ncsid: Remove defunct RA script
We no longer need this logic as we have a combined RA handling script in
our meta layers.
Change-Id: I1ca88a25e5b3e5afa46e2f6ff2789885d7046660
Signed-off-by: William A. Kennington III <wak@google.com>
diff --git a/subprojects/ncsid/src/meson.build b/subprojects/ncsid/src/meson.build
index 2bb1c82..a651027 100644
--- a/subprojects/ncsid/src/meson.build
+++ b/subprojects/ncsid/src/meson.build
@@ -60,16 +60,6 @@
implicit_include_directories: false,
install: true)
-install_data(
- 'update_ra_gw.sh',
- install_mode: 'rwxr-xr-x',
- install_dir: get_option('libexecdir'))
-
-install_data(
- 'ncsid_lib.sh',
- install_mode: 'rw-r--r--',
- install_dir: get_option('libexecdir'))
-
systemd = dependency('systemd')
systemunitdir = systemd.get_variable('systemdsystemunitdir')
@@ -82,13 +72,6 @@
install_mode: 'rw-r--r--',
install_dir: systemunitdir)
-configure_file(
- configuration: {'BIN': libexecdir / 'update_ra_gw.sh'},
- input: 'update-ra-gw@.service.in',
- output: 'update-ra-gw@.service',
- install_mode: 'rw-r--r--',
- install_dir: systemunitdir)
-
install_data(
'nic-hostful@.target',
'nic-hostless@.target',
diff --git a/subprojects/ncsid/src/ncsid_lib.sh b/subprojects/ncsid/src/ncsid_lib.sh
deleted file mode 100644
index ef4408e..0000000
--- a/subprojects/ncsid/src/ncsid_lib.sh
+++ /dev/null
@@ -1,484 +0,0 @@
-#!/bin/bash
-# Copyright 2021 Google LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Internal handler used for signalling child processes that they should
-# terminate.
-function HandleTerm() {
- GOT_TERM=1
- if ShouldTerm && (( ${#CHILD_PIDS[@]} > 0 )); then
- kill -s TERM "${!CHILD_PIDS[@]}"
- fi
-}
-
-# Sets up the signal handler and global variables needed to run interruptible
-# services that can be killed gracefully.
-function InitTerm() {
- declare -g -A CHILD_PIDS=()
- declare -g GOT_TERM=0
- declare -g SUPPRESS_TERM=0
- trap HandleTerm TERM
-}
-
-# Used to suppress the handling of SIGTERM for critical components that should
-# not respect SIGTERM. To finish suppressing, use UnsuppressTerm()
-function SuppressTerm() {
- SUPPRESS_TERM=$((SUPPRESS_TERM + 1))
-}
-
-# Stops suppressing SIGTERM for a single invocation of SuppresssTerm()
-function UnsuppressTerm() {
- SUPPRESS_TERM=$((SUPPRESS_TERM - 1))
-}
-
-# Determines if we got a SIGTERM and should respect it
-function ShouldTerm() {
- (( GOT_TERM == 1 && SUPPRESS_TERM == 0 ))
-}
-
-# Internal, ensures that functions called in a subprocess properly initialize
-# their SIGTERM handling logic
-function RunInterruptibleFunction() {
- CHILD_PIDS=()
- trap HandleTerm TERM
- "$@"
-}
-
-# Runs the provided commandline in the background, and passes any received
-# SIGTERMS to the child. Can be waited on using WaitInterruptibleBg
-function RunInterruptibleBg() {
- if ShouldTerm; then
- return 143
- fi
- if [ "$(type -t "$1")" = "function" ]; then
- RunInterruptibleFunction "$@" &
- else
- "$@" &
- fi
- CHILD_PIDS["$!"]=1
-}
-
-# Runs the provided commandline to completion, and passes any received
-# SIGTERMS to the child.
-function RunInterruptible() {
- RunInterruptibleBg "$@" || return
- local child_pid="$!"
- wait "$child_pid" || true
- unset CHILD_PIDS["$child_pid"]
- wait "$child_pid"
-}
-
-# Waits until all of the RunInterruptibleBg() jobs have terminated
-function WaitInterruptibleBg() {
- local wait_on=("${!CHILD_PIDS[@]}")
- if (( ${#wait_on[@]} > 0 )); then
- wait "${wait_on[@]}" || true
- CHILD_PIDS=()
- local rc=0
- local id
- for id in "${wait_on[@]}"; do
- wait "$id" || rc=$?
- done
- return $rc
- fi
-}
-
-# Runs the provided commandline to completion, capturing stdout
-# into a variable
-function CaptureInterruptible() {
- local var="$1"
- shift
- if ShouldTerm; then
- return 143
- fi
- coproc "$@" || return
- local child_pid="$COPROC_PID"
- CHILD_PIDS["$child_pid"]=1
- exec {COPROC[1]}>&-
- read -d $'\0' -ru "${COPROC[0]}" "$var" || true
- wait "$child_pid" || true
- unset CHILD_PIDS[$child_pid]
- wait "$child_pid"
-}
-
-# Determines if an address could be a valid IPv4 address
-# NOTE: this doesn't sanitize invalid IPv4 addresses
-function IsIPv4() {
- local ip="$1"
-
- [[ "$ip" =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}$ ]]
-}
-
-# Takes lines of text from an application on stdin and parses out a single
-# MAC address per line of input.
-function ParseMACFromLine() {
- sed -n 's,.*\(\([0-9a-fA-F]\{2\}:\)\{5\}[0-9a-fA-F]\{2\}\).*,\1,p'
-}
-
-# Looks up the MAC address of the IPv4 neighbor using ARP
-function DetermineNeighbor4() {
- local netdev="$1"
- local ip="$2"
-
- # Grep intentionally prevented from returning an error to preserve the error
- # value of arping
- RunInterruptible arping -f -c 5 -w 5 -I "$netdev" "$ip" | \
- { grep 'reply from' || true; } | ParseMACFromLine
-}
-
-# Looks up the MAC address of the IPv6 neighbor using ICMPv6 ND
-function DetermineNeighbor6() {
- local netdev="$1"
- local ip="$2"
-
- RunInterruptible ndisc6 -1 -r 5 -w 1000 -q "$ip" "$netdev"
-}
-
-# Looks up the MAC address of the neighbor regardless of type
-function DetermineNeighbor() {
- local netdev="$1"
- local ip="$2"
-
- if IsIPv4 "$ip"; then
- DetermineNeighbor4 "$netdev" "$ip"
- else
- DetermineNeighbor6 "$netdev" "$ip"
- fi
-}
-
-# Performs a mapper call to get the subroot for the object root
-# with a maxdepth and list of required interfaces. Returns a streamed list
-# of JSON objects that contain an { object, service }.
-function GetSubTree() {
- local root="$1"
- shift
- local max_depth="$1"
- shift
-
- busctl --json=short call \
- 'xyz.openbmc_project.ObjectMapper' \
- '/xyz/openbmc_project/object_mapper' \
- 'xyz.openbmc_project.ObjectMapper' \
- 'GetSubTree' sias "$root" "$max_depth" "$#" "$@" | \
- jq -c '.data[0] | to_entries[] | { object: .key, service: (.value | keys[0]) }'
-}
-
-# Returns all of the properties for a DBus interface on an object as a JSON
-# object where the keys are the property names
-function GetProperties() {
- local service="$1"
- local object="$2"
- local interface="$3"
-
- busctl --json=short call \
- "$service" \
- "$object" \
- 'org.freedesktop.DBus.Properties' \
- 'GetAll' s "$interface" | \
- jq -c '.data[0] | with_entries({ key, value: .value.data })'
-}
-
-# Returns the property for a DBus interface on an object
-function GetProperty() {
- local service="$1"
- local object="$2"
- local interface="$3"
- local property="$4"
-
- busctl --json=short call \
- "$service" \
- "$object" \
- 'org.freedesktop.DBus.Properties' \
- 'Get' ss "$interface" "$property" | \
- jq -r '.data[0].data'
-}
-
-# Deletes any OpenBMC DBus object from a service
-function DeleteObject() {
- local service="$1"
- local object="$2"
-
- busctl call \
- "$service" \
- "$object" \
- 'xyz.openbmc_project.Object.Delete' \
- 'Delete'
-}
-
-# Transforms the given JSON dictionary into bash local variable
-# statements that can be directly evaluated by the interpreter
-function JSONToVars() {
- jq -r 'to_entries[] | @sh "local \(.key)=\(.value)"'
-}
-
-# Returns the DBus object root for the ethernet interface
-function EthObjRoot() {
- local netdev="$1"
-
- echo "/xyz/openbmc_project/network/$netdev"
-}
-
-# Returns all of the neighbor { service, object } data for an interface as if
-# a call to GetSubTree() was made
-function GetNeighborObjects() {
- local netdev="$1"
-
- GetSubTree "$(EthObjRoot "$netdev")" 0 \
- 'xyz.openbmc_project.Network.Neighbor'
-}
-
-# Returns the neighbor properties as a JSON object
-function GetNeighbor() {
- local service="$1"
- local object="$2"
-
- GetProperties "$service" "$object" 'xyz.openbmc_project.Network.Neighbor'
-}
-
-# Adds a static neighbor to the system network daemon
-function AddNeighbor() {
- local service="$1"
- local netdev="$2"
- local ip="$3"
- local mac="$4"
-
- busctl call \
- "$service" \
- "$(EthObjRoot "$netdev")" \
- 'xyz.openbmc_project.Network.Neighbor.CreateStatic' \
- 'Neighbor' ss "$ip" "$mac" >/dev/null
-}
-
-# Returns all of the IP { service, object } data for an interface as if
-# a call to GetSubTree() was made
-function GetIPObjects() {
- local netdev="$1"
-
- GetSubTree "$(EthObjRoot "$netdev")" 0 \
- 'xyz.openbmc_project.Network.IP'
-}
-
-# Returns the IP properties as a JSON object
-function GetIP() {
- local service="$1"
- local object="$2"
-
- GetProperties "$service" "$object" 'xyz.openbmc_project.Network.IP'
-}
-
-# Returns the Gateway address for the interface and type
-function GetGateways() {
- local service="$1"
- local netdev="$2"
-
- # We fetch both the system properties and the netdev specific properties
- # as OpenBMC is in the process of transitioning these to the netdev object
- # but the migration is not yet complete.
- {
- GetProperties "$service" '/xyz/openbmc_project/network/config' \
- 'xyz.openbmc_project.Network.SystemConfiguration'
- GetProperties "$service" "$(EthObjRoot "$netdev")" \
- 'xyz.openbmc_project.Network.EthernetInterface'
- } | jq -s '
- . | map(
- if .DefaultGateway != "" then
- {DefaultGateway: .DefaultGateway}
- else
- {}
- end +
- if .DefaultGateway6 != "" then
- {DefaultGateway6: .DefaultGateway6}
- else
- {}
- end
- ) | {DefaultGateway: "", DefaultGateway6: ""} + add'
-}
-
-# Adds a static IP to the system network daemon
-function AddIP() {
- local service="$1"
- local netdev="$2"
- local ip="$3"
- local prefix="$4"
-
- local protocol='xyz.openbmc_project.Network.IP.Protocol.IPv4'
- if ! IsIPv4 "$ip"; then
- protocol='xyz.openbmc_project.Network.IP.Protocol.IPv6'
- fi
-
- busctl call \
- "$service" \
- "$(EthObjRoot "$netdev")" \
- 'xyz.openbmc_project.Network.IP.Create' \
- 'IP' ssys "$protocol" "$ip" "$prefix" '' >/dev/null
-}
-
-# Determines if two IP addresses have the same address family
-# IE: Both are IPv4 or both are IPv6
-function MatchingAF() {
- local rc1=0 rc2=0
- IsIPv4 "$1" || rc1=$?
- IsIPv4 "$2" || rc2=$?
- (( rc1 == rc2 ))
-}
-
-# Checks to see if the machine has the provided IP address information
-# already configured. If not, it deletes all of the information for that
-# address family and adds the provided IP address.
-function UpdateIP() {
- local service="$1"
- local netdev="$2"
- local ip="$(normalize_ip $3)"
- local prefix="$4"
-
- local should_add=1
- local delete_services=()
- local delete_objects=()
- local entry
- while read entry; do
- eval "$(echo "$entry" | JSONToVars)" || return $?
- eval "$(GetIP "$service" "$object" | JSONToVars)" || return $?
- if [ "$(normalize_ip "$Address")" = "$ip" ] && \
- [ "$PrefixLength" = "$prefix" ]; then
- should_add=0
- elif MatchingAF "$ip" "$Address" && [[ "$Origin" == *.Static ]]; then
- echo "Deleting spurious IP: $Address/$PrefixLength" >&2
- delete_services+=("$service")
- delete_objects+=("$object")
- fi
- done < <(GetIPObjects "$netdev")
-
- local i
- for (( i=0; i<${#delete_objects[@]}; ++i )); do
- DeleteObject "${delete_services[$i]}" "${delete_objects[$i]}" || true
- done
-
- # The default address is treated as a delete only request
- if [ "$ip" = :: -o "$ip" = 0.0.0.0 ]; then
- return
- fi
-
- if (( should_add == 0 )); then
- echo "Not adding IP: $ip/$prefix" >&2
- else
- echo "Adding IP: $ip/$prefix" >&2
- AddIP "$service" "$netdev" "$ip" "$prefix" || return $?
- fi
-}
-
-# Sets the system gateway property to the provided IP address if not already
-# set to the current value.
-function UpdateGateway() {
- local service="$1"
- local netdev="$2"
- local ip="$3"
-
- local object="$(EthObjRoot "$netdev")"
- local interface='xyz.openbmc_project.Network.EthernetInterface'
- local property='DefaultGateway'
- if ! IsIPv4 "$ip"; then
- property='DefaultGateway6'
- fi
-
- local current_ip
- current_ip="$(GetProperty "$service" "$object" "$interface" "$property")" || \
- return $?
- if [ -n "$current_ip" ] && \
- [ "$(normalize_ip "$ip")" = "$(normalize_ip "$current_ip")" ]; then
- echo "Not reconfiguring gateway: $ip" >&2
- return 0
- fi
-
- echo "Setting gateway: $ip" >&2
- busctl set-property "$service" "$object" "$interface" "$property" s "$ip"
-}
-
-# Checks to see if the machine has the provided neighbor information
-# already configured. If not, it deletes all of the information for that
-# address family and adds the provided neighbor entry.
-function UpdateNeighbor() {
- local service="$1"
- local netdev="$2"
- local ip="$3"
- local mac="$4"
-
- local should_add=1
- local delete_services=()
- local delete_objects=()
- local entry
- while read entry; do
- eval "$(echo "$entry" | JSONToVars)" || return $?
- eval "$(GetNeighbor "$service" "$object" | JSONToVars)" || return $?
- if [ "$(normalize_ip "$IPAddress")" = "$(normalize_ip "$ip")" ] && \
- [ "$(normalize_mac "$MACAddress")" = "$(normalize_mac "$mac")" ]; then
- should_add=0
- elif MatchingAF "$ip" "$IPAddress"; then
- echo "Deleting spurious neighbor: $IPAddress $MACAddress" >&2
- delete_services+=("$service")
- delete_objects+=("$object")
- fi
- done < <(GetNeighborObjects "$netdev" 2>/dev/null)
-
- local i
- for (( i=0; i<${#delete_objects[@]}; ++i )); do
- DeleteObject "${delete_services[$i]}" "${delete_objects[$i]}" || true
- done
-
- if (( should_add == 0 )); then
- echo "Not adding neighbor: $ip $mac" >&2
- else
- echo "Adding neighbor: $ip $mac" >&2
- AddNeighbor "$service" "$netdev" "$ip" "$mac" || return $?
- fi
-}
-
-# Determines the ip and mac of the IPv6 router
-function DiscoverRouter6() {
- local netdev="$1"
- local retries="$2"
- local timeout="$3"
- local router="${4-}"
-
- local output
- local st=0
- local args=(-1 -w "$timeout" -n $router "$netdev")
- if (( retries < 0 )); then
- args+=(-d)
- else
- args+=(-r "$retries")
- fi
- CaptureInterruptible output rdisc6 "${args[@]}" || st=$?
- if (( st != 0 )); then
- echo "rdisc6 failed with: " >&2
- echo "$output" >&2
- return $st
- fi
-
- local ip="$(echo "$output" | grep 'from' | awk '{print $2}')"
- local mac="$(echo "$output" | grep 'Source link-layer' | ParseMACFromLine)"
- local staddr="$(echo "$output" | grep 'Stateful address conf.*Yes')"
- printf '{"router_ip":"%s","router_mac":"%s","stateful_address":"%s"}\n' \
- "$ip" "$mac" "$staddr"
-}
-
-# Sets the network configuration of an interface to be static
-function SetStatic() {
- local service="$1"
- local netdev="$2"
-
- echo "Disabling DHCP" >&2
- busctl set-property "$service" "$(EthObjRoot "$netdev")" \
- xyz.openbmc_project.Network.EthernetInterface DHCPEnabled \
- s xyz.openbmc_project.Network.EthernetInterface.DHCPConf.none
-}
diff --git a/subprojects/ncsid/src/update-ra-gw@.service.in b/subprojects/ncsid/src/update-ra-gw@.service.in
deleted file mode 100644
index a888a1e..0000000
--- a/subprojects/ncsid/src/update-ra-gw@.service.in
+++ /dev/null
@@ -1,14 +0,0 @@
-[Unit]
-Description=RA Gateway Updater
-Wants=mapper-wait@-xyz-openbmc_project-network-%i.service
-After=mapper-wait@-xyz-openbmc_project-network-%i.service
-After=ncsid@%i.service
-StartLimitIntervalSec=1min
-StartLimitBurst=5
-
-[Service]
-KillMode=mixed
-Restart=on-failure
-ExecStart=@@BIN@ update-ra-gw %I
-SyslogIdentifier=update-ra-gw@%I
-SuccessExitStatus=10
diff --git a/subprojects/ncsid/src/update_ra_gw.sh b/subprojects/ncsid/src/update_ra_gw.sh
deleted file mode 100644
index b11dbb1..0000000
--- a/subprojects/ncsid/src/update_ra_gw.sh
+++ /dev/null
@@ -1,141 +0,0 @@
-#!/bin/bash
-# Copyright 2021 Google LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-source "$(dirname "${BASH_SOURCE[0]}")"/ncsid_lib.sh
-
-NCSI_IF="$1"
-
-# We would prefer empty string but it's easier for associative array handling
-# to use invalid
-old_rtr=invalid
-old_mac=
-
-function apply_rtr() {
- local rtr="$1"
- local mac="$2"
- # Don't force networkd to reload as this can break phosphor-networkd
- # Fall back to reload only if ip link commands fail
- (ip -6 route replace default via "$rtr" dev "$NCSI_IF" && \
- ip -6 neigh replace "$rtr" dev "$NCSI_IF" lladdr "$mac") || \
- (networkctl reload && networkctl reconfigure "$NCSI_IF") || true
-}
-
-function set_rtr() {
- [ "$rtr" != "$old_rtr" -a "$mac" != "$old_mac" ] || return
-
- echo "Setting default router: $rtr at $mac" >&2
-
- # Delete and static gateways and neighbors
- while read entry; do
- eval "$(echo "$entry" | JSONToVars)" || return
- echo "Deleting neighbor $object"
- DeleteObject "$service" "$object" || true
- done < <(GetNeighborObjects "$netdev" 2>/dev/null)
-
- busctl set-property xyz.openbmc_project.Network "$(EthObjRoot "$NCSI_IF")" \
- xyz.openbmc_project.Network.EthernetInterface DefaultGateway6 s "" || true
-
- # In case we don't have a base network file, make one
- net_file=/run/systemd/network/00-bmc-$NCSI_IF.network
- printf '[Match]\nName=%s\n[Network]\nDHCP=false\nIPv6AcceptRA=false\nLinkLocalAddressing=yes' \
- "$NCSI_IF" >$net_file
-
- # Override any existing gateway info
- mkdir -p $net_file.d
- printf '[Network]\nGateway=%s\n[Neighbor]\nMACAddress=%s\nAddress=%s' \
- "$rtr" "$mac" "$rtr" >$net_file.d/10-gateway.conf
-
- apply_rtr "$rtr" "$mac"
-
- retries=-1
- old_mac="$mac"
- old_rtr="$rtr"
-}
-
-function fixup_router() {
- [ -z "$old_mac" ] && return
- ip -6 route show | grep -q "^default .*dev $NCSI_IF" && return
- echo 'Default route missing, reconfiguring...' >&2
- apply_rtr "$old_rtr" "$old_mac"
-}
-
-retries=1
-min_w=10
-declare -A rtrs
-rtrs=()
-while true; do
- data=(${rtrs["${old_rtr}"]-})
- curr_dl="${data[1]-$(( min_w + SECONDS ))}"
- args=(-m "$NCSI_IF" -w $(( (curr_dl - SECONDS) * 1000 )))
- if (( retries > 0 )); then
- args+=(-r "$retries")
- else
- args+=(-d)
- fi
- while read line; do
- # `script` terminates all lines with a CRLF, remove it
- line="${line:0:-1}"
- if [ -z "$line" ]; then
- lifetime=-1
- mac=
- elif [[ "$line" =~ ^Router' 'lifetime' '*:' '*([0-9]*) ]]; then
- lifetime="${BASH_REMATCH[1]}"
- elif [[ "$line" =~ ^Source' 'link-layer' 'address' '*:' '*([a-fA-F0-9:]*)$ ]]; then
- mac="${BASH_REMATCH[1]}"
- elif [[ "$line" =~ ^from' '(.*)$ ]]; then
- rtr="${BASH_REMATCH[1]}"
- # Only valid default routers can be considered, 0 lifetime implies
- # a non-default router
- if (( lifetime > 0 )); then
- dl=$((lifetime + SECONDS))
- rtrs["$rtr"]="$mac $dl"
- # We have some notoriously noisy lab environments with many routers being broadcast
- # We always prefer "fe80::1" in prod and labs for routing, so prefer that gateway.
- # We also want to take the first router we find to speed up acquisition on boot.
- if [ "$rtr" = "fe80::1" -o "$old_rtr" = "invalid" ]; then
- set_rtr || true
- fi
- fi
- lifetime=-1
- mac=
- # We sometimes lose the router configuration on some of our platforms
- # Run a fixup whenever we receive a valid RA to ensure it's set correctly
- fixup_router || true
- fi
- done < <(exec script -q -c "rdisc6 ${args[*]}" /dev/null 2>/dev/null)
- # Purge any expired routers
- for rtr in "${!rtrs[@]}"; do
- data=(${rtrs["$rtr"]})
- dl=${data[1]}
- if (( dl <= SECONDS )); then
- unset rtrs["$rtr"]
- fi
- done
- # Consider changing the gateway if the old one doesn't send RAs for the entire period
- # This ensures we don't flip flop between multiple defaults if they exist.
- if [ -z "${rtrs["$old_rtr"]-}" ]; then
- echo "Old router $old_rtr disappeared" >&2
- for rtr in "${!rtrs[@]}"; do
- data=(${rtrs["$rtr"]})
- mac=${data[0]}
- dl=${data[1]}
- set_rtr && break
- done
- fi
-
- # If rdisc6 exits early we still want to wait for the deadline before retrying
- (( timeout = curr_dl - SECONDS ))
- sleep $(( timeout < 0 ? 0 : timeout ))
-done