From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S966898AbdADJVm (ORCPT <rfc822;w@1wt.eu>);
        Wed, 4 Jan 2017 04:21:42 -0500
Received: from mail.linuxfoundation.org ([140.211.169.12]:58750 "EHLO
        mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751867AbdADJVl (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 4 Jan 2017 04:21:41 -0500
Date: Wed, 4 Jan 2017 10:13:12 +0100
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Kees Cook <keescook@chromium.org>
Cc: linux-kernel@vger.kernel.org, Matthew Garrett <mjg59@coreos.com>,
        kernel-hardening@lists.openwall.com
Subject: Re: [PATCH] Allow userspace to request device probing even if
 defer_all_probes is true
Message-ID: <20170104091312.GA31129@kroah.com>
References: <20170103230720.GA115084@beast>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20170103230720.GA115084@beast>
User-Agent: Mutt/1.7.2 (2016-11-26)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Jan 03, 2017 at 03:07:20PM -0800, Kees Cook wrote:
> From: Matthew Garrett <mjg59@coreos.com>
> 
> Userspace may wish to make a policy decision to allow certain devices
> to be attached, such as keyboards.

I don't understand what that sentance means.  Why wouldn't keyboards be
attached?

> Add a force_probe sysfs node to each device, which if written will
> trigger a probe even if defer_all_probes is currently true.

Why not just manually trigger the bind of the device?  I don't
understand the problem here that is being addressed, nor do I understand
how this would be used.  More explaination please.

thanks,

greg k-h