summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2023-03-10 22:36:47 +0100
committerGregor Kleen <gkleen@yggdrasil.li>2023-03-10 22:36:47 +0100
commit5d45ddbfaa44d29eb6077153248806d73ceabde9 (patch)
treef6563406cdd540062a0ece5c4c540d0a9cf5572f
parentc2fbcde4449ffaf798f9ba4f742b942d33a1c1c8 (diff)
downloadnixos-5d45ddbfaa44d29eb6077153248806d73ceabde9.tar
nixos-5d45ddbfaa44d29eb6077153248806d73ceabde9.tar.gz
nixos-5d45ddbfaa44d29eb6077153248806d73ceabde9.tar.bz2
nixos-5d45ddbfaa44d29eb6077153248806d73ceabde9.tar.xz
nixos-5d45ddbfaa44d29eb6077153248806d73ceabde9.zip
surtr: bifrost dscp
-rw-r--r--_sources/generated.json20
-rw-r--r--_sources/generated.nix12
-rw-r--r--hosts/surtr/bifrost/default.nix14
-rw-r--r--hosts/surtr/borg.nix2
-rw-r--r--nvfetcher.toml7
-rw-r--r--overlays/preserve-dscp/default.nix36
-rw-r--r--overlays/preserve-dscp/kern_env.patch24
-rw-r--r--overlays/preserve-dscp/kern_sec_classifier.patch22
8 files changed, 135 insertions, 2 deletions
diff --git a/_sources/generated.json b/_sources/generated.json
index bf649edd..3419a35d 100644
--- a/_sources/generated.json
+++ b/_sources/generated.json
@@ -19,6 +19,26 @@
19 }, 19 },
20 "version": "8ef9a5b73e5d1063cf912c70027c655fb19d1109" 20 "version": "8ef9a5b73e5d1063cf912c70027c655fb19d1109"
21 }, 21 },
22 "bpf-examples": {
23 "cargoLocks": null,
24 "date": "2023-02-03",
25 "extract": null,
26 "name": "bpf-examples",
27 "passthru": null,
28 "pinned": false,
29 "src": {
30 "deepClone": false,
31 "fetchSubmodules": true,
32 "leaveDotGit": false,
33 "name": null,
34 "owner": "xdp-project",
35 "repo": "bpf-examples",
36 "rev": "f27b9881bf04493a5d0a32d0f56f2b88d72ba63f",
37 "sha256": "sha256-Ikwgds8Nd+rKMP6ckECChpPgIIBgfhuaUug4uJKDX8U=",
38 "type": "github"
39 },
40 "version": "f27b9881bf04493a5d0a32d0f56f2b88d72ba63f"
41 },
22 "emacs-scratch_el": { 42 "emacs-scratch_el": {
23 "cargoLocks": null, 43 "cargoLocks": null,
24 "date": "2015-09-10", 44 "date": "2015-09-10",
diff --git a/_sources/generated.nix b/_sources/generated.nix
index 175e3854..23906a49 100644
--- a/_sources/generated.nix
+++ b/_sources/generated.nix
@@ -15,6 +15,18 @@
15 }); 15 });
16 date = "2021-05-30"; 16 date = "2021-05-30";
17 }; 17 };
18 bpf-examples = {
19 pname = "bpf-examples";
20 version = "f27b9881bf04493a5d0a32d0f56f2b88d72ba63f";
21 src = fetchFromGitHub ({
22 owner = "xdp-project";
23 repo = "bpf-examples";
24 rev = "f27b9881bf04493a5d0a32d0f56f2b88d72ba63f";
25 fetchSubmodules = true;
26 sha256 = "sha256-Ikwgds8Nd+rKMP6ckECChpPgIIBgfhuaUug4uJKDX8U=";
27 });
28 date = "2023-02-03";
29 };
18 emacs-scratch_el = { 30 emacs-scratch_el = {
19 pname = "emacs-scratch_el"; 31 pname = "emacs-scratch_el";
20 version = "0077334cc299aa7885f804d88f52cdb1b35caf71"; 32 version = "0077334cc299aa7885f804d88f52cdb1b35caf71";
diff --git a/hosts/surtr/bifrost/default.nix b/hosts/surtr/bifrost/default.nix
index bdedf5b6..ccf0c959 100644
--- a/hosts/surtr/bifrost/default.nix
+++ b/hosts/surtr/bifrost/default.nix
@@ -1,4 +1,4 @@
1{ config, lib, ... }: 1{ config, lib, pkgs, ... }:
2 2
3with lib; 3with lib;
4 4
@@ -56,5 +56,17 @@ in {
56 format = "binary"; 56 format = "binary";
57 sopsFile = ./surtr.priv; 57 sopsFile = ./surtr.priv;
58 }; 58 };
59
60 systemd.services."bifrost-dscp" = {
61 wantedBy = ["sys-subsystem-net-devices-bifrost.device"];
62 after = ["sys-subsystem-net-devices-bifrost.device"];
63 bindsTo = ["sys-subsystem-net-devices-bifrost.device"];
64
65 serviceConfig = {
66 Type = "oneshot";
67 ExecStart = "${pkgs.preserve-dscp}/bin/preserve-dscp bifrost ens3";
68 ExecStop = "${pkgs.preserve-dscp}/bin/preserve-dscp bifrost ens3 --unload";
69 };
70 };
59 }; 71 };
60} 72}
diff --git a/hosts/surtr/borg.nix b/hosts/surtr/borg.nix
index b9fe53d7..ad4e5694 100644
--- a/hosts/surtr/borg.nix
+++ b/hosts/surtr/borg.nix
@@ -29,6 +29,8 @@ with lib;
29 BatchMode yes 29 BatchMode yes
30 ServerAliveInterval 10 30 ServerAliveInterval 10
31 ServerAliveCountMax 30 31 ServerAliveCountMax 30
32
33 IPQoS cs1
32 ''; 34 '';
33 }; 35 };
34 36
diff --git a/nvfetcher.toml b/nvfetcher.toml
index 5e075ae4..54a3292d 100644
--- a/nvfetcher.toml
+++ b/nvfetcher.toml
@@ -77,4 +77,9 @@ fetch.github = "etesync/etebase-py"
77[prometheus-lvm-exporter] 77[prometheus-lvm-exporter]
78src.github = "hansmi/prometheus-lvm-exporter" 78src.github = "hansmi/prometheus-lvm-exporter"
79src.prefix = "v" 79src.prefix = "v"
80fetch.url = "https://github.com/hansmi/prometheus-lvm-exporter/archive/refs/tags/v$ver.tar.gz" \ No newline at end of file 80fetch.url = "https://github.com/hansmi/prometheus-lvm-exporter/archive/refs/tags/v$ver.tar.gz"
81
82[bpf-examples]
83src.git = "https://github.com/xdp-project/bpf-examples"
84fetch.github = "xdp-project/bpf-examples"
85git.fetchSubmodules = true \ No newline at end of file
diff --git a/overlays/preserve-dscp/default.nix b/overlays/preserve-dscp/default.nix
new file mode 100644
index 00000000..7f956a12
--- /dev/null
+++ b/overlays/preserve-dscp/default.nix
@@ -0,0 +1,36 @@
1{ final, prev, sources, ... }:
2{
3 preserve-dscp = prev.stdenv.mkDerivation rec {
4 pname = "preserve-dscp";
5 inherit (sources.bpf-examples) version src;
6
7 patches = [ ./kern_env.patch ./kern_sec_classifier.patch ];
8
9 makeFlags = [ "PREFIX=$(out)" ];
10 buildFlags = [ "preserve-dscp" ];
11
12 CPATH = prev.lib.makeSearchPathOutput "dev" "include" (buildInputs ++ nativeBuildInputs);
13 BPF_CFLAGS = "-Wno-unused-command-line-argument -fno-stack-protector";
14
15 outputs = [ "out" "lib" ];
16
17 buildInputs = with final; [ elfutils libpcap zlib ];
18 nativeBuildInputs = with final; [ llvmPackages.clang llvmPackages.llvm pkgconfig bpftool libmnl gnum4 glibc_multi makeWrapper ];
19
20 installPhase = ''
21 mkdir -p $lib/lib/bpf
22 install -t $lib/lib/bpf \
23 preserve-dscp/preserve_dscp_kern.o
24
25 mkdir -p $out/bin
26 install -m 555 -t $out/bin \
27 preserve-dscp/preserve-dscp
28 wrapProgram $out/bin/preserve-dscp \
29 --set-default PRESERVE_DSCP_KERN $lib/lib/bpf/preserve_dscp_kern.o
30 '';
31
32 dontFixup = true;
33
34 meta.mainProgram = "preserve-dscp";
35 };
36}
diff --git a/overlays/preserve-dscp/kern_env.patch b/overlays/preserve-dscp/kern_env.patch
new file mode 100644
index 00000000..7fe57b19
--- /dev/null
+++ b/overlays/preserve-dscp/kern_env.patch
@@ -0,0 +1,24 @@
1diff --git a/preserve-dscp/preserve-dscp.c b/preserve-dscp/preserve-dscp.c
2index 8c66186..5916fc5 100644
3--- a/preserve-dscp/preserve-dscp.c
4+++ b/preserve-dscp/preserve-dscp.c
5@@ -13,7 +13,7 @@
6
7 int main(int argc, char *argv[])
8 {
9- const char *filename = "preserve_dscp_kern.o";
10+ char *filename = 0;
11 char *ifname_pre, *ifname_post;
12 int ifindex_pre, ifindex_post;
13 struct bpf_map *map = NULL;
14@@ -26,6 +26,10 @@ int main(int argc, char *argv[])
15 DECLARE_LIBBPF_OPTS(bpf_tc_opts, attach_post);
16
17
18+ if (!(filename = getenv("PRESERVE_DSCP_KERN")))
19+ filename = "preserve_dscp_kern.o";
20+
21+
22 if (argc < 3) {
23 fprintf(stderr, "Usage: %s <if pre> <if post> [--unload]\n", argv[0]);
24 return 1;
diff --git a/overlays/preserve-dscp/kern_sec_classifier.patch b/overlays/preserve-dscp/kern_sec_classifier.patch
new file mode 100644
index 00000000..465b36f6
--- /dev/null
+++ b/overlays/preserve-dscp/kern_sec_classifier.patch
@@ -0,0 +1,22 @@
1diff --git a/preserve-dscp/preserve_dscp_kern.c b/preserve-dscp/preserve_dscp_kern.c
2index 24120cb..b070733 100644
3--- a/preserve-dscp/preserve_dscp_kern.c
4+++ b/preserve-dscp/preserve_dscp_kern.c
5@@ -91,7 +91,7 @@ static void set_dscp(struct __sk_buff *skb, __u8 dscp)
6 ipv6_change_dsfield(ipv6hdr, INET_ECN_MASK, dscp << 2);
7 }
8
9-SEC("classifier/read")
10+SEC("classifier")
11 int read_dscp(struct __sk_buff *skb)
12 {
13 __u32 key = bpf_get_hash_recalc(skb);
14@@ -106,7 +106,7 @@ int read_dscp(struct __sk_buff *skb)
15 return TC_ACT_OK;
16 }
17
18-SEC("classifier/write")
19+SEC("classifier")
20 int write_dscp(struct __sk_buff *skb)
21 {
22 __u32 key = skb->hash;