diff options
author | Fabian Henneke <fabian@henneke.me> | 2019-08-21 11:17:59 +0200 |
---|---|---|
committer | Yu Watanabe <watanabe.yu+github@gmail.com> | 2019-09-07 02:23:58 +0900 |
commit | d45ee2f31a8358db0accde2e7c81777cedadc3c2 (patch) | |
tree | 244ca5d8ff1146aa03ab1029b8ba52983ec38be7 /rules | |
parent | 1e19f5ac0d680a63eccae7ef1fc6ce225dca0bbf (diff) | |
download | systemd-d45ee2f31a8358db0accde2e7c81777cedadc3c2.tar.gz systemd-d45ee2f31a8358db0accde2e7c81777cedadc3c2.tar.bz2 systemd-d45ee2f31a8358db0accde2e7c81777cedadc3c2.zip |
udev: Add id program and rule for FIDO security tokens
Add a fido_id program meant to be run for devices in the hidraw
subsystem via an IMPORT directive. The program parses the HID report
descriptor and assigns the ID_SECURITY_TOKEN environment variable if a
declared usage matches the FIDO_CTAPHID_USAGE declared in the FIDO CTAP
specification. This replaces the previous approach of whitelisting all
known security token models manually.
This commit is accompanied by a test suite and a fuzzer target for the
descriptor parsing routine.
Fixes: #11996.
Diffstat (limited to 'rules')
-rw-r--r-- | rules/60-fido-id.rules | 7 | ||||
-rw-r--r-- | rules/meson.build | 1 |
2 files changed, 8 insertions, 0 deletions
diff --git a/rules/60-fido-id.rules b/rules/60-fido-id.rules new file mode 100644 index 0000000000..fcf5079704 --- /dev/null +++ b/rules/60-fido-id.rules @@ -0,0 +1,7 @@ +# do not edit this file, it will be overwritten on update + +ACTION=="remove", GOTO="fido_id_end" + +SUBSYSTEM=="hidraw", IMPORT{program}="fido_id" + +LABEL="fido_id_end" diff --git a/rules/meson.build b/rules/meson.build index b6a32ba77e..79423cc2c4 100644 --- a/rules/meson.build +++ b/rules/meson.build @@ -5,6 +5,7 @@ rules = files(''' 60-cdrom_id.rules 60-drm.rules 60-evdev.rules + 60-fido-id.rules 60-input-id.rules 60-persistent-alsa.rules 60-persistent-input.rules |