The custom-device interface

doc
#1

The custom-device interface permits access to a device of a specific class and model without requiring the creation of an interface for that device alone. It’s intended to be used with Ubuntu Core and its scope and specification are defined as part of the gadget snap for the deployed Ubuntu Core image.

The slot-side of the interface is used to derive which udev rules are provided to the plug-side of the connection:

slots:
  dual-sd:
    interface: custom-device
    custom-device: my-dual-sd-device
    devices: 
      - /dev/DualSD

To prevent connection to arbitrary custom-device slots, the plug and slot must share the same custom-device attributes, including the name of the plug or slot:

plugs:
  dual-sd:
    interface: custom-device
    custom-device: my-dual-sd-device
apps:
  app:
    plugs: [dual-sd]

When the slot and plug are connected, a udev rule is automatically generated and tagged for the plug side for each device path in the devices and read-devices attributes, such as:

KERNEL=="DualSD",

Note that here, the KERNEL specification is the basename of the full device path. For this reason, the interface requires that all device paths listed in devices and read-devices must have unique basenames and must begin with /dev/.

If the udev-tagging attribute is used, this default udev rule is replaced with more specific rules, as described below.

Requires snapd version 2.55+.

Interface documentation:

See Interface management and Supported interfaces for further details on how interfaces are used.

Developer details

Auto-connect: no
Super-privileged: yes

Attributes:

  • custom-device (plug, slot): label for the custom device.
    Needs to be identical across the plug and slot connections.
  • devices (slot): path to device node.
    Example: devices: [/dev/input/event[0-9], /dev/input/mice]
  • files (slot):
    • read (slot): list of files and/or directories for read-only access by the device.
      Example: read: [ /dev/input/by-id/* ]
    • write (slot): list of files and/or directories for read/write access by the device.
      Example: write: [ /etc/file-write, /etc/dir-write ]
  • udev-tagging (optional): used to tailor the generated udev rules. Can be one of the following:
    • kernel: (mandatory): maps to the string used as the udev KERNEL== filter rule.
    • subsystem: corresponds to the SUBSYSTEM== filters in a udev rule.
    • environment: a map of expected environment variables for the udev rule to match with ENV{...}=="..."
    • attributes: a map of attributes used with ATTR{...}=="..."

Code examples

A truncated example showing how the subsystem and attributes can be used:

   udev-tagging:
     - kernel: hiddev0
       subsystem: usb
       attributes:
         idVendor: "0x03f0" # HP
     - kernel: hiddev1
       subsystem: usb
       attributes:
         idVendor: "0x03fc" # ECS

An example slot declaration showing the how the kernel environment settings can be used with a custom joystick interface:

slots:
  hwdev:
    interface: custom-device
    custom-device: custom-joystick
    devices:
      - /dev/input/js{[0-9],[12][0-9],3[01]}
      - /dev/input/event[0-9]*
    files:
      read:
        - /run/udev/data/c13:{6[5-9],[7-9][0-9],[1-9][0-9][0-9]*}
        - /run/udev/data/c13:{[0-9],[12][0-9],3[01]}
        - /sys/devices/**/input[0-9]*/capabilities/*
    udev-tagging:
      - kernel: event[0-9]*
        subsystem: input
        environment:
          ID_INPUT_JOYSTICK: "1"

The above example will generate the following udev tags:

spec.TagDevice(`KERNEL=="js{[0-9],[12][0-9],3[01]}"`) 
spec.TagDevice(`SUBSYSTEM=="input", KERNEL=="event[0-9]*", ENV{ID_INPUT_JOYSTICK}=="1"`)

The test code can be found in the snapd repository: https://github.com/snapcore/snapd/blob/master/interfaces/builtin/custom_device_test.go

The source code for the interface is in the snapd repository: https://github.com/snapcore/snapd/blob/master/interfaces/builtin/custom_device.go

1 Like
Request quectel-firmware-switch plug: 'custom-sysfiles' to 'system-files' interface
Super-privileged interfaces
Snap documentation
#2
#3

Hi,

Thanks for the documentation on custom-device plug.

Had query on udev-tagging option.

In custom-joystick example, js and event nodes defined as below

 devices:
      - /dev/input/js{[0-9],[12][0-9],3[01]}
      - /dev/input/event[0-9]*
  udev-tagging:
      - kernel: js[0-9]*
      - kernel: event[0-9]*
        subsystem: input

I too tried similar slot declaration. But getting snap warning and custom-device plug not working.

That is because of below check in custom_device.go (https://github.com/snapcore/snapd/blob/master/interfaces/builtin/custom_device.go#L160) .

// furthermore, the kernel name must match the name of one of
// the given devices
if !strutil.ListContains(devices, "/dev/"+deviceName) {
		err = fmt.Errorf(`%q does not match a specified device`, deviceName)
}

To resolve error, need to define “kernel” field as below.

  udev-tagging:
      - kernel: input/js[0-9]*
      - kernel: input/event[0-9]*
        subsystem: input

With this, udev tags generating like

spec.TagDevice(`KERNEL=="input/js[0-9]*"`) 
spec.TagDevice(`SUBSYSTEM="input", KERNEL=="input/event[0-9]*")

But with this udev-tag, custom-device plug not working for me as expected and my snap fails to access dev node with EPERM error.

#4

Hi @degville ,

Taking a look at the snapd source, it looks like the files attribute (and its read and write sub-attributes) are slot-side, not plug-side. Additionally it looks like this is a Super-privilged interface.

2 Likes
#5

You’re right - thanks so much for letting me know, and for checking in the actual source code.

1 Like
#6

@degville apologies for the second follow-up, taking me a bit to fully work my way through understanding the interface.

Understand the following is truncated, but maybe worth noting that the list items in the snippet are not actually legal because they do not include a kernel key?

In the following rule, the 3rd list item under udev-tagging isn’t legal. Per the source, all udev kernel rules must map to a rule under devices (sans the /dev/ prefix). Given that afaik udev doesn’t support {} expansion syntax like AppArmor does, and it looks like snapd just does a string match comparison, I’m also skeptical that - kernel: js[0-9]* would be considered legal by snapd (even if you or I could tell that they are essentially equivalent in this case). In fact, I don’t even think that the event[0-9]* rule is legal, because /dev/input/event[0-9]* != /dev/event[0-9]*` but that’s potentially more of something that needs fixing in snapd.

Additionally, in the generated tags at the bottom, I’m almost certain that all the single = should actually be double ==, which is has a fairly different meaning.