fix(ec2): honest enforcement status + subnet IP + nft sanitize + serialize reconcile#1764
Merged
Merged
Conversation
Codecov Report❌ Patch coverage is 📢 Thoughts on this report? Let us know! |
vieiralucas
force-pushed
the
worktree-ec2-netiso-fix5-honest-status
branch
2 times, most recently
from
8eaa7d5 to
b147f1a
Compare
…e + serialize reconcile Bug-hunt 2026-06-18 findings 1.5, 1.6, 1.7, 2.2, 4.3. - 1.5: nftables enforcement now requires a native-Linux host whose daemon shares this network namespace (resolve_enforcement_mode gains host_local). On Docker Desktop / podman-machine the per-subnet bridges live in the daemon's VM, so host nft filters nothing -- yet the probe passed and `enforced` falsely read true. Now degrades with an accurate warning. - 1.6: CNI detection scans calico-system / tigera-operator / cilium besides kube-system, so a Tigera-operator or dedicated-namespace Calico/Cilium isn't mis-reported as non-enforcing (cni_component_names). - 1.7: an instance's metadata private IP is derived from its subnet CIDR (was a hard-coded 10.0.0.x outside the subnet); real container IPs still override. - 2.2: CIDR and protocol tokens from SG params are sanitized before interpolation into the `nft -f -` script (charset-restricted), closing a ruleset-injection surface. - 4.3: firewall reconciles are serialized behind a per-runtime async mutex so a concurrent k8s apply+prune can't delete a just-applied NetworkPolicy. Tests: unit tests for the host-local gate and out-of-range/sanitize paths; control-plane e2e green.
vieiralucas
force-pushed
the
worktree-ec2-netiso-fix5-honest-status
branch
from
b147f1a to
0488455
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Bug-hunt 2026-06-18 findings 1.5, 1.6, 1.7, 2.2, 4.3 (the audit's remaining tail).
resolve_enforcement_modegainshost_local). On Docker Desktop / podman-machine the bridges live in the daemon's VM, so host nft filters nothing — yetenforcedfalsely readtrue. Now degrades with an accurate warning.calico-system/tigera-operator/ciliumbesideskube-system, so a Tigera-operator / dedicated-namespace Calico/Cilium isn't mis-reported as non-enforcing.10.0.0.xoutside the subnet); real container IPs still override.nft -f -script, closing a ruleset-injection surface.Test plan
cargo test -p fakecloud-ec2 -p fakecloud-k8s(incl. host-local gate + out-of-range port tests), control-plane e2e green, clippy + fmt clean.Summary by cubic
Fix false-positive nftables enforcement on non-host-local setups, sanitize nft input, derive instance private IPs from the subnet, broaden CNI detection, and serialize policy reconciles to avoid races. Adds unit tests for sanitization, subnet-derived IPs, and the host-local enforcement gate.
FAKECLOUD_EC2_SG_ENFORCEMENTbut not host-local ornft/CAP_NET_ADMIN capable, degrade to disabled with a clear warning.[0-9a-fA-F.:/]and protocol tokens[a-z0-9-]before embedding intonft -f -; drop invalid matches only.10.0.0.x; real container IPs still override when available.kube-system,calico-system,tigera-operator, andcilium; exposed ascni_component_names()infakecloud-k8s.Written for commit 0488455. Summary will update on new commits.