lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 19 Jul 2022 12:57:09 +0300
From:   Nikolai Kondrashov <spbnick@...il.com>
To:     José Expósito <jose.exposito89@...il.com>
Cc:     jikos@...nel.org, benjamin.tissoires@...hat.com,
        linux-input@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [RFC] UCLogic: Filtering unsupported HUION tablets

Hi José,

First of all, thanks a lot for all the work you're doing with the tablets!

Yes, this situation is unfortunate, but there's really not much we could do.
The tablet database at http://digimend.github.io/tablets/ hasn't been updated 
in ages, and it has never been exhaustive to start with.

There are tons of tablet modifications, including of the same (marketed) 
model, and those can differ not only in the reported name, but probably even 
the VID:PID, as could've happened when Huion switched from v1 to v2 protocol.

So, I think a "whitelist" would be a maintenance nightmare.

Moreover, I think it's better to disable the tablet completely in case we 
failed initialization (e.g. got an invalid response to configuration, or 
failed to find some interfaces and such), after producing a comprehensive 
error message. Configuring a tablet partially, and then handing it over to the 
generic driver could mess things up more.

It's less confusing for the user, and stops them from trying to fix the 
problem up the stack with various settings, often getting into a worse 
situation. It's also much easier for the maintainer, since they don't need to 
investigate all the higher layers.

A "blacklist" would work better here, if you can find the tablets to include.

Nick

On 7/18/22 20:29, José Expósito wrote:
> Hi!
> 
> No code yet, just a kind request for comments and hopefully some wisdom
> and experience from Nikolai dealing with HUION devices.
> 
> HUION keeps reusing the same vendor and product IDs for their devices.
> This makes it really difficult to differentiate between devices and
> handle them in the kernel and also in user space.
> 
> Reusing IDs could introduce a problem:
> 
> If HUION, or other vendor following the same practices, releases a new
> tablet with a duplicated product ID, the UCLogic driver would handle it.
> The device might work with the existing code or it might fail because of
> a new feature or a whole different firmware.
> 
> As far as I know, at the moment there is not a mechanism in place to
> avoid this situation.
> I think that it'd be better to ignore those devices in UCLogic and let
> the HID generic driver handle them because using HID generic would
> provide a basic user experience while using UCLogic might fail to probe
> the tablet.
> 
> DIGImend's web already provides a nice list of supported devices:
> http://digimend.github.io/tablets/
> 
> So, I wonder:
> 
>   - Do you think it makes sense to ignore untested devices?
>   - If the answer is yes, do we have a better option than checking the
>     device name against an allow-list? It'd be great to hear other
>     people's ideas.
> 
> Best wishes,
> José Expósito
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ