Re: [PATCH] Allow marking all USB devices as {un,}authorized by default

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, May 31, 2011 at 09:31:08PM +0200, Carl-Daniel Hailfinger wrote:
> Am 31.05.2011 09:48 schrieb Greg KH:
> > On Tue, May 31, 2011 at 08:41:58AM +0200, Carl-Daniel Hailfinger wrote:
> >   
> >> Am 31.05.2011 06:54 schrieb Greg KH:
> >>     
> >>> On Mon, May 30, 2011 at 12:19:00PM -0400, Alan Stern wrote:
> >>>       
> >>>> On Mon, 30 May 2011, Greg KH wrote:
> >>>>         
> >>>>> On Mon, May 30, 2011 at 09:09:15AM +0200, Carl-Daniel Hailfinger wrote:
> >>>>>           
> >>>>>> USB treats all devices attached to a wireless USB host controller as
> >>>>>> unauthorized by default and all devices attached to a wired USB host
> >>>>>> controller as authorized by default. This default setting can be changed
> >>>>>> manually per host controller by setting authorized_default in sysfs, but
> >>>>>> only after the host controller is already active.
> >>>>>> AFAICS there is a race between userspace setting authorized_default on
> >>>>>> startup and the USB subsystem enumerating devices on the USB bus. If a
> >>>>>> USB device is already plugged into a wired USB host controller on
> >>>>>> startup, it may be marked as authorized (and thus accessed by the
> >>>>>> kernel/userspace) before userspace has a chance to set
> >>>>>> authorized_default on that host controller. This is undesirable in kiosk
> >>>>>> situations where the user may have access to the USB ports of a machine
> >>>>>> during startup.
> >>>>>>
> >>>>>> Add an "authorized_default" parameter to the usbcore module
> >>>>>>             
> >>
> >> What do you think about this one?
> >>     
> > Much better, I like it.
> >
> > Any objections?
> >
> > Oh, one minor grammar nit:
> >   
> >> The "authorized_default" module parameter of usbcore controls the default
> >> for the authorized_default variable of each USB host controller.
> >> -1 is authorized for all devices except wireless (default, old behaviour)
> >> 0 is not authorized for all devices
> >>     
> > Shouldn't that read:
> > 	0 is not authorized for any devices"
> > ?
> >   
> 
> Next try.
> Any chance to get this into Linux 3.0? It does fix a race condition for
> me, but I'm not sure whether that is a good enough reason for you.

Yes, it might fix a race condition, but it's a new feature and it's not
like this race hasn't been there for a number of years now.

So no, I will not be pushing it for 3.0, it's too late for that.  I'm
only accepting bug fixes for 3.0 at this point in time.

This looks good, I'll queue it up for 3.1 in a week or so.

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Media]     [Linux Input]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [Old Linux USB Devel Archive]

  Powered by Linux