USB portal (cont.) #1354
USB portal (cont.) #1354
Conversation
hfiguiere
force-pushed
the
usb-portal
branch
2 times, most recently
from
cb66d92 to
f28ffdf
Compare
hfiguiere
force-pushed
the
usb-portal
branch
3 times, most recently
from
ce2b214 to
4907506
Compare
|
After a painful rebasing. |
hfiguiere
force-pushed
the
usb-portal
branch
from
74f9508 to
761f0a9
Compare
|
Feature is linked to flatpak/flatpak#5620 I think this is ready for review. |
hfiguiere
force-pushed
the
usb-portal
branch
2 times, most recently
from
69843ce to
4dcfc94
Compare
src/xdp-app-info-flatpak.c
Outdated
|
|
||
| enumerable_devices = g_key_file_get_string_list (app_info_flatpak->flatpak_info, | ||
| "USB Devices", | ||
| "allowed-devices", |
There was a problem hiding this comment.
enumerable-devices/hidden-devices
Might want to use defines for those constants.
There was a problem hiding this comment.
fixed the literal.
|
|
||
| * ``properties`` (``a{sv}``) | ||
|
|
||
| A list of udev properties that this device has. These properties |
There was a problem hiding this comment.
I'm really worried about this. It essentially makes udev a stable API even though it really is not.
data/org.freedesktop.portal.Usb.xml
Outdated
| This method can only be called once, and only after calling | ||
| org.freedesktop.portal.Usb.AcquireDevices(). |
There was a problem hiding this comment.
Should mention the #org.freedesktop.portal.Request::Response signal
There was a problem hiding this comment.
I think the response signal should carry an id that should be passed to FinishAcquireDevices. That way there is no problem with calling AcquireDevices multiple times before calling FinishAcquireDevices.
|
|
||
| There are no supported keys in the @options vardict. | ||
| --> | ||
| <method name="ReleaseDevices"> |
There was a problem hiding this comment.
Should probably say something about the relation to the session and connection. I assume closing the session or connection implicitly also releases all devices?
There was a problem hiding this comment.
Eh, there is no session involved with acquiring and releasing devices, only a connection. The question still remains: what happens when the connection is closed. Same as release? Nothing?
There was a problem hiding this comment.
when the dbus connection is closed all the devices are removed (ie released)
There was a problem hiding this comment.
I think my suggestion on FinishAcquireDevices would resolve this thread.
|
|
||
| * ``action`` (``s``) | ||
|
|
||
| Type of event that occurred. One of "add", "change", or "remove". |
There was a problem hiding this comment.
What happens when one has acquired a device and it got removed? Is the fd still usable? Only sometimes?
We don't have a mechanism for revoking the fd so a real device unplug will result in a remove with the fd becoming unusable but when the user wants to revoke a device, we can't do anything with the existing fd on the client and so it won't be.
There was a problem hiding this comment.
I think my suggestion on FinishAcquireDevices would resolve this thread as well.
data/org.freedesktop.portal.Usb.xml
Outdated
| @devices: Array of device identifiers | ||
| @options: Vardict with optional further information | ||
|
|
||
| Releases previously acquired devices. |
There was a problem hiding this comment.
What does it mean to release a device? Is the fd still usable?
There was a problem hiding this comment.
It will close the file descriptor when we release the "owned device" object. I haven't checked how libusb, for example, reacts to this.
There was a problem hiding this comment.
Well, it closes the fd on the portal side which is good because we need to do that to not leak things, but it doesn't close the fd on the client side. In fact, you cannot close the fd on the client side from the portal side. The only thing we can do is revoke file descriptors but that currently only works for evdev and hidraw and not for usb. So as long as we don't get kernel support for that, clients will be able to continue to use the fd that they acquired even if the connection is closed. We should however say something in the interface description here which will allow us to revoke those USB devices if the connection gets closed, or if the user wants to revoke access manually, when we get USB revoke from the kernel.
src/usb.c
Outdated
| g_dbus_method_invocation_return_error (invocation, | ||
| XDG_DESKTOP_PORTAL_ERROR, | ||
| XDG_DESKTOP_PORTAL_ERROR_FAILED, | ||
| "Cannot call AcquireDevices() with an unfinished " |
There was a problem hiding this comment.
Why not? The interface description doesn't mention this restriction at all.
There was a problem hiding this comment.
The changes I proposed on AcquireDevices would resolve this thread.
There was a problem hiding this comment.
this is done in the current code.
data/org.freedesktop.portal.Usb.xml
Outdated
| This method can only be called once, and only after calling | ||
| org.freedesktop.portal.Usb.AcquireDevices(). |
There was a problem hiding this comment.
I think the response signal should carry an id that should be passed to FinishAcquireDevices. That way there is no problem with calling AcquireDevices multiple times before calling FinishAcquireDevices.
| owned_device = g_hash_table_lookup (sender_info->owned_devices, access_data->device_id); | ||
| if (!owned_device) | ||
| { | ||
| fd = open (device_file, access_data->writable ? O_RDWR : O_RDONLY); |
There was a problem hiding this comment.
Why would opening the file fail? Is udev already telling us that we should be able to open the device node (i.e. we have permission to do it) or is do we discover about bad permissions just here?
There was a problem hiding this comment.
many reason. It's IO nothing is guaranteed. The device could have disappear, could be unitialized. If it can go wrong it will go wrong.
There was a problem hiding this comment.
Right, but that means we'll show USB devices to the portal clients, letting users go through the UI to approve access, just to then eventually notice that we actually can't make the device available. Would be much nicer if we didn't advertise those devices in the first place.
There was a problem hiding this comment.
there is not a lot we can do. We can call access on the device is_gudev_device_suitable() and return FALSE if the call fail. That will check for existance and read permission. At that leve we don't know if we want the write permissions.
There was a problem hiding this comment.
And we already check in handle_acquire_devices() as well.
Still a lot of race condition can occur it acquiring the device.
There was a problem hiding this comment.
we no longer do. the change just hadn't been pushed yet.
There was a problem hiding this comment.
Maybe I'm blind but I can't seem to find it? Are you sure you pushed the latest version now?
There was a problem hiding this comment.
Which mean if it can't access it it won't list it. So open won't be attempted. In case of race condition, ie the device is no longer accessible between the list and this, then this will error normally.
There was a problem hiding this comment.
Ah, I missed that one. Perfect!
There was a problem hiding this comment.
actually it caused a serious regression as it didn't detect removals, and a few other things.
hfiguiere
force-pushed
the
usb-portal
branch
2 times, most recently
from
a258338 to
b40ccee
Compare
|
(I haven't addressed everything yet) |
hfiguiere
force-pushed
the
usb-portal
branch
7 times, most recently
from
bdaa78e to
27f10e2
Compare
hfiguiere
force-pushed
the
usb-portal
branch
3 times, most recently
from
a8ce8e9 to
a3123a1
Compare
hfiguiere
force-pushed
the
usb-portal
branch
2 times, most recently
from
bc4aced to
d2e1553
Compare
|
The test passes as I work around skipping in CI the one that fails. |
hfiguiere
force-pushed
the
usb-portal
branch
3 times, most recently
from
14e2e57 to
70f9647
Compare
I will squash all the USB portal stuff into one and keep the test commits as they are. Also I will shorten the commit message but copy that content into a separate file in |
|
LGTM |
Signed-off-by: Hubert Figuière <hub@figuiere.net>
Signed-off-by: Hubert Figuière <hub@figuiere.net>
Implement XdpUsbQuery Co-Authored By: Georges Basile Stavracas Neto <georges.stavracas@gmail.com> Co-Authored-By: Ryan Gonzalez <rymg19@gmail.com> Signed-off-by: Hubert Figuière <hub@figuiere.net>
Add a new D-Bus interface org.freedesktop.portal.Usb See doc/usb-portal.md Co-Authored By: Georges Basile Stavracas Neto <georges.stavracas@gmail.com> Co-Authored-By: Ryan Gonzalez <rymg19@gmail.com> Signed-off-by: Hubert Figuière <hub@figuiere.net>
We want to test the USB portal which requires USB queries to determine which USB devices should be enumerable and could potentially be acquired. This adds an environment variable similar to the one for the app id that the test harness can set.
This lets us control which USB devices are enumerable by setting the fixture to valid xdp USB query.
This is because it fails as we never get the removal event. In both podman and docker Signed-off-by: Hubert Figuière <hub@figuiere.net>
| org.freedesktop.impl.portal.Usb: | ||
| @short_description: USB portal backend interface | ||
|
|
||
| This portal lets applications register global shortcuts so they can |
There was a problem hiding this comment.
The description seems wrong, this has afaik nothing to do with global shortcut
There was a problem hiding this comment.
Indeed.
It also re-introduced annotations for a{sv} arguments and doesn't have annotations for the more complex types (a(sa{sv}a{sv})). Mind fixing that up?
There was a problem hiding this comment.
oops. I missed that too. Will address this.
There was a problem hiding this comment.
not sure about the annotation. Will followup too.
There was a problem hiding this comment.
added the annotations to the same PR.
This supercede #1238
Close #1238