diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2023-03-10 22:36:47 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2023-03-10 22:36:47 +0100 |
commit | 5d45ddbfaa44d29eb6077153248806d73ceabde9 (patch) | |
tree | f6563406cdd540062a0ece5c4c540d0a9cf5572f | |
parent | c2fbcde4449ffaf798f9ba4f742b942d33a1c1c8 (diff) | |
download | nixos-5d45ddbfaa44d29eb6077153248806d73ceabde9.tar nixos-5d45ddbfaa44d29eb6077153248806d73ceabde9.tar.gz nixos-5d45ddbfaa44d29eb6077153248806d73ceabde9.tar.bz2 nixos-5d45ddbfaa44d29eb6077153248806d73ceabde9.tar.xz nixos-5d45ddbfaa44d29eb6077153248806d73ceabde9.zip |
surtr: bifrost dscp
-rw-r--r-- | _sources/generated.json | 20 | ||||
-rw-r--r-- | _sources/generated.nix | 12 | ||||
-rw-r--r-- | hosts/surtr/bifrost/default.nix | 14 | ||||
-rw-r--r-- | hosts/surtr/borg.nix | 2 | ||||
-rw-r--r-- | nvfetcher.toml | 7 | ||||
-rw-r--r-- | overlays/preserve-dscp/default.nix | 36 | ||||
-rw-r--r-- | overlays/preserve-dscp/kern_env.patch | 24 | ||||
-rw-r--r-- | overlays/preserve-dscp/kern_sec_classifier.patch | 22 |
8 files changed, 135 insertions, 2 deletions
diff --git a/_sources/generated.json b/_sources/generated.json index bf649edd..3419a35d 100644 --- a/_sources/generated.json +++ b/_sources/generated.json | |||
@@ -19,6 +19,26 @@ | |||
19 | }, | 19 | }, |
20 | "version": "8ef9a5b73e5d1063cf912c70027c655fb19d1109" | 20 | "version": "8ef9a5b73e5d1063cf912c70027c655fb19d1109" |
21 | }, | 21 | }, |
22 | "bpf-examples": { | ||
23 | "cargoLocks": null, | ||
24 | "date": "2023-02-03", | ||
25 | "extract": null, | ||
26 | "name": "bpf-examples", | ||
27 | "passthru": null, | ||
28 | "pinned": false, | ||
29 | "src": { | ||
30 | "deepClone": false, | ||
31 | "fetchSubmodules": true, | ||
32 | "leaveDotGit": false, | ||
33 | "name": null, | ||
34 | "owner": "xdp-project", | ||
35 | "repo": "bpf-examples", | ||
36 | "rev": "f27b9881bf04493a5d0a32d0f56f2b88d72ba63f", | ||
37 | "sha256": "sha256-Ikwgds8Nd+rKMP6ckECChpPgIIBgfhuaUug4uJKDX8U=", | ||
38 | "type": "github" | ||
39 | }, | ||
40 | "version": "f27b9881bf04493a5d0a32d0f56f2b88d72ba63f" | ||
41 | }, | ||
22 | "emacs-scratch_el": { | 42 | "emacs-scratch_el": { |
23 | "cargoLocks": null, | 43 | "cargoLocks": null, |
24 | "date": "2015-09-10", | 44 | "date": "2015-09-10", |
diff --git a/_sources/generated.nix b/_sources/generated.nix index 175e3854..23906a49 100644 --- a/_sources/generated.nix +++ b/_sources/generated.nix | |||
@@ -15,6 +15,18 @@ | |||
15 | }); | 15 | }); |
16 | date = "2021-05-30"; | 16 | date = "2021-05-30"; |
17 | }; | 17 | }; |
18 | bpf-examples = { | ||
19 | pname = "bpf-examples"; | ||
20 | version = "f27b9881bf04493a5d0a32d0f56f2b88d72ba63f"; | ||
21 | src = fetchFromGitHub ({ | ||
22 | owner = "xdp-project"; | ||
23 | repo = "bpf-examples"; | ||
24 | rev = "f27b9881bf04493a5d0a32d0f56f2b88d72ba63f"; | ||
25 | fetchSubmodules = true; | ||
26 | sha256 = "sha256-Ikwgds8Nd+rKMP6ckECChpPgIIBgfhuaUug4uJKDX8U="; | ||
27 | }); | ||
28 | date = "2023-02-03"; | ||
29 | }; | ||
18 | emacs-scratch_el = { | 30 | emacs-scratch_el = { |
19 | pname = "emacs-scratch_el"; | 31 | pname = "emacs-scratch_el"; |
20 | version = "0077334cc299aa7885f804d88f52cdb1b35caf71"; | 32 | version = "0077334cc299aa7885f804d88f52cdb1b35caf71"; |
diff --git a/hosts/surtr/bifrost/default.nix b/hosts/surtr/bifrost/default.nix index bdedf5b6..ccf0c959 100644 --- a/hosts/surtr/bifrost/default.nix +++ b/hosts/surtr/bifrost/default.nix | |||
@@ -1,4 +1,4 @@ | |||
1 | { config, lib, ... }: | 1 | { config, lib, pkgs, ... }: |
2 | 2 | ||
3 | with lib; | 3 | with lib; |
4 | 4 | ||
@@ -56,5 +56,17 @@ in { | |||
56 | format = "binary"; | 56 | format = "binary"; |
57 | sopsFile = ./surtr.priv; | 57 | sopsFile = ./surtr.priv; |
58 | }; | 58 | }; |
59 | |||
60 | systemd.services."bifrost-dscp" = { | ||
61 | wantedBy = ["sys-subsystem-net-devices-bifrost.device"]; | ||
62 | after = ["sys-subsystem-net-devices-bifrost.device"]; | ||
63 | bindsTo = ["sys-subsystem-net-devices-bifrost.device"]; | ||
64 | |||
65 | serviceConfig = { | ||
66 | Type = "oneshot"; | ||
67 | ExecStart = "${pkgs.preserve-dscp}/bin/preserve-dscp bifrost ens3"; | ||
68 | ExecStop = "${pkgs.preserve-dscp}/bin/preserve-dscp bifrost ens3 --unload"; | ||
69 | }; | ||
70 | }; | ||
59 | }; | 71 | }; |
60 | } | 72 | } |
diff --git a/hosts/surtr/borg.nix b/hosts/surtr/borg.nix index b9fe53d7..ad4e5694 100644 --- a/hosts/surtr/borg.nix +++ b/hosts/surtr/borg.nix | |||
@@ -29,6 +29,8 @@ with lib; | |||
29 | BatchMode yes | 29 | BatchMode yes |
30 | ServerAliveInterval 10 | 30 | ServerAliveInterval 10 |
31 | ServerAliveCountMax 30 | 31 | ServerAliveCountMax 30 |
32 | |||
33 | IPQoS cs1 | ||
32 | ''; | 34 | ''; |
33 | }; | 35 | }; |
34 | 36 | ||
diff --git a/nvfetcher.toml b/nvfetcher.toml index 5e075ae4..54a3292d 100644 --- a/nvfetcher.toml +++ b/nvfetcher.toml | |||
@@ -77,4 +77,9 @@ fetch.github = "etesync/etebase-py" | |||
77 | [prometheus-lvm-exporter] | 77 | [prometheus-lvm-exporter] |
78 | src.github = "hansmi/prometheus-lvm-exporter" | 78 | src.github = "hansmi/prometheus-lvm-exporter" |
79 | src.prefix = "v" | 79 | src.prefix = "v" |
80 | fetch.url = "https://github.com/hansmi/prometheus-lvm-exporter/archive/refs/tags/v$ver.tar.gz" \ No newline at end of file | 80 | fetch.url = "https://github.com/hansmi/prometheus-lvm-exporter/archive/refs/tags/v$ver.tar.gz" |
81 | |||
82 | [bpf-examples] | ||
83 | src.git = "https://github.com/xdp-project/bpf-examples" | ||
84 | fetch.github = "xdp-project/bpf-examples" | ||
85 | git.fetchSubmodules = true \ No newline at end of file | ||
diff --git a/overlays/preserve-dscp/default.nix b/overlays/preserve-dscp/default.nix new file mode 100644 index 00000000..7f956a12 --- /dev/null +++ b/overlays/preserve-dscp/default.nix | |||
@@ -0,0 +1,36 @@ | |||
1 | { final, prev, sources, ... }: | ||
2 | { | ||
3 | preserve-dscp = prev.stdenv.mkDerivation rec { | ||
4 | pname = "preserve-dscp"; | ||
5 | inherit (sources.bpf-examples) version src; | ||
6 | |||
7 | patches = [ ./kern_env.patch ./kern_sec_classifier.patch ]; | ||
8 | |||
9 | makeFlags = [ "PREFIX=$(out)" ]; | ||
10 | buildFlags = [ "preserve-dscp" ]; | ||
11 | |||
12 | CPATH = prev.lib.makeSearchPathOutput "dev" "include" (buildInputs ++ nativeBuildInputs); | ||
13 | BPF_CFLAGS = "-Wno-unused-command-line-argument -fno-stack-protector"; | ||
14 | |||
15 | outputs = [ "out" "lib" ]; | ||
16 | |||
17 | buildInputs = with final; [ elfutils libpcap zlib ]; | ||
18 | nativeBuildInputs = with final; [ llvmPackages.clang llvmPackages.llvm pkgconfig bpftool libmnl gnum4 glibc_multi makeWrapper ]; | ||
19 | |||
20 | installPhase = '' | ||
21 | mkdir -p $lib/lib/bpf | ||
22 | install -t $lib/lib/bpf \ | ||
23 | preserve-dscp/preserve_dscp_kern.o | ||
24 | |||
25 | mkdir -p $out/bin | ||
26 | install -m 555 -t $out/bin \ | ||
27 | preserve-dscp/preserve-dscp | ||
28 | wrapProgram $out/bin/preserve-dscp \ | ||
29 | --set-default PRESERVE_DSCP_KERN $lib/lib/bpf/preserve_dscp_kern.o | ||
30 | ''; | ||
31 | |||
32 | dontFixup = true; | ||
33 | |||
34 | meta.mainProgram = "preserve-dscp"; | ||
35 | }; | ||
36 | } | ||
diff --git a/overlays/preserve-dscp/kern_env.patch b/overlays/preserve-dscp/kern_env.patch new file mode 100644 index 00000000..7fe57b19 --- /dev/null +++ b/overlays/preserve-dscp/kern_env.patch | |||
@@ -0,0 +1,24 @@ | |||
1 | diff --git a/preserve-dscp/preserve-dscp.c b/preserve-dscp/preserve-dscp.c | ||
2 | index 8c66186..5916fc5 100644 | ||
3 | --- a/preserve-dscp/preserve-dscp.c | ||
4 | +++ b/preserve-dscp/preserve-dscp.c | ||
5 | @@ -13,7 +13,7 @@ | ||
6 | |||
7 | int main(int argc, char *argv[]) | ||
8 | { | ||
9 | - const char *filename = "preserve_dscp_kern.o"; | ||
10 | + char *filename = 0; | ||
11 | char *ifname_pre, *ifname_post; | ||
12 | int ifindex_pre, ifindex_post; | ||
13 | struct bpf_map *map = NULL; | ||
14 | @@ -26,6 +26,10 @@ int main(int argc, char *argv[]) | ||
15 | DECLARE_LIBBPF_OPTS(bpf_tc_opts, attach_post); | ||
16 | |||
17 | |||
18 | + if (!(filename = getenv("PRESERVE_DSCP_KERN"))) | ||
19 | + filename = "preserve_dscp_kern.o"; | ||
20 | + | ||
21 | + | ||
22 | if (argc < 3) { | ||
23 | fprintf(stderr, "Usage: %s <if pre> <if post> [--unload]\n", argv[0]); | ||
24 | return 1; | ||
diff --git a/overlays/preserve-dscp/kern_sec_classifier.patch b/overlays/preserve-dscp/kern_sec_classifier.patch new file mode 100644 index 00000000..465b36f6 --- /dev/null +++ b/overlays/preserve-dscp/kern_sec_classifier.patch | |||
@@ -0,0 +1,22 @@ | |||
1 | diff --git a/preserve-dscp/preserve_dscp_kern.c b/preserve-dscp/preserve_dscp_kern.c | ||
2 | index 24120cb..b070733 100644 | ||
3 | --- a/preserve-dscp/preserve_dscp_kern.c | ||
4 | +++ b/preserve-dscp/preserve_dscp_kern.c | ||
5 | @@ -91,7 +91,7 @@ static void set_dscp(struct __sk_buff *skb, __u8 dscp) | ||
6 | ipv6_change_dsfield(ipv6hdr, INET_ECN_MASK, dscp << 2); | ||
7 | } | ||
8 | |||
9 | -SEC("classifier/read") | ||
10 | +SEC("classifier") | ||
11 | int read_dscp(struct __sk_buff *skb) | ||
12 | { | ||
13 | __u32 key = bpf_get_hash_recalc(skb); | ||
14 | @@ -106,7 +106,7 @@ int read_dscp(struct __sk_buff *skb) | ||
15 | return TC_ACT_OK; | ||
16 | } | ||
17 | |||
18 | -SEC("classifier/write") | ||
19 | +SEC("classifier") | ||
20 | int write_dscp(struct __sk_buff *skb) | ||
21 | { | ||
22 | __u32 key = skb->hash; | ||