Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
interfaces/builtin: add the spi interface #3499
Conversation
tokurz
added some commits
Jun 20, 2017
|
the pi3 gadget is at https://github.com/snapcore/pi3-gadget ... happy to review a PR for the config.txt and snapcraft.yaml changes :) |
|
Hey, thanks for the fast reply, can you help me to make the test successfully? I ran "make fmt" and gaves no errors on my side, maybe something is in the go files wrong, golang is a complete new language for me, normal I develop on python and java. Cheers |
tokurz
added some commits
Jun 22, 2017
|
Hey Guys, I get some strange errors, maybe you can help me with that: 2017-06-22 16:39:58 Discarding linode:debian-unstable-64 (Spread-04), cannot connect: cannot connect to linode:debian-unstable-64 (Spread-04): ssh: handshake failed: ssh: unable to authenticate, attempted methods [none password], no supported methods remain its full in the Travis CI log of that. Cheers |
|
@tokurz thanks a lot for your contribution and for pointing out the test error! :) Don't worry about it, we have been hitting some authentication errors lately and are actively looking into them, will be fixed shortly. Not sure if you are aware of them but there are some unit test errors on the autopktest executions that seem related to your changes, take a look for instance at https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-xenial-snappy-dev-image/xenial/amd64/s/snapd/20170623_082242_16006@/log.gz
Cheers! |
|
Thanks for pointing me to that, I will look into it. Cheers |
tokurz
added some commits
Jun 23, 2017
codecov-io
commented
Jun 23, 2017
•
Codecov Report
@@ Coverage Diff @@
## master #3499 +/- ##
==========================================
+ Coverage 75.2% 75.36% +0.15%
==========================================
Files 387 391 +4
Lines 33452 33730 +278
==========================================
+ Hits 25157 25420 +263
- Misses 6482 6490 +8
- Partials 1813 1820 +7
Continue to review full report at Codecov.
|
|
looks great so far :) |
|
Hey, can someone merge it into the snap repository, I would like to work with that. Cheers |
|
@tokurz while you look at it, could you look at signing the CLA? |
zyga
self-requested a review
Jun 29, 2017
|
I'll review and improve this slightly. I just merged the refactoring of the base policy and I would like to update your branch and review it as well. |
|
Hy @zyga sure feel free :), let me know when I should do any steps for help. Cheers |
zyga
added some commits
Jun 29, 2017
zyga
reviewed
Jun 29, 2017
Hey, I updated the branch with a few patches and merged master, resolving the conflict I introduced. I didn't review it fully but I think the basics look OK. I need to have a moment to check everything in detail before I can approve it.
Can you please help me out and complete the contributor license agreement, we cannot merge it without that.
|
hey @zyga yes will do it today. Cheers |
|
Hey @zyga the contributor license agreement forms I have filled out and submitted. Cheers |
|
CLA has been signed Thank you! |
chipaca
changed the title from
Spi patch
to
interfaces/builtin: spi interface
Jun 30, 2017
|
Hey @zyga the Travis CI had some trouble in timeout here the last statement from the output 2017-06-29 14:22:44 Removing disks from linode:ubuntu-core-16-64 (Spread-32)... 2017-06-29 14:23:22 Rebooting linode:ubuntu-core-16-64 (Spread-11) as requested... The job exceeded the maximum time limit for jobs, and has been terminated. Can you take a look at it? Cheers |
zyga
changed the title from
interfaces/builtin: spi interface
to
interfaces/builtin: add the spi interface
Jul 21, 2017
zyga
reviewed
Jul 21, 2017
Some more comments. I'll try to review this again next week.
| + | ||
| + // Creation of the slot of this type | ||
| + // is allowed only by a gadget snap | ||
| + if !(slot.Snap.Type == "gadget" || slot.Snap.Type == "os") { |
zyga
Jul 21, 2017
Contributor
There are constants for this in the snap package, namely TypeGadget and TypeOS
| + // Validate the path | ||
| + path, ok := slot.Attrs["path"].(string) | ||
| + if !ok || path == "" { | ||
| + return fmt.Errorf("%s slot must have a path attribute", iface.Name()) |
zyga
Jul 21, 2017
Contributor
I'd re-word this to use the slot name but I'd have to check how the error is used by the callers. In the end I'd like a message like slot $snapName:$slotName must have a path attribute
| + path = filepath.Clean(path) | ||
| + | ||
| + if !spiControlDeviceNodePattern.MatchString(path) { | ||
| + return fmt.Errorf("%s path attribute must be a valid device node", iface.Name()) |
| +// Checks and possibly modifies a plug | ||
| +func (iface *spiInterface) SanitizePlug(plug *interfaces.Plug) error { | ||
| + if iface.Name() != plug.Interface { | ||
| + panic(fmt.Sprintf("plug is not of interface %q", iface.Name())) |
| +func (iface *spiInterface) UDevConnectedPlug(spec *udev.Specification, plug *interfaces.Plug, plugAttrs map[string]interface{}, slot *interfaces.Slot, slotAttrs map[string]interface{}) error { | ||
| + path, pathOk := slot.Attrs["path"].(string) | ||
| + if !pathOk { | ||
| + return nil |
zyga
Jul 21, 2017
Contributor
I think we want to panic at this stage. This code can assume sanitize works OK
|
I'll improve and land this PR. |
|
sounds great , thank you |
|
I updated this to match the new APIs and some coding style tweaks. This is ready for review by security CC @jdstrand |
zyga
requested a review
from
jdstrand
Aug 3, 2017
jdstrand
requested changes
Aug 3, 2017
Thanks for submitting this, it looks quite good. Can you address the inline comments?
| + path, err := iface.path(slot) | ||
| + if err != nil { | ||
| + panic("slot is not sanitized") | ||
| + } |
jdstrand
Aug 3, 2017
Contributor
In other interfaces (eg i2c) we return nil here since panicking can cause trouble. This means the interface will connect but simply not have the added rules. This helps the user experience when dealing with a poorly named device.
tokurz
Aug 3, 2017
Contributor
I had copy the interfaces from the i2c i dont know maybe something has changed in the meanwhile, but you can correct it, if you want. I'm new on the golang and not really aware with the error handling.
jdstrand
Aug 3, 2017
Contributor
That's fine. Can you change:
panic("slot is not sanitized")
to:
return nil
Here and the other place I mentioned?
zyga
Aug 5, 2017
Contributor
I think the panic is actually what we want. Interfaces should be valid (sanitize is to check that). We should not have a state where we can get to snippet methods and the plug/slot is still invalid. We panic in other places.
jdstrand
Aug 9, 2017
Contributor
Ok-- I was looking at other interfaces but that was before various refactorings.
| + panic("slot is not sanitized") | ||
| + } | ||
| + spec.AddSnippet(fmt.Sprintf("%s rw,", path)) | ||
| + spec.AddSnippet(fmt.Sprintf("/sys/devices/platform/soc/**.spi/spi_master/spi0/%s/** rw,", strings.TrimPrefix(path, "/dev/"))) |
jdstrand
Aug 3, 2017
Contributor
Is 'spi0' correct here or does it change depending on number of devices, etc? I wonder if this would be better:
spec.AddSnippet(fmt.Sprintf("/sys/devices/platform/**/**.spi/**/%s/** rw,", strings.TrimPrefix(path, "/dev/")))
Can you give an example path that you are wanting to allow?
tokurz
Aug 3, 2017
Contributor
Hey the path is:
/sys/devices/platform/soc/3f204000.spi/spi_master/spi0/
which gives
spi0.0/
spi0.1/
in /dev/ are the interfaces:
/dev/spidev0.0
/dev/spidev0.1
Hope that helps
jdstrand
Aug 3, 2017
Contributor
It does. Please use the rule I recommended which will help with future-proofing.
| +func (iface *spiInterface) UDevConnectedPlug(spec *udev.Specification, plug *interfaces.Plug, plugAttrs map[string]interface{}, slot *interfaces.Slot, slotAttrs map[string]interface{}) error { | ||
| + path, err := iface.path(slot) | ||
| + if err != nil { | ||
| + panic("slot is not sanitized") |
|
The test failures look unrelated:
|
|
Will took tomorrow look at it current on the way home |
tokurz
added some commits
Aug 4, 2017
|
I didnt understand this error message, maybe someone can help me?
the function:
|
| + spec := &apparmor.Specification{} | ||
| + c.Assert(spec.AddConnectedPlug(s.iface, s.plug1, nil, s.slotGadget1, nil), IsNil) | ||
| + c.Assert(spec.SecurityTags(), DeepEquals, []string{"snap.consumer.app"}) | ||
| + c.Assert(spec.SnippetForTag("snap.consumer.app"), Equals, "/dev/spidev0.0 rw,/sys/devices/platform/**/**.spi/**/spidev0.0/** rw,") |
jdstrand
Aug 4, 2017
Contributor
You are missing a newline here. This test is saying that you expect:
/dev/spidev0.0 rw,/sys/devices/platform/**/**.spi/**/spidev0.0/** rw,
but you get:
/dev/spidev0.0 rw,
/sys/devices/platform/**/**.spi/**/spidev0.0/** rw,
Change it too:
c.Assert(spec.SnippetForTag("snap.consumer.app"), Equals, "/dev/spidev0.0 rw\n,/sys/devices/platform/**/**.spi/**/spidev0.0/** rw,")
and this test should pass.
tokurz
added some commits
Aug 4, 2017
|
FYI, when developing interfaces, I like to run the unit tests locally like so:
Once I'm satisfied with my interface tests, I will run all the non-spread tests:
Then I commit and let travis run (whether I run spread tests next locally or not depends on the patch). |
|
Hey @jdstrand , thanks for the info, but what I dont understand is this error message:
For me it looks correct with the , in the line, what doing I'm wrong..? |
|
Another thing, when I run it on my local machine:
I get those errors, but when i look into it, they are visible.. Do I need to rewrite from
|
| + path, err := iface.path(slot) | ||
| + if err != nil { | ||
| + panic("slot is not sanitized") | ||
| + } |
jdstrand
Aug 3, 2017
Contributor
In other interfaces (eg i2c) we return nil here since panicking can cause trouble. This means the interface will connect but simply not have the added rules. This helps the user experience when dealing with a poorly named device.
tokurz
Aug 3, 2017
Contributor
I had copy the interfaces from the i2c i dont know maybe something has changed in the meanwhile, but you can correct it, if you want. I'm new on the golang and not really aware with the error handling.
jdstrand
Aug 3, 2017
Contributor
That's fine. Can you change:
panic("slot is not sanitized")
to:
return nil
Here and the other place I mentioned?
zyga
Aug 5, 2017
Contributor
I think the panic is actually what we want. Interfaces should be valid (sanitize is to check that). We should not have a state where we can get to snippet methods and the plug/slot is still invalid. We panic in other places.
jdstrand
Aug 9, 2017
Contributor
Ok-- I was looking at other interfaces but that was before various refactorings.
|
Hey @zyga thanks for this fix, will see if all running well.
Greets TK
Von: Zygmunt Krynicki [mailto:notifications@github.com]
Gesendet: Mittwoch, 9. August 2017 13:58
An: snapcore/snapd <snapd@noreply.github.com>
Cc: Tony Kurz <tony.kurz@ml-pa.com>; Mention <mention@noreply.github.com>
Betreff: Re: [snapcore/snapd] interfaces/builtin: add the spi interface (#3499)
@zyga commented on this pull request.
________________________________
In interfaces/builtin/spi_test.go<#3499 (comment)>:
+ c.Assert(slot.Sanitize(s.iface), ErrorMatches,
+ "spi slots are reserved for the core and gadget snaps")
+}
+
+func (s *spiInterfaceSuite) TestUDevSpec(c *C) {
+ spec := &udev.Specification{}
+ c.Assert(spec.AddConnectedPlug(s.iface, s.plug1, nil, s.slotGadget1, nil), IsNil)
+ c.Assert(spec.Snippets(), HasLen, 1)
+ c.Assert(spec.Snippets()[0], Equals, `KERNEL=="spidev0.0", TAG+="snap_consumer_app"`)
+}
+
+func (s *spiInterfaceSuite) TestAppArmorSpec(c *C) {
+ spec := &apparmor.Specification{}
+ c.Assert(spec.AddConnectedPlug(s.iface, s.plug1, nil, s.slotGadget1, nil), IsNil)
+ c.Assert(spec.SecurityTags(), DeepEquals, []string{"snap.consumer.app"})
+ c.Assert(spec.SnippetForTag("snap.consumer.app"), Equals, "/dev/spidev0.0 rw,/sys/devices/platform/**/**.spi/**/spidev0.0/** rw,")
I fixed this
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<#3499 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/AcM7OkGlBt07JN8GZkhZfs-eU7ja5oMCks5sWZ7cgaJpZM4N_qB_>.
|
|
Thanks for making the requested changes. LGTM |
|
Hey @jdstrand , follow test are running fail:
|
|
The test failures are unrelated (flaky/racy tests). EDIT: I restarted the tests now. |
|
@zyga so the Interface can be merged into the snapcore sources? |
tokurz commentedJun 20, 2017
Hey,
this is my first push to GitHub, if I did anything wrong, please tell me :)
I had add the SPI Dev interface in the Snapd to work on that with Ubunutu Core on a RPi3 where we need to read data from Sensors.
When its give any chance to merge this into the "master" branch so may I can test and verify it is working.
Also the RPi3 Gadget needs also to be modified to exponate the interfaces for this.
It should be used as the same as the i2c interface.
I had run locally tests on --devmode snaps if the spi stuff is in general working.
in the boot.config I had add/modify follow lines:
dtparam=spi=on
also i run: sudo modprobe spi-bcm2835 (Maybe it's not neccessary to load it manually)
Cheers