snapd_add_idevice.patch

add_idevice.path

diff --git a/interfaces/builtin/idevice_restore.go b/interfaces/builtin/idevice_restore.go
index e69de29bb..e5e2b26aa 100644
--- a/interfaces/builtin/idevice_restore.go
+++ b/interfaces/builtin/idevice_restore.go
@@ -0,0 +1,74 @@
+// -*- Mode: Go; indent-tabs-mode: t -*-
+
+/*
+ * Copyright (C) 2018 Canonical Ltd
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 3 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+package builtin
+
+import (
+	"bytes"
+	"fmt"
+	"sort"
+
+	"github.com/snapcore/snapd/interfaces"
+	"github.com/snapcore/snapd/interfaces/udev"
+)
+
+const ideviceRestoreSummary = `allows communicating with iDevices in DFU or Recovery mode`
+
+const ideviceRestoreBaseDeclarationSlots = `
+  idevice-restore:
+    allow-installation:
+      slot-snap-type:
+        - core
+    deny-auto-connection: true
+`
+
+
+var ideviceRestoreConnectedPlugAppArmor = `
+# Allow access to all usb devices and rely on the device cgroup for mediation.
+# Which will only be tagged devices per specification
+/dev/bus/usb/[0-9][0-9][0-9]/[0-9][0-9][0-9] rw,
+
+# Allow reading the serial number of all the USB devices.
+# Note that this path encodes the physical connection topology (e.g. any USB
+# hubs you are using) and as such there are more recursive patterns than one
+# might otherwise see necessary on their own system.
+/sys/devices/**/usb*/**/serial r,
+`
+
+type ideviceRestoreInterface struct {
+	commonInterface
+}
+
+func (iface *ideviceRestoreInterface) UDevConnectedPlug(spec *udev.Specification, plug *interfaces.ConnectedPlug, slot *interfaces.ConnectedSlot) error {
+	spec.TagDevice("SUBSYSTEM==\"usb\", ENV{DEVTYPE}==\"usb_device\" ATTR{idVendor}==\"05ac\" ATTR{idProduct}=\"122[27]|128[0-3]\"")
+    spec.TagDevice("SUBSYSTEM==\"usb\", ENV{DEVTYPE}==\"usb_device\" ATTR{idVendor}==\"05ac\" ATTR{idProduct}=\"1338\"")
+
+	return nil
+}
+
+func init() {
+	registerIface(&ideviceRestoreInterface{commonInterface: commonInterface{
+		name:                  "idevice-restore",
+		summary:               ideviceRestoreSummary,
+		implicitOnCore:        true,
+		implicitOnClassic:     true,
+		baseDeclarationSlots:  ideviceRestoreBaseDeclarationSlots,
+		connectedPlugAppArmor: ideviceRestoreConnectedPlugAppArmor,
+	}})
+}
diff --git a/interfaces/builtin/usbmuxd_support.go b/interfaces/builtin/usbmuxd_support.go
index e69de29bb..2f5557385 100644
--- a/interfaces/builtin/usbmuxd_support.go
+++ b/interfaces/builtin/usbmuxd_support.go
@@ -0,0 +1,73 @@
+// -*- Mode: Go; indent-tabs-mode: t -*-
+
+/*
+ * Copyright (C) 2018 Canonical Ltd
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 3 as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+package builtin
+
+import (
+	"bytes"
+	"fmt"
+	"sort"
+
+	"github.com/snapcore/snapd/interfaces"
+	"github.com/snapcore/snapd/interfaces/udev"
+)
+
+const usbmuxdSupportSummary = `allows operating as libidevices usbmuxd`
+
+const usbmuxdSupportBaseDeclarationSlots = `
+  usbmuxd-support:
+    allow-installation:
+      slot-snap-type:
+        - core
+    deny-auto-connection: true
+`
+
+
+var usbmuxdSupportConnectedPlugAppArmor = `
+# Allow adb (server) to access all usb devices and rely on the device cgroup for mediation.
+/dev/bus/usb/[0-9][0-9][0-9]/[0-9][0-9][0-9] rw,
+
+# Allow reading the serial number of all the USB devices.
+# Note that this path encodes the physical connection topology (e.g. any USB
+# hubs you are using) and as such there are more recursive patterns than one
+# might otherwise see necessary on their own system.
+/sys/devices/**/usb*/**/serial r,
+`
+
+type usbmuxdSupportInterface struct {
+	commonInterface
+}
+
+func (iface *usbmuxdSupportInterface) UDevConnectedPlug(spec *udev.Specification, plug *interfaces.ConnectedPlug, slot *interfaces.ConnectedSlot) error {
+	spec.TagDevice("SUBSYSTEM==\"usb\", ENV{DEVTYPE}==\"usb_device\" ATTR{idVendor}==\"05ac\" ATTR{idProduct}=\"12[9a][0-9a-f]\"")
+    spec.TagDevice("SUBSYSTEM==\"usb\", ENV{DEVTYPE}==\"usb_device\" ATTR{idVendor}==\"05ac\" ATTR{idProduct}=\"8600\" ATTRS{removable}==\"removable\"")
+
+	return nil
+}
+
+func init() {
+	registerIface(&usbmuxdSupportInterface{commonInterface: commonInterface{
+		name:                  "udbmuxd-support",
+		summary:               usbmuxdSupportSummary,
+		implicitOnCore:        true,
+		implicitOnClassic:     true,
+		baseDeclarationSlots:  usbmuxdSupportBaseDeclarationSlots,
+		connectedPlugAppArmor: usbmuxdSupportConnectedPlugAppArmor,
+	}})
+}