USB treats all devices attached to a wireless USB host controller as
unauthorized by default and all devices attached to a wired USB host
controller as authorized by default. This default setting can be changed
manually per host controller by setting authorized_default in sysfs, but
only after the host controller is already active.
AFAICS there is a race between userspace setting authorized_default on
startup and the USB subsystem enumerating devices on the USB bus. If a
USB device is already plugged into a wired USB host controller on
startup, it may be marked as authorized (and thus accessed by the
kernel/userspace) before userspace has a chance to set
authorized_default on that host controller. This is undesirable in kiosk
situations where the user may have access to the USB ports of a machine
during startup.
Add an "authorized_default" parameter to the usbcore module which has
three settings:
0 is not authorized for all devices
1 is authorized for all devices
2 is authorized for all devices except wireless (default, old behaviour)
Signed-off-by: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006@xxxxxxx>
diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c
index 77a7fae..fee7203 100644
--- a/drivers/usb/core/hcd.c
+++ b/drivers/usb/core/hcd.c
@@ -337,6 +337,17 @@ static const u8 ss_rh_config_descriptor[] = {
0x02, 0x00 /* __le16 ss_wBytesPerInterval; 15 bits for max 15 ports */
};
+/* authorized_default behaviour:
+ * 0 is not authorized for all devices
+ * 1 is authorized for all devices
+ * 2 is authorized for all devices except wireless (old behaviour)
+ */
+static int authorized_default = 2;
+module_param(authorized_default, int, S_IRUGO|S_IWUSR);
+MODULE_PARM_DESC(authorized_default,
+ "Default USB device authorization: 0 is not authorized, 1 is "
+ "authorized, 2 is authorized except for wireless USB (default, "
+ "old behaviour");
/*-------------------------------------------------------------------------*/
/**
@@ -2374,7 +2385,10 @@ int usb_add_hcd(struct usb_hcd *hcd,
dev_info(hcd->self.controller, "%s\n", hcd->product_desc);
- hcd->authorized_default = hcd->wireless? 0 : 1;
+ if (authorized_default == 2)
+ hcd->authorized_default = hcd->wireless? 0 : 1;
+ else
+ hcd->authorized_default = authorized_default ? 1 : 0;
set_bit(HCD_FLAG_HW_ACCESSIBLE, &hcd->flags);
/* HC is in reset state, but accessible. Now do the one-time init,
--
http://www.hailfinger.org/
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
