diff options
-rw-r--r-- | PKGBUILD | 29 | ||||
-rw-r--r-- | configs/os/sudoers/v2-hdmi | 2 | ||||
-rw-r--r-- | kvmd.install | 2 | ||||
-rw-r--r-- | kvmd/apps/otgmsd/__init__.py | 78 | ||||
-rw-r--r-- | kvmd/helpers/__init__.py | 0 | ||||
-rw-r--r-- | kvmd/helpers/otgmsd/__init__.py | 0 | ||||
-rw-r--r-- | kvmd/helpers/otgmsd/remount/__init__.py | 64 | ||||
-rw-r--r-- | kvmd/helpers/otgmsd/remount/__main__.py | 24 | ||||
-rw-r--r-- | kvmd/helpers/otgmsd/unlock/__init__.py | 54 | ||||
-rw-r--r-- | kvmd/helpers/otgmsd/unlock/__main__.py | 24 | ||||
-rw-r--r-- | kvmd/plugins/msd/otg.py | 14 | ||||
-rwxr-xr-x | setup.py | 8 |
12 files changed, 276 insertions, 23 deletions
@@ -44,6 +44,7 @@ depends=( platformio make patch + sudo raspberrypi-io-access "ustreamer>=1.9" ) @@ -87,6 +88,8 @@ package_kvmd() { sed -i -e "s/^#PROD//g" "$_cfg_default/nginx/nginx.conf" find "$_cfg_default" -type f -exec chmod 444 '{}' \; chmod 400 "$_cfg_default/kvmd"/*passwd + chmod 750 "$_cfg_default/os/sudoers" + chmod 400 "$_cfg_default/os/sudoers"/* mkdir -p "$pkgdir/etc/kvmd/nginx/ssl" chmod 750 "$pkgdir/etc/kvmd/nginx/ssl" @@ -94,38 +97,54 @@ package_kvmd() { install -Dm644 -t "$pkgdir/etc/kvmd" "$_cfg_default/kvmd"/*.yaml install -Dm600 -t "$pkgdir/etc/kvmd" "$_cfg_default/kvmd"/*passwd + + mkdir -p "$pkgdir/var/lib/kvmd/msd" } + for _variant in "${_variants[@]}"; do _platform=${_variant%:*} _board=${_variant#*:} eval "package_kvmd-platform-$_platform-$_board() { + cd \"kvmd-\$pkgver\" + pkgdesc=\"Pi-KVM platform configs - $_platform for $_board\" - depends=(kvmd) + depends=(kvmd=$pkgver-$pkgrel) + if [[ $_platform =~ ^.*-hdmi$ ]]; then depends=(\"\${depends[@]}\" \"tc358743-dkms>=0.3\") + conflicts=(tc35874-dkms) + if [ $_board == rpi4 ]; then + depends=(\"\${depends[@]}\" \"linux-raspberrypi4>=4.19.71-1\") + else + depends=(\"\${depends[@]}\" \"linux-raspberrypi>=4.19.71-1\") + fi fi + backup=( etc/sysctl.d/99-kvmd.conf etc/udev/rules.d/99-kvmd.rules etc/kvmd/main.yaml ) - cd \"kvmd-\$pkgver\" - install -DTm644 configs/os/sysctl.conf \"\$pkgdir/etc/sysctl.d/99-kvmd.conf\" install -DTm644 configs/os/udev/$_platform-$_board.rules \"\$pkgdir/etc/udev/rules.d/99-kvmd.rules\" + install -DTm444 configs/kvmd/main/$_platform.yaml \"\$pkgdir/etc/kvmd/main.yaml\" if [ -f configs/os/modules-load/$_platform.conf ]; then backup=(\"\${backup[@]}\" etc/modules-load.d/kvmd.conf) install -DTm644 configs/os/modules-load/$_platform.conf \"\$pkgdir/etc/modules-load.d/kvmd.conf\" fi + if [ -f configs/os/sudoers/$_platform ]; then + backup=(\"\${backup[@]}\" etc/sudoers.d/99_kvmd) + install -DTm440 configs/os/sudoers/$_platform \"\$pkgdir/etc/sudoers.d/99_kvmd\" + chmod 750 \"\$pkgdir/etc/sudoers.d\" + fi + if [[ $_platform =~ ^.*-hdmi$ ]]; then backup=(\"\${backup[@]}\" etc/kvmd/tc358743-edid.hex) install -DTm644 configs/kvmd/tc358743-edid.hex \"\$pkgdir/etc/kvmd/tc358743-edid.hex\" fi - - install -DTm444 configs/kvmd/main/$_platform.yaml \"\$pkgdir/etc/kvmd/main.yaml\" }" done diff --git a/configs/os/sudoers/v2-hdmi b/configs/os/sudoers/v2-hdmi new file mode 100644 index 00000000..cc50dc9f --- /dev/null +++ b/configs/os/sudoers/v2-hdmi @@ -0,0 +1,2 @@ +kvmd ALL=(ALL) NOPASSWD: /usr/bin/kvmd-helper-otgmsd-unlock +kvmd ALL=(ALL) NOPASSWD: /usr/bin/kvmd-helper-otgmsd-remount diff --git a/kvmd.install b/kvmd.install index e4e4b556..960d1fb0 100644 --- a/kvmd.install +++ b/kvmd.install @@ -12,4 +12,6 @@ post_upgrade() { chown kvmd:kvmd /etc/kvmd/htpasswd chown kvmd-ipmi:kvmd-ipmi /etc/kvmd/ipmipasswd chmod 600 /etc/kvmd/*passwd + + chown kvmd /var/lib/kvmd/msd } diff --git a/kvmd/apps/otgmsd/__init__.py b/kvmd/apps/otgmsd/__init__.py index 3f32e54f..9be8ab38 100644 --- a/kvmd/apps/otgmsd/__init__.py +++ b/kvmd/apps/otgmsd/__init__.py @@ -25,19 +25,35 @@ import signal import errno import argparse +from typing import List +from typing import Optional + import psutil +import yaml + +from ...validators.kvm import valid_msd_image_name + +from .. import init # ===== -def _set_param(gadget: str, param: str, value: str) -> None: - param_path = os.path.join( +def _make_param_path(gadget: str, param: str) -> str: + return os.path.join( "/sys/kernel/config/usb_gadget", gadget, "functions/mass_storage.usb0/lun.0", param, ) + + +def _get_param(gadget: str, param: str) -> str: + with open(_make_param_path(gadget, param)) as param_file: + return param_file.read().strip() + + +def _set_param(gadget: str, param: str, value: str) -> None: try: - with open(param_path, "w") as param_file: + with open(_make_param_path(gadget, param), "w") as param_file: param_file.write(value + "\n") except OSError as err: if err.errno == errno.EBUSY: @@ -55,29 +71,57 @@ def _reset_msd() -> None: proc.send_signal(signal.SIGUSR1) found = True except Exception as err: - SystemExit(f"Can't send SIGUSR1 to MSD kernel thread with pid={attrs['pid']}: {err}") + raise SystemExit(f"Can't send SIGUSR1 to MSD kernel thread with pid={attrs['pid']}: {err}") if not found: raise SystemExit("Can't find MSD kernel thread") # ===== -def main() -> None: - parser = argparse.ArgumentParser(description="KVMD OTG MSD Helper") +def main(argv: Optional[List[str]]=None) -> None: + (parent_parser, argv, config) = init( + add_help=False, + argv=argv, + load_msd=True, + ) + parser = argparse.ArgumentParser( + prog="kvmd-otg-msd", + description="KVMD OTG MSD Helper", + parents=[parent_parser], + ) parser.add_argument("--reset", action="store_true", help="Send SIGUSR1 to MSD kernel thread") - parser.add_argument("--set-cdrom", dest="cdrom", default=None, choices=["0", "1"], help="Set CD-ROM flag") - parser.add_argument("--set-ro", dest="ro", default=None, choices=["0", "1"], help="Set read-only flag") - parser.add_argument("--set-image", dest="image_path", default=None, help="Change image path (or eject for the empty)") - parser.add_argument("--gadget", default="kvmd", help="USB gadget name") - options = parser.parse_args() + parser.add_argument("--set-cdrom", default=None, choices=["0", "1"], help="Set CD-ROM flag") + parser.add_argument("--set-ro", default=None, choices=["0", "1"], help="Set read-only flag") + parser.add_argument("--set-image", default=None, type=valid_msd_image_name, help="Change the image") + parser.add_argument("--eject", action="store_true", help="Eject the image") + options = parser.parse_args(argv[1:]) + + if config.kvmd.msd.type != "otg": + raise SystemExit(f"Error: KVMD MSD not using 'otg'" + f" (now configured {config.kvmd.msd.type!r})") if options.reset: _reset_msd() - if options.cdrom is not None: - _set_param(options.gadget, "cdrom", options.cdrom) + if options.eject: + _set_param(config.otg.gadget, "file", "") + + if options.set_cdrom is not None: + _set_param(config.otg.gadget, "cdrom", options.set_cdrom) + + if options.set_ro is not None: + _set_param(config.otg.gadget, "ro", options.set_ro) - if options.ro is not None: - _set_param(options.gadget, "ro", options.ro) + if options.set_image: + path = os.path.join(config.kvmd.msd.storage, "images", options.set_image) + if not os.path.isfile(path): + raise SystemExit(f"Can't find image {path!r}") + _set_param(config.otg.gadget, "file", path) - if options.image_path is not None: - _set_param(options.gadget, "file", options.image_path) + print(yaml.dump({ # type: ignore + name: _get_param(config.otg.gadget, param) + for (param, name) in [ + ("file", "image"), + ("cdrom", "cdrom"), + ("ro", "ro"), + ] + }, default_flow_style=False, sort_keys=False), end="") diff --git a/kvmd/helpers/__init__.py b/kvmd/helpers/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/kvmd/helpers/__init__.py diff --git a/kvmd/helpers/otgmsd/__init__.py b/kvmd/helpers/otgmsd/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/kvmd/helpers/otgmsd/__init__.py diff --git a/kvmd/helpers/otgmsd/remount/__init__.py b/kvmd/helpers/otgmsd/remount/__init__.py new file mode 100644 index 00000000..2eba6add --- /dev/null +++ b/kvmd/helpers/otgmsd/remount/__init__.py @@ -0,0 +1,64 @@ +# ========================================================================== # +# # +# KVMD - The main Pi-KVM daemon. # +# # +# Copyright (C) 2018 Maxim Devaev <[email protected]> # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see <https://www.gnu.org/licenses/>. # +# # +# ========================================================================== # + + +import sys +import subprocess + + +# ==== +_MOUNT_PATH = "/bin/mount" +_FSTAB_PATH = "/etc/fstab" +_OPTION = "X-kvmd.otg-msd" + + +# ===== +def _find_mountpoint() -> str: + with open(_FSTAB_PATH) as fstab_file: + for line in fstab_file.read().split("\n"): + line = line.strip() + if line and not line.startswith("#"): + parts = line.split() + if len(parts) == 6: + options = parts[3].split(",") + if _OPTION in options: + return parts[1] + raise SystemExit(f"Can't find {_OPTION!r} mountpoint in {_FSTAB_PATH}") + + +def _remount(path: str, ro: bool) -> None: + try: + subprocess.check_call([ + _MOUNT_PATH, + "--options", + f"remount,{'ro' if ro else 'rw'}", + path, + ]) + except subprocess.CalledProcessError as err: + raise SystemExit(str(err)) from None + + +# ===== +def main() -> None: + if len(sys.argv) != 2 or sys.argv[1] not in ["ro", "rw"]: + raise SystemExit(f"This program will remount a first volume marked by {_OPTION!r} option in {_FSTAB_PATH}\n\n" + f"Usage: python -m kvmd.helpers.otgmsd.remount [-h|--help|ro|rw]") + _remount(_find_mountpoint(), (sys.argv[1] == "ro")) diff --git a/kvmd/helpers/otgmsd/remount/__main__.py b/kvmd/helpers/otgmsd/remount/__main__.py new file mode 100644 index 00000000..77f4e294 --- /dev/null +++ b/kvmd/helpers/otgmsd/remount/__main__.py @@ -0,0 +1,24 @@ +# ========================================================================== # +# # +# KVMD - The main Pi-KVM daemon. # +# # +# Copyright (C) 2018 Maxim Devaev <[email protected]> # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see <https://www.gnu.org/licenses/>. # +# # +# ========================================================================== # + + +from . import main +main() diff --git a/kvmd/helpers/otgmsd/unlock/__init__.py b/kvmd/helpers/otgmsd/unlock/__init__.py new file mode 100644 index 00000000..9bdf353f --- /dev/null +++ b/kvmd/helpers/otgmsd/unlock/__init__.py @@ -0,0 +1,54 @@ +# ========================================================================== # +# # +# KVMD - The main Pi-KVM daemon. # +# # +# Copyright (C) 2018 Maxim Devaev <[email protected]> # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see <https://www.gnu.org/licenses/>. # +# # +# ========================================================================== # + + +import sys +import signal + +import psutil + + +# ===== +_PROCESS_NAME = "file-storage" + + +# ===== +def _unlock() -> None: + # https://github.com/torvalds/linux/blob/3039fad/drivers/usb/gadget/function/f_mass_storage.c#L2924 + found = False + for proc in psutil.process_iter(): + attrs = proc.as_dict(attrs=["name", "exe"]) + if attrs.get("name") == _PROCESS_NAME and not attrs.get("exe"): + try: + proc.send_signal(signal.SIGUSR1) + found = True + except Exception as err: + raise SystemExit(f"Can't send SIGUSR1 to MSD kernel thread with pid={attrs['pid']}: {err}") + if not found: + raise SystemExit(f"Can't find MSD kernel thread {_PROCESS_NAME!r}") + + +# ===== +def main() -> None: + if len(sys.argv) != 2 or sys.argv[1] != "unlock": + raise SystemExit(f"This program interrupts all IO operations performed by OTG MSD.\n\n" + f"Usage: python -m kvmd.helpers.otgmsd.unlock [-h|--help|unlock]") + _unlock() diff --git a/kvmd/helpers/otgmsd/unlock/__main__.py b/kvmd/helpers/otgmsd/unlock/__main__.py new file mode 100644 index 00000000..77f4e294 --- /dev/null +++ b/kvmd/helpers/otgmsd/unlock/__main__.py @@ -0,0 +1,24 @@ +# ========================================================================== # +# # +# KVMD - The main Pi-KVM daemon. # +# # +# Copyright (C) 2018 Maxim Devaev <[email protected]> # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see <https://www.gnu.org/licenses/>. # +# # +# ========================================================================== # + + +from . import main +main() diff --git a/kvmd/plugins/msd/otg.py b/kvmd/plugins/msd/otg.py index db1c2254..ca57a932 100644 --- a/kvmd/plugins/msd/otg.py +++ b/kvmd/plugins/msd/otg.py @@ -27,6 +27,11 @@ from typing import Dict from typing import Type from typing import AsyncGenerator +from ...yamlconf import Option + +from ...validators.os import valid_abs_path_exists +from ...validators.os import valid_command + from . import MsdOperationError from . import BaseMsd @@ -39,6 +44,15 @@ class MsdCliOnlyError(MsdOperationError): # ===== class Plugin(BaseMsd): + @classmethod + def get_plugin_options(cls) -> Dict: + sudo = ["/usr/bin/sudo", "--non-interactive"] + return { + "storage": Option("/var/lib/kvmd/msd", type=valid_abs_path_exists, unpack_as="storage_path"), + "remount_cmd": Option([*sudo, "/usr/bin/kvmd-helper-otgmsd-remount", "{mode}"], type=valid_command), + "unlock_cmd": Option([*sudo, "/usr/bin/kvmd-helper-otgmsd-unlock", "unlock"], type=valid_command), + } + def get_state(self) -> Dict: return { "enabled": False, @@ -93,6 +93,10 @@ def main() -> None: "kvmd.apps.htpasswd", "kvmd.apps.cleanup", "kvmd.apps.ipmi", + "kvmd.helpers", + "kvmd.helpers.otgmsd", + "kvmd.helpers.otgmsd.unlock", + "kvmd.helpers.otgmsd.remount", ], scripts=[ @@ -105,10 +109,12 @@ def main() -> None: "console_scripts": [ "kvmd = kvmd.apps.kvmd:main", "kvmd-otg = kvmd.apps.otg:main", - "kvmd-otg-msd = kvmd.apps.otgmsd:main", + "kvmd-otgmsd = kvmd.apps.otgmsd:main", "kvmd-htpasswd = kvmd.apps.htpasswd:main", "kvmd-cleanup = kvmd.apps.cleanup:main", "kvmd-ipmi = kvmd.apps.ipmi:main", + "kvmd-helper-otgmsd-unlock = kvmd.helpers.otgmsd.unlock:main", + "kvmd-helper-otgmsd-remount = kvmd.helpers.otgmsd.remount:main", ], }, |