github.com/kubiko/snapd@v0.0.0-20201013125620-d4f3094d9ddf/interfaces/builtin/broadcom_asic_control.go (about) 1 // -*- Mode: Go; indent-tabs-mode: t -*- 2 3 /* 4 * Copyright (C) 2017 Canonical Ltd 5 * 6 * This program is free software: you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License version 3 as 8 * published by the Free Software Foundation. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program. If not, see <http://www.gnu.org/licenses/>. 17 * 18 */ 19 20 package builtin 21 22 const broadcomAsicControlSummary = `allows using the broadcom-asic kernel module` 23 24 const broadcomAsicControlBaseDeclarationSlots = ` 25 broadcom-asic-control: 26 allow-installation: 27 slot-snap-type: 28 - core 29 deny-auto-connection: true 30 ` 31 32 const broadcomAsicControlConnectedPlugAppArmor = ` 33 # Description: Allow access to broadcom asic kernel module. 34 35 /sys/module/linux_bcm_knet/{,**} r, 36 /sys/module/linux_kernel_bde/{,**} r, 37 /sys/module/linux_user_bde/{,**} r, 38 /dev/linux-user-bde rw, 39 /dev/linux-kernel-bde rw, 40 /dev/linux-bcm-knet rw, 41 42 # These are broader than they needs to be, but until we query udev 43 # for specific devices, use a broader glob 44 /sys/devices/pci[0-9a-f]*/**/config r, 45 /sys/devices/pci[0-9a-f]*/**/{,subsystem_}device r, 46 /sys/devices/pci[0-9a-f]*/**/{,subsystem_}vendor r, 47 48 /sys/bus/pci/devices/ r, 49 /run/udev/data/+pci:[0-9a-f]* r, 50 ` 51 52 var broadcomAsicControlConnectedPlugUDev = []string{ 53 `SUBSYSTEM=="pci", DRIVER=="linux-kernel-bde"`, 54 `SUBSYSTEM=="net", KERNEL=="bcm[0-9]*"`, 55 } 56 57 // The upstream linux kernel doesn't come with support for the 58 // necessary kernel modules we need to drive a Broadcom ASIC. 59 // All necessary modules need to be loaded on demand if the 60 // kernel the device runs with provides them. 61 var broadcomAsicControlConnectedPlugKMod = []string{ 62 "linux-user-bde", 63 "linux-kernel-bde", 64 "linux-bcm-knet", 65 } 66 67 func init() { 68 registerIface(&commonInterface{ 69 name: "broadcom-asic-control", 70 summary: broadcomAsicControlSummary, 71 implicitOnCore: true, 72 implicitOnClassic: true, 73 baseDeclarationSlots: broadcomAsicControlBaseDeclarationSlots, 74 connectedPlugAppArmor: broadcomAsicControlConnectedPlugAppArmor, 75 connectedPlugKModModules: broadcomAsicControlConnectedPlugKMod, 76 connectedPlugUDev: broadcomAsicControlConnectedPlugUDev, 77 }) 78 }