usb: interface authorization: Documentation part

This part adds the documentation for the interface authorization. Signed-off-by: Stefan Koch <stefan.koch10@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Stefan Koch <stefan.koch10@gmail.com> 2015-08-25 15:10:10 -0400
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2015-09-22 15:08:40 -0400
commit: 7f59c150ad9ae017abcff16775ccdd0bdefb963d (patch)
tree: 790d93be49f94dfb80b445159b122b67d62c090a /Documentation/usb
parent: 310d2b4124c073a2057ef9d952d4d938e9b1dfd9 (diff)
1 files changed, 31 insertions, 0 deletions
diff --git a/Documentation/usb/authorization.txt b/Documentation/usb/authorization.txt
index c069b6884c77..c7e985f05d8f 100644
--- a/Documentation/usb/authorization.txt
+++ b/Documentation/usb/authorization.txt
@@ -90,3 +90,34 @@ etc, but you get the idea. Anybody with access to a device gadget kit
 can fake descriptors and device info. Don't trust that. You are
 welcome.
+Interface authorization
+-----------------------
+There is a similar approach to allow or deny specific USB interfaces.
+That allows to block only a subset of an USB device.
+Authorize an interface:
+$ echo 1 > /sys/bus/usb/devices/INTERFACE/authorized
+Deauthorize an interface:
+$ echo 0 > /sys/bus/usb/devices/INTERFACE/authorized
+The default value for new interfaces
+on a particular USB bus can be changed, too.
+Allow interfaces per default:
+$ echo 1 > /sys/bus/usb/devices/usbX/interface_authorized_default
+Deny interfaces per default:
+$ echo 0 > /sys/bus/usb/devices/usbX/interface_authorized_default
+Per default the interface_authorized_default bit is 1.
+So all interfaces would authorized per default.
+Note:
+If a deauthorized interface will be authorized so the driver probing must
+be triggered manually by writing INTERFACE to /sys/bus/usb/drivers_probe
+For drivers that need multiple interfaces all needed interfaces should be
+authroized first. After that the drivers should be probed.
+This avoids side effects.
author	Stefan Koch <stefan.koch10@gmail.com>	2015-08-25 15:10:10 -0400
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2015-09-22 15:08:40 -0400
commit	7f59c150ad9ae017abcff16775ccdd0bdefb963d (patch)
tree	790d93be49f94dfb80b445159b122b67d62c090a /Documentation/usb
parent	310d2b4124c073a2057ef9d952d4d938e9b1dfd9 (diff)

diff --git a/Documentation/usb/authorization.txt b/Documentation/usb/authorization.txt index c069b6884c77..c7e985f05d8f 100644 --- a/Documentation/usb/authorization.txt +++ b/Documentation/usb/authorization.txt
@@ -90,3 +90,34 @@ etc, but you get the idea. Anybody with access to a device gadget kit
90	can fake descriptors and device info. Don't trust that. You are	90	can fake descriptors and device info. Don't trust that. You are
91	welcome.	91	welcome.
92		92
		93
		94	Interface authorization
		95	-----------------------
		96	There is a similar approach to allow or deny specific USB interfaces.
		97	That allows to block only a subset of an USB device.
		98
		99	Authorize an interface:
		100	$ echo 1 > /sys/bus/usb/devices/INTERFACE/authorized
		101
		102	Deauthorize an interface:
		103	$ echo 0 > /sys/bus/usb/devices/INTERFACE/authorized
		104
		105	The default value for new interfaces
		106	on a particular USB bus can be changed, too.
		107
		108	Allow interfaces per default:
		109	$ echo 1 > /sys/bus/usb/devices/usbX/interface_authorized_default
		110
		111	Deny interfaces per default:
		112	$ echo 0 > /sys/bus/usb/devices/usbX/interface_authorized_default
		113
		114	Per default the interface_authorized_default bit is 1.
		115	So all interfaces would authorized per default.
		116
		117	Note:
		118	If a deauthorized interface will be authorized so the driver probing must
		119	be triggered manually by writing INTERFACE to /sys/bus/usb/drivers_probe
		120
		121	For drivers that need multiple interfaces all needed interfaces should be
		122	authroized first. After that the drivers should be probed.
		123	This avoids side effects.