miragesdk: use the interface's MAC address instead of using a random one

The priv container populate the `/mac` key on startup, that the calf can then read. Also add more fine-grained control over read/write delete capabilities attached to the routes, e.g. the calf can read /mac but not write to it. Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
2025-12-01 18:50:19 +00:00 · 2017-04-07 18:02:48 +02:00
parent 0d7e584e32
commit abe96b0447
7 changed files with 49 additions and 23 deletions
--- a/projects/miragesdk/src/dhcp-client/calf/unikernel.ml
+++ b/projects/miragesdk/src/dhcp-client/calf/unikernel.ml
@@ -185,8 +185,15 @@ let set_ip_opt ctl k = function
  | None    -> Lwt.return_unit
  | Some ip -> set_ip ctl k ip

+let get_mac ctl =
+  Sdk.Ctl.Client.read ctl "/mac" >>= function
+  | Ok None   -> Lwt.return None
+  | Ok Some s -> Lwt.return @@ Macaddr.of_string (String.trim s)
+  | Error e   -> failf "get_mac: %a" Sdk.Ctl.Client.pp_error e
+
 let start () dhcp_codes net ctl =
-  Netif_fd.connect net >>= fun net ->
+  get_mac ctl >>= fun mac ->
+  Netif_fd.connect ?mac net >>= fun net ->
  let requests = match dhcp_codes with
    | [] -> default_options
    | l  ->
--- a/projects/miragesdk/src/dhcp-client/main.ml
+++ b/projects/miragesdk/src/dhcp-client/main.ml
@@ -71,24 +71,30 @@ let read_cmd file =
  else
    failwith ("Cannot read " ^ file)

- let run () cmd ethif path =
+let infof fmt =
+  Fmt.kstrf (fun msg () ->
+      let date = Int64.of_float (Unix.gettimeofday ()) in
+      Irmin.Info.v ~date ~author:"priv" msg
+    ) fmt
+
+let run () cmd ethif path =
  let cmd = match cmd with
    | None   -> default_cmd
    | Some f -> read_cmd f
  in
  Lwt_main.run (
    let routes = [
-      "/ip";
-      "/gateway";
-      "/domain";
-      "/search";
-      "/mtu";
-      "/nameservers/*"
+      "/ip"     , [`Write];
+      "/mac"    , [`Read ];
+      "/gateway", [`Write];
    ] in
    Ctl.v path >>= fun db ->
    let ctl fd = Ctl.Server.listen ~routes db fd in
    let handlers () = Handlers.watch ~ethif db in
    let net = Init.rawlink ~filter:(dhcp_filter ()) ethif in
+    Net.mac ethif >>= fun mac ->
+    let mac = Macaddr.to_string mac ^ "\n" in
+    Ctl.KV.set db ~info:(infof "Add mac") ["mac"] mac >>= fun () ->
    Init.run t ~net ~ctl ~handlers cmd
  )