all: add "path" property to the match setting

Add a new "path" property to the match setting, which can be used to restrict a connection to devices with a given hardware path. The new property is a list of patterns that are matched against the ID_PATH udev property of devices. ID_PATH represents the topological persistent path of a device and typically contains a subsystem string (pci, usb, platform, etc.) and a subsystem-specific identifier. Some examples of paths are: pci-0000:00:02.0 pci-0000:00:14.0-usb-0:5:1.0 platform-1c40000.ethernet systemd-networkd also has a "Path=" option to match a device by udev ID_PATH.
2024-07-21 10:14:41 +00:00 · 2020-06-10 13:54:54 +02:00 · 2020-06-10 13:54:54 +02:00 · 808e837149
parent d13ca45ca2
commit 808e837149
9 changed files with 277 additions and 7 deletions
--- a/clients/common/nm-meta-setting-desc.c
+++ b/clients/common/nm-meta-setting-desc.c
@ -6265,6 +6265,18 @@ static const NMMetaPropertyInfo *const property_infos_MATCH[] = {
 	        ),
 	    ),
 	),
+	PROPERTY_INFO_WITH_DESC (NM_SETTING_MATCH_PATH,
+	    .property_type =                &_pt_multilist,
+	    .property_typ_data = DEFINE_PROPERTY_TYP_DATA (
+	        PROPERTY_TYP_DATA_SUBTYPE (multilist,
+	            .get_num_fcn_u   =      MULTILIST_GET_NUM_FCN_U       (NMSettingMatch, nm_setting_match_get_num_paths),
+	            .add2_fcn =             MULTILIST_ADD2_FCN            (NMSettingMatch, nm_setting_match_add_path),
+	            .remove_by_idx_fcn_u =  MULTILIST_REMOVE_BY_IDX_FCN_U (NMSettingMatch, nm_setting_match_remove_path),
+	            .remove_by_value_fcn =  MULTILIST_REMOVE_BY_VALUE_FCN (NMSettingMatch, nm_setting_match_remove_path_by_value),
+	            .strsplit_with_spaces = TRUE,
+	        ),
+	    ),
+	),
 	NULL
 };

--- a/clients/common/settings-docs.h.in
+++ b/clients/common/settings-docs.h.in
@ -283,6 +283,7 @@
 #define DESCRIBE_DOC_NM_SETTING_MATCH_DRIVER N_("A list of driver names to match. Each element is a shell wildcard pattern. When an element is prefixed with exclamation mark (!) the condition is inverted. A candidate driver name is considered matching when both these conditions are satisfied: (a) any of the elements not prefixed with '!' matches or there aren't such elements; (b) none of the elements prefixed with '!' match.")
 #define DESCRIBE_DOC_NM_SETTING_MATCH_INTERFACE_NAME N_("A list of interface names to match. Each element is a shell wildcard pattern.  When an element is prefixed with exclamation mark (!) the condition is inverted. A candidate interface name is considered matching when both these conditions are satisfied: (a) any of the elements not prefixed with '!' matches or there aren't such elements; (b) none of the elements prefixed with '!' match.")
 #define DESCRIBE_DOC_NM_SETTING_MATCH_KERNEL_COMMAND_LINE N_("A list of kernel command line arguments to match. This may be used to check whether a specific kernel command line option is set (or if prefixed with the exclamation mark unset). The argument must either be a single word, or an assignment (i.e. two words, separated \"=\"). In the former case the kernel command line is searched for the word appearing as is, or as left hand side of an assignment. In the latter case, the exact assignment is looked for with right and left hand side matching.")
+#define DESCRIBE_DOC_NM_SETTING_MATCH_PATH N_("A list of paths to match against the ID_PATH udev property of devices. ID_PATH represents the topological persistent path of a device. It typically contains a subsystem string (pci, usb, platform, etc.) and a subsystem-specific identifier. For PCI devices the path has the form \"pci-$domain:$bus:$device.$function\", where each variable is an hexadecimal value; for example \"pci-0000:0a:00.0\". The path of a device can be obtained with \"udevadm info /sys/class/net/$dev | grep ID_PATH=\" or by looking at the \"path\" property exported by NetworkManager (\"nmcli -f general.path device show $dev\"). Each element of the list is a shell wildcard pattern. When an element is prefixed with exclamation mark (!) the condition is inverted. A candidate path is considered matching when both these conditions are satisfied: (a) any of the elements not prefixed with '!' matches or there aren't such elements; (b) none of the elements prefixed with '!' match.")
 #define DESCRIBE_DOC_NM_SETTING_OVS_BRIDGE_DATAPATH_TYPE N_("The data path type. One of \"system\", \"netdev\" or empty.")
 #define DESCRIBE_DOC_NM_SETTING_OVS_BRIDGE_FAIL_MODE N_("The bridge failure mode. One of \"secure\", \"standalone\" or empty.")
 #define DESCRIBE_DOC_NM_SETTING_OVS_BRIDGE_MCAST_SNOOPING_ENABLE N_("Enable or disable multicast snooping.")
--- a/libnm-core/nm-setting-match.c
+++ b/libnm-core/nm-setting-match.c
@ -22,6 +22,7 @@ NM_GOBJECT_PROPERTIES_DEFINE (NMSettingMatch,
 	PROP_INTERFACE_NAME,
 	PROP_KERNEL_COMMAND_LINE,
 	PROP_DRIVER,
+	PROP_PATH,
 );

 /**
@ -36,6 +37,7 @@ struct _NMSettingMatch {
 	GArray *interface_name;
 	GArray *kernel_command_line;
 	GArray *driver;
+	GArray *path;
 };

 struct _NMSettingMatchClass {
@ -499,6 +501,156 @@ nm_setting_match_get_drivers (NMSettingMatch *setting, guint *length)

 /*****************************************************************************/

+/**
+ * nm_setting_match_get_num_paths:
+ * @setting: the #NMSettingMatch
+ *
+ * Returns: the number of configured paths
+ *
+ * Since: 1.26
+ **/
+guint
+nm_setting_match_get_num_paths (NMSettingMatch *setting)
+{
+	g_return_val_if_fail (NM_IS_SETTING_MATCH (setting), 0);
+
+	return nm_g_array_len (setting->path);
+}
+
+/**
+ * nm_setting_match_get_path:
+ * @setting: the #NMSettingMatch
+ * @idx: index number of the path to return
+ *
+ * Returns: the path at index @idx
+ *
+ * Since: 1.26
+ **/
+const char *
+nm_setting_match_get_path (NMSettingMatch *setting, guint idx)
+{
+	g_return_val_if_fail (NM_IS_SETTING_MATCH (setting), NULL);
+
+	g_return_val_if_fail (setting->path && idx < setting->path->len, NULL);
+
+	return g_array_index (setting->path, const char *, idx);
+}
+
+/**
+ * nm_setting_match_add_path:
+ * @setting: the #NMSettingMatch
+ * @path: the path to add
+ *
+ * Adds a new path to the setting.
+ *
+ * Since: 1.26
+ **/
+void
+nm_setting_match_add_path (NMSettingMatch *setting,
+                           const char *path)
+{
+	g_return_if_fail (NM_IS_SETTING_MATCH (setting));
+	g_return_if_fail (path != NULL);
+	g_return_if_fail (path[0] != '\0');
+
+	nm_strvarray_add (nm_strvarray_ensure (&setting->path), path);
+	_notify (setting, PROP_PATH);
+}
+
+/**
+ * nm_setting_match_remove_path:
+ * @setting: the #NMSettingMatch
+ * @idx: index number of the path
+ *
+ * Removes the path at index @idx.
+ *
+ * Since: 1.26
+ **/
+void
+nm_setting_match_remove_path (NMSettingMatch *setting, guint idx)
+{
+	g_return_if_fail (NM_IS_SETTING_MATCH (setting));
+
+	g_return_if_fail (setting->path && idx < setting->path->len);
+
+	g_array_remove_index (setting->path, idx);
+	_notify (setting, PROP_PATH);
+}
+
+/**
+ * nm_setting_match_remove_path_by_value:
+ * @setting: the #NMSettingMatch
+ * @path: the path to remove
+ *
+ * Removes @path.
+ *
+ * Returns: %TRUE if the path was found and removed; %FALSE if it was not.
+ *
+ * Since: 1.26
+ **/
+gboolean
+nm_setting_match_remove_path_by_value (NMSettingMatch *setting,
+                                       const char *path)
+{
+	guint i;
+
+	g_return_val_if_fail (NM_IS_SETTING_MATCH (setting), FALSE);
+	g_return_val_if_fail (path != NULL, FALSE);
+	g_return_val_if_fail (path[0] != '\0', FALSE);
+
+	if (!setting->path)
+		return FALSE;
+
+	for (i = 0; i < setting->path->len; i++) {
+		if (nm_streq (path, g_array_index (setting->path, const char *, i))) {
+			g_array_remove_index (setting->path, i);
+			_notify (setting, PROP_PATH);
+			return TRUE;
+		}
+	}
+	return FALSE;
+}
+
+/**
+ * nm_setting_match_clear_paths:
+ * @setting: the #NMSettingMatch
+ *
+ * Removes all configured paths.
+ *
+ * Since: 1.26
+ **/
+void
+nm_setting_match_clear_paths (NMSettingMatch *setting)
+{
+	g_return_if_fail (NM_IS_SETTING_MATCH (setting));
+
+	if (nm_g_array_len (setting->path) != 0) {
+		nm_clear_pointer (&setting->path, g_array_unref);
+		_notify (setting, PROP_PATH);
+	}
+}
+
+/**
+ * nm_setting_match_get_paths:
+ * @setting: the #NMSettingMatch
+ * @length: (out) (allow-none): the length of the returned paths array.
+ *
+ * Returns all the paths.
+ *
+ * Returns: (transfer none) (array length=length): the configured paths.
+ *
+ * Since: 1.26
+ **/
+const char *const *
+nm_setting_match_get_paths (NMSettingMatch *setting, guint *length)
+{
+	g_return_val_if_fail (NM_IS_SETTING_MATCH (setting), NULL);
+
+	return nm_strvarray_get_strv (&setting->path, length);
+}
+
+/*****************************************************************************/
+
 static void
 get_property (GObject *object, guint prop_id,
              GValue *value, GParamSpec *pspec)
@ -515,6 +667,9 @@ get_property (GObject *object, guint prop_id,
 	case PROP_DRIVER:
 		g_value_set_boxed (value, nm_strvarray_get_strv (&self->driver, NULL));
 		break;
+	case PROP_PATH:
+		g_value_set_boxed (value, nm_strvarray_get_strv (&self->path, NULL));
+		break;
 	default:
 		G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
 		break;
@ -537,6 +692,9 @@ set_property (GObject *object, guint prop_id,
 	case PROP_DRIVER:
 		nm_strvarray_set_strv (&self->driver, g_value_get_boxed (value));
 		break;
+	case PROP_PATH:
+		nm_strvarray_set_strv (&self->path, g_value_get_boxed (value));
+		break;
 	default:
 		G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
 		break;
@ -613,6 +771,20 @@ verify (NMSetting *setting, NMConnection *connection, GError **error)
 		}
 	}

+	if (self->path) {
+		for (i = 0; i < self->path->len; i++) {
+			if (nm_str_is_empty (g_array_index (self->path, const char *, i))) {
+				g_set_error (error,
+				             NM_CONNECTION_ERROR,
+				             NM_CONNECTION_ERROR_INVALID_PROPERTY,
+				             _("is empty"));
+				g_prefix_error (error, "%s.%s: ", NM_SETTING_MATCH_SETTING_NAME,
+				                NM_SETTING_MATCH_PATH);
+				return FALSE;
+			}
+		}
+	}
+
 	return TRUE;
 }

@ -700,6 +872,50 @@ nm_setting_match_class_init (NMSettingMatchClass *klass)
 	                        G_PARAM_READWRITE |
 	                        G_PARAM_STATIC_STRINGS);

+
+	/**
+	 * NMSettingMatch:path
+	 *
+	 * A list of paths to match against the ID_PATH udev property of
+	 * devices. ID_PATH represents the topological persistent path of a
+	 * device. It typically contains a subsystem string (pci, usb, platform,
+	 * etc.) and a subsystem-specific identifier.
+	 *
+	 * For PCI devices the path has the form
+	 * "pci-$domain:$bus:$device.$function", where each variable is an
+	 * hexadecimal value; for example "pci-0000:0a:00.0".
+	 *
+	 * The path of a device can be obtained with "udevadm info
+	 * /sys/class/net/$dev | grep ID_PATH=" or by looking at the "path"
+	 * property exported by NetworkManager ("nmcli -f general.path device
+	 * show $dev").
+	 *
+	 * Each element of the list is a shell wildcard pattern. When an
+	 * element is prefixed with exclamation mark (!) the condition is
+	 * inverted.
+	 *
+	 * A candidate path is considered matching when both these
+	 * conditions are satisfied: (a) any of the elements not prefixed with '!'
+	 * matches or there aren't such elements; (b) none of the elements
+	 * prefixed with '!' match.
+	 *
+	 * Since: 1.26
+	 **/
+	/* ---ifcfg-rh---
+	 * property: path
+	 * variable: MATCH_PATH
+	 * description: space-separated list of paths to match against the udev
+	 *   property ID_PATHS of devices
+	 * example: MATCH_PATH="pci-0000:01:00.0 pci-0000:0c:00.0"
+	 * ---end---
+	 */
+	obj_properties[PROP_PATH] =
+	    g_param_spec_boxed (NM_SETTING_MATCH_PATH, "", "",
+	                        G_TYPE_STRV,
+	                        NM_SETTING_PARAM_FUZZY_IGNORE |
+	                        G_PARAM_READWRITE |
+	                        G_PARAM_STATIC_STRINGS);
+
 	g_object_class_install_properties (object_class, _PROPERTY_ENUMS_LAST, obj_properties);

 	_nm_setting_class_commit (setting_class, NM_META_SETTING_TYPE_MATCH);
--- a/libnm-core/nm-setting-match.h
+++ b/libnm-core/nm-setting-match.h
@ -23,9 +23,10 @@ G_BEGIN_DECLS

 #define NM_SETTING_MATCH_SETTING_NAME      "match"

-#define NM_SETTING_MATCH_INTERFACE_NAME    "interface-name"
-#define NM_SETTING_MATCH_KERNEL_COMMAND_LINE    "kernel-command-line"
-#define NM_SETTING_MATCH_DRIVER            "driver"
+#define NM_SETTING_MATCH_INTERFACE_NAME      "interface-name"
+#define NM_SETTING_MATCH_KERNEL_COMMAND_LINE "kernel-command-line"
+#define NM_SETTING_MATCH_DRIVER              "driver"
+#define NM_SETTING_MATCH_PATH                "path"

 typedef struct _NMSettingMatchClass NMSettingMatchClass;

@ -88,6 +89,24 @@ void nm_setting_match_clear_drivers (NMSettingMatch *setting);
 NM_AVAILABLE_IN_1_26
 const char *const *nm_setting_match_get_drivers (NMSettingMatch *setting, guint *length);

+
+NM_AVAILABLE_IN_1_26
+guint nm_setting_match_get_num_paths (NMSettingMatch *setting);
+NM_AVAILABLE_IN_1_26
+const char *nm_setting_match_get_path (NMSettingMatch *setting, guint idx);
+NM_AVAILABLE_IN_1_26
+void nm_setting_match_remove_path (NMSettingMatch *setting, guint idx);
+NM_AVAILABLE_IN_1_26
+gboolean nm_setting_match_remove_path_by_value (NMSettingMatch *setting,
+                                                const char *path);
+NM_AVAILABLE_IN_1_26
+void nm_setting_match_add_path (NMSettingMatch *setting,
+                                const char *path);
+NM_AVAILABLE_IN_1_26
+void nm_setting_match_clear_paths (NMSettingMatch *setting);
+NM_AVAILABLE_IN_1_26
+const char *const *nm_setting_match_get_paths (NMSettingMatch *setting, guint *length);
+
 G_END_DECLS

 #endif /* NM_SETTING_MATCH_H */
--- a/libnm/libnm.ver
+++ b/libnm/libnm.ver
@ -1713,18 +1713,25 @@ global:
 	nm_setting_connection_get_mud_url;
 	nm_setting_match_add_driver;
 	nm_setting_match_add_kernel_command_line;
+	nm_setting_match_add_path;
 	nm_setting_match_clear_drivers;
 	nm_setting_match_clear_kernel_command_lines;
+	nm_setting_match_clear_paths;
 	nm_setting_match_get_driver;
 	nm_setting_match_get_drivers;
 	nm_setting_match_get_kernel_command_line;
 	nm_setting_match_get_kernel_command_lines;
 	nm_setting_match_get_num_drivers;
 	nm_setting_match_get_num_kernel_command_lines;
+	nm_setting_match_get_num_paths;
+	nm_setting_match_get_path;
+	nm_setting_match_get_paths;
 	nm_setting_match_remove_driver;
 	nm_setting_match_remove_driver_by_value;
 	nm_setting_match_remove_kernel_command_line;
 	nm_setting_match_remove_kernel_command_line_by_value;
+	nm_setting_match_remove_path;
+	nm_setting_match_remove_path_by_value;
 	nm_setting_option_clear_by_name;
 	nm_setting_option_get;
 	nm_setting_option_get_all_names;
--- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c
+++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c
@ -1563,14 +1563,17 @@ make_match_setting (shvarFile *ifcfg)
 	gs_free char *value_ifn = NULL;
 	gs_free char *value_kcl = NULL;
 	gs_free char *value_d = NULL;
+	gs_free char *value_p = NULL;
 	const char *v;

 	v = svGetValueStr (ifcfg, "MATCH_INTERFACE_NAME", &value_ifn);
-	make_match_setting_prop(v, &s_match, nm_setting_match_add_interface_name);
+	make_match_setting_prop (v, &s_match, nm_setting_match_add_interface_name);
 	v = svGetValueStr (ifcfg, "MATCH_KERNEL_COMMAND_LINE", &value_kcl);
-	make_match_setting_prop(v, &s_match, nm_setting_match_add_kernel_command_line);
+	make_match_setting_prop (v, &s_match, nm_setting_match_add_kernel_command_line);
 	v = svGetValueStr (ifcfg, "MATCH_DRIVER", &value_d);
-	make_match_setting_prop(v, &s_match, nm_setting_match_add_driver);
+	make_match_setting_prop (v, &s_match, nm_setting_match_add_driver);
+	v = svGetValueStr (ifcfg, "MATCH_PATH", &value_p);
+	make_match_setting_prop (v, &s_match, nm_setting_match_add_path);

 	return NM_SETTING (s_match);
 }
--- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c
+++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c
@ -977,6 +977,7 @@ const NMSIfcfgKeyTypeInfo nms_ifcfg_well_known_keys[] = {
 	_KEY_TYPE ("MATCH_DRIVER",                                NMS_IFCFG_KEY_TYPE_IS_PLAIN ),
 	_KEY_TYPE ("MATCH_INTERFACE_NAME",                        NMS_IFCFG_KEY_TYPE_IS_PLAIN ),
 	_KEY_TYPE ("MATCH_KERNEL_COMMAND_LINE",                   NMS_IFCFG_KEY_TYPE_IS_PLAIN ),
+	_KEY_TYPE ("MATCH_PATH",                                  NMS_IFCFG_KEY_TYPE_IS_PLAIN ),
 	_KEY_TYPE ("MDNS",                                        NMS_IFCFG_KEY_TYPE_IS_PLAIN ),
 	_KEY_TYPE ("METRIC",                                      NMS_IFCFG_KEY_TYPE_IS_NUMBERED ),
 	_KEY_TYPE ("MODE",                                        NMS_IFCFG_KEY_TYPE_IS_PLAIN ),
--- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.h
+++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.h
@ -33,7 +33,7 @@ typedef struct {
 	NMSIfcfgKeyTypeFlags key_flags;
 } NMSIfcfgKeyTypeInfo;

-extern const NMSIfcfgKeyTypeInfo nms_ifcfg_well_known_keys[239];
+extern const NMSIfcfgKeyTypeInfo nms_ifcfg_well_known_keys[240];

 const NMSIfcfgKeyTypeInfo *nms_ifcfg_well_known_key_find_info (const char *key, gssize *out_idx);

--- a/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
+++ b/src/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
@ -2438,6 +2438,17 @@ write_match_setting (NMConnection *connection, shvarFile *ifcfg)
 		}
 		svSetValueStr (ifcfg, "MATCH_KERNEL_COMMAND_LINE", str->str);
 	}
+
+	num = nm_setting_match_get_num_paths (s_match);
+	if (num > 0) {
+		nm_gstring_prepare (&str);
+		for (i = 0; i < num; i++) {
+			name = nm_setting_match_get_path (s_match, i);
+			nm_gstring_add_space_delimiter (str);
+			nm_utils_escaped_tokens_escape_gstr (name, NM_ASCII_SPACES, str);
+		}
+		svSetValueStr (ifcfg, "MATCH_PATH", str->str);
+	}
 }

 static void