lf-edge / eve Goto Github PK

EVE is Edge Virtualization Engine

Home Page: https://www.lfedge.org/projects/eve/

License: Apache License 2.0

Makefile 1.09% Go 88.98% Dockerfile 1.72% Shell 6.21% Python 0.64% C++ 0.67% C 0.53% Roff 0.09% NSIS 0.01% Meson 0.02% Batchfile 0.04%

iot edge linux-foundation virtualization security networking operating-system

eve's People

Contributors

Stargazers

Watchers

Forkers

gregchase eriknordmark rvs zedvijay deitch ckzed aw-was-here archishou spatchineelam bharani-zededa yuganshmohan lf-edge-eve naiming-zededa junjunshan1 kalyan-nidumolu ravi-zededa qskytimq ppal-zededa mhall119 glguida chrisdutz jren1 jithinraj gesse1987 janitha09 ssat-zededa sbsteele hexming003 gkodali-zededa zach-welch-timesys apetersonz8728 aaron-zededa dave-tucker zed-rishabh adarshsrinivasan sesa258801 antweiss saurabh-zededa michel-zededa giggsoff sadov itmo-eve grail j13tw ahlinc cjliu20152 wortexx ryu25ish daizhen228 zededa chethu2 rudderfree peterfang pollend beshleman ani-sinha temerkhanov perry-amsterdam hhagiwara 0xden ernestchen1 insei mperov dautovri dmitriy-khokhlov dkionka polymath-is rampenke fabiofi mydatascience thillaivasan-hcltech andrey-kovinjonok petr-zededa zed-sadov ivyomxt encabulator bear-metal leminnov vmlemon milan-zededa thedutchdevil zededa-yuri vk-en kgiori johndmcmaster mw-digital-creators dalalsunil1986 ngjaying erkki ekmixon sfrias marcricharme kmluoh mikem-zed srinibas-zededa vedantparanjape sofiatiwati54 algermissen wahello ppallap

eve's Issues

mqtt-eclipse-broker application error

Description

When I use mqtt-eclipse-broker from App Marketplace, I got the error:

"domainmgr.doActivate: Retry xl create for kora011.1: failed unable to create mountPointFile: createMountPointFile: Number of volumes provided: 0 is less than number of mount-points: 2."

Steps to Reproduce

http://sdn.ifmo.ru/projects/eve/eveadm/tests/testing-test_domainmgr-py-on-itmo-testbed-with-ubuntu-18-04-february-25-2020/test_domainmgr-py-itmo_testbed-testing-20200225

Actual Results

Run State -- Error

Expected Results

Run State -- Online

Additional Information

Description

When I run the Stop and Start actions in the ZedControl web interface for the AlpineDocker application from the App Marketplace, I get an error message:

"Deactivate Request to Edge App Instance 'kora013' failed: Invalid characters in Title"

but the title "test application 013" was taken when creating the application without any comment.

Steps to Reproduce

Go to application management interface:

https://zedcontrol.zededa.net/edge-app-instances/393c7139-118a-4667-97dc-9742c70ef935/details/status

and try to choose the “Stop” or “Start” menu items.

Actual Results

Error message "Invalid characters in Title" without changing the state and status of the application.

Expected Results

The application must be stopped and started.

Additional Information

Failed to build xen-tools

Description
Failed to build xen-tools

Steps to reproduce the issue:

Put the dev machine behind the firewall
export https_proxy and http_proxy
run:
build-tools/bin/linuxkit pkg build pkg/xen-tools

Describe the results you received:
make[4]: Leaving directory '/xen/tools/xcutils'
make[3]: Leaving directory '/xen/tools'
make[3]: Entering directory '/xen/tools'
make -C firmware install
make[4]: Entering directory '/xen/tools/firmware'
GIT=git /xen/tools/firmware/../../scripts/git-checkout.sh git://xenbits.xen.org/seabios.git rel-1.12.0 seabios-dir
Cloning into 'seabios-dir-remote.tmp'...
fatal: unable to connect to xenbits.xen.org:
xenbits.xen.org[0: 104.239.192.120]: errno=Operation timed out
make[4]: *** [Makefile:31: seabios-dir] Error 128
make[4]: Leaving directory '/xen/tools/firmware'
make[3]: *** [/xen/tools/../tools/Rules.mk:251: subdir-install-firmware] Error 2
make[3]: Leaving directory '/xen/tools'
make[2]: Leaving directory '/xen/tools'
make[2]: *** [/xen/tools/../tools/Rules.mk:246: subdirs-install] Error 2
make[1]: *** [Makefile:74: install] Error 2
make[1]: Leaving directory '/xen/tools'
make: *** [Makefile:127: install-tools] Error 2
The command '/bin/sh -c make && make dist' returned a non-zero code: 2
exit status 2

Describe the results you expected:
the alpine docker should be able to do:
git://xenbits.xen.org/seabios.git

Additional information you deem important (e.g. issue happens only occasionally):

statuscode 404 Not Found

INFO: Port eth1: for EV Controller without usage-based charging
INFO: eth1: IP address 192.168.2.10 geolocated to {IP:211.21.182.139 Hostname:211-21-182-139.hinet-ip.hinet.net City:Taipei Region:Taiwan Country:TW Loc:25.0478,121.5319 Org:AS3462 Data Communication Business Group Postal:}
INFO: eth1: IP address fec0::a15a:67ac:731b:8c1b not geolocated
INFO: eth1: DNS servers: 192.168.2.3,
INFO: eth1: no http(s) proxy
INFO: eth1: DNS lookup of zedcloud.alpha.zededa.net returned 54.245.43.31
INFO: eth1: zedcloud.alpha.zededa.net/api/v1/edgedevice/ping StatusOK
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: Exceeded 5 retries for get config
WARNING: 0 out of 2 ports specified to have EV controller connectivity passed test

I have above error message in the end while running make run, don't think it's normal...
Is this has something to do with the proxies setting mentioned in README?
I'm running EVE in ubuntu VM hosted on my MacBookPro which connect to internet through wifi
what's the proper way to configure my proxy setting in this scenario

Thanks for the help

Provide a finer grained threat model for EVE security documentation

CI not running on PRs

Description

circleci config is in place, but CI is not running

Steps to reproduce the issue:

Open a PR. See no checks enabled.

Describe the results you received:

No CI ran.

Describe the results you expected:

CI runs.

Additional information you deem important (e.g. issue happens only occasionally):

TestPciLongExists test is failing

Description

TestPciLongExists test is failing:

Failed
ifnametopci_test.go:19: Running test case Long value: 0000:03:00.0
ifnametopci_test.go:21:
Error Trace: ifnametopci_test.go:21
Error: Not equal:
expected: true
actual : false
Test: TestPciLongExists

Steps to reproduce the issue:

$ make test
$ cat cat dist/amd64/results.xml
...

ifnametopci_test.go:19: Running test case Long value: 0000:03:00.0 ifnametopci_test.go:21: Error Trace: ifnametopci_test.go:21 Error: Not equal: expected: true actual : false Test: TestPciLongExists

Describe the results you expected:

All tests pass

Merge setting up vaults into single microservice run of vaultmgr

From #314 Conversations:
@rvs:
Since you now turned vaultmgr into a microservice I'm wondering if there's a way to get rid of initialization on line 237 in device-steps.sh to make vaultmgr self-contained.

@cshari-zededa:
a) Folding the initialisation done on line 237 into vaultmgr microservice is not trivial, and needs a thought process on its own(and probably need a EVE proposal as well), may I address this in a separate PR?

-- Hence this issue.

Merging of image yml files

This is a discussion issue to figure out how we handle multiple image yml files. As of this writing, and the recently merged #849, we have multiple rootfs image files:

A core rootfs.yml which contains all of the common information for images
A patch file per unique build, e.g. Xen or KVM or RPi

Actually, each is a .yml.in which then is merged and patched, but getting past .in files is a separate discussion.

The problem with using patch files in this use case is that they are brittle. They have very specific lines that you add/remove/change. This works well for source code, where lines have little inherent structure. yml (and json) are by definition structured and easy to patch. There even are RFC standards for json patch and json merge patch.

The kubernetes version of strategic merge patch is even easier, but depends on some annotations.

A JSON Patch to replace rootfs-acrn.yml.in would look something like:

Multiple image files for a single image

This is a discussion issue to figure out how we handle multiple image yml files. As of this writing, and the recently merged #849, we have multiple rootfs image files:

A core rootfs.yml which contains all of the common information for images
A patch file per unique build, e.g. Xen or KVM or RPi

Actually, each is a .yml.in which then is merged and patched, but getting past .in files is a separate discussion.

The kubernetes version of strategic merge patch is even easier, but is not an RFC, and depends on some annotations or other logic of how to handle lists.

A JSON Patch style, done as yml, to replace rootfs-acrn.yml.in would look something like:

- op: replace
  path: "/kernel/image"
  value: ACRN_KERNEL_TAG
- op: replace
  path: "/init/7"
  value: ACRN_TAG
- op: remove
  path: "/services/10"
- op: test
  path: "/init/7"
  value: XEN_TAG
- op: test
  path: "/services/10/image"
  value: XENTOOLS_TAG

A json merge patch wouldn't work, since a jsonmerge patch replaces an entire list.

Finally, we could look at the Kubernetes version of the strategic merge patch, which, if planned correctly, would let us do something like this:

kernel:
  image: ACRN_KERNEL_TAG   // change the /kernel/image value to ACRN_KERNEL_TAG
init:
  - ACRN_TAG    // add the primitive "ACRN_TAG" to the list "init"
services:
   - name: xen-tools
     $patch: delete  // delete the item whose name is "xen-tools"
$deleteFromPrimitiveList/init:
  - XEN_TAG   // delete "XEN_TAG" from the primitive list

This came from a discussion with @rvs

An alternate approach would be to get multiple files into linuxkit, just as we do with docker-compose. E.g.

linuxkit build rootfs.yml acrn.yml

We have discussed it in linuxkit, but never came to a conclusion. I would be willing to pursue it further.

Create a comprehensive security/trust documentation for EVE

Now that we have a lot of security/trust bits of functionality coming in it would be very useful to have a comprehensive security/trust documentation laying down some foundational principles.

Simplify injecting runtime config

We need a way to simplify changing runtime config when building. Specifically, we should be able to do make installer or make live and have it build with the following alternate runtime parameters:

Controller URL
Controller server certificate CA
Onboard certificate (less important)
Onboard serial (less important)

The simplest way might be (as discussed):

make live CONTROLLER=https://192.168.7.5:443/ SERVER_CERT=./cert-file.pem

When finished, it should indicate where the onboard cert is, and what its serial will be, if available.

cc @rvs

Achieve World Domination

We should probably start by getting to Stage 3 of LF Edge Project Status and then the sky is the limit!

Be able to report network flows from EVE and correlate with ACLs

We've added support in the API for this (https://github.com/lf-edge/eve/blob/master/api/proto/flowlog/flowlog.proto) and need to implement this.

The idea is to use conntrack to do this and extract it using netlink.
One of the challenges is to correlate the flows with the ACLs (and report than in aclNum in the flowlog API), for both flows which are accepted and rejected.

Enable flagging un-necessary "\n" at the end of log statements in Yetus

We do not need "\n" at the end of each log statement - This was from using an older logging package.

Re-enable yetus to flag these and gradually get rid of \n

Refactor running unit tests

Unit tests need to be put into a separate check in the circle pipeline and we also need to make sure make test target returns non-0 exit code if tests fail

[Dell 300x series] Add UsbInvocationScript.txt

Installer images on Dell Edge Gateway 3000 series targets must provide a special command file (UsbInvocationScript.txt) on the USB drive in order for the installer to run and the live system to boot. This BIOS will search for this file on a fat32 partition; when found, we need it to execute commands to 1) boot from USB and 2) disable Secure Boot. The following script works to accomplish this mission:

usb_disable_secure_boot noreset;
usb_one_time_boot usb nolog;

It is possible (though possibly undesirable) to simply include this file unconditionally on all images in the configuration partition, as other targets (and EVE) will simply ignore that file. If such unconditional inclusion seems reasonable, I can submit a PR to include that file; otherwise, I will need advice on how to modify the build system to include it only when building images for those targets.

Document Controller trusting EVE

Fill out relevant section(s) in the docs/SECURITY.md especially Initial on-boarding and Identity of EVE's instance

GO111MODULE needs to be set when building pillar

Description

When run in a docker container, we explicitly move out of the GOPATH to build. But when run locally, we run into build issues.

Steps to reproduce the issue:

go get github.com/lf-edge/eve
cd $GOPATH/src/github.com/lf-edge/eve
cd pkg/pillar
make zedbox

Describe the results you received:

Building dist/amd64/zedbox
go build -mod=vendor -ldflags -X=main.Version=-70860ff8-2019-05-22.09.52 -o dist/amd64/zedbox ./zedbox
build flag -mod=vendor only valid when using modules
make: *** [dist/amd64/zedbox] Error 1

Describe the results you expected:

It should build

Additional information you deem important (e.g. issue happens only occasionally):

Will open a PR to fix it.

Document EVE trusting side-channel configuration

Fill out relevant section(s) in the docs/SECURITY.md

Replace zedpac C

Description

The only reason we use CGO_ENABLED=1 in pillar is because of zedpac. That, in itself, is just a single function that makes other calls. We should replace this with native go code when possible.

@rvs responded:

Actually no -- its not a single function -- it is an entire implementation of the duktape JavaScript engine that we're embedding -- replacing it will be pretty difficult

We should evaluate what we are using JS for, and see if there is an easier way to do it. There may not be, and thus we may need to live with it.

If not, we should pull it out so that it and only it requires CGO_ENABLED, and it doesn't completely affect the build of pillar.

Improve documentation/integration of yetus

Description

Developers should be made aware of the yetus style integration tests, rather than discovering them when pushing their PRs.

Background

I filed my first PR with this project yesterday (#302), and the yetus test failed. In researching what I could have done differently, I found several minor shortcomings that prevented me from doing better; these are listed below, along with proposed solutions that may help developers in the future. In short, my failure might have been avoided with better documentation and integration.

Suggestions

CONTRIBUTING.md should document all integration tests that patches much pass. That document does reference the Developer Certificate of Origin (--signoff) requirement, so it seems logical to reference the yetus requirement too. This could be a simple paragraph indicating that developers should run make yetus prior to committing each set of changes.
I found the build-tools/src/yetus directory, but there is no documentation therein to explain how those tools have been integrated and are being used. A new README.md file might be useful to document the knowledge that accumulated in issues #183, #185, and #195. This document primarily should permit developers to improve/debug support for yetus.
The existing tooling does not appear to produce a report comparable to the output produced by the CricleCI integration on GitHub. Notably, I have only been able to produce a full report containing all of the issues in the tree, when I expect a differential report that contains only the issues introduced by the changes that I have made. This may be a failing on my part; assuming that it's my usage that is the problem, additional documentation should be provided to ensure that developers run the tools correctly and efficiently. Additionally, the integration should clearly show what is being tested and what the report covers.

Document purpose of /persist/config and /config directories

Start a new documentation under /doc documenting files that we put into /persist/config and /config and what is their purpose.

run pillar as a standalone container - tracking issue

This is a tracking issue for running pillar as a standalone container. This means, we should be able to do the following outside of a running EVE instance (virtual or physical):

docker run -v $PWD/persist:/var/persist lf-edge/pillar

or similar, and get a fully-running pillar instance.

The goal is to reduce the cycle time for development and debugging drastically, as well as simplify the development on-boarding process. Currently, to test anything material in pillar means building a rootfs/live image, and running it in qemu or on a real device. The time to build the image, launch it, register it with a controller, wait for it to sync, etc., is quite high, creating a very high cycle time. Further, the number of issues that can block it (minor errors in network configuration, app configuration, etc.) is too high.

This should be a tracking issue. No specific changes should be on this issue, other than discussions about how to achieve it.

Known issues and requirements:

config will attempt to update the network interfaces, which we do not want when running in a container
a typical container will have one network interface, while the typical EVE node has more than one, and we need to be able to test the interactions of nim
pillar at times needs to do reboots, which don't make sense in a container, but we need to be able to track it
mounting /persist and /config should be available, so we can update code without changing config, as well as easily read logs from outside the container
watchdog is very particular about processes it monitors so we will need to account for processes that don't make sense in a container (e.g. qemu-system-x86_64 for example) if we want to avoid watchdog initiated reboots (this coincidentally could be a great forcing function to pull watchdog out of the pillar into a separate container)

... add more issues here...

Quick cross build of pillar from amd64 to arm64 seems to be broken

Description

Quick cross build of pillar from amd64 to arm64 seems to be broken

Steps to reproduce the issue:

On amd64:

$ cd pkg/pillar
$ make GOARCH=arm64 build-docker

Sometime is desirable to simply cross-build pillar alone and then replace it inside of the image that is being build for deployment

[Dell 300x series] serial console support

Description

By default, EVE's GRUB boots the Linux kernel with console=tty0. On the Dell 300x series, the correct serial port is ttyS0, so this setting prevents users from seeing/interacting with the installer/system.

Steps to Reproduce

On a Dell Edge Gateway 3002, connect to the interior debug serial port and boot the installer or live system.

Actual Results

The BIOS messages and GRUB menu will appear. Upon booting into EVE, the last message will be error: no suitable video mode found

Expected Results

The kernel boot messages should appear on the serial port. Once booted, the EVE system prompt should be accessible for use.

Additional Information

One can work around this issue by editing the boot command to specify the correct console option. Press e at the GRUB menu and change $linux_console to console=ttyS0.

Add a section talking about high-level description of protecting Edge Containers on EVE

Fill out relevant section(s) in the docs/SECURITY.md

Add a number and direction to the acl part of the config API

We've added support in the API for this (https://github.com/lf-edge/eve/blob/master/api/proto/flowlog/flowlog.proto) and that includes an aclNum.
However, the config API does not include a number. We can have infer a number based on the sequence in the 'repeated ACE acls = 40;' in the config API, but it is better to add a number in the ACE definition.

In addition, the ACE can benefit from a direction ("from app instance" vs. "to app instance") for packets. That would enable having different rate limits for inbound and outbound packets.

Move pkg/pillar/docs into top docs directory.

It is hard to find the docs down in pkg/pillar if you don't know they are there.

Document end-to-end on-boarding workflows (including USB stick usage)

I think we should write up the end-to-end workflows which are relevant.
One is onboarding using a product key plus serial, with a need to gather software serial numbers. That one has a weak security binding, but I think there is a discussion to be had whether we can use the TPM at install time and get a stronger binding.

The other use case is more about gathering inventory than install time options.

So walking through the use cases makes sense to me and then gathering feedback.

In any case, we should make the information we gather be consistent.

Device Identity rooted at TPM

Moved to LF Edge/EVE Confluence space:
https://wiki.lfedge.org/display/EVE/Device+Identity+rooted+at+TPM

make run does not work on Ubuntu 16.04

Description

After building cleanly on Ubuntu 16.04 and attempt to make run fails with an error (qemu-system-x86_64: -nic: invalid option).

Steps to reproduce the issue:

make build-tools
make live
make run

Describe the results you received:

Creating go builder image for user peter
eve-build-peter docker container is ready to use
cd /build1/peter/EVE/eve/dist/amd64/bios ; _() { C=`docker create $1 fake` ; docker export $C | tar -xf - $2 ; docker rm $C ; } ; _ lfedge/eve-uefi:aef36d9c29fd16f9bae72a74d887568f0ef138f0-amd64 OVMF.fd
9d8e7a50bb12765847ff7b4799f6ac4bc6828d0f0e50a962cfe97983b3039f0c
qemu-system-x86_64 -smbios type=1,serial=31415926 -m 4096 -smp 4 -display none -serial mon:stdio -bios /build1/peter/EVE/eve/dist/amd64/bios/OVMF.fd -rtc base=utc,clock=rt -nic user,id=eth0,net=192.168.1.0/24,dhcpstart=192.168.1.10,hostfwd=tcp::2222-:22 -nic user,id=eth1,net=192.168.2.0/24,dhcpstart=192.168.2.10 -cpu SandyBridge -drive file=/build1/peter/EVE/eve/dist/amd64/live.img,format=qcow2
qemu-system-x86_64: -nic: invalid option
Makefile:152: recipe for target 'run' failed
make: *** [run] Error 1

Describe the results you expected:

Additional information you deem important (e.g. issue happens only occasionally):

qemu-system-x86_64 is at version 2.5.0

Tracking: enable EVE services to run as a series of containers not in a device

This is a tracking issue.

EVE currently runs as a series of services in containers - mostly a few and one big one called pillar - on a device.

We have two goals:

Extract all of the services from inside a device (real or virtual), so we can run them as a set of containers on any linux host. For example, use docker compose to run them all directly on a laptop or an AWS VM, not inside a physical device or qemu virtual device.
Enable each service to run standalone without any other services. For example, run downloader all by itself.

This is the tracking issue for the first. It is a place for design discussions as well as the checklist for what is needed. Each item on the checklist should have a PR link next to it.

create compose file
create run target in Makefile
update watchdog so it doesn't try to reboot when running in compose
more points here @rvs

Report DNS information for flows from EVE

We've added support in the API for this (https://github.com/lf-edge/eve/blob/master/api/proto/flowlog/flowlog.proto) and need to implement the DNS side of that.
See also #100

We should be able to get dnsmasq to dump this, or alternatively, scan the dnsmasq logs.
One thing we'd like is the timestamp from when the (initial) DNS query was made, since that helps with correlating a DNS lookup with a TCP/UDP flow reported in the flowlog API.

Info message sends blank `DevId`

When sending an /info message, the DevId property should contain the UUID of the device, but the message is a "".

cc @eriknordmark @rvs

make run pulls in ../adam/run if it exists, breaking things

Description

The Makefile here sets:

CONF_PART=$(CURDIR)/../adam/run/config

and then includes it here as:

QEMU_OPTS_CONF_PART=$(shell [ -d $(CONF_PART) ] && echo '-drive file=fat:rw:$(CONF_PART),format=raw')

This means that if someone has the adam repo in the right place, whatever they are using will show up rather suddenly. This sucks the default runtime config for adam as a standalone into a running eve.

This should just be removed

cc @rvs

Steps to Reproduce

Run adam in its usual place
Run eve
See that the config is loaded from there

Unable to cross-compile pillar for arm64

Description

Unable to cross-compile pillar for arm64

Steps to reproduce the issue:

cd pkg/pillar
make zedbox ARCH=arm64

Describe the results you received:

$ make zedbox ARCH=arm64
mkdir -p dist/arm64
Creating go builder image for user adeitcher
Building dist/arm64/zedbox
# runtime/cgo
gcc_arm64.S: Assembler messages:
gcc_arm64.S:27: Error: no such instruction: `stp x19,x20,[sp,'
gcc_arm64.S:28: Error: no such instruction: `stp x21,x22,[sp,'
gcc_arm64.S:29: Error: no such instruction: `stp x23,x24,[sp,'
gcc_arm64.S:30: Error: no such instruction: `stp x25,x26,[sp,'
gcc_arm64.S:31: Error: no such instruction: `stp x27,x28,[sp,'
gcc_arm64.S:32: Error: no such instruction: `stp x29,x30,[sp,'
gcc_arm64.S:33: Error: too many memory references for `mov'
gcc_arm64.S:35: Error: too many memory references for `mov'
gcc_arm64.S:36: Error: too many memory references for `mov'
gcc_arm64.S:37: Error: too many memory references for `mov'
gcc_arm64.S:39: Error: no such instruction: `blr x20'
gcc_arm64.S:40: Error: no such instruction: `blr x19'
gcc_arm64.S:42: Error: no such instruction: `ldp x29,x30,[sp],'
gcc_arm64.S:43: Error: no such instruction: `ldp x27,x28,[sp],'
gcc_arm64.S:44: Error: no such instruction: `ldp x25,x26,[sp],'
gcc_arm64.S:45: Error: no such instruction: `ldp x23,x24,[sp],'
gcc_arm64.S:46: Error: no such instruction: `ldp x21,x22,[sp],'
gcc_arm64.S:47: Error: no such instruction: `ldp x19,x20,[sp],'
make: *** [dist/arm64/zedbox] Error 2

Describe the results you expected:

It should build

api/API.md is outdated

Description

api/API.md is outdated. It has not been updated with the new api proto directory layout (organized based on the REST APIs). Some APIs are not documented.

Steps to reproduce the issue:

Describe the results you received:

Describe the results you expected:

Additional information you deem important (e.g. issue happens only occasionally):

BUILD.md two vs. three partitions

In BUILD.md we have
-* live.raw - a live bootable disk image, will be converted to qcow2. Has 2 gpt partitions:
and
-live.raw is a live bootable raw disk image with both a rootfs and a UEFI boot partition.

However, the live image also contains a FAT32 config partition.

Description

Steps to reproduce the issue:

Describe the results you received:

Describe the results you expected:

Additional information you deem important (e.g. issue happens only occasionally):

Building an installer image for ARM64 fails

Description

Trying to build for ARM as per documentation fails.
There is another issue open about ARM64 cross compilation, but it does not seem to be the same thing

Steps to reproduce the issue:

make ZARCH=arm64 installer

Describe the results you received:

Makefile:42: "WARNING: We are assembling a arm64 image on x86_64. Things may break."
Creating go builder image for user gorkag
eve-build-gorkag docker container is ready to use
Done building /home/gorkag/projects/eve/build-tools/bin/linuxkit
mkdir -p /home/gorkag/projects/eve/dist/arm64
./tools/makerootfs.sh images/rootfs.yml squash /home/gorkag/projects/eve/dist/arm64/rootfs.img
Extract kernel image: lfedge/eve-kernel:5303468200baef2e1747f2ded4ba3e0413400c79-arm64
Pull image: lfedge/eve-kernel:5303468200baef2e1747f2ded4ba3e0413400c79-arm64
FATA[0001] Failed to extract kernel image and tarball: Could not pull image lfedge/eve-kernel:5303468200baef2e1747f2ded4ba3e0413400c79-arm64: Error response from daemon: manifest for lfedge/eve-kernel:5303468200baef2e1747f2ded4ba3e0413400c79-arm64 not found
cat: boot/cmdline: No such file or directory
make: *** [Makefile:174: /home/gorkag/projects/eve/dist/arm64/rootfs.img] Error 1

Describe the results you expected:

No errors

Additional information you deem important (e.g. issue happens only occasionally):

Looked into docker hub and lfedge/eve-kernel:5303468200baef2e1747f2ded4ba3e0413400c79-arm64 does not seem to be present. In fact there does not seem to be any ARM64 containers there, only amd64

musl is an undocumented host requirement on Ubuntu 18.04.3 LTS

The "make live" step in the documentation will fail to execute linuxkit on Ubuntu 18.04.3 LTS.

If you attempt to execute it, bash will complain:

$ ./build-tools/bin/linuxkit
-bash: ./build-tools/bin/linuxkit: No such file or directory

Because it can't find the shared libraries:

$ ldd ./build-tools/bin/linuxkit
        linux-vdso.so.1 (0x00007fff1e98e000)
        libc.musl-x86_64.so.1 => not found

This can be resolved by installing the "musl" package.

sudo apt install musl

$ ./build-tools/bin/linuxkit
Please specify a command.

USAGE: linuxkit [options] COMMAND

Commands:
  build       Build an image from a YAML file
  metadata    Metadata utilities
  pkg         Package building
  push        Push a VM image to a cloud or image store
  run         Run a VM image on a local hypervisor or remote cloud
  serve       Run a local http server (for iPXE booting)
  version     Print version information
  help        Print this message

Run 'linuxkit COMMAND --help' for more information on the command

Options:
  -q    Quiet execution
  -v    Verbose execution

I suggest adding documentation listing musl as a necessary host requirement.

Problems with 'make yetus'

Description

Finished with errors.

Steps to Reproduce

Run 'make yetus'

Actual Results

Running yetus
build-tools/src/yetus/test-patch.sh
ERROR: yetus-dl: unable to fetch https://www.apache.org/dyn/closer.cgi?action=download&filename=yetus/0.11.0/apache-yetus-0.11.0-bin.tar.gz.asc
build-tools/src/yetus/test-patch.sh: line 56: /tmp/yetus/bin/test-patch: No such file or directory
Makefile:157: recipe for target 'yetus' failed
make: *** [yetus] Error 127
eve_make_yetus.002.log (END)

Expected Results

Running yetus
build-tools/src/yetus/test-patch.sh
/tmp/yetus-out has been created
Modes: Docker
....
============================================================================
============================================================================
                              Finished build.
============================================================================
============================================================================

Additional Information

The root of the problem is in the apache/yetus version, which fixed on pull request.

Securing Sensitive Information in Transit and at Rest

In Transit

It is imperative that sensitive information while getting exchanged between Cloud Controller and EVE is not in plain text but in encrypted form. For increased level of security, object level encryption should be used end to end instead of only relying on the TLS. (Note that there are no TLS level proxies; merely support for http proxies which can not see the payload).

Approach

Zedagent microservice is responsible fetching the configuration from Controller, periodically. Controller will encrypt configuration with device public key before sending it to zedagent. Zedagent will decrypt using device private key before processing the configuration. In future, a key refreshing mechanism can be brought in place. I.e. instead of using a fixed keypair, we can rotate the keypair on a periodic basis. This will be investigated in later phases.

At Rest

It is also imperative to store sensitive information on desk in encrypted format, instead of plain text. This is required in addition to disk/partition/directory level encryption, so that even in case of a hacker getting root access to the device, can access the file system, but the contents of the file can not be decoded without getting access to the decryption access. I.e.

File system level encryption ensures security in case the disk is physically stolen/compromised
Encrypting sensitive information before storing on the disk ensures that even if some hacker/malware gets root access on the device, the sensitive information stored in the file is not in plain text.

Approach:

Zedagent microservice is responsible for parsing the configuration from controller, and passing the configuration to other microservices using pubsub infrastructure. In the process, zedagent writes device config under /persist/config/checkpoint and /persist/config/GlobalConfig. While writing to these directories, sensitive information like VncPassword, S3 Storage credentials will be encrypted using public key of the device. Accordingly the readers/subscribers who are processing this config will also be modified to decrypt using device.key.pem(for devices without TPM) or with device key inside TPM.

Staging Plan for Implementation

Since this activity involves code changes in Controller as well as in EVE, the following transition plan is proposed:

First implement a POST api in controller for fetching device config. This is in addition to existing GET method
In the POST method, send device config after encrypting it using device’s public key
Change EVE code to do a POST instead of GET, and from reply to the POST message decrypt the device config sent from Controller using device’s private key
Devices running old code will still do a GET and Controller will reply to GET with device config in plain text - This is till all devices are upgraded to use POST instead of GET
Once all devices are upgraded to new method, stop processing GET in Controller

Provide serial numbers on RaspberryPi 4

On most x86 platforms EVE gets the serial number out of SMBIOS. On ARM64 (and more specifically RaspberryPi 4) the situation is more complex raspberrypi/linux#1670

We need to settle on a way of having a serial # for our RaspberryPi 4 builds. Options I see:

the ones described in the issue above
EVE's soft-serial

Personally, I'm more inclined to do a proper SMBIOS-like solution for ARM (and avoid soft-serial) -- but even then we still need to decide how we're passing that information into the kernel (see options above).

Lets have a bit of a discussion on this ISSUE.

starting eve with make live, multiple warnings,errors and eve breaks

I followed the Steps in the documentation to run eve with qemu but it didn’t work.
What happens is, that I got Multiple warnings, errors and eve breaks.
I’m not sure maybe I did something Wrong.
i'm just trying to get into that topic, i'm not sure whether it makes sense to
get more into the projects EVE leverages. if so please let me know.

Here are some descriptions, and I added the complete output of the shell under Additional Information

BUG REPORT INFORMATION

--> I followed the Steps in the documentation to run eve with qemu.

Description

--> when i run the Image in qemu with make live, I got Multiple warnings, errors and eve breaks at a point.

when running the image i got following warnings/errors:

1.) metadata is nearing expiry, you should re-sign the role metadata

-probably this is caused by linuxkit and according to this issue it seems not to be not real problem:
linuxkit/linuxkit#3447

2.) before eve starts qemu gives following warnings:

qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.x2apic [bit 21]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.tsc-deadline [bit 24]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.avx [bit 28]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.x2apic [bit 21]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.tsc-deadline [bit 24]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.avx [bit 28]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.x2apic [bit 21]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.tsc-deadline [bit 24]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.avx [bit 28]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.x2apic [bit 21]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.tsc-deadline [bit 24]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.avx [bit 28]

-I found some issue like this on the qemu repository:
https://stackoverflow.com/questions/46856994/qemu-debugging-warningtcg-doesnt-support-requested-feature-cpuid-01hecx
-i'm quite not sure, may I first try to solve it that way?

3.) more errors

BdsDxe: failed to load Boot0001 "UEFI QEMU DVD-ROM QM00003 " from PciRoot(0x0)/Pci(0x1,0x1)/Ata(Secondary,Master,0x0): Not Found
BdsDxe: loading Boot0002 "UEFI QEMU HARDDISK QM00001 " from PciRoot(0x0)/Pci(0x1,0x1)/Ata(Primary,Master,0x0)
BdsDxe: starting Boot0002 "UEFI QEMU HARDDISK QM00001 " from PciRoot(0x0)/Pci(0x1,0x1)/Ata(Primary,Master,0x0)

4.) Then grub boots:
Boot 0.0.0-0c946f94-2020-01-27.17.14-amd64
and after that there are more warnings and errors at the end, the shell shows:

ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: Exceeded 5 retries for get config
WARNING: 0 out of 2 ports specified to have EV controller connectivity passed test

and eve breaks.

Additional Information


here is the complete output of the shell in case it might help : 
root@hanscomputer:~/eve# make build-tools
Creating go builder image for user root
eve-build-root docker container is ready to use
Done building /home/hans/eve/build-tools/bin/linuxkit
root@hanscomputer:~/eve# make live
Creating go builder image for user root
eve-build-root docker container is ready to use
cd /home/hans/eve/dist/amd64/installer ; _() { C=`docker create $1 fake` ; shift ; docker export $C | tar -xf - "$@" ; docker rm $C ; } ; _ lfedge/eve-grub:6ba90a37e6f4d81a8a0c1d58f8eca99e72e19fdb-amd64 EFI
6cc5ff1e066f887c8a0698b59cfb929d232e4ca51bf3b66f7d4c0a6743a6deef
Done building /home/hans/eve/build-tools/bin/linuxkit
./tools/makerootfs.sh images/rootfs-xen.yml /home/hans/eve/dist/amd64/installer/rootfs.img squash
Extract kernel image: lfedge/eve-kernel:0b58e0f9261e72839110c9f7c611f099c1062d6e-amd64
Add init containers:
Process init image: linuxkit/init:v0.5-amd64
Process init image: linuxkit/runc:v0.5-amd64
WARN[0003] targets/riyaz metadata is nearing expiry, you should re-sign the role metadata 
Process init image: linuxkit/containerd:v0.5-amd64
WARN[0005] targets/riyaz metadata is nearing expiry, you should re-sign the role metadata 
Process init image: linuxkit/getty:v0.5-amd64
Process init image: linuxkit/memlogd:v0.5-amd64
Process init image: lfedge/eve-grub:6ba90a37e6f4d81a8a0c1d58f8eca99e72e19fdb-amd64
Process init image: lfedge/eve-fw:e07c45a98386767ec3926b813dc4b46a96a81541-amd64
Process init image: lfedge/eve-xen:93b863e105118a0be7cf7423daf6b8831f0009d9-amd64
Process init image: lfedge/eve-gpt-tools:19ef56f5014fab1978a6e98b047d4498eabf8295-amd64
Process init image: lfedge/eve-dom0-ztools:ed3012e1703d8370c20645e94f9b57cb1202fac9-amd64
Add onboot containers:
  Create OCI config for lfedge/eve-storage-init:3524db08db611b060d8c2ac0ca2b5b4826e0c960-amd64
  Create OCI config for linuxkit/sysctl:v0.5-amd64
  Create OCI config for lfedge/eve-rngd:6e16dad8553a6c2939854abfa9f34a5f2604bce7-amd64
  Create OCI config for linuxkit/modprobe:v0.5-amd64
  Create OCI config for lfedge/eve-rsyslog:69e67abf99c57ce1a29de648a2d10a6e8112df8c-amd64
Add service containers:
  Create OCI config for linuxkit/openntpd:v0.5-amd64
WARN[0013] targets/justin metadata is nearing expiry, you should re-sign the role metadata 
WARN[0013] targets/riyaz metadata is nearing expiry, you should re-sign the role metadata 
  Create OCI config for linuxkit/sshd:v0.5-amd64
WARN[0015] targets/justin metadata is nearing expiry, you should re-sign the role metadata 
WARN[0015] targets/riyaz metadata is nearing expiry, you should re-sign the role metadata 
  Create OCI config for lfedge/eve-wwan:2b98bc7569f167b1850dd9025a4b8c8489fee754-amd64
  Create OCI config for lfedge/eve-wlan:ac31bb78810451ef1333b3970f29bebc0a6c9c44-amd64
  Create OCI config for lfedge/eve-guacd:f1f08a0fcadd35320f5d03fe0f0a1a318e8449be-amd64
  Create OCI config for lfedge/eve-pillar:321f306031d3a842e20dea2cd07850b4f0a6af6f-amd64
  Create OCI config for lfedge/eve-vtpm:0c5eb587ec0228135e1eac7cb6888c40d86969aa-amd64
Add files:
  /etc/eve-release
  /containers/services/pillar/lower/opt/zededa/bin/versioninfo
Parallel mksquashfs: Using 8 processors
Creating 4.0 filesystem on /rootfs.img, block size 131072.
[===========================================================/] 19664/19664 100%

Exportable Squashfs 4.0 filesystem, gzip compressed, data block size 131072
	compressed data, compressed metadata, compressed fragments, compressed xattrs
	duplicates are removed
Filesystem size 231934.67 Kbytes (226.50 Mbytes)
	35.29% of uncompressed filesystem size (657275.22 Kbytes)
Inode table size 219785 bytes (214.63 Kbytes)
	25.40% of uncompressed inode table size (865416 bytes)
Directory table size 234396 bytes (228.90 Kbytes)
	45.52% of uncompressed directory table size (514907 bytes)
Number of duplicate files found 6247
Number of inodes 22460
Number of files 15656
Number of fragments 842
Number of symbolic links  4792
Number of device nodes 4
Number of fifo nodes 0
Number of socket nodes 0
Number of directories 2008
Number of ids (unique uids + gids) 3
Number of uids 1
	root (0)
Number of gids 3
	root (0)
	shadow (42)
	tty (5)
cd /home/hans/eve/dist/amd64/installer ; _() { C=`docker create $1 fake` ; shift ; docker export $C | tar -xf - "$@" ; docker rm $C ; } ; _ lfedge/eve-mkimage-raw-efi:cf09472dd937fb0c7e040f8d338b0ddfd285bfcd-amd64 initrd.img EFI
9a724bee74a658db7aa1476f140e378968042818bfa043011600a80a243301f7
./tools/makeconfig.sh conf /home/hans/eve/dist/amd64/installer/config.img
1024+0 records in
1024+0 records out
mkfs.fat 4.1 (2017-01-24)
/config.img has 64 heads and 32 sectors per track,
hidden sectors 0x0000;
logical sector size is 512,
using 0xf8 media descriptor, with 2048 sectors;
drive number 0x80;
filesystem has 2 12-bit FATs and 4 sectors per cluster.
FAT size is 2 sectors, and provides 502 clusters.
There is 1 reserved sector.
Root directory contains 512 slots and uses 32 sectors.
Volume ID is aa25d7fb, volume label EVE        .
./tools/makeflash.sh -C 8192 /home/hans/eve/dist/amd64/installer /home/hans/eve/dist/amd64/live.raw
1+0 Datensätze ein
1+0 Datensätze aus
1 Byte kopiert, 0,00022025 s, 4,5 kB/s
Unknown (or unrecongnizable) GTP partition table on /output.img
Creating new GPT entries in memory.
Setting name!
partNum is 0
Setting name!
partNum is 1
Setting name!
partNum is 2
Setting name!
partNum is 3
Setting name!
partNum is 8
No problems found. 2014 free sectors (1007.0 KiB) available in 1
segments, the largest of which is 2014 (1007.0 KiB) in size.
mkdir -p /home/hans/eve/dist/amd64
qemu-img convert -c -f raw -O qcow2 /home/hans/eve/dist/amd64/live.raw /home/hans/eve/dist/amd64/live.qcow2
rm /home/hans/eve/dist/amd64/live.raw
ln -s live.qcow2 /home/hans/eve/dist/amd64/live.img
root@hanscomputer:~/eve# make run
Creating go builder image for user root
eve-build-root docker container is ready to use
mkdir -p /home/hans/eve/dist/amd64
cd /home/hans/eve/dist/amd64 ; _() { C=`docker create $1 fake` ; shift ; docker export $C | tar -xf - "$@" ; docker rm $C ; } ; _ lfedge/eve-uefi:df662ad0d7a0d581a36efed16e7e15d5c0f536cc-amd64 OVMF.fd
d749935a66ce7b0569b72a347441c01ea4e543dd9f878bcfacd6aa1097f4efe6
qemu-system-x86_64 -smbios type=1,serial=31415926 -m 4096 -smp 4 -display none -serial mon:stdio -bios /home/hans/eve/dist/amd64/OVMF.fd -rtc base=utc,clock=rt -netdev user,id=eth0,"REDACTED", -device virtio-net-pci,netdev=eth0 -netdev user,id=eth1,"REDACTED", -device virtio-net-pci,netdev=eth1 -cpu SandyBridge   -drive file=/home/hans/eve/dist/amd64/live.img,format=qcow2
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.x2apic [bit 21]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.tsc-deadline [bit 24]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.avx [bit 28]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.x2apic [bit 21]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.tsc-deadline [bit 24]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.avx [bit 28]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.x2apic [bit 21]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.tsc-deadline [bit 24]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.avx [bit 28]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.x2apic [bit 21]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.tsc-deadline [bit 24]
qemu-system-x86_64: warning: TCG doesn't support requested feature: CPUID.01H:ECX.avx [bit 28]

�[=3h



BdsDxe: failed to load Boot0001 "UEFI QEMU DVD-ROM QM00003 " from PciRoot(0x0)/Pci(0x1,0x1)/Ata(Secondary,Master,0x0): Not Found
BdsDxe: loading Boot0002 "UEFI QEMU HARDDISK QM00001 " from PciRoot(0x0)/Pci(0x1,0x1)/Ata(Primary,Master,0x0)
BdsDxe: starting Boot0002 "UEFI QEMU HARDDISK QM00001 " from PciRoot(0x0)/Pci(0x1,0x1)/Ata(Primary,Master,0x0)
Welcome to GRUB!

/EndEntire
file path: /ACPI(a0341d0,0)/PCI(1,1)/ATAPI(0,0,0)
/HD(2,1800,96000,5dc35ee382b4b147,2,2)/File(\EFI\BOOT)/File(BOOTX64.EFI)
/EndEntire
Welcome to GRUB!



                             GNU GRUB  version 2.03

 ����������������������������������������������������������������������������Ŀ
 �*Boot 0.0.0-0c946f94-2020-01-27.17.14-amd64                                 � 
 � Set Boot Options                                                           �
 �                                                                            �
 �                                                                            �
 �                                                                            �
 �                                                                            �
 �                                                                            �
 �                                                                            �
 �                                                                            �
 �                                                                            �
 �                                                                            �
 �                                                                            �
 �                                                                            � 
 ������������������������������������������������������������������������������

      Use the ^ and v keys to select which entry is highlighted.          
      Press enter to boot the selected OS, `e' to edit the commands       
      before booting or `c' for a command-line.                           
   The highlighted entry will be executed automatically in 0s.                 



  Booting `Boot 0.0.0-0c946f94-2020-01-27.17.14-amd64'




�[=3h




 Xen 4.13.0
(XEN) Xen version 4.13.0 (@) (gcc (Alpine 6.4.0) 6.4.0) debug=n  Tue Jan 21 20:15:41 UTC 2020
(XEN) Latest ChangeSet: 
(XEN) Bootloader: GRUB 2.03
(XEN) Command line: console=com1 smt=false clocksource=pit dom0_mem=1024M,max:1024M dom0_max_vcpus=1 dom0_vcpus_pin
(XEN) Xen image load base address: 0xbde00000
(XEN) Video information:
(XEN)  VGA is graphics mode 2048x2048, 32 bpp
(XEN) Disc information:
(XEN)  Found 0 MBR signatures
(XEN)  Found 1 EDD information structures
(XEN) EFI RAM map:
(XEN)  0000000000000000 - 00000000000a0000 (usable)
(XEN)  0000000000100000 - 0000000000800000 (usable)
(XEN)  0000000000800000 - 0000000000808000 (ACPI NVS)
(XEN)  0000000000808000 - 0000000000810000 (usable)
(XEN)  0000000000810000 - 0000000000900000 (ACPI NVS)
(XEN)  0000000000900000 - 00000000bea4b000 (usable)
(XEN)  00000000bea4b000 - 00000000bea57000 (ACPI NVS)
(XEN)  00000000bea57000 - 00000000bea6f000 (reserved)
(XEN)  00000000bea6f000 - 00000000bea91000 (usable)
(XEN)  00000000bea91000 - 00000000beb1b000 (reserved)
(XEN)  00000000beb1b000 - 00000000bfb9b000 (usable)
(XEN)  00000000bfb9b000 - 00000000bfbf3000 (reserved)
(XEN)  00000000bfbf3000 - 00000000bfbfb000 (ACPI data)
(XEN)  00000000bfbfb000 - 00000000bfbff000 (ACPI NVS)
(XEN)  00000000bfbff000 - 00000000bfedc000 (usable)
(XEN)  00000000bfedc000 - 00000000bff60000 (reserved)
(XEN)  00000000bff60000 - 00000000c0000000 (ACPI NVS)
(XEN)  0000000100000000 - 0000000140000000 (usable)
(XEN) ACPI: RSDP BFBFA014, 0024 (r2 BOCHS )
(XEN) ACPI: XSDT BFBF90E8, 0044 (r1 BOCHS  BXPCFACP        1       1000013)
(XEN) ACPI: FACP BFBF6000, 0074 (r1 BOCHS  BXPCFACP        1 BXPC        1)
(XEN) ACPI: DSDT BFBF7000, 1516 (r1 BOCHS  BXPCDSDT        1 BXPC        1)
(XEN) ACPI: FACS BFBFD000, 0040
(XEN) ACPI: APIC BFBF5000, 0090 (r1 BOCHS  BXPCAPIC        1 BXPC        1)
(XEN) ACPI: HPET BFBF4000, 0038 (r1 BOCHS  BXPCHPET        1 BXPC        1)
(XEN) ACPI: BGRT BFBF3000, 0038 (r1 INTEL  EDK2            2       1000013)
(XEN) System RAM: 4092MB (4190664kB)
(XEN) Domain heap initialised
(XEN) IOAPIC[0]: apic_id 0, version 32, address 0xfec00000, GSI 0-23
(XEN) Enabling APIC mode:  Flat.  Using 1 I/O APICs
(XEN) xstate: size: 0x340 and states: 0x7
(XEN) Speculative mitigation facilities:
(XEN)   Hardware features:
(XEN)   Compiled-in support: SHADOW_PAGING
(XEN)   Xen settings: BTI-Thunk N/A, SPEC_CTRL: No, Other: BRANCH_HARDEN
(XEN)   L1TF: believed vulnerable, maxphysaddr L1D 46, CPUID 40, Safe address 10000000000
(XEN)   Support for HVM VMs: RSB EAGER_FPU
(XEN)   Support for PV VMs: RSB EAGER_FPU
(XEN)   XPTI (64-bit PV only): Dom0 enabled, DomU enabled (without PCID)
(XEN)   PV L1TF shadowing: Dom0 disabled, DomU enabled
(XEN) Using scheduler: SMP Credit Scheduler rev2 (credit2)
(XEN) Initializing Credit2 scheduler
(XEN) Platform timer is 1.193MHz PIT
(XEN) Detected 3716.119 MHz processor.
(XEN) I/O virtualisation disabled
(XEN) ENABLING IO-APIC IRQs
(XEN)  -> Using new ACK method
(XEN) TSC only partially writable
(XEN) Allocated console ring of 16 KiB.
(XEN) Brought up 4 CPUs
(XEN) mtrr: your CPUs had inconsistent fixed MTRR settings
(XEN) mtrr: your CPUs had inconsistent variable MTRR settings
(XEN) mtrr: your CPUs had inconsistent MTRRdefType settings
(XEN) xenoprof: Initialization failed. Intel processor family 6 model 42 is not supported
(XEN) Dom0 has maximum 216 PIRQs
(XEN)  Xen  kernel: 64-bit, lsb, compat32
(XEN)  Dom0 kernel: 64-bit, PAE, lsb, paddr 0x1000000 -> 0x2a2c000
(XEN) PHYSICAL MEMORY ARRANGEMENT:
(XEN)  Dom0 alloc.:   0000000134000000->0000000138000000 (245760 pages to be allocated)
(XEN) VIRTUAL MEMORY ARRANGEMENT:
(XEN)  Loaded kernel: ffffffff81000000->ffffffff82a2c000
(XEN)  Init. ramdisk: 0000000000000000->0000000000000000
(XEN)  Phys-Mach map: 0000008000000000->0000008000200000
(XEN)  Start info:    ffffffff82a2c000->ffffffff82a2c4b8
(XEN)  Xenstore ring: 0000000000000000->0000000000000000
(XEN)  Console ring:  0000000000000000->0000000000000000
(XEN)  Page tables:   ffffffff82a2d000->ffffffff82a46000
(XEN)  Boot stack:    ffffffff82a46000->ffffffff82a47000
(XEN)  TOTAL:         ffffffff80000000->ffffffff82c00000
(XEN)  ENTRY ADDRESS: ffffffff826ac180
(XEN) Dom0 has maximum 1 VCPUs
(XEN) Initial low memory virq threshold set at 0x4000 pages.
(XEN) Scrubbing Free RAM in background
(XEN) Std. Loglevel: Errors and warnings
(XEN) Guest Loglevel: Nothing (Rate-limited: Errors and warnings)
(XEN) *** Serial input to DOM0 (type 'CTRL-a' three times to switch input)
(XEN) Freed 540kB init memory
mapping kernel into physical memory
about to get started...
(XEN) cpuid_hypervisor_leaves - real id. domid 0
(XEN) cpuid_hypervisor_leaves - real id. domid 0
(XEN) cpuid_hypervisor_leaves - real id. domid 0
(XEN) cpuid_hypervisor_leaves - real id. domid 0
[    0.000000] Linux version 4.19.5-linuxkit (root@442633747c02) (gcc version 6.3.0 (Alpine 6.3.0)) #1 SMP Tue Jan 21 22:32:59 UTC 2020
[    0.000000] Command line: console=hvc0 root=PARTUUID=e35ec35d-b482-47b1-b3c7-ec93bcbbf471 clocksource=tsc clocksource_failover=xen rootdelay=3
[    0.000000] ------------[ cut here ]------------
[    0.000000] XSAVE consistency problem, dumping leaves
[    0.000000] WARNING: CPU: 0 PID: 0 at arch/x86/kernel/fpu/xstate.c:614 fpu__init_system_xstate+0x4bb/0x7a9
[    0.000000] Modules linked in:
[    0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 4.19.5-linuxkit #1
[    0.000000] RIP: e030:fpu__init_system_xstate+0x4bb/0x7a9
[    0.000000] Code: 85 5c fd ff ff 44 3b 25 52 9d 16 00 74 23 80 3d f0 4b c9 ff 00 75 15 48 c7 c7 ac 82 fe 81 c6 05 e0 4b c9 ff 01 e8 31 9d a2 fe <0f> 0b e8 6a 06 97 fe 48 8b 35 be c5 cb ff 44 89 ef 44 89 2d b4 9d
[    0.000000] RSP: e02b:ffffffff82203e18 EFLAGS: 00000082 ORIG_RAX: 0000000000000000
[    0.000000] RAX: 0000000000000000 RBX: 000000000000000a RCX: 0000000000000000
[    0.000000] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[    0.000000] RBP: ffffffff81000000 R08: 0000000000000029 R09: ffffffff82203da8
[    0.000000] R10: ffffffff82203e34 R11: ffffffff8283acac R12: 0000000000000240
[    0.000000] R13: 0000000000000340 R14: 0000000000000001 R15: 0000000000000000
[    0.000000] FS:  0000000000000000(0000) GS:ffffffff82688000(0000) knlGS:0000000000000000
[    0.000000] CS:  e033 DS: 0000 ES: 0000 CR0: 0000000080050033
[    0.000000] CR2: 0000000000000000 CR3: 000000000220c000 CR4: 0000000000040660
[    0.000000] Call Trace:
[    0.000000]  ? 0xffffffff81000000
[    0.000000]  ? fpu__init_system+0x214/0x274
[    0.000000]  ? early_init_intel+0x294/0x32c
[    0.000000]  ? 0xffffffff81000000
[    0.000000]  ? early_cpu_init+0x1f1/0x20d
[    0.000000]  ? setup_arch+0xc0/0x944
[    0.000000]  ? start_kernel+0x67/0x4be
[    0.000000]  ? iommu_shutdown_noop+0x6/0x6
[    0.000000]  ? xen_start_kernel+0x50d/0x519
[    0.000000] random: get_random_bytes called from init_oops_id+0x22/0x31 with crng_init=0
[    0.000000] ---[ end trace 0000000000000000 ]---
[    0.000000] CPUID[0d, 00]: eax=00000003 ebx=00000340 ecx=00000240 edx=00000000
[    0.000000] CPUID[0d, 01]: eax=00000001 ebx=00000000 ecx=00000000 edx=00000000
[    0.000000] CPUID[0d, 02]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[    0.000000] CPUID[0d, 03]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[    0.000000] CPUID[0d, 04]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[    0.000000] CPUID[0d, 05]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[    0.000000] CPUID[0d, 06]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[    0.000000] CPUID[0d, 07]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[    0.000000] CPUID[0d, 08]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[    0.000000] CPUID[0d, 09]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[    0.000000] CPUID[0d, 0a]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[    0.000000] CPUID[0d, 0b]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[    0.000000] CPUID[0d, 0c]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[    0.000000] CPUID[0d, 0d]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[    0.000000] CPUID[0d, 0e]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[    0.000000] CPUID[0d, 0f]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[    0.000000] CPUID[0d, 10]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[    0.000000] CPUID[0d, 11]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[    0.000000] CPUID[0d, 12]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[    0.000000] CPUID[0d, 13]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000
[    0.000000] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers'
[    0.000000] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers'
[    0.000000] x86/fpu: Enabled xstate features 0x3, context size is 832 bytes, using 'standard' format.
[    0.000000] Released 0 page(s)
[    0.000000] BIOS-provided physical RAM map:
[    0.000000] Xen: [mem 0x0000000000000000-0x000000000009ffff] usable
[    0.000000] Xen: [mem 0x00000000000a0000-0x00000000000fffff] reserved
[    0.000000] Xen: [mem 0x0000000000100000-0x00000000007fffff] usable
[    0.000000] Xen: [mem 0x0000000000800000-0x0000000000807fff] ACPI NVS
[    0.000000] Xen: [mem 0x0000000000808000-0x000000000080ffff] usable
[    0.000000] Xen: [mem 0x0000000000810000-0x00000000008fffff] ACPI NVS
[    0.000000] Xen: [mem 0x0000000000900000-0x0000000040157fff] usable
[    0.000000] Xen: [mem 0x0000000040158000-0x00000000bea4afff] unusable
[    0.000000] Xen: [mem 0x00000000bea4b000-0x00000000bea56fff] ACPI NVS
[    0.000000] Xen: [mem 0x00000000bea57000-0x00000000bea6efff] reserved
[    0.000000] Xen: [mem 0x00000000bea6f000-0x00000000bea90fff] unusable
[    0.000000] Xen: [mem 0x00000000bea91000-0x00000000beb1afff] reserved
[    0.000000] Xen: [mem 0x00000000beb1b000-0x00000000bfb9afff] unusable
[    0.000000] Xen: [mem 0x00000000bfb9b000-0x00000000bfbf2fff] reserved
[    0.000000] Xen: [mem 0x00000000bfbf3000-0x00000000bfbfafff] ACPI data
[    0.000000] Xen: [mem 0x00000000bfbfb000-0x00000000bfbfefff] ACPI NVS
[    0.000000] Xen: [mem 0x00000000bfbff000-0x00000000bfedbfff] unusable
[    0.000000] Xen: [mem 0x00000000bfedc000-0x00000000bff5ffff] reserved
[    0.000000] Xen: [mem 0x00000000bff60000-0x00000000bfffffff] ACPI NVS
[    0.000000] Xen: [mem 0x00000000fec00000-0x00000000fec00fff] reserved
[    0.000000] Xen: [mem 0x00000000fee00000-0x00000000feefffff] reserved
[    0.000000] Xen: [mem 0x0000000100000000-0x000000013fffffff] unusable
[    0.000000] NX (Execute Disable) protection: active
[    0.000000] efi: EFI v2.70 by EDK II
[    0.000000] efi:  SMBIOS=0xbfbcc000  ACPI=0xbfbfa000  ACPI 2.0=0xbfbfa014  MEMATTR=0xbef4b018 
[    0.000000] SMBIOS 2.8 present.
[    0.000000] DMI: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 0.0.0 02/06/2015
[    0.000000] Hypervisor detected: Xen PV
[    0.001510] tsc: Fast TSC calibration failed
[    0.001625] tsc: Detected 3693.084 MHz processor
[    0.002915] last_pfn = 0x40158 max_arch_pfn = 0x400000000
[    0.002959] Disabled
[    0.002993] x86/PAT: MTRRs disabled, skipping PAT initialization too.
[    0.003277] x86/PAT: Configuration [0-7]: WB  WT  UC- UC  WC  WP  UC  UC  
[    0.005471] Kernel/User page tables isolation: disabled on XEN PV.
[    6.183463] Secure boot disabled
[    6.184155] ACPI: Early table checksum verification disabled
[    6.184637] ACPI: RSDP 0x00000000BFBFA014 000024 (v02 BOCHS )
[    6.184964] ACPI: XSDT 0x00000000BFBF90E8 000044 (v01 BOCHS  BXPCFACP 00000001      01000013)
[    6.185789] ACPI: FACP 0x00000000BFBF6000 000074 (v01 BOCHS  BXPCFACP 00000001 BXPC 00000001)
[    6.186560] ACPI: DSDT 0x00000000BFBF7000 001516 (v01 BOCHS  BXPCDSDT 00000001 BXPC 00000001)
[    6.186874] ACPI: FACS 0x00000000BFBFD000 000040
[    6.187175] ACPI: APIC 0x00000000BFBF5000 000090 (v01 BOCHS  BXPCAPIC 00000001 BXPC 00000001)
[    6.187434] ACPI: HPET 0x00000000BFBF4000 000038 (v01 BOCHS  BXPCHPET 00000001 BXPC 00000001)
[    6.187689] ACPI: BGRT 0x00000000BFBF3000 000038 (v01 INTEL  EDK2     00000002      01000013)
[    6.188752] Setting APIC routing to Xen PV.
[    6.338609] Zone ranges:
[    6.338688]   DMA      [mem 0x0000000000001000-0x0000000000ffffff]
[    6.338733]   DMA32    [mem 0x0000000001000000-0x0000000040157fff]
[    6.338750]   Normal   empty
[    6.338773] Movable zone start for each node
[    6.338806] Early memory node ranges
[    6.338836]   node   0: [mem 0x0000000000001000-0x000000000009ffff]
[    6.338853]   node   0: [mem 0x0000000000100000-0x00000000007fffff]
[    6.338863]   node   0: [mem 0x0000000000808000-0x000000000080ffff]
[    6.338872]   node   0: [mem 0x0000000000900000-0x0000000040157fff]
[    6.341561] Reserved but unavailable: 32769 pages
[    6.341698] Initmem setup node 0 [mem 0x0000000000001000-0x0000000040157fff]
[    6.369531] p2m virtual area at (____ptrval____), size is 40000000
[    6.889006] Remapped 344 page(s)
[    6.891997] ACPI: PM-Timer IO Port: 0xb008
[    6.893058] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1])
[    6.893888] IOAPIC[0]: apic_id 0, version 32, address 0xfec00000, GSI 0-23
[    6.894117] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
[    6.894347] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level)
[    6.894385] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level)
[    6.894467] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level)
[    6.894481] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level)
[    6.894972] Using ACPI (MADT) for SMP configuration information
[    6.895104] ACPI: HPET id: 0x8086a201 base: 0xfed00000
[    6.895468] smpboot: Allowing 4 CPUs, 0 hotplug CPUs
[    6.896350] [mem 0xc0000000-0xfebfffff] available for PCI devices
[    6.896542] Booting paravirtualized kernel on Xen
[    6.896574] Xen version: 4.13.0 (preserve-AD)
[    6.896747] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns
[    7.620949] setup_percpu: NR_CPUS:128 nr_cpumask_bits:128 nr_cpu_ids:4 nr_node_ids:1
[    7.634320] percpu: Embedded 45 pages/cpu @(____ptrval____) s143640 r8192 d32488 u524288
[    7.637222] Built 1 zonelists, mobility grouping on.  Total pages: 258025
[    7.637272] Kernel command line: console=hvc0 root=PARTUUID=e35ec35d-b482-47b1-b3c7-ec93bcbbf471 clocksource=tsc clocksource_failover=xen rootdelay=3
[    7.641474] Dentry cache hash table entries: 131072 (order: 8, 1048576 bytes)
[    7.642931] Inode-cache hash table entries: 65536 (order: 7, 524288 bytes)
[    8.614134] software IO TLB: mapped [mem 0x3a600000-0x3e600000] (64MB)
[    8.668007] Memory: 930940K/1048572K available (12300K kernel code, 1595K rwdata, 3080K rodata, 1588K init, 1940K bss, 117632K reserved, 0K cma-reserved)
[    8.676138] ftrace: allocating 43677 entries in 171 pages
[    8.835025] rcu: Hierarchical RCU implementation.
[    8.835148] rcu:     RCU restricting CPUs from NR_CPUS=128 to nr_cpu_ids=1.
[    8.835235] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=1
[    8.853781] Using NULL legacy PIC
[    8.853825] NR_IRQS: 8448, nr_irqs: 256, preallocated irqs: 0
[    8.855208] xen:events: Using FIFO-based ABI
[    8.865190] Console: colour dummy device 80x25
[    8.868660] console [tty0] enabled
[    8.928127] console [hvc0] enabled
[    8.928981] ACPI: Core revision 20180810
[    8.932029] ACPI BIOS Warning (bug): Incorrect checksum in table [BGRT] - 0x1B, should be 0x9F (20180810/tbprint-177)
[    8.935442] clocksource: xen: mask: 0xffffffffffffffff max_cycles: 0x1cd42e4dffb, max_idle_ns: 881590591483 ns
[    8.936663] installing Xen timer for CPU 0
[    8.941781] clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0x6a77a09433c, max_idle_ns: 881590459255 ns
[    8.944209] Calibrating delay loop (skipped), value calculated using timer frequency.. 7386.16 BogoMIPS (lpj=36930840)
[    8.945047] pid_max: default: 32768 minimum: 301
[    8.948373] Security Framework initialized
[    8.948748] Yama: becoming mindful.
[    8.954745] Mount-cache hash table entries: 2048 (order: 2, 16384 bytes)
[    8.955203] Mountpoint-cache hash table entries: 2048 (order: 2, 16384 bytes)
[    8.969096] Last level iTLB entries: 4KB 0, 2MB 0, 4MB 0
[    8.969517] Last level dTLB entries: 4KB 0, 2MB 0, 4MB 0, 1GB 0
[    8.970074] Spectre V2 : Vulnerable: Minimal generic ASM retpoline
[    8.970567] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch
[    8.971219] Speculative Store Bypass: Vulnerable
[   10.158040] Freeing SMP alternatives memory: 24K
[   10.173625] VPMU disabled by hypervisor.
[   10.183016] Performance Events: unsupported p6 CPU model 42 no PMU driver, software events only.
[   10.186646] rcu: Hierarchical SRCU implementation.
[   10.192733] NMI watchdog: Perf NMI watchdog permanently disabled
[   10.197341] smp: Bringing up secondary CPUs ...
[   10.197818] smp: Brought up 1 node, 1 CPU
[   10.198129] smpboot: Max logical packages: 1
[   10.208041] devtmpfs: initialized
[   10.211196] x86/mm: Memory block size: 128MB
[   10.219503] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns
[   10.220424] futex hash table entries: 256 (order: 2, 16384 bytes)
[   10.223999] pinctrl core: initialized pinctrl subsystem
[   10.233980] NET: Registered protocol family 16
(XEN) cpuid_hypervisor_leaves - real id. domid 0
(XEN) cpuid_hypervisor_leaves - real id. domid 0
[   10.238657] xen:grant_table: Grant tables using version 1 layout
[   10.241901] Grant table initialized
[   10.245119] audit: initializing netlink subsys (disabled)
[   10.252924] audit: type=2000 audit(1580145540.582:1): state=initialized audit_enabled=0 res=1
[   10.258701] ACPI: bus type PCI registered
[   10.262989] PCI: Using configuration type 1 for base access
[   10.313919] cryptd: max_cpu_qlen set to 1000
[   10.319133] ACPI: Added _OSI(Module Device)
[   10.319484] ACPI: Added _OSI(Processor Device)
[   10.319807] ACPI: Added _OSI(3.0 _SCP Extensions)
[   10.320197] ACPI: Added _OSI(Processor Aggregator Device)
[   10.320716] ACPI: Added _OSI(Linux-Dell-Video)
[   10.321131] ACPI: Added _OSI(Linux-Lenovo-NV-HDMI-Audio)
[   10.337255] ACPI: 1 ACPI AML tables successfully acquired and loaded
[   10.357015] ACPI: Interpreter enabled
[   10.357764] ACPI: (supports S0 S5)
[   10.358135] ACPI: Using IOAPIC for interrupt routing
[   10.359005] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug
[   10.362642] ACPI: Enabled 2 GPEs in block 00 to 0F
[   10.423701] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-ff])
[   10.424566] acpi PNP0A03:00: _OSC: OS supports [ASPM ClockPM Segments MSI]
[   10.425266] acpi PNP0A03:00: _OSC failed (AE_NOT_FOUND); disabling ASPM
[   10.426056] acpi PNP0A03:00: fail to add MMCONFIG information, can't access extended PCI configuration space under this bridge.
[   10.429584] PCI host bridge to bus 0000:00
[   10.430200] pci_bus 0000:00: root bus resource [io  0x0000-0x0cf7 window]
[   10.430718] pci_bus 0000:00: root bus resource [io  0x0d00-0xffff window]
[   10.431231] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window]
[   10.431796] pci_bus 0000:00: root bus resource [mem 0xc0000000-0xfebfffff window]
[   10.432357] pci_bus 0000:00: root bus resource [mem 0x800000000-0x800007fff window]
[   10.432966] pci_bus 0000:00: root bus resource [bus 00-ff]
[   10.460900] pci 0000:00:01.1: legacy IDE quirk: reg 0x10: [io  0x01f0-0x01f7]
[   10.461420] pci 0000:00:01.1: legacy IDE quirk: reg 0x14: [io  0x03f6]
[   10.461849] pci 0000:00:01.1: legacy IDE quirk: reg 0x18: [io  0x0170-0x0177]
[   10.462308] pci 0000:00:01.1: legacy IDE quirk: reg 0x1c: [io  0x0376]
[   10.469591] pci 0000:00:01.3: quirk: [io  0xb000-0xb03f] claimed by PIIX4 ACPI
[   10.470282] pci 0000:00:01.3: quirk: [io  0xb100-0xb10f] claimed by PIIX4 SMB
[   10.486253] pci 0000:00:02.0: BAR 0: assigned to efifb
[   10.539514] ACPI: PCI Interrupt Link [LNKA] (IRQs 5 10 *11)
[   10.541779] ACPI: PCI Interrupt Link [LNKB] (IRQs 5 10 *11)
[   10.543499] ACPI: PCI Interrupt Link [LNKC] (IRQs 5 *10 11)
[   10.545143] ACPI: PCI Interrupt Link [LNKD] (IRQs 5 *10 11)
[   10.546370] ACPI: PCI Interrupt Link [LNKS] (IRQs *9)
[   10.549768] APIC: NR_CPUS/possible_cpus limit of 1 reached. Processor 1/0x1 ignored.
[   10.550456] ACPI: Unable to map lapic to logical cpu number
[   10.552602] APIC: NR_CPUS/possible_cpus limit of 1 reached. Processor 2/0x2 ignored.
[   10.552920] ACPI: Unable to map lapic to logical cpu number
[   10.555085] APIC: NR_CPUS/possible_cpus limit of 1 reached. Processor 3/0x3 ignored.
[   10.555613] ACPI: Unable to map lapic to logical cpu number
[   10.557508] xen:balloon: Initialising balloon driver
[   10.560717] SCSI subsystem initialized
[   10.563267] ACPI: bus type USB registered
[   10.564193] usbcore: registered new interface driver usbfs
[   10.564948] usbcore: registered new interface driver hub
[   10.566397] usbcore: registered new device driver usb
[   10.567504] pps_core: LinuxPPS API ver. 1 registered
[   10.567955] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti <[email protected]>
[   10.568786] PTP clock support registered
[   10.570551] Registered efivars operations
[   10.575061] PCI: Using ACPI for IRQ routing
[   10.583766] NetLabel: Initializing
[   10.584097] NetLabel:  domain hash size = 128
[   10.584456] NetLabel:  protocols = UNLABELED CIPSOv4 CALIPSO
[   10.586201] NetLabel:  unlabeled traffic allowed by default
[   10.591436] clocksource: Switched to clocksource tsc-early
[   10.798440] VFS: Disk quotas dquot_6.6.0
[   10.799032] VFS: Dquot-cache hash table entries: 512 (order 0, 4096 bytes)
[   10.801515] FS-Cache: Loaded
[   10.801846] hugetlbfs: disabling because there are no supported hugepage sizes
[   10.805321] CacheFiles: Loaded
[   10.806259] pnp: PnP ACPI init
[   10.812130] Already setup the GSI :4
[   10.815480] pnp: PnP ACPI: found 6 devices
[   11.124799] PM-Timer failed consistency check  (0xffffff) - aborting.
[   11.125365] pci 0000:00:02.0: can't claim BAR 6 [mem 0xffff0000-0xffffffff pref]: no compatible bridge window
[   11.126011] pci 0000:00:03.0: can't claim BAR 6 [mem 0xfff80000-0xffffffff pref]: no compatible bridge window
[   11.126621] pci 0000:00:04.0: can't claim BAR 6 [mem 0xfff80000-0xffffffff pref]: no compatible bridge window
[   11.128801] pci 0000:00:03.0: BAR 6: assigned [mem 0xc1000000-0xc107ffff pref]
[   11.129686] pci 0000:00:04.0: BAR 6: assigned [mem 0xc1100000-0xc117ffff pref]
[   11.130323] pci 0000:00:02.0: BAR 6: assigned [mem 0xc1090000-0xc109ffff pref]
[   11.132594] NET: Registered protocol family 2
[   11.138098] tcp_listen_portaddr_hash hash table entries: 512 (order: 1, 8192 bytes)
[   11.138824] TCP established hash table entries: 8192 (order: 4, 65536 bytes)
[   11.139418] TCP bind hash table entries: 8192 (order: 5, 131072 bytes)
[   11.139998] TCP: Hash tables configured (established 8192 bind 8192)
[   11.141956] UDP hash table entries: 512 (order: 2, 16384 bytes)
[   11.142513] UDP-Lite hash table entries: 512 (order: 2, 16384 bytes)
[   11.146203] NET: Registered protocol family 1
[   11.146987] pci 0000:00:01.0: PIIX3: Enabling Passive Release
[   11.147532] pci 0000:00:00.0: Limiting direct PCI/PCI transfers
[   11.148062] pci 0000:00:01.0: Activating ISA DMA hang workarounds
[   11.148999] pci 0000:00:02.0: Video device with shadowed ROM at [mem 0x000c0000-0x000dffff]
[   11.155114] RAPL PMU: API unit is 2^-32 Joules, 3 fixed counters, 10737418240 ms ovfl timer
[   11.155662] RAPL PMU: hw unit of domain pp0-core 2^-0 Joules
[   11.156048] RAPL PMU: hw unit of domain package 2^-0 Joules
[   11.156401] RAPL PMU: hw unit of domain pp1-gpu 2^-0 Joules
[   11.200407] AVX or AES-NI instructions are not detected.
[   11.201124] CPU feature 'AVX registers' is not supported.
[   11.201595] CPU feature 'AVX registers' is not supported.
[   11.202027] CPU feature 'AVX registers' is not supported.
[   11.202424] CPU feature 'AVX registers' is not supported.
[   11.203188] AVX2 or AES-NI instructions are not detected.
[   11.203560] AVX2 instructions are not detected.
[   11.209217] Initialise system trusted keyrings
[   11.211881] workingset: timestamp_bits=46 max_order=18 bucket_order=0
[   11.216861] squashfs: version 4.0 (2009/01/31) Phillip Lougher
[   11.221107] FS-Cache: Netfs 'cifs' registered for caching
[   11.222008] fuse init (API version 7.27)
[   11.224777] SGI XFS with ACLs, security attributes, no debug enabled
[   11.229821] 9p: Installing v9fs 9p2000 file system support
[   11.230350] FS-Cache: Netfs '9p' registered for caching
[   11.230837] pstore: using deflate compression
[   11.300668] NET: Registered protocol family 38
[   11.301276] Key type asymmetric registered
[   11.301612] Asymmetric key parser 'x509' registered
[   11.302176] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 248)
[   11.304498] io scheduler noop registered
[   11.304823] io scheduler deadline registered (default)
[   11.305477] io scheduler cfq registered
[   11.305794] io scheduler mq-deadline registered (default)
[   11.306150] io scheduler kyber registered
[   11.307897] shpchp: Standard Hot Plug PCI Controller Driver version: 0.4
[   11.308544] hv_vmbus: registering driver hyperv_fb
[   11.309270] efifb: probing for efifb
[   11.309687] efi: EFI_MEMMAP is not enabled.
[   11.440463] efifb: framebuffer at 0xc0000000, using 16384k, total 16384k
[   11.440997] efifb: mode is 2048x2048x32, linelength=8192, pages=1
[   11.441397] efifb: scrolling: redraw
[   11.441703] efifb: Truecolor: size=8:8:8:8, shift=24:16:8:0
[   11.493094] random: fast init done
[   11.501987] Console: switching to colour frame buffer device 256x128
[   11.553335] fb0: EFI VGA frame buffer device
[   11.555640] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input0
[   11.557968] ACPI: Power Button [PWRF]
[   11.826195] PCI Interrupt Link [LNKC] enabled at IRQ 10
[   12.099607] PCI Interrupt Link [LNKD] enabled at IRQ 11
[   12.107757] xen:xen_evtchn: Event-channel device installed
[   12.109666] xen_pciback: backend is vpci
[   12.119598] Serial: 8250/16550 driver, 4 ports, IRQ sharing disabled
[   12.130053] hpet_acpi_add: no address or irqs in _CRS
[   12.131543] Non-volatile memory driver v1.3
[   12.133576] Hangcheck: starting hangcheck timer 0.9.1 (tick is 180 seconds, margin is 60 seconds).
[   12.159696] loop: module loaded
[   12.200302] Invalid max_queues (4), will use default max: 1.
[   12.202408] VMware PVSCSI driver - version 1.0.7.0-k
[   12.203758] hv_vmbus: registering driver hv_storvsc
[   12.221081] scsi host0: ata_piix
[   12.223750] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x6a77a09433c, max_idle_ns: 881590459255 ns
[   12.225042] clocksource: Switched to clocksource tsc
[   12.227948] scsi host1: ata_piix
[   12.229088] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc040 irq 14
[   12.229835] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc048 irq 15
[   12.243462] tun: Universal TUN/TAP device driver, 1.6
[   12.265750] VMware vmxnet3 virtual NIC driver - version 1.4.16.0-k-NAPI
[   12.266725] xen_netfront: Initialising Xen virtual ethernet driver
[   12.267858] hv_vmbus: registering driver hv_netvsc
[   12.268413] Fusion MPT base driver 3.04.20
[   12.268854] Copyright (c) 1999-2008 LSI Corporation
[   12.269553] Fusion MPT SPI Host driver 3.04.20
[   12.270637] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[   12.271429] ehci-pci: EHCI PCI platform driver
[   12.272200] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver
[   12.273731] ohci-pci: OHCI PCI platform driver
[   12.274494] uhci_hcd: USB Universal Host Controller Interface driver
[   12.275859] usbcore: registered new interface driver usb-storage
[   12.277383] i8042: PNP: PS/2 Controller [PNP0303:KBD,PNP0f13:MOU] at 0x60,0x64 irq 1,12
[   12.286779] serio: i8042 KBD port at 0x60,0x64 irq 1
[   12.287602] serio: i8042 AUX port at 0x60,0x64 irq 12
[   12.290245] hv_vmbus: registering driver hyperv_keyboard
[   12.292509] mousedev: PS/2 mouse device common for all mice
[   12.299557] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input1
[   12.302407] input: PC Speaker as /devices/platform/pcspkr/input/input2
[   12.306641] rtc_cmos 00:00: RTC can wake from S4
[   12.315598] rtc_cmos 00:00: registered as rtc0
[   12.316901] rtc_cmos 00:00: alarms up to one day, y3k, 114 bytes nvram
[   12.317943] i2c /dev entries driver
[   12.320342] device-mapper: ioctl: 4.39.0-ioctl (2018-04-03) initialised: [email protected]
[   12.324092] sdhci: Secure Digital Host Controller Interface driver
[   12.324790] sdhci: Copyright(c) Pierre Ossman
[   12.325714] sdhci-pltfm: SDHCI platform and OF driver helper
[   12.327670] EFI Variables Facility v0.08 2004-May-17
[   12.340085] pstore: Registered efi as persistent store backend
[   12.341809] usbcore: registered new interface driver usbhid
[   12.342438] usbhid: USB HID core driver
[   12.343954] hv_utils: Registering HyperV Utility Driver
[   12.344465] hv_vmbus: registering driver hv_util
[   12.344959] hv_vmbus: registering driver hv_balloon
[   12.346297] oprofile: using NMI timer interrupt.
[   12.347854] GACT probability on
[   12.348456] Mirror/redirect action on
[   12.349178] Simple TC action Loaded
[   12.349795] u32 classifier
[   12.350179]     Performance counters on
[   12.350589]     input device check on
[   12.351100]     Actions configured
[   12.358994] xt_time: kernel timezone is -0000
[   12.360054] IPVS: Registered protocols (TCP, UDP, SCTP, AH, ESP)
[   12.361197] IPVS: Connection hash table configured (size=4096, memory=64Kbytes)
[   12.368012] IPVS: ipvs loaded.
[   12.368548] IPVS: [rr] scheduler registered.
[   12.369061] IPVS: [wrr] scheduler registered.
[   12.369573] IPVS: [lc] scheduler registered.
[   12.370035] IPVS: [wlc] scheduler registered.
[   12.370444] IPVS: [fo] scheduler registered.
[   12.370861] IPVS: [ovf] scheduler registered.
[   12.371468] IPVS: [lblc] scheduler registered.
[   12.371971] IPVS: [lblcr] scheduler registered.
[   12.372404] IPVS: [dh] scheduler registered.
[   12.373414] IPVS: [sh] scheduler registered.
[   12.373983] IPVS: [sed] scheduler registered.
[   12.374478] IPVS: [nq] scheduler registered.
[   12.375283] IPVS: ftp: loaded support on port[0] = 21
[   12.376165] ipip: IPv4 and MPLS over IPv4 tunneling driver
[   12.379251] gre: GRE over IPv4 demultiplexor driver
[   12.385207] ipt_CLUSTERIP: ClusterIP Version 0.8 loaded successfully
[   12.386895] Initializing XFRM netlink socket
[   12.388396] NET: Registered protocol family 10
[   12.397661] Segment Routing with IPv6
[   12.418010] ata1.00: ATA-7: QEMU HARDDISK, 2.5+, max UDMA/100
[   12.418679] ata1.00: 16777216 sectors, multi 16: LBA48 
[   12.424970] ata2.00: ATAPI: QEMU DVD-ROM, 2.5+, max UDMA/100
[   12.442131] NET: Registered protocol family 17
[   12.447118] scsi 0:0:0:0: Direct-Access     ATA      QEMU HARDDISK    2.5+ PQ: 0 ANSI: 5
[   12.448855] NET: Registered protocol family 15
[   12.449795] Bridge firewalling registered
[   12.457214] sd 0:0:0:0: Attached scsi generic sg0 type 0
[   12.458543] 8021q: 802.1Q VLAN Support v1.8
[   12.459684] 9pnet: Installing 9P2000 support
[   12.460221] Initialising Xen transport for 9pfs
[   12.461139] Key type dns_resolver registered
[   12.466368] sd 0:0:0:0: [sda] 16777216 512-byte logical blocks: (8.59 GB/8.00 GiB)
[   12.473698] scsi 1:0:0:0: CD-ROM            QEMU     QEMU DVD-ROM     2.5+ PQ: 0 ANSI: 5
[   12.477185] sd 0:0:0:0: [sda] Write Protect is off
[   12.491738] SSE version of gcm_enc/dec engaged.
[   12.507032] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[   12.558600] sr 1:0:0:0: [sr0] scsi3-mmc drive: 4x/4x cd/rw xa/form2 tray
[   12.570131] cdrom: Uniform CD-ROM driver Revision: 3.20
[   12.608040]  sda: sda1 sda2 sda3 sda4 sda9
[   12.627150] sr 1:0:0:0: Attached scsi generic sg1 type 5
[   12.650128] sched_clock: Marking stable (12560670370, 82295912)->(12706583251, -63616969)
[   12.686769] sd 0:0:0:0: [sda] Attached SCSI disk
[   12.705696] registered taskstats version 1
[   12.720345] Loading compiled-in X.509 certificates
[   12.746230] Key type big_key registered
[   12.765637] Key type encrypted registered
[   12.784581] rtc_cmos 00:00: setting system clock to 2020-01-27 17:19:03 UTC (1580145543)
[   12.801565] Waiting 3 sec before mounting root device...
[   15.946469] VFS: Mounted root (squashfs filesystem) readonly on device 8:2.
[   16.091928] Freeing unused kernel image memory: 1588K
[   16.113841] Write protecting the kernel read-only data: 18432k
[   16.483566] Freeing unused kernel image memory: 2020K
[   16.512671] Freeing unused kernel image memory: 1016K
[   16.524484] Run /sbin/init as init process
................   ..............   ................
 ................   ............   ................ 
              ....    .........   ....              
    ................   .......   ................   
     ................   .....   ................    
                    ...   .   ....                  
        ................     ................       
          ...............   ................        

              Edge Virtualization Engine

................   ..............   ................
 ................   ............   ................ 
              ....    .........   ....              
    ................   .......   ................   
     ................   .....   ................    
                    ...   .   ....                  
        ................     ................       
          ...............   ................        

              Edge Virtualization Engine
linuxkit-525400123456 login: root (automatic login)

EVE is Edge Virtualization Engine

Take a look around and don't forget to use eve(1).
login[263]: root login on 'hvc0'
linuxkit-525400123456:~# [   29.808119] random: crng init done
[   31.109330] FAT-fs (sda4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   33.997888] EXT4-fs (sda9): mounted filesystem with ordered data mode. Opts: (null)
2020-01-27T17:19:21Z,onboot.000-storage-init.out;fsck.fat 4.1 (2017-01-24)
2020-01-27T17:19:21Z,onboot.000-storage-init.out;/dev/sda4: 9 files, 10/502 clusters
2020-01-27T17:19:22Z,onboot.000-storage-init.out;2020-01-27T17:19:22,475306960+00:00 Using /dev/sda9 (formatted with ), for /var/persist
2020-01-27T17:19:22Z,onboot.000-storage-init.out;ext2fs_open2: Bad magic number in super-block
2020-01-27T17:19:22Z,onboot.000-storage-init.out;fsck.ext4: Superblock invalid, trying backup blocks...
2020-01-27T17:19:22Z,onboot.000-storage-init.out;
2020-01-27T17:19:22Z,onboot.000-storage-init.out;The superblock could not be read or does not describe a valid ext2/ext3/ext4
2020-01-27T17:19:22Z,onboot.000-storage-init.out;filesystem.  If the device is valid and it really contains an ext2/ext3/ext4
2020-01-27T17:19:22Z,onboot.000-storage-init.out;filesystem (and not swap or ufs or something else), then the superblock
2020-01-27T17:19:22Z,onboot.000-storage-init.out;is corrupt, and you might try running e2fsck with an alternate superblock:
2020-01-27T17:19:22Z,onboot.000-storage-init.out;    e2fsck -b 8193 <device>
2020-01-27T17:19:22Z,onboot.000-storage-init.out; or
2020-01-27T17:19:22Z,onboot.000-storage-init.out;    e2fsck -b 32768 <device>
2020-01-27T17:19:22Z,onboot.000-storage-init.out;
2020-01-27T17:19:22Z,onboot.000-storage-init.out;2020-01-27T17:19:22,874817344+00:00 mkfs.ext4 on /dev/sda9 for /var/persist
2020-01-27T17:19:23Z,onboot.000-storage-init.out;fs_types for mke2fs.conf resolution: 'ext4'
2020-01-27T17:19:23Z,onboot.000-storage-init.out;Discarding device blocks: done                            
2020-01-27T17:19:23Z,onboot.000-storage-init.out;Filesystem label=
2020-01-27T17:19:23Z,onboot.000-storage-init.out;OS type: Linux
2020-01-27T17:19:23Z,onboot.000-storage-init.out;Block size=4096 (log=2)
2020-01-27T17:19:23Z,onboot.000-storage-init.out;Fragment size=4096 (log=2)
2020-01-27T17:19:23Z,onboot.000-storage-init.out;Stride=0 blocks, Stripe width=0 blocks
2020-01-27T17:19:23Z,onboot.000-storage-init.out;485760 inodes, 1942523 blocks
2020-01-27T17:19:23Z,onboot.000-storage-init.out;97126 blocks (5.00%) reserved for the super user
2020-01-27T17:19:23Z,onboot.000-storage-init.out;First data block=0
2020-01-27T17:19:23Z,onboot.000-storage-init.out;Maximum filesystem blocks=1990197248
2020-01-27T17:19:23Z,onboot.000-storage-init.out;60 block groups
2020-01-27T17:19:23Z,onboot.000-storage-init.out;32768 blocks per group, 32768 fragments per group
2020-01-27T17:19:23Z,onboot.000-storage-init.out;8096 inodes per group
2020-01-27T17:19:23Z,onboot.000-storage-init.out;Filesystem UUID: ecc1da37-13cc-48d3-81c2-81d879a49fea
2020-01-27T17:19:23Z,onboot.000-storage-init.out;Superblock backups stored on blocks: 
2020-01-27T17:19:23Z,onboot.000-storage-init.out;       32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632
2020-01-27T17:19:23Z,onboot.000-storage-init.out;
2020-01-27T17:19:23Z,onboot.000-storage-init.out;Allocating group tables: done                            
2020-01-27T17:19:23Z,onboot.000-storage-init.out;Writing inode tables: done                            
2020-01-27T17:19:23Z,onboot.000-storage-init.out;Creating journal (16384 blocks): done
2020-01-27T17:19:24Z,onboot.000-storage-init.out;Writing superblocks and filesystem accounting information: done 
2020-01-27T17:19:24Z,onboot.000-storage-init.out;
2020-01-27T17:19:24Z,onboot.000-storage-init.out;2020-01-27T17:19:24,393445693+00:00 mkfs.ext4 /dev/sda9 successful
2020-01-27T17:19:24Z,onboot.000-storage-init.out;tune2fs 1.45.2 (27-May-2019)
2020-01-27T17:19:22Z,onboot.000-storage-init.err;e2fsck 1.45.2 (27-May-2019)
2020-01-27T17:19:22Z,onboot.000-storage-init.err;fsck.ext4: Bad magic number in super-block while trying to open /dev/sda9
2020-01-27T17:19:22Z,onboot.000-storage-init.err;mke2fs 1.45.2 (27-May-2019)
[   44.198146] IPVS: ftp: loaded support on port[0] = 21
2020-01-27T17:19:36Z,onboot.002-rngd.err;2020/01/27 17:19:36 No random source available
2020-01-27T17:19:39Z,onboot.003-modprobe.err;modprobe: can't load module nct6775 (kernel/drivers/hwmon/nct6775.ko): No such device
2020-01-27T17:19:39Z,onboot.003-modprobe.err;modprobe: can't load module w83627hf_wdt (kernel/drivers/watchdog/w83627hf_wdt.ko): No such device
2020-01-27T17:19:39Z,onboot.003-modprobe.err;modprobe: module wlcore_sdio not found in modules.dep
2020-01-27T17:19:39Z,onboot.003-modprobe.err;modprobe: module wl18xx not found in modules.dep
2020-01-27T17:19:39Z,onboot.003-modprobe.err;modprobe: module br_netfilter not found in modules.dep
INFO[0004] starting containerd                           revision=d64c661f1d51c48782c9cec8fda7604785f93587 version=v1.1.1
INFO[0004] loading plugin "io.containerd.content.v1.content"...  type=io.containerd.content.v1
INFO[0004] loading plugin "io.containerd.snapshotter.v1.btrfs"...  type=io.containerd.snapshotter.v1
WARN[0004] failed to load plugin io.containerd.snapshotter.v1.btrfs  error="path /var/lib/containerd/io.containerd.snapshotter.v1.btrfs must be a btrfs filesystem to be used with the btrfs snapshotter"
INFO[0004] loading plugin "io.containerd.snapshotter.v1.aufs"...  type=io.containerd.snapshotter.v1
WARN[0004] failed to load plugin io.containerd.snapshotter.v1.aufs  error="modprobe aufs failed: "modprobe: module aufs not found in modules.dep\n": exit status 1"
INFO[0005] loading plugin "io.containerd.snapshotter.v1.native"...  type=io.containerd.snapshotter.v1
INFO[0005] loading plugin "io.containerd.snapshotter.v1.overlayfs"...  type=io.containerd.snapshotter.v1
INFO[0005] loading plugin "io.containerd.snapshotter.v1.zfs"...  type=io.containerd.snapshotter.v1
WARN[0005] failed to load plugin io.containerd.snapshotter.v1.zfs  error="path /var/lib/containerd/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter"
INFO[0005] loading plugin "io.containerd.metadata.v1.bolt"...  type=io.containerd.metadata.v1
WARN[0005] could not use snapshotter zfs in metadata plugin  error="path /var/lib/containerd/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter"
WARN[0005] could not use snapshotter btrfs in metadata plugin  error="path /var/lib/containerd/io.containerd.snapshotter.v1.btrfs must be a btrfs filesystem to be used with the btrfs snapshotter"
WARN[0005] could not use snapshotter aufs in metadata plugin  error="modprobe aufs failed: "modprobe: module aufs not found in modules.dep\n": exit status 1"
INFO[0005] loading plugin "io.containerd.differ.v1.walking"...  type=io.containerd.differ.v1
INFO[0005] loading plugin "io.containerd.gc.v1.scheduler"...  type=io.containerd.gc.v1
INFO[0005] loading plugin "io.containerd.service.v1.containers-service"...  type=io.containerd.service.v1
INFO[0005] loading plugin "io.containerd.service.v1.content-service"...  type=io.containerd.service.v1
INFO[0005] loading plugin "io.containerd.service.v1.diff-service"...  type=io.containerd.service.v1
INFO[0005] loading plugin "io.containerd.service.v1.images-service"...  type=io.containerd.service.v1
INFO[0005] loading plugin "io.containerd.service.v1.leases-service"...  type=io.containerd.service.v1
INFO[0005] loading plugin "io.containerd.service.v1.namespaces-service"...  type=io.containerd.service.v1
INFO[0005] loading plugin "io.containerd.service.v1.snapshots-service"...  type=io.containerd.service.v1
INFO[0005] loading plugin "io.containerd.monitor.v1.cgroups"...  type=io.containerd.monitor.v1
INFO[0005] loading plugin "io.containerd.runtime.v1.linux"...  type=io.containerd.runtime.v1
INFO[0005] loading plugin "io.containerd.service.v1.tasks-service"...  type=io.containerd.service.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.containers"...  type=io.containerd.grpc.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.content"...  type=io.containerd.grpc.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.diff"...  type=io.containerd.grpc.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.events"...  type=io.containerd.grpc.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.healthcheck"...  type=io.containerd.grpc.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.images"...  type=io.containerd.grpc.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.leases"...  type=io.containerd.grpc.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.namespaces"...  type=io.containerd.grpc.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.snapshots"...  type=io.containerd.grpc.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.tasks"...  type=io.containerd.grpc.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.version"...  type=io.containerd.grpc.v1
INFO[0005] loading plugin "io.containerd.grpc.v1.introspection"...  type=io.containerd.grpc.v1
INFO[0006] serving...                                    address="/run/containerd/debug.sock"
INFO[0006] serving...                                    address="/run/containerd/containerd.sock"
INFO[0006] containerd successfully booted in 1.727565s  
INFO[0009] shim containerd-shim started                  address="/containerd-shim/services.linuxkit/guacd/shim.sock" debug=false pid=623
INFO[0027] shim containerd-shim started                  address="/containerd-shim/services.linuxkit/ntpd/shim.sock" debug=false pid=664
INFO[0043] shim containerd-shim started                  address="/containerd-shim/services.linuxkit/pillar/shim.sock" debug=false pid=707
INFO[0054] shim containerd-shim started                  address="/containerd-shim/services.linuxkit/sshd/shim.sock" debug=false pid=758
INFO[0068] shim containerd-shim started                  address="/containerd-shim/services.linuxkit/vtpm/shim.sock" debug=false pid=847
INFO[0082] shim containerd-shim started                  address="/containerd-shim/services.linuxkit/wlan/shim.sock" debug=false pid=940
INFO[0091] shim containerd-shim started                  address="/containerd-shim/services.linuxkit/wwan/shim.sock" debug=false pid=1044
[  210.288551] usbcore: registered new interface driver qcserial
[  210.427642] usbserial: USB Serial support registered for Qualcomm USB modem
[  210.794798] usbcore: registered new interface driver cdc_wdm
[  211.040261] usbcore: registered new interface driver qmi_wwan
WARNING: no device cert; using onboarding cert at 2020-01-27T17:23:16.511788955Z

INFO: updated diag information at 2020-01-27T17:23:18.401712569Z
ERROR: Summary: Waiting for DHCP IP address(es)
INFO: Have 0 total ports. 0 ports should be connected to EV controller
ERROR: No ports specified to have EV controller connectivity

INFO: updated diag information at 2020-01-27T17:23:24.776025304Z
ERROR: Summary: Waiting for DHCP IP address(es)
WARNING: Have no currently working DevicePortConfig
INFO: Have 0 total ports. 0 ports should be connected to EV controller
ERROR: No ports specified to have EV controller connectivity
[  277.244785] cfg80211: Loading compiled-in X.509 certificates for regulatory database
[  278.183820] cfg80211: Loaded X.509 cert 'sforshee: 00b28ddf47aef9cea7'
[  278.205974] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  278.217270] cfg80211: failed to load regulatory.db
[  285.576500] 8021q: adding VLAN 0 to HW filter on device eth0
[  294.319460] 8021q: adding VLAN 0 to HW filter on device eth1

INFO: updated diag information at 2020-01-27T17:24:09.12067872Z
ERROR: Summary: Trying to connect to EV Controller
WARNING: Have no currently working DevicePortConfig
WARNING: The configuration below is under test hence might report failures
INFO: Have 2 total ports. 2 ports should be connected to EV controller
INFO: Port eth0: for EV Controller without usage-based charging
INFO: eth0: IP address "REDACTED" geolocated to {"REDACTED"}
INFO: eth0: IP address"REDACTED" not geolocated
INFO: eth0: DNS servers:"REDACTED", 
INFO: eth0: no http(s) proxy
INFO: eth0: DNS lookup of zedcloud.alpha.zededa.net returned 54.245.43.31
INFO: eth0: zedcloud.alpha.zededa.net/api/v1/edgedevice/ping StatusOK
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: Exceeded 5 retries for get config
INFO: Port eth1: for EV Controller without usage-based charging
INFO: eth1: IP address "REDACTED" not geolocated
INFO: eth1: DNS servers: "REDACTED", 
INFO: eth1: no http(s) proxy
INFO: eth1: DNS lookup of zedcloud.alpha.zededa.net returned 54.245.43.31
INFO: eth1: zedcloud.alpha.zededa.net/api/v1/edgedevice/ping StatusOK
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: Exceeded 5 retries for get config
WARNING: 0 out of 2 ports specified to have EV controller connectivity passed test
WARNING: Switching from onboard to device cert

INFO: updated diag information at 2020-01-27T17:25:57.138791839Z
ERROR: Summary: Trying to connect to EV Controller
WARNING: Have no currently working DevicePortConfig
INFO: Have 2 total ports. 2 ports should be connected to EV controller
INFO: Port eth0: for EV Controller without usage-based charging
INFO: eth0: IP address "REDACTED" geolocated to {"REDACTED"}
INFO: eth0: IP address "REDACTED" not geolocated
INFO: eth0: DNS servers: "REDACTED", 
INFO: eth0: no http(s) proxy
INFO: eth0: DNS lookup of zedcloud.alpha.zededa.net returned "REDACTED"
INFO: eth0: zedcloud.alpha.zededa.net/api/v1/edgedevice/ping StatusOK
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: Exceeded 5 retries for get config
INFO: Port eth1: for EV Controller without usage-based charging
INFO: eth1: IP address "REDACTED" geolocated to {"REDACTED"}
INFO: eth1: IP address "REDACTED" not geolocated
INFO: eth1: DNS servers: "REDACTED", 
INFO: eth1: no http(s) proxy
INFO: eth1: DNS lookup of zedcloud.alpha.zededa.net returned "REDACTED"
INFO: eth1: zedcloud.alpha.zededa.net/api/v1/edgedevice/ping StatusOK
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: Exceeded 5 retries for get config
WARNING: 0 out of 2 ports specified to have EV controller connectivity passed test

INFO: updated diag information at 2020-01-27T17:27:41.806305932Z
ERROR: Summary: Trying to connect to EV Controller
INFO: Using highest priority DevicePortConfig key lastresort
INFO: Have 2 total ports. 2 ports should be connected to EV controller
INFO: Port eth0: for EV Controller without usage-based charging
INFO: eth0: IP address "REDACTED" geolocated to {"REDACTED"}
INFO: eth0: IP address "REDACTED" not geolocated
INFO: eth0: DNS servers: "REDACTED", 
INFO: eth0: no http(s) proxy
INFO: eth0: DNS lookup of zedcloud.alpha.zededa.net returned 54.245.43.31
INFO: eth0: zedcloud.alpha.zededa.net/api/v1/edgedevice/ping StatusOK
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth0: Exceeded 5 retries for get config
INFO: Port eth1: for EV Controller without usage-based charging
INFO: eth1: IP address "REDACTED" geolocated to {"REDACTED"}
INFO: eth1: IP address "REDACTED" not geolocated
INFO: eth1: DNS servers: "REDACTED", 
INFO: eth1: no http(s) proxy
INFO: eth1: DNS lookup of zedcloud.alpha.zededa.net returned 54.245.43.31
INFO: eth1: zedcloud.alpha.zededa.net/api/v1/edgedevice/ping StatusOK
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: get zedcloud.alpha.zededa.net/api/v1/edgedevice/config failed: sendOnIntf to https://zedcloud.alpha.zededa.net/api/v1/edgedevice/config reqlen 0 statuscode 404 Not Found
ERROR: eth1: Exceeded 5 retries for get config
WARNING: 0 out of 2 ports specified to have EV controller connectivity passed test

ERROR: eth1: Exceeded 5 retries for get config
WARNING: 0 out of 2 ports specified to have EV controller connectivity passed test

Eliminate Dockerfile.in and rootfs.yml.in

We have a few places where we do *.in files, which are then parsed somehow, primarily some commands called from the Makefile and often involving parse-pkgs.sh, to generate the actual files. This is intended as a discussion issue where we can discuss ways to simplify the flow, and if those are any better.

The intent is to get to a "preferred flow", i.e. what we would like this to look like, and then we can look at implementation. It is not at all clear that any of these is better than the current one, but should raise the issues.

We have two categories of .in files: Dockerfile.in and linuxkit yml.in. Both are there for the same reason. Some of our packages in pkg/ depend on other packages in pkg/, and our linuxkit config ymls depend on all of the packages in pkg/. These have image tags generated by using the git tree hash, which changes with commits. Rather than having to modify the 6 or so files over and over again - and risking missing changes - we do the following:

Calculate the expected tags of the docker images in pkg/ with no other dependencies in pkg/
Generate the Dockerfile for those docker images in pkg/ with dependencies on other packages in pkg/ based on the output of the previous step
Generate the rootfs.yml for the OS image based on the outputs of the two previous steps

The actual trees of dependencies is pretty small:

most packages in pkg/ are completely independent
pkg/xen-tools depends on pkg/uefi
pkg/qrxec-lib depends on pkg/xen-tools
pkg/qrexec-dom0 depends on pkg/qrexec-lib and pkg/xen-tools
rootfs.yml depends on all pkg/

The challenges with the way it is currently structured are:

inconsistency between repos. For example, I can build pkg/strongswan by doing lkt pkg build pkg/strongswan or even just cd pkg/strongswan; docker build ., but I have an extra step I need to do for xen-tools.
inability to just build a package on its own. If I tried the above, it wouldn't even work, as there is no Dockerfile, just a Dockerfile.in
inability to separate packages out into separate repos in the future, if desired
missing source information in version control. We can generate it, but we don't actually keep it.

Here are some potential alternative paths.

hashes in files

One approach is to replace the Dockerfile.in and rootfs.yml.in with just Dockerfile and rootfs.yml which have the actual hashes in them. Maintaining these would be a pain, so we would need to have a tool that updates the files in place. This resolves most of the above issues. The approach would look something like:

Just build
If I change something, I need to run the tool (a changed parse-pkgs.sh or similar) that would update the files that need updating.
Check the updated files into version control, if desired

This is the approach that linuxkit itself has been using for a few years. It has pros and cons - sometimes you forget to update, but that can be handled by a Makefile. Most importantly, you know exactly where you stand. Because the Dockerfile and rootfs.yml are in version control, not just the *.in files, you know immediately if something has changed.

build-args

docker build supports --build-args; linuxkit pkg and linuxkit build do not. We could extend it so that it does, and the builds would be something like the following:

Dockerfile for xen-tools, checked into git:

ARG UEFI_TAG
FROM lfedge/eve-uefi:${UEFI_TAG} as uefi-build

And build it as:

docker build --build-arg UEFI_TAG=abcd1234 ...
# OR
linuxkit pkg build --build-arg UEFI_TAG=abcd1234 ...

We would need to generate the --build-arg options using some variant on parse-pkgs.sh, but again it is doable.

This doesn't get everything in version control, but does simplify the build process

build-args with root build.yml

This is a combination of the two previous. Rather than generating the build-args on the fly, we keep the build-args in a single file in key=value or yml format in the root of this repo. We then have the build source it. We regenerate the file as needed.

For discussion @rvs @eriknordmark @kalyan-nidumolu , with whom I have discussed this to some degree, and anyone else interested.

`make build-tools` isn't compatible with MacOS

Description

make build-tools makes use of user/group definitions from the host machine to pass into the build container. On my Mac this has caused multiple issues causing me to debug this repeatedly until I finally built the image.

First issue: my group name on a corporate Mac when connected to corporate network was "CORP\Domain Users"
This caused docker command to fail with "docker build" requires exactly 1 argument.

I tried to solve this by disconnecting from corporate network.
But this caused the next issue:
Step 11/19 : RUN addgroup -g ${GID} ${GROUP} && adduser -h /home/${USER} -G ${GROUP} -D -H -u ${UID} ${USER} ---> Running in 83210242843f addgroup: number 798879916 is not in 0..256000 range

So evidently a high group number supported on MacOS isn't supported in whatever Linux that the go image is based upon.

I siwtched group name and id to staff/20 (the default for MacOS users) and then hit the same issue on my UID

adduser: number 451220269 is not in 0..256000 range

So in the end I had to change both the user and group name and id to something of my choosing in the Makefile.

Then I could finally build the image.

Steps to Reproduce

Run make build-tools on a Mac connected to a corporate network with UID/GID not in 0..256000 range.

Actual Results

Build fails. See description

Expected Results

Build succeeds.

Yetus should be accessible outside pull requests

Please implement a way to run Yetus checks on our code changes before we create a pull request. Right now, we submit a PR, and then come to know about Yetus errors as part of the checks. We end up wasting circleCI bandwidth in iterating over Yetus failures, and becomes a time hurdle in code reviews.

What would be good is to have a way to run Yetus on our local EVE repository, so that we can validate Yetus in our laptop before we even create a PR.

Move datastore config handling into downloader

The changes to datastore configuration, it does not take affect.

configure a datastore with bad key/password
publish an image to the device from this datastore
the download of the object fails
update the datastore configuration with good key/password.
the download of the object still failsl

Obseverved result: once the datastore configuration is bad, the object download always fails.
Expected result: update the datastore configuration, the object download should suceed.

Solution:

Remove the datastore configuration handling from zedagent/baseosmgr
Add datastore configuration handling to downloader.
With every change to datastore configuration,
start the download of the failed downloadable objects, attached
to that datastore.

https://wiki.lfedge.org/display/EVE/Proposal+for+moving+datastore+configuration+handling+to+Downloader

Reflection of management operation status

EVE works out of configuration that is supplied and attempt to reach to that state. In configuration supplied to EVE, there are commands to either restart device or application. In future we might have more such operations which be added.

I think we need ability to know that particular command has been executed. In deviceInfo and applicationInfo message can be extended to support this feature.

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.