From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from atuin.qyliss.net (localhost [IPv6:::1]) by atuin.qyliss.net (Postfix) with ESMTP id 11F1123A59; Sat, 27 Sep 2025 08:01:03 +0000 (UTC) Received: by atuin.qyliss.net (Postfix, from userid 993) id B719123A4D; Sat, 27 Sep 2025 08:01:00 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on atuin.qyliss.net X-Spam-Level: X-Spam-Status: No, score=-0.8 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DMARC_MISSING,RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H5, RCVD_IN_MSPIKE_WL,SPF_HELO_PASS autolearn=unavailable autolearn_force=no version=4.0.1 Received: from fout-a8-smtp.messagingengine.com (fout-a8-smtp.messagingengine.com [103.168.172.151]) by atuin.qyliss.net (Postfix) with ESMTPS id 6D33B23A4B for ; Sat, 27 Sep 2025 08:00:59 +0000 (UTC) Received: from phl-compute-03.internal (phl-compute-03.internal [10.202.2.43]) by mailfout.phl.internal (Postfix) with ESMTP id EAEDDEC013B; Sat, 27 Sep 2025 04:00:57 -0400 (EDT) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-03.internal (MEProxy); Sat, 27 Sep 2025 04:00:57 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alyssa.is; h=cc :cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:subject :subject:to:to; s=fm1; t=1758960057; x=1759046457; bh=vCujqI/Xva GB2irahMESC5pNnbBcpaL0d5enkXaaGfc=; b=fobVBk7YYiM2P5VoFhh+DtJBag aasNLhp1OFDgPI4+my0UwM67NoAjW302O8yCM2hrgnuIrT1VY0f3cB9jc0u9rSS0 jCAK6OUf+j2AFh9x3SoX3OhlsTORyI3YsO4MF4vzmAkU/NXmiaBMfnPCoZTiafmo Uk6fohnXRQY5dMDGTRs+oKCV3x+EzuQzHH0CxHvR8qnWSnKkyoZCjs9s7cHfPnIl p7hp2kEx1UNF++U76w+iWJmK5uwMxJNqDSOsZmii55WpCvDRimZ7vMuF/8dmO2kk UMzd9bAD6lFhXtoG4oM1k2mQiAvgGJcb50WiSkdL5OSiCvdNaIgYOtSXxW6w== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t= 1758960057; x=1759046457; bh=vCujqI/XvaGB2irahMESC5pNnbBcpaL0d5e nkXaaGfc=; b=A5ES3uYgB/AzE6ITZAcJx6925TXVHZgG9lKbifjASao3cM6vMOW 6QScXYwiKqROAii/1pxLapCr6GVFuy/SusHdLn/pO6FiHdG4a2q0wv3FoiUO63Dd kWk8Ic1AJgK5gnbUNqpVgRZI4Z+OBSqDZkY6EdOIkOVtAKmRWeNKBit08raJfPuR oW+jAXhz6wVQDeSkLslsN4noNh7b6GC1NO8AZnKs9GTcvfz+KDip6TBLICiPwIpy 5zF9ESXY6SgSldG48dGeZm5zcSCr8qoBIrXoaH03DXztW33OT7atMTZMltAjETd8 MYufsuTIEPyox97lz/immgwzKzhYrMs84QQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeffedrtdeggdejudejudcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpuffrtefokffrpgfnqfghnecuuegr ihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjug hrpefhvfevufgjfhffkfggtgesghdtreertddtjeenucfhrhhomheptehlhihsshgrucft ohhsshcuoehhihesrghlhihsshgrrdhisheqnecuggftrfgrthhtvghrnhepteehvedugf ejgfehhfeijeduleekleejgedvkeeuuefhhfegvdevfeetveegteeinecuvehluhhsthgv rhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhephhhisegrlhihshhsrgdrih hspdhnsggprhgtphhtthhopeefpdhmohguvgepshhmthhpohhuthdprhgtphhtthhopeih uhhrvghkrgestgihsggvrhgthhgrohhsrdguvghvpdhrtghpthhtohepuggvmhhiohgsvg hnohhurhesghhmrghilhdrtghomhdprhgtphhtthhopeguvghvvghlsehsphgvtghtrhhu mhdqohhsrdhorhhg X-ME-Proxy: Feedback-ID: i12284293:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sat, 27 Sep 2025 04:00:56 -0400 (EDT) Received: by mbp.qyliss.net (Postfix, from userid 1000) id CA92324D80A0; Sat, 27 Sep 2025 10:00:54 +0200 (CEST) From: Alyssa Ross To: Yureka Lilian Subject: Re: [PATCH v6 1/4] tools: add xdp-forwarder In-Reply-To: <20250924114300.100541-2-yureka@cyberchaos.dev> References: <20250924114300.100541-1-yureka@cyberchaos.dev> <20250924114300.100541-2-yureka@cyberchaos.dev> Date: Sat, 27 Sep 2025 10:00:53 +0200 Message-ID: <87wm5kb9ze.fsf@alyssa.is> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Message-ID-Hash: HRDKFDSSFGQXM4K6SRR4KOP62VQTGZGF X-Message-ID-Hash: HRDKFDSSFGQXM4K6SRR4KOP62VQTGZGF X-MailFrom: hi@alyssa.is X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-devel.spectrum-os.org-0; header-match-devel.spectrum-os.org-1; header-match-devel.spectrum-os.org-2; header-match-devel.spectrum-os.org-3; header-match-devel.spectrum-os.org-4; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Demi Marie Obenour , devel@spectrum-os.org X-Mailman-Version: 3.3.9 Precedence: list List-Id: Patches and low-level development discussion Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable A few more things I just found. Happy to just make the fixes myself when I apply the patch if you prefer =E2=80=94 just let me know what you th= ink. Yureka Lilian writes: > The xdp-forwarder's purpose is implementing the functionality needed > within the net-vm (a VM running the Linux drivers for any physical > interfaces on the spectrum system). > > In the future, the net-vm will load the included XDP programs on the > passed-through physical interfaces as well as the downstream virtio > interface going into the router (recognized by its special MAC address). > > The net-vm needs to multiplex between the physical interfaces, as there > might be several interfaces in the same IOMMU-group. > > For this, the XDP program loaded on the physical interfaces > (`prog_physical.o`) applies a VLAN tag corresponding to the interface id > and redirects the packets to the router interface (identified by the > `router_iface` bpf map). In the other direction the XDP program loaded on > the router interface (`prog_router.o`) removes one layer of VLAN tagging > and redirects the packets to the interface read from the VLAN tag. > > The helper program `set_router_iface` is used to update the `router_iface` > bpf map to point to the interface passed as argument to the program. > > Co-authored-by: Demi Marie Obenour > Signed-off-by: Yureka Lilian > Signed-off-by: Demi Marie Obenour > --- > pkgs/default.nix | 4 + > release/checks/pkg-tests.nix | 1 + > tools/default.nix | 21 +- tools/shell.nix should also set driverSupport =3D true so libbpf is available in the development shell. > tools/meson.build | 4 + > tools/meson_options.txt | 3 + > tools/xdp-forwarder/meson.build | 48 +++++ > tools/xdp-forwarder/parsing_helpers.h | 274 +++++++++++++++++++++++++ > tools/xdp-forwarder/prog_physical.c | 39 ++++ > tools/xdp-forwarder/prog_router.c | 42 ++++ > tools/xdp-forwarder/rewrite_helpers.h | 146 +++++++++++++ > tools/xdp-forwarder/set_router_iface.c | 30 +++ > 11 files changed, 608 insertions(+), 4 deletions(-) > create mode 100644 tools/xdp-forwarder/meson.build > create mode 100644 tools/xdp-forwarder/parsing_helpers.h > create mode 100644 tools/xdp-forwarder/prog_physical.c > create mode 100644 tools/xdp-forwarder/prog_router.c > create mode 100644 tools/xdp-forwarder/rewrite_helpers.h > create mode 100644 tools/xdp-forwarder/set_router_iface.c > diff --git a/tools/xdp-forwarder/meson.build b/tools/xdp-forwarder/meson.= build > new file mode 100644 > index 0000000..9b70ce3 > --- /dev/null > +++ b/tools/xdp-forwarder/meson.build > @@ -0,0 +1,48 @@ > +# SPDX-License-Identifier: EUPL-1.2+ > +# SPDX-FileCopyrightText: 2025 Yureka Lilian > +# SPDX-FileCopyrightText: 2025 Demi Marie Obenour > + > +libbpf =3D dependency('libbpf', version : '1.6.2') This is an exact version match, which means we'll have to change it every time libbpf updates in Nixpkgs. Do you know what a more appropriate version constraint would be? > + > +executable('set-router-iface', 'set_router_iface.c', > + dependencies : libbpf, > + install : true) > + > +clang =3D find_program('clang', native: true) > + > +bpf_o_cmd =3D [ > + clang.full_path(), > + '-fno-stack-protector', > + '-fno-strict-aliasing', > + '-fwrapv', '-fwrapv-pointer', > + '-Wall', > + '-Wextra', When I built in a Nix shell I got warnings from =2DWcompare-distinct-pointer-types and -Wsign-compare, coming from the vendored headers. Should I just silence those? (A quick look at the kernel suggests the distinct pointer type comparison is probably fine, but that the sign comparison issue should probably be fixed upstream.) > + '-O2', > + '-target', 'bpf', > + '-I', meson.current_source_dir() + '/include', > + '-g', > + '-c', > + '-o', '@OUTPUT@', > + '-MD', > + '-MP', > + '-MF', '@DEPFILE@', > + '--', > + '@INPUT@', > +] > + > +prog_router_o =3D custom_target( > + input : 'prog_router.c', > + output : 'prog_router.o', > + depfile : 'prog_router.o.dep', > + command : bpf_o_cmd, > + install: true, > + install_dir: 'lib/xdp') > + > +prog_physical_o =3D custom_target( > + input : 'prog_physical.c', > + output : 'prog_physical.o', > + depfile : 'prog_physical.o.dep', > + command : bpf_o_cmd, > + install: true, > + install_dir: 'lib/xdp') > + --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQRV/neXydHjZma5XLJbRZGEIw/wogUCaNeZtQAKCRBbRZGEIw/w oszPAQD9NZCXiQ6Vl8p10BiNhPXKV28BLrPJDVbKb+STBAR3KQEAwpFEli6f7+1t OwwQngd3tLDuev20jYq8Y0uOq5KeLAg= =Axcd -----END PGP SIGNATURE----- --=-=-=--