surtr: bifrost dscp

author: Gregor Kleen <gkleen@yggdrasil.li> 2023-03-10 22:36:47 +0100
committer: Gregor Kleen <gkleen@yggdrasil.li> 2023-03-10 22:36:47 +0100
commit: 5d45ddbfaa44d29eb6077153248806d73ceabde9 (patch)
tree: f6563406cdd540062a0ece5c4c540d0a9cf5572f /overlays/preserve-dscp
parent: c2fbcde4449ffaf798f9ba4f742b942d33a1c1c8 (diff)
download: nixos-5d45ddbfaa44d29eb6077153248806d73ceabde9.tar
nixos-5d45ddbfaa44d29eb6077153248806d73ceabde9.tar.gz
nixos-5d45ddbfaa44d29eb6077153248806d73ceabde9.tar.bz2
nixos-5d45ddbfaa44d29eb6077153248806d73ceabde9.tar.xz
nixos-5d45ddbfaa44d29eb6077153248806d73ceabde9.zip
3 files changed, 82 insertions, 0 deletions
diff --git a/overlays/preserve-dscp/default.nix b/overlays/preserve-dscp/default.nix
new file mode 100644
index 00000000..7f956a12
--- /dev/null
+++ b/overlays/preserve-dscp/default.nix
@@ -0,0 +1,36 @@
+{ final, prev, sources, ... }:
+{
+  preserve-dscp = prev.stdenv.mkDerivation rec {
+    pname = "preserve-dscp";
+    inherit (sources.bpf-examples) version src;
+    patches = [ ./kern_env.patch ./kern_sec_classifier.patch ];
+    makeFlags = [ "PREFIX=$(out)" ];
+    buildFlags = [ "preserve-dscp" ];
+    CPATH = prev.lib.makeSearchPathOutput "dev" "include" (buildInputs ++ nativeBuildInputs);
+    BPF_CFLAGS = "-Wno-unused-command-line-argument -fno-stack-protector";
+    outputs = [ "out" "lib" ];
+    buildInputs = with final; [ elfutils libpcap zlib ];
+    nativeBuildInputs = with final; [ llvmPackages.clang llvmPackages.llvm pkgconfig bpftool libmnl gnum4 glibc_multi makeWrapper ];
+    installPhase = ''
+      mkdir -p $lib/lib/bpf
+      install -t $lib/lib/bpf \
+        preserve-dscp/preserve_dscp_kern.o
+      mkdir -p $out/bin
+      install -m 555 -t $out/bin \
+        preserve-dscp/preserve-dscp
+      wrapProgram $out/bin/preserve-dscp \
+        --set-default PRESERVE_DSCP_KERN $lib/lib/bpf/preserve_dscp_kern.o
+    '';
+    dontFixup = true;
+    meta.mainProgram = "preserve-dscp";
+  };
+}
diff --git a/overlays/preserve-dscp/kern_env.patch b/overlays/preserve-dscp/kern_env.patch
new file mode 100644
index 00000000..7fe57b19
--- /dev/null
+++ b/overlays/preserve-dscp/kern_env.patch
@@ -0,0 +1,24 @@
+diff --git a/preserve-dscp/preserve-dscp.c b/preserve-dscp/preserve-dscp.c
+index 8c66186..5916fc5 100644
+--- a/preserve-dscp/preserve-dscp.c
+++ b/preserve-dscp/preserve-dscp.c
+@@ -13,7 +13,7 @@
+ 
+ int main(int argc, char *argv[])
+ {
+-       const char *filename = "preserve_dscp_kern.o";
+       char *filename = 0;
+        char *ifname_pre, *ifname_post;
+        int ifindex_pre, ifindex_post;
+        struct bpf_map *map = NULL;
+@@ -26,6 +26,10 @@ int main(int argc, char *argv[])
+        DECLARE_LIBBPF_OPTS(bpf_tc_opts, attach_post);
+ 
+ 
+       if (!(filename = getenv("PRESERVE_DSCP_KERN")))
+         filename = "preserve_dscp_kern.o";
+
+
+        if (argc < 3) {
+                fprintf(stderr, "Usage: %s <if pre> <if post> [--unload]\n", argv[0]);
+                return 1;
diff --git a/overlays/preserve-dscp/kern_sec_classifier.patch b/overlays/preserve-dscp/kern_sec_classifier.patch
new file mode 100644
index 00000000..465b36f6
--- /dev/null
+++ b/overlays/preserve-dscp/kern_sec_classifier.patch
@@ -0,0 +1,22 @@
+diff --git a/preserve-dscp/preserve_dscp_kern.c b/preserve-dscp/preserve_dscp_kern.c
+index 24120cb..b070733 100644
+--- a/preserve-dscp/preserve_dscp_kern.c
+++ b/preserve-dscp/preserve_dscp_kern.c
+@@ -91,7 +91,7 @@ static void set_dscp(struct __sk_buff *skb, __u8 dscp)
+                ipv6_change_dsfield(ipv6hdr, INET_ECN_MASK, dscp << 2);
+ }
+ 
+-SEC("classifier/read")
+SEC("classifier")
+ int read_dscp(struct __sk_buff *skb)
+ {
+        __u32 key = bpf_get_hash_recalc(skb);
+@@ -106,7 +106,7 @@ int read_dscp(struct __sk_buff *skb)
+        return TC_ACT_OK;
+ }
+ 
+-SEC("classifier/write")
+SEC("classifier")
+ int write_dscp(struct __sk_buff *skb)
+ {
+        __u32 key = skb->hash;
author	Gregor Kleen <gkleen@yggdrasil.li>	2023-03-10 22:36:47 +0100
committer	Gregor Kleen <gkleen@yggdrasil.li>	2023-03-10 22:36:47 +0100
commit	5d45ddbfaa44d29eb6077153248806d73ceabde9 (patch)
tree	f6563406cdd540062a0ece5c4c540d0a9cf5572f /overlays/preserve-dscp
parent	c2fbcde4449ffaf798f9ba4f742b942d33a1c1c8 (diff)
download	nixos-5d45ddbfaa44d29eb6077153248806d73ceabde9.tar nixos-5d45ddbfaa44d29eb6077153248806d73ceabde9.tar.gz nixos-5d45ddbfaa44d29eb6077153248806d73ceabde9.tar.bz2 nixos-5d45ddbfaa44d29eb6077153248806d73ceabde9.tar.xz nixos-5d45ddbfaa44d29eb6077153248806d73ceabde9.zip

diff --git a/overlays/preserve-dscp/default.nix b/overlays/preserve-dscp/default.nix new file mode 100644 index 00000000..7f956a12 --- /dev/null +++ b/overlays/preserve-dscp/default.nix
@@ -0,0 +1,36 @@
	1	{ final, prev, sources, ... }:
	2	{
	3	preserve-dscp = prev.stdenv.mkDerivation rec {
	4	pname = "preserve-dscp";
	5	inherit (sources.bpf-examples) version src;
	6
	7	patches = [ ./kern_env.patch ./kern_sec_classifier.patch ];
	8
	9	makeFlags = [ "PREFIX=$(out)" ];
	10	buildFlags = [ "preserve-dscp" ];
	11
	12	CPATH = prev.lib.makeSearchPathOutput "dev" "include" (buildInputs ++ nativeBuildInputs);
	13	BPF_CFLAGS = "-Wno-unused-command-line-argument -fno-stack-protector";
	14
	15	outputs = [ "out" "lib" ];
	16
	17	buildInputs = with final; [ elfutils libpcap zlib ];
	18	nativeBuildInputs = with final; [ llvmPackages.clang llvmPackages.llvm pkgconfig bpftool libmnl gnum4 glibc_multi makeWrapper ];
	19
	20	installPhase = ''
	21	mkdir -p $lib/lib/bpf
	22	install -t $lib/lib/bpf \
	23	preserve-dscp/preserve_dscp_kern.o
	24
	25	mkdir -p $out/bin
	26	install -m 555 -t $out/bin \
	27	preserve-dscp/preserve-dscp
	28	wrapProgram $out/bin/preserve-dscp \
	29	--set-default PRESERVE_DSCP_KERN $lib/lib/bpf/preserve_dscp_kern.o
	30	'';
	31
	32	dontFixup = true;
	33
	34	meta.mainProgram = "preserve-dscp";
	35	};
	36	}


diff --git a/overlays/preserve-dscp/kern_env.patch b/overlays/preserve-dscp/kern_env.patch new file mode 100644 index 00000000..7fe57b19 --- /dev/null +++ b/overlays/preserve-dscp/kern_env.patch
@@ -0,0 +1,24 @@
	1	diff --git a/preserve-dscp/preserve-dscp.c b/preserve-dscp/preserve-dscp.c
	2	index 8c66186..5916fc5 100644
	3	--- a/preserve-dscp/preserve-dscp.c
	4	+++ b/preserve-dscp/preserve-dscp.c
	5	@@ -13,7 +13,7 @@
	6
	7	int main(int argc, char *argv[])
	8	{
	9	- const char *filename = "preserve_dscp_kern.o";
	10	+ char *filename = 0;
	11	char ifname_pre, ifname_post;
	12	int ifindex_pre, ifindex_post;
	13	struct bpf_map *map = NULL;
	14	@@ -26,6 +26,10 @@ int main(int argc, char *argv[])
	15	DECLARE_LIBBPF_OPTS(bpf_tc_opts, attach_post);
	16
	17
	18	+ if (!(filename = getenv("PRESERVE_DSCP_KERN")))
	19	+ filename = "preserve_dscp_kern.o";
	20	+
	21	+
	22	if (argc < 3) {
	23	fprintf(stderr, "Usage: %s <if pre> <if post> [--unload]\n", argv[0]);
	24	return 1;


diff --git a/overlays/preserve-dscp/kern_sec_classifier.patch b/overlays/preserve-dscp/kern_sec_classifier.patch new file mode 100644 index 00000000..465b36f6 --- /dev/null +++ b/overlays/preserve-dscp/kern_sec_classifier.patch
@@ -0,0 +1,22 @@
	1	diff --git a/preserve-dscp/preserve_dscp_kern.c b/preserve-dscp/preserve_dscp_kern.c
	2	index 24120cb..b070733 100644
	3	--- a/preserve-dscp/preserve_dscp_kern.c
	4	+++ b/preserve-dscp/preserve_dscp_kern.c
	5	@@ -91,7 +91,7 @@ static void set_dscp(struct __sk_buff *skb, __u8 dscp)
	6	ipv6_change_dsfield(ipv6hdr, INET_ECN_MASK, dscp << 2);
	7	}
	8
	9	-SEC("classifier/read")
	10	+SEC("classifier")
	11	int read_dscp(struct __sk_buff *skb)
	12	{
	13	__u32 key = bpf_get_hash_recalc(skb);
	14	@@ -106,7 +106,7 @@ int read_dscp(struct __sk_buff *skb)
	15	return TC_ACT_OK;
	16	}
	17
	18	-SEC("classifier/write")
	19	+SEC("classifier")
	20	int write_dscp(struct __sk_buff *skb)
	21	{
	22	__u32 key = skb->hash;