projects / systemd / .git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1e19f5a) | patch
udev: Add id program and rule for FIDO security tokens
authorFabian Henneke <fabian@henneke.me>
Wed, 21 Aug 2019 09:17:59 +0000 (11:17 +0200)
committerYu Watanabe <watanabe.yu+github@gmail.com>
Fri, 6 Sep 2019 17:23:58 +0000 (02:23 +0900)
commitd45ee2f31a8358db0accde2e7c81777cedadc3c2
tree244ca5d8ff1146aa03ab1029b8ba52983ec38be7tree | snapshot
parent1e19f5ac0d680a63eccae7ef1fc6ce225dca0bbfcommit | diff
udev: Add id program and rule for FIDO security tokens

Add a fido_id program meant to be run for devices in the hidraw
subsystem via an IMPORT directive. The program parses the HID report
descriptor and assigns the ID_SECURITY_TOKEN environment variable if a
declared usage matches the FIDO_CTAPHID_USAGE declared in the FIDO CTAP
specification. This replaces the previous approach of whitelisting all
known security token models manually.

This commit is accompanied by a test suite and a fuzzer target for the
descriptor parsing routine.

Fixes: #11996.
15 files changed:
rules/60-fido-id.rules [new file with mode: 0644] blob
rules/meson.build diff | blob | history
src/fuzz/fuzz-fido-id-desc.c [new file with mode: 0644] blob
src/fuzz/fuzz-fido-id-desc.dict [new file with mode: 0644] blob
src/fuzz/meson.build diff | blob | history
src/test/meson.build diff | blob | history
src/test/test-fido-id-desc.c [new file with mode: 0644] blob
src/udev/fido_id/fido_id.c [new file with mode: 0644] blob
src/udev/fido_id/fido_id_desc.c [new file with mode: 0644] blob
src/udev/fido_id/fido_id_desc.h [new file with mode: 0644] blob
src/udev/meson.build diff | blob | history
test/fuzz/fuzz-fido-id-desc/crash0 [new file with mode: 0644] blob
test/fuzz/fuzz-fido-id-desc/crash1 [new file with mode: 0644] blob
test/fuzz/fuzz-fido-id-desc/report0 [new file with mode: 0644] blob
test/fuzz/fuzz-fido-id-desc/report1 [new file with mode: 0644] blob
https://github.com/systemd/systemd.git