On Mon, Apr 25, 2022 at 03:23:15PM +0200, Bastien Nocera wrote: > There is a need for userspace applications to open USB devices directly, > for all the USB devices without a kernel-level class driver, and > implemented in user-space. > > End-user access is usually handled by the uaccess tag in systemd, > shipping application-specific udev rules that implement this without too > much care for sandboxed applications, or overall security, or just sudo. > > A better approach is what we already have for evdev devices: give the > application a file descriptor and revoke it when it may no longer access > that device. Who is going to use this "better" approach? Is there support in libusb for it? Who talks raw usbfs other than libusb these days? > > This patch is the USB equivalent to the EVIOCREVOKE ioctl, see > commit c7dc65737c9a607d3e6f8478659876074ad129b8 for full details. c7dc65737c9a ("Input: evdev - add EVIOCREVOKE ioctl") is how I thought we were supposed to write out commits in changelogs these days :) > > Note that this variant needs to do a few things that the evdev revoke > doesn't need to handle, particular: > - cancelling pending async transfers > - making sure to release claimed interfaces on revoke so they can be > opened by another process/user, as USB interfaces require being > exclusively claimed to be used. I love the idea of a real revoke() someday, but can't you just do the "unbind/bind" hack instead if you really want to do this? Who wants to pass usbfs file descriptors around these days? thanks, greg k-h