From 5d45ddbfaa44d29eb6077153248806d73ceabde9 Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Fri, 10 Mar 2023 22:36:47 +0100
Subject: surtr: bifrost dscp

---
 _sources/generated.json                          | 20 +++++++++++++
 _sources/generated.nix                           | 12 ++++++++
 hosts/surtr/bifrost/default.nix                  | 14 ++++++++-
 hosts/surtr/borg.nix                             |  2 ++
 nvfetcher.toml                                   |  7 ++++-
 overlays/preserve-dscp/default.nix               | 36 ++++++++++++++++++++++++
 overlays/preserve-dscp/kern_env.patch            | 24 ++++++++++++++++
 overlays/preserve-dscp/kern_sec_classifier.patch | 22 +++++++++++++++
 8 files changed, 135 insertions(+), 2 deletions(-)
 create mode 100644 overlays/preserve-dscp/default.nix
 create mode 100644 overlays/preserve-dscp/kern_env.patch
 create mode 100644 overlays/preserve-dscp/kern_sec_classifier.patch

diff --git a/_sources/generated.json b/_sources/generated.json
index bf649edd..3419a35d 100644
--- a/_sources/generated.json
+++ b/_sources/generated.json
@@ -19,6 +19,26 @@
         },
         "version": "8ef9a5b73e5d1063cf912c70027c655fb19d1109"
     },
+    "bpf-examples": {
+        "cargoLocks": null,
+        "date": "2023-02-03",
+        "extract": null,
+        "name": "bpf-examples",
+        "passthru": null,
+        "pinned": false,
+        "src": {
+            "deepClone": false,
+            "fetchSubmodules": true,
+            "leaveDotGit": false,
+            "name": null,
+            "owner": "xdp-project",
+            "repo": "bpf-examples",
+            "rev": "f27b9881bf04493a5d0a32d0f56f2b88d72ba63f",
+            "sha256": "sha256-Ikwgds8Nd+rKMP6ckECChpPgIIBgfhuaUug4uJKDX8U=",
+            "type": "github"
+        },
+        "version": "f27b9881bf04493a5d0a32d0f56f2b88d72ba63f"
+    },
     "emacs-scratch_el": {
         "cargoLocks": null,
         "date": "2015-09-10",
diff --git a/_sources/generated.nix b/_sources/generated.nix
index 175e3854..23906a49 100644
--- a/_sources/generated.nix
+++ b/_sources/generated.nix
@@ -15,6 +15,18 @@
     });
     date = "2021-05-30";
   };
+  bpf-examples = {
+    pname = "bpf-examples";
+    version = "f27b9881bf04493a5d0a32d0f56f2b88d72ba63f";
+    src = fetchFromGitHub ({
+      owner = "xdp-project";
+      repo = "bpf-examples";
+      rev = "f27b9881bf04493a5d0a32d0f56f2b88d72ba63f";
+      fetchSubmodules = true;
+      sha256 = "sha256-Ikwgds8Nd+rKMP6ckECChpPgIIBgfhuaUug4uJKDX8U=";
+    });
+    date = "2023-02-03";
+  };
   emacs-scratch_el = {
     pname = "emacs-scratch_el";
     version = "0077334cc299aa7885f804d88f52cdb1b35caf71";
diff --git a/hosts/surtr/bifrost/default.nix b/hosts/surtr/bifrost/default.nix
index bdedf5b6..ccf0c959 100644
--- a/hosts/surtr/bifrost/default.nix
+++ b/hosts/surtr/bifrost/default.nix
@@ -1,4 +1,4 @@
-{ config, lib, ... }:
+{ config, lib, pkgs, ... }:
 
 with lib;
 
@@ -56,5 +56,17 @@ in {
       format = "binary";
       sopsFile = ./surtr.priv;
     };
+
+    systemd.services."bifrost-dscp" = {
+      wantedBy = ["sys-subsystem-net-devices-bifrost.device"];
+      after = ["sys-subsystem-net-devices-bifrost.device"];
+      bindsTo = ["sys-subsystem-net-devices-bifrost.device"];
+
+      serviceConfig = {
+        Type = "oneshot";
+        ExecStart = "${pkgs.preserve-dscp}/bin/preserve-dscp bifrost ens3";
+        ExecStop = "${pkgs.preserve-dscp}/bin/preserve-dscp bifrost ens3 --unload";
+      };
+    };
   };
 }
diff --git a/hosts/surtr/borg.nix b/hosts/surtr/borg.nix
index b9fe53d7..ad4e5694 100644
--- a/hosts/surtr/borg.nix
+++ b/hosts/surtr/borg.nix
@@ -29,6 +29,8 @@ with lib;
           BatchMode yes
           ServerAliveInterval 10
           ServerAliveCountMax 30
+
+          IPQoS cs1
       '';
     };
 
diff --git a/nvfetcher.toml b/nvfetcher.toml
index 5e075ae4..54a3292d 100644
--- a/nvfetcher.toml
+++ b/nvfetcher.toml
@@ -77,4 +77,9 @@ fetch.github = "etesync/etebase-py"
 [prometheus-lvm-exporter]
 src.github = "hansmi/prometheus-lvm-exporter"
 src.prefix = "v"
-fetch.url = "https://github.com/hansmi/prometheus-lvm-exporter/archive/refs/tags/v$ver.tar.gz"
\ No newline at end of file
+fetch.url = "https://github.com/hansmi/prometheus-lvm-exporter/archive/refs/tags/v$ver.tar.gz"
+
+[bpf-examples]
+src.git = "https://github.com/xdp-project/bpf-examples"
+fetch.github = "xdp-project/bpf-examples"
+git.fetchSubmodules = true
\ No newline at end of file
diff --git a/overlays/preserve-dscp/default.nix b/overlays/preserve-dscp/default.nix
new file mode 100644
index 00000000..7f956a12
--- /dev/null
+++ b/overlays/preserve-dscp/default.nix
@@ -0,0 +1,36 @@
+{ final, prev, sources, ... }:
+{
+  preserve-dscp = prev.stdenv.mkDerivation rec {
+    pname = "preserve-dscp";
+    inherit (sources.bpf-examples) version src;
+
+    patches = [ ./kern_env.patch ./kern_sec_classifier.patch ];
+
+    makeFlags = [ "PREFIX=$(out)" ];
+    buildFlags = [ "preserve-dscp" ];
+
+    CPATH = prev.lib.makeSearchPathOutput "dev" "include" (buildInputs ++ nativeBuildInputs);
+    BPF_CFLAGS = "-Wno-unused-command-line-argument -fno-stack-protector";
+
+    outputs = [ "out" "lib" ];
+
+    buildInputs = with final; [ elfutils libpcap zlib ];
+    nativeBuildInputs = with final; [ llvmPackages.clang llvmPackages.llvm pkgconfig bpftool libmnl gnum4 glibc_multi makeWrapper ];
+
+    installPhase = ''
+      mkdir -p $lib/lib/bpf
+      install -t $lib/lib/bpf \
+        preserve-dscp/preserve_dscp_kern.o
+
+      mkdir -p $out/bin
+      install -m 555 -t $out/bin \
+        preserve-dscp/preserve-dscp
+      wrapProgram $out/bin/preserve-dscp \
+        --set-default PRESERVE_DSCP_KERN $lib/lib/bpf/preserve_dscp_kern.o
+    '';
+
+    dontFixup = true;
+
+    meta.mainProgram = "preserve-dscp";
+  };
+}
diff --git a/overlays/preserve-dscp/kern_env.patch b/overlays/preserve-dscp/kern_env.patch
new file mode 100644
index 00000000..7fe57b19
--- /dev/null
+++ b/overlays/preserve-dscp/kern_env.patch
@@ -0,0 +1,24 @@
+diff --git a/preserve-dscp/preserve-dscp.c b/preserve-dscp/preserve-dscp.c
+index 8c66186..5916fc5 100644
+--- a/preserve-dscp/preserve-dscp.c
++++ b/preserve-dscp/preserve-dscp.c
+@@ -13,7 +13,7 @@
+ 
+ int main(int argc, char *argv[])
+ {
+-	const char *filename = "preserve_dscp_kern.o";
++	char *filename = 0;
+ 	char *ifname_pre, *ifname_post;
+ 	int ifindex_pre, ifindex_post;
+ 	struct bpf_map *map = NULL;
+@@ -26,6 +26,10 @@ int main(int argc, char *argv[])
+ 	DECLARE_LIBBPF_OPTS(bpf_tc_opts, attach_post);
+ 
+ 
++	if (!(filename = getenv("PRESERVE_DSCP_KERN")))
++	  filename = "preserve_dscp_kern.o";
++
++
+ 	if (argc < 3) {
+ 		fprintf(stderr, "Usage: %s <if pre> <if post> [--unload]\n", argv[0]);
+ 		return 1;
diff --git a/overlays/preserve-dscp/kern_sec_classifier.patch b/overlays/preserve-dscp/kern_sec_classifier.patch
new file mode 100644
index 00000000..465b36f6
--- /dev/null
+++ b/overlays/preserve-dscp/kern_sec_classifier.patch
@@ -0,0 +1,22 @@
+diff --git a/preserve-dscp/preserve_dscp_kern.c b/preserve-dscp/preserve_dscp_kern.c
+index 24120cb..b070733 100644
+--- a/preserve-dscp/preserve_dscp_kern.c
++++ b/preserve-dscp/preserve_dscp_kern.c
+@@ -91,7 +91,7 @@ static void set_dscp(struct __sk_buff *skb, __u8 dscp)
+ 		ipv6_change_dsfield(ipv6hdr, INET_ECN_MASK, dscp << 2);
+ }
+ 
+-SEC("classifier/read")
++SEC("classifier")
+ int read_dscp(struct __sk_buff *skb)
+ {
+ 	__u32 key = bpf_get_hash_recalc(skb);
+@@ -106,7 +106,7 @@ int read_dscp(struct __sk_buff *skb)
+ 	return TC_ACT_OK;
+ }
+ 
+-SEC("classifier/write")
++SEC("classifier")
+ int write_dscp(struct __sk_buff *skb)
+ {
+ 	__u32 key = skb->hash;
-- 
cgit v1.2.3