cilium
diff --git a/‎pkg/datapath/linux/config/config.go‎
Lines changed: 2 additions & 56 deletions b/‎pkg/datapath/linux/config/config.go‎
Lines changed: 2 additions & 56 deletions
diff --git a/‎pkg/datapath/linux/config/config_test.go‎
Lines changed: 1 addition & 105 deletions b/‎pkg/datapath/linux/config/config_test.go‎
Lines changed: 1 addition & 105 deletions
diff --git a/‎pkg/datapath/linux/config/utils.go‎
Lines changed: 0 additions & 37 deletions b/‎pkg/datapath/linux/config/utils.go‎
Lines changed: 0 additions & 37 deletions
diff --git a/‎pkg/datapath/linux/config/utils_test.go‎
Lines changed: 0 additions & 25 deletions b/‎pkg/datapath/linux/config/utils_test.go‎
Lines changed: 0 additions & 25 deletions
diff --git a/‎pkg/datapath/loader/base.go‎
Lines changed: 0 additions & 3 deletions b/‎pkg/datapath/loader/base.go‎
Lines changed: 0 additions & 3 deletions
@@ -976,61 +976,7 @@ func (h *HeaderfileWriter) WriteNetdevConfig(w io.Writer, opts *option.IntOption
 
 // writeStaticData writes the endpoint-specific static data defines to the
 // specified writer. This must be kept in sync with loader.ELFSubstitutions().
-func (h *HeaderfileWriter) writeStaticData(devices []string, fw io.Writer, e datapath.EndpointConfiguration) {
-	if e.IsHost() {
-		if option.Config.EnableBPFMasquerade {
-			if option.Config.EnableIPv4Masquerade {
-				// NodePort comment above applies to IPV4_MASQUERADE too
-				placeholderIPv4 := []byte{1, 1, 1, 1}
-				fmt.Fprint(fw, defineIPv4("IPV4_MASQUERADE", placeholderIPv4))
-			}
-			if option.Config.EnableIPv6Masquerade {
-				// NodePort comment above applies to IPV6_MASQUERADE too
-				placeholderIPv6 := []byte{1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1}
-				fmt.Fprint(fw, defineIPv6("IPV6_MASQUERADE", placeholderIPv6))
-			}
-		}
-		// Dummy value to avoid being optimized when 0
-		fmt.Fprint(fw, defineUint32("SECCTX_FROM_IPCACHE", 1))
-
-		// Use templating for ETH_HLEN only if there is any L2-less device
-		if !mac.HaveMACAddrs(devices) {
-			// L2 hdr len (for L2-less devices it will be replaced with "0")
-			fmt.Fprint(fw, defineUint16("ETH_HLEN", mac.EthHdrLen))
-		}
-	} else {
-		// We want to ensure that the template BPF program always has "LXC_IP"
-		// defined and present as a symbol in the resulting object file after
-		// compilation, regardless of whether IPv6 is disabled. Because the type
-		// templateCfg hardcodes a dummy IPv6 address (and adheres to the
-		// datapath.EndpointConfiguration interface), we can rely on it always
-		// having an IPv6 addr. Endpoints however may not have IPv6 addrs if IPv6
-		// is disabled. Hence this check prevents us from omitting the "LXC_IP"
-		// symbol from the template BPF program. Without this, the following
-		// scenario is possible:
-		//   1) Enable IPv6 in cilium
-		//   2) Create an endpoint (ensure endpoint has an IPv6 addr)
-		//   3) Disable IPv6 and restart cilium
-		// This results in a template BPF object without an "LXC_IP" defined,
-		// __but__ the endpoint still has "LXC_IP" defined. This causes a later
-		// call to loader.ELFSubstitutions() to fail on missing a symbol "LXC_IP".
-		if ipv6 := e.IPv6Address(); ipv6.IsValid() {
-			fmt.Fprint(fw, defineIPv6("LXC_IP", ipv6.AsSlice()))
-		}
-
-		fmt.Fprint(fw, defineIPv4("LXC_IPV4", e.IPv4Address().AsSlice()))
-		fmt.Fprint(fw, defineUint16("LXC_ID", uint16(e.GetID())))
-	}
-
-	fmt.Fprint(fw, defineMAC("THIS_INTERFACE_MAC", e.GetNodeMAC()))
-	fmt.Fprint(fw, defineUint64("ENDPOINT_NETNS_COOKIE", uint64(e.GetEndpointNetNsCookie())))
-
-	secID := e.GetIdentityLocked().Uint32()
-	fmt.Fprint(fw, defineUint32("SECLABEL", secID))
-	fmt.Fprintln(fw, "#define SECLABEL_IPV4 SECLABEL")
-	fmt.Fprintln(fw, "#define SECLABEL_IPV6 SECLABEL")
-	fmt.Fprint(fw, defineUint32("POLICY_VERDICT_LOG_FILTER", e.GetPolicyVerdictLogFilter()))
-
+func (h *HeaderfileWriter) writeStaticData(fw io.Writer, e datapath.EndpointConfiguration) {
 	epID := uint16(e.GetID())
 	fmt.Fprintf(fw, "#define POLICY_MAP %s\n", bpf.LocalMapName(policymap.MapName, epID))
 	callsMapName := callsmap.MapName
@@ -1055,7 +1001,7 @@ func (h *HeaderfileWriter) WriteEndpointConfig(w io.Writer, cfg *datapath.LocalN
 	}
 
 	writeIncludes(w)
-	h.writeStaticData(deviceNames, fw, e)
+	h.writeStaticData(fw, e)
 
 	return h.writeTemplateConfig(fw, deviceNames, cfg.HostEndpointID, e, cfg.DirectRoutingDevice)
 }
 
@@ -125,111 +125,14 @@ func TestWriteNetdevConfig(t *testing.T) {
 	})
 }
 
-func TestWriteEndpointConfig(t *testing.T) {
-	writeConfig(t, "endpoint", func(w io.Writer, dp datapath.ConfigWriter) error {
-		return dp.WriteEndpointConfig(w, &dummyNodeCfg, &dummyEPCfg)
-	})
-
-	// Create copy of config option so that it can be restored at the end of
-	// this test. In the future, we'd like to parallelize running unit tests.
-	// As it stands, this test would not be ready to parallelize until we
-	// remove our dependency on globals (e.g. option.Config).
-	oldEnableIPv6 := option.Config.EnableIPv6
-	defer func() {
-		option.Config.EnableIPv6 = oldEnableIPv6
-	}()
-
-	testRun := func(te *testutils.TestEndpoint) ([]byte, map[string]uint64) {
-		cfg := &HeaderfileWriter{}
-		varSub := loader.ELFVariableSubstitutions(te)
-
-		var buf bytes.Buffer
-		cfg.writeStaticData(nil, &buf, te)
-
-		return buf.Bytes(), varSub
-	}
-
-	lxcIPs := []string{"LXC_IP_1", "LXC_IP_2"}
-
-	tests := []struct {
-		description string
-		template    testutils.TestEndpoint // Represents template bpf prog
-		endpoint    testutils.TestEndpoint // Represents normal endpoint bpf prog
-		preTestRun  func(t *testutils.TestEndpoint, e *testutils.TestEndpoint)
-		templateExp bool
-		endpointExp bool
-	}{
-		{
-			description: "IPv6 is disabled, endpoint does not have an IPv6 addr",
-			template:    testutils.NewTestEndpoint(),
-			endpoint:    testutils.NewTestEndpoint(),
-			preTestRun: func(t *testutils.TestEndpoint, e *testutils.TestEndpoint) {
-				option.Config.EnableIPv6 = false
-				t.IPv6 = ipv6DummyAddr // Template bpf prog always has dummy IPv6
-				e.IPv6 = netip.Addr{}  // This endpoint does not have an IPv6 addr
-			},
-			templateExp: true,
-			endpointExp: false,
-		},
-		{
-			description: "IPv6 is disabled, endpoint does have an IPv6 addr",
-			template:    testutils.NewTestEndpoint(),
-			endpoint:    testutils.NewTestEndpoint(),
-			preTestRun: func(t *testutils.TestEndpoint, e *testutils.TestEndpoint) {
-				option.Config.EnableIPv6 = false
-				t.IPv6 = ipv6DummyAddr // Template bpf prog always has dummy IPv6
-				e.IPv6 = ipv6DummyAddr // This endpoint does have an IPv6 addr
-			},
-			templateExp: true,
-			endpointExp: true,
-		},
-		{
-			description: "IPv6 is enabled",
-			template:    testutils.NewTestEndpoint(),
-			endpoint:    testutils.NewTestEndpoint(),
-			preTestRun: func(t *testutils.TestEndpoint, e *testutils.TestEndpoint) {
-				option.Config.EnableIPv6 = true
-				t.IPv6 = ipv6DummyAddr
-				e.IPv6 = ipv6DummyAddr
-			},
-			templateExp: true,
-			endpointExp: true,
-		},
-		{
-			description: "IPv6 is enabled, endpoint does not have IPv6 address",
-			template:    testutils.NewTestEndpoint(),
-			endpoint:    testutils.NewTestEndpoint(),
-			preTestRun: func(t *testutils.TestEndpoint, e *testutils.TestEndpoint) {
-				option.Config.EnableIPv6 = true
-				t.IPv6 = ipv6DummyAddr
-				e.IPv6 = netip.Addr{}
-			},
-			templateExp: true,
-			endpointExp: false,
-		},
-	}
-	for _, test := range tests {
-		t.Logf("Testing %s", test.description)
-		test.preTestRun(&test.template, &test.endpoint)
-
-		b, vsub := testRun(&test.template)
-		require.Equal(t, test.templateExp, bytes.Contains(b, []byte("DEFINE_IPV6")))
-		assertKeysInsideMap(t, vsub, lxcIPs, test.templateExp)
-
-		b, vsub = testRun(&test.endpoint)
-		require.Equal(t, test.endpointExp, bytes.Contains(b, []byte("DEFINE_IPV6")))
-		assertKeysInsideMap(t, vsub, lxcIPs, test.endpointExp)
-	}
-}
-
 func TestWriteStaticData(t *testing.T) {
 	cfg := &HeaderfileWriter{}
 	ep := &dummyEPCfg
 
 	mapSub := loader.ELFMapSubstitutions(ep)
 
 	var buf bytes.Buffer
-	cfg.writeStaticData(nil, &buf, ep)
+	cfg.writeStaticData(&buf, ep)
 	b := buf.Bytes()
 
 	for _, v := range mapSub {
@@ -238,13 +141,6 @@ func TestWriteStaticData(t *testing.T) {
 	}
 }
 
-func assertKeysInsideMap(t *testing.T, m map[string]uint64, keys []string, want bool) {
-	for _, v := range keys {
-		_, ok := m[v]
-		require.Equal(t, want, ok)
-	}
-}
-
 func createMainLink(name string, t *testing.T) *netlink.Dummy {
 	link := &netlink.Dummy{
 		LinkAttrs: netlink.LinkAttrs{
 
@@ -7,7 +7,6 @@ import (
 	"fmt"
 	"net"
 
-	"github.com/cilium/cilium/pkg/byteorder"
 	"github.com/cilium/cilium/pkg/common"
 )
 
@@ -18,33 +17,6 @@ func FmtDefineAddress(name string, addr []byte) string {
 	return fmt.Sprintf("#define %s { .addr = { %s } }\n", name, common.GoArray2C(addr))
 }
 
-// defineUint16 writes the C definition for an unsigned 16-bit value.
-func defineUint16(name string, value uint16) string {
-	return fmt.Sprintf("DEFINE_U16(%s, %#04x);\t/* %d */\n#define %s fetch_u16(%s)\n",
-		name, value, value, name, name)
-}
-
-// defineUint32 writes the C definition for an unsigned 32-bit value.
-func defineUint32(name string, value uint32) string {
-	return fmt.Sprintf("DEFINE_U32(%s, %#08x);\t/* %d */\n#define %s fetch_u32(%s)\n",
-		name, value, value, name, name)
-}
-
-// defineUint64 writes the C definition for an unsigned 64-bit value.
-func defineUint64(name string, value uint64) string {
-	return fmt.Sprintf("DEFINE_U64(%s, %#016x);\t/* %d */\n#define %s fetch_u64(%s)\n",
-		name, value, value, name, name)
-}
-
-// defineIPv4 writes the C definition for the given IPv4 address.
-func defineIPv4(name string, addr []byte) string {
-	if len(addr) != net.IPv4len {
-		return fmt.Sprintf("/* BUG: bad ip define %s %s */\n", name, common.GoArray2C(addr))
-	}
-	nboAddr := byteorder.NetIPv4ToHost32(addr)
-	return defineUint32(name, nboAddr)
-}
-
 // defineIPv6 writes the C definition for the given IPv6 address.
 func defineIPv6(name string, addr []byte) string {
 	if len(addr) != net.IPv6len {
@@ -58,15 +30,6 @@ func dumpRaw(name string, addr []byte) string {
 	return fmt.Sprintf(" %s%s\n", name, common.GoArray2C(addr))
 }
 
-// defineMAC writes the C definition for the given MAC name and addr.
-func defineMAC(name string, addr []byte) string {
-	if len(addr) != 6 { /* MAC len */
-		return fmt.Sprintf("/* BUG: bad mac define %s %s */\n", name, common.GoArray2C(addr))
-	}
-	return fmt.Sprintf("DEFINE_MAC(%s, %s);\n#define %s fetch_mac(%s)\n",
-		name, common.GoArray2C(addr), name, name)
-}
-
 // declareConfig writes the C macro for declaring a global configuration variable that can be
 // modified at runtime.
 func declareConfig(name string, value any, description string) string {
 
@@ -39,28 +39,3 @@ func TestDefineIPv6(t *testing.T) {
 		require.Equal(t, test.output, defineIPv6("foo", test.input))
 	}
 }
-
-func TestDefineMAC(t *testing.T) {
-	tests := []formatTestCase{
-		{
-			input:  nil,
-			output: "/* BUG: bad mac define foo  */\n",
-		},
-		{
-			input:  []byte{},
-			output: "/* BUG: bad mac define foo  */\n",
-		},
-		{
-			input:  []byte{1, 2, 3},
-			output: "/* BUG: bad mac define foo 0x1, 0x2, 0x3 */\n",
-		},
-		{
-			input: []byte{1, 2, 3, 4, 5, 6},
-			output: "DEFINE_MAC(foo, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6);\n" +
-				"#define foo fetch_mac(foo)\n",
-		},
-	}
-	for _, test := range tests {
-		require.Equal(t, test.output, defineMAC("foo", test.input))
-	}
-}
@@ -30,7 +30,6 @@ import (
 	"github.com/cilium/cilium/pkg/identity"
 	ipamOption "github.com/cilium/cilium/pkg/ipam/option"
 	"github.com/cilium/cilium/pkg/logging/logfields"
-	"github.com/cilium/cilium/pkg/mac"
 	"github.com/cilium/cilium/pkg/option"
 	"github.com/cilium/cilium/pkg/socketlb"
 	wgTypes "github.com/cilium/cilium/pkg/wireguard/types"
@@ -265,7 +264,6 @@ func reinitializeOverlay(ctx context.Context, tunnelConfig tunnel.Config) error
 
 	// gather compile options for bpf_overlay.c
 	opts := []string{
-		fmt.Sprintf("-DTHIS_INTERFACE_MAC={.addr=%s}", mac.CArrayString(link.Attrs().HardwareAddr)),
 		fmt.Sprintf("-DCALLS_MAP=cilium_calls_overlay_%d", identity.ReservedIdentityWorld),
 	}
 	if option.Config.EnableNodePort {
@@ -295,7 +293,6 @@ func reinitializeWireguard(ctx context.Context) (err error) {
 	}
 
 	opts := []string{
-		fmt.Sprintf("-DTHIS_INTERFACE_MAC={.addr=%s}", mac.CArrayString(link.Attrs().HardwareAddr)),
 		fmt.Sprintf("-DCALLS_MAP=cilium_calls_wireguard_%d", identity.ReservedIdentityWorld),
 	}
Original file line number	Diff line number	Diff line change
`@@ -30,7 +30,6 @@ import (`
`30`	`30`	`"github.com/cilium/cilium/pkg/identity"`
`31`	`31`	`ipamOption "github.com/cilium/cilium/pkg/ipam/option"`
`32`	`32`	`"github.com/cilium/cilium/pkg/logging/logfields"`
`33`		`- "github.com/cilium/cilium/pkg/mac"`
`34`	`33`	`"github.com/cilium/cilium/pkg/option"`
`35`	`34`	`"github.com/cilium/cilium/pkg/socketlb"`
`36`	`35`	`wgTypes "github.com/cilium/cilium/pkg/wireguard/types"`
`@@ -265,7 +264,6 @@ func reinitializeOverlay(ctx context.Context, tunnelConfig tunnel.Config) error`
`265`	`264`
`266`	`265`	`// gather compile options for bpf_overlay.c`
`267`	`266`	`opts := []string{`
`268`		`- fmt.Sprintf("-DTHIS_INTERFACE_MAC={.addr=%s}", mac.CArrayString(link.Attrs().HardwareAddr)),`
`269`	`267`	`fmt.Sprintf("-DCALLS_MAP=cilium_calls_overlay_%d", identity.ReservedIdentityWorld),`
`270`	`268`	`}`
`271`	`269`	`if option.Config.EnableNodePort {`
`@@ -295,7 +293,6 @@ func reinitializeWireguard(ctx context.Context) (err error) {`
`295`	`293`	`}`
`296`	`294`
`297`	`295`	`opts := []string{`
`298`		`- fmt.Sprintf("-DTHIS_INTERFACE_MAC={.addr=%s}", mac.CArrayString(link.Attrs().HardwareAddr)),`
`299`	`296`	`fmt.Sprintf("-DCALLS_MAP=cilium_calls_wireguard_%d", identity.ReservedIdentityWorld),`
`300`	`297`	`}`
`301`	`298`