wip

Author: daniel-noland

Cargo.toml

@@ -13,6 +13,7 @@ members = [
     "flow-info",
     "hardware",
     "id",
+    "init",
     "interface-manager",
     "mgmt",
     "nat",
@@ -45,6 +46,7 @@ flow-info = { path = "./flow-info", package = "dataplane-flow-info" }
 gateway_config = { git = "https://github.com/githedgehog/gateway-proto", tag = "v0.14.0", version = "0.14.0"}
 hardware = { path = "./hardware", package = "dataplane-hardware" }
 id = { path = "./id", package = "dataplane-id" }
+init = { path = "./init", package = "dataplane-init" }
 interface-manager = { path = "./interface-manager", package = "dataplane-interface-manager" }
 lpm = { path = "./lpm", package = "dataplane-lpm" }
 mgmt = { path = "./mgmt", package = "dataplane-mgmt" }

init/Cargo.toml

@@ -0,0 +1,31 @@
+[package]
+name = "dataplane-init"
+version = "0.1.0"
+edition = "2024"
+publish = false
+license = "Apache-2.0"
+
+[dependencies]
+# internal
+hardware = { workspace = true, features = ["serde", "scan"] }
+id = { workspace = true }
+
+# external
+nix = { workspace = true, features = ["mount", "fs"] }
+procfs = { workspace = true, features = [] }
+strum = { workspace = true, features = ["derive"] }
+strum_macros = { workspace = true, features = [] }
+thiserror = { workspace = true }
+tracing = { workspace = true, features = ["attributes"] }
+tracing-subscriber = { workspace = true, features = ["fmt"] }
+
+[dev-dependencies]
+# internal
+
+# external
+
+[build-dependencies]
+# internal
+dpdk-sysroot-helper = { workspace = true }
+
+# external

init/README.md

@@ -0,0 +1,50 @@
+# dataplane-init
+
+This program is responsible for initializing the dataplane.
+
+The primary steps of this program are to
+
+1. drive the NIC into the configuration needed by DPDK to use the NIC.
+2. (todo) drop hazardous privileges,
+3. (todo) `exec` the dataplane process.
+
+For most network cards, this configuration step involves unbinding the NIC from
+the kernel driver and re-binding it to the vfio-pci driver.
+
+> [!NOTE]
+> Not all NICs should be bound to vfio-pci.
+> Some network cards use the so called bifurcated driver and must remain bound
+> to the kernel driver.
+> In particular, all network cards which use the mlx5 driver must remain bound
+> to the mlx5 kernel driver.
+
+> [!WARNING]
+> This program is _not_ responsible for full life cycle management of the NIC.
+> In particular, it makes no attempt to rebind the NIC back to the kernel driver.
+> Thus, expect this program to make a network cards disappear from the eyes of
+> tooling like iproute2 and ethtool.
+
+Only a very limited set of network cards are currently supported, although this set
+can easily be expanded over time.
+
+## Error handling notes
+
+As a short lived program which is only run once per gateway initialization,
+this program has significantly different error handling requirements from the
+other software in this workspace.
+
+Basically, it will either succeed or fail, and if it fails it will likely require
+outside intervention to recover.
+There is little we can or should even try to do in the way of error handling beyond
+
+## Privileges
+
+This program is, by necessity, run with elevated privileges.
+As such, we need to take special caution when writing to files.
+
+Because sysfs is basically a maze of symlinks, it is important to be careful when
+manipulating paths under sysfs.
+Mistakes can lead you to write data in highly unexpected places, with totally unknown
+consequences.
+Some care has been taken in the design of the types used here to discourage programmer
+errors which might lead to precipitous writes by a privileged process.

init/build.rs

@@ -0,0 +1,8 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright Open Network Fabric Authors
+
+fn main() {
+    let sysroot = dpdk_sysroot_helper::get_sysroot();
+    println!("cargo:rustc-link-search=all={sysroot}/lib");
+    println!("cargo:rustc-link-arg=--sysroot={sysroot}");
+}

init/src/main.rs

@@ -0,0 +1,101 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright Open Network Fabric Authors
+
+#![doc = include_str!("../README.md")]
+
+pub mod nic;
+pub mod sysfs;
+
+use std::path::PathBuf;
+
+use sysfs::*;
+use tracing::{error, info};
+
+use crate::nic::{BindToVfioPci, PciDriver, PciNic};
+
+/// Errors which might occur during system dataplane system initialization
+#[derive(Debug, thiserror::Error)]
+pub enum InitErr {
+    /// The path is not under a mounted sysfs and therefore does not qualify as a [`SysfsPath`].
+    #[error("path {0:?} is not under sysfs")]
+    PathNotUnderSysfs(PathBuf),
+    /// Some [`std::io::Error`] error occurred
+    #[error(transparent)]
+    IoError(#[from] std::io::Error),
+    /// Invalid UTF-8 in a path under sysfs is an absolutely wild error case I expect to
+    /// never see.
+    ///
+    /// The kernel just uses ascii byte strings for sysfs, so you should never see this
+    /// error under healthy conditions.
+    /// In the event of illegal UTF-8, something is likely deeply wrong with the kernel;
+    /// likely memory corruption or some other security impacting issue.
+    ///
+    /// As such, the [`InnitErr::InvalidUtf8`] branch deliberately does not include
+    /// any information about the offending string name or any derivative, even for logging
+    /// or error reporting.
+    /// At best you will just end up mangling the log with unknown/unprintable bytes.
+    /// At worst, injecting arbitrary bytes into a system log may be what an attacker needs
+    /// for lateral compromise of some other system.
+    ///
+    /// You should likely `panic!` if you reach this error case as there is no plausible
+    /// recovery from this type of low level operating system malfunction.
+    #[error("path under sysfs is not a valid UTF-8 string")]
+    SysfsPathIsNotValidUtf8,
+    #[error("missing needed driver {0}")]
+    DriverMissing(PciDriver),
+}
+
+/// Process setup helper function.
+///
+/// Fills out the [`SYSFS`] [`OnceLock`].
+///
+/// # Panics
+///
+/// - Panics if this process is unable to read the list of mounted filesystems.
+/// -
+///
+/// Panics if the [`SYSFS`] [`OnceLock`] cannot be initialized.
+fn setup() -> Result<(), InitErr> {
+    tracing_subscriber::fmt()
+        .with_ansi(false)
+        .with_file(true)
+        .with_level(true)
+        .with_line_number(true)
+        .init();
+    let sysfs_mounts: Vec<_> = procfs::mounts()
+        .unwrap() // acceptable panic: if we can't find /sys then this process will never work
+        .into_iter()
+        .filter(|mount| mount.fs_vfstype == "sysfs")
+        .collect();
+    let sysfs_path = if sysfs_mounts.is_empty() {
+        panic!("sysfs is not mounted: unable to initialize dataplane");
+    } else if sysfs_mounts.len() > 1 {
+        const MSG_PREFIX: &str =
+            "suspicious configuration found: sysfs is mounted at more than one location.";
+        let message = std::format_args!("{MSG_PREFIX}. Filesystems found at {sysfs_mounts:#?}");
+        error!("{message}");
+        panic!("{message}");
+    } else {
+        sysfs_mounts[0].fs_file.clone()
+    };
+    let sysfs_root = SysfsPath::new(&sysfs_path)?;
+    info!("found sysfs filesystem at {sysfs_root}");
+    match SYSFS.set(sysfs_root) {
+        Ok(()) => Ok(()),
+        Err(_) => {
+            unreachable!("called setup function twice in one process!");
+        }
+    }
+}
+
+fn main() -> Result<(), InitErr> {
+    setup()?;
+    // TODO: proper argument parsing
+    // -- hack add a real command line parser
+    let mut args = std::env::args().skip(1);
+    // -- end hack
+    // TODO: fix unwraps in the next PR.  These can't be properly addressed before the arg parser is done.
+    let address = hardware::pci::address::PciAddress::try_from(args.next().unwrap()).unwrap();
+    let mut device = PciNic::new(address)?;
+    device.bind_to_vfio_pci()
+}