> Date: Tue, 26 Mar 2024 17:41:52 -0400 > From: Thor Lancelot Simon <t...@panix.com> > > On Tue, Mar 26, 2024 at 12:25:07AM +0000, Taylor R Campbell wrote: > > > > We should really expose a /dev/ugen* instance for _every_ USB device; > > those that have kernel drivers attached have only limited access via > > /dev/ugen* (no reads, writes, transfer ioctls, &c.), until you do > > ioctl(USB_KICK_OUT_KERNEL_DRIVER) or whatever, at which point the > > kernel driver will detach and the user program can take over instead > > and use the full ugen(4) API. > > I don't think this can be safely allowed at security level > 0, unless, > perhaps, it's restricted from working on devices that would match disk > drivers.
ioctl(USB_KICK_OUT_KERNEL_DRIVER) would attempt to detach the driver without DETACH_FORCE, so disk devices with file systems mounted would simply decline and the ioctl would fail.
