yumetodoの旅とプログラミングとかの記録

旅や登山の記録やプログラミング関連の話とかフリーソフト紹介とか

chromeにWebUSBが実装されたそうだが危険らしいので無効にする

先日こんなふうに大量にWebUSBやばいぞ的なツイートが流れていた。実のところ私はさっぱり理解していない。とりあえずなんかdescriptorsが云々言っているので、規格書の該当箇所を見に行く。

WebUSB API#webusb-platform-capability-descriptor

§4. WebUSB Descriptors and Requests

This specification defines descriptors and commands the UA MAY use to gather information about the device specific to implementing this API.

§4.1. WebUSB Platform Capability Descriptor

A device announces support for the WebUSB command set by including the following Platform Descriptor in its Binary Object Store:

Offset Field Size Value Description
0 bLength 1 Number Size of this descriptor. Must be set to 24.
1 bDescriptorType 1 Constant DEVICE CAPABILITY descriptor type ([USB31] Table 9-6).
2 bDevCapabilityType 1 Constant PLATFORM capability type ([USB31] Table 9-14).
3 bReserved 1 Number This field is reserved and shall be set to zero.
4 PlatformCapabilityUUID 16 UUID Must be set to {3408b638-09a9-47a0-8bfd-a0768815b665}.
20 bcdVersion 2 BCD Protocol version supported. Must be set to 0x0100.
22 bVendorCode 1 Number bRequest value used for issuing WebUSB requests.
23 iLandingPage 1 Number URL descriptor index of the device’s landing page.

bDescriptorTypeのことか?(全く無知なので間違ってたらすまん)

[USB31] Table 9-14を見てこいみたいなことを言っているので見に行く。

USB.org - DocumentsよりUniversal Serial Bus Revision 3.2 Specificationを落とす。103 MBもあるし通信速度が遅いが仕方ない。unzipしてUSB 3.2 Revision 1.0.pdfを見に行く。

§9.4 Standard Device Requests

This section describes the standard device requests defined for all devices. Table 9-4 outlines the standard device requests, while Table 9-5 and Table 9-6 give the standard request codes and descriptor types, respectively.

Devices shall respond to standard device requests, even if the device has not yet been assigned an address or has not been configured. If a standard request defines a persistent parameter that can be modified, the reset/default value for that parameter, unless otherwise specified, is zero.

Descriptor types are used to determine the type of descriptor being queried from a device or being set to a device. The existing standard descriptor types are listed in Table 9-6. All these values shall not be redefined and used in any USB class specification. In addition, this specification reserves the highest bit (Bit 7) of the descriptor type as a value that shall only be used by base USB specifications when defining new descriptor types .

Table 9-6. Descriptor Types

Descriptor Types Value
DEVICE 1
CONFIGURATION 2
STRING 3
INTERFACE 4
ENDPOINT 5
Reserved 6
Reserved 7
INTERFACE_POWER 8
OTG 9
DEBUG 10
INTERFACE_ASSOCIATION 11
BOS 15
DEVICE CAPABILITY 16
SUPERSPEED_USB_ENDPOINT_COMPANION 48
SUPERSPEEDPLUS_ISOCHRONOUS_ENDPOINT_COMPANION 49

The INTERFACE_POWER descriptor is defined in the current revision of the USB Interface Power Management Specification.

うん、全くわからん。

とにかく

まあdescriptorsがなくても列挙可能で認可を求めるChromeのUIにユーザーが判断するために必要と思われる情報が載っていないために、とりあえず無効にしとけ、という話でいいのか?

chrome://flags/#enable-webusb

にアクセスして

chorme_web_usb_flag

Disabledに。

Chromeを再起動すれば適応されます。