diff --git a/.golangci.yml b/.golangci.yml index d0682849..f5a91032 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -166,3 +166,7 @@ issues: exclude-use-default: false max-issues-per-linter: 0 max-same-issues: 0 + exclude-rules: + - path: ".*_test.go" + linters: + - gosec diff --git a/pkg/networkservice/common/resourcepool/client.go b/pkg/networkservice/common/resourcepool/client.go index ba177b38..56aee59e 100644 --- a/pkg/networkservice/common/resourcepool/client.go +++ b/pkg/networkservice/common/resourcepool/client.go @@ -35,6 +35,7 @@ import ( "github.com/networkservicemesh/sdk-sriov/pkg/sriov" "github.com/networkservicemesh/sdk-sriov/pkg/sriov/config" + "github.com/networkservicemesh/sdk-sriov/pkg/tools/tokens" ) type resourcePoolClient struct { @@ -62,8 +63,9 @@ func NewClient( func (i *resourcePoolClient) Request(ctx context.Context, request *networkservice.NetworkServiceRequest, opts ...grpc.CallOption) (*networkservice.Connection, error) { logger := log.FromContext(ctx).WithField("resourcePoolClient", "Request") - oldPCIAddress := request.GetConnection().GetMechanism().GetParameters()[common.PCIAddressKey] - oldTokenID := request.GetConnection().GetMechanism().GetParameters()[TokenIDKey] + mechParams := request.GetConnection().GetMechanism().GetParameters() + oldPCIAddress := mechParams[common.PCIAddressKey] + oldTokenID := mechParams[common.DeviceTokenIDKey] postponeCtxFunc := postpone.ContextWithValues(ctx) @@ -72,9 +74,13 @@ func (i *resourcePoolClient) Request(ctx context.Context, request *networkservic return nil, err } - tokenID, ok := conn.GetMechanism().GetParameters()[TokenIDKey] + tokenID, ok := conn.GetMechanism().GetParameters()[common.DeviceTokenIDKey] if !ok { - logger.Infof("no token id present for endpoint connection %v", conn) + logger.Infof("no token ID present for the connection: %v", conn) + return conn, nil + } + if !tokens.IsTokenID(tokenID) { + logger.Infof("[%s] is not a SR-IOV token ID: %v", tokenID, conn) return conn, nil } diff --git a/pkg/networkservice/common/resourcepool/common.go b/pkg/networkservice/common/resourcepool/common.go index 7dcffe29..7bb6e3c2 100644 --- a/pkg/networkservice/common/resourcepool/common.go +++ b/pkg/networkservice/common/resourcepool/common.go @@ -1,5 +1,7 @@ // Copyright (c) 2021 Nordix Foundation. // +// Copyright (c) 2021 Doc.ai and/or its affiliates. +// // SPDX-License-Identifier: Apache-2.0 // // Licensed under the Apache License, Version 2.0 (the "License"); @@ -20,22 +22,18 @@ import ( "context" "sync" + "github.com/pkg/errors" + "github.com/networkservicemesh/api/pkg/api/networkservice" "github.com/networkservicemesh/api/pkg/api/networkservice/mechanisms/common" "github.com/networkservicemesh/api/pkg/api/networkservice/mechanisms/vfio" "github.com/networkservicemesh/sdk-kernel/pkg/kernel/networkservice/vfconfig" "github.com/networkservicemesh/sdk/pkg/tools/log" - "github.com/pkg/errors" "github.com/networkservicemesh/sdk-sriov/pkg/sriov" "github.com/networkservicemesh/sdk-sriov/pkg/sriov/config" ) -const ( - // TokenIDKey is a token ID mechanism parameter key - TokenIDKey = "tokenID" // TODO: move to api -) - // PCIPool is a pci.Pool interface type PCIPool interface { GetPCIFunction(pciAddr string) (sriov.PCIFunction, error) diff --git a/pkg/networkservice/common/resourcepool/server.go b/pkg/networkservice/common/resourcepool/server.go index 8e05d5ec..5b037735 100644 --- a/pkg/networkservice/common/resourcepool/server.go +++ b/pkg/networkservice/common/resourcepool/server.go @@ -25,12 +25,14 @@ import ( "github.com/pkg/errors" "github.com/networkservicemesh/api/pkg/api/networkservice" + "github.com/networkservicemesh/api/pkg/api/networkservice/mechanisms/common" "github.com/networkservicemesh/sdk/pkg/networkservice/core/next" "github.com/networkservicemesh/sdk/pkg/networkservice/utils/metadata" "github.com/networkservicemesh/sdk/pkg/tools/log" "github.com/networkservicemesh/sdk-sriov/pkg/sriov" "github.com/networkservicemesh/sdk-sriov/pkg/sriov/config" + "github.com/networkservicemesh/sdk-sriov/pkg/tools/tokens" ) type resourcePoolServer struct { @@ -58,10 +60,12 @@ func NewServer( func (s *resourcePoolServer) Request(ctx context.Context, request *networkservice.NetworkServiceRequest) (*networkservice.Connection, error) { logger := log.FromContext(ctx).WithField("resourcePoolServer", "Request") conn := request.GetConnection() - tokenID, ok := conn.GetMechanism().GetParameters()[TokenIDKey] + tokenID, ok := conn.GetMechanism().GetParameters()[common.DeviceTokenIDKey] if !ok { - logger.Infof("no token id present for client connection %v", conn) - return next.Server(ctx).Request(ctx, request) + return nil, errors.New("no token ID provided") + } + if !tokens.IsTokenID(tokenID) { + return nil, errors.Errorf("no SR-IOV token ID provided, got: %s", tokenID) } err := assignVF(ctx, logger, conn, tokenID, s.resourcePool, metadata.IsClient(s)) diff --git a/pkg/networkservice/common/resourcepool/server_test.go b/pkg/networkservice/common/resourcepool/server_test.go index 1fc47b9b..31eaf90d 100644 --- a/pkg/networkservice/common/resourcepool/server_test.go +++ b/pkg/networkservice/common/resourcepool/server_test.go @@ -26,6 +26,7 @@ import ( "github.com/stretchr/testify/require" "github.com/networkservicemesh/api/pkg/api/networkservice" + "github.com/networkservicemesh/api/pkg/api/networkservice/mechanisms/common" "github.com/networkservicemesh/api/pkg/api/networkservice/mechanisms/kernel" "github.com/networkservicemesh/api/pkg/api/networkservice/mechanisms/vfio" "github.com/networkservicemesh/sdk-kernel/pkg/kernel/networkservice/vfconfig" @@ -46,6 +47,7 @@ const ( configFileName = "config.yml" pf2PciAddr = "0000:00:02.0" vf2KernelDriver = "vf-2-driver" + tokenID = "sriov-xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" ) type sample struct { @@ -135,7 +137,7 @@ func TestResourcePoolServer_Request(t *testing.T) { // 1. Request - resourcePool.mock.On("Select", "1", sample.driverType). + resourcePool.mock.On("Select", tokenID, sample.driverType). Return(pfs[pf2PciAddr].Vfs[1].Addr, nil) ctx := context.TODO() @@ -145,7 +147,7 @@ func TestResourcePoolServer_Request(t *testing.T) { Mechanism: &networkservice.Mechanism{ Type: sample.mechanism, Parameters: map[string]string{ - resourcepool.TokenIDKey: "1", + common.DeviceTokenIDKey: tokenID, }, }, }, diff --git a/pkg/networkservice/common/token/client.go b/pkg/networkservice/common/token/client.go index 9d2756e8..720cf9c0 100644 --- a/pkg/networkservice/common/token/client.go +++ b/pkg/networkservice/common/token/client.go @@ -1,4 +1,4 @@ -// Copyright (c) 2020 Doc.ai and/or its affiliates. +// Copyright (c) 2020-2021 Doc.ai and/or its affiliates. // // Copyright (c) 2021 Nordix Foundation. // @@ -29,9 +29,9 @@ import ( "google.golang.org/grpc" "github.com/networkservicemesh/api/pkg/api/networkservice" + "github.com/networkservicemesh/api/pkg/api/networkservice/mechanisms/common" "github.com/networkservicemesh/sdk/pkg/networkservice/core/next" - "github.com/networkservicemesh/sdk-sriov/pkg/networkservice/common/resourcepool" "github.com/networkservicemesh/sdk-sriov/pkg/tools/tokens" ) @@ -68,7 +68,7 @@ func (c *tokenClient) Request(ctx context.Context, request *networkservice.Netwo if mech.Parameters == nil { mech.Parameters = map[string]string{} } - mech.Parameters[resourcepool.TokenIDKey] = tokenID + mech.Parameters[common.DeviceTokenIDKey] = tokenID } } } diff --git a/pkg/networkservice/common/token/client_test.go b/pkg/networkservice/common/token/client_test.go index 8aa83db2..27deb8b1 100644 --- a/pkg/networkservice/common/token/client_test.go +++ b/pkg/networkservice/common/token/client_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2020 Doc.ai and/or its affiliates. +// Copyright (c) 2020-2021 Doc.ai and/or its affiliates. // // SPDX-License-Identifier: Apache-2.0 // @@ -22,20 +22,21 @@ import ( "testing" "github.com/golang/protobuf/ptypes/empty" + "github.com/stretchr/testify/require" + "google.golang.org/grpc" + "github.com/networkservicemesh/api/pkg/api/networkservice" + "github.com/networkservicemesh/api/pkg/api/networkservice/mechanisms/common" "github.com/networkservicemesh/sdk/pkg/networkservice/core/chain" "github.com/networkservicemesh/sdk/pkg/networkservice/core/next" - "github.com/stretchr/testify/require" - "google.golang.org/grpc" - "github.com/networkservicemesh/sdk-sriov/pkg/networkservice/common/resourcepool" "github.com/networkservicemesh/sdk-sriov/pkg/networkservice/common/token" "github.com/networkservicemesh/sdk-sriov/pkg/tools/tokens" ) const ( tokenName = "service.domain/10G" - tokenID = "1" + tokenID = "sriov-xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" sriovTokenLabel = "sriovToken" serviceDomainLabel = "serviceDomain" serviceDomain = "service.domain" @@ -85,7 +86,7 @@ func (c *validateClient) Request(ctx context.Context, request *networkservice.Ne }, request.GetConnection().GetLabels()) for _, mech := range request.GetMechanismPreferences() { - require.Equal(c.t, tokenID, mech.GetParameters()[resourcepool.TokenIDKey]) + require.Equal(c.t, tokenID, mech.GetParameters()[common.DeviceTokenIDKey]) } return next.Client(ctx).Request(ctx, request, opts...) diff --git a/pkg/networkservice/common/token/server.go b/pkg/networkservice/common/token/server.go index 2b5ce52a..ed27f5aa 100644 --- a/pkg/networkservice/common/token/server.go +++ b/pkg/networkservice/common/token/server.go @@ -1,5 +1,7 @@ // Copyright (c) 2021 Nordix Foundation. // +// Copyright (c) 2021 Doc.ai and/or its affiliates. +// // SPDX-License-Identifier: Apache-2.0 // // Licensed under the Apache License, Version 2.0 (the "License"); @@ -21,11 +23,11 @@ import ( "os" "github.com/golang/protobuf/ptypes/empty" + "github.com/networkservicemesh/api/pkg/api/networkservice" "github.com/networkservicemesh/api/pkg/api/networkservice/mechanisms/kernel" "github.com/networkservicemesh/sdk/pkg/networkservice/core/next" - "github.com/networkservicemesh/sdk-sriov/pkg/networkservice/common/resourcepool" "github.com/networkservicemesh/sdk-sriov/pkg/tools/tokens" ) @@ -46,10 +48,9 @@ func NewServer(tokenKey string) networkservice.NetworkServiceServer { func (s *tokenServer) Request(ctx context.Context, request *networkservice.NetworkServiceRequest) (*networkservice.Connection, error) { var tokenID string - if mechanism := kernel.ToMechanism(request.GetConnection().GetMechanism()); mechanism != nil || mechanism.Parameters[resourcepool.TokenIDKey] == "" { - tokenID = s.config.assign(s.tokenName, request.GetConnection()) - if tokenID != "" { - mechanism.Parameters[resourcepool.TokenIDKey] = tokenID + if mechanism := kernel.ToMechanism(request.GetConnection().GetMechanism()); mechanism != nil || mechanism.GetDeviceTokenID() == "" { + if tokenID = s.config.assign(s.tokenName, request.GetConnection()); tokenID != "" { + mechanism.SetDeviceTokenID(tokenID) } } diff --git a/pkg/sriov/token/pool.go b/pkg/sriov/token/pool.go index 235d8e88..cd52ec41 100644 --- a/pkg/sriov/token/pool.go +++ b/pkg/sriov/token/pool.go @@ -23,11 +23,10 @@ import ( "path" "sync" - "github.com/google/uuid" "github.com/pkg/errors" "github.com/networkservicemesh/sdk-sriov/pkg/sriov/config" - tokenenv "github.com/networkservicemesh/sdk-sriov/pkg/tools/tokens" + sriovtokens "github.com/networkservicemesh/sdk-sriov/pkg/tools/tokens" ) const ( @@ -81,7 +80,7 @@ func NewPool(cfg *config.Config) *Pool { name := path.Join(serviceDomain, capability) for i := 0; i < len(pfCfg.VirtualFunctions); i++ { tok := &token{ - id: uuid.New().String(), + id: sriovtokens.NewTokenID(), name: name, state: free, } @@ -321,5 +320,5 @@ func (p *Pool) stopUsing(id string) error { // ToEnv returns a (name, value) pair to store given tokens into the environment variable func (p *Pool) ToEnv(tokenName string, tokenIDs []string) (name, value string) { - return tokenenv.ToEnv(tokenName, tokenIDs) + return sriovtokens.ToEnv(tokenName, tokenIDs) } diff --git a/pkg/tools/tokens/tokens.go b/pkg/tools/tokens/tokens.go index a5b4eee0..ddc2bdf9 100644 --- a/pkg/tools/tokens/tokens.go +++ b/pkg/tools/tokens/tokens.go @@ -1,4 +1,4 @@ -// Copyright (c) 2020 Doc.ai and/or its affiliates. +// Copyright (c) 2020-2021 Doc.ai and/or its affiliates. // // Copyright (c) 2021 Nordix Foundation. // @@ -22,11 +22,14 @@ package tokens import ( "fmt" "strings" + + "github.com/google/uuid" ) const ( // EnvPrefix sriov token env name prefix - EnvPrefix = "NSM_SRIOV_TOKENS_" + EnvPrefix = "NSM_SRIOV_TOKENS_" + sriovPrevix = "sriov-" ) // ToEnv returns a (name, value) pair to store given tokens into the environment variable @@ -46,3 +49,15 @@ func FromEnv(envs []string) map[string][]string { } return tokens } + +// NewTokenID returns a new SR-IOV token ID +func NewTokenID() string { + return sriovPrevix + uuid.New().String() +} + +var tokenIDLen = len(NewTokenID()) + +// IsTokenID returns if given string is a SR-IOV token ID +func IsTokenID(s string) bool { + return strings.HasPrefix(s, sriovPrevix) && len(s) == tokenIDLen +}