From mboxrd@z Thu Jan 1 00:00:00 1970 From: Greg Kroah-Hartman Subject: Re: [PATCH] Allow userspace control of runtime disabling/enabling of driver probing Date: Wed, 4 Jan 2017 20:47:07 +0100 Message-ID: <20170104194707.GD25268@kroah.com> References: <20170103225831.GA113525@beast> <20170104093236.GB31677@kroah.com> Reply-To: kernel-hardening@lists.openwall.com Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: List-Post: List-Help: List-Unsubscribe: List-Subscribe: Content-Disposition: inline In-Reply-To: To: Matthew Garrett Cc: Kees Cook , Linux Kernel Mailing List , "Rafael J. Wysocki" , Len Brown , Pavel Machek , Ulf Hansson , Mauro Carvalho Chehab , Tomeu Vizoso , Lukas Wunner , Madalin Bucur , Sudip Mukherjee , Rasmus Villemoes , Arnd Bergmann , Andrew Morton , Russell King , Petr Tesarik , linux-pm@vger.kernel.org, kernel-hardening@lists.openwall.com List-Id: linux-pm@vger.kernel.org On Wed, Jan 04, 2017 at 12:31:45PM -0600, Matthew Garrett wrote: > On Wed, Jan 4, 2017 at 12:10 PM, Matthew Garrett wrote: > > > > The USB authentication feature was intended for handling wireless USB > > devices - it can be reused for this, but the code isn't generic enough > > to apply to other bus types. The two interact in exactly the way you'd > > expect, ie they don't. If you use both, then you need to handle both. > > And as an example of why the USB authorisation feature isn't > sufficient - the interface configuration isn't picked until after > you've authorised the device, which means you can't necessarily tell > the difference between a keyboard and an ethernet adapter until after > you've authorised it. You know the device type and vendor/product id before you authorize it, you should be able to do this type of detection otherwise it seems pretty pointless :) > That defeats the object, but it can't be changed without breaking the > wireless USB case. No one has wireless USB devices, this all works the same for any USB device :) thanks, greg k-h