Re: [PATCH] Allow marking all USB devices as {un,}authorized by default

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, May 30, 2011 at 12:19:00PM -0400, Alan Stern wrote:
> On Mon, 30 May 2011, Greg KH wrote:
> 
> > On Mon, May 30, 2011 at 09:09:15AM +0200, Carl-Daniel Hailfinger wrote:
> > > USB treats all devices attached to a wireless USB host controller as
> > > unauthorized by default and all devices attached to a wired USB host
> > > controller as authorized by default. This default setting can be changed
> > > manually per host controller by setting authorized_default in sysfs, but
> > > only after the host controller is already active.
> > > AFAICS there is a race between userspace setting authorized_default on
> > > startup and the USB subsystem enumerating devices on the USB bus. If a
> > > USB device is already plugged into a wired USB host controller on
> > > startup, it may be marked as authorized (and thus accessed by the
> > > kernel/userspace) before userspace has a chance to set
> > > authorized_default on that host controller. This is undesirable in kiosk
> > > situations where the user may have access to the USB ports of a machine
> > > during startup.
> > > 
> > > Add an "authorized_default" parameter to the usbcore module which has
> > > three settings:
> > > 0 is not authorized for all devices
> > > 1 is authorized for all devices
> > > 2 is authorized for all devices except wireless (default, old behaviour)
> > 
> > Ick, who is going to remember that "2" is the "default" here?
> > 
> > I understand this could be a problem, but could you think up a cleaner
> > interface for this?
> 
> The parameter could become a boolean if case 1 is removed.  After all, 
> 0 and 2 seem to be the most important cases.

Yes, but 1 is something that some systems might want.

> > Also, any new kernel/user API, like this one, needs to be documentented
> > in Documentation/ABI/.
> 
> Actually they should be mentioned in 
> Documentation/kernel-parameters.txt.

Ah, good point, yes, that would work.

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Media]     [Linux Input]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [Old Linux USB Devel Archive]

  Powered by Linux