Adjust LPS network endpoint payload definitions

- Moved `PortConfigSource` into `evecommon/netcmn.proto` so it can be used
  by both `info/info.proto` and `profile/network.proto`.
- Replaced the unnecessary `NetworkConfig` wrapper in `profile/network.proto`
  with a direct `repeated NetworkPortConfig` field.
- Removed/renamed all references to "local config *change*" -- instead, the local
  configuration was defined to be fully declarative in nature
- Introduced `LocalNetworkConfigInfo` to report the state of the local config,
  including any errors:
    * global `error_message` indicates problems with the config as a whole,
      such as invalid token, malformed payloads or missing logical labels.
    * Per-port errors are still reported via `NetworkPortConfig.error_message`.
- Extended `NetworkConfigTestingStatus` with:
    * `testing_in_progress` boolean to indicate if controller connectivity
      testing is still ongoing.
    * `testing_phase` string providing optional context about why testing
      is in progress (e.g., waiting for interface, DHCP IP, or DNS).
- Renamed `logical_name` to `logical_label` in `profile/network.proto`
  for consistency with naming used in other proto files.
- Renamed `NetworkPortAddresses.usb_adapter` to `NetworkPortAddresses.usb_address`
  (the previous field name was a mistake)
- Added missing probing configuration into CellularConfig (in `profile/network.proto`)
- Updated documentation and comments in `profile/network.proto` for clarity.

Signed-off-by: Milan Lenco <[email protected]>

Author: milan-zededa

PROFILE.md

@@ -278,31 +278,31 @@ the `404` code.
 
 Publishes the current IP configuration of all network adapters (excluding those
 directly assigned to applications).
-The response may optionally include updated configuration for one or more
-adapters, which EVE will validate and apply if permitted.
+The response may optionally include a locally-declared desired configuration
+for one or more adapters, which EVE will validate and apply if permitted.
 
 ```http
    POST /api/v1/network
 ```
 
 Return codes:
 
-* Success, with modified network configuration included in the response
+* Success, with locally-declared network configuration included in the response
   for EVE to apply: `200`
-* Success, no configuration changes requested; any existing local modifications
-  remain in effect: `204`
+* Success, no local network configuration updates requested; any existing
+  local configuration remains in effect: `204`
 * Not implemented, or intentionally used by the local server to throttle
   the periodic network information updates: `404`
-  When `404` is returned, any previously submitted configuration changes
-  from LPS are reverted.
+  When `404` is returned, any previously submitted local network configuration
+  is reverted.
 
 Request:
 
 The request MIME type MUST be `application/x-proto-binary`.
 The request MUST contain the body of a single protobuf message of type
 [NetworkInfo](./proto/profile/network.proto).
 Device publishes network information repeatedly to keep LPS updated and
-to allow the server to submit configuration changes.
+to allow the server to submit local configuration updates.
 Local server MAY throttle or cancel this communication stream by returning
 the `404` code.
 
@@ -312,61 +312,67 @@ the `404` code.
 * Status of controller connectivity
 * A fallback network configuration, used when the latest configuration
   fails to provide working controller connectivity.
-* Status of any locally-made configuration changes submitted previously
-  by the Local Profile Server (LPS), indicating success or errors if changes
-  failed.
+* Status of the local network configuration submitted previously
+  by the Local Profile Server (LPS), indicating whether it was successfully
+  applied or if errors occurred.
 
 Response:
 
 The response MAY contain the body of a single protobuf message of type
-[NetworkConfigChange](./proto/profile/network.proto), encoded as
+[LocalNetworkConfig](./proto/profile/network.proto), encoded as
 `application/x-proto-binary`.
-If no changes are required, the Local Profile Server MAY return HTTP 204
-(`No Content`).
+If no further updates are needed to the local configuration, the server MAY return
+HTTP 204 (`No Content`), and EVE will continue using the most recently submitted
+local configuration.
 
-`NetworkConfigChange` contains:
+`LocalNetworkConfig` contains:
 
 * An authorization token (`server_token`) to verify the request against
   the controller-provisioned secret.
-* New or updated network configuration for one or more adapters.
+* Declarative network configuration for ports managed locally.
 
 Behavior:
 
-* EVE validates the received configuration to ensure it is well-formed and only
-  includes adapters for which local modifications are permitted by the
-  controller user.
-* Locally-modifiable fields include the IP configuration, wireless settings,
+* EVE validates the received local configuration to ensure it is well-formed
+  and that the submitted `server_token` matches the value provisioned
+  by the controller.
+* The controller may specify, on a per-port basis, whether local modifications
+  are allowed (see `SystemAdapter.allow_local_modifications`).
+  Ports that are not permitted to receive local configuration are skipped,
+  and an error is reported for each such port in `LocalNetworkConfigInfo`.
+* If the controller revokes local modification permissions or un-configures LPS,
+  EVE reverts affected adapters to the controller configuration.
+* Locally-manageable fields include the IP configuration, wireless settings,
   and proxy configuration — the attributes defined in [NetworkPortConfig](proto/profile/network.proto).
   Fields that affect overall network topology, such as interface usage, cost,
-  or assigned labels, are not locally-modifiable and remain under controller
+  or assigned labels, are not locally-manageable and remain under controller
   management.
-* Any local modification to a port replaces the entire set of locally-modifiable
+* Local port configuration overrides the entire set of locally-manageable
   fields. Partial updates are not supported — fields omitted or set to empty/zero
   values are applied as such, rather than inheriting values from the controller
-  configuration. The locally-modifiable portion is treated as a single unit,
+  configuration. The locally-manageable portion is treated as a single unit,
   so the controller cannot manage some of these fields while the local user
   manages others.
-* Fields that are not included in the set of locally-changeable attributes
+* Fields that are not included in the set of locally-manageable attributes
   (e.g., interface usage, cost) continue to follow the controller-provided
   configuration, either the latest or the active fallback configuration,
   as appropriate.
-* If the controller revokes local modification permissions or un-configures LPS,
-  EVE reverts affected adapters to the controller configuration.
 * When LPS (temporarily or indefinitely) throttles/cancels the communication
-  stream by returning `404`, all previously submitted network configuration
-  changes are reverted.
-* If LPS becomes inaccessible or unresponsive, previously submitted network
-  configuration changes remain in effect. To revert these changes from a crashed
+  stream by returning `404`, previously submitted local network configuration
+  is reverted.
+* If LPS becomes inaccessible or unresponsive, a previously submitted network
+  configuration remains in effect. To revert local config received from a crashed
   or misbehaving LPS, the controller user must explicitly revoke permissions
   or disable the LPS.
-* EVE disables fallback mechanism only for locally modified adapters with respect
-  to fields that can be locally changed. All other adapters, or fields that are
-  not locally-changeable, such as interface usage or cost, continue using either
-  the latest or fallback controller configuration, depending on connectivity status.
-* The current controller connectivity status is included in the request to help
-  the local operator make informed changes.
-* When configuration changes fail validation or application, EVE reports errors
-  back in `NetworkInfo`.
+* EVE disables fallback mechanism only for adapters with a local configuration
+  with respect to fields that can be locally managed. All other adapters, or fields
+  that are not locally-manageable, such as interface usage or cost, continue using
+  either the latest or fallback controller configuration, depending on connectivity
+  status.
+* The published controller connectivity status helps the local operator create
+  a local configuration that ensures proper connectivity.
+* When local configuration fails validation or application, EVE reports errors
+  back in `NetworkInfo.local_config`.
 
 ## Security
 

proto/evecommon/netcmn.proto

@@ -10,6 +10,8 @@ option java_package = "org.lfedge.eve.common";
 option java_multiple_files = true;
 option java_outer_classname = "Evecommon";
 
+import "google/protobuf/timestamp.proto";
+
 message ipRange {
   string start = 1;
   string end = 2;
@@ -250,4 +252,56 @@ enum CellularAuthProtocol {
   CELLULAR_AUTH_PROTOCOL_CHAP = 2;
   // Both PAP and CHAP.
   CELLULAR_AUTH_PROTOCOL_PAP_AND_CHAP = 3;
+}
+
+// NetworkConfigOrigin enumerates all possible origins of a network port configuration.
+enum NetworkConfigOrigin {
+  // Unknown or unset origin.
+  NETWORK_CONFIG_ORIGIN_UNSPECIFIED = 0;
+  // Config received from the controller.
+  NETWORK_CONFIG_ORIGIN_CONTROLLER = 1;
+  // Initial device config embedded in the EVE installer, signed by the controller.
+  NETWORK_CONFIG_ORIGIN_BOOTSTRAP = 2;
+  // Manually created JSON config injected into the installer.
+  NETWORK_CONFIG_ORIGIN_OVERRIDE = 3;
+  // Fallback configuration automatically generated to enable DHCP on all Ethernet ports.
+  // Used when no network config is available or when "network.fallback.any.eth" is enabled
+  // and none of the existing configs provide controller connectivity.
+  NETWORK_CONFIG_ORIGIN_LASTRESORT = 4;
+  // Config entered via the terminal UI (TUI).
+  NETWORK_CONFIG_ORIGIN_TUI = 5;
+  // Configuration signed by the controller and delivered through the
+  // Local Operator Console (LOC) in an air-gapped environment.
+  NETWORK_CONFIG_ORIGIN_LOC = 6;
+  // Config changes made locally through the Local Profile Server (LPS).
+  NETWORK_CONFIG_ORIGIN_LPS = 7;
+}
+
+// PortConfigSource describes the origin of the configuration used for a network port.
+// It helps distinguish between controller-provided, locally-modified, or initial configs.
+message PortConfigSource {
+  // Indicates where EVE obtained the network config.
+  org.lfedge.eve.common.NetworkConfigOrigin origin = 1;
+
+  // Timestamp when this port’s configuration was originally submitted
+  // or created at its source.
+  //
+  // Meaning depends on the origin:
+  // - Controller, LOC, bootstrap: timestamp provided by the controller.
+  // - Local override.json: when the file was first loaded by EVE.
+  // - Last-resort: when EVE generated the fallback config.
+  // - LPS modifications: when the modified config was received.
+  // - TUI: when the user submitted the configuration.
+  //
+  // This is different from DevicePortStatus.timePriority, which is used
+  // to compare and prioritize different sources of network configuration
+  // (and may be synthetic for some sources, e.g. year 2000 for override.json,
+  // epoch 0 for last-resort). By contrast, submitted_at represents when this
+  // port’s configuration first came into existence, regardless of when or whether
+  // the device applied it.
+  //
+  // Note: this is a per-port timestamp. The underlying network config may
+  // cover multiple ports, but only the portion relevant to this port is
+  // reflected here.
+  google.protobuf.Timestamp submitted_at = 2;
 }

proto/info/info.proto

@@ -838,59 +838,7 @@ message DevicePort {
   uint32 mtu = 34; // MTU of the port
 
   // Identifies the source of this network port configuration.
-  PortConfigSource config_source = 40;
-}
-
-// NetworkConfigOrigin enumerates all possible origins of a network port configuration.
-enum NetworkConfigOrigin {
-  // Unknown or unset origin.
-  NETWORK_CONFIG_ORIGIN_UNSPECIFIED = 0;
-  // Config received from the controller.
-  NETWORK_CONFIG_ORIGIN_CONTROLLER = 1;
-  // Initial device config embedded in the EVE installer, signed by the controller.
-  NETWORK_CONFIG_ORIGIN_BOOTSTRAP = 2;
-  // Manually created JSON config injected into the installer.
-  NETWORK_CONFIG_ORIGIN_OVERRIDE = 3;
-  // Fallback configuration automatically generated to enable DHCP on all Ethernet ports.
-  // Used when no network config is available or when "network.fallback.any.eth" is enabled
-  // and none of the existing configs provide controller connectivity.
-  NETWORK_CONFIG_ORIGIN_LASTRESORT = 4;
-  // Config entered via the terminal UI (TUI).
-  NETWORK_CONFIG_ORIGIN_TUI = 5;
-  // Configuration signed by the controller and delivered through the
-  // Local Operator Console (LOC) in an air-gapped environment.
-  NETWORK_CONFIG_ORIGIN_LOC = 6;
-  // Config changes made locally through the Local Profile Server (LPS).
-  NETWORK_CONFIG_ORIGIN_LPS = 7;
-}
-
-// PortConfigSource describes the origin of the configuration used for a network port.
-// It helps distinguish between controller-provided, locally-modified, or initial configs.
-message PortConfigSource {
-  // Indicates where EVE obtained the network config.
-  NetworkConfigOrigin origin = 1;
-
-  // Timestamp when this port’s configuration was originally submitted
-  // or created at its source.
-  //
-  // Meaning depends on the origin:
-  // - Controller, LOC, bootstrap: timestamp provided by the controller.
-  // - Local override.json: when the file was first loaded by EVE.
-  // - Last-resort: when EVE generated the fallback config.
-  // - LPS modifications: when the modified config was received.
-  // - TUI: when the user submitted the configuration.
-  //
-  // This is different from DevicePortStatus.timePriority, which is used
-  // to compare and prioritize different sources of network configuration
-  // (and may be synthetic for some sources, e.g. year 2000 for override.json,
-  // epoch 0 for last-resort). By contrast, submitted_at represents when this
-  // port’s configuration first came into existence, regardless of when or whether
-  // the device applied it.
-  //
-  // Note: this is a per-port timestamp. The underlying network config may
-  // cover multiple ports, but only the portion relevant to this port is
-  // reflected here.
-  google.protobuf.Timestamp submitted_at = 2;
+  org.lfedge.eve.common.PortConfigSource config_source = 40;
 }
 
 message ProxyStatus {