From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-ed1-f54.google.com (mail-ed1-f54.google.com [209.85.208.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1D1C93C1994 for ; Thu, 19 Mar 2026 11:09:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.54 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773918544; cv=none; b=D4RmmpzjQuJosmNCgGo3T9pe0GOhXa1+czzs5ccFY9IXoQfbEzzrJFdyKM0aHMhjDPkpTxM97ntG2y/nwY4+ZPciA8ioMZqCZ0IvUwowUJRGUfJsxSH15P3YE8kIFTufqLp7HgAhDBtE97xs/ZYVZX6ISzwGvyZblu4BnNMejLg= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773918544; c=relaxed/simple; bh=5upsHrtLRI0mBKjKLI5yL6bcYwkktIIBzTewjQcRaOw=; h=Date:From:To:Cc:Subject:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=f8SW9t/HAAzQ5ddM9f0ANyuUM7hQBR58wknE3GQPw0cI3tQsndPCD8l0qKgAZ81M23Rw3bj9wNcPRsRWkhPLBrd7yJiSMYYESxgy2LFiFXyG1fqbf6tFETnn9FA9VR+CNp3uxcEt/yk8JD00fr5PJ8pCCOiW+5052KLMZOfvbd8= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=b4ObFGlR; arc=none smtp.client-ip=209.85.208.54 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="b4ObFGlR" Received: by mail-ed1-f54.google.com with SMTP id 4fb4d7f45d1cf-665634cb208so1560648a12.3 for ; Thu, 19 Mar 2026 04:09:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1773918541; x=1774523341; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date:from:to:cc:subject:date :message-id:reply-to; bh=0JRXc+Q5SYxlCa27iykSk4XXCHPIaQz6hns7kejM0Po=; b=b4ObFGlRPMtG1Q9Y4B1W5oLBqI6NVyX/N3xEUZmC2ZuIOq5q89OVuCbdelnAu7+4DJ 2rGWEETN5EpsT1M5ab4nn0Rz55ZHJxuALdZw5q4qP7s7usIeK3Cwli4qLQEEsv45kjGg 6jmBfHGehwSl2LSXlxPzk0tltyGmLyMBlcdabC+UO7wAgYiFxL0Rb92u7+Pipi9mLPqy VIm8BWmDpVF+V9OtED+7BTcfd5z5op2zMzPmx+rL48+mDMjoGvsBE7fXd3opWMyklxkq yCctd37xGxTlR79VElS/t/moZR4uzMEX/LsDMIHd3wNkmy7KsO73+0g4Pn+oxMafVObr L6Cg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1773918541; x=1774523341; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=0JRXc+Q5SYxlCa27iykSk4XXCHPIaQz6hns7kejM0Po=; b=qjsRP+JXoVjcLTA2mBIgEFHj1QZqYK9t2z8d+46MTZmVgSxMjFaOmvnCPWAwDXlwM/ bdUXobyb9WEjmOY2bplM/wa1QRtj3i37EKofI9kCye+6X6Eg7dTzhAo3vXMGY573jDU7 D0tP1QMcpd9yp60XrUouav+nnX+xVsxrFuWTuOEEZbtEjwWsVEFWf7zsskdckmUndh79 Nfxpb/fosv1a+NTAFLPfAtw/tebkVSJOphXlmmAKi/vyKSLs0THILxzWpTDHkJMirh6m 4TQJZ2tO3OQd3oNfLdHUfRHnkDj3no7pdH8DkIombhA4yzsQqscB/HnYPXBQJ/LEkmh1 DlhA== X-Forwarded-Encrypted: i=1; AJvYcCVewN60KnmX8z8aU8fdvlJ715GUcol+KT3NnTer8K9Pn4JY65bbaFzULP5N9/DiYU1Fl8U9uaCGBQG6J30=@vger.kernel.org X-Gm-Message-State: AOJu0YzH3CLItwwym6+gB+5dUfT/hUrMhDOslB3+QYtQ4lfny1cXlfEV an9yi/8HYdfgdk/WUzLahIa4UE2wXWjwcNUVoZ31CVhueQQZaf1ZSNHx X-Gm-Gg: ATEYQzzhGMIJq49DmbVYZcNSYIU2Q0WdMQjag7UWKCrJIWf0xbwwa3N8cTVjFGV61fj IuLpmIPEO7+b5kbKU2iIaIY64pSqeiVjS8aSpR9POAFItAMJpU09S+LcE0Z1TfGoymlFZjeReht yq08Nwr8b43dm+8WwpvAsXbE5BLpwFRHJgkwAT1O/agopiRkV7yyQyPUfN0IDC7dMFbaidCty6b Y6iMBqyxbsVZaI5cE+PwXKg6Og0GFhXyAjNhOa9U/c4sxU4SuRETTHu6ssCwWOCDoe/Ak+sIa/h Zm1dfl+dTMLtd6iiAMltv+KbIiGJB1ycIRb2RU8jQHZXRakw/fjt5Dpe2CjH+GX14vFKWseV8x6 ypKm9M0b2TT2/99E1JVsOmN47dArXfGJ6QlW/0PI2KBcdSmZ8mlvzMAQpFnYAqqWaUCopg2Le7s 7QntfCmB86Q6TPtD8G9/NSFWlmh39GJpouW/c= X-Received: by 2002:a05:6402:13d1:b0:665:1c94:320d with SMTP id 4fb4d7f45d1cf-667b2733215mr4466539a12.18.1773918541213; Thu, 19 Mar 2026 04:09:01 -0700 (PDT) Received: from foxbook (bfk214.neoplus.adsl.tpnet.pl. [83.28.48.214]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-667b0eb9849sm3367540a12.16.2026.03.19.04.09.00 (version=TLS1_2 cipher=AES128-SHA bits=128/128); Thu, 19 Mar 2026 04:09:01 -0700 (PDT) Date: Thu, 19 Mar 2026 12:08:56 +0100 From: Michal Pecio To: Ricardo Ribalda Cc: Laurent Pinchart , Hans de Goede , Mauro Carvalho Chehab , Greg Kroah-Hartman , linux-media@vger.kernel.org, linux-kernel@vger.kernel.org, linux-usb@vger.kernel.org Subject: Re: [PATCH v3 3/4] media: uvcvideo: Introduce allow_privacy_override module parameter Message-ID: <20260319120856.09f2f15a.michal.pecio@gmail.com> In-Reply-To: References: <20260316-uvcdynctrl-v3-0-19cd4657e1f3@chromium.org> <20260316-uvcdynctrl-v3-3-19cd4657e1f3@chromium.org> <20260319013657.155efeb0.michal.pecio@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Thu, 19 Mar 2026 10:56:59 +0100, Ricardo Ribalda wrote: > The goal of the deprecation period is exactly this: to trigger a > conversation before a permanent block. Most users will just curse and edit their /etc/modprobe.conf. They may post a rant on some distro forum. I suspect no one will monitor this. > We can then decide if we need a specialized API for their use case or > a Kconfig option, rather than leaving the current "anyone can turn > off the privacy LED" status quo. Why not just add the specialized API right away? I believe users affected by this regression are already known, ISTR some negative response to previous iterations of this patch. Kconfig option sounds crazy, who would want to rebuild the kernel for this? Depending on BROKEN is double crazy. > The attack vector is that an app with camera access, like your > browser, can record you when you don't want to be recorded. > The LED will be a signal that something is happening. > > Imagine that you install a Flatpak for live streaming. Assuming the > Flatpak is properly sandboxed, remote code execution is less worrisome > than the app spying on you. Theoretically yes. But also nobody should rely on those LEDs. People who care ask HW vendors for physical switches or disconnect the camera while not in use. I have seen black tape on laptop lids. Are there more owners of affected hardware who want this code than those who don't? Maybe it could be a Kconfig option for them :) Most of my USB cameras don't even have activity LEDs. > > So it's not removal of some controversial feature, but 3KB of extra > > code in everybody's kernel (I just applied this patch) and a forever > > game of whack-a-mole with HW vendors? They will win... > > Maybe I meassured it wrong. But I can only account for 1.3 KiB I simply ran stat uvcvideo.ko and calculated difference. Could be a matter of different kernel configs. > I see no need for vendors to hide these features, they simply added > them because an OEM thought it was a nice feature to have, or because > they left them as hardware debug features. But how will the kernel know about those random debug backdoors? It just seems that whatever is discovered by users and becomes popular enough to reach linux-media, will be getting blacklisted and broken.