On 11/21/2011 07:25 PM, Abhijit Pawar wrote:
On 11/18/2011 09:05 PM, Abhijit Pawar wrote:
On
11/18/2011 08:16 PM, Greg KH wrote:
On Fri, Nov 18, 2011 at 06:36:18PM
+0530, Abhijit Pawar wrote:
On 11/17/2011 08:19 PM, Greg KH wrote:
On Thu, Nov 17, 2011 at 02:15:35PM
+0530, Abhijit Pawar wrote:
Hi All,
I need to filter the data written/read to and from the
USB storage
disk.
Why?
I want to build a secure machine with data protection. I
want to
have a security around the machine where anyone can attach a
usb
disk and copy the data. but i want to make the copied data
useless
unless it has the trust relation with the host to which its
connected.
So if one has copied data from one secured machine and get
that usb
disk to other machine, he should see the encrypted garbage
data.
Interesting idea.
What are you wanting to do at
"filter" time?
I want to encrypt the write data packets and decrypt the
read data packets.
Why just USB disks? What makes them
special?
They are the one which can be attached to the system easily.
How are you going to determine if a
disk is a USB device or not?
You forgot to answer this question :)
Yeah, I forgot that one. I am not very sure but if I can patch
the USB core before it attaches the speficied class driver to
the USB device. May be I can try and send some control request
and get the class of the device. I think its not required as
USB core itself will understand the class of the device and try
to attach the proper driver. At this point of time, I will have
some patch which will pass on the information to my module.
I am not sure if there are any intercepting points or any
functions / structures exported in the USB core stack.
It seems that the Linux notification chain should give me
information whenever a USB device is added. I need to register for
a notification callback in my module.
I have written a small module for this which uses the
usb_register_notify()
Here is the debug trace from kernel when I add my logitech mouse
to the system. I get the device added notification.
[30540.541134] usb 2-1.3: New USB device found, idVendor=046d,
idProduct=c018
[30540.541143] usb 2-1.3: New USB device strings: Mfr=1,
Product=2, SerialNumber=0
[30540.541150] usb 2-1.3: Product: USB Optical Mouse
[30540.541155] usb 2-1.3: Manufacturer: Logitech
[30540.541162] device: '2-1.3': device_add
[30540.541172] kobject: '2-1.3' (ffff8800252b0898):
kobject_add_internal: parent: '2-1', set: 'devices'
[30540.549243] bus: 'usb': add device 2-1.3
[30540.549324] PM: Adding info for usb:2-1.3
[30540.549372] kobject: '2-1.3' (ffff8800252b0898):
kobject_uevent_env
[30540.549384] kobject: '2-1.3' (ffff8800252b0898):
fill_kobj_path: path =
'/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.3'
[30540.549473] bus: 'usb': driver_probe_device: matched device
2-1.3 with driver usb
[30540.549482] bus: 'usb': really_probe: probing driver usb with
device 2-1.3
[30540.549512] usb 2-1.3: rpm_resume flags 0x4
[30540.549518] usb 2-1.3: rpm_resume returns 1
[30540.550214] device: '2-1.3:1.0': device_add
[30540.550232] kobject: '2-1.3:1.0' (ffff880100648040):
kobject_add_internal: parent: '2-1.3', set: 'devices'
[30540.550553] bus: 'usb': add device 2-1.3:1.0
[30540.550643] PM: Adding info for usb:2-1.3:1.0
[30540.550661] kobject: '2-1.3:1.0' (ffff880100648040):
kobject_uevent_env
[30540.550678] kobject: '2-1.3:1.0' (ffff880100648040):
fill_kobj_path: path =
'/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.3/2-1.3:1.0'
[30540.550905] bus: 'usb': driver_probe_device: matched device
2-1.3:1.0 with driver usbserial_generic
[30540.550923] bus: 'usb': really_probe: probing driver
usbserial_generic with device 2-1.3:1.0
[30540.551178] usb 2-1.3: rpm_resume flags 0x4
[30540.551189] usb 2-1.3: rpm_resume returns 1
[30540.551458] bus: 'usb': driver_probe_device: matched device
2-1.3:1.0 with driver usbhid
[30540.551473] bus: 'usb': really_probe: probing driver usbhid
with device 2-1.3:1.0
[30540.551513] usb 2-1.3: rpm_resume flags 0x4
[30540.551523] usb 2-1.3: rpm_resume returns 1
[30540.552922] device: '0003:046D:C018.0002': device_add
[30540.552939] kobject: '0003:046D:C018.0002' (ffff88012b5b9898):
kobject_add_internal: parent: '2-1.3:1.0', set: 'devices'
[30540.552981] bus: 'hid': add device 0003:046D:C018.0002
[30540.553143] PM: Adding info for hid:0003:046D:C018.0002
[30540.553159] kobject: '0003:046D:C018.0002' (ffff88012b5b9898):
kobject_uevent_env
[30540.553176] kobject: '0003:046D:C018.0002' (ffff88012b5b9898):
fill_kobj_path: path =
'/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.3/2-1.3:1.0/0003:046D:C018.0002'
[30540.553352] bus: 'hid': driver_probe_device: matched device
0003:046D:C018.0002 with driver generic-usb
[30540.553369] bus: 'hid': really_probe: probing driver
generic-usb with device 0003:046D:C018.0002
[30540.555608] device: 'input17': device_add
[30540.555628] kobject: 'input' (ffff8800619af5a0):
kobject_add_internal: parent: '2-1.3:1.0', set: '(null)'
[30540.555677] kobject: 'input17' (ffff8800252b5b58):
kobject_add_internal: parent: 'input', set: 'devices'
[30540.555879] PM: Adding info for No Bus:input17
[30540.555888] kobject: 'input17' (ffff8800252b5b58):
kobject_uevent_env
[30540.555899] kobject: 'input17' (ffff8800252b5b58):
fill_kobj_path: path =
'/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.3/2-1.3:1.0/input/input17'
[30540.556072] kobject: 'input17' (ffff8800252b5b58):
fill_kobj_path: path =
'/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.3/2-1.3:1.0/input/input17'
[30540.556087] input: Logitech USB Optical Mouse as
/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.3/2-1.3:1.0/input/input17
[30540.556140] device: 'mouse0': device_add
[30540.556153] kobject: 'mouse0' (ffff8800252b41b8):
kobject_add_internal: parent: 'input17', set: 'devices'
[30540.556907] PM: Adding info for No Bus:mouse0
[30540.556924] kobject: 'mouse0' (ffff8800252b41b8):
kobject_uevent_env
[30540.556940] kobject: 'mouse0' (ffff8800252b41b8):
fill_kobj_path: path =
'/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.3/2-1.3:1.0/input/input17/mouse0'
[30540.557125] device: 'event6': device_add
[30540.557139] kobject: 'event6' (ffff8800252b21c0):
kobject_add_internal: parent: 'input17', set: 'devices'
[30540.558939] PM: Adding info for No Bus:event6
[30540.558953] kobject: 'event6' (ffff8800252b21c0):
kobject_uevent_env
[30540.558969] kobject: 'event6' (ffff8800252b21c0):
fill_kobj_path: path =
'/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.3/2-1.3:1.0/input/input17/event6'
[30540.559198] device: 'hidraw0': device_add
[30540.559221] kobject: 'hidraw' (ffff8800619afa20):
kobject_add_internal: parent: '0003:046D:C018.0002', set: '(null)'
[30540.559252] kobject: 'hidraw0' (ffff88012bfbc810):
kobject_add_internal: parent: 'hidraw', set: 'devices'
[30540.559281] usbhid 2-1.3:1.0: rpm_resume flags 0x4
[30540.559293] usbhid 2-1.3:1.0: rpm_resume returns 1
[30540.559655] PM: Adding info for No Bus:hidraw0
[30540.559670] kobject: 'hidraw0' (ffff88012bfbc810):
kobject_uevent_env
[30540.559687] kobject: 'hidraw0' (ffff88012bfbc810):
fill_kobj_path: path =
'/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.3/2-1.3:1.0/0003:046D:C018.0002/hidraw/hidraw0'
[30540.559805] generic-usb 0003:046D:C018.0002: input,hidraw0: USB
HID v1.11 Mouse [Logitech USB Optical Mouse] on
usb-0000:00:1d.0-1.3/input0
[30540.559820] driver: '0003:046D:C018.0002': driver_bound: bound
to device 'generic-usb'
[30540.559833] bus: 'hid': really_probe: bound device
0003:046D:C018.0002 to driver generic-usb
[30540.559859] driver: '2-1.3:1.0': driver_bound: bound to device
'usbhid'
[30540.559874] bus: 'usb': really_probe: bound device 2-1.3:1.0 to
driver usbhid
[30540.559892] usbhid 2-1.3:1.0: rpm_suspend flags 0x4
[30540.559908] usbhid 2-1.3:1.0: rpm_suspend returns 0
[30540.559939] device: 'ep_81': device_add
[30540.559950] kobject: 'ep_81' (ffff88009613f820):
kobject_add_internal: parent: '2-1.3:1.0', set: 'devices'
[30540.560175] PM: Adding info for No Bus:ep_81
[30540.560189] kobject: 'ep_81' (ffff88009613f820):
kobject_uevent_env
[30540.560198] kobject: 'ep_81' (ffff88009613f820):
kobject_uevent_env: filter function caused the event to drop!
[30540.561372] usb_notify_subscriber
[30540.561378] usb_notify_subscriber:USB device added
So this notification is raised when everything is done by the USB
core and it has already attached the driver to the device. In that
case I think this is not that important and will not solve the
purpose which I am looking for.
Now the way USB is made known to
OS is through SCSI and then
respective filesystem ( mostly usbfs).
Not really, usbfs is only one way, and it has nothing to
do with usb
disks.
So is there any way I can
intercept this stack and have my kernel module
invoked so that I will get the data.
Not easily.
Even if its hard, can you please give details of how do I
achieve this?
I have been thinking on two
approaches:
1. Use VFS and write a proxy filesystem for USB device
which will filter
the data.
2. checking SCSI and any intercepting point.
Again, what are you trying to "filter"? That will
determine where you
make changes.
thanks, greg k-h
So what choice do I have now for this?
Lots of work, best of luck with this task, it will not be
simple or
easy.
greg k-h
Thanks. Its not that simple. I need to check the sCSI family
code as well as USB core. Also VFS may be involved. :( :)
Regards,
Abhijit Pawar
Hi ,
I found a rather very simple solution to the problem. Stackable
filesystem.
Regards,
Abhijit Pawar
|
