RDMI develops a defense system targetting for memory introspection, leveraging
programmable data planes and RDMA NICs. The RDMI compiler compiles the policies specified
in domain specific language into lower level configurations. The master P4 switch program
takes in the configurations and enforce the introspection policies for different security tasks.
This repo contains implementation of the system. Please refer to each readme under those subdirectories for more
informations.
The compiler directory contains the implementation of the compiler. It also includes the policy dsl used for
encoding the introspection logic.
The switch directory contains the master P4 program as well as control rules and triggers of the introspection.
The connection directory contains the connection setup program for establish connections.
- Establish the RDMA connections(refer to
connection). - Compile the policy and generate the corresponding configuration files(refer to
compiler). - Configure the switch and run the program(refer to
switch).
Some of the implementation used in this repo is based on existing open-source project, including redmark, Pythia, SCADET, Bedrock and some examples codes provided in Tofino switch SDE.
The code is released under the MIT License.