From owner-p4-projects@FreeBSD.ORG Sat Sep 20 19:55:22 2008 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 25E611065679; Sat, 20 Sep 2008 19:55:22 +0000 (UTC) Delivered-To: perforce@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 83230106566C for ; Sat, 20 Sep 2008 19:55:21 +0000 (UTC) (envelope-from hselasky@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id 373018FC18 for ; Sat, 20 Sep 2008 19:55:21 +0000 (UTC) (envelope-from hselasky@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id m8KJtLe5028251 for ; Sat, 20 Sep 2008 19:55:21 GMT (envelope-from hselasky@FreeBSD.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.3/8.14.3/Submit) id m8KJtLnE028245 for perforce@freebsd.org; Sat, 20 Sep 2008 19:55:21 GMT (envelope-from hselasky@FreeBSD.org) Date: Sat, 20 Sep 2008 19:55:21 GMT Message-Id: <200809201955.m8KJtLnE028245@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to hselasky@FreeBSD.org using -f From: Hans Petter Selasky To: Perforce Change Reviews Cc: Subject: PERFORCE change 150179 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 20 Sep 2008 19:55:22 -0000 http://perforce.freebsd.org/chv.cgi?CH=150179 Change 150179 by hselasky@hselasky_laptop001 on 2008/09/20 19:55:15 Add a chapter about the USB security model. Affected files ... .. //depot/projects/usb/src/share/man/man4/usb2_core.4#3 edit Differences ... ==== //depot/projects/usb/src/share/man/man4/usb2_core.4#3 (text+ko) ==== @@ -23,7 +23,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd September 3, 2008 +.Dd September 20, 2008 .Dt USB2_CORE 4 .Os . @@ -31,108 +31,6 @@ . . .Nm usb2_core -.Nm usb2_bdma_done_event, -.Nm usb2_bdma_post_sync, -.Nm usb2_bdma_pre_sync, -.Nm usb2_bdma_work_loop, -.Nm usb2_bzero, -.Nm usb2_config_td_drain, -.Nm usb2_config_td_is_gone, -.Nm usb2_config_td_queue_command, -.Nm usb2_config_td_setup, -.Nm usb2_config_td_sleep, -.Nm usb2_config_td_unsetup, -.Nm usb2_copy_in, -.Nm usb2_copy_in_user, -.Nm usb2_copy_out, -.Nm usb2_copy_out_user, -.Nm usb2_desc_foreach, -.Nm usb2_dma_tag_find, -.Nm usb2_dma_tag_setup, -.Nm usb2_dma_tag_unsetup, -.Nm usb2_errstr, -.Nm usb2_fifo_alloc_buffer, -.Nm usb2_fifo_attach, -.Nm usb2_fifo_detach, -.Nm usb2_fifo_free, -.Nm usb2_fifo_free_buffer, -.Nm usb2_fifo_get_data, -.Nm usb2_fifo_get_data_buffer, -.Nm usb2_fifo_get_data_error, -.Nm usb2_fifo_get_data_linear, -.Nm usb2_fifo_get_data_next, -.Nm usb2_fifo_opened, -.Nm usb2_fifo_put_bytes_max, -.Nm usb2_fifo_put_data, -.Nm usb2_fifo_put_data_buffer, -.Nm usb2_fifo_put_data_error, -.Nm usb2_fifo_put_data_linear, -.Nm usb2_fifo_reset, -.Nm usb2_fifo_signal, -.Nm usb2_fifo_wait, -.Nm usb2_fifo_wakeup, -.Nm usb2_find_edesc, -.Nm usb2_find_idesc, -.Nm usb2_get_bus_index, -.Nm usb2_get_config_descriptor, -.Nm usb2_get_device_descriptor, -.Nm usb2_get_device_index, -.Nm usb2_get_iface, -.Nm usb2_get_interface_altindex, -.Nm usb2_get_interface_descriptor, -.Nm usb2_get_no_alts, -.Nm usb2_get_no_endpoints, -.Nm usb2_get_page, -.Nm usb2_get_speed, -.Nm usb2_m_copy_in, -.Nm usb2_pc_alloc_mem, -.Nm usb2_pc_cpu_flush, -.Nm usb2_pc_cpu_invalidate, -.Nm usb2_pc_dmamap_create, -.Nm usb2_pc_dmamap_destroy, -.Nm usb2_pc_free_mem, -.Nm usb2_pc_load_mem, -.Nm usb2_proc_csignal, -.Nm usb2_proc_cwait, -.Nm usb2_proc_drain, -.Nm usb2_proc_is_gone, -.Nm usb2_proc_msignal, -.Nm usb2_proc_mwait, -.Nm usb2_proc_setup, -.Nm usb2_proc_unsetup, -.Nm usb2_set_alt_interface_index, -.Nm usb2_set_frame_data, -.Nm usb2_set_frame_offset, -.Nm usb2_set_iface_perm, -.Nm usb2_set_parent_iface, -.Nm usb2_start_hardware, -.Nm usb2_transfer_clear_stall, -.Nm usb2_transfer_drain, -.Nm usb2_transfer_set_stall, -.Nm usb2_transfer_setup, -.Nm usb2_transfer_start, -.Nm usb2_transfer_stop, -.Nm usb2_transfer_unsetup, -.Nm usb2_uiomove, -.Nm usb_alloc_urb, -.Nm usb_altnum_to_altsetting, -.Nm usb_buffer_alloc, -.Nm usb_buffer_free, -.Nm usb_clear_halt, -.Nm usb_control_msg, -.Nm usb_find_host_endpoint, -.Nm usb_free_urb, -.Nm usb_get_intfdata, -.Nm usb_ifnum_to_if, -.Nm usb_init_urb, -.Nm usb_kill_urb, -.Nm usb_linux_deregister, -.Nm usb_linux_register, -.Nm usb_set_interface, -.Nm usb_set_intfdata, -.Nm usb_setup_endpoint, -.Nm usb_submit_urb, -.Nm usb_unlink_urb . .Nd "USB core functions" . @@ -591,8 +489,40 @@ module supports the Linux USB API. . . +. +. +.Sh USB SECURITY MODEL +. +. +The +.Nm +module implements fine grained read and write access based on username +and group. Access is granted at four levels: +. +.Bl -tag +.It Level 4 - USB interface +USB interfaces can be given individual access rights. +.It Level 3 - USB device +USB devices can be given individual access rights. +.It Level 2 - USB BUS +USB busses can be given individual access rights. +.It Level 1 - USB +USB as a whole can be given individual access rights. +.El +.Pp +The +.Nm +module will search for access rights starting at level 4 continuing +downwards to USB at level 1. For critical applications you should be +aware that the outgoing serial BUS traffic will be broadcasted to all +USB devices. For absolute security USB devices that require different +access rights should not be placed on the same USB BUS or controller. +If connected to the same USB bus, it is possible that a USB device can +sniff and intercept the communication of another USB device. Using USB +HUBs will not solve this problem. .Sh SEE ALSO .Xr usb2_controller 4 +.Xr usbconfig 8 .Sh STANDARDS The .Nm