New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
interfaces/builtin: implement broadcom-asic-control interface #3623
Conversation
Descriptions will be managed on the forum real soon so there is no need store it inside the code anymore.
Support for kernel modules was now added. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a couple of things I'm curious about.
} | ||
|
||
// Creation of the slot of this type is allowed only by a gadget or os snap | ||
if !(slot.Snap.Type == "os") { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This hasn't been changed to being called "core" instead of "os"?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The type of a core snap is still "os". See https://github.com/snapcore/snapd/blob/master/snap/types.go#L31 for details
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sounds like a bug in snapd that should be fixed before there's hundreds or thousands of interfaces.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You will be happy to learn I fixed this a moment ago :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice!!
allow-installation: | ||
slot-snap-type: | ||
- core | ||
deny-auto-connection: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What's the difference between this and line 145 returning true for the AutoConnect method?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See the comment in https://github.com/snapcore/snapd/pull/3623/files#diff-7657fbc6427572b16bb91d9568774554R144
AutoConnect is more or less a relict from older times. Base declaration has priority.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah yes, I forgot to comment on that comment. :) It didn't make sense to me. Can you reword that comment on line 144?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What doesn't make sense? It's the same comment used on all other interfaces for the AutoConnect method.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So the comment states this:
// Allow what is allowed in the declarations
Maybe if you point to where the reader of the code could know what exactly is allowed, then it'd make more sense to me. It's just too general of a comment to add much value in my opinion.
Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
I pushed some API changes and cleanups. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
return interfaces.StaticInfo{ | ||
Summary: broadcomAsicControlSummary, | ||
ImplicitOnCore: true, | ||
ImplicitOnClassic: true, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wonder if this should be implicit on classic where it will show up for nearly everyone. It feels like a thing that we could do via classic gadgets if it is really needed there. WDYT?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think that this interface is very similar to dcdbas-control, which is implicit classic, and therefore we shouldn't make this PR do something else. If we want to clean this up and make conditional on gadgets, etc, that could be a future improvement.
` | ||
|
||
func (s *BroadcomAsicControlSuite) SetUpTest(c *C) { | ||
s.slot = &interfaces.Slot{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you please just declare more snaps like you did above? I'd much rather see snaptest.MockInfo
than hand-made structures.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
c.Assert(s.plug.Sanitize(s.iface), IsNil) | ||
} | ||
|
||
func (s *BroadcomAsicControlSuite) TestUsedSecuritySystems(c *C) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you please split this per backend. It will be easier to follow and you can use some shorter variable names (e.g. spec
instead of apparmorSpec
).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The base declaration, apparmor policy, udev rules and kernel modules all look ok, but please make the requested policy changes.
/sys/module/linux_bcm_knet/refcnt r, | ||
/dev/linux-user-bde rw, | ||
/dev/linux-kernel-bde rw, | ||
/dev/linux-bcm-knet wr, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For consistency, please use 'rw' here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
/sys/module/linux_user_bde/refcnt r, | ||
/sys/module/linux_bcm_knet/initstate r, | ||
/sys/module/linux_bcm_knet/holders/ r, | ||
/sys/module/linux_bcm_knet/refcnt r, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since these are all only reads, I think the above can all be collapsed into (which is easier to read and futureproof):
/sys/module/linux_bcm_knet/{,**} r,
/sys/module/linux_kernel_bde/{,**} r,
/sys/module/linux_user_bde/{,**} r,
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
return interfaces.StaticInfo{ | ||
Summary: broadcomAsicControlSummary, | ||
ImplicitOnCore: true, | ||
ImplicitOnClassic: true, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think that this interface is very similar to dcdbas-control, which is implicit classic, and therefore we shouldn't make this PR do something else. If we want to clean this up and make conditional on gadgets, etc, that could be a future improvement.
@jdstrand Your last comment about implicit classic I don't quite follow. Are you simply stating that it doesn't need any special review/permission in order to use implicit classic before it gets merged, or something else? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm happy now, looks very good!
@jhodapp - I was saying that I don't think the implicit parts of this interface need to change. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The security policy changes look good, thanks.
Codecov Report
@@ Coverage Diff @@
## master #3623 +/- ##
==========================================
+ Coverage 75.19% 75.21% +0.02%
==========================================
Files 386 387 +1
Lines 33418 33452 +34
==========================================
+ Hits 25127 25162 +35
+ Misses 6480 6478 -2
- Partials 1811 1812 +1
Continue to review full report at Codecov.
|
@zyga can you approve this and merge please? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
This implements a new interface necessary to access certain device nodes exposed by the kernel drivers from Broadcom for their ASIC on switch devices.
This requires specific kernel modules to be available and loaded which will be soon shipped with the official Ubuntu kernel.