Hello. On 8/8/2015 12:32 PM, Stefan Koch wrote:
This part adds the documentation for the interface authorization.
Signed-off-by: Stefan Koch <skoch@xxxxxxx> --- Documentation/ABI/testing/sysfs-bus-usb | 22 +++++++++++++++++++++ Documentation/usb/authorization.txt | 34 +++++++++++++++++++++++++++++++++ 2 files changed, 56 insertions(+)
diff --git a/Documentation/ABI/testing/sysfs-bus-usb b/Documentation/ABI/testing/sysfs-bus-usb index e5cc763..ca8c8d3 100644 --- a/Documentation/ABI/testing/sysfs-bus-usb +++ b/Documentation/ABI/testing/sysfs-bus-usb @@ -1,3 +1,25 @@ +What: /sys/bus/usb/devices/INTERFACE/authorized +Date: June 2015 +KernelVersion: 4.2 +Description: + This allows to authorize (1) or deauthorize (0) + individual interfaces instead a whole device + in contrast to the device authorization. + If a deauthorized interface will be authorized + so the driver probing must be triggered manually + by writing INTERFACE to /sys/bus/usb/drivers_probe + This allows to avoid side-effects with drivers + that need multiple interfaces. + A deauthorized interface cannot be probed or claimed. + +What: /sys/bus/usb/devices/usbX/interface_authorized_default +Date: June 2015 +KernelVersion: 4.2 +Description: + This is used as default value that determines + if interfaces would authorized per default.
Would be authorized by default?
+ The value can be 1 or 0. It is per default 1.
s/per/by/? [...]
diff --git a/Documentation/usb/authorization.txt b/Documentation/usb/authorization.txt index c069b68..020cec5 100644 --- a/Documentation/usb/authorization.txt +++ b/Documentation/usb/authorization.txt
[...]
@@ -90,3 +93,34 @@ etc, but you get the idea. Anybody with access to a device gadget kit can fake descriptors and device info. Don't trust that. You are welcome. + +Interface authorization +----------------------- +There is a similar approach to allow or deny specific USB interfaces. +That allows to block only a subset of an USB device. + +Authorize an interface: +$ echo 1 > /sys/bus/usb/devices/INTERFACE/authorized + +Deauthorize an interface: +$ echo 0 > /sys/bus/usb/devices/INTERFACE/authorized + +The default value for new interfaces +on a particular USB bus can be changed, too. + +Allow interfaces per default: +$ echo 1 > /sys/bus/usb/devices/usbX/interface_authorized_default + +Deny interfaces per default: +$ echo 0 > /sys/bus/usb/devices/usbX/interface_authorized_default + +Per default the interface_authorized_default bit is 1.
S/Per/By/?
+So all interfaces would authorized per default.
Likewise... [...] MBR, Sergei -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
