9SyV2SzB3B+pAk4LO3tBSv+bTpciFN dSSwqVGc=; b=VzSQbPiZD8X5o50v13lZUTWgAzVjHnps+4r/C+FOBrslMwVFW5p G9/2Gn3iJfnlHSrH/tsN8sjkWRsJni3BABayaLYnvwACrk0TSZDW4exnXCgxVi0G bI8GqOJF0Xryfz8UtWMrcRLco0jySNdUPXZNv1IeQ9fHSo/+ZswFn1h/k2wsQZXG MxvOXgS1OwHZaYH//OAoCFM9W0N3CO+2aDOwszoDlPKoOTzndNwWC2AlPn1VKCBB NPWiwK+h9i6eiqUXnnOA8XrROEUGy1/im7yqefm6o+0iHwNGlIicZxDXDzZ/rzgt Lj4r5NXbjaQwP9RMUHVQVkBYigLfNGH37qA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeffedrtdeggdeiiedukecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpuffrtefokffrpgfnqfghnecuuegr ihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjug hrpefhvfevufgjfhffkfggtgesghdtreertddttdenucfhrhhomheptehlhihsshgrucft ohhsshcuoehhihesrghlhihsshgrrdhisheqnecuggftrfgrthhtvghrnhepiefhtdfgje ellefghffhgfetkefhteeuleeggeeljeetleekhfevgedtieffveejnecuffhomhgrihhn pehsthguvghnvhdrtggtnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrg hilhhfrhhomhephhhisegrlhihshhsrgdrihhspdhnsggprhgtphhtthhopeefpdhmohgu vgepshhmthhpohhuthdprhgtphhtthhopeihuhhrvghkrgestgihsggvrhgthhgrohhsrd guvghvpdhrtghpthhtohepuggvmhhiohgsvghnohhurhesghhmrghilhdrtghomhdprhgt phhtthhopeguvghvvghlsehsphgvtghtrhhumhdqohhsrdhorhhg X-ME-Proxy: Feedback-ID: i12284293:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 25 Sep 2025 05:55:32 -0400 (EDT) Received: by mbp.qyliss.net (Postfix, from userid 1000) id E7AEF24D2BBA; Thu, 25 Sep 2025 11:55:20 +0200 (CEST) From: Alyssa Ross To: Demi Marie Obenour Subject: Re: [PATCH v6 1/4] tools: add xdp-forwarder In-Reply-To: <20250924114300.100541-2-yureka@cyberchaos.dev> References: <20250924114300.100541-1-yureka@cyberchaos.dev> <20250924114300.100541-2-yureka@cyberchaos.dev> Date: Thu, 25 Sep 2025 11:55:19 +0200 Message-ID: <877bxmdfg8.fsf@alyssa.is> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Message-ID-Hash: RZCUB22MZEWGYOKVR2OX5DBFN6XSAUIR X-Message-ID-Hash: RZCUB22MZEWGYOKVR2OX5DBFN6XSAUIR X-MailFrom: hi@alyssa.is X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-devel.spectrum-os.org-0; header-match-devel.spectrum-os.org-1; header-match-devel.spectrum-os.org-2; header-match-devel.spectrum-os.org-3; header-match-devel.spectrum-os.org-4; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Yureka Lilian , devel@spectrum-os.org X-Mailman-Version: 3.3.9 Precedence: list List-Id: Patches and low-level development discussion Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Yureka Lilian writes: > The xdp-forwarder's purpose is implementing the functionality needed > within the net-vm (a VM running the Linux drivers for any physical > interfaces on the spectrum system). > > In the future, the net-vm will load the included XDP programs on the > passed-through physical interfaces as well as the downstream virtio > interface going into the router (recognized by its special MAC address). > > The net-vm needs to multiplex between the physical interfaces, as there > might be several interfaces in the same IOMMU-group. > > For this, the XDP program loaded on the physical interfaces > (`prog_physical.o`) applies a VLAN tag corresponding to the interface id > and redirects the packets to the router interface (identified by the > `router_iface` bpf map). In the other direction the XDP program loaded on > the router interface (`prog_router.o`) removes one layer of VLAN tagging > and redirects the packets to the interface read from the VLAN tag. > > The helper program `set_router_iface` is used to update the `router_iface` > bpf map to point to the interface passed as argument to the program. > > Co-authored-by: Demi Marie Obenour > Signed-off-by: Yureka Lilian > Signed-off-by: Demi Marie Obenour > --- > pkgs/default.nix | 4 + > release/checks/pkg-tests.nix | 1 + > tools/default.nix | 21 +- > tools/meson.build | 4 + > tools/meson_options.txt | 3 + > tools/xdp-forwarder/meson.build | 48 +++++ > tools/xdp-forwarder/parsing_helpers.h | 274 +++++++++++++++++++++++++ > tools/xdp-forwarder/prog_physical.c | 39 ++++ > tools/xdp-forwarder/prog_router.c | 42 ++++ > tools/xdp-forwarder/rewrite_helpers.h | 146 +++++++++++++ > tools/xdp-forwarder/set_router_iface.c | 30 +++ > 11 files changed, 608 insertions(+), 4 deletions(-) > create mode 100644 tools/xdp-forwarder/meson.build > create mode 100644 tools/xdp-forwarder/parsing_helpers.h > create mode 100644 tools/xdp-forwarder/prog_physical.c > create mode 100644 tools/xdp-forwarder/prog_router.c > create mode 100644 tools/xdp-forwarder/rewrite_helpers.h > create mode 100644 tools/xdp-forwarder/set_router_iface.c > > diff --git a/pkgs/default.nix b/pkgs/default.nix > index 2472218..df3cfdc 100644 > --- a/pkgs/default.nix > +++ b/pkgs/default.nix > @@ -42,6 +42,10 @@ let > appSupport =3D false; > hostSupport =3D true; > }; > + spectrum-driver-tools =3D self.callSpectrumPackage ../tools { > + appSupport =3D false; > + driverSupport =3D true; > + }; > xdg-desktop-portal-spectrum-host =3D > self.callSpectrumPackage ../tools/xdg-desktop-portal-spectrum-host= {}; >=20=20 > diff --git a/release/checks/pkg-tests.nix b/release/checks/pkg-tests.nix > index d7be42b..b1a048f 100644 > --- a/release/checks/pkg-tests.nix > +++ b/release/checks/pkg-tests.nix > @@ -14,5 +14,6 @@ import ../../lib/call-package.nix ( > tools =3D lib.recurseIntoAttrs (callSpectrumPackage ../../tools { > appSupport =3D true; > hostSupport =3D true; > + driverSupport =3D true; > }).tests; > }) (_: {}) > diff --git a/tools/default.nix b/tools/default.nix > index 201afae..0e43997 100644 > --- a/tools/default.nix > +++ b/tools/default.nix > @@ -1,13 +1,17 @@ > # SPDX-License-Identifier: MIT > # SPDX-FileCopyrightText: 2022-2025 Alyssa Ross > +# SPDX-FileCopyrightText: 2025 Yureka Lilian >=20=20 > import ../lib/call-package.nix ( > { src, lib, stdenv, fetchCrate, fetchurl, runCommand, buildPackages > , meson, ninja, pkg-config, rustc > , clang-tools, clippy > , dbus > +# clang 19 (current nixpkgs default) is too old to support -fwrapv-point= er > +, clang_21, libbpf > , appSupport ? true > , hostSupport ? false > +, driverSupport ? false > }: >=20=20 > let > @@ -70,15 +74,18 @@ stdenv.mkDerivation (finalAttrs: { > ./lsvm > ./start-vmm > ./subprojects > + ] ++ lib.optionals driverSupport [ > + ./xdp-forwarder > ])); > }; > sourceRoot =3D "source/tools"; >=20=20 > depsBuildBuild =3D lib.optionals hostSupport [ buildPackages.stdenv.cc= ]; > nativeBuildInputs =3D [ meson ninja ] > - ++ lib.optionals appSupport [ pkg-config ] > - ++ lib.optionals hostSupport [ rustc ]; > - buildInputs =3D lib.optionals appSupport [ dbus ]; > + ++ lib.optionals (appSupport || driverSupport) [ pkg-config ] > + ++ lib.optionals hostSupport [ rustc ] > + ++ lib.optionals driverSupport [ clang_21 ]; > + buildInputs =3D lib.optionals appSupport [ dbus ] ++ lib.optionals dri= verSupport [ libbpf ]; >=20=20 > postPatch =3D lib.optionals hostSupport (lib.concatMapStringsSep "\n" = (crate: '' > mkdir -p subprojects/packagecache > @@ -88,12 +95,16 @@ stdenv.mkDerivation (finalAttrs: { > mesonFlags =3D [ > (lib.mesonBool "app" appSupport) > (lib.mesonBool "host" hostSupport) > + (lib.mesonBool "driver" driverSupport) > "-Dhostfsrootdir=3D/run/virtiofs/virtiofs0" > "-Dtests=3Dfalse" > "-Dunwind=3Dfalse" > "-Dwerror=3Dtrue" > ]; >=20=20 > + # Not supported for target bpf > + hardeningDisable =3D lib.optionals driverSupport [ "zerocallusedregs" = ]; > + > passthru.tests =3D { > clang-tidy =3D finalAttrs.finalPackage.overrideAttrs ( > { name, src, nativeBuildInputs ? [], ... }: > @@ -105,7 +116,9 @@ stdenv.mkDerivation (finalAttrs: { > fileset =3D lib.fileset.union (lib.fileset.fromSource src) ../= .clang-tidy; > }; >=20=20 > - nativeBuildInputs =3D nativeBuildInputs ++ [ clang-tools ]; > + # clang-tools needs to be before clang, otherwise it will not use > + # the Nix include path correctly and fail to find headers > + nativeBuildInputs =3D [ clang-tools ] ++ nativeBuildInputs; >=20=20 > buildPhase =3D '' > clang-tidy --warnings-as-errors=3D'*' ../**/*.c > diff --git a/tools/meson.build b/tools/meson.build > index e8b0cf2..059baeb 100644 > --- a/tools/meson.build > +++ b/tools/meson.build > @@ -26,3 +26,7 @@ endif > if get_option('app') > subdir('xdg-desktop-portal-spectrum') > endif > + > +if get_option('driver') > + subdir('xdp-forwarder') > +endif > diff --git a/tools/meson_options.txt b/tools/meson_options.txt > index fb520ae..7b46739 100644 > --- a/tools/meson_options.txt > +++ b/tools/meson_options.txt > @@ -7,6 +7,9 @@ option('host', type : 'boolean', value : false, > option('app', type : 'boolean', > description : 'Build tools for Spectrum app VMs') >=20=20 > +option('driver', type : 'boolean', value : false, > + description : 'Build tools for Spectrum driver VMs') > + > option('hostfsrootdir', type : 'string', value : '/run/host', > description : 'Path where the virtio-fs provided by the host will be m= ounted') >=20=20 > diff --git a/tools/xdp-forwarder/meson.build b/tools/xdp-forwarder/meson.= build > new file mode 100644 > index 0000000..9b70ce3 > --- /dev/null > +++ b/tools/xdp-forwarder/meson.build > @@ -0,0 +1,48 @@ > +# SPDX-License-Identifier: EUPL-1.2+ > +# SPDX-FileCopyrightText: 2025 Yureka Lilian > +# SPDX-FileCopyrightText: 2025 Demi Marie Obenour > + > +libbpf =3D dependency('libbpf', version : '1.6.2') > + > +executable('set-router-iface', 'set_router_iface.c', > + dependencies : libbpf, > + install : true) > + > +clang =3D find_program('clang', native: true) > + > +bpf_o_cmd =3D [ > + clang.full_path(), > + '-fno-stack-protector', > + '-fno-strict-aliasing', > + '-fwrapv', '-fwrapv-pointer', > + '-Wall', > + '-Wextra', > + '-O2', > + '-target', 'bpf', > + '-I', meson.current_source_dir() + '/include', > + '-g', > + '-c', > + '-o', '@OUTPUT@', > + '-MD', > + '-MP', > + '-MF', '@DEPFILE@', Demi: you suggested these arguments, but the Meson default is =2DMD -MQ $out -MF $DEPFILE, as far as I can tell. Why the difference? > + '--', > + '@INPUT@', > +] > + > +prog_router_o =3D custom_target( > + input : 'prog_router.c', > + output : 'prog_router.o', > + depfile : 'prog_router.o.dep', > + command : bpf_o_cmd, > + install: true, > + install_dir: 'lib/xdp') > + > +prog_physical_o =3D custom_target( > + input : 'prog_physical.c', > + output : 'prog_physical.o', > + depfile : 'prog_physical.o.dep', > + command : bpf_o_cmd, > + install: true, > + install_dir: 'lib/xdp') > + --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQRV/neXydHjZma5XLJbRZGEIw/wogUCaNURhwAKCRBbRZGEIw/w oi/eAQDqa3X8XRbbxXh4s2U7niVe5GA4lgRJl5z+eWSUrKI1awEA3GU3PM5ULzCs QGZWiGQoQKlAADXZYjZqzclcw+84uQk= =DDg+ -----END PGP SIGNATURE----- --=-=-=--