| Message ID | 20240209142951.27195-1-niko.mauno@vaisala.com |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel+bounces-59460-ouuuleilei=gmail.com@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:7300:50ea:b0:106:860b:bbdd with SMTP id r10csp894286dyd;
Fri, 9 Feb 2024 06:34:56 -0800 (PST)
X-Google-Smtp-Source:
AGHT+IHeNTAD6UnKEtiLxZ4cYnRZ+onQq370qfKGWmO+iNq+XJEYpeykbu4B8t5/GtCVyF77lHau
X-Received: by 2002:a05:6a21:31c8:b0:19e:be60:3d19 with SMTP id
zb8-20020a056a2131c800b0019ebe603d19mr677653pzb.56.1707489295971;
Fri, 09 Feb 2024 06:34:55 -0800 (PST)
X-Forwarded-Encrypted: i=3;
AJvYcCXHo+3cdivhARyH1Bu+/+qx30DXutxLvYOq8PIPFhtufjwbETLL1ZPTXS1RCbrY7jlASHM7ztK30JtDygS8We60ANCTpQ==
Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org.
[2604:1380:45e3:2400::1])
by mx.google.com with ESMTPS id
k15-20020a6568cf000000b005dc4b244601si1814580pgt.522.2024.02.09.06.34.55
for <ouuuleilei@gmail.com>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Fri, 09 Feb 2024 06:34:55 -0800 (PST)
Received-SPF: pass (google.com: domain of
linux-kernel+bounces-59460-ouuuleilei=gmail.com@vger.kernel.org designates
2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1;
Authentication-Results: mx.google.com;
dkim=pass header.i=@vaisala.com header.s=selector1 header.b="U/xEDka5";
arc=fail (signature failed);
spf=pass (google.com: domain of
linux-kernel+bounces-59460-ouuuleilei=gmail.com@vger.kernel.org designates
2604:1380:45e3:2400::1 as permitted sender)
smtp.mailfrom="linux-kernel+bounces-59460-ouuuleilei=gmail.com@vger.kernel.org";
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE)
header.from=vaisala.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org
[52.25.139.140])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by sv.mirrors.kernel.org (Postfix) with ESMTPS id 81E0F285470
for <ouuuleilei@gmail.com>; Fri, 9 Feb 2024 14:33:01 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
by smtp.subspace.kernel.org (Postfix) with ESMTP id 9AB3776C66;
Fri, 9 Feb 2024 14:30:37 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
dkim=pass (2048-bit key) header.d=vaisala.com header.i=@vaisala.com
header.b="U/xEDka5"
Received: from EUR02-AM0-obe.outbound.protection.outlook.com
(mail-am0eur02on2137.outbound.protection.outlook.com [40.107.247.137])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0500969D34;
Fri, 9 Feb 2024 14:30:28 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
arc=fail smtp.client-ip=40.107.247.137
ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
t=1707489033; cv=fail;
b=fiE8Y0O/ZptZ/4ZvGFR0bjR6ZBoGbWU+gvkHZiQRXYaFZMT0BuwhzzGlPCRqDISLRxVDz4vavwzLmM+mg1PwOQMVgcU4QIcqBunGt/TLL0Y8kPpzDaOW1mXF7KmuXunlWFPcfrBswKIqfGqaNck1kc3aZq5Fneg8X8a2DTaBvcw=
ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org;
s=arc-20240116; t=1707489033; c=relaxed/simple;
bh=U2phM+abfp8+ubwzCaZiw6vNdkIDVJLH5OsBGMcwwrI=;
h=From:To:Cc:Subject:Date:Message-Id:Content-Type:MIME-Version;
b=aWmQLoz+9Yu58NyBQmOWxDi4F4aioTzRkwiI0Na+kHpeOL1nNguk5jODLw8HnLQfUrEqICp9bAIhKdv8qxqbRRwKr3+e+wPqAhcocI9ju6tq3qd5ROYYydXdebhe14Vp6LSh8HnYavlDD0s44S8wkow9gjsH+Q5PK+7zZB+KtTM=
ARC-Authentication-Results: i=2; smtp.subspace.kernel.org;
dmarc=pass (p=quarantine dis=none) header.from=vaisala.com;
spf=pass smtp.mailfrom=vaisala.com;
dkim=pass (2048-bit key) header.d=vaisala.com header.i=@vaisala.com
header.b=U/xEDka5; arc=fail smtp.client-ip=40.107.247.137
Authentication-Results: smtp.subspace.kernel.org;
dmarc=pass (p=quarantine dis=none) header.from=vaisala.com
Authentication-Results: smtp.subspace.kernel.org;
spf=pass smtp.mailfrom=vaisala.com
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=F0PoBC5gFVScg5jwVmirrKGHf50owOk167ewxiMWjDQYVA6mY9AGG0no7sDcs79/iuNPq6mZLOY3QGrjxdEKbredoxa2mY+0xwQarrvc0xIP3VZ4PgFpN7PELu2YpZHxwUwChk7E8KlwlahrxnQZluvHjiVWzv//IeDlBx7NYHTHvQQeyzBkCYqnJKc5uNjj7T/bA36s+36MoVv9uK2VsPDeSsynQbo6EqizYR8cburE+ABhBaXXxgcEccGafYtdAmLHi2LbfHSJfRkQggzzNKgOKxJA4GzekWJEiSzbNXWaQVG/cPSyeKP//QJ8rEVlyx2acPtsYf7zAynVVVcE0A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=kfJVkj8byHgGgoRSZY/a/EQ+ehk+0NqskUsJfzop2vg=;
b=CM6g71ndSLYqO1QEMF2XCsm5zyi+Hz6nm7GLMT+5oG9R6sBfOEfDsXyuKFhb7fZT938Okyr6ubcG7RB68FXtUDrLa4MLHJxJTUZTtuKZ79wlIiSPorEsIEaz1cW/yDhMyh7ct1QyQiLRKHEHRDhseUb506XOxf8m87s0AXb67T48t7BY+9gpYTTYOPRZSEs0t0p5c3N2qopY3Bv3f2x9x2pJqHUgK5f+tLH5iDsORk5QO4uUwmEyw46diRq5hCB/pjaeIlGWMg38Cm3BqKgDIjBNSC4m7W2XLXXdDmfsVlmuJlU9cXm5h6bGXW67nTjDKctk2z1MVP9FB7CHaERkZw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
smtp.mailfrom=vaisala.com; dmarc=pass action=none header.from=vaisala.com;
dkim=pass header.d=vaisala.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=vaisala.com;
s=selector1;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=kfJVkj8byHgGgoRSZY/a/EQ+ehk+0NqskUsJfzop2vg=;
b=U/xEDka5As+T9VhtlQXyL+C+4aQ6oefvuQQpwxIKJbBMLLqS7If5oiS1IV9QGhW1it/GQg4xYiNSIgzz1JNfBXaYVqZmT8XXzNiLh05smp6eQXYR6egbzhptdLG9m6xHS3atG+QZf39PWCcBQnWy4kr/XIxJDInUBcFBGSumMYwuAW1jg0UWyGoZyPwjzkCJeGY23eLQuuSt9bM4D9DJLY0a3HtiRSgNdB6x8akzmRqFCfTqC/xGyARFxDbcIkcExHXGAjpLHBgJbG4sPt9zZgrmj7O5qSX0k8QrMKd0VJa2QI6Tdo8rk6GrR4o/leZN1YKi+djjrTQBspI0DtqlWg==
Authentication-Results: dkim=none (message not signed)
header.d=none;dmarc=none action=none header.from=vaisala.com;
Received: from AS4PR06MB8447.eurprd06.prod.outlook.com (2603:10a6:20b:4e2::11)
by DB9PR06MB7386.eurprd06.prod.outlook.com (2603:10a6:10:252::23) with
Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7270.24; Fri, 9 Feb
2024 14:30:25 +0000
Received: from AS4PR06MB8447.eurprd06.prod.outlook.com
([fe80::b5ae:8355:acaf:29e0]) by AS4PR06MB8447.eurprd06.prod.outlook.com
([fe80::b5ae:8355:acaf:29e0%4]) with mapi id 15.20.7270.025; Fri, 9 Feb 2024
14:30:24 +0000
From: niko.mauno@vaisala.com
To: gregkh@linuxfoundation.org
Cc: linux-usb@vger.kernel.org,
linux-kernel@vger.kernel.org,
vesa.jaaskelainen@vaisala.com,
geert@linux-m68k.org,
Niko Mauno <niko.mauno@vaisala.com>
Subject: [PATCH] usb: core: Kconfig: Improve USB authorization mode help
Date: Fri, 9 Feb 2024 16:29:51 +0200
Message-Id: <20240209142951.27195-1-niko.mauno@vaisala.com>
X-Mailer: git-send-email 2.39.2
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-ClientProxiedBy: AM0PR06CA0117.eurprd06.prod.outlook.com
(2603:10a6:208:ab::22) To AS4PR06MB8447.eurprd06.prod.outlook.com
(2603:10a6:20b:4e2::11)
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: AS4PR06MB8447:EE_|DB9PR06MB7386:EE_
X-MS-Office365-Filtering-Correlation-Id: 7e2ba728-1159-4062-b979-08dc297ba700
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info:
7sIc96Fwm0sDiieXbZdCAg2jmaTTG/CCk+qdu5ebnt4HyJunTQ3s6hoSqbl7R6KiBeRWsyr6Tz6gzLm2QbozkfcksT1vrF49taoD7PvnlXMjqmiS7NAkF3Dh/lNK7YgT4ZCiE2BtbXcPq7fuMMbLPbdnqhvtmEx19wIasbfcMsKF4ZnftHunq/blG06eu98Rbhpf6C5I0bocpNTOKh2C0+50hcqlSIwsx1CeACwrq7G04e+zlAuH49UVQHICWutB6hOg7HVmdq8fibcsCypsIoRxLuKPFOYEYb5ACO7GZqqZzepp2cuwMiTfO8j8ioRx4MrytB83PGoN20JbIPcXjpQ/tcOFqnPnn0E22c2ZFHJLLgj5xFq1Mm/Rc1OTZTy9F7ASWFV4NXpipZPl5yZoWDu9kG2VoLDAZE8MTTS7IEsst15MPjrzA2Y91dzGxR7j8Dou9drun66ZDMPHlXHZnVpkTzisQjbyLFRnBBOPa/NJwdYy6TlAP6dCrTkoJKj3Es3gTgpSeSSWgvo5lUhK5To9PQafL4MrjpEt9nc1hhP0KvsakZo4XNpffnCLkEm/NeX+11ONhXJazMpbBFipG01HcsQGe/28TX5JxUj25Q5nq+bA9ZqseSHkUCRNIC2W
X-Forefront-Antispam-Report:
CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AS4PR06MB8447.eurprd06.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(376002)(396003)(346002)(136003)(366004)(39850400004)(230922051799003)(230273577357003)(64100799003)(1800799012)(186009)(451199024)(6666004)(52116002)(2906002)(5660300002)(316002)(41300700001)(38350700005)(8676002)(66476007)(66946007)(478600001)(6506007)(6512007)(6486002)(9686003)(66556008)(4326008)(8936002)(6916009)(107886003)(2616005)(83380400001)(38100700002)(36756003)(86362001)(1076003)(26005);DIR:OUT;SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0:
gyTmNr9hZs/OSSr1RXsFaVmiyAWeWPlmOkMihQfaHzzkmqTZ6e++HfyPKzCda+ajbNTNTr7WxP4ycvZGHJlNvYQ157JY0EuKCVgxpClJlWAIJnlwrN+t+CFSa6/ftDOrekV7Zi5JLXkNXIGib2RmoWKrVuotGvVzoaK2bGZzLCi8hIHWyVvObn40neYgRPLpx4o/r/X6vzxBvtOGu5QC8yW/UN5t6Cb70lmNVsNT5SxI8ogFQMSskyqrmLjHd+yJpteK5fzMwnx8HiVdAhqfMEV0MP8/skA43t5ns7Q7unbXJAkeXtHu9sGwJErATaA7yg1Rkljv1A74ltfzVdw2XP4LJiS4QbCO5Iaa2pn7XXtIlFF8A1bFo02Sxm0B/IP0Br3dm6duqd4vVvDZ3xiVb99aGWytibhuPZJVJKFHQynDIzSMHrDFMpeqLHyRcPMfJVPIrY7+Xv5YDJPFi08ZPZUJZcZ2AszlXJIHumYTCl+cbNXRtJUwBl0Z5qvwnOLGY3lsR9fvSMPVLww6svSsnIl3aBYKRTe1SWuXPyznhjYIvZFC8o0DZh7DA7N3vn/bJalHKJVw2JcXjaAaIc8gOLSRixsjAKRyOpx2E580/Q/bb5mZ0bKWzs80YHtaQlip3XPqyvdG5Go6x5ZQZMvI3OStHjKnV9Wwa58Jwi9WgFZGZUbtEOEEZpEWjtVcFlYVK2FB+AwdaoVJrn3JYLC0sXYLbd+n+++qfrPf+n8Ww2M9BTtZAQpkySW8xY8bOZ74LF0GMSCvQ+RVwLxJd2xnCjhaR29osxAEzeyzOzvmJIzVcm3FP7ZK0GFVyQu4KF/PhtV34Dw67TXQ+7l8Y51TgkeRksk5jsr5vP+CgabMcOgcbW6XVA8fg+Tufs6P2BDSMF1mYsC7/bazV2GQzXpXYUJvJ2ZzHT0VtPp18KXVAZHfW78I5OiYR5q4NGc9SdJOuMJkiDiyYzNIhJSgJl4HzP1k/fbRgDQAzApTnLKQj/z8E3VB3Ux/+AnkE75w3buE+Vq2Ym3zZyuYpebxlUCSfRO0fRKzntqePpkI4Ky0VoTC2ZDocTQUHB7Ygxq4vlYoJDVOHJ24S2/gxq2bW6vEv9QSRvPGA4yd7Wxa5hB+NPwmwiRNv5iKy52pOtXEcVSrS+hK+NHEu3aCzdYEcmVzCRhtexRcBoID8A4UKlPRsVJOJAcWeFwcWUuSZO5lFO8XKfsqCkzR741egY0BrCeWhqHHMPRNEyVYWSx0kDaeLrbfMe5NCnfd5GKgfgJP8xuLScWfv97OHhk7zn6+RDHlD6ApP2KC9F0WexKhd8hxNg/3e1ljebo9kir8+DMjs8KHVFHoCN5H/PSwE3aNWLCfFP5Wg7nBKzkGcqNMsC6yjQi+kF4srhfqHI5MQF90rZM7Usa6f5+y3hyYD+dWms6otVHO1k7bTrq/vfAo0IoOuxXzbE04n2waBvXhPCTX2OIx7UAPj+s2q23w/a9y+NvvBYziyA/uCuhVL0NwgnssvRalCs2WcIfIJk8+7ZV/JYMiN98I0s7bWjip19qj5h1NSBqUKJawtA6apgpxhHY2fVpWgv+UTe733uTNAH3mW6BlkDRbAXvYOShr9Wf6bRaGQQ==
X-OriginatorOrg: vaisala.com
X-MS-Exchange-CrossTenant-Network-Message-Id:
7e2ba728-1159-4062-b979-08dc297ba700
X-MS-Exchange-CrossTenant-AuthSource: AS4PR06MB8447.eurprd06.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Feb 2024 14:30:24.0631
(UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 6d7393e0-41f5-4c2e-9b12-4c2be5da5c57
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName:
V40cMP6LwAmjmKLj9AY6axx1E4lGnTekyFRh0/PTFzsd/ir+BDVctNt518AMeg2im4QDOcp8DNN3zYpyE6cgjA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB9PR06MB7386
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1790432296153070321
X-GMAIL-MSGID: 1790432296153070321
|
| Series |
usb: core: Kconfig: Improve USB authorization mode help
|
|
Commit Message
Niko Mauno
Feb. 9, 2024, 2:29 p.m. UTC
From: Niko Mauno <niko.mauno@vaisala.com> Update the default USB device authorization mode help text so that the meaning of the option and it's available values are described more accurately. Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> --- drivers/usb/core/Kconfig | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-)
Comments
On Fri, Feb 09, 2024 at 04:29:51PM +0200, niko.mauno@vaisala.com wrote: > From: Niko Mauno <niko.mauno@vaisala.com> > > Update the default USB device authorization mode help text so that the > meaning of the option and it's available values are described more > accurately. > > Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> > --- Shouldn't there be a "Reported-by:" line here to give proper credit for the developer who asked for this? > drivers/usb/core/Kconfig | 19 +++++++++++++++---- > 1 file changed, 15 insertions(+), 4 deletions(-) > > diff --git a/drivers/usb/core/Kconfig b/drivers/usb/core/Kconfig > index f337aaea7604..4665df550d36 100644 > --- a/drivers/usb/core/Kconfig > +++ b/drivers/usb/core/Kconfig > @@ -126,10 +126,21 @@ config USB_DEFAULT_AUTHORIZATION_MODE > Select the default USB device authorization mode. Can be overridden > with usbcore.authorized_default command line or module parameter. > > - The available values have the following meanings: > - 0 is unauthorized for all devices > - 1 is authorized for all devices (default) > - 2 is authorized for internal devices > + This option allows you to choose whether USB devices that are > + connected to the system can be used by default, or if they are > + locked down. > + > + With value 0 all connected USB devices with the exception of root > + hub require user space authorization before they can be used. > + > + With value 1 (default) no user space authorization is required to > + use connected USB devices. > + > + With value 2 all connected USB devices with exception of internal > + USB devices require user space authorization before they can be > + used. Note that in this mode the differentiation between internal > + and external USB devices relies on ACPI, and on systems without > + ACPI selecting value 2 is analogous to selecting value 0. > > If the default value is too permissive but you are unsure which mode > to use, say 2. In looking this over, this last sentance really isn't a good suggestion, as it will turn people's machine into one that by default, doesn't accept external USB devices, which is probably NOT what they want at all, and is NOT how Linux has worked for the past 20+ years. So maybe a bit better clarification as what the normal default should be here? thanks, greg k-h
On 10.2.2024 12.27, Greg KH wrote: > On Fri, Feb 09, 2024 at 04:29:51PM +0200, niko.mauno@vaisala.com wrote: >> From: Niko Mauno <niko.mauno@vaisala.com> >> >> Update the default USB device authorization mode help text so that the >> meaning of the option and it's available values are described more >> accurately. >> >> Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> >> --- > > Shouldn't there be a "Reported-by:" line here to give proper credit for > the developer who asked for this? > > > >> drivers/usb/core/Kconfig | 19 +++++++++++++++---- >> 1 file changed, 15 insertions(+), 4 deletions(-) >> >> diff --git a/drivers/usb/core/Kconfig b/drivers/usb/core/Kconfig >> index f337aaea7604..4665df550d36 100644 >> --- a/drivers/usb/core/Kconfig >> +++ b/drivers/usb/core/Kconfig >> @@ -126,10 +126,21 @@ config USB_DEFAULT_AUTHORIZATION_MODE >> Select the default USB device authorization mode. Can be overridden >> with usbcore.authorized_default command line or module parameter. >> >> - The available values have the following meanings: >> - 0 is unauthorized for all devices >> - 1 is authorized for all devices (default) >> - 2 is authorized for internal devices >> + This option allows you to choose whether USB devices that are >> + connected to the system can be used by default, or if they are >> + locked down. >> + >> + With value 0 all connected USB devices with the exception of root >> + hub require user space authorization before they can be used. >> + >> + With value 1 (default) no user space authorization is required to >> + use connected USB devices. >> + >> + With value 2 all connected USB devices with exception of internal >> + USB devices require user space authorization before they can be >> + used. Note that in this mode the differentiation between internal >> + and external USB devices relies on ACPI, and on systems without >> + ACPI selecting value 2 is analogous to selecting value 0. >> >> If the default value is too permissive but you are unsure which mode >> to use, say 2. > > In looking this over, this last sentance really isn't a good suggestion, > as it will turn people's machine into one that by default, doesn't > accept external USB devices, which is probably NOT what they want at > all, and is NOT how Linux has worked for the past 20+ years. > > So maybe a bit better clarification as what the normal default should be > here? > > thanks, > > greg k-h Thank you for the pointers, submitted v2 to address aforementioned issues. -Niko
diff --git a/drivers/usb/core/Kconfig b/drivers/usb/core/Kconfig index f337aaea7604..4665df550d36 100644 --- a/drivers/usb/core/Kconfig +++ b/drivers/usb/core/Kconfig @@ -126,10 +126,21 @@ config USB_DEFAULT_AUTHORIZATION_MODE Select the default USB device authorization mode. Can be overridden with usbcore.authorized_default command line or module parameter. - The available values have the following meanings: - 0 is unauthorized for all devices - 1 is authorized for all devices (default) - 2 is authorized for internal devices + This option allows you to choose whether USB devices that are + connected to the system can be used by default, or if they are + locked down. + + With value 0 all connected USB devices with the exception of root + hub require user space authorization before they can be used. + + With value 1 (default) no user space authorization is required to + use connected USB devices. + + With value 2 all connected USB devices with exception of internal + USB devices require user space authorization before they can be + used. Note that in this mode the differentiation between internal + and external USB devices relies on ACPI, and on systems without + ACPI selecting value 2 is analogous to selecting value 0. If the default value is too permissive but you are unsure which mode to use, say 2.