Re: [PATCH] Allow marking all USB devices as {un,}authorized by default

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am 31.05.2011 09:48 schrieb Greg KH:
> On Tue, May 31, 2011 at 08:41:58AM +0200, Carl-Daniel Hailfinger wrote:
>   
>> Am 31.05.2011 06:54 schrieb Greg KH:
>>     
>>> On Mon, May 30, 2011 at 12:19:00PM -0400, Alan Stern wrote:
>>>       
>>>> On Mon, 30 May 2011, Greg KH wrote:
>>>>         
>>>>> On Mon, May 30, 2011 at 09:09:15AM +0200, Carl-Daniel Hailfinger wrote:
>>>>>           
>>>>>> USB treats all devices attached to a wireless USB host controller as
>>>>>> unauthorized by default and all devices attached to a wired USB host
>>>>>> controller as authorized by default. This default setting can be changed
>>>>>> manually per host controller by setting authorized_default in sysfs, but
>>>>>> only after the host controller is already active.
>>>>>> AFAICS there is a race between userspace setting authorized_default on
>>>>>> startup and the USB subsystem enumerating devices on the USB bus. If a
>>>>>> USB device is already plugged into a wired USB host controller on
>>>>>> startup, it may be marked as authorized (and thus accessed by the
>>>>>> kernel/userspace) before userspace has a chance to set
>>>>>> authorized_default on that host controller. This is undesirable in kiosk
>>>>>> situations where the user may have access to the USB ports of a machine
>>>>>> during startup.
>>>>>>
>>>>>> Add an "authorized_default" parameter to the usbcore module
>>>>>>             
>>
>> What do you think about this one?
>>     
> Much better, I like it.
>
> Any objections?
>
> Oh, one minor grammar nit:
>   
>> The "authorized_default" module parameter of usbcore controls the default
>> for the authorized_default variable of each USB host controller.
>> -1 is authorized for all devices except wireless (default, old behaviour)
>> 0 is not authorized for all devices
>>     
> Shouldn't that read:
> 	0 is not authorized for any devices"
> ?
>   

Next try.
Any chance to get this into Linux 3.0? It does fix a race condition for
me, but I'm not sure whether that is a good enough reason for you.

>From 3cfe9bf76263bbcf576d1b8e62d2b236249c8263 Mon Sep 17 00:00:00 2001
From: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006@xxxxxxx>
Date: Tue, 31 May 2011 08:28:19 +0200
Subject: [PATCH] Add "authorized_default" parameter to the usbcore module

The "authorized_default" module parameter of usbcore controls the default
for the authorized_default variable of each USB host controller.
-1 is authorized for all devices except wireless (default, old behaviour)
0 is unauthorized for all devices
1 is authorized for all devices

Signed-off-by: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006@xxxxxxx>
---
 Documentation/kernel-parameters.txt |    5 +++++
 drivers/usb/core/hcd.c              |   17 ++++++++++++++++-
 2 files changed, 21 insertions(+), 1 deletions(-)

diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
index 5438a2d..ff1e35b 100644
--- a/Documentation/kernel-parameters.txt
+++ b/Documentation/kernel-parameters.txt
@@ -2535,6 +2535,11 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
 	unknown_nmi_panic
 			[X86] Cause panic on unknown NMI.
 
+	usbcore.authorized_default=
+			[USB] Default USB device authorization:
+			(default -1 = authorized except for wireless USB,
+			0 = not authorized, 1 = authorized)
+
 	usbcore.autosuspend=
 			[USB] The autosuspend time delay (in seconds) used
 			for newly-detected USB devices (default 2).  This
diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c
index ace9f84..8669ba3 100644
--- a/drivers/usb/core/hcd.c
+++ b/drivers/usb/core/hcd.c
@@ -337,6 +337,17 @@ static const u8 ss_rh_config_descriptor[] = {
 	0x02, 0x00   /* __le16 ss_wBytesPerInterval; 15 bits for max 15 ports */
 };
 
+/* authorized_default behaviour:
+ * -1 is authorized for all devices except wireless (old behaviour)
+ * 0 is unauthorized for all devices
+ * 1 is authorized for all devices
+ */
+static int authorized_default = -1;
+module_param(authorized_default, int, S_IRUGO|S_IWUSR);
+MODULE_PARM_DESC(authorized_default,
+		"Default USB device authorization: 0 is not authorized, 1 is "
+		"authorized, -1 is authorized except for wireless USB (default, "
+		"old behaviour");
 /*-------------------------------------------------------------------------*/
 
 /**
@@ -2371,7 +2382,11 @@ int usb_add_hcd(struct usb_hcd *hcd,
 
 	dev_info(hcd->self.controller, "%s\n", hcd->product_desc);
 
-	hcd->authorized_default = hcd->wireless? 0 : 1;
+	/* Keep old behaviour if authorized_default is not in [0, 1]. */
+	if (authorized_default < 0 || authorized_default > 1)
+		hcd->authorized_default = hcd->wireless? 0 : 1;
+	else
+		hcd->authorized_default = authorized_default;
 	set_bit(HCD_FLAG_HW_ACCESSIBLE, &hcd->flags);
 
 	/* HC is in reset state, but accessible.  Now do the one-time init,
-- 
1.7.1



-- 
http://www.hailfinger.org/

--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Media]     [Linux Input]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [Old Linux USB Devel Archive]

  Powered by Linux