Nireconciler

.github/workflows/build.yml

@@ -13,7 +13,7 @@ concurrency:
 
 jobs:
   packages:
-    runs-on: ${{ matrix.os }}
+    runs-on: buildjet-4vcpu-ubuntu-2204
     strategy:
       fail-fast: false
       matrix:
@@ -71,7 +71,7 @@ jobs:
 
   eve:
     needs: packages  # all packages for all platforms must be built first
-    runs-on: ubuntu-20.04
+    runs-on: buildjet-4vcpu-ubuntu-2204
     strategy:
       fail-fast: false
       matrix:

.github/workflows/eden.yml

@@ -1,28 +1,19 @@
 ---
 name: Eden
 on:  # yamllint disable-line rule:truthy
-  push:
+  pull_request:
     branches:
       - "master"
-      - "[0-9]+.[0-9]+"
-      - "[0-9]+.[0-9]+-stable"
-    paths-ignore:
-      - 'docs/**'
-  pull_request_review:
-    types: [submitted]
-    paths-ignore:
-      - 'docs/**'
 
 jobs:
   integration:
     name: Integration test (tpm=${{ matrix.tpm }};${{ matrix.fs }})
-    runs-on: ubuntu-22.04
+    runs-on: buildjet-4vcpu-ubuntu-2204
     strategy:
       fail-fast: false
       matrix:
         tpm: ["true", "false"]
         fs: ["zfs", "ext4"]
-    if: ${{ github.event.review.state == 'approved' || github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags') }}
     steps:
       - name: Check
         run: |

Makefile

@@ -159,7 +159,7 @@ EFI_PART=$(INSTALLER)/EFI
 BOOT_PART=$(INSTALLER)/boot
 BSP_IMX_PART=$(INSTALLER)/bsp-imx
 
-SBOM=$(ROOTFS).spdx.json
+SBOM?=$(ROOTFS).spdx.json
 COLLECTED_SOURCES=$(BUILD_DIR)/collected_sources.tar.gz
 DEVICETREE_DTB_amd64=
 DEVICETREE_DTB_arm64=$(DIST)/dtb/eve.dtb

api/proto/info/info.proto

@@ -977,7 +977,10 @@ message ZInfoNetworkInstance {
   string bridgeIPAddr = 22;
 
   repeated ZmetIPAssignmentEntry ipAssignments = 23;
-  repeated string bridgeIPSets = 24; // Union of all ipsets for the bridge
+  // Union of all ipsets for the bridge
+  // Deprecated: This info is an implementation detail specific to network instances
+  // built on top of the Linux network stack.
+  repeated string bridgeIPSets = 24;
   repeated ZmetVifInfo vifs = 25; // Set of vifs on this bridge
   bool ipv4Eid = 26; // Track if this is a CryptoEid with IPv4 EIDs
 

pkg/pillar/cmd/domainmgr/domainmgr.go

@@ -30,7 +30,6 @@ import (
 	"github.com/lf-edge/eve/pkg/pillar/cipher"
 	"github.com/lf-edge/eve/pkg/pillar/containerd"
 	"github.com/lf-edge/eve/pkg/pillar/cpuallocator"
-	"github.com/lf-edge/eve/pkg/pillar/devicenetwork"
 	"github.com/lf-edge/eve/pkg/pillar/flextimer"
 	"github.com/lf-edge/eve/pkg/pillar/hypervisor"
 	"github.com/lf-edge/eve/pkg/pillar/pidfile"
@@ -43,7 +42,6 @@ import (
 	uuid "github.com/satori/go.uuid"
 	"github.com/sirupsen/logrus"
 	"github.com/vishvananda/netlink"
-	"golang.org/x/sys/unix"
 )
 
 const (
@@ -1598,11 +1596,6 @@ func doActivateTail(ctx *domainContext, status *types.DomainStatus,
 			status.Key())
 	}
 	status.Activated = true
-	err = setupVlans(status.VifList)
-	if err != nil {
-		log.Errorf("doActivateTail(%v) setupVlans failed for %s: %v",
-			status.UUIDandVersion, status.DisplayName, err)
-	}
 	log.Functionf("doActivateTail(%v) done for %s",
 		status.UUIDandVersion, status.DisplayName)
 }
@@ -1630,114 +1623,6 @@ func enableVlanFiltering(bridgeName string) error {
 	return nil
 }
 
-// TODO Move this to zedrouter.
-func setupVlans(vifList []types.VifInfo) error {
-	deadline := time.Now().Add(time.Minute)
-	const delay = time.Second
-	for _, vif := range vifList {
-		if vif.Vlan.End == 0 {
-			// VLAN not configured for this interface
-			continue
-		}
-
-		var err error
-		bridgeName := vif.Bridge
-		for {
-			err := enableVlanFiltering(bridgeName)
-			if err == nil {
-				break
-			}
-			if errors.Is(err, unix.EBUSY) {
-				if time.Now().Before(deadline) {
-					log.Warnf("setupVlans: bridge %s is busy, will retry in %s",
-						bridgeName, delay)
-					time.Sleep(delay)
-					continue
-				}
-			}
-			return err
-		}
-
-		var link netlink.Link
-		for {
-			link, err = netlink.LinkByName(vif.Vif)
-			if err == nil {
-				if link.Attrs().MasterIndex == 0 {
-					if time.Now().Before(deadline) {
-						log.Warnf("setupVlans: interface %s is not yet bridged, will retry in %s",
-							vif.Vif, delay)
-						time.Sleep(delay)
-						continue
-					}
-					err := fmt.Errorf("interface %s is not bridged", vif.Vif)
-					return err
-				}
-				break
-			}
-			if _, notFound := err.(netlink.LinkNotFoundError); notFound {
-				if time.Now().Before(deadline) {
-					log.Warnf("setupVlans: interface %s was not found, will retry in %s",
-						vif.Vif, delay)
-					time.Sleep(delay)
-					continue
-				}
-			}
-			err = fmt.Errorf("failed to get link '%s': %w", vif.Vif, err)
-			return err
-		}
-
-		// Switch network instances have one or zero uplinks.
-		var uplink netlink.Link
-		if vif.Vlan.SwitchUplink != "" {
-			ifName := devicenetwork.UplinkToPhysdev(log, vif.Vlan.SwitchUplink)
-			uplink, err = netlink.LinkByName(ifName)
-			if err != nil {
-				err = fmt.Errorf("failed to get uplink %s for VIF %s",
-					vif.Vlan.SwitchUplink, vif.Vif)
-				return err
-			}
-		}
-
-		if !vif.Vlan.IsTrunk {
-			vlanID := vif.Vlan.Start
-			err = netlink.BridgeVlanAdd(link, uint16(vlanID), true, true, false, false)
-			if err != nil {
-				err = fmt.Errorf("failed to configure VLAN (%d) for access port '%s': %w",
-					vif.Vlan.Start, vif.Vif, err)
-				return err
-			}
-			if uplink != nil {
-				err = netlink.BridgeVlanAdd(uplink, uint16(vlanID), false, false, false, false)
-				if err != nil {
-					err = fmt.Errorf("failed to configure VLAN (%d) for uplink trunk port '%s': %w",
-						vlanID, uplink.Attrs().Name, err)
-					return err
-				}
-			}
-		} else {
-			start := vif.Vlan.Start
-			end := vif.Vlan.End
-			for vlanID := start; vlanID <= end; vlanID++ {
-				err = netlink.BridgeVlanAdd(link, uint16(vlanID), false, false, false, false)
-				if err != nil {
-					err = fmt.Errorf("failed to configure VLAN (%d) for trunk port '%s': %w",
-						vlanID, vif.Vif, err)
-					return err
-				}
-				if uplink != nil {
-					err = netlink.BridgeVlanAdd(uplink, uint16(vlanID), false, false, false, false)
-					if err != nil {
-						err = fmt.Errorf("failed to configure VLAN (%d) for uplink trunk port '%s': %w",
-							vlanID, uplink.Attrs().Name, err)
-						return err
-					}
-				}
-			}
-		}
-	}
-	return nil
-}
-
 // shutdown and wait for the domain to go away; if that fails destroy and wait
 func doInactivate(ctx *domainContext, status *types.DomainStatus, impatient bool) {
 

pkg/pillar/cmd/zedagent/handleconfig.go

@@ -993,7 +993,7 @@ func updateLocalServerMap(getconfigCtx *getconfigContext, localServerURL string)
 			}
 			if localServerIP != nil {
 				// check if the defined IP of localServer equals the allocated IP of the app
-				if ulStatus.AllocatedIPv4Addr == localServerIP.String() {
+				if ulStatus.AllocatedIPv4Addr.Equal(localServerIP) {
 					srvAddr := localServerAddr{
 						localServerAddr: localServerURL,
 						bridgeIP:        ulStatus.BridgeIPAddr,

pkg/pillar/cmd/zedagent/handlemetrics.go

@@ -10,6 +10,7 @@ import (
 	"crypto/sha256"
 	"encoding/hex"
 	"fmt"
+	"net"
 	"net/http"
 	"os"
 	"runtime"
@@ -1156,10 +1157,15 @@ func PublishAppInfoToZedCloud(ctx *zedagentContext, uuid string,
 		for _, ifname := range ifNames {
 			networkInfo := new(info.ZInfoNetwork)
 			networkInfo.LocalName = *proto.String(ifname)
-			ipv4Addr, ipv6Addrs, allocated, macAddr, ipAddrMismatch := getAppIP(ctx, aiStatus,
-				ifname)
-			networkInfo.IPAddrs = append([]string{ipv4Addr}, ipv6Addrs...)
-			networkInfo.MacAddr = *proto.String(macAddr)
+			ipv4Addr, ipv6Addrs, allocated, macAddr, ipAddrMismatch :=
+				getAppIP(ctx, aiStatus, ifname)
+			if ipv4Addr != nil {
+				networkInfo.IPAddrs = append(networkInfo.IPAddrs, ipv4Addr.String())
+			}
+			for _, ipv6Addr := range ipv6Addrs {
+				networkInfo.IPAddrs = append(networkInfo.IPAddrs, ipv6Addr.String())
+			}
+			networkInfo.MacAddr = *proto.String(macAddr.String())
 			networkInfo.Ipv4Up = allocated
 			networkInfo.IpAddrMisMatch = ipAddrMismatch
 			name := appIfnameToName(aiStatus, ifname)
@@ -1174,7 +1180,7 @@ func PublishAppInfoToZedCloud(ctx *zedagentContext, uuid string,
 					networkInfo.NtpServers = append(networkInfo.NtpServers, niStatus.NtpServer.String())
 				} else {
 					ntpServers := types.GetNTPServers(*deviceNetworkStatus,
-						niStatus.SelectedUplinkIntf)
+						niStatus.SelectedUplinkIntfName)
 					for _, server := range ntpServers {
 						networkInfo.NtpServers = append(networkInfo.NtpServers, server.String())
 					}
@@ -1585,7 +1591,7 @@ func sendMetricsProtobuf(ctx *getconfigContext,
 // Use the ifname/vifname to find the underlay status
 // and from there the (ip, allocated, mac) addresses for the app
 func getAppIP(ctx *zedagentContext, aiStatus *types.AppInstanceStatus,
-	vifname string) (string, []string, bool, string, bool) {
+	vifname string) (net.IP, []net.IP, bool, net.HardwareAddr, bool) {
 
 	log.Tracef("getAppIP(%s, %s)", aiStatus.Key(), vifname)
 	for _, ulStatus := range aiStatus.UnderlayNetworks {
@@ -1595,9 +1601,10 @@ func getAppIP(ctx *zedagentContext, aiStatus *types.AppInstanceStatus,
 		log.Tracef("getAppIP(%s, %s) found underlay v4: %s, v6: %s, ipv4 assigned %v mac %s",
 			aiStatus.Key(), vifname, ulStatus.AllocatedIPv4Addr,
 			ulStatus.AllocatedIPv6List, ulStatus.IPv4Assigned, ulStatus.Mac)
-		return ulStatus.AllocatedIPv4Addr, ulStatus.AllocatedIPv6List, ulStatus.IPv4Assigned, ulStatus.Mac, ulStatus.IPAddrMisMatch
+		return ulStatus.AllocatedIPv4Addr, ulStatus.AllocatedIPv6List, ulStatus.IPv4Assigned,
+			ulStatus.Mac, ulStatus.IPAddrMisMatch
 	}
-	return "", []string{}, false, "", false
+	return nil, nil, false, nil, false
 }
 
 func createVolumeInstanceMetrics(ctx *zedagentContext, reportMetrics *metrics.ZMetricMsg) {

pkg/pillar/cmd/zedagent/handlenetworkinstance.go

@@ -81,7 +81,7 @@ func prepareAndPublishNetworkInstanceInfoMsg(ctx *zedagentContext,
 	if !deleted {
 		info.Displayname = status.DisplayName
 		info.InstType = uint32(status.Type)
-		info.CurrentUplinkIntf = status.SelectedUplinkIntf
+		info.CurrentUplinkIntf = status.SelectedUplinkIntfName
 
 		if !status.ErrorTime.IsZero() {
 			errInfo := new(zinfo.ErrorInfo)
@@ -114,44 +114,42 @@ func prepareAndPublishNetworkInstanceInfoMsg(ctx *zedagentContext,
 			}
 			info.IpAssignments = append(info.IpAssignments, assignment)
 		}
-		for _, s := range status.BridgeIPSets {
-			info.BridgeIPSets = append(info.BridgeIPSets, s)
-		}
 		for _, v := range status.Vifs {
 			vi := new(zinfo.ZmetVifInfo)
 			vi.VifName = v.Name
-			vi.MacAddress = v.MacAddr
+			vi.MacAddress = v.MacAddr.String()
 			vi.AppID = v.AppID.String()
 			info.Vifs = append(info.Vifs, vi)
 		}
-		for _, ifname := range status.IfNameList {
+		if status.SelectedUplinkIntfName != "" {
+			ifname := status.SelectedUplinkIntfName
 			ia := ctx.assignableAdapters.LookupIoBundleIfName(ifname)
 			if ia == nil {
 				log.Warnf("Missing adapter for ifname %s", ifname)
-				continue
-			}
-			reportAA := new(zinfo.ZioBundle)
-			reportAA.Type = zcommon.PhyIoType(ia.Type)
-			reportAA.Name = ia.Logicallabel
-			// XXX Add Phylabel in protobuf message?
-			reportAA.UsedByAppUUID = devUUID.String()
-			list := ctx.assignableAdapters.LookupIoBundleAny(ia.Phylabel)
-			for _, ib := range list {
-				if ib == nil {
-					continue
-				}
-				reportAA.Members = append(reportAA.Members, ib.Logicallabel)
-				if ib.MacAddr != "" {
-					reportMac := new(zinfo.IoAddresses)
-					reportMac.MacAddress = ib.MacAddr
-					reportAA.IoAddressList = append(reportAA.IoAddressList,
-						reportMac)
+			} else {
+				reportAA := new(zinfo.ZioBundle)
+				reportAA.Type = zcommon.PhyIoType(ia.Type)
+				reportAA.Name = ia.Logicallabel
+				// XXX Add Phylabel in protobuf message?
+				reportAA.UsedByAppUUID = devUUID.String()
+				list := ctx.assignableAdapters.LookupIoBundleAny(ia.Phylabel)
+				for _, ib := range list {
+					if ib == nil {
+						continue
+					}
+					reportAA.Members = append(reportAA.Members, ib.Logicallabel)
+					if ib.MacAddr != "" {
+						reportMac := new(zinfo.IoAddresses)
+						reportMac.MacAddress = ib.MacAddr
+						reportAA.IoAddressList = append(reportAA.IoAddressList,
+							reportMac)
+					}
+					log.Tracef("AssignableAdapters for %s macs %v",
+						reportAA.Name, reportAA.IoAddressList)
 				}
-				log.Tracef("AssignableAdapters for %s macs %v",
-					reportAA.Name, reportAA.IoAddressList)
+				info.AssignedAdapters = append(info.AssignedAdapters,
+					reportAA)
 			}
-			info.AssignedAdapters = append(info.AssignedAdapters,
-				reportAA)
 		}
 	}
 

pkg/pillar/cmd/zedagent/parseconfig.go

@@ -406,7 +406,7 @@ func publishNetworkInstanceConfig(ctx *getconfigContext,
 			networkInstanceConfig.Type, networkInstanceConfig.Activate)
 
 		if apiConfigEntry.Port != nil {
-			networkInstanceConfig.Logicallabel = apiConfigEntry.Port.Name
+			networkInstanceConfig.PortLogicalLabel = apiConfigEntry.Port.Name
 		}
 		networkInstanceConfig.IpType = types.AddressType(apiConfigEntry.IpType)