From: Greg KH <gregkh@linuxfoundation.org>
To: niko.mauno@vaisala.com
Cc: linux-usb@vger.kernel.org, linux-kernel@vger.kernel.org,
vesa.jaaskelainen@vaisala.com, geert@linux-m68k.org
Subject: Re: [PATCH] usb: core: Kconfig: Improve USB authorization mode help
Date: Sat, 10 Feb 2024 10:27:58 +0000 [thread overview]
Message-ID: <2024021043-nursing-unbridle-cea4@gregkh> (raw)
In-Reply-To: <20240209142951.27195-1-niko.mauno@vaisala.com>
On Fri, Feb 09, 2024 at 04:29:51PM +0200, niko.mauno@vaisala.com wrote:
> From: Niko Mauno <niko.mauno@vaisala.com>
>
> Update the default USB device authorization mode help text so that the
> meaning of the option and it's available values are described more
> accurately.
>
> Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
> ---
Shouldn't there be a "Reported-by:" line here to give proper credit for
the developer who asked for this?
> drivers/usb/core/Kconfig | 19 +++++++++++++++----
> 1 file changed, 15 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/usb/core/Kconfig b/drivers/usb/core/Kconfig
> index f337aaea7604..4665df550d36 100644
> --- a/drivers/usb/core/Kconfig
> +++ b/drivers/usb/core/Kconfig
> @@ -126,10 +126,21 @@ config USB_DEFAULT_AUTHORIZATION_MODE
> Select the default USB device authorization mode. Can be overridden
> with usbcore.authorized_default command line or module parameter.
>
> - The available values have the following meanings:
> - 0 is unauthorized for all devices
> - 1 is authorized for all devices (default)
> - 2 is authorized for internal devices
> + This option allows you to choose whether USB devices that are
> + connected to the system can be used by default, or if they are
> + locked down.
> +
> + With value 0 all connected USB devices with the exception of root
> + hub require user space authorization before they can be used.
> +
> + With value 1 (default) no user space authorization is required to
> + use connected USB devices.
> +
> + With value 2 all connected USB devices with exception of internal
> + USB devices require user space authorization before they can be
> + used. Note that in this mode the differentiation between internal
> + and external USB devices relies on ACPI, and on systems without
> + ACPI selecting value 2 is analogous to selecting value 0.
>
> If the default value is too permissive but you are unsure which mode
> to use, say 2.
In looking this over, this last sentance really isn't a good suggestion,
as it will turn people's machine into one that by default, doesn't
accept external USB devices, which is probably NOT what they want at
all, and is NOT how Linux has worked for the past 20+ years.
So maybe a bit better clarification as what the normal default should be
here?
thanks,
greg k-h
next prev parent reply other threads:[~2024-02-10 10:28 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-09 14:29 [PATCH] usb: core: Kconfig: Improve USB authorization mode help niko.mauno
2024-02-10 10:27 ` Greg KH [this message]
2024-02-13 12:46 ` Niko Mauno
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2024021043-nursing-unbridle-cea4@gregkh \
--to=gregkh@linuxfoundation.org \
--cc=geert@linux-m68k.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-usb@vger.kernel.org \
--cc=niko.mauno@vaisala.com \
--cc=vesa.jaaskelainen@vaisala.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox