Re: [PATCH] Allow marking all USB devices as {un,}authorized by default

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, May 31, 2011 at 08:41:58AM +0200, Carl-Daniel Hailfinger wrote:
> Am 31.05.2011 06:54 schrieb Greg KH:
> > On Mon, May 30, 2011 at 12:19:00PM -0400, Alan Stern wrote:
> >   
> >> On Mon, 30 May 2011, Greg KH wrote:
> >>     
> >>> On Mon, May 30, 2011 at 09:09:15AM +0200, Carl-Daniel Hailfinger wrote:
> >>>       
> >>>> USB treats all devices attached to a wireless USB host controller as
> >>>> unauthorized by default and all devices attached to a wired USB host
> >>>> controller as authorized by default. This default setting can be changed
> >>>> manually per host controller by setting authorized_default in sysfs, but
> >>>> only after the host controller is already active.
> >>>> AFAICS there is a race between userspace setting authorized_default on
> >>>> startup and the USB subsystem enumerating devices on the USB bus. If a
> >>>> USB device is already plugged into a wired USB host controller on
> >>>> startup, it may be marked as authorized (and thus accessed by the
> >>>> kernel/userspace) before userspace has a chance to set
> >>>> authorized_default on that host controller. This is undesirable in kiosk
> >>>> situations where the user may have access to the USB ports of a machine
> >>>> during startup.
> >>>>
> >>>> Add an "authorized_default" parameter to the usbcore module which has
> >>>> three settings:
> >>>> 0 is not authorized for all devices
> >>>> 1 is authorized for all devices
> >>>> 2 is authorized for all devices except wireless (default, old behaviour)
> >>>>         
> >>> Ick, who is going to remember that "2" is the "default" here?
> >>>
> >>> I understand this could be a problem, but could you think up a cleaner
> >>> interface for this?
> >>>       
> >> The parameter could become a boolean if case 1 is removed.  After all, 
> >> 0 and 2 seem to be the most important cases.
> >>     
> > Yes, but 1 is something that some systems might want.
> >   
> 
> I tried to mirror the behaviour of the authorized_default variable which
> is in sysfs for every host controller. My reasoning was that users would
> expect the allowed values for identical variable names to be the same.
> The only extension of that value set is a value for "use old defaults".
> I picked 2, but you're right that this is not totally obvious. How about -1?
> 
> 
> >>> Also, any new kernel/user API, like this one, needs to be documentented
> >>> in Documentation/ABI/.
> >>>       
> >> Actually they should be mentioned in 
> >> Documentation/kernel-parameters.txt.
> >>     
> > Ah, good point, yes, that would work.
> >   
> 
> What do you think about this one?

Much better, I like it.

Any objections?

Oh, one minor grammar nit:

> The "authorized_default" module parameter of usbcore controls the default
> for the authorized_default variable of each USB host controller.
> -1 is authorized for all devices except wireless (default, old behaviour)
> 0 is not authorized for all devices

Shouldn't that read:
	0 is not authorized for any devices"
?

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Media]     [Linux Input]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [Old Linux USB Devel Archive]

  Powered by Linux