Am 31.05.2011 09:48 schrieb Greg KH:
> On Tue, May 31, 2011 at 08:41:58AM +0200, Carl-Daniel Hailfinger wrote:
>
>> Am 31.05.2011 06:54 schrieb Greg KH:
>>
>>> On Mon, May 30, 2011 at 12:19:00PM -0400, Alan Stern wrote:
>>>
>>>> On Mon, 30 May 2011, Greg KH wrote:
>>>>
>>>>> On Mon, May 30, 2011 at 09:09:15AM +0200, Carl-Daniel Hailfinger wrote:
>>>>>
>>>>>> USB treats all devices attached to a wireless USB host controller as
>>>>>> unauthorized by default and all devices attached to a wired USB host
>>>>>> controller as authorized by default. This default setting can be changed
>>>>>> manually per host controller by setting authorized_default in sysfs, but
>>>>>> only after the host controller is already active.
>>>>>> AFAICS there is a race between userspace setting authorized_default on
>>>>>> startup and the USB subsystem enumerating devices on the USB bus. If a
>>>>>> USB device is already plugged into a wired USB host controller on
>>>>>> startup, it may be marked as authorized (and thus accessed by the
>>>>>> kernel/userspace) before userspace has a chance to set
>>>>>> authorized_default on that host controller. This is undesirable in kiosk
>>>>>> situations where the user may have access to the USB ports of a machine
>>>>>> during startup.
>>>>>>
>>>>>> Add an "authorized_default" parameter to the usbcore module
>>>>>>
>>
>> What do you think about this one?
>>
> Much better, I like it.
>
> Any objections?
>
> Oh, one minor grammar nit:
>
>> The "authorized_default" module parameter of usbcore controls the default
>> for the authorized_default variable of each USB host controller.
>> -1 is authorized for all devices except wireless (default, old behaviour)
>> 0 is not authorized for all devices
>>
> Shouldn't that read:
> 0 is not authorized for any devices"
> ?
>
Next try.
Any chance to get this into Linux 3.0? It does fix a race condition for
me, but I'm not sure whether that is a good enough reason for you.
>From 3cfe9bf76263bbcf576d1b8e62d2b236249c8263 Mon Sep 17 00:00:00 2001
From: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006@xxxxxxx>
Date: Tue, 31 May 2011 08:28:19 +0200
Subject: [PATCH] Add "authorized_default" parameter to the usbcore module
The "authorized_default" module parameter of usbcore controls the default
for the authorized_default variable of each USB host controller.
-1 is authorized for all devices except wireless (default, old behaviour)
0 is unauthorized for all devices
1 is authorized for all devices
Signed-off-by: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006@xxxxxxx>
---
Documentation/kernel-parameters.txt | 5 +++++
drivers/usb/core/hcd.c | 17 ++++++++++++++++-
2 files changed, 21 insertions(+), 1 deletions(-)
diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
index 5438a2d..ff1e35b 100644
--- a/Documentation/kernel-parameters.txt
+++ b/Documentation/kernel-parameters.txt
@@ -2535,6 +2535,11 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
unknown_nmi_panic
[X86] Cause panic on unknown NMI.
+ usbcore.authorized_default=
+ [USB] Default USB device authorization:
+ (default -1 = authorized except for wireless USB,
+ 0 = not authorized, 1 = authorized)
+
usbcore.autosuspend=
[USB] The autosuspend time delay (in seconds) used
for newly-detected USB devices (default 2). This
diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c
index ace9f84..8669ba3 100644
--- a/drivers/usb/core/hcd.c
+++ b/drivers/usb/core/hcd.c
@@ -337,6 +337,17 @@ static const u8 ss_rh_config_descriptor[] = {
0x02, 0x00 /* __le16 ss_wBytesPerInterval; 15 bits for max 15 ports */
};
+/* authorized_default behaviour:
+ * -1 is authorized for all devices except wireless (old behaviour)
+ * 0 is unauthorized for all devices
+ * 1 is authorized for all devices
+ */
+static int authorized_default = -1;
+module_param(authorized_default, int, S_IRUGO|S_IWUSR);
+MODULE_PARM_DESC(authorized_default,
+ "Default USB device authorization: 0 is not authorized, 1 is "
+ "authorized, -1 is authorized except for wireless USB (default, "
+ "old behaviour");
/*-------------------------------------------------------------------------*/
/**
@@ -2371,7 +2382,11 @@ int usb_add_hcd(struct usb_hcd *hcd,
dev_info(hcd->self.controller, "%s\n", hcd->product_desc);
- hcd->authorized_default = hcd->wireless? 0 : 1;
+ /* Keep old behaviour if authorized_default is not in [0, 1]. */
+ if (authorized_default < 0 || authorized_default > 1)
+ hcd->authorized_default = hcd->wireless? 0 : 1;
+ else
+ hcd->authorized_default = authorized_default;
set_bit(HCD_FLAG_HW_ACCESSIBLE, &hcd->flags);
/* HC is in reset state, but accessible. Now do the one-time init,
--
1.7.1
--
http://www.hailfinger.org/
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
