Skip to content

netgroup/ioam-gob-linux-kernel-qemu-setup

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
shared
shared
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
create-image.sh
create-image.sh
 
 
enter.sh
enter.sh
 
 
run.sh
run.sh
 
 

Repository files navigation

QEMU/KVM VM Setup for IOAM-GOB Kernel Playground

This directory contains the setup for running a QEMU/KVM virtual machine with a custom Linux kernel that includes GOB (Global Opaque Block) support for IOAM6.

Contents

  • bzImage: Linux kernel image with GOB support
  • bookworm.img: Debian 12 (Bookworm) root filesystem image
  • shared/: Host directory mounted at /mnt/shared/ in the VM (contains eBPF programs)
  • create-image.sh: Script to rebuild the VM root filesystem
  • run.sh: Script to start a QEMU/KVM instance
  • enter.sh: Connect to the VM via SSH

Architectural Overview

Component Purpose
Guest VM Runs custom kernel with GOB support
QEMU/KVM Virtualization layer for testing
Host Development machine with QEMU/KVM

Filesystem Mounts

The following host directories are mounted in the VM via 9p virtio-fs:

Host Path VM Mount Point Content
tests/vm/shared/ /mnt/shared/ eBPF programs (e.g., netprog.bpf.o)
tests/scripts/ /mnt/scripts/ Test scripts (e.g., ioam6-testbed.sh)
iproute2/ /mnt/iproute2/ iproute2 source with GOB support

Starting the VM

Step 1: Start the QEMU Instance

Launch the VM:

./run.sh

Step 2: Access the VM

Connect via SSH:

./enter.sh

This connects to localhost:10022 using the bookworm.id_rsa private key.

Building Inside the VM

After entering the VM, build iproute2 and deploy eBPF programs:

# Build iproute2
cd /mnt/iproute2
./configure && make
# Optional: make install copies binaries to system paths (not required for use from /mnt/iproute2)

# Deploy GOB eBPF program
ip ioam gobschema add 77 object /mnt/shared/netprog.bpf.o section ioam6_gobv2_cnt
ip ioam namespace set 123 gobschema 77

# Verify
ip ioam gobschema show

GOB Traffic Verification

Observe GOB packet processing via kernel tracing:

sudo cat /sys/kernel/tracing/trace_pipe | grep 'ioam6_gobv2_cnt'

Send test traffic to trigger the GOB program:

ping6 -c 5 db22::2

You should see trace output showing counter changes for each processed packet.

Troubleshooting

VM Cannot Boot

  • Ensure bzImage is present in this directory and correctly symlinked

eBPF Program Fails to Load

  • Verify schema section matches BPF object symbols using llvm-objdump: 
    llvm-objdump -t /mnt/shared/netprog.bpf.o | grep 'ioam6_gobv2_cnt'
    (Note: bpf programs are compiled with LLVM, use llvm-objdump instead of objdump)
  • Confirm kernel has CONFIG_IPV6_IOAM6_GOB=y enabled
  • Ensure .bpf.o files exist in /mnt/shared/ before booting VM

iproute2 Missing IOAM6 Commands

  • Ensure iproute2 is built inside the VM: cd /mnt/iproute2 && ./configure && make
  • Verify kernel has CONFIG_IPV6_IOAM6_GOB=y enabled

License

This project is licensed under the Apache License 2.0.

Portions of this project are based on modified works originally created by the syzkaller project authors, whose original copyrights are retained and respected according to the terms of the Apache License 2.0.

See the LICENSE file for more details.

Author

Andrea Mayer - Università degli Studi di Roma "Tor Vergata"

About

Setup of a minimal debian rootfs for booting a GOB patched kernel image (e.g. bzImage) using Qemu/KVM.

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages