Date: Thu, 09 Oct 2014 08:27:46 +0200 From: Hans Petter Selasky <hps@selasky.org> To: "Julian H. Stacey" <jhs@berklix.com>, freebsd-security@freebsd.org, Poul-Henning Kamp <phk@phk.freebsd.dk>, freebsd-usb@freebsd.org Subject: Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell Message-ID: <54362AE2.90501@selasky.org> In-Reply-To: <201410082347.s98NkjW3025396@fire.js.berklix.net> References: <201410082347.s98NkjW3025396@fire.js.berklix.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Julian, On 10/09/14 01:46, Julian H. Stacey wrote: > Hi Hans etc > "Julian H. Stacey" wrote: >> Hans Petter Selasky wrote: >>> Hi, >>> >>> Can you test the following kernel patch and give some feedback: >>> >>> https://svnweb.freebsd.org/changeset/base/272733 > > I'm now on latest current with src & sys/ GENERIC > /usr/src/.ctm_status # src-cur 11645 > > This time I downloaded your files properly > (last time I was severely distracted & made a silly mistake) > >>> After the patch you will get something like: >>> hw.usb.disable_enumeration: 0 >>> dev.uhub.0.disable_enumeration: 0 >>> dev.uhub.1.disable_enumeration: 0 >>> ... > > sysctl -a | grep enumeration > hw.usb.disable_enumeration: 0 > dev.uhub.0.disable_enumeration: 0 > dev.uhub.1.disable_enumeration: 0 > dev.uhub.2.disable_enumeration: 0 > dev.uhub.3.disable_enumeration: 0 > dev.uhub.4.disable_enumeration: 0 > > sysctl -d hw.usb.disable_enumeration > hw.usb.disable_enumeration: Set to disable all USB device enumeration. > > sysctl -d dev.uhub.4.disable_enumeration > dev.uhub.4.disable_enumeration: Set to disable enumeration on this USB HUB. > > usbconfig > ugen0.1: <EHCI root HUB Intel> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) > ugen1.1: <EHCI root HUB Intel> at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) > ugen0.2: <product 0x0020 vendor 0x8087> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) > ugen1.2: <product 0x0020 vendor 0x8087> at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) > ugen0.3: <1.3M WebCam XPA2535XY> at usbus0, cfg=255 md=HOST spd=HIGH (480Mbps) pwr=OFF (500mA) > ugen1.3: <Semi Tech PS2 Keyboard - PS2 Mouse Semi Tech> at usbus1, cfg=0 md=HOST spd=LOW (1.5Mbps) pwr=ON (100mA) > ugen1.4: <USB2.0 Hub vendor 0x05e3> at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (100mA) > > > Great ! Seems to work. > > (Though I need to read up on how major & minor of ugen relate to > the digit in eg 4.disable_enumeration) > > >>> which is also settable through /boot/loader.conf (tunable) > > Good, > I hope/presume loader.conf gets run before any USB, cos I recall > lecturer Karsten Nohl pointing out one could get BadUSB taking up > residence in USB controller chips inside a PC, ie for a built in > mouse or web cam, so one would need to turn off enumeration earlier > than when first external USB approaches to connect. Yes, if set by the loader.conf, you will only see the RootHUB after boot. To get devices back after enabling enumeration again, you will need to reset the HUBs: usbconfig -d X.1 reset For example. BTW: I've added some exceptions, that existing devices can be detached, suspend/resumed and reset while the enumeration is disabled. https://svnweb.freebsd.org/changeset/base/272807 > > I've reported back on BBC news form: > Ref. your > 6 October 2014 Last updated at 15:29 GMT > http://www.bbc.com/news/technology-29475566 > > The www.FreeBSD.org project (a Unix OS similar to Linux) > took just 2 days to develop & test a free solution. > http://lists.freebsd.org/pipermail/freebsd-usb/2014-October/013304.html > Can you also test that patch? Thank you! --HPS
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54362AE2.90501>