Skip to content

feat(net): [WIP] 桥接网络支持 #1287

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 36 commits into
base: master
Choose a base branch
from
Open

feat(net): [WIP] 桥接网络支持 #1287

wants to merge 36 commits into from

Conversation

sparkzky
Copy link
Collaborator

此PR为OSPP-DragonOS 桥接网络支持

已实现:

  1. 虚拟网络设备驱动开发
    • 在 DragonOS 中实现 Bridge,支持虚拟网桥创建、MAC 地址学习与二层转发。
    • 实现 veth pair 驱动,支持连接到 Bridge。
  2. 网络隔离与命名空间支持
    • 补充 Network Namespace 功能。
  3. 实现 NAT 功能(SNAT/DNAT)
  4. 补充完善路由子系统功能
    • 增强路由子系统,支持多 Namespace 独立路由表。
    • 实现虚拟接口(veth、Bridge)的路由规则更新与流量转发。
  5. 实现netlink socket框架以及部分协议

待补充:

  • 路由is_my_ip实现有误
  • 将arp查询过程从smotcp中移动出来,由DragonOS记录相关邻居
  • netlink支持创建veth和bridge设备,支持更新命名空间
  • test-router使用多命名空间进行测试
  • 规则路由
  • netlink 支持展示,更新路由信息
  • 文档

@sparkzky
feat: 新增veth和bridge结构体,尚未详细测试
50d93c0 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat(net): 完善一下已有的bridge以及veth设备,增加一些调试信息
4450c3c 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat(net): 完善veth网卡驱动,能通过测例;简单修改vridge设备,尚未测试
cbc2f78 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat(routing): 简单添加路由子系统,尚未完成
50f56e8 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat(veth): 增加veth默认对端路由
ceb6a12 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat(socket): 恢复udp socket中的wait_queue等待
bae4463 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat(net): 补充bridge的实现
df05c6b 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat(bridge): 更改测试程序
63c2232 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat: 重命名测试程序
a1400d2 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat: 更改veth&beidge测试程序的toml
09f2a59 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat: 暂时添加route_iface以及route_table
3190b10 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat: draft router
c2dbd15 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat: 实现简单的路由功能,未详细测试
36104bc 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat: 添加netlink框架,内核相应的处理逻辑以及读取写入用户空间尚未完成
3e2ff8c 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat(netlink): 完善netlink的读写部分,增加addr的内核处理逻辑
7a8faa2 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat: 移动routing的位置
bc35ddd 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat: 补充netlink的阻塞等待逻辑&&fmt
d766c8b 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat(netns): 添加网络命名空间
0add586 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat(netns): 删除全局路由,使用当前netns下的路由
41b5c29 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat(netlink): 将netlink socket移入netns中
7489eed 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat: 完成netlink addr消息的支持,增加测试程序
e827027 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat(netlink): 消除一些warning
b414041 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
fix: 新建netns时插入loopback网卡到设备列表
538db91 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat: 将veth和bridge测试程序改用C完成
9f5813c 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat(gdb): 增加gdb debug可选项
de88f0c 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
fix: 修复SockAddrIn结构体中的sin_addr字节序问题,确保正确处理IPv4地址
a723501 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat: 手糊实现路由功能,后续需要更改事件驱动
97fc6b9 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat(netlink): 补充getlink方法以及相关结构体
31c7341 
Signed-off-by: sparkzky <[email protected]>
@sparkzky
Refactor network driver interfaces and introduce NAPI support
b95e3b2 
- Removed the default_iface parameter.
- Introduced a new NAPI module to manage network polling and scheduling.
- Updated the Iface trait to include a napi_struct method for NAPI support.
- Modified Veth network interfaces to integrate with the new NAPI structure.
- Refactored the Router implementation to remove unnecessary polling threads and wait queues.
- Updated NetNamespace to manage a list of bridge devices.
- Cleaned up various unused methods and comments across network-related files.

Signed-off-by: sparkzky <[email protected]>
@sparkzky
feat: 将virtio网卡的处理逻辑移动进ksoftirqd中
29423ca 
Signed-off-by: sparkzky <[email protected]>
@github-actions github-actions bot added the enhancement New feature or request label Sep 22, 2025
@fslongjin
Copy link
Member

bugbot run

cursor[bot]
cursor bot reviewed Sep 25, 2025
View reviewed changes
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR is being reviewed by Cursor Bugbot

Details

You are on the Bugbot Free tier. On this plan, Bugbot will review limited PRs each billing cycle.

To receive Bugbot reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.

kernel/src/net/routing/nat.rs
// 或者需要遍历 reverse_mappings 找到 value 为 key 的条目并删除。
// 为简单起见,这里只清理主表。更健壮的实现需要双向链接或引用计数。
log::info!("Cleaned up expired connection for key: {:?}", key);
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: Time Travel Bug and Memory Leak

The cleanup_expired method has two issues: duration_since().unwrap() can panic if mapping.last_seen() is in the future relative to now, and it causes a memory leak by only cleaning the mappings table, leaving reverse_mappings with stale entries.

Fix in Cursor Fix in Web

kernel/src/net/socket/netlink/route/message/attr/mod.rs

let chunks = unsafe { from_raw_parts(byte_buffer.as_ptr() as *const T, 1) };
let data = &chunks[0];
return Ok(data);
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: Unsafe Cast and Excessive Logging

The convert_one_from_raw_buf function performs an unsafe cast from a byte slice to &T without verifying proper alignment for type T. This can lead to undefined behavior, crashes, or data corruption. Separately, a log::info! statement in this function will cause excessive logging in production.

Fix in Cursor Fix in Web

kernel/src/driver/net/veth.rs
.inner
.lock()
.bridge_common_data
.as_ref()
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: Weak Reference Upgrade Panic

The recv_from_peer method panics if its self_iface_ref weak reference has been dropped. Calling upgrade().unwrap() on a Weak reference can lead to a crash if the underlying VethInterface is no longer alive.

Fix in Cursor Fix in Web

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cursor cursor[bot] cursor[bot] left review comments

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sparkzky @fslongjin