usb: interface authorization: Documentation part
authorStefan Koch <stefan.koch10@gmail.com>
Tue, 25 Aug 2015 19:10:10 +0000 (21:10 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Tue, 22 Sep 2015 19:08:40 +0000 (12:08 -0700)
This part adds the documentation for the interface authorization.

Signed-off-by: Stefan Koch <stefan.koch10@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Documentation/ABI/testing/sysfs-bus-usb
Documentation/usb/authorization.txt

index 864637f25bee49a616865901ed6b0d4daa1791c8..3a4abfc44f5e0d8a9e358626c1ca8251d756003d 100644 (file)
@@ -1,3 +1,23 @@
+What:          /sys/bus/usb/devices/INTERFACE/authorized
+Date:          August 2015
+Description:
+               This allows to authorize (1) or deauthorize (0)
+               individual interfaces instead a whole device
+               in contrast to the device authorization.
+               If a deauthorized interface will be authorized
+               so the driver probing must be triggered manually
+               by writing INTERFACE to /sys/bus/usb/drivers_probe
+               This allows to avoid side-effects with drivers
+               that need multiple interfaces.
+               A deauthorized interface cannot be probed or claimed.
+
+What:          /sys/bus/usb/devices/usbX/interface_authorized_default
+Date:          August 2015
+Description:
+               This is used as value that determines if interfaces
+               would be authorized by default.
+               The value can be 1 or 0. It's by default 1.
+
 What:          /sys/bus/usb/device/.../authorized
 Date:          July 2008
 KernelVersion: 2.6.26
index c069b6884c779ffc855133f634cf6b640a81da00..c7e985f05d8f9f1ecd433ffe41fec1e199e8b898 100644 (file)
@@ -90,3 +90,34 @@ etc, but you get the idea. Anybody with access to a device gadget kit
 can fake descriptors and device info. Don't trust that. You are
 welcome.
 
+
+Interface authorization
+-----------------------
+There is a similar approach to allow or deny specific USB interfaces.
+That allows to block only a subset of an USB device.
+
+Authorize an interface:
+$ echo 1 > /sys/bus/usb/devices/INTERFACE/authorized
+
+Deauthorize an interface:
+$ echo 0 > /sys/bus/usb/devices/INTERFACE/authorized
+
+The default value for new interfaces
+on a particular USB bus can be changed, too.
+
+Allow interfaces per default:
+$ echo 1 > /sys/bus/usb/devices/usbX/interface_authorized_default
+
+Deny interfaces per default:
+$ echo 0 > /sys/bus/usb/devices/usbX/interface_authorized_default
+
+Per default the interface_authorized_default bit is 1.
+So all interfaces would authorized per default.
+
+Note:
+If a deauthorized interface will be authorized so the driver probing must
+be triggered manually by writing INTERFACE to /sys/bus/usb/drivers_probe
+
+For drivers that need multiple interfaces all needed interfaces should be
+authroized first. After that the drivers should be probed.
+This avoids side effects.
This page took 0.026504 seconds and 5 git commands to generate.