[pve-devel] [PATCH manager v7 01/14] api: add resource map api endpoints for PCI and USB
Dominik Csapak
d.csapak at proxmox.com
Fri Jun 16 15:05:28 CEST 2023
this adds the typical section config crud API calls for
USB and PCI resource mapping to /cluster/mapping/{TYPE}
the only special thing that this series does is the list call
for both has a special 'check-node' parameter that uses the
'proxyto_callback' to reroute the api call to the given node
so that it can check the validity of the mapping for that node
in the future when we e.g. broadcast the lspci output via pmxcfs
we drop the proxyto_callback and directly use the info from
pmxcfs (or we drop the parameter and always check all nodes)
Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
---
changes from v6:
* removed unused 'resource-map' entry in nodes api
* renamed last occurance of 'resource' in 'mapping'
* consitently use 'id' in mapping api instead of 'name'
* allow GET also for Mapping.Audit
* use correct api path for permission checks (without id for POST/DELETE)
* remove leftover todo comment
PVE/API2/Cluster.pm | 8 +
PVE/API2/Cluster/Makefile | 5 +
PVE/API2/Cluster/Mapping.pm | 53 ++++++
PVE/API2/Cluster/Mapping/Makefile | 18 ++
PVE/API2/Cluster/Mapping/PCI.pm | 300 ++++++++++++++++++++++++++++++
PVE/API2/Cluster/Mapping/USB.pm | 295 +++++++++++++++++++++++++++++
PVE/API2/Hardware.pm | 1 -
7 files changed, 679 insertions(+), 1 deletion(-)
create mode 100644 PVE/API2/Cluster/Mapping.pm
create mode 100644 PVE/API2/Cluster/Mapping/Makefile
create mode 100644 PVE/API2/Cluster/Mapping/PCI.pm
create mode 100644 PVE/API2/Cluster/Mapping/USB.pm
diff --git a/PVE/API2/Cluster.pm b/PVE/API2/Cluster.pm
index c1637af9..3daf6ae5 100644
--- a/PVE/API2/Cluster.pm
+++ b/PVE/API2/Cluster.pm
@@ -26,6 +26,7 @@ use PVE::API2::ACMEPlugin;
use PVE::API2::Backup;
use PVE::API2::Cluster::BackupInfo;
use PVE::API2::Cluster::Ceph;
+use PVE::API2::Cluster::Mapping;
use PVE::API2::Cluster::Jobs;
use PVE::API2::Cluster::MetricServer;
use PVE::API2::ClusterConfig;
@@ -90,6 +91,12 @@ __PACKAGE__->register_method ({
subclass => "PVE::API2::Cluster::Jobs",
path => 'jobs',
});
+
+__PACKAGE__->register_method ({
+ subclass => "PVE::API2::Cluster::Mapping",
+ path => 'mapping',
+});
+
if ($have_sdn) {
__PACKAGE__->register_method ({
subclass => "PVE::API2::Network::SDN",
@@ -140,6 +147,7 @@ __PACKAGE__->register_method ({
{ name => 'ha' },
{ name => 'jobs' },
{ name => 'log' },
+ { name => 'mapping' },
{ name => 'metrics' },
{ name => 'nextid' },
{ name => 'options' },
diff --git a/PVE/API2/Cluster/Makefile b/PVE/API2/Cluster/Makefile
index 5c92e4f6..0c52a241 100644
--- a/PVE/API2/Cluster/Makefile
+++ b/PVE/API2/Cluster/Makefile
@@ -1,10 +1,13 @@
include ../../../defines.mk
+SUBDIRS=Mapping
+
# for node independent, cluster-wide applicable, API endpoints
# ensure we do not conflict with files shipped by pve-cluster!!
PERLSOURCE= \
BackupInfo.pm \
MetricServer.pm \
+ Mapping.pm \
Jobs.pm \
Ceph.pm
@@ -13,8 +16,10 @@ all:
.PHONY: clean
clean:
rm -rf *~
+ set -e && for i in ${SUBDIRS}; do ${MAKE} -C $$i $@; done
.PHONY: install
install: $(PERLSOURCE)
install -d $(PERLLIBDIR)/PVE/API2/Cluster
install -m 0644 $(PERLSOURCE) $(PERLLIBDIR)/PVE/API2/Cluster
+ set -e && for i in $(SUBDIRS); do $(MAKE) -C $$i $@; done
diff --git a/PVE/API2/Cluster/Mapping.pm b/PVE/API2/Cluster/Mapping.pm
new file mode 100644
index 00000000..01fa986b
--- /dev/null
+++ b/PVE/API2/Cluster/Mapping.pm
@@ -0,0 +1,53 @@
+package PVE::API2::Cluster::Mapping;
+
+use strict;
+use warnings;
+
+use PVE::RESTHandler;
+
+use PVE::API2::Cluster::Mapping::PCI;
+use PVE::API2::Cluster::Mapping::USB;
+
+use base qw(PVE::RESTHandler);
+
+__PACKAGE__->register_method ({
+ subclass => "PVE::API2::Cluster::Mapping::PCI",
+ path => 'pci',
+});
+
+__PACKAGE__->register_method ({
+ subclass => "PVE::API2::Cluster::Mapping::USB",
+ path => 'usb',
+});
+
+__PACKAGE__->register_method ({
+ name => 'index',
+ path => '',
+ method => 'GET',
+ description => "List resource types.",
+ permissions => {
+ user => 'all',
+ },
+ parameters => {
+ additionalProperties => 0,
+ properties => {},
+ },
+ returns => {
+ type => 'array',
+ items => {
+ type => "object",
+ },
+ links => [ { rel => 'child', href => "{name}" } ],
+ },
+ code => sub {
+ my ($param) = @_;
+
+ my $result = [
+ { name => 'pci' },
+ { name => 'usb' },
+ ];
+
+ return $result;
+ }});
+
+1;
diff --git a/PVE/API2/Cluster/Mapping/Makefile b/PVE/API2/Cluster/Mapping/Makefile
new file mode 100644
index 00000000..e7345ab4
--- /dev/null
+++ b/PVE/API2/Cluster/Mapping/Makefile
@@ -0,0 +1,18 @@
+include ../../../../defines.mk
+
+# for node independent, cluster-wide applicable, API endpoints
+# ensure we do not conflict with files shipped by pve-cluster!!
+PERLSOURCE= \
+ PCI.pm \
+ USB.pm
+
+all:
+
+.PHONY: clean
+clean:
+ rm -rf *~
+
+.PHONY: install
+install: ${PERLSOURCE}
+ install -d ${PERLLIBDIR}/PVE/API2/Cluster/Mapping
+ install -m 0644 ${PERLSOURCE} ${PERLLIBDIR}/PVE/API2/Cluster/Mapping
diff --git a/PVE/API2/Cluster/Mapping/PCI.pm b/PVE/API2/Cluster/Mapping/PCI.pm
new file mode 100644
index 00000000..2ccad888
--- /dev/null
+++ b/PVE/API2/Cluster/Mapping/PCI.pm
@@ -0,0 +1,300 @@
+package PVE::API2::Cluster::Mapping::PCI;
+
+use strict;
+use warnings;
+
+use Storable qw(dclone);
+
+use PVE::Cluster qw(cfs_lock_file);
+use PVE::Mapping::PCI;
+use PVE::JSONSchema qw(get_standard_option);
+use PVE::Tools qw(extract_param);
+
+use PVE::RESTHandler;
+
+use base qw(PVE::RESTHandler);
+
+__PACKAGE__->register_method ({
+ name => 'index',
+ path => '',
+ method => 'GET',
+ # only proxy if we give the 'check-node' parameter
+ proxyto_callback => sub {
+ my ($rpcenv, $proxyto, $param) = @_;
+ return $param->{'check-node'} // 'localhost';
+ },
+ description => "List PCI Hardware Mapping",
+ permissions => {
+ description => "Only lists entries where you have 'Mapping.Modify', 'Mapping.Use' or".
+ " 'Mapping.Audit' permissions on '/mapping/pci/<id>'.",
+ user => 'all',
+ },
+ parameters => {
+ additionalProperties => 0,
+ properties => {
+ 'check-node' => get_standard_option('pve-node', {
+ description => "If given, checks the configurations on the given node for ".
+ "correctness, and adds relevant errors to the devices.",
+ optional => 1,
+ }),
+ },
+ },
+ returns => {
+ type => 'array',
+ items => {
+ type => "object",
+ properties => {
+ id => {
+ type => 'string',
+ description => "The logical ID of the mapping."
+ },
+ map => {
+ type => 'array',
+ description => "The entries of the mapping.",
+ items => {
+ type => 'string',
+ description => "A mapping for a node.",
+ },
+ },
+ description => {
+ type => 'string',
+ description => "A description of the logical mapping.",
+ },
+ error => {
+ description => "A list of errors when 'check_node' is given.",
+ items => {
+ type => 'object',
+ properties => {
+ severity => {
+ type => "string",
+ description => "The severity of the error",
+ },
+ message => {
+ type => "string",
+ description => "The message of the error",
+ },
+ },
+ }
+ },
+ },
+ },
+ links => [ { rel => 'child', href => "{id}" } ],
+ },
+ code => sub {
+ my ($param) = @_;
+
+ my $rpcenv = PVE::RPCEnvironment::get();
+ my $authuser = $rpcenv->get_user();
+ my $node = $param->{'check-node'};
+
+ die "Wrong node to check\n"
+ if defined($node) && $node ne 'localhost' && $node ne PVE::INotify::nodename();
+
+ my $cfg = PVE::Mapping::PCI::config();
+
+ my $res = [];
+
+ my $privs = ['Mapping.Modify', 'Mapping.Use', 'Mapping.Audit'];
+
+ for my $id (keys $cfg->{ids}->%*) {
+ next if !$rpcenv->check_full($authuser, "/mapping/pci/$id", $privs, 1, 1);
+ next if !$cfg->{ids}->{$id};
+
+ my $entry = dclone($cfg->{ids}->{$id});
+ $entry->{id} = $id;
+ $entry->{digest} = $cfg->{digest};
+
+ if (defined($node)) {
+ $entry->{errors} = [];
+ if (my $mappings = PVE::Mapping::PCI::get_node_mapping($cfg, $id, $node)) {
+ if (!scalar($mappings->@*)) {
+ push $entry->{errors}->@*, {
+ severity => 'warning',
+ message => "No mapping for node $node.",
+ };
+ }
+ for my $mapping ($mappings->@*) {
+ eval {
+ PVE::Mapping::PCI::assert_valid($id, $mapping);
+ };
+ if (my $err = $@) {
+ push $entry->{errors}->@*, {
+ severity => 'error',
+ message => "Invalid configuration: $err",
+ };
+ }
+ }
+ }
+ }
+
+ push @$res, $entry;
+ }
+
+ return $res;
+ },
+});
+
+__PACKAGE__->register_method ({
+ name => 'get',
+ protected => 1,
+ path => '{id}',
+ method => 'GET',
+ description => "Get PCI Mapping.",
+ permissions => {
+ check =>['or',
+ ['perm', '/mapping/pci/{id}', ['Mapping.Use']],
+ ['perm', '/mapping/pci/{id}', ['Mapping.Modify']],
+ ['perm', '/mapping/pci/{id}', ['Mapping.Audit']],
+ ],
+ },
+ parameters => {
+ additionalProperties => 0,
+ properties => {
+ id => {
+ type => 'string',
+ format => 'pve-configid',
+ },
+ }
+ },
+ returns => { type => 'object' },
+ code => sub {
+ my ($param) = @_;
+
+ my $cfg = PVE::Mapping::PCI::config();
+ my $id = $param->{id};
+
+ my $entry = $cfg->{ids}->{$id};
+ die "mapping '$param->{id}' not found\n" if !defined($entry);
+
+ my $data = dclone($entry);
+
+ $data->{digest} = $cfg->{digest};
+
+ return $data;
+ }});
+
+__PACKAGE__->register_method ({
+ name => 'create',
+ protected => 1,
+ path => '',
+ method => 'POST',
+ description => "Create a new hardware mapping.",
+ permissions => {
+ check => ['perm', '/mapping/pci', ['Mapping.Modify']],
+ },
+ parameters => PVE::Mapping::PCI->createSchema(1),
+ returns => {
+ type => 'null',
+ },
+ code => sub {
+ my ($param) = @_;
+
+ my $id = extract_param($param, 'id');
+
+ my $plugin = PVE::Mapping::PCI->lookup('pci');
+ my $opts = $plugin->check_config($id, $param, 1, 1);
+
+ PVE::Mapping::PCI::lock_pci_config(sub {
+ my $cfg = PVE::Mapping::PCI::config();
+
+ die "pci ID '$id' already defined\n" if defined($cfg->{ids}->{$id});
+
+ $cfg->{ids}->{$id} = $opts;
+
+ PVE::Mapping::PCI::write_pci_config($cfg);
+
+ }, "create hardware mapping failed");
+
+ return;
+ },
+});
+
+__PACKAGE__->register_method ({
+ name => 'update',
+ protected => 1,
+ path => '{id}',
+ method => 'PUT',
+ description => "Update a hardware mapping.",
+ permissions => {
+ check => ['perm', '/mapping/pci/{id}', ['Mapping.Modify']],
+ },
+ parameters => PVE::Mapping::PCI->updateSchema(),
+ returns => {
+ type => 'null',
+ },
+ code => sub {
+ my ($param) = @_;
+
+ my $digest = extract_param($param, 'digest');
+ my $delete = extract_param($param, 'delete');
+ my $id = extract_param($param, 'id');
+
+ if ($delete) {
+ $delete = [ PVE::Tools::split_list($delete) ];
+ }
+
+ PVE::Mapping::PCI::lock_pci_config(sub {
+ my $cfg = PVE::Mapping::PCI::config();
+
+ PVE::Tools::assert_if_modified($cfg->{digest}, $digest) if defined($digest);
+
+ die "pci ID '$id' does not exist\n" if !defined($cfg->{ids}->{$id});
+
+ my $plugin = PVE::Mapping::PCI->lookup('pci');
+ my $opts = $plugin->check_config($id, $param, 1, 1);
+
+ my $data = $cfg->{ids}->{$id};
+
+ my $options = $plugin->private()->{options}->{pci};
+ PVE::SectionConfig::delete_from_config($data, $options, $opts, $delete);
+
+ $data->{$_} = $opts->{$_} for keys $opts->%*;
+
+ PVE::Mapping::PCI::write_pci_config($cfg);
+
+ }, "update hardware mapping failed");
+
+ return;
+ },
+});
+
+__PACKAGE__->register_method ({
+ name => 'delete',
+ protected => 1,
+ path => '{id}',
+ method => 'DELETE',
+ description => "Remove Hardware Mapping.",
+ permissions => {
+ check => [ 'perm', '/mapping/pci', ['Mapping.Modify']],
+ },
+ parameters => {
+ additionalProperties => 0,
+ properties => {
+ id => {
+ type => 'string',
+ format => 'pve-configid',
+ },
+ }
+ },
+ returns => { type => 'null' },
+ code => sub {
+ my ($param) = @_;
+
+ my $id = $param->{id};
+
+ PVE::Mapping::PCI::lock_pci_config(sub {
+ my $cfg = PVE::Mapping::PCI::config();
+
+ if ($cfg->{ids}->{$id}) {
+ delete $cfg->{ids}->{$id};
+ }
+
+ PVE::Mapping::PCI::write_pci_config($cfg);
+
+ }, "delete pci mapping failed");
+
+ return;
+ }
+});
+
+1;
diff --git a/PVE/API2/Cluster/Mapping/USB.pm b/PVE/API2/Cluster/Mapping/USB.pm
new file mode 100644
index 00000000..3883cf7d
--- /dev/null
+++ b/PVE/API2/Cluster/Mapping/USB.pm
@@ -0,0 +1,295 @@
+package PVE::API2::Cluster::Mapping::USB;
+
+use strict;
+use warnings;
+
+use Storable qw(dclone);
+
+use PVE::Cluster qw(cfs_lock_file);
+use PVE::Mapping::USB;
+use PVE::JSONSchema qw(get_standard_option);
+use PVE::Tools qw(extract_param);
+
+use PVE::RESTHandler;
+
+use base qw(PVE::RESTHandler);
+
+__PACKAGE__->register_method ({
+ name => 'index',
+ path => '',
+ method => 'GET',
+ description => "List USB Hardware Mappings",
+ permissions => {
+ description => "Only lists entries where you have 'Mapping.Modify', 'Mapping.Use' or".
+ " 'Mapping.Audit' permissions on '/mapping/usb/<id>'.",
+ user => 'all',
+ },
+ parameters => {
+ additionalProperties => 0,
+ properties => {
+ 'check-node' => get_standard_option('pve-node', {
+ description => "If given, checks the configurations on the given node for ".
+ "correctness, and adds relevant errors to the devices.",
+ optional => 1,
+ }),
+ },
+ },
+ returns => {
+ type => 'array',
+ items => {
+ type => "object",
+ properties => {
+ id => {
+ type => 'string',
+ description => "The logical ID of the mapping."
+ },
+ map => {
+ type => 'array',
+ description => "The entries of the mapping.",
+ items => {
+ type => 'string',
+ description => "A mapping for a node.",
+ },
+ },
+ description => {
+ type => 'string',
+ description => "A description of the logical mapping.",
+ },
+ error => {
+ description => "A list of errors when 'check_node' is given.",
+ items => {
+ type => 'object',
+ properties => {
+ severity => {
+ type => "string",
+ description => "The severity of the error",
+ },
+ message => {
+ type => "string",
+ description => "The message of the error",
+ },
+ },
+ }
+ },
+ },
+ },
+ links => [ { rel => 'child', href => "{id}" } ],
+ },
+ code => sub {
+ my ($param) = @_;
+
+ my $rpcenv = PVE::RPCEnvironment::get();
+ my $authuser = $rpcenv->get_user();
+ my $node = $param->{'check-node'};
+
+ die "Wrong node to check\n"
+ if defined($node) && $node ne 'localhost' && $node ne PVE::INotify::nodename();
+
+ my $cfg = PVE::Mapping::USB::config();
+
+ my $res = [];
+
+ my $privs = ['Mapping.Modify', 'Mapping.Use', 'Mapping.Audit'];
+
+ for my $id (keys $cfg->{ids}->%*) {
+ next if !$rpcenv->check_full($authuser, "/mapping/usb/$id", $privs, 1, 1);
+ next if !$cfg->{ids}->{$id};
+
+ my $entry = dclone($cfg->{ids}->{$id});
+ $entry->{id} = $id;
+ $entry->{digest} = $cfg->{digest};
+
+ if (defined($node)) {
+ $entry->{errors} = [];
+ if (my $mappings = PVE::Mapping::USB::get_node_mapping($cfg, $id, $node)) {
+ if (!scalar($mappings->@*)) {
+ push $entry->{errors}->@*, {
+ severity => 'warning',
+ message => "No mapping for node $node.",
+ };
+ }
+ for my $mapping ($mappings->@*) {
+ eval {
+ PVE::Mapping::USB::assert_valid($id, $mapping);
+ };
+ if (my $err = $@) {
+ push $entry->{errors}->@*, {
+ severity => 'error',
+ message => "Invalid configuration: $err",
+ };
+ }
+ }
+ }
+ }
+
+ push @$res, $entry;
+ }
+
+ return $res;
+ },
+});
+
+__PACKAGE__->register_method ({
+ name => 'get',
+ protected => 1,
+ path => '{id}',
+ method => 'GET',
+ description => "Get USB Mapping.",
+ permissions => {
+ check =>['or',
+ ['perm', '/mapping/usb/{id}', ['Mapping.Audit']],
+ ['perm', '/mapping/usb/{id}', ['Mapping.Use']],
+ ['perm', '/mapping/usb/{id}', ['Mapping.Modify']],
+ ],
+ },
+ parameters => {
+ additionalProperties => 0,
+ properties => {
+ id => {
+ type => 'string',
+ format => 'pve-configid',
+ },
+ }
+ },
+ returns => { type => 'object' },
+ code => sub {
+ my ($param) = @_;
+
+ my $cfg = PVE::Mapping::USB::config();
+ my $id = $param->{id};
+
+ my $entry = $cfg->{ids}->{$id};
+ die "mapping '$param->{id}' not found\n" if !defined($entry);
+
+ my $data = dclone($entry);
+
+ $data->{digest} = $cfg->{digest};
+
+ return $data;
+ }});
+
+__PACKAGE__->register_method ({
+ name => 'create',
+ protected => 1,
+ path => '',
+ method => 'POST',
+ description => "Create a new hardware mapping.",
+ permissions => {
+ check => ['perm', '/mapping/usb', ['Mapping.Modify']],
+ },
+ parameters => PVE::Mapping::USB->createSchema(1),
+ returns => {
+ type => 'null',
+ },
+ code => sub {
+ my ($param) = @_;
+
+ my $id = extract_param($param, 'id');
+
+ my $plugin = PVE::Mapping::USB->lookup('usb');
+ my $opts = $plugin->check_config($id, $param, 1, 1);
+
+ PVE::Mapping::USB::lock_usb_config(sub {
+ my $cfg = PVE::Mapping::USB::config();
+
+ die "usb ID '$id' already defined\n" if defined($cfg->{ids}->{$id});
+
+ $cfg->{ids}->{$id} = $opts;
+
+ PVE::Mapping::USB::write_usb_config($cfg);
+
+ }, "create hardware mapping failed");
+
+ return;
+ },
+});
+
+__PACKAGE__->register_method ({
+ name => 'update',
+ protected => 1,
+ path => '{id}',
+ method => 'PUT',
+ description => "Update a hardware mapping.",
+ permissions => {
+ check => ['perm', '/mapping/usb/{id}', ['Mapping.Modify']],
+ },
+ parameters => PVE::Mapping::USB->updateSchema(),
+ returns => {
+ type => 'null',
+ },
+ code => sub {
+ my ($param) = @_;
+
+ my $digest = extract_param($param, 'digest');
+ my $delete = extract_param($param, 'delete');
+ my $id = extract_param($param, 'id');
+
+ if ($delete) {
+ $delete = [ PVE::Tools::split_list($delete) ];
+ }
+
+ PVE::Mapping::USB::lock_usb_config(sub {
+ my $cfg = PVE::Mapping::USB::config();
+
+ PVE::Tools::assert_if_modified($cfg->{digest}, $digest) if defined($digest);
+
+ die "usb ID '$id' does not exist\n" if !defined($cfg->{ids}->{$id});
+
+ my $plugin = PVE::Mapping::USB->lookup('usb');
+ my $opts = $plugin->check_config($id, $param, 1, 1);
+
+ my $data = $cfg->{ids}->{$id};
+
+ my $options = $plugin->private()->{options}->{usb};
+ PVE::SectionConfig::delete_from_config($data, $options, $opts, $delete);
+
+ $data->{$_} = $opts->{$_} for keys $opts->%*;
+
+ PVE::Mapping::USB::write_usb_config($cfg);
+
+ }, "update hardware mapping failed");
+
+ return;
+ },
+});
+
+__PACKAGE__->register_method ({
+ name => 'delete',
+ protected => 1,
+ path => '{id}',
+ method => 'DELETE',
+ description => "Remove Hardware Mapping.",
+ permissions => {
+ check => [ 'perm', '/mapping/usb', ['Mapping.Modify']],
+ },
+ parameters => {
+ additionalProperties => 0,
+ properties => {
+ id => {
+ type => 'string',
+ format => 'pve-configid',
+ },
+ }
+ },
+ returns => { type => 'null' },
+ code => sub {
+ my ($param) = @_;
+
+ my $id = $param->{id};
+
+ PVE::Mapping::USB::lock_usb_config(sub {
+ my $cfg = PVE::Mapping::USB::config();
+
+ if ($cfg->{ids}->{$id}) {
+ delete $cfg->{ids}->{$id};
+ }
+
+ PVE::Mapping::USB::write_usb_config($cfg);
+
+ }, "delete usb mapping failed");
+
+ return;
+ }
+});
+
+1;
diff --git a/PVE/API2/Hardware.pm b/PVE/API2/Hardware.pm
index f59bfbe0..1c6fd8f5 100644
--- a/PVE/API2/Hardware.pm
+++ b/PVE/API2/Hardware.pm
@@ -21,7 +21,6 @@ __PACKAGE__->register_method ({
path => 'usb',
});
-
__PACKAGE__->register_method ({
name => 'index',
path => '',
--
2.30.2
More information about the pve-devel
mailing list