A comprehensive VFIO device management and resource allocation system for high-performance networking on Linux. Manages network devices across kernel drivers, VFIO passthrough, and DPDK userspace drivers with automatic capability detection, PTP clock synchronization, and queue-level resource sharing.
This project consists of three components:
- vfiod: System daemon that manages device modes, DPDK initialization, and resource allocation
- vfioctl: User-facing CLI tool for device management and configuration
- libvfio: Core library with device discovery, capability detection, and IPC
Support for three operational modes per device:
-
Kernel Mode: Standard Linux kernel drivers (mlx5_core, i40e, ice, etc.)
- Full networking stack support
- Standard socket APIs
- AF_XDP support for kernel bypass
-
VFIO Mode: Bound to vfio-pci for VM passthrough
- Direct device access via VFIO
- IOMMU protection
- Virtual PTP clock creation
-
DPDK Mode: Bound to vfio-pci with DPDK initialization
- Userspace packet processing
- Hardware timestamping via DPDK
- PTP clock synchronization (ptpsyncd integration)
- Hardware Capabilities: Link speed, queue counts, PTP support, RDMA
- Driver-Specific Features: Bifurcated mode (Mellanox), hardware timestamps
- Dynamic Recalculation: Capabilities refresh on driver changes
- WiFi Support: Generation detection (WiFi 6E, WiFi 6, WiFi 5)
- Reservations: Pre-allocation by orchestrator
- Queue-Level Sharing: Multiple processes sharing device queues
- DPDK Primary Process: Shared by all workers (ptpsyncd, latency workers)
- Automatic Cleanup: Process tracking and resource reclamation
- Physical Clocks:
/dev/ptp*for kernel-mode devices - Virtual Clocks: Automatic creation for VFIO/DPDK devices
- ptpsyncd Integration: Hardware clock sync for DPDK devices
- Timestamp Offloading: Hardware TX/RX timestamps
# Build all components
cd /home/serle/projects/rust/vfio
cargo build --release
# Install binaries
sudo cp target/release/vfiod /usr/local/bin/
sudo cp target/release/vfioctl /usr/local/bin/
# Install systemd service
sudo cp vfiod/vfiod.service /etc/systemd/system/
sudo systemctl daemon-reload
sudo systemctl enable vfiod
sudo systemctl start vfiodConfiguration file: /etc/vfiod/devices.toml
[dpdk]
hugepages_2mb = 512 # 1GB of hugepages
[[devices]]
pci_address = "0000:01:00.0"
mode = "kernel"
vendor_device = "15b3:101f"
description = "Mellanox ConnectX-6 Lx"
[[devices]]
pci_address = "0000:21:00.0"
mode = "dpdk"
vendor_device = "8086:158b"
description = "Intel XXV710 for 25GbE SFP28"# List all network devices
vfioctl list
# List only DPDK devices
vfioctl list --vfio
# Show configuration
vfioctl config
# Set device mode
vfioctl set-mode 0000:01:00.0 dpdk
# Apply configuration (switch devices to configured modes)
vfioctl apply-configDevices use standard kernel drivers for normal networking:
# Set device to kernel mode
vfioctl set-mode 0000:01:00.0 kernel
# Apply the change
vfioctl apply-configThe daemon will:
- Unbind from vfio-pci (if needed)
- Bind to original kernel driver (mlx5_core, i40e, etc.)
- Recalculate capabilities for kernel driver
- Discover network interface name
For VM passthrough without DPDK:
# Set device to VFIO mode
vfioctl set-mode 0000:01:00.0 vfio
vfioctl apply-configThe daemon will:
- Unbind from kernel driver
- Bind to vfio-pci
- Set VFIO device permissions (0o666)
- Create virtual PTP clock (if supported)
For userspace packet processing with DPDK:
# Set device to DPDK mode
vfioctl set-mode 0000:01:00.0 dpdk
vfioctl apply-configThe daemon will:
- Bind device to vfio-pci (same as VFIO mode)
- Initialize DPDK primary process
- Setup hugepages
- Configure device for DPDK
- Enable hardware timestamping
- Create virtual PTP clock for ptpsyncd
-
Intel: X710 (10G), XXV710 (25G), E810 (100G)
- Driver: i40e, ice
- Full PTP support
- 64 RX/TX queues
-
Mellanox/NVIDIA: ConnectX-4/5/6
- Driver: mlx5_core
- Bifurcated mode support
- RDMA/ibverbs
- 63 RX/TX queues
-
Broadcom: NetXtreme-E series
- Driver: bnxt_en
-
Solarflare: SFC series
- Driver: sfc
- EF_VI, OpenOnload support
- Intel WiFi 6E: AX210, AX211, AX411
- Intel WiFi 6: AX200, AX201
- Intel WiFi 5: AC 9560, AC 9260, AC 8265
┌─────────────┐
│ vfioctl │ ← User commands
└──────┬──────┘
│ IPC (Unix socket)
↓
┌─────────────┐
│ vfiod │ ← System daemon
│ │ - Device discovery
│ │ - Mode management
│ │ - DPDK primary
└──────┬──────┘
│
↓
┌─────────────┐
│ libvfio │ ← Core library
│ │ - Capability detection
│ │ - Configuration
└─────────────┘
When DPDK mode is active:
- Primary Process: vfiod runs DPDK EAL in primary mode
- Shared Memory: Hugepages shared across all processes
- Port Initialization: Devices configured for hardware timestamps
- Secondary Processes: ptpsyncd attaches as DPDK secondary
- Virtual PTP: Clock device created for synchronization
Detection happens at:
- Startup: All devices discovered and analyzed
- Driver Change: Automatic recalculation on bind/unbind
- Manual Refresh: Via
apply-configcommand
Detection methods:
- Link Speed: ethtool → interface speed → PCI → device database
- Queue Counts: sysfs for kernel, DPDK API for vfio
- PTP Support:
/sys/class/ptpenumeration - Hardware Timestamps: ethtool feature flags
- RDMA:
/sys/class/infinibanddetection
[dpdk]
hugepages_2mb = 512 # Number of 2MB hugepages (default: 512 = 1GB)
# Shared by vfiod primary and all secondary processes
# Increase for many workers or large packet buffers[[devices]]
pci_address = "0000:01:00.0" # PCI address
mode = "kernel" # kernel, vfio, or dpdk
vendor_device = "15b3:101f" # vendor:device ID
description = "Mellanox ConnectX-6 Lx (auto-discovered)"The configuration file is automatically updated when:
- New devices are discovered
- Modes are changed via
vfioctl set-mode vfioctl apply-configis run
- Linux kernel 5.0+ with VFIO support
- IOMMU enabled (VT-d for Intel, AMD-Vi for AMD)
- BIOS: Enable VT-d/AMD-Vi
- Kernel:
intel_iommu=onoramd_iommu=on
- Hugepages configured (for DPDK mode)
- Rust 1.83+ (edition 2024)
- DPDK 23.11+ development packages
- pkg-config
- libdpdk-dev
- vfio-pci kernel module
- DPDK libraries (for DPDK mode)
- ethtool (for capability detection)
# Debug build
cargo build
# Release build
cargo build --release
# Build only specific component
cargo build -p vfiod
cargo build -p vfioctl
cargo build -p libvfio# Run all tests
cargo test
# Run specific crate tests
cargo test -p libvfio
# Run with output
cargo test -- --nocapture# Generate and open documentation
cargo doc --open
# Document private items
cargo doc --document-private-items --openThe PTP synchronization daemon uses vfiod for:
- Device capability discovery
- DPDK secondary process attachment
- Virtual PTP clock access
- Hardware timestamp configuration
See /home/serle/projects/rust/ptp for ptpsyncd documentation.
The latency testing orchestrator uses vfiod for:
- Device reservation and allocation
- Queue-level resource sharing
- DPDK device initialization
- Worker process coordination
See /home/serle/projects/rust/latency-orchestrator for orchestrator documentation.
# Check IOMMU is enabled
dmesg | grep -i iommu
# Check vfio-pci module is loaded
lsmod | grep vfio
# Check device IOMMU group
ls -l /sys/bus/pci/devices/0000:01:00.0/iommu_group# Check hugepages
cat /proc/meminfo | grep Huge
# Check DPDK library installation
pkg-config --libs libdpdk
# View vfiod logs
journalctl -u vfiod -fThe system tries multiple detection methods:
- Current link speed (requires link up)
- ethtool maximum supported speed (works link down)
- PCI link speed (rough approximation)
- Device database (final fallback)
If detection fails, check:
# Check ethtool output
ethtool <interface>
# Check if link is up
ip link show <interface>MIT OR Apache-2.0
See /home/serle/projects/rust/TODO.md for project status and planned features.