lf-edge / eve Goto Github PK
View Code? Open in Web Editor NEWEVE is Edge Virtualization Engine
Home Page: https://www.lfedge.org/projects/eve/
License: Apache License 2.0
EVE is Edge Virtualization Engine
Home Page: https://www.lfedge.org/projects/eve/
License: Apache License 2.0
Description
Unable to cross-compile pillar for arm64
Steps to reproduce the issue:
cd pkg/pillar
make zedbox ARCH=arm64
Describe the results you received:
$ make zedbox ARCH=arm64
mkdir -p dist/arm64
Creating go builder image for user adeitcher
Building dist/arm64/zedbox
# runtime/cgo
gcc_arm64.S: Assembler messages:
gcc_arm64.S:27: Error: no such instruction: `stp x19,x20,[sp,'
gcc_arm64.S:28: Error: no such instruction: `stp x21,x22,[sp,'
gcc_arm64.S:29: Error: no such instruction: `stp x23,x24,[sp,'
gcc_arm64.S:30: Error: no such instruction: `stp x25,x26,[sp,'
gcc_arm64.S:31: Error: no such instruction: `stp x27,x28,[sp,'
gcc_arm64.S:32: Error: no such instruction: `stp x29,x30,[sp,'
gcc_arm64.S:33: Error: too many memory references for `mov'
gcc_arm64.S:35: Error: too many memory references for `mov'
gcc_arm64.S:36: Error: too many memory references for `mov'
gcc_arm64.S:37: Error: too many memory references for `mov'
gcc_arm64.S:39: Error: no such instruction: `blr x20'
gcc_arm64.S:40: Error: no such instruction: `blr x19'
gcc_arm64.S:42: Error: no such instruction: `ldp x29,x30,[sp],'
gcc_arm64.S:43: Error: no such instruction: `ldp x27,x28,[sp],'
gcc_arm64.S:44: Error: no such instruction: `ldp x25,x26,[sp],'
gcc_arm64.S:45: Error: no such instruction: `ldp x23,x24,[sp],'
gcc_arm64.S:46: Error: no such instruction: `ldp x21,x22,[sp],'
gcc_arm64.S:47: Error: no such instruction: `ldp x19,x20,[sp],'
make: *** [dist/arm64/zedbox] Error 2
Describe the results you expected:
It should build
By default, EVE's GRUB boots the Linux kernel with console=tty0
. On the Dell 300x series, the correct serial port is ttyS0
, so this setting prevents users from seeing/interacting with the installer/system.
On a Dell Edge Gateway 3002, connect to the interior debug serial port and boot the installer or live system.
The BIOS messages and GRUB menu will appear. Upon booting into EVE, the last message will be error: no suitable video mode found
The kernel boot messages should appear on the serial port. Once booted, the EVE system prompt should be accessible for use.
One can work around this issue by editing the boot command to specify the correct console option. Press e
at the GRUB menu and change $linux_console
to console=ttyS0
.
Now that we have a lot of security/trust bits of functionality coming in it would be very useful to have a comprehensive security/trust documentation laying down some foundational principles.
Description
Failed to build xen-tools
Steps to reproduce the issue:
Describe the results you received:
make[4]: Leaving directory '/xen/tools/xcutils'
make[3]: Leaving directory '/xen/tools'
make[3]: Entering directory '/xen/tools'
make -C firmware install
make[4]: Entering directory '/xen/tools/firmware'
GIT=git /xen/tools/firmware/../../scripts/git-checkout.sh git://xenbits.xen.org/seabios.git rel-1.12.0 seabios-dir
Cloning into 'seabios-dir-remote.tmp'...
fatal: unable to connect to xenbits.xen.org:
xenbits.xen.org[0: 104.239.192.120]: errno=Operation timed out
make[4]: *** [Makefile:31: seabios-dir] Error 128
make[4]: Leaving directory '/xen/tools/firmware'
make[3]: *** [/xen/tools/../tools/Rules.mk:251: subdir-install-firmware] Error 2
make[3]: Leaving directory '/xen/tools'
make[2]: Leaving directory '/xen/tools'
make[2]: *** [/xen/tools/../tools/Rules.mk:246: subdirs-install] Error 2
make[1]: *** [Makefile:74: install] Error 2
make[1]: Leaving directory '/xen/tools'
make: *** [Makefile:127: install-tools] Error 2
The command '/bin/sh -c make && make dist' returned a non-zero code: 2
exit status 2
Describe the results you expected:
the alpine docker should be able to do:
git://xenbits.xen.org/seabios.git
Additional information you deem important (e.g. issue happens only occasionally):
Moved to LF Edge/EVE Confluence space:
https://wiki.lfedge.org/display/EVE/Device+Identity+rooted+at+TPM
Description
Developers should be made aware of the yetus style integration tests, rather than discovering them when pushing their PRs.
Background
I filed my first PR with this project yesterday (#302), and the yetus test failed. In researching what I could have done differently, I found several minor shortcomings that prevented me from doing better; these are listed below, along with proposed solutions that may help developers in the future. In short, my failure might have been avoided with better documentation and integration.
Suggestions
CONTRIBUTING.md
should document all integration tests that patches much pass. That document does reference the Developer Certificate of Origin (--signoff
) requirement, so it seems logical to reference the yetus requirement too. This could be a simple paragraph indicating that developers should run make yetus
prior to committing each set of changes.build-tools/src/yetus
directory, but there is no documentation therein to explain how those tools have been integrated and are being used. A new README.md
file might be useful to document the knowledge that accumulated in issues #183, #185, and #195. This document primarily should permit developers to improve/debug support for yetus.Start a new documentation under /doc documenting files that we put into /persist/config and /config and what is their purpose.
Description
TestPciLongExists test is failing:
Failed
ifnametopci_test.go:19: Running test case Long value: 0000:03:00.0
ifnametopci_test.go:21:
Error Trace: ifnametopci_test.go:21
Error: Not equal:
expected: true
actual : false
Test: TestPciLongExists
Steps to reproduce the issue:
$ make test
$ cat cat dist/amd64/results.xml
...
ifnametopci_test.go:19: Running test case Long value: 0000:03:00.0
ifnametopci_test.go:21:
Error Trace: ifnametopci_test.go:21
Error: Not equal:
expected: true
actual : false
Test: TestPciLongExists
Describe the results you expected:
All tests pass
make build-tools
makes use of user/group definitions from the host machine to pass into the build container. On my Mac this has caused multiple issues causing me to debug this repeatedly until I finally built the image.
First issue: my group name on a corporate Mac when connected to corporate network was "CORP\Domain Users"
This caused docker command to fail with "docker build" requires exactly 1 argument.
I tried to solve this by disconnecting from corporate network.
But this caused the next issue:
Step 11/19 : RUN addgroup -g ${GID} ${GROUP} && adduser -h /home/${USER} -G ${GROUP} -D -H -u ${UID} ${USER} ---> Running in 83210242843f addgroup: number 798879916 is not in 0..256000 range
So evidently a high group number supported on MacOS isn't supported in whatever Linux that the go image is based upon.
I siwtched group name and id to staff/20 (the default for MacOS users) and then hit the same issue on my UID
adduser: number 451220269 is not in 0..256000 range
So in the end I had to change both the user and group name and id to something of my choosing in the Makefile.
Then I could finally build the image.
Run make build-tools
on a Mac connected to a corporate network with UID/GID not in 0..256000 range.
Build fails. See description
Build succeeds.
Here are some descriptions, and I added the complete output of the shell under Additional Information
--> I followed the Steps in the documentation to run eve with qemu.
--> when i run the Image in qemu with make live, I got Multiple warnings, errors and eve breaks at a point.
when running the image i got following warnings/errors:
1.) metadata is nearing expiry, you should re-sign the role metadata
-probably this is caused by linuxkit and according to this issue it seems not to be not real problem:
linuxkit/linuxkit#3447
2.) before eve starts qemu gives following warnings:
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.x2apic [bit 21]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.tsc-deadline [bit 24]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.avx [bit 28]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.x2apic [bit 21]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.tsc-deadline [bit 24]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.avx [bit 28]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.x2apic [bit 21]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.tsc-deadline [bit 24]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.avx [bit 28]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.x2apic [bit 21]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.tsc-deadline [bit 24]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.avx [bit 28]
-I found some issue like this on the qemu repository:
https://stackoverflow.com/questions/46856994/qemu-debugging-warningtcg-doesnt-support-requested-feature-cpuid-01hecx
-i'm quite not sure, may I first try to solve it that way?
3.) more errors
BdsDxe: failed to load Boot0001 "UEFI QEMU DVD-ROM QM00003 " from PciRoot(0x0)/Pci(0x1,0x1)/Ata(Secondary,Master,0x0): Not Found
BdsDxe: loading Boot0002 "UEFI QEMU HARDDISK QM00001 " from PciRoot(0x0)/Pci(0x1,0x1)/Ata(Primary,Master,0x0)
BdsDxe: starting Boot0002 "UEFI QEMU HARDDISK QM00001 " from PciRoot(0x0)/Pci(0x1,0x1)/Ata(Primary,Master,0x0)
4.) Then grub boots:
Boot 0.0.0-0c946f94-2020-01-27.17.14-amd64
and after that there are more warnings and errors at the end, the shell shows:
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: Exceeded 5 retries for get config
WARNING: 0 out of 2 ports specified to have EV controller connectivity passed test
and eve breaks.
here is the complete output of the shell in case it might help :
root@hanscomputer:~/eve# make build-tools
Creating go builder image for user root
eve-build-root docker container is ready to use
Done building /home/hans/eve/build-tools/bin/linuxkit
root@hanscomputer:~/eve# make live
Creating go builder image for user root
eve-build-root docker container is ready to use
cd /home/hans/eve/dist/amd64/installer ; _() { C=`docker create $1 fake` ; shift ; docker export $C | tar -xf - "$@" ; docker rm $C ; } ; _ lfedge/eve-grub:6ba90a37e6f4d81a8a0c1d58f8eca99e72e19fdb-amd64 EFI
6cc5ff1e066f887c8a0698b59cfb929d232e4ca51bf3b66f7d4c0a6743a6deef
Done building /home/hans/eve/build-tools/bin/linuxkit
./tools/makerootfs.sh images/rootfs-xen.yml /home/hans/eve/dist/amd64/installer/rootfs.img squash
Extract kernel image: lfedge/eve-kernel:0b58e0f9261e72839110c9f7c611f099c1062d6e-amd64
Add init containers:
Process init image: linuxkit/init:v0.5-amd64
Process init image: linuxkit/runc:v0.5-amd64
WARN[0003] targets/riyaz metadata is nearing expiry, you should re-sign the role metadata
Process init image: linuxkit/containerd:v0.5-amd64
WARN[0005] targets/riyaz metadata is nearing expiry, you should re-sign the role metadata
Process init image: linuxkit/getty:v0.5-amd64
Process init image: linuxkit/memlogd:v0.5-amd64
Process init image: lfedge/eve-grub:6ba90a37e6f4d81a8a0c1d58f8eca99e72e19fdb-amd64
Process init image: lfedge/eve-fw:e07c45a98386767ec3926b813dc4b46a96a81541-amd64
Process init image: lfedge/eve-xen:93b863e105118a0be7cf7423daf6b8831f0009d9-amd64
Process init image: lfedge/eve-gpt-tools:19ef56f5014fab1978a6e98b047d4498eabf8295-amd64
Process init image: lfedge/eve-dom0-ztools:ed3012e1703d8370c20645e94f9b57cb1202fac9-amd64
Add onboot containers:
Create OCI config for lfedge/eve-storage-init:3524db08db611b060d8c2ac0ca2b5b4826e0c960-amd64
Create OCI config for linuxkit/sysctl:v0.5-amd64
Create OCI config for lfedge/eve-rngd:6e16dad8553a6c2939854abfa9f34a5f2604bce7-amd64
Create OCI config for linuxkit/modprobe:v0.5-amd64
Create OCI config for lfedge/eve-rsyslog:69e67abf99c57ce1a29de648a2d10a6e8112df8c-amd64
Add service containers:
Create OCI config for linuxkit/openntpd:v0.5-amd64
WARN[0013] targets/justin metadata is nearing expiry, you should re-sign the role metadata
WARN[0013] targets/riyaz metadata is nearing expiry, you should re-sign the role metadata
Create OCI config for linuxkit/sshd:v0.5-amd64
WARN[0015] targets/justin metadata is nearing expiry, you should re-sign the role metadata
WARN[0015] targets/riyaz metadata is nearing expiry, you should re-sign the role metadata
Create OCI config for lfedge/eve-wwan:2b98bc7569f167b1850dd9025a4b8c8489fee754-amd64
Create OCI config for lfedge/eve-wlan:ac31bb78810451ef1333b3970f29bebc0a6c9c44-amd64
Create OCI config for lfedge/eve-guacd:f1f08a0fcadd35320f5d03fe0f0a1a318e8449be-amd64
Create OCI config for lfedge/eve-pillar:321f306031d3a842e20dea2cd07850b4f0a6af6f-amd64
Create OCI config for lfedge/eve-vtpm:0c5eb587ec0228135e1eac7cb6888c40d86969aa-amd64
Add files:
/etc/eve-release
/containers/services/pillar/lower/opt/zededa/bin/versioninfo
Parallel mksquashfs: Using 8 processors
Creating 4.0 filesystem on /rootfs.img, block size 131072.
[===========================================================/] 19664/19664 100%
Exportable Squashfs 4.0 filesystem, gzip compressed, data block size 131072
compressed data, compressed metadata, compressed fragments, compressed xattrs
duplicates are removed
Filesystem size 231934.67 Kbytes (226.50 Mbytes)
35.29% of uncompressed filesystem size (657275.22 Kbytes)
Inode table size 219785 bytes (214.63 Kbytes)
25.40% of uncompressed inode table size (865416 bytes)
Directory table size 234396 bytes (228.90 Kbytes)
45.52% of uncompressed directory table size (514907 bytes)
Number of duplicate files found 6247
Number of inodes 22460
Number of files 15656
Number of fragments 842
Number of symbolic links 4792
Number of device nodes 4
Number of fifo nodes 0
Number of socket nodes 0
Number of directories 2008
Number of ids (unique uids + gids) 3
Number of uids 1
root (0)
Number of gids 3
root (0)
shadow (42)
tty (5)
cd /home/hans/eve/dist/amd64/installer ; _() { C=`docker create $1 fake` ; shift ; docker export $C | tar -xf - "$@" ; docker rm $C ; } ; _ lfedge/eve-mkimage-raw-efi:cf09472dd937fb0c7e040f8d338b0ddfd285bfcd-amd64 initrd.img EFI
9a724bee74a658db7aa1476f140e378968042818bfa043011600a80a243301f7
./tools/makeconfig.sh conf /home/hans/eve/dist/amd64/installer/config.img
1024+0 records in
1024+0 records out
mkfs.fat 4.1 (2017-01-24)
/config.img has 64 heads and 32 sectors per track,
hidden sectors 0x0000;
logical sector size is 512,
using 0xf8 media descriptor, with 2048 sectors;
drive number 0x80;
filesystem has 2 12-bit FATs and 4 sectors per cluster.
FAT size is 2 sectors, and provides 502 clusters.
There is 1 reserved sector.
Root directory contains 512 slots and uses 32 sectors.
Volume ID is aa25d7fb, volume label EVE .
./tools/makeflash.sh -C 8192 /home/hans/eve/dist/amd64/installer /home/hans/eve/dist/amd64/live.raw
1+0 Datensätze ein
1+0 Datensätze aus
1 Byte kopiert, 0,00022025 s, 4,5 kB/s
Unknown (or unrecongnizable) GTP partition table on /output.img
Creating new GPT entries in memory.
Setting name!
partNum is 0
Setting name!
partNum is 1
Setting name!
partNum is 2
Setting name!
partNum is 3
Setting name!
partNum is 8
No problems found. 2014 free sectors (1007.0 KiB) available in 1
segments, the largest of which is 2014 (1007.0 KiB) in size.
mkdir -p /home/hans/eve/dist/amd64
qemu-img convert -c -f raw -O qcow2 /home/hans/eve/dist/amd64/live.raw /home/hans/eve/dist/amd64/live.qcow2
rm /home/hans/eve/dist/amd64/live.raw
ln -s live.qcow2 /home/hans/eve/dist/amd64/live.img
root@hanscomputer:~/eve# make run
Creating go builder image for user root
eve-build-root docker container is ready to use
mkdir -p /home/hans/eve/dist/amd64
cd /home/hans/eve/dist/amd64 ; _() { C=`docker create $1 fake` ; shift ; docker export $C | tar -xf - "$@" ; docker rm $C ; } ; _ lfedge/eve-uefi:df662ad0d7a0d581a36efed16e7e15d5c0f536cc-amd64 OVMF.fd
d749935a66ce7b0569b72a347441c01ea4e543dd9f878bcfacd6aa1097f4efe6
qemu-system-x86_64 -smbios type=1,serial=31415926 -m 4096 -smp 4 -display none -serial mon:stdio -bios /home/hans/eve/dist/amd64/OVMF.fd -rtc base=utc,clock=rt -netdev user,id=eth0,"REDACTED", -device virtio-net-pci,netdev=eth0 -netdev user,id=eth1,"REDACTED", -device virtio-net-pci,netdev=eth1 -cpu SandyBridge -drive file=/home/hans/eve/dist/amd64/live.img,format=qcow2
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.x2apic [bit 21]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.tsc-deadline [bit 24]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.avx [bit 28]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.x2apic [bit 21]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.tsc-deadline [bit 24]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.avx [bit 28]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.x2apic [bit 21]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.tsc-deadline [bit 24]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.avx [bit 28]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.x2apic [bit 21]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.tsc-deadline [bit 24]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.avx [bit 28]
�[=3h
BdsDxe: failed to load Boot0001 "UEFI QEMU DVD-ROM QM00003 " from PciRoot(0x0)/Pci(0x1,0x1)/Ata(Secondary,Master,0x0): Not Found
BdsDxe: loading Boot0002 "UEFI QEMU HARDDISK QM00001 " from PciRoot(0x0)/Pci(0x1,0x1)/Ata(Primary,Master,0x0)
BdsDxe: starting Boot0002 "UEFI QEMU HARDDISK QM00001 " from PciRoot(0x0)/Pci(0x1,0x1)/Ata(Primary,Master,0x0)
Welcome to GRUB!
/EndEntire
file path: /ACPI(a0341d0,0)/PCI(1,1)/ATAPI(0,0,0)
/HD(2,1800,96000,5dc35ee382b4b147,2,2)/File(\EFI\BOOT)/File(BOOTX64.EFI)
/EndEntire
Welcome to GRUB!
GNU GRUB version 2.03
����������������������������������������������������������������������������Ŀ
�*Boot 0.0.0-0c946f94-2020-01-27.17.14-amd64 �
� Set Boot Options �
� �
� �
� �
� �
� �
� �
� �
� �
� �
� �
� �
������������������������������������������������������������������������������
Use the ^ and v keys to select which entry is highlighted.
Press enter to boot the selected OS, `e' to edit the commands
before booting or `c' for a command-line.
The highlighted entry will be executed automatically in 0s.
Booting `Boot 0.0.0-0c946f94-2020-01-27.17.14-amd64'
�[=3h
Xen 4.13.0
(XEN) Xen version 4.13.0 (@) (gcc (Alpine 6.4.0) 6.4.0) debug=n Tue Jan 21 20:15:41 UTC 2020
(XEN) Latest ChangeSet:
(XEN) Bootloader: GRUB 2.03
(XEN) Command line: console=com1 smt=false clocksource=pit dom0_mem=1024M,max:1024M dom0_max_vcpus=1 dom0_vcpus_pin
(XEN) Xen image load base address: 0xbde00000
(XEN) Video information:
(XEN) VGA is graphics mode 2048x2048, 32 bpp
(XEN) Disc information:
(XEN) Found 0 MBR signatures
(XEN) Found 1 EDD information structures
(XEN) EFI RAM map:
(XEN) 0000000000000000 - 00000000000a0000 (usable)
(XEN) 0000000000100000 - 0000000000800000 (usable)
(XEN) 0000000000800000 - 0000000000808000 (ACPI NVS)
(XEN) 0000000000808000 - 0000000000810000 (usable)
(XEN) 0000000000810000 - 0000000000900000 (ACPI NVS)
(XEN) 0000000000900000 - 00000000bea4b000 (usable)
(XEN) 00000000bea4b000 - 00000000bea57000 (ACPI NVS)
(XEN) 00000000bea57000 - 00000000bea6f000 (reserved)
(XEN) 00000000bea6f000 - 00000000bea91000 (usable)
(XEN) 00000000bea91000 - 00000000beb1b000 (reserved)
(XEN) 00000000beb1b000 - 00000000bfb9b000 (usable)
(XEN) 00000000bfb9b000 - 00000000bfbf3000 (reserved)
(XEN) 00000000bfbf3000 - 00000000bfbfb000 (ACPI data)
(XEN) 00000000bfbfb000 - 00000000bfbff000 (ACPI NVS)
(XEN) 00000000bfbff000 - 00000000bfedc000 (usable)
(XEN) 00000000bfedc000 - 00000000bff60000 (reserved)
(XEN) 00000000bff60000 - 00000000c0000000 (ACPI NVS)
(XEN) 0000000100000000 - 0000000140000000 (usable)
(XEN) ACPI: RSDP BFBFA014, 0024 (r2 BOCHS )
(XEN) ACPI: XSDT BFBF90E8, 0044 (r1 BOCHS BXPCFACP 1 1000013)
(XEN) ACPI: FACP BFBF6000, 0074 (r1 BOCHS BXPCFACP 1 BXPC 1)
(XEN) ACPI: DSDT BFBF7000, 1516 (r1 BOCHS BXPCDSDT 1 BXPC 1)
(XEN) ACPI: FACS BFBFD000, 0040
(XEN) ACPI: APIC BFBF5000, 0090 (r1 BOCHS BXPCAPIC 1 BXPC 1)
(XEN) ACPI: HPET BFBF4000, 0038 (r1 BOCHS BXPCHPET 1 BXPC 1)
(XEN) ACPI: BGRT BFBF3000, 0038 (r1 INTEL EDK2 2 1000013)
(XEN) System RAM: 4092MB (4190664kB)
(XEN) Domain heap initialised
(XEN) IOAPIC[0]: apic_id 0, version 32, address 0xfec00000, GSI 0-23
(XEN) Enabling APIC mode: Flat. Using 1 I/O APICs
(XEN) xstate: size: 0x340 and states: 0x7
(XEN) Speculative mitigation facilities:
(XEN) Hardware features:
(XEN) Compiled-in support: SHADOW_PAGING
(XEN) Xen settings: BTI-Thunk N/A, SPEC_CTRL: No, Other: BRANCH_HARDEN
(XEN) L1TF: believed vulnerable, maxphysaddr L1D 46, CPUID 40, Safe address 10000000000
(XEN) Support for HVM VMs: RSB EAGER_FPU
(XEN) Support for PV VMs: RSB EAGER_FPU
(XEN) XPTI (64-bit PV only): Dom0 enabled, DomU enabled (without PCID)
(XEN) PV L1TF shadowing: Dom0 disabled, DomU enabled
(XEN) Using scheduler: SMP Credit Scheduler rev2 (credit2)
(XEN) Initializing Credit2 scheduler
(XEN) Platform timer is 1.193MHz PIT
(XEN) Detected 3716.119 MHz processor.
(XEN) I/O virtualisation disabled
(XEN) ENABLING IO-APIC IRQs
(XEN) -> Using new ACK method
(XEN) TSC only partially writable
(XEN) Allocated console ring of 16 KiB.
(XEN) Brought up 4 CPUs
(XEN) mtrr: your CPUs had inconsistent fixed MTRR settings
(XEN) mtrr: your CPUs had inconsistent variable MTRR settings
(XEN) mtrr: your CPUs had inconsistent MTRRdefType settings
(XEN) xenoprof: Initialization failed. Intel processor family 6 model 42 is not supported
(XEN) Dom0 has maximum 216 PIRQs
(XEN) Xen kernel: 64-bit, lsb, compat32
(XEN) Dom0 kernel: 64-bit, PAE, lsb, paddr 0x1000000 -> 0x2a2c000
(XEN) PHYSICAL MEMORY ARRANGEMENT:
(XEN) Dom0 alloc.: 0000000134000000->0000000138000000 (245760 pages to be allocated)
(XEN) VIRTUAL MEMORY ARRANGEMENT:
(XEN) Loaded kernel: ffffffff81000000->ffffffff82a2c000
(XEN) Init. ramdisk: 0000000000000000->0000000000000000
(XEN) Phys-Mach map: 0000008000000000->0000008000200000
(XEN) Start info: ffffffff82a2c000->ffffffff82a2c4b8
(XEN) Xenstore ring: 0000000000000000->0000000000000000
(XEN) Console ring: 0000000000000000->0000000000000000
(XEN) Page tables: ffffffff82a2d000->ffffffff82a46000
(XEN) Boot stack: ffffffff82a46000->ffffffff82a47000
(XEN) TOTAL: ffffffff80000000->ffffffff82c00000
(XEN) ENTRY ADDRESS: ffffffff826ac180
(XEN) Dom0 has maximum 1 VCPUs
(XEN) Initial low memory virq threshold set at 0x4000 pages.
(XEN) Scrubbing Free RAM in background
(XEN) Std. Loglevel: Errors and warnings
(XEN) Guest Loglevel: Nothing (Rate-limited: Errors and warnings)
(XEN) *** Serial input to DOM0 (type 'CTRL-a' three times to switch input)
(XEN) Freed 540kB init memory
mapping kernel into physical memory
about to get started...
(XEN) cpuid_hypervisor_leaves - real id. domid 0
(XEN) cpuid_hypervisor_leaves - real id. domid 0
(XEN) cpuid_hypervisor_leaves - real id. domid 0
(XEN) cpuid_hypervisor_leaves - real id. domid 0
[ 0.000000] Linux version 4.19.5-linuxkit (root@442633747c02) (gcc version 6.3.0 (Alpine 6.3.0)) #1 SMP Tue Jan 21 22:32:59 UTC 2020
[ 0.000000] Command line: console=hvc0 root=PARTUUID=e35ec35d-b482-47b1-b3c7-ec93bcbbf471 clocksource=tsc clocksource_failover=xen rootdelay=3
[ 0.000000] ------------[ cut here ]------------
[ 0.000000] XSAVE consistency problem, dumping leaves
[ 0.000000] WARNING: CPU: 0 PID: 0 at arch/x86/kernel/fpu/xstate.c:614 fpu__init_system_xstate+0x4bb/0x7a9
[ 0.000000] Modules linked in:
[ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 4.19.5-linuxkit #1
[ 0.000000] RIP: e030:fpu__init_system_xstate+0x4bb/0x7a9
[ 0.000000] Code: 85 5c fd ff ff 44 3b 25 52 9d 16 00 74 23 80 3d f0 4b c9 ff 00 75 15 48 c7 c7 ac 82 fe 81 c6 05 e0 4b c9 ff 01 e8 31 9d a2 fe <0f> 0b e8 6a 06 97 fe 48 8b 35 be c5 cb ff 44 89 ef 44 89 2d b4 9d
[ 0.000000] RSP: e02b:ffffffff82203e18 EFLAGS: 00000082 ORIG_RAX: 0000000000000000
[ 0.000000] RAX: 0000000000000000 RBX: 000000000000000a RCX: 0000000000000000
[ 0.000000] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[ 0.000000] RBP: ffffffff81000000 R08: 0000000000000029 R09: ffffffff82203da8
[ 0.000000] R10: ffffffff82203e34 R11: ffffffff8283acac R12: 0000000000000240
[ 0.000000] R13: 0000000000000340 R14: 0000000000000001 R15: 0000000000000000
[ 0.000000] FS: 0000000000000000(0000) GS:ffffffff82688000(0000) knlGS:0000000000000000
[ 0.000000] CS: e033 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 0.000000] CR2: 0000000000000000 CR3: 000000000220c000 CR4: 0000000000040660
[ 0.000000] Call Trace:
[ 0.000000] ? 0xffffffff81000000
[ 0.000000] ? fpu__init_system+0x214/0x274
[ 0.000000] ? early_init_intel+0x294/0x32c
[ 0.000000] ? 0xffffffff81000000
[ 0.000000] ? early_cpu_init+0x1f1/0x20d
[ 0.000000] ? setup_arch+0xc0/0x944
[ 0.000000] ? start_kernel+0x67/0x4be
[ 0.000000] ? iommu_shutdown_noop+0x6/0x6
[ 0.000000] ? xen_start_kernel+0x50d/0x519
[ 0.000000] random: get_random_bytes called from init_oops_id+0x22/0x31 with crng_init=0
[ 0.000000] ---[ end trace 0000000000000000 ]---
[ 0.000000] CPUID[0d, 00]: eax=00000003 ebx=00000340 ecx=00000240 edx=00000000
[ 0.000000] CPUID[0d, 01]: eax=00000001 ebx=00000000 ecx=00000000 edx=00000000
[ 0.000000] CPUID[0d, 02]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[ 0.000000] CPUID[0d, 03]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[ 0.000000] CPUID[0d, 04]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[ 0.000000] CPUID[0d, 05]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[ 0.000000] CPUID[0d, 06]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[ 0.000000] CPUID[0d, 07]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[ 0.000000] CPUID[0d, 08]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[ 0.000000] CPUID[0d, 09]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[ 0.000000] CPUID[0d, 0a]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[ 0.000000] CPUID[0d, 0b]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[ 0.000000] CPUID[0d, 0c]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[ 0.000000] CPUID[0d, 0d]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[ 0.000000] CPUID[0d, 0e]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[ 0.000000] CPUID[0d, 0f]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[ 0.000000] CPUID[0d, 10]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[ 0.000000] CPUID[0d, 11]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[ 0.000000] CPUID[0d, 12]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[ 0.000000] CPUID[0d, 13]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[ 0.000000] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers'
[ 0.000000] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers'
[ 0.000000] x86/fpu: Enabled xstate features 0x3, context size is 832 bytes, using 'standard' format.
[ 0.000000] Released 0 page(s)
[ 0.000000] BIOS-provided physical RAM map:
[ 0.000000] Xen: [mem 0x0000000000000000-0x000000000009ffff] usable
[ 0.000000] Xen: [mem 0x00000000000a0000-0x00000000000fffff] reserved
[ 0.000000] Xen: [mem 0x0000000000100000-0x00000000007fffff] usable
[ 0.000000] Xen: [mem 0x0000000000800000-0x0000000000807fff] ACPI NVS
[ 0.000000] Xen: [mem 0x0000000000808000-0x000000000080ffff] usable
[ 0.000000] Xen: [mem 0x0000000000810000-0x00000000008fffff] ACPI NVS
[ 0.000000] Xen: [mem 0x0000000000900000-0x0000000040157fff] usable
[ 0.000000] Xen: [mem 0x0000000040158000-0x00000000bea4afff] unusable
[ 0.000000] Xen: [mem 0x00000000bea4b000-0x00000000bea56fff] ACPI NVS
[ 0.000000] Xen: [mem 0x00000000bea57000-0x00000000bea6efff] reserved
[ 0.000000] Xen: [mem 0x00000000bea6f000-0x00000000bea90fff] unusable
[ 0.000000] Xen: [mem 0x00000000bea91000-0x00000000beb1afff] reserved
[ 0.000000] Xen: [mem 0x00000000beb1b000-0x00000000bfb9afff] unusable
[ 0.000000] Xen: [mem 0x00000000bfb9b000-0x00000000bfbf2fff] reserved
[ 0.000000] Xen: [mem 0x00000000bfbf3000-0x00000000bfbfafff] ACPI data
[ 0.000000] Xen: [mem 0x00000000bfbfb000-0x00000000bfbfefff] ACPI NVS
[ 0.000000] Xen: [mem 0x00000000bfbff000-0x00000000bfedbfff] unusable
[ 0.000000] Xen: [mem 0x00000000bfedc000-0x00000000bff5ffff] reserved
[ 0.000000] Xen: [mem 0x00000000bff60000-0x00000000bfffffff] ACPI NVS
[ 0.000000] Xen: [mem 0x00000000fec00000-0x00000000fec00fff] reserved
[ 0.000000] Xen: [mem 0x00000000fee00000-0x00000000feefffff] reserved
[ 0.000000] Xen: [mem 0x0000000100000000-0x000000013fffffff] unusable
[ 0.000000] NX (Execute Disable) protection: active
[ 0.000000] efi: EFI v2.70 by EDK II
[ 0.000000] efi: SMBIOS=0xbfbcc000 ACPI=0xbfbfa000 ACPI 2.0=0xbfbfa014 MEMATTR=0xbef4b018
[ 0.000000] SMBIOS 2.8 present.
[ 0.000000] DMI: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 0.0.0 02/06/2015
[ 0.000000] Hypervisor detected: Xen PV
[ 0.001510] tsc: Fast TSC calibration failed
[ 0.001625] tsc: Detected 3693.084 MHz processor
[ 0.002915] last_pfn = 0x40158 max_arch_pfn = 0x400000000
[ 0.002959] Disabled
[ 0.002993] x86/PAT: MTRRs disabled, skipping PAT initialization too.
[ 0.003277] x86/PAT: Configuration [0-7]: WB WT UC- UC WC WP UC UC
[ 0.005471] Kernel/User page tables isolation: disabled on XEN PV.
[ 6.183463] Secure boot disabled
[ 6.184155] ACPI: Early table checksum verification disabled
[ 6.184637] ACPI: RSDP 0x00000000BFBFA014 000024 (v02 BOCHS )
[ 6.184964] ACPI: XSDT 0x00000000BFBF90E8 000044 (v01 BOCHS BXPCFACP 00000001 01000013)
[ 6.185789] ACPI: FACP 0x00000000BFBF6000 000074 (v01 BOCHS BXPCFACP 00000001 BXPC 00000001)
[ 6.186560] ACPI: DSDT 0x00000000BFBF7000 001516 (v01 BOCHS BXPCDSDT 00000001 BXPC 00000001)
[ 6.186874] ACPI: FACS 0x00000000BFBFD000 000040
[ 6.187175] ACPI: APIC 0x00000000BFBF5000 000090 (v01 BOCHS BXPCAPIC 00000001 BXPC 00000001)
[ 6.187434] ACPI: HPET 0x00000000BFBF4000 000038 (v01 BOCHS BXPCHPET 00000001 BXPC 00000001)
[ 6.187689] ACPI: BGRT 0x00000000BFBF3000 000038 (v01 INTEL EDK2 00000002 01000013)
[ 6.188752] Setting APIC routing to Xen PV.
[ 6.338609] Zone ranges:
[ 6.338688] DMA [mem 0x0000000000001000-0x0000000000ffffff]
[ 6.338733] DMA32 [mem 0x0000000001000000-0x0000000040157fff]
[ 6.338750] Normal empty
[ 6.338773] Movable zone start for each node
[ 6.338806] Early memory node ranges
[ 6.338836] node 0: [mem 0x0000000000001000-0x000000000009ffff]
[ 6.338853] node 0: [mem 0x0000000000100000-0x00000000007fffff]
[ 6.338863] node 0: [mem 0x0000000000808000-0x000000000080ffff]
[ 6.338872] node 0: [mem 0x0000000000900000-0x0000000040157fff]
[ 6.341561] Reserved but unavailable: 32769 pages
[ 6.341698] Initmem setup node 0 [mem 0x0000000000001000-0x0000000040157fff]
[ 6.369531] p2m virtual area at (____ptrval____), size is 40000000
[ 6.889006] Remapped 344 page(s)
[ 6.891997] ACPI: PM-Timer IO Port: 0xb008
[ 6.893058] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1])
[ 6.893888] IOAPIC[0]: apic_id 0, version 32, address 0xfec00000, GSI 0-23
[ 6.894117] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
[ 6.894347] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level)
[ 6.894385] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level)
[ 6.894467] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level)
[ 6.894481] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level)
[ 6.894972] Using ACPI (MADT) for SMP configuration information
[ 6.895104] ACPI: HPET id: 0x8086a201 base: 0xfed00000
[ 6.895468] smpboot: Allowing 4 CPUs, 0 hotplug CPUs
[ 6.896350] [mem 0xc0000000-0xfebfffff] available for PCI devices
[ 6.896542] Booting paravirtualized kernel on Xen
[ 6.896574] Xen version: 4.13.0 (preserve-AD)
[ 6.896747] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns
[ 7.620949] setup_percpu: NR_CPUS:128 nr_cpumask_bits:128 nr_cpu_ids:4 nr_node_ids:1
[ 7.634320] percpu: Embedded 45 pages/cpu @(____ptrval____) s143640 r8192 d32488 u524288
[ 7.637222] Built 1 zonelists, mobility grouping on. Total pages: 258025
[ 7.637272] Kernel command line: console=hvc0 root=PARTUUID=e35ec35d-b482-47b1-b3c7-ec93bcbbf471 clocksource=tsc clocksource_failover=xen rootdelay=3
[ 7.641474] Dentry cache hash table entries: 131072 (order: 8, 1048576 bytes)
[ 7.642931] Inode-cache hash table entries: 65536 (order: 7, 524288 bytes)
[ 8.614134] software IO TLB: mapped [mem 0x3a600000-0x3e600000] (64MB)
[ 8.668007] Memory: 930940K/1048572K available (12300K kernel code, 1595K rwdata, 3080K rodata, 1588K init, 1940K bss, 117632K reserved, 0K cma-reserved)
[ 8.676138] ftrace: allocating 43677 entries in 171 pages
[ 8.835025] rcu: Hierarchical RCU implementation.
[ 8.835148] rcu: RCU restricting CPUs from NR_CPUS=128 to nr_cpu_ids=1.
[ 8.835235] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=1
[ 8.853781] Using NULL legacy PIC
[ 8.853825] NR_IRQS: 8448, nr_irqs: 256, preallocated irqs: 0
[ 8.855208] xen:events: Using FIFO-based ABI
[ 8.865190] Console: colour dummy device 80x25
[ 8.868660] console [tty0] enabled
[ 8.928127] console [hvc0] enabled
[ 8.928981] ACPI: Core revision 20180810
[ 8.932029] ACPI BIOS Warning (bug): Incorrect checksum in table [BGRT] - 0x1B, should be 0x9F (20180810/tbprint-177)
[ 8.935442] clocksource: xen: mask: 0xffffffffffffffff max_cycles: 0x1cd42e4dffb, max_idle_ns: 881590591483 ns
[ 8.936663] installing Xen timer for CPU 0
[ 8.941781] clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0x6a77a09433c, max_idle_ns: 881590459255 ns
[ 8.944209] Calibrating delay loop (skipped), value calculated using timer frequency.. 7386.16 BogoMIPS (lpj=36930840)
[ 8.945047] pid_max: default: 32768 minimum: 301
[ 8.948373] Security Framework initialized
[ 8.948748] Yama: becoming mindful.
[ 8.954745] Mount-cache hash table entries: 2048 (order: 2, 16384 bytes)
[ 8.955203] Mountpoint-cache hash table entries: 2048 (order: 2, 16384 bytes)
[ 8.969096] Last level iTLB entries: 4KB 0, 2MB 0, 4MB 0
[ 8.969517] Last level dTLB entries: 4KB 0, 2MB 0, 4MB 0, 1GB 0
[ 8.970074] Spectre V2 : Vulnerable: Minimal generic ASM retpoline
[ 8.970567] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch
[ 8.971219] Speculative Store Bypass: Vulnerable
[ 10.158040] Freeing SMP alternatives memory: 24K
[ 10.173625] VPMU disabled by hypervisor.
[ 10.183016] Performance Events: unsupported p6 CPU model 42 no PMU driver, software events only.
[ 10.186646] rcu: Hierarchical SRCU implementation.
[ 10.192733] NMI watchdog: Perf NMI watchdog permanently disabled
[ 10.197341] smp: Bringing up secondary CPUs ...
[ 10.197818] smp: Brought up 1 node, 1 CPU
[ 10.198129] smpboot: Max logical packages: 1
[ 10.208041] devtmpfs: initialized
[ 10.211196] x86/mm: Memory block size: 128MB
[ 10.219503] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns
[ 10.220424] futex hash table entries: 256 (order: 2, 16384 bytes)
[ 10.223999] pinctrl core: initialized pinctrl subsystem
[ 10.233980] NET: Registered protocol family 16
(XEN) cpuid_hypervisor_leaves - real id. domid 0
(XEN) cpuid_hypervisor_leaves - real id. domid 0
[ 10.238657] xen:grant_table: Grant tables using version 1 layout
[ 10.241901] Grant table initialized
[ 10.245119] audit: initializing netlink subsys (disabled)
[ 10.252924] audit: type=2000 audit(1580145540.582:1): state=initialized audit_enabled=0 res=1
[ 10.258701] ACPI: bus type PCI registered
[ 10.262989] PCI: Using configuration type 1 for base access
[ 10.313919] cryptd: max_cpu_qlen set to 1000
[ 10.319133] ACPI: Added _OSI(Module Device)
[ 10.319484] ACPI: Added _OSI(Processor Device)
[ 10.319807] ACPI: Added _OSI(3.0 _SCP Extensions)
[ 10.320197] ACPI: Added _OSI(Processor Aggregator Device)
[ 10.320716] ACPI: Added _OSI(Linux-Dell-Video)
[ 10.321131] ACPI: Added _OSI(Linux-Lenovo-NV-HDMI-Audio)
[ 10.337255] ACPI: 1 ACPI AML tables successfully acquired and loaded
[ 10.357015] ACPI: Interpreter enabled
[ 10.357764] ACPI: (supports S0 S5)
[ 10.358135] ACPI: Using IOAPIC for interrupt routing
[ 10.359005] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug
[ 10.362642] ACPI: Enabled 2 GPEs in block 00 to 0F
[ 10.423701] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-ff])
[ 10.424566] acpi PNP0A03:00: _OSC: OS supports [ASPM ClockPM Segments MSI]
[ 10.425266] acpi PNP0A03:00: _OSC failed (AE_NOT_FOUND); disabling ASPM
[ 10.426056] acpi PNP0A03:00: fail to add MMCONFIG information, can't access extended PCI configuration space under this bridge.
[ 10.429584] PCI host bridge to bus 0000:00
[ 10.430200] pci_bus 0000:00: root bus resource [io 0x0000-0x0cf7 window]
[ 10.430718] pci_bus 0000:00: root bus resource [io 0x0d00-0xffff window]
[ 10.431231] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window]
[ 10.431796] pci_bus 0000:00: root bus resource [mem 0xc0000000-0xfebfffff window]
[ 10.432357] pci_bus 0000:00: root bus resource [mem 0x800000000-0x800007fff window]
[ 10.432966] pci_bus 0000:00: root bus resource [bus 00-ff]
[ 10.460900] pci 0000:00:01.1: legacy IDE quirk: reg 0x10: [io 0x01f0-0x01f7]
[ 10.461420] pci 0000:00:01.1: legacy IDE quirk: reg 0x14: [io 0x03f6]
[ 10.461849] pci 0000:00:01.1: legacy IDE quirk: reg 0x18: [io 0x0170-0x0177]
[ 10.462308] pci 0000:00:01.1: legacy IDE quirk: reg 0x1c: [io 0x0376]
[ 10.469591] pci 0000:00:01.3: quirk: [io 0xb000-0xb03f] claimed by PIIX4 ACPI
[ 10.470282] pci 0000:00:01.3: quirk: [io 0xb100-0xb10f] claimed by PIIX4 SMB
[ 10.486253] pci 0000:00:02.0: BAR 0: assigned to efifb
[ 10.539514] ACPI: PCI Interrupt Link [LNKA] (IRQs 5 10 *11)
[ 10.541779] ACPI: PCI Interrupt Link [LNKB] (IRQs 5 10 *11)
[ 10.543499] ACPI: PCI Interrupt Link [LNKC] (IRQs 5 *10 11)
[ 10.545143] ACPI: PCI Interrupt Link [LNKD] (IRQs 5 *10 11)
[ 10.546370] ACPI: PCI Interrupt Link [LNKS] (IRQs *9)
[ 10.549768] APIC: NR_CPUS/possible_cpus limit of 1 reached. Processor 1/0x1 ignored.
[ 10.550456] ACPI: Unable to map lapic to logical cpu number
[ 10.552602] APIC: NR_CPUS/possible_cpus limit of 1 reached. Processor 2/0x2 ignored.
[ 10.552920] ACPI: Unable to map lapic to logical cpu number
[ 10.555085] APIC: NR_CPUS/possible_cpus limit of 1 reached. Processor 3/0x3 ignored.
[ 10.555613] ACPI: Unable to map lapic to logical cpu number
[ 10.557508] xen:balloon: Initialising balloon driver
[ 10.560717] SCSI subsystem initialized
[ 10.563267] ACPI: bus type USB registered
[ 10.564193] usbcore: registered new interface driver usbfs
[ 10.564948] usbcore: registered new interface driver hub
[ 10.566397] usbcore: registered new device driver usb
[ 10.567504] pps_core: LinuxPPS API ver. 1 registered
[ 10.567955] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti <[email protected]>
[ 10.568786] PTP clock support registered
[ 10.570551] Registered efivars operations
[ 10.575061] PCI: Using ACPI for IRQ routing
[ 10.583766] NetLabel: Initializing
[ 10.584097] NetLabel: domain hash size = 128
[ 10.584456] NetLabel: protocols = UNLABELED CIPSOv4 CALIPSO
[ 10.586201] NetLabel: unlabeled traffic allowed by default
[ 10.591436] clocksource: Switched to clocksource tsc-early
[ 10.798440] VFS: Disk quotas dquot_6.6.0
[ 10.799032] VFS: Dquot-cache hash table entries: 512 (order 0, 4096 bytes)
[ 10.801515] FS-Cache: Loaded
[ 10.801846] hugetlbfs: disabling because there are no supported hugepage sizes
[ 10.805321] CacheFiles: Loaded
[ 10.806259] pnp: PnP ACPI init
[ 10.812130] Already setup the GSI :4
[ 10.815480] pnp: PnP ACPI: found 6 devices
[ 11.124799] PM-Timer failed consistency check (0xffffff) - aborting.
[ 11.125365] pci 0000:00:02.0: can't claim BAR 6 [mem 0xffff0000-0xffffffff pref]: no compatible bridge window
[ 11.126011] pci 0000:00:03.0: can't claim BAR 6 [mem 0xfff80000-0xffffffff pref]: no compatible bridge window
[ 11.126621] pci 0000:00:04.0: can't claim BAR 6 [mem 0xfff80000-0xffffffff pref]: no compatible bridge window
[ 11.128801] pci 0000:00:03.0: BAR 6: assigned [mem 0xc1000000-0xc107ffff pref]
[ 11.129686] pci 0000:00:04.0: BAR 6: assigned [mem 0xc1100000-0xc117ffff pref]
[ 11.130323] pci 0000:00:02.0: BAR 6: assigned [mem 0xc1090000-0xc109ffff pref]
[ 11.132594] NET: Registered protocol family 2
[ 11.138098] tcp_listen_portaddr_hash hash table entries: 512 (order: 1, 8192 bytes)
[ 11.138824] TCP established hash table entries: 8192 (order: 4, 65536 bytes)
[ 11.139418] TCP bind hash table entries: 8192 (order: 5, 131072 bytes)
[ 11.139998] TCP: Hash tables configured (established 8192 bind 8192)
[ 11.141956] UDP hash table entries: 512 (order: 2, 16384 bytes)
[ 11.142513] UDP-Lite hash table entries: 512 (order: 2, 16384 bytes)
[ 11.146203] NET: Registered protocol family 1
[ 11.146987] pci 0000:00:01.0: PIIX3: Enabling Passive Release
[ 11.147532] pci 0000:00:00.0: Limiting direct PCI/PCI transfers
[ 11.148062] pci 0000:00:01.0: Activating ISA DMA hang workarounds
[ 11.148999] pci 0000:00:02.0: Video device with shadowed ROM at [mem 0x000c0000-0x000dffff]
[ 11.155114] RAPL PMU: API unit is 2^-32 Joules, 3 fixed counters, 10737418240 ms ovfl timer
[ 11.155662] RAPL PMU: hw unit of domain pp0-core 2^-0 Joules
[ 11.156048] RAPL PMU: hw unit of domain package 2^-0 Joules
[ 11.156401] RAPL PMU: hw unit of domain pp1-gpu 2^-0 Joules
[ 11.200407] AVX or AES-NI instructions are not detected.
[ 11.201124] CPU feature 'AVX registers' is not supported.
[ 11.201595] CPU feature 'AVX registers' is not supported.
[ 11.202027] CPU feature 'AVX registers' is not supported.
[ 11.202424] CPU feature 'AVX registers' is not supported.
[ 11.203188] AVX2 or AES-NI instructions are not detected.
[ 11.203560] AVX2 instructions are not detected.
[ 11.209217] Initialise system trusted keyrings
[ 11.211881] workingset: timestamp_bits=46 max_order=18 bucket_order=0
[ 11.216861] squashfs: version 4.0 (2009/01/31) Phillip Lougher
[ 11.221107] FS-Cache: Netfs 'cifs' registered for caching
[ 11.222008] fuse init (API version 7.27)
[ 11.224777] SGI XFS with ACLs, security attributes, no debug enabled
[ 11.229821] 9p: Installing v9fs 9p2000 file system support
[ 11.230350] FS-Cache: Netfs '9p' registered for caching
[ 11.230837] pstore: using deflate compression
[ 11.300668] NET: Registered protocol family 38
[ 11.301276] Key type asymmetric registered
[ 11.301612] Asymmetric key parser 'x509' registered
[ 11.302176] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 248)
[ 11.304498] io scheduler noop registered
[ 11.304823] io scheduler deadline registered (default)
[ 11.305477] io scheduler cfq registered
[ 11.305794] io scheduler mq-deadline registered (default)
[ 11.306150] io scheduler kyber registered
[ 11.307897] shpchp: Standard Hot Plug PCI Controller Driver version: 0.4
[ 11.308544] hv_vmbus: registering driver hyperv_fb
[ 11.309270] efifb: probing for efifb
[ 11.309687] efi: EFI_MEMMAP is not enabled.
[ 11.440463] efifb: framebuffer at 0xc0000000, using 16384k, total 16384k
[ 11.440997] efifb: mode is 2048x2048x32, linelength=8192, pages=1
[ 11.441397] efifb: scrolling: redraw
[ 11.441703] efifb: Truecolor: size=8:8:8:8, shift=24:16:8:0
[ 11.493094] random: fast init done
[ 11.501987] Console: switching to colour frame buffer device 256x128
[ 11.553335] fb0: EFI VGA frame buffer device
[ 11.555640] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input0
[ 11.557968] ACPI: Power Button [PWRF]
[ 11.826195] PCI Interrupt Link [LNKC] enabled at IRQ 10
[ 12.099607] PCI Interrupt Link [LNKD] enabled at IRQ 11
[ 12.107757] xen:xen_evtchn: Event-channel device installed
[ 12.109666] xen_pciback: backend is vpci
[ 12.119598] Serial: 8250/16550 driver, 4 ports, IRQ sharing disabled
[ 12.130053] hpet_acpi_add: no address or irqs in _CRS
[ 12.131543] Non-volatile memory driver v1.3
[ 12.133576] Hangcheck: starting hangcheck timer 0.9.1 (tick is 180 seconds, margin is 60 seconds).
[ 12.159696] loop: module loaded
[ 12.200302] Invalid max_queues (4), will use default max: 1.
[ 12.202408] VMware PVSCSI driver - version 1.0.7.0-k
[ 12.203758] hv_vmbus: registering driver hv_storvsc
[ 12.221081] scsi host0: ata_piix
[ 12.223750] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x6a77a09433c, max_idle_ns: 881590459255 ns
[ 12.225042] clocksource: Switched to clocksource tsc
[ 12.227948] scsi host1: ata_piix
[ 12.229088] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc040 irq 14
[ 12.229835] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc048 irq 15
[ 12.243462] tun: Universal TUN/TAP device driver, 1.6
[ 12.265750] VMware vmxnet3 virtual NIC driver - version 1.4.16.0-k-NAPI
[ 12.266725] xen_netfront: Initialising Xen virtual ethernet driver
[ 12.267858] hv_vmbus: registering driver hv_netvsc
[ 12.268413] Fusion MPT base driver 3.04.20
[ 12.268854] Copyright (c) 1999-2008 LSI Corporation
[ 12.269553] Fusion MPT SPI Host driver 3.04.20
[ 12.270637] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[ 12.271429] ehci-pci: EHCI PCI platform driver
[ 12.272200] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver
[ 12.273731] ohci-pci: OHCI PCI platform driver
[ 12.274494] uhci_hcd: USB Universal Host Controller Interface driver
[ 12.275859] usbcore: registered new interface driver usb-storage
[ 12.277383] i8042: PNP: PS/2 Controller [PNP0303:KBD,PNP0f13:MOU] at 0x60,0x64 irq 1,12
[ 12.286779] serio: i8042 KBD port at 0x60,0x64 irq 1
[ 12.287602] serio: i8042 AUX port at 0x60,0x64 irq 12
[ 12.290245] hv_vmbus: registering driver hyperv_keyboard
[ 12.292509] mousedev: PS/2 mouse device common for all mice
[ 12.299557] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input1
[ 12.302407] input: PC Speaker as /devices/platform/pcspkr/input/input2
[ 12.306641] rtc_cmos 00:00: RTC can wake from S4
[ 12.315598] rtc_cmos 00:00: registered as rtc0
[ 12.316901] rtc_cmos 00:00: alarms up to one day, y3k, 114 bytes nvram
[ 12.317943] i2c /dev entries driver
[ 12.320342] device-mapper: ioctl: 4.39.0-ioctl (2018-04-03) initialised: [email protected]
[ 12.324092] sdhci: Secure Digital Host Controller Interface driver
[ 12.324790] sdhci: Copyright(c) Pierre Ossman
[ 12.325714] sdhci-pltfm: SDHCI platform and OF driver helper
[ 12.327670] EFI Variables Facility v0.08 2004-May-17
[ 12.340085] pstore: Registered efi as persistent store backend
[ 12.341809] usbcore: registered new interface driver usbhid
[ 12.342438] usbhid: USB HID core driver
[ 12.343954] hv_utils: Registering HyperV Utility Driver
[ 12.344465] hv_vmbus: registering driver hv_util
[ 12.344959] hv_vmbus: registering driver hv_balloon
[ 12.346297] oprofile: using NMI timer interrupt.
[ 12.347854] GACT probability on
[ 12.348456] Mirror/redirect action on
[ 12.349178] Simple TC action Loaded
[ 12.349795] u32 classifier
[ 12.350179] Performance counters on
[ 12.350589] input device check on
[ 12.351100] Actions configured
[ 12.358994] xt_time: kernel timezone is -0000
[ 12.360054] IPVS: Registered protocols (TCP, UDP, SCTP, AH, ESP)
[ 12.361197] IPVS: Connection hash table configured (size=4096, memory=64Kbytes)
[ 12.368012] IPVS: ipvs loaded.
[ 12.368548] IPVS: [rr] scheduler registered.
[ 12.369061] IPVS: [wrr] scheduler registered.
[ 12.369573] IPVS: [lc] scheduler registered.
[ 12.370035] IPVS: [wlc] scheduler registered.
[ 12.370444] IPVS: [fo] scheduler registered.
[ 12.370861] IPVS: [ovf] scheduler registered.
[ 12.371468] IPVS: [lblc] scheduler registered.
[ 12.371971] IPVS: [lblcr] scheduler registered.
[ 12.372404] IPVS: [dh] scheduler registered.
[ 12.373414] IPVS: [sh] scheduler registered.
[ 12.373983] IPVS: [sed] scheduler registered.
[ 12.374478] IPVS: [nq] scheduler registered.
[ 12.375283] IPVS: ftp: loaded support on port[0] = 21
[ 12.376165] ipip: IPv4 and MPLS over IPv4 tunneling driver
[ 12.379251] gre: GRE over IPv4 demultiplexor driver
[ 12.385207] ipt_CLUSTERIP: ClusterIP Version 0.8 loaded successfully
[ 12.386895] Initializing XFRM netlink socket
[ 12.388396] NET: Registered protocol family 10
[ 12.397661] Segment Routing with IPv6
[ 12.418010] ata1.00: ATA-7: QEMU HARDDISK, 2.5+, max UDMA/100
[ 12.418679] ata1.00: 16777216 sectors, multi 16: LBA48
[ 12.424970] ata2.00: ATAPI: QEMU DVD-ROM, 2.5+, max UDMA/100
[ 12.442131] NET: Registered protocol family 17
[ 12.447118] scsi 0:0:0:0: Direct-Access ATA QEMU HARDDISK 2.5+ PQ: 0 ANSI: 5
[ 12.448855] NET: Registered protocol family 15
[ 12.449795] Bridge firewalling registered
[ 12.457214] sd 0:0:0:0: Attached scsi generic sg0 type 0
[ 12.458543] 8021q: 802.1Q VLAN Support v1.8
[ 12.459684] 9pnet: Installing 9P2000 support
[ 12.460221] Initialising Xen transport for 9pfs
[ 12.461139] Key type dns_resolver registered
[ 12.466368] sd 0:0:0:0: [sda] 16777216 512-byte logical blocks: (8.59 GB/8.00 GiB)
[ 12.473698] scsi 1:0:0:0: CD-ROM QEMU QEMU DVD-ROM 2.5+ PQ: 0 ANSI: 5
[ 12.477185] sd 0:0:0:0: [sda] Write Protect is off
[ 12.491738] SSE version of gcm_enc/dec engaged.
[ 12.507032] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[ 12.558600] sr 1:0:0:0: [sr0] scsi3-mmc drive: 4x/4x cd/rw xa/form2 tray
[ 12.570131] cdrom: Uniform CD-ROM driver Revision: 3.20
[ 12.608040] sda: sda1 sda2 sda3 sda4 sda9
[ 12.627150] sr 1:0:0:0: Attached scsi generic sg1 type 5
[ 12.650128] sched_clock: Marking stable (12560670370, 82295912)->(12706583251, -63616969)
[ 12.686769] sd 0:0:0:0: [sda] Attached SCSI disk
[ 12.705696] registered taskstats version 1
[ 12.720345] Loading compiled-in X.509 certificates
[ 12.746230] Key type big_key registered
[ 12.765637] Key type encrypted registered
[ 12.784581] rtc_cmos 00:00: setting system clock to 2020-01-27 17:19:03 UTC (1580145543)
[ 12.801565] Waiting 3 sec before mounting root device...
[ 15.946469] VFS: Mounted root (squashfs filesystem) readonly on device 8:2.
[ 16.091928] Freeing unused kernel image memory: 1588K
[ 16.113841] Write protecting the kernel read-only data: 18432k
[ 16.483566] Freeing unused kernel image memory: 2020K
[ 16.512671] Freeing unused kernel image memory: 1016K
[ 16.524484] Run /sbin/init as init process
................ .............. ................
................ ............ ................
.... ......... ....
................ ....... ................
................ ..... ................
... . ....
................ ................
............... ................
Edge Virtualization Engine
................ .............. ................
................ ............ ................
.... ......... ....
................ ....... ................
................ ..... ................
... . ....
................ ................
............... ................
Edge Virtualization Engine
linuxkit-525400123456 login: root (automatic login)
EVE is Edge Virtualization Engine
Take a look around and don't forget to use eve(1).
login[263]: root login on 'hvc0'
linuxkit-525400123456:~# [ 29.808119] random: crng init done
[ 31.109330] FAT-fs (sda4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 33.997888] EXT4-fs (sda9): mounted filesystem with ordered data mode. Opts: (null)
2020-01-27T17:19:21Z,onboot.000-storage-init.out;fsck.fat 4.1 (2017-01-24)
2020-01-27T17:19:21Z,onboot.000-storage-init.out;/dev/sda4: 9 files, 10/502 clusters
2020-01-27T17:19:22Z,onboot.000-storage-init.out;2020-01-27T17:19:22,475306960+00:00 Using /dev/sda9 (formatted with ), for /var/persist
2020-01-27T17:19:22Z,onboot.000-storage-init.out;ext2fs_open2: Bad magic number in super-block
2020-01-27T17:19:22Z,onboot.000-storage-init.out;fsck.ext4: Superblock invalid, trying backup blocks...
2020-01-27T17:19:22Z,onboot.000-storage-init.out;
2020-01-27T17:19:22Z,onboot.000-storage-init.out;The superblock could not be read or does not describe a valid ext2/ext3/ext4
2020-01-27T17:19:22Z,onboot.000-storage-init.out;filesystem. If the device is valid and it really contains an ext2/ext3/ext4
2020-01-27T17:19:22Z,onboot.000-storage-init.out;filesystem (and not swap or ufs or something else), then the superblock
2020-01-27T17:19:22Z,onboot.000-storage-init.out;is corrupt, and you might try running e2fsck with an alternate superblock:
2020-01-27T17:19:22Z,onboot.000-storage-init.out; e2fsck -b 8193 <device>
2020-01-27T17:19:22Z,onboot.000-storage-init.out; or
2020-01-27T17:19:22Z,onboot.000-storage-init.out; e2fsck -b 32768 <device>
2020-01-27T17:19:22Z,onboot.000-storage-init.out;
2020-01-27T17:19:22Z,onboot.000-storage-init.out;2020-01-27T17:19:22,874817344+00:00 mkfs.ext4 on /dev/sda9 for /var/persist
2020-01-27T17:19:23Z,onboot.000-storage-init.out;fs_types for mke2fs.conf resolution: 'ext4'
2020-01-27T17:19:23Z,onboot.000-storage-init.out;Discarding device blocks: done
2020-01-27T17:19:23Z,onboot.000-storage-init.out;Filesystem label=
2020-01-27T17:19:23Z,onboot.000-storage-init.out;OS type: Linux
2020-01-27T17:19:23Z,onboot.000-storage-init.out;Block size=4096 (log=2)
2020-01-27T17:19:23Z,onboot.000-storage-init.out;Fragment size=4096 (log=2)
2020-01-27T17:19:23Z,onboot.000-storage-init.out;Stride=0 blocks, Stripe width=0 blocks
2020-01-27T17:19:23Z,onboot.000-storage-init.out;485760 inodes, 1942523 blocks
2020-01-27T17:19:23Z,onboot.000-storage-init.out;97126 blocks (5.00%) reserved for the super user
2020-01-27T17:19:23Z,onboot.000-storage-init.out;First data block=0
2020-01-27T17:19:23Z,onboot.000-storage-init.out;Maximum filesystem blocks=1990197248
2020-01-27T17:19:23Z,onboot.000-storage-init.out;60 block groups
2020-01-27T17:19:23Z,onboot.000-storage-init.out;32768 blocks per group, 32768 fragments per group
2020-01-27T17:19:23Z,onboot.000-storage-init.out;8096 inodes per group
2020-01-27T17:19:23Z,onboot.000-storage-init.out;Filesystem UUID: ecc1da37-13cc-48d3-81c2-81d879a49fea
2020-01-27T17:19:23Z,onboot.000-storage-init.out;Superblock backups stored on blocks:
2020-01-27T17:19:23Z,onboot.000-storage-init.out; 32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632
2020-01-27T17:19:23Z,onboot.000-storage-init.out;
2020-01-27T17:19:23Z,onboot.000-storage-init.out;Allocating group tables: done
2020-01-27T17:19:23Z,onboot.000-storage-init.out;Writing inode tables: done
2020-01-27T17:19:23Z,onboot.000-storage-init.out;Creating journal (16384 blocks): done
2020-01-27T17:19:24Z,onboot.000-storage-init.out;Writing superblocks and filesystem accounting information: done
2020-01-27T17:19:24Z,onboot.000-storage-init.out;
2020-01-27T17:19:24Z,onboot.000-storage-init.out;2020-01-27T17:19:24,393445693+00:00 mkfs.ext4 /dev/sda9 successful
2020-01-27T17:19:24Z,onboot.000-storage-init.out;tune2fs 1.45.2 (27-May-2019)
2020-01-27T17:19:22Z,onboot.000-storage-init.err;e2fsck 1.45.2 (27-May-2019)
2020-01-27T17:19:22Z,onboot.000-storage-init.err;fsck.ext4: Bad magic number in super-block while trying to open /dev/sda9
2020-01-27T17:19:22Z,onboot.000-storage-init.err;mke2fs 1.45.2 (27-May-2019)
[ 44.198146] IPVS: ftp: loaded support on port[0] = 21
2020-01-27T17:19:36Z,onboot.002-rngd.err;2020/01/27 17:19:36 No random source available
2020-01-27T17:19:39Z,onboot.003-modprobe.err;modprobe: can't load module nct6775 (kernel/drivers/hwmon/nct6775.ko): No such device
2020-01-27T17:19:39Z,onboot.003-modprobe.err;modprobe: can't load module w83627hf_wdt (kernel/drivers/watchdog/w83627hf_wdt.ko): No such device
2020-01-27T17:19:39Z,onboot.003-modprobe.err;modprobe: module wlcore_sdio not found in modules.dep
2020-01-27T17:19:39Z,onboot.003-modprobe.err;modprobe: module wl18xx not found in modules.dep
2020-01-27T17:19:39Z,onboot.003-modprobe.err;modprobe: module br_netfilter not found in modules.dep
INFO[0004] starting containerd revision=d64c661f1d51c48782c9cec8fda7604785f93587 version=v1.1.1
INFO[0004] loading plugin "io.containerd.content.v1.content"... type=io.containerd.content.v1
INFO[0004] loading plugin "io.containerd.snapshotter.v1.btrfs"... type=io.containerd.snapshotter.v1
WARN[0004] failed to load plugin io.containerd.snapshotter.v1.btrfs error="path /var/lib/containerd/io.containerd.snapshotter.v1.btrfs must be a btrfs filesystem to be used with the btrfs snapshotter"
INFO[0004] loading plugin "io.containerd.snapshotter.v1.aufs"... type=io.containerd.snapshotter.v1
WARN[0004] failed to load plugin io.containerd.snapshotter.v1.aufs error="modprobe aufs failed: "modprobe: module aufs not found in modules.dep\n": exit status 1"
INFO[0005] loading plugin "io.containerd.snapshotter.v1.native"... type=io.containerd.snapshotter.v1
INFO[0005] loading plugin "io.containerd.snapshotter.v1.overlayfs"... type=io.containerd.snapshotter.v1
INFO[0005] loading plugin "io.containerd.snapshotter.v1.zfs"... type=io.containerd.snapshotter.v1
WARN[0005] failed to load plugin io.containerd.snapshotter.v1.zfs error="path /var/lib/containerd/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter"
INFO[0005] loading plugin "io.containerd.metadata.v1.bolt"... type=io.containerd.metadata.v1
WARN[0005] could not use snapshotter zfs in metadata plugin error="path /var/lib/containerd/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter"
WARN[0005] could not use snapshotter btrfs in metadata plugin error="path /var/lib/containerd/io.containerd.snapshotter.v1.btrfs must be a btrfs filesystem to be used with the btrfs snapshotter"
WARN[0005] could not use snapshotter aufs in metadata plugin error="modprobe aufs failed: "modprobe: module aufs not found in modules.dep\n": exit status 1"
INFO[0005] loading plugin "io.containerd.differ.v1.walking"... type=io.containerd.differ.v1
INFO[0005] loading plugin "io.containerd.gc.v1.scheduler"... type=io.containerd.gc.v1
INFO[0005] loading plugin "io.containerd.service.v1.containers-service"... type=io.containerd.service.v1
INFO[0005] loading plugin "io.containerd.service.v1.content-service"... type=io.containerd.service.v1
INFO[0005] loading plugin "io.containerd.service.v1.diff-service"... type=io.containerd.service.v1
INFO[0005] loading plugin "io.containerd.service.v1.images-service"... type=io.containerd.service.v1
INFO[0005] loading plugin "io.containerd.service.v1.leases-service"... type=io.containerd.service.v1
INFO[0005] loading plugin "io.containerd.service.v1.namespaces-service"... type=io.containerd.service.v1
INFO[0005] loading plugin "io.containerd.service.v1.snapshots-service"... type=io.containerd.service.v1
INFO[0005] loading plugin "io.containerd.monitor.v1.cgroups"... type=io.containerd.monitor.v1
INFO[0005] loading plugin "io.containerd.runtime.v1.linux"... type=io.containerd.runtime.v1
INFO[0005] loading plugin "io.containerd.service.v1.tasks-service"... type=io.containerd.service.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.containers"... type=io.containerd.grpc.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.content"... type=io.containerd.grpc.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.diff"... type=io.containerd.grpc.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.events"... type=io.containerd.grpc.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.healthcheck"... type=io.containerd.grpc.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.images"... type=io.containerd.grpc.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.leases"... type=io.containerd.grpc.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.namespaces"... type=io.containerd.grpc.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.snapshots"... type=io.containerd.grpc.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.tasks"... type=io.containerd.grpc.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.version"... type=io.containerd.grpc.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.introspection"... type=io.containerd.grpc.v1
INFO[0006] serving... address="/run/containerd/debug.sock"
INFO[0006] serving... address="/run/containerd/containerd.sock"
INFO[0006] containerd successfully booted in 1.727565s
INFO[0009] shim containerd-shim started address="/containerd-shim/services.linuxkit/guacd/shim.sock" debug=false pid=623
INFO[0027] shim containerd-shim started address="/containerd-shim/services.linuxkit/ntpd/shim.sock" debug=false pid=664
INFO[0043] shim containerd-shim started address="/containerd-shim/services.linuxkit/pillar/shim.sock" debug=false pid=707
INFO[0054] shim containerd-shim started address="/containerd-shim/services.linuxkit/sshd/shim.sock" debug=false pid=758
INFO[0068] shim containerd-shim started address="/containerd-shim/services.linuxkit/vtpm/shim.sock" debug=false pid=847
INFO[0082] shim containerd-shim started address="/containerd-shim/services.linuxkit/wlan/shim.sock" debug=false pid=940
INFO[0091] shim containerd-shim started address="/containerd-shim/services.linuxkit/wwan/shim.sock" debug=false pid=1044
[ 210.288551] usbcore: registered new interface driver qcserial
[ 210.427642] usbserial: USB Serial support registered for Qualcomm USB modem
[ 210.794798] usbcore: registered new interface driver cdc_wdm
[ 211.040261] usbcore: registered new interface driver qmi_wwan
WARNING: no device cert; using onboarding cert at 2020-01-27T17:23:16.511788955Z
INFO: updated diag information at 2020-01-27T17:23:18.401712569Z
ERROR: Summary: Waiting for DHCP IP address(es)
INFO: Have 0 total ports. 0 ports should be connected to EV controller
ERROR: No ports specified to have EV controller connectivity
INFO: updated diag information at 2020-01-27T17:23:24.776025304Z
ERROR: Summary: Waiting for DHCP IP address(es)
WARNING: Have no currently working DevicePortConfig
INFO: Have 0 total ports. 0 ports should be connected to EV controller
ERROR: No ports specified to have EV controller connectivity
[ 277.244785] cfg80211: Loading compiled-in X.509 certificates for regulatory database
[ 278.183820] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7'
[ 278.205974] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 278.217270] cfg80211: failed to load regulatory.db
[ 285.576500] 8021q: adding VLAN 0 to HW filter on device eth0
[ 294.319460] 8021q: adding VLAN 0 to HW filter on device eth1
INFO: updated diag information at 2020-01-27T17:24:09.12067872Z
ERROR: Summary: Trying to connect to EV Controller
WARNING: Have no currently working DevicePortConfig
WARNING: The configuration below is under test hence might report failures
INFO: Have 2 total ports. 2 ports should be connected to EV controller
INFO: Port eth0: for EV Controller without usage-based charging
INFO: eth0: IP address "REDACTED" geolocated to {"REDACTED"}
INFO: eth0: IP address"REDACTED" not geolocated
INFO: eth0: DNS servers:"REDACTED",
INFO: eth0: no http(s) proxy
INFO: eth0: DNS lookup of zedcloud.alpha.zededa.net returned 54.245.43.31
INFO: eth0: zedcloud.alpha.zededa.net/api/v1/edgedevice/ping StatusOK
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: Exceeded 5 retries for get config
INFO: Port eth1: for EV Controller without usage-based charging
INFO: eth1: IP address "REDACTED" not geolocated
INFO: eth1: DNS servers: "REDACTED",
INFO: eth1: no http(s) proxy
INFO: eth1: DNS lookup of zedcloud.alpha.zededa.net returned 54.245.43.31
INFO: eth1: zedcloud.alpha.zededa.net/api/v1/edgedevice/ping StatusOK
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: Exceeded 5 retries for get config
WARNING: 0 out of 2 ports specified to have EV controller connectivity passed test
WARNING: Switching from onboard to device cert
INFO: updated diag information at 2020-01-27T17:25:57.138791839Z
ERROR: Summary: Trying to connect to EV Controller
WARNING: Have no currently working DevicePortConfig
INFO: Have 2 total ports. 2 ports should be connected to EV controller
INFO: Port eth0: for EV Controller without usage-based charging
INFO: eth0: IP address "REDACTED" geolocated to {"REDACTED"}
INFO: eth0: IP address "REDACTED" not geolocated
INFO: eth0: DNS servers: "REDACTED",
INFO: eth0: no http(s) proxy
INFO: eth0: DNS lookup of zedcloud.alpha.zededa.net returned "REDACTED"
INFO: eth0: zedcloud.alpha.zededa.net/api/v1/edgedevice/ping StatusOK
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: Exceeded 5 retries for get config
INFO: Port eth1: for EV Controller without usage-based charging
INFO: eth1: IP address "REDACTED" geolocated to {"REDACTED"}
INFO: eth1: IP address "REDACTED" not geolocated
INFO: eth1: DNS servers: "REDACTED",
INFO: eth1: no http(s) proxy
INFO: eth1: DNS lookup of zedcloud.alpha.zededa.net returned "REDACTED"
INFO: eth1: zedcloud.alpha.zededa.net/api/v1/edgedevice/ping StatusOK
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: Exceeded 5 retries for get config
WARNING: 0 out of 2 ports specified to have EV controller connectivity passed test
INFO: updated diag information at 2020-01-27T17:27:41.806305932Z
ERROR: Summary: Trying to connect to EV Controller
INFO: Using highest priority DevicePortConfig key lastresort
INFO: Have 2 total ports. 2 ports should be connected to EV controller
INFO: Port eth0: for EV Controller without usage-based charging
INFO: eth0: IP address "REDACTED" geolocated to {"REDACTED"}
INFO: eth0: IP address "REDACTED" not geolocated
INFO: eth0: DNS servers: "REDACTED",
INFO: eth0: no http(s) proxy
INFO: eth0: DNS lookup of zedcloud.alpha.zededa.net returned 54.245.43.31
INFO: eth0: zedcloud.alpha.zededa.net/api/v1/edgedevice/ping StatusOK
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: Exceeded 5 retries for get config
INFO: Port eth1: for EV Controller without usage-based charging
INFO: eth1: IP address "REDACTED" geolocated to {"REDACTED"}
INFO: eth1: IP address "REDACTED" not geolocated
INFO: eth1: DNS servers: "REDACTED",
INFO: eth1: no http(s) proxy
INFO: eth1: DNS lookup of zedcloud.alpha.zededa.net returned 54.245.43.31
INFO: eth1: zedcloud.alpha.zededa.net/api/v1/edgedevice/ping StatusOK
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: Exceeded 5 retries for get config
WARNING: 0 out of 2 ports specified to have EV controller connectivity passed test
ERROR: eth1: Exceeded 5 retries for get config
WARNING: 0 out of 2 ports specified to have EV controller connectivity passed test
This is a tracking issue.
EVE currently runs as a series of services in containers - mostly a few and one big one called pillar
- on a device.
We have two goals:
downloader
all by itself.This is the tracking issue for the first. It is a place for design discussions as well as the checklist for what is needed. Each item on the checklist should have a PR link next to it.
When I run the Stop and Start actions in the ZedControl web interface for the AlpineDocker application from the App Marketplace, I get an error message:
"Deactivate Request to Edge App Instance 'kora013' failed: Invalid characters in Title"
but the title "test application 013" was taken when creating the application without any comment.
Go to application management interface:
https://zedcontrol.zededa.net/edge-app-instances/393c7139-118a-4667-97dc-9742c70ef935/details/status
and try to choose the “Stop” or “Start” menu items.
Error message "Invalid characters in Title" without changing the state and status of the application.
The application must be stopped and started.
Description
Trying to build for ARM as per documentation fails.
There is another issue open about ARM64 cross compilation, but it does not seem to be the same thing
Steps to reproduce the issue:
make ZARCH=arm64 installer
Describe the results you received:
Makefile:42: "WARNING: We are assembling a arm64 image on x86_64. Things may break."
Creating go builder image for user gorkag
eve-build-gorkag docker container is ready to use
Done building /home/gorkag/projects/eve/build-tools/bin/linuxkit
mkdir -p /home/gorkag/projects/eve/dist/arm64
./tools/makerootfs.sh images/rootfs.yml squash /home/gorkag/projects/eve/dist/arm64/rootfs.img
Extract kernel image: lfedge/eve-kernel:5303468200baef2e1747f2ded4ba3e0413400c79-arm64
Pull image: lfedge/eve-kernel:5303468200baef2e1747f2ded4ba3e0413400c79-arm64
FATA[0001] Failed to extract kernel image and tarball: Could not pull image lfedge/eve-kernel:5303468200baef2e1747f2ded4ba3e0413400c79-arm64: Error response from daemon: manifest for lfedge/eve-kernel:5303468200baef2e1747f2ded4ba3e0413400c79-arm64 not found
cat: boot/cmdline: No such file or directory
make: *** [Makefile:174: /home/gorkag/projects/eve/dist/arm64/rootfs.img] Error 1
Describe the results you expected:
No errors
Additional information you deem important (e.g. issue happens only occasionally):
Looked into docker hub and lfedge/eve-kernel:5303468200baef2e1747f2ded4ba3e0413400c79-arm64 does not seem to be present. In fact there does not seem to be any ARM64 containers there, only amd64
This is a discussion issue to figure out how we handle multiple image yml files. As of this writing, and the recently merged #849, we have multiple rootfs image files:
rootfs.yml
which contains all of the common information for imagesActually, each is a .yml.in
which then is merged and patched, but getting past .in
files is a separate discussion.
The problem with using patch files in this use case is that they are brittle. They have very specific lines that you add/remove/change. This works well for source code, where lines have little inherent structure. yml (and json) are by definition structured and easy to patch. There even are RFC standards for json patch and json merge patch.
The kubernetes version of strategic merge patch is even easier, but depends on some annotations.
A JSON Patch to replace rootfs-acrn.yml.in would look something like:
Description
Quick cross build of pillar from amd64 to arm64 seems to be broken
Steps to reproduce the issue:
On amd64:
$ cd pkg/pillar
$ make GOARCH=arm64 build-docker
Sometime is desirable to simply cross-build pillar alone and then replace it inside of the image that is being build for deployment
INFO: Port eth1: for EV Controller without usage-based charging
INFO: eth1: IP address 192.168.2.10 geolocated to {IP:211.21.182.139 Hostname:211-21-182-139.hinet-ip.hinet.net City:Taipei Region:Taiwan Country:TW Loc:25.0478,121.5319 Org:AS3462 Data Communication Business Group Postal:}
INFO: eth1: IP address fec0::a15a:67ac:731b:8c1b not geolocated
INFO: eth1: DNS servers: 192.168.2.3,
INFO: eth1: no http(s) proxy
INFO: eth1: DNS lookup of zedcloud.alpha.zededa.net returned 54.245.43.31
INFO: eth1: zedcloud.alpha.zededa.net/api/v1/edgedevice/ping StatusOK
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: Exceeded 5 retries for get config
WARNING: 0 out of 2 ports specified to have EV controller connectivity passed test
I have above error message in the end while running make run
, don't think it's normal...
Is this has something to do with the proxies setting mentioned in README?
I'm running EVE in ubuntu VM hosted on my MacBookPro which connect to internet through wifi
what's the proper way to configure my proxy setting in this scenario
Thanks for the help
In BUILD.md we have
-* live.raw
- a live bootable disk image, will be converted to qcow2. Has 2 gpt partitions:
and
-live.raw
is a live bootable raw disk image with both a rootfs and a UEFI boot partition.
However, the live image also contains a FAT32 config partition.
Description
Steps to reproduce the issue:
Describe the results you received:
Describe the results you expected:
Additional information you deem important (e.g. issue happens only occasionally):
Description
When run in a docker container, we explicitly move out of the GOPATH
to build. But when run locally, we run into build issues.
Steps to reproduce the issue:
go get github.com/lf-edge/eve
cd $GOPATH/src/github.com/lf-edge/eve
cd pkg/pillar
make zedbox
Describe the results you received:
Building dist/amd64/zedbox
go build -mod=vendor -ldflags -X=main.Version=-70860ff8-2019-05-22.09.52 -o dist/amd64/zedbox ./zedbox
build flag -mod=vendor only valid when using modules
make: *** [dist/amd64/zedbox] Error 1
Describe the results you expected:
It should build
Additional information you deem important (e.g. issue happens only occasionally):
Will open a PR to fix it.
We've added support in the API for this (https://github.com/lf-edge/eve/blob/master/api/proto/flowlog/flowlog.proto) and that includes an aclNum.
However, the config API does not include a number. We can have infer a number based on the sequence in the 'repeated ACE acls = 40;' in the config API, but it is better to add a number in the ACE definition.
In addition, the ACE can benefit from a direction ("from app instance" vs. "to app instance") for packets. That would enable having different rate limits for inbound and outbound packets.
The idea is to use conntrack to do this and extract it using netlink.
One of the challenges is to correlate the flows with the ACLs (and report than in aclNum in the flowlog API), for both flows which are accepted and rejected.
We've added support in the API for this (https://github.com/lf-edge/eve/blob/master/api/proto/flowlog/flowlog.proto) and need to implement the DNS side of that.
See also #100
We should be able to get dnsmasq to dump this, or alternatively, scan the dnsmasq logs.
One thing we'd like is the timestamp from when the (initial) DNS query was made, since that helps with correlating a DNS lookup with a TCP/UDP flow reported in the flowlog API.
We should probably start by getting to Stage 3 of LF Edge Project Status and then the sky is the limit!
EVE works out of configuration that is supplied and attempt to reach to that state. In configuration supplied to EVE, there are commands to either restart device or application. In future we might have more such operations which be added.
I think we need ability to know that particular command has been executed. In deviceInfo and applicationInfo message can be extended to support this feature.
This is a discussion issue to figure out how we handle multiple image yml files. As of this writing, and the recently merged #849, we have multiple rootfs image files:
rootfs.yml
which contains all of the common information for imagesActually, each is a .yml.in
which then is merged and patched, but getting past .in
files is a separate discussion.
The problem with using patch files in this use case is that they are brittle. They have very specific lines that you add/remove/change. This works well for source code, where lines have little inherent structure. yml (and json) are by definition structured and easy to patch. There even are RFC standards for json patch and json merge patch.
The kubernetes version of strategic merge patch is even easier, but is not an RFC, and depends on some annotations or other logic of how to handle lists.
A JSON Patch style, done as yml, to replace rootfs-acrn.yml.in would look something like:
- op: replace
path: "/kernel/image"
value: ACRN_KERNEL_TAG
- op: replace
path: "/init/7"
value: ACRN_TAG
- op: remove
path: "/services/10"
- op: test
path: "/init/7"
value: XEN_TAG
- op: test
path: "/services/10/image"
value: XENTOOLS_TAG
A json merge patch wouldn't work, since a jsonmerge patch replaces an entire list.
Finally, we could look at the Kubernetes version of the strategic merge patch, which, if planned correctly, would let us do something like this:
kernel:
image: ACRN_KERNEL_TAG // change the /kernel/image value to ACRN_KERNEL_TAG
init:
- ACRN_TAG // add the primitive "ACRN_TAG" to the list "init"
services:
- name: xen-tools
$patch: delete // delete the item whose name is "xen-tools"
$deleteFromPrimitiveList/init:
- XEN_TAG // delete "XEN_TAG" from the primitive list
This came from a discussion with @rvs
An alternate approach would be to get multiple files into linuxkit, just as we do with docker-compose. E.g.
linuxkit build rootfs.yml acrn.yml
We have discussed it in linuxkit, but never came to a conclusion. I would be willing to pursue it further.
Fill out relevant section(s) in the docs/SECURITY.md especially Initial on-boarding and Identity of EVE's instance
The Makefile here sets:
CONF_PART=$(CURDIR)/../adam/run/config
and then includes it here as:
QEMU_OPTS_CONF_PART=$(shell [ -d $(CONF_PART) ] && echo '-drive file=fat:rw:$(CONF_PART),format=raw')
This means that if someone has the adam repo in the right place, whatever they are using will show up rather suddenly. This sucks the default runtime config for adam as a standalone into a running eve.
This should just be removed
cc @rvs
Installer images on Dell Edge Gateway 3000 series targets must provide a special command file (UsbInvocationScript.txt
) on the USB drive in order for the installer to run and the live system to boot. This BIOS will search for this file on a fat32 partition; when found, we need it to execute commands to 1) boot from USB and 2) disable Secure Boot. The following script works to accomplish this mission:
usb_disable_secure_boot noreset;
usb_one_time_boot usb nolog;
It is possible (though possibly undesirable) to simply include this file unconditionally on all images in the configuration partition, as other targets (and EVE) will simply ignore that file. If such unconditional inclusion seems reasonable, I can submit a PR to include that file; otherwise, I will need advice on how to modify the build system to include it only when building images for those targets.
Fill out relevant section(s) in the docs/SECURITY.md
Please implement a way to run Yetus checks on our code changes before we create a pull request. Right now, we submit a PR, and then come to know about Yetus errors as part of the checks. We end up wasting circleCI bandwidth in iterating over Yetus failures, and becomes a time hurdle in code reviews.
What would be good is to have a way to run Yetus on our local EVE repository, so that we can validate Yetus in our laptop before we even create a PR.
Finished with errors.
Run 'make yetus'
Running yetus
build-tools/src/yetus/test-patch.sh
ERROR: yetus-dl: unable to fetch https://www.apache.org/dyn/closer.cgi?action=download&filename=yetus/0.11.0/apache-yetus-0.11.0-bin.tar.gz.asc
build-tools/src/yetus/test-patch.sh: line 56: /tmp/yetus/bin/test-patch: No such file or directory
Makefile:157: recipe for target 'yetus' failed
make: *** [yetus] Error 127
eve_make_yetus.002.log (END)
Running yetus
build-tools/src/yetus/test-patch.sh
/tmp/yetus-out has been created
Modes: Docker
....
============================================================================
============================================================================
Finished build.
============================================================================
============================================================================
The root of the problem is in the apache/yetus version, which fixed on pull request.
When I use mqtt-eclipse-broker from App Marketplace, I got the error:
"domainmgr.doActivate: Retry xl create for kora011.1: failed unable to create mountPointFile: createMountPointFile: Number of volumes provided: 0 is less than number of mount-points: 2."
Run State -- Error
Run State -- Online
Unit tests need to be put into a separate check in the circle pipeline and we also need to make sure make test target returns non-0 exit code if tests fail
I think we should write up the end-to-end workflows which are relevant.
One is onboarding using a product key plus serial, with a need to gather software serial numbers. That one has a weak security binding, but I think there is a discussion to be had whether we can use the TPM at install time and get a stronger binding.
The other use case is more about gathering inventory than install time options.
So walking through the use cases makes sense to me and then gathering feedback.
In any case, we should make the information we gather be consistent.
It is imperative that sensitive information while getting exchanged between Cloud Controller and EVE is not in plain text but in encrypted form. For increased level of security, object level encryption should be used end to end instead of only relying on the TLS. (Note that there are no TLS level proxies; merely support for http proxies which can not see the payload).
Zedagent microservice is responsible fetching the configuration from Controller, periodically. Controller will encrypt configuration with device public key before sending it to zedagent. Zedagent will decrypt using device private key before processing the configuration. In future, a key refreshing mechanism can be brought in place. I.e. instead of using a fixed keypair, we can rotate the keypair on a periodic basis. This will be investigated in later phases.
It is also imperative to store sensitive information on desk in encrypted format, instead of plain text. This is required in addition to disk/partition/directory level encryption, so that even in case of a hacker getting root access to the device, can access the file system, but the contents of the file can not be decoded without getting access to the decryption access. I.e.
File system level encryption ensures security in case the disk is physically stolen/compromised
Encrypting sensitive information before storing on the disk ensures that even if some hacker/malware gets root access on the device, the sensitive information stored in the file is not in plain text.
Zedagent microservice is responsible for parsing the configuration from controller, and passing the configuration to other microservices using pubsub infrastructure. In the process, zedagent writes device config under /persist/config/checkpoint and /persist/config/GlobalConfig. While writing to these directories, sensitive information like VncPassword, S3 Storage credentials will be encrypted using public key of the device. Accordingly the readers/subscribers who are processing this config will also be modified to decrypt using device.key.pem(for devices without TPM) or with device key inside TPM.
Since this activity involves code changes in Controller as well as in EVE, the following transition plan is proposed:
First implement a POST api in controller for fetching device config. This is in addition to existing GET method
In the POST method, send device config after encrypting it using device’s public key
Change EVE code to do a POST instead of GET, and from reply to the POST message decrypt the device config sent from Controller using device’s private key
Devices running old code will still do a GET and Controller will reply to GET with device config in plain text - This is till all devices are upgraded to use POST instead of GET
Once all devices are upgraded to new method, stop processing GET in Controller
When sending an /info
message, the DevId
property should contain the UUID of the device, but the message is a ""
.
We need a way to simplify changing runtime config when building. Specifically, we should be able to do make installer
or make live
and have it build with the following alternate runtime parameters:
The simplest way might be (as discussed):
make live CONTROLLER=https://192.168.7.5:443/ SERVER_CERT=./cert-file.pem
When finished, it should indicate where the onboard cert is, and what its serial will be, if available.
cc @rvs
It is hard to find the docs down in pkg/pillar if you don't know they are there.
Description
After building cleanly on Ubuntu 16.04 and attempt to make run fails with an error (qemu-system-x86_64: -nic: invalid option).
Steps to reproduce the issue:
make build-tools
make live
make run
Describe the results you received:
Creating go builder image for user peter
eve-build-peter docker container is ready to use
cd /build1/peter/EVE/eve/dist/amd64/bios ; _() { C=`docker create $1 fake` ; docker export $C | tar -xf - $2 ; docker rm $C ; } ; _ lfedge/eve-uefi:aef36d9c29fd16f9bae72a74d887568f0ef138f0-amd64 OVMF.fd
9d8e7a50bb12765847ff7b4799f6ac4bc6828d0f0e50a962cfe97983b3039f0c
qemu-system-x86_64 -smbios type=1,serial=31415926 -m 4096 -smp 4 -display none -serial mon:stdio -bios /build1/peter/EVE/eve/dist/amd64/bios/OVMF.fd -rtc base=utc,clock=rt -nic user,id=eth0,net=192.168.1.0/24,dhcpstart=192.168.1.10,hostfwd=tcp::2222-:22 -nic user,id=eth1,net=192.168.2.0/24,dhcpstart=192.168.2.10 -cpu SandyBridge -drive file=/build1/peter/EVE/eve/dist/amd64/live.img,format=qcow2
qemu-system-x86_64: -nic: invalid option
Makefile:152: recipe for target 'run' failed
make: *** [run] Error 1
Describe the results you expected:
Additional information you deem important (e.g. issue happens only occasionally):
qemu-system-x86_64 is at version 2.5.0
From #314 Conversations:
@rvs:
Since you now turned vaultmgr into a microservice I'm wondering if there's a way to get rid of initialization on line 237 in device-steps.sh to make vaultmgr self-contained.
@cshari-zededa:
a) Folding the initialisation done on line 237 into vaultmgr microservice is not trivial, and needs a thought process on its own(and probably need a EVE proposal as well), may I address this in a separate PR?
-- Hence this issue.
We have a few places where we do *.in
files, which are then parsed somehow, primarily some commands called from the Makefile
and often involving parse-pkgs.sh
, to generate the actual files. This is intended as a discussion issue where we can discuss ways to simplify the flow, and if those are any better.
The intent is to get to a "preferred flow", i.e. what we would like this to look like, and then we can look at implementation. It is not at all clear that any of these is better than the current one, but should raise the issues.
We have two categories of .in
files: Dockerfile.in
and linuxkit yml.in
. Both are there for the same reason. Some of our packages in pkg/
depend on other packages in pkg/
, and our linuxkit config ymls depend on all of the packages in pkg/
. These have image tags generated by using the git tree hash, which changes with commits. Rather than having to modify the 6 or so files over and over again - and risking missing changes - we do the following:
pkg/
with no other dependencies in pkg/
Dockerfile
for those docker images in pkg/
with dependencies on other packages in pkg/
based on the output of the previous steprootfs.yml
for the OS image based on the outputs of the two previous stepsThe actual trees of dependencies is pretty small:
pkg/
are completely independentpkg/xen-tools
depends on pkg/uefi
pkg/qrxec-lib
depends on pkg/xen-tools
pkg/qrexec-dom0
depends on pkg/qrexec-lib
and pkg/xen-tools
rootfs.yml
depends on all pkg/
The challenges with the way it is currently structured are:
pkg/strongswan
by doing lkt pkg build pkg/strongswan
or even just cd pkg/strongswan; docker build .
, but I have an extra step I need to do for xen-tools
.Dockerfile
, just a Dockerfile.in
Here are some potential alternative paths.
One approach is to replace the Dockerfile.in
and rootfs.yml.in
with just Dockerfile
and rootfs.yml
which have the actual hashes in them. Maintaining these would be a pain, so we would need to have a tool that updates the files in place. This resolves most of the above issues. The approach would look something like:
parse-pkgs.sh
or similar) that would update the files that need updating.This is the approach that linuxkit itself has been using for a few years. It has pros and cons - sometimes you forget to update, but that can be handled by a Makefile. Most importantly, you know exactly where you stand. Because the Dockerfile
and rootfs.yml
are in version control, not just the *.in
files, you know immediately if something has changed.
docker build
supports --build-args
; linuxkit pkg
and linuxkit build
do not. We could extend it so that it does, and the builds would be something like the following:
Dockerfile for xen-tools, checked into git:
ARG UEFI_TAG
FROM lfedge/eve-uefi:${UEFI_TAG} as uefi-build
And build it as:
docker build --build-arg UEFI_TAG=abcd1234 ...
# OR
linuxkit pkg build --build-arg UEFI_TAG=abcd1234 ...
We would need to generate the --build-arg
options using some variant on parse-pkgs.sh
, but again it is doable.
This doesn't get everything in version control, but does simplify the build process
This is a combination of the two previous. Rather than generating the build-args on the fly, we keep the build-args in a single file in key=value
or yml
format in the root of this repo. We then have the build source it. We regenerate the file as needed.
For discussion @rvs @eriknordmark @kalyan-nidumolu , with whom I have discussed this to some degree, and anyone else interested.
This is a tracking issue for running pillar as a standalone container. This means, we should be able to do the following outside of a running EVE instance (virtual or physical):
docker run -v $PWD/persist:/var/persist lf-edge/pillar
or similar, and get a fully-running pillar instance.
The goal is to reduce the cycle time for development and debugging drastically, as well as simplify the development on-boarding process. Currently, to test anything material in pillar means building a rootfs/live image, and running it in qemu or on a real device. The time to build the image, launch it, register it with a controller, wait for it to sync, etc., is quite high, creating a very high cycle time. Further, the number of issues that can block it (minor errors in network configuration, app configuration, etc.) is too high.
This should be a tracking issue. No specific changes should be on this issue, other than discussions about how to achieve it.
Known issues and requirements:
nim
/persist
and /config
should be available, so we can update code without changing config, as well as easily read logs from outside the container... add more issues here...
The changes to datastore configuration, it does not take affect.
Obseverved result: once the datastore configuration is bad, the object download always fails.
Expected result: update the datastore configuration, the object download should suceed.
Solution:
Fill out relevant section(s) in the docs/SECURITY.md
We do not need "\n" at the end of each log statement - This was from using an older logging package.
Re-enable yetus to flag these and gradually get rid of \n
Description
The only reason we use CGO_ENABLED=1
in pillar
is because of zedpac
. That, in itself, is just a single function that makes other calls. We should replace this with native go code when possible.
@rvs responded:
Actually no -- its not a single function -- it is an entire implementation of the duktape JavaScript engine that we're embedding -- replacing it will be pretty difficult
We should evaluate what we are using JS for, and see if there is an easier way to do it. There may not be, and thus we may need to live with it.
If not, we should pull it out so that it and only it requires CGO_ENABLED
, and it doesn't completely affect the build of pillar
.
The "make live" step in the documentation will fail to execute linuxkit on Ubuntu 18.04.3 LTS.
If you attempt to execute it, bash will complain:
$ ./build-tools/bin/linuxkit
-bash: ./build-tools/bin/linuxkit: No such file or directory
Because it can't find the shared libraries:
$ ldd ./build-tools/bin/linuxkit
linux-vdso.so.1 (0x00007fff1e98e000)
libc.musl-x86_64.so.1 => not found
This can be resolved by installing the "musl" package.
sudo apt install musl
$ ./build-tools/bin/linuxkit
Please specify a command.
USAGE: linuxkit [options] COMMAND
Commands:
build Build an image from a YAML file
metadata Metadata utilities
pkg Package building
push Push a VM image to a cloud or image store
run Run a VM image on a local hypervisor or remote cloud
serve Run a local http server (for iPXE booting)
version Print version information
help Print this message
Run 'linuxkit COMMAND --help' for more information on the command
Options:
-q Quiet execution
-v Verbose execution
I suggest adding documentation listing musl as a necessary host requirement.
Description
circleci config is in place, but CI is not running
Steps to reproduce the issue:
Open a PR. See no checks enabled.
Describe the results you received:
No CI ran.
Describe the results you expected:
CI runs.
Additional information you deem important (e.g. issue happens only occasionally):
Description
api/API.md is outdated. It has not been updated with the new api proto directory layout (organized based on the REST APIs). Some APIs are not documented.
Steps to reproduce the issue:
Describe the results you received:
Describe the results you expected:
Additional information you deem important (e.g. issue happens only occasionally):
We've added support in the API for this (https://github.com/lf-edge/eve/blob/master/api/proto/flowlog/flowlog.proto) and need to implement this.
The idea is to use conntrack to do this and extract it using netlink.
One of the challenges is to correlate the flows with the ACLs (and report than in aclNum in the flowlog API), for both flows which are accepted and rejected.
On most x86 platforms EVE gets the serial number out of SMBIOS. On ARM64 (and more specifically RaspberryPi 4) the situation is more complex raspberrypi/linux#1670
We need to settle on a way of having a serial # for our RaspberryPi 4 builds. Options I see:
Personally, I'm more inclined to do a proper SMBIOS-like solution for ARM (and avoid soft-serial) -- but even then we still need to decide how we're passing that information into the kernel (see options above).
Lets have a bit of a discussion on this ISSUE.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.