diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/Makefile.am | 6 | ||||
| -rw-r--r-- | src/kerneldevice/mm-kernel-device.c | 67 | ||||
| -rw-r--r-- | src/kerneldevice/mm-kernel-device.h | 3 | ||||
| -rw-r--r-- | src/mm-base-manager.c | 31 | ||||
| -rw-r--r-- | src/mm-filter.c | 207 | ||||
| -rw-r--r-- | src/mm-filter.h | 64 |
6 files changed, 306 insertions, 72 deletions
diff --git a/src/Makefile.am b/src/Makefile.am index 5a735be9..6e140ca9 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -128,6 +128,7 @@ endif BUILT_SOURCES += $(HELPER_ENUMS_GENERATED) CLEANFILES += $(HELPER_ENUMS_GENERATED) + ################################################################################ # kerneldevice library ################################################################################ @@ -236,6 +237,7 @@ CLEANFILES += $(PORT_ENUMS_GENERATED) sbin_PROGRAMS += ModemManager DAEMON_ENUMS_INPUTS = \ + $(srcdir)/mm-filter.h \ $(srcdir)/mm-base-bearer.h \ $(srcdir)/mm-port-probe.h \ $(NULL) @@ -247,7 +249,7 @@ DAEMON_ENUMS_GENERATED = \ mm-daemon-enums-types.h: Makefile.am $(DAEMON_ENUMS_INPUTS) $(top_srcdir)/build-aux/mm-enums-template.h $(AM_V_GEN) $(GLIB_MKENUMS) \ - --fhead "#include \"mm-base-bearer.h\"\n#include \"mm-port-probe.h\"\n#ifndef __MM_DAEMON_ENUMS_TYPES_H__\n#define __MM_DAEMON_ENUMS_TYPES_H__\n" \ + --fhead "#include \"mm-filter.h\"\n#include \"mm-base-bearer.h\"\n#include \"mm-port-probe.h\"\n#ifndef __MM_DAEMON_ENUMS_TYPES_H__\n#define __MM_DAEMON_ENUMS_TYPES_H__\n" \ --template $(top_srcdir)/build-aux/mm-enums-template.h \ --ftail "#endif /* __MM_DAEMON_ENUMS_TYPES_H__ */\n" \ $(DAEMON_ENUMS_INPUTS) > $@ @@ -286,6 +288,8 @@ ModemManager_SOURCES = \ mm-auth.c \ mm-auth-provider.h \ mm-auth-provider.c \ + mm-filter.h \ + mm-filter.c \ mm-base-manager.c \ mm-base-manager.h \ mm-device.c \ diff --git a/src/kerneldevice/mm-kernel-device.c b/src/kerneldevice/mm-kernel-device.c index 8cb71123..996594e5 100644 --- a/src/kerneldevice/mm-kernel-device.c +++ b/src/kerneldevice/mm-kernel-device.c @@ -123,73 +123,6 @@ mm_kernel_device_get_physdev_manufacturer (MMKernelDevice *self) NULL); } -gboolean -mm_kernel_device_is_candidate (MMKernelDevice *self, - gboolean manual_scan) -{ - const gchar *physdev_subsys; - const gchar *name; - const gchar *subsys; - - g_return_val_if_fail (MM_IS_KERNEL_DEVICE (self), FALSE); - - name = mm_kernel_device_get_name (self); - subsys = mm_kernel_device_get_subsystem (self); - - /* ignore VTs */ - if (strncmp (name, "tty", 3) == 0 && g_ascii_isdigit (name[3])) - return FALSE; - - /* Ignore devices that aren't completely configured by udev yet. If - * ModemManager is started in parallel with udev, explicitly requesting - * devices may return devices for which not all udev rules have yet been - * applied (a bug in udev/gudev). Since we often need those rules to match - * the device to a specific ModemManager driver, we need to ensure that all - * rules have been processed before handling a device. - * - * This udev tag applies to each port in a device. In other words, the flag - * may be set in some ports, but not in others */ - if (!mm_kernel_device_get_property_as_boolean (self, "ID_MM_CANDIDATE")) - return FALSE; - - /* Don't process device if no sysfs path */ - if (!mm_kernel_device_get_physdev_sysfs_path (self)) { - /* Log about it, but filter out some common ports that we know don't have - * anything to do with mobile broadband. - */ - if ( strcmp (name, "console") - && strcmp (name, "ptmx") - && strcmp (name, "lo") - && strcmp (name, "tty") - && !strstr (name, "virbr")) - mm_dbg ("(%s/%s): could not get port's parent device", subsys, name); - return FALSE; - } - - /* Ignore blacklisted devices. */ - if (mm_kernel_device_get_global_property_as_boolean (MM_KERNEL_DEVICE (self), "ID_MM_DEVICE_IGNORE")) { - mm_dbg ("(%s/%s): device is blacklisted", subsys, name); - return FALSE; - } - - /* Is the device in the manual-only greylist? If so, return if this is an - * automatic scan. */ - if (!manual_scan && mm_kernel_device_get_global_property_as_boolean (MM_KERNEL_DEVICE (self), "ID_MM_DEVICE_MANUAL_SCAN_ONLY")) { - mm_dbg ("(%s/%s): device probed only in manual scan", subsys, name); - return FALSE; - } - - /* If the physdev is a 'platform' or 'pnp' device that's not whitelisted, ignore it */ - physdev_subsys = mm_kernel_device_get_physdev_subsystem (MM_KERNEL_DEVICE (self)); - if ((!g_strcmp0 (physdev_subsys, "platform") || !g_strcmp0 (physdev_subsys, "pnp")) && - (!mm_kernel_device_get_global_property_as_boolean (MM_KERNEL_DEVICE (self), "ID_MM_PLATFORM_DRIVER_PROBE"))) { - mm_dbg ("(%s/%s): port's parent platform driver is not whitelisted", subsys, name); - return FALSE; - } - - return TRUE; -} - const gchar * mm_kernel_device_get_parent_sysfs_path (MMKernelDevice *self) { diff --git a/src/kerneldevice/mm-kernel-device.h b/src/kerneldevice/mm-kernel-device.h index 94d11ec4..f1e048d3 100644 --- a/src/kerneldevice/mm-kernel-device.h +++ b/src/kerneldevice/mm-kernel-device.h @@ -80,9 +80,6 @@ const gchar *mm_kernel_device_get_name (MMKernelDevice *self); const gchar *mm_kernel_device_get_driver (MMKernelDevice *self); const gchar *mm_kernel_device_get_sysfs_path (MMKernelDevice *self); -gboolean mm_kernel_device_is_candidate (MMKernelDevice *self, - gboolean manual_scan); - const gchar *mm_kernel_device_get_parent_sysfs_path (MMKernelDevice *self); const gchar *mm_kernel_device_get_physdev_uid (MMKernelDevice *self); diff --git a/src/mm-base-manager.c b/src/mm-base-manager.c index 016c1ee2..04369092 100644 --- a/src/mm-base-manager.c +++ b/src/mm-base-manager.c @@ -39,6 +39,7 @@ #include "mm-plugin-manager.h" #include "mm-auth.h" #include "mm-plugin.h" +#include "mm-filter.h" #include "mm-log.h" static void initable_iface_init (GInitableIface *iface); @@ -73,6 +74,8 @@ struct _MMBaseManagerPrivate { GCancellable *authp_cancellable; /* The Plugin Manager object */ MMPluginManager *plugin_manager; + /* The port/device filter */ + MMFilter *filter; /* The container of devices being prepared */ GHashTable *devices; /* The Object Manager server */ @@ -286,7 +289,16 @@ device_added (MMBaseManager *manager, mm_kernel_device_get_name (port), mm_kernel_device_get_sysfs_path (port)); - if (!mm_kernel_device_is_candidate (port, manual_scan)) { + /* Ignore devices that aren't completely configured by udev yet. If + * ModemManager is started in parallel with udev, explicitly requesting + * devices may return devices for which not all udev rules have yet been + * applied (a bug in udev/gudev). Since we often need those rules to match + * the device to a specific ModemManager driver, we need to ensure that all + * rules have been processed before handling a device. + * + * This udev tag applies to each port in a device. In other words, the flag + * may be set in some ports, but not in others */ + if (!mm_kernel_device_get_property_as_boolean (port, "ID_MM_CANDIDATE")) { /* This could mean that device changed, losing its ID_MM_CANDIDATE * flags (such as Bluetooth RFCOMM devices upon disconnect. * Try to forget it. */ @@ -297,6 +309,10 @@ device_added (MMBaseManager *manager, return; } + /* Run port filter */ + if (!mm_filter_port (manager->priv->filter, port, manual_scan)) + return; + /* If already added, ignore new event */ if (find_device_by_port (manager, port)) { mm_dbg ("(%s/%s): port already added", @@ -1110,6 +1126,16 @@ initable_init (GInitable *initable, g_signal_connect (priv->udev, "uevent", G_CALLBACK (handle_uevent), initable); #endif + /* Create filter */ + priv->filter = mm_filter_new (MM_FILTER_RULE_VIRTUAL | + MM_FILTER_RULE_NET | + MM_FILTER_RULE_CDC_WDM | + MM_FILTER_RULE_TTY | + MM_FILTER_RULE_TTY_VIRTUAL_CONSOLE | + MM_FILTER_RULE_TTY_BLACKLIST | + MM_FILTER_RULE_TTY_MANUAL_SCAN_ONLY | + MM_FILTER_RULE_TTY_PLATFORM_DRIVER); + /* Create plugin manager */ priv->plugin_manager = mm_plugin_manager_new (priv->plugin_dir, error); if (!priv->plugin_manager) @@ -1159,6 +1185,9 @@ finalize (GObject *object) g_object_unref (priv->udev); #endif + if (priv->filter) + g_object_unref (priv->filter); + if (priv->plugin_manager) g_object_unref (priv->plugin_manager); diff --git a/src/mm-filter.c b/src/mm-filter.c new file mode 100644 index 00000000..68bd2231 --- /dev/null +++ b/src/mm-filter.c @@ -0,0 +1,207 @@ +/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details: + * + * Copyright (C) 2017 Aleksander Morgado <aleksander@aleksander.es> + */ + +#include <config.h> +#include <string.h> + +#include "mm-daemon-enums-types.h" +#include "mm-filter.h" +#include "mm-log.h" + +G_DEFINE_TYPE (MMFilter, mm_filter, G_TYPE_OBJECT) + +enum { + PROP_0, + PROP_ENABLED_RULES, + LAST_PROP +}; + +struct _MMFilterPrivate { + MMFilterRule enabled_rules; +}; + +/*****************************************************************************/ + +gboolean +mm_filter_port (MMFilter *self, + MMKernelDevice *port, + gboolean manual_scan) +{ + const gchar *subsystem; + const gchar *name; + + subsystem = mm_kernel_device_get_subsystem (port); + name = mm_kernel_device_get_name (port); + + /* If this is a virtual device, don't allow it */ + if ((self->priv->enabled_rules & MM_FILTER_RULE_VIRTUAL) && + (!mm_kernel_device_get_physdev_sysfs_path (port))) { + mm_dbg ("[filter] (%s/%s) port filtered: virtual device", subsystem, name); + return FALSE; + } + + /* If this is a net device, we always allow it */ + if ((self->priv->enabled_rules & MM_FILTER_RULE_NET) && + (g_strcmp0 (subsystem, "net") == 0)) { + mm_dbg ("[filter] (%s/%s) port allowed: net device", subsystem, name); + return TRUE; + } + + /* If this is a cdc-wdm device, we always allow it */ + if ((self->priv->enabled_rules & MM_FILTER_RULE_CDC_WDM) && + (g_strcmp0 (subsystem, "usb") == 0 || g_strcmp0 (subsystem, "usbmisc") == 0) && + (name && g_str_has_prefix (name, "cdc-wdm"))) { + mm_dbg ("[filter] (%s/%s) port allowed: cdc-wdm device", subsystem, name); + return TRUE; + } + + /* If this is a tty device, we may allow it */ + if ((self->priv->enabled_rules & MM_FILTER_RULE_TTY) && + (g_strcmp0 (subsystem, "tty") == 0)) { + const gchar *physdev_subsystem; + + /* Filter out virtual consoles (e.g. tty0, tty1, tty2...) */ + if ((self->priv->enabled_rules & MM_FILTER_RULE_TTY_VIRTUAL_CONSOLE) && + (name && strncmp (name, "tty", 3) == 0) && + (g_ascii_isdigit (name[3]))) { + mm_dbg ("[filter] (%s/%s) port filtered: virtual console", subsystem, name); + return FALSE; + } + + /* Ignore blacklisted tty devices. */ + if ((self->priv->enabled_rules & MM_FILTER_RULE_TTY_BLACKLIST) && + (mm_kernel_device_get_global_property_as_boolean (port, "ID_MM_DEVICE_IGNORE"))) { + mm_dbg ("[filter] (%s/%s): port filtered: device is blacklisted", subsystem, name); + return FALSE; + } + + /* Is the device in the manual-only greylist? If so, return if this is an + * automatic scan. */ + if ((self->priv->enabled_rules & MM_FILTER_RULE_TTY_MANUAL_SCAN_ONLY) && + (!manual_scan && mm_kernel_device_get_global_property_as_boolean (port, "ID_MM_DEVICE_MANUAL_SCAN_ONLY"))) { + mm_dbg ("[filter] (%s/%s): port filtered: device probed only in manual scan", subsystem, name); + return FALSE; + } + + /* If the physdev is a 'platform' or 'pnp' device that's not whitelisted, ignore it */ + physdev_subsystem = mm_kernel_device_get_physdev_subsystem (port); + if ((self->priv->enabled_rules & MM_FILTER_RULE_TTY_PLATFORM_DRIVER) && + (!g_strcmp0 (physdev_subsystem, "platform") || !g_strcmp0 (physdev_subsystem, "pnp")) && + (!mm_kernel_device_get_global_property_as_boolean (port, "ID_MM_PLATFORM_DRIVER_PROBE"))) { + mm_dbg ("[filter] (%s/%s): port filtered: port's parent platform driver is not whitelisted", subsystem, name); + return FALSE; + } + + /* Otherwise, TTY probed */ + return TRUE; + } + + /* Otherwise forbidden */ + mm_dbg ("[filter] (%s/%s) port filtered: forbidden port type", subsystem, name); + return FALSE; +} + +/*****************************************************************************/ + +MMFilter * +mm_filter_new (MMFilterRule enabled_rules) +{ + MMFilter *self; + + self = g_object_new (MM_TYPE_FILTER, + MM_FILTER_ENABLED_RULES, enabled_rules, + NULL); + +#define RULE_ENABLED_STR(flag) ((self->priv->enabled_rules & flag) ? "yes" : "no") + + mm_dbg ("[filter] created"); + mm_dbg ("[filter] virtual devices forbidden: %s", RULE_ENABLED_STR (MM_FILTER_RULE_VIRTUAL)); + mm_dbg ("[filter] net devices allowed: %s", RULE_ENABLED_STR (MM_FILTER_RULE_NET)); + mm_dbg ("[filter] cdc-wdm devices allowed: %s", RULE_ENABLED_STR (MM_FILTER_RULE_CDC_WDM)); + mm_dbg ("[filter] tty devices allowed: %s", RULE_ENABLED_STR (MM_FILTER_RULE_TTY)); + if (self->priv->enabled_rules & MM_FILTER_RULE_TTY) { + mm_dbg ("[filter] virtual consoles filtered: %s", RULE_ENABLED_STR (MM_FILTER_RULE_TTY_VIRTUAL_CONSOLE)); + mm_dbg ("[filter] blacklist applied: %s", RULE_ENABLED_STR (MM_FILTER_RULE_TTY_BLACKLIST)); + mm_dbg ("[filter] manual scan only applied: %s", RULE_ENABLED_STR (MM_FILTER_RULE_TTY_MANUAL_SCAN_ONLY)); + mm_dbg ("[filter] platform driver check: %s", RULE_ENABLED_STR (MM_FILTER_RULE_TTY_PLATFORM_DRIVER)); + } + +#undef RULE_ENABLED_STR + + return self; +} + +static void +set_property (GObject *object, + guint prop_id, + const GValue *value, + GParamSpec *pspec) +{ + MMFilter *self = MM_FILTER (object); + + switch (prop_id) { + case PROP_ENABLED_RULES: + self->priv->enabled_rules = g_value_get_flags (value); + break; + default: + G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); + break; + } +} + +static void +get_property (GObject *object, + guint prop_id, + GValue *value, + GParamSpec *pspec) +{ + MMFilter *self = MM_FILTER (object); + + switch (prop_id) { + case PROP_ENABLED_RULES: + g_value_set_flags (value, self->priv->enabled_rules); + break; + default: + G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); + break; + } +} + +static void +mm_filter_init (MMFilter *self) +{ + self->priv = G_TYPE_INSTANCE_GET_PRIVATE (self, MM_TYPE_FILTER, MMFilterPrivate); +} + +static void +mm_filter_class_init (MMFilterClass *klass) +{ + GObjectClass *object_class = G_OBJECT_CLASS (klass); + + g_type_class_add_private (object_class, sizeof (MMFilterPrivate)); + + /* Virtual methods */ + object_class->set_property = set_property; + object_class->get_property = get_property; + + g_object_class_install_property ( + object_class, PROP_ENABLED_RULES, + g_param_spec_flags (MM_FILTER_ENABLED_RULES, + "Enabled rules", + "Mask of rules enabled in the filter", + MM_TYPE_FILTER_RULE, + MM_FILTER_RULE_NONE, + G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY)); +} diff --git a/src/mm-filter.h b/src/mm-filter.h new file mode 100644 index 00000000..a3eae936 --- /dev/null +++ b/src/mm-filter.h @@ -0,0 +1,64 @@ +/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details: + * + * Copyright (C) 2017 Aleksander Morgado <aleksander@aleksander.es> + */ + +#ifndef MM_FILTER_H +#define MM_FILTER_H + +#include <glib-object.h> +#include <gio/gio.h> + +#include "mm-kernel-device.h" + +#define MM_TYPE_FILTER (mm_filter_get_type ()) +#define MM_FILTER(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), MM_TYPE_FILTER, MMFilter)) +#define MM_FILTER_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), MM_TYPE_FILTER, MMFilterClass)) +#define MM_IS_FILTER(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), MM_TYPE_FILTER)) +#define MM_IS_FILTER_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((obj), MM_TYPE_FILTER)) +#define MM_FILTER_GET_CLASS(obj) (G_TYPE_INSTANCE_GET_CLASS ((obj), MM_TYPE_FILTER, MMFilterClass)) + +#define MM_FILTER_ENABLED_RULES "enabled-rules" /* construct-only */ + +typedef struct _MMFilterPrivate MMFilterPrivate; + +typedef struct { + GObject parent; + MMFilterPrivate *priv; +} MMFilter; + +typedef struct { + GObjectClass parent; +} MMFilterClass; + +GType mm_filter_get_type (void); + +typedef enum { /*< underscore_name=mm_filter_rule >*/ + MM_FILTER_RULE_NONE = 0, + MM_FILTER_RULE_VIRTUAL = 1 << 0, + MM_FILTER_RULE_NET = 1 << 1, + MM_FILTER_RULE_CDC_WDM = 1 << 2, + MM_FILTER_RULE_TTY = 1 << 3, + MM_FILTER_RULE_TTY_VIRTUAL_CONSOLE = 1 << 4, + MM_FILTER_RULE_TTY_BLACKLIST = 1 << 5, + MM_FILTER_RULE_TTY_MANUAL_SCAN_ONLY = 1 << 6, + MM_FILTER_RULE_TTY_PLATFORM_DRIVER = 1 << 7, +} MMFilterRule; + +MMFilter *mm_filter_new (MMFilterRule enabled_rules); + +gboolean mm_filter_port (MMFilter *self, + MMKernelDevice *port, + gboolean manual_scan); + +#endif /* MM_FILTER_H */ |