From owner-freebsd-usb@FreeBSD.ORG Sun Oct 5 00:11:34 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 91E0BAAE; Sun, 5 Oct 2014 00:11:34 +0000 (UTC) Received: from mail.turbocat.net (heidi.turbocat.net [88.198.202.214]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4D52B697; Sun, 5 Oct 2014 00:11:33 +0000 (UTC) Received: from laptop015.home.selasky.org (31.89-11-148.nextgentel.com [89.11.148.31]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mail.turbocat.net (Postfix) with ESMTPSA id 572FD1FE023; Sun, 5 Oct 2014 02:11:25 +0200 (CEST) Message-ID: <54308CA8.5020304@selasky.org> Date: Sun, 05 Oct 2014 02:11:20 +0200 From: Hans Petter Selasky User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0 MIME-Version: 1.0 To: =?UTF-8?B?VWxyaWNoIFNww7ZybGVpbg==?= , freebsd-usb@freebsd.org Subject: Re: CEC device not attaching to xHCI port References: <20140929174904.GA15642@coyote.spoerlein.net> In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Oct 2014 00:11:34 -0000 On 10/04/14 15:53, Ulrich Spörlein wrote: > 2014-09-29 19:49 GMT+02:00 Ulrich Spörlein : >> Hi, >> >> I got a CEC adapter using libCEC to bridge the gap between my XBMC and >> TV. The device works fine *if* I plug it into the front ports (which is >> a bit ugly, so I was wondering why this is not working on the other USB >> hub). >> Hi, How many ports have your XHCI got? See dmesg. --HPS From owner-freebsd-usb@FreeBSD.ORG Sun Oct 5 14:05:25 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 42E7A647 for ; Sun, 5 Oct 2014 14:05:25 +0000 (UTC) Received: from mail-la0-x22e.google.com (mail-la0-x22e.google.com [IPv6:2a00:1450:4010:c03::22e]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C01EAB85 for ; Sun, 5 Oct 2014 14:05:24 +0000 (UTC) Received: by mail-la0-f46.google.com with SMTP id gi9so3117066lab.5 for ; Sun, 05 Oct 2014 07:05:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type:content-transfer-encoding; bh=yA05vHfqa6DtSgFTvJ3pLyPY0K/5tUHzH3BkYjxPzBY=; b=cAk5U7stqCQQmxiSTXwueCnqvsWhupzaoAotS4mlNSO/M7klm2SxQRLe5srlEXxrtX TxAq1Fp0XOQ4PQI+n/CHymxX9QMKkfXC89V3tISXWkX2AzLSch6GpVK/qzMSpBKFiwgs v8rKCvEsGgxDjxVa8/JANfuglaIDIBnhZxNjoaG8XbsqzdNNcWViUsCvP54OpOVJ/6kU gD67BkXWQJiUxgmei1QzbCj8VUI0jd4zKzQs/tgvVwIV+Jrhk8TH6xat8AxsZbkkxrb0 /BKqpPfpwu0ATUO1YLZBkFKtdSoGVif0fUaHwX7HTICaqP4RoBQ5N8i20qLfm3ZhfH3A e5ew== MIME-Version: 1.0 X-Received: by 10.112.235.70 with SMTP id uk6mr2488590lbc.89.1412517921416; Sun, 05 Oct 2014 07:05:21 -0700 (PDT) Sender: uspoerlein@gmail.com Received: by 10.152.170.133 with HTTP; Sun, 5 Oct 2014 07:05:21 -0700 (PDT) In-Reply-To: <54308CA8.5020304@selasky.org> References: <20140929174904.GA15642@coyote.spoerlein.net> <54308CA8.5020304@selasky.org> Date: Sun, 5 Oct 2014 16:05:21 +0200 X-Google-Sender-Auth: bYPCsx-jF0f7il7sLFYodga7S7s Message-ID: Subject: Re: CEC device not attaching to xHCI port From: =?UTF-8?Q?Ulrich_Sp=C3=B6rlein?= To: Hans Petter Selasky Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-usb@freebsd.org X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Oct 2014 14:05:25 -0000 2014-10-05 2:11 GMT+02:00 Hans Petter Selasky : > On 10/04/14 15:53, Ulrich Sp=C3=B6rlein wrote: >> >> 2014-09-29 19:49 GMT+02:00 Ulrich Sp=C3=B6rlein : >>> >>> Hi, >>> >>> I got a CEC adapter using libCEC to bridge the gap between my XBMC and >>> TV. The device works fine *if* I plug it into the front ports (which is >>> a bit ugly, so I was wondering why this is not working on the other USB >>> hub). >>> > > Hi, > > How many ports have your XHCI got? See dmesg. > > --HPS Hey physically I count 4 in the back and 4 in the front (which is an expansion plate). Two ports in the back will happily serve umass(4) devices (not shown in the dmesg below, I only connect them every once in a while). root@coyote:~# dmesg | egrep -i "xhci|usbus" | egrep -v "Root mount" xhci0: mem 0xe0f20000-0xe0f2ffff irq 21 at device 20.0 on pci0 xhci0: 32 byte context size. xhci0: Port routing mask set to 0xffffffff usbus0 on xhci0 usbus1: EHCI version 1.0 usbus1 on ehci0 usbus2: EHCI version 1.0 usbus2 on ehci1 usbus0: 5.0Gbps Super Speed USB v3.0 usbus1: 480Mbps High Speed USB v2.0 ugen0.1: <0x8086> at usbus0 uhub0: <0x8086 XHCI root HUB, class 9/0, rev 3.00/1.00, addr 1> on usbus0 ugen1.1: at usbus1 uhub1: on usbus1 usbus2: 480Mbps High Speed USB v2.0 ugen2.1: at usbus2 uhub2: on usbus2 ugen1.2: at usbus1 uhub3: on usbus1 ugen2.2: at usbus2 uhub4: on usbus2 ugen1.3: at usbus1 ugen0.2: at usbus0 (disconnected) ubt0: on usbus1 ugen0.2: at usbus0 (disconnected) ugen0.2: at usbus0 (disconnected) ugen1.4: at usbus1 ums0: on u= sbus1 umodem0: on usbus1 Or do I need to boot with USB debug enabled? From owner-freebsd-usb@FreeBSD.ORG Sun Oct 5 20:47:24 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1EDBC77E; Sun, 5 Oct 2014 20:47:24 +0000 (UTC) Received: from mail.turbocat.net (heidi.turbocat.net [88.198.202.214]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CEEF1906; Sun, 5 Oct 2014 20:47:23 +0000 (UTC) Received: from laptop015.home.selasky.org (cm-176.74.213.204.customer.telag.net [176.74.213.204]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mail.turbocat.net (Postfix) with ESMTPSA id AD56A1FE022; Sun, 5 Oct 2014 22:47:20 +0200 (CEST) Message-ID: <5431AE55.4030006@selasky.org> Date: Sun, 05 Oct 2014 22:47:17 +0200 From: Hans Petter Selasky User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0 MIME-Version: 1.0 To: =?UTF-8?B?VWxyaWNoIFNww7ZybGVpbg==?= Subject: Re: CEC device not attaching to xHCI port References: <20140929174904.GA15642@coyote.spoerlein.net> <54308CA8.5020304@selasky.org> In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Cc: freebsd-usb@freebsd.org X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Oct 2014 20:47:24 -0000 On 10/05/14 16:05, Ulrich Spörlein wrote: > 2014-10-05 2:11 GMT+02:00 Hans Petter Selasky : >> On 10/04/14 15:53, Ulrich Spörlein wrote: >>> >>> 2014-09-29 19:49 GMT+02:00 Ulrich Spörlein : >>>> >>>> Hi, >>>> >>>> I got a CEC adapter using libCEC to bridge the gap between my XBMC and >>>> TV. The device works fine *if* I plug it into the front ports (which is >>>> a bit ugly, so I was wondering why this is not working on the other USB >>>> hub). >>>> >> >> Hi, >> >> How many ports have your XHCI got? See dmesg. >> >> --HPS > > Hey > > physically I count 4 in the back and 4 in the front (which is an > expansion plate). Two ports in the back will happily serve umass(4) > devices (not shown in the dmesg below, I only connect them every once > in a while). > Maybe you need this patch: https://svnweb.freebsd.org/changeset/base/272479 --HPS From owner-freebsd-usb@FreeBSD.ORG Mon Oct 6 06:04:17 2014 Return-Path: Delivered-To: freebsd-usb@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6D5AA91 for ; Mon, 6 Oct 2014 06:04:17 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 548C0211 for ; Mon, 6 Oct 2014 06:04:17 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id s9664GhS015933 for ; Mon, 6 Oct 2014 06:04:16 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-usb@FreeBSD.org Subject: [Bug 194091] Add support for long range USB wireless adapter Alpha AWUS036NHRv2 Date: Mon, 06 Oct 2014 06:04:17 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: usb X-Bugzilla-Version: 11.0-CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: commit-hook@freebsd.org X-Bugzilla-Status: Needs Triage X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-usb@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Oct 2014 06:04:17 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194091 --- Comment #2 from commit-hook@freebsd.org --- A commit references this bug: Author: hselasky Date: Mon Oct 6 06:03:26 UTC 2014 New revision: 272590 URL: https://svnweb.freebsd.org/changeset/base/272590 Log: MFC r272410: Add new USB ID. PR: 194091 Changes: _U stable/10/ stable/10/share/man/man4/urtwn.4 stable/10/sys/dev/usb/usbdevs stable/10/sys/dev/usb/wlan/if_urtwn.c -- You are receiving this mail because: You are the assignee for the bug. From owner-freebsd-usb@FreeBSD.ORG Mon Oct 6 10:54:21 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 82F56D34 for ; Mon, 6 Oct 2014 10:54:21 +0000 (UTC) Received: from onlyone.friendlyhosting.spb.ru (onlyone.friendlyhosting.spb.ru [46.4.40.135]) by mx1.freebsd.org (Postfix) with ESMTP id 467D182D for ; Mon, 6 Oct 2014 10:54:21 +0000 (UTC) Received: from [127.0.0.1] (nat.in.devexperts.com [89.113.128.63]) (Authenticated sender: lev@serebryakov.spb.ru) by onlyone.friendlyhosting.spb.ru (Postfix) with ESMTPSA id C298656405 for ; Mon, 6 Oct 2014 14:54:07 +0400 (MSK) Message-ID: <543274CE.5080308@FreeBSD.org> Date: Mon, 06 Oct 2014 14:54:06 +0400 From: Lev Serebryakov Reply-To: lev@FreeBSD.org Organization: FreeBSD User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 MIME-Version: 1.0 To: freebsd-usb@freebsd.org Subject: Is here maximum size of buffer for libusb_fill_bulk_transfer() call? Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Oct 2014 10:54:21 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Is here practical buffer size limit? I mean, maybe, standard limits transfer size by 64K or something like this? - -- // Lev Serebryakov -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQJ8BAEBCgBmBQJUMnTNXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRGOTZEMUNBMEI1RjQzMThCNjc0QjMzMEFF QUIwM0M1OEJGREM0NzhGAAoJEOqwPFi/3EePTM0QAIY/23sBmZVmzfckVXjrlWvI lCOpv8aVgrImaVzG5hcVJdop8js2zXw0cHh5iMTo+1DPN2D7GU68C02ujVbMPPRh ylPzJAd74RRnu6NZspqRY+eCW6VNUKCO9hqFYv8h7nFL+tpt+U4ffWa+CWK+N3Js ZqfReSvPoJVr3ocZnWCEzWo3g9jVO2q46v1WiKYLKFJYFOHoq61Huszj0fuZV/Sh mOl/M+5YS+/coHxO8wNV1q50jGldg2iFyEYH+Bw5n/l342R23KqVyilnVZ7zjaxF 2GpOoXBXl+IzXiLzeJM4ZLmJ8f4P5kLQNR7xbN0j341NoxmbUGEkij/o5kcUMhQ+ 8D2rhJ6UFsMzLkneucqUoqi0GqKxkbDiq4Ank6Qe/KYeTeQtCEXRtgoCiGcJzyFA Xw7Xj4ix8aVg/OlQpHnykRE84d0fcWLVDgWDfF5xQiC7GK8QKsfVwxFnD867bLlL krihZW5/hc2siNwVQ5iBJBN9aOVCQBvR2l6gmULQUm2j6yPDdrSTEra73xRqmMcy qtPPGfX9s79LT0TnH7/n9aOfj8wiPsuyCbdCqfMEm3quX/NSszKKBQ2cguJwFwqk 4xbezsQ4X1JpQDwSVWKTDSBke988RBOyDVtqFCHR1RgZYGSoFQRDvpUsWCfv1mOu TQDqAJTcD74N4zqOF631 =0Taj -----END PGP SIGNATURE----- From owner-freebsd-usb@FreeBSD.ORG Mon Oct 6 11:03:17 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2A456181; Mon, 6 Oct 2014 11:03:17 +0000 (UTC) Received: from mail.turbocat.net (mail.turbocat.net [IPv6:2a01:4f8:d16:4514::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E08CF918; Mon, 6 Oct 2014 11:03:16 +0000 (UTC) Received: from laptop015.home.selasky.org (cm-176.74.213.204.customer.telag.net [176.74.213.204]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mail.turbocat.net (Postfix) with ESMTPSA id 5FB371FE022; Mon, 6 Oct 2014 13:03:14 +0200 (CEST) Message-ID: <543276EF.5080809@selasky.org> Date: Mon, 06 Oct 2014 13:03:11 +0200 From: Hans Petter Selasky User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0 MIME-Version: 1.0 To: lev@FreeBSD.org, freebsd-usb@freebsd.org Subject: Re: Is here maximum size of buffer for libusb_fill_bulk_transfer() call? References: <543274CE.5080308@FreeBSD.org> In-Reply-To: <543274CE.5080308@FreeBSD.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Oct 2014 11:03:17 -0000 On 10/06/14 12:54, Lev Serebryakov wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > > Is here practical buffer size limit? I mean, maybe, standard limits > transfer size by 64K or something like this? > Hi, If the transfer is too big, libusb in FreeBSD loops using an internal buffer, unlike Linux. You should be able to setup any positive length which fits into an integer of type "int" or "uint32_t". --HPS From owner-freebsd-usb@FreeBSD.ORG Mon Oct 6 11:06:59 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 608CA2FD for ; Mon, 6 Oct 2014 11:06:59 +0000 (UTC) Received: from onlyone.friendlyhosting.spb.ru (onlyone.friendlyhosting.spb.ru [IPv6:2a01:4f8:131:60a2::2]) by mx1.freebsd.org (Postfix) with ESMTP id 25FC893C for ; Mon, 6 Oct 2014 11:06:59 +0000 (UTC) Received: from [127.0.0.1] (nat.in.devexperts.com [89.113.128.63]) (Authenticated sender: lev@serebryakov.spb.ru) by onlyone.friendlyhosting.spb.ru (Postfix) with ESMTPSA id 9605156403; Mon, 6 Oct 2014 15:06:57 +0400 (MSK) Message-ID: <543277CF.9050407@FreeBSD.org> Date: Mon, 06 Oct 2014 15:06:55 +0400 From: Lev Serebryakov Reply-To: lev@FreeBSD.org Organization: FreeBSD User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 MIME-Version: 1.0 To: Hans Petter Selasky , freebsd-usb@freebsd.org Subject: Re: Is here maximum size of buffer for libusb_fill_bulk_transfer() call? References: <543274CE.5080308@FreeBSD.org> <543276EF.5080809@selasky.org> In-Reply-To: <543276EF.5080809@selasky.org> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Oct 2014 11:06:59 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 06.10.2014 15:03, Hans Petter Selasky wrote: >> Is here practical buffer size limit? I mean, maybe, standard >> limits transfer size by 64K or something like this? > > If the transfer is too big, libusb in FreeBSD loops using an > internal buffer, unlike Linux. You should be able to setup any > positive length which fits into an integer of type "int" or > "uint32_t". My question is more about cross-platform behavior, as I try to write cross-platform project. - -- // Lev Serebryakov -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQJ8BAEBCgBmBQJUMnfPXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRGOTZEMUNBMEI1RjQzMThCNjc0QjMzMEFF QUIwM0M1OEJGREM0NzhGAAoJEOqwPFi/3EePh5sP/0ZlPkcJ5W00Y0cr5iuDtMTd bL5YkFOVFgJWobCqXxKE1xlZKfWNPgcQxovHhdNEjsADXXVj7ez56uSLMIfP+sKt LR/n3fSd9gbi3b6Lr54n2RI/wwLNkIOi43M5yx+Im4bCTdGpeYcfpMpZ7eie/Whw o8t5sH3ULXUnMRSOIi/F/6H382EmLUNSV9qbXTq0nq9bIJaMewV5EJISgODx+2nt BFaAB803t0otr5Uwwe5/BEknb9wu1X4A3HFwV1r+5ofz3JwDRiNZqAXj8XT8EIv3 0rMCn/VvFfqpIpBSlQwowgiuqj/5fJFOZ18g0Q3yVy+6XWVSPOUMBBTvjcODZMyN S1MPonvbZBPOWvTUqeFqpFxdj6CQ+hdi1uwPrqr9SLYrNLKUSjnbmt89ysJUYWeH KVENtGiES3Uf5TPdN20C8Ok+yo1LUNiE9y0BFRkAYWez9XfGFMuOecHhmYY3Uju4 /L2FNtpWHjDfXWIwlUTWT4+d5saEmKE0seHORd6HjD5bdOfmAXDrNexJ4LBgltyZ 0oMfmHOfDMnehXaFxGW1iYxsrJx29CvWfXHT8U3QK/psuJ/aEuJxf+i/PgrIY45v ZoywMLkM/pLAuRAUIwLWALtANDBlczJGWqTyYHs2GspVPmDKo68FmIzRVDKf0idq k/V9+jqWPCDT8k76xwma =xP8f -----END PGP SIGNATURE----- From owner-freebsd-usb@FreeBSD.ORG Mon Oct 6 11:11:50 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C1CF64B9; Mon, 6 Oct 2014 11:11:50 +0000 (UTC) Received: from mail.turbocat.net (mail.turbocat.net [IPv6:2a01:4f8:d16:4514::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 835BC9F8; Mon, 6 Oct 2014 11:11:50 +0000 (UTC) Received: from laptop015.home.selasky.org (cm-176.74.213.204.customer.telag.net [176.74.213.204]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mail.turbocat.net (Postfix) with ESMTPSA id 9E0A81FE022; Mon, 6 Oct 2014 13:11:48 +0200 (CEST) Message-ID: <543278F1.9070607@selasky.org> Date: Mon, 06 Oct 2014 13:11:45 +0200 From: Hans Petter Selasky User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0 MIME-Version: 1.0 To: lev@FreeBSD.org, freebsd-usb@freebsd.org, "libusb-devel@lists.sourceforge.net" Subject: Re: Is here maximum size of buffer for libusb_fill_bulk_transfer() call? References: <543274CE.5080308@FreeBSD.org> <543276EF.5080809@selasky.org> <543277CF.9050407@FreeBSD.org> In-Reply-To: <543277CF.9050407@FreeBSD.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Oct 2014 11:11:50 -0000 On 10/06/14 13:06, Lev Serebryakov wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > On 06.10.2014 15:03, Hans Petter Selasky wrote: > >>> Is here practical buffer size limit? I mean, maybe, standard >>> limits transfer size by 64K or something like this? >> >> If the transfer is too big, libusb in FreeBSD loops using an >> internal buffer, unlike Linux. You should be able to setup any >> positive length which fits into an integer of type "int" or >> "uint32_t". > My question is more about cross-platform behavior, as I try to write > cross-platform project. > Hi, In Linux you should not transmit more than 16Kbytes at a time for BULK at HighSpeed, from what I know. Might have been fixed recently though. --HPS From owner-freebsd-usb@FreeBSD.ORG Mon Oct 6 19:56:44 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 426A7221; Mon, 6 Oct 2014 19:56:44 +0000 (UTC) Received: from land.berklix.org (land.berklix.org [144.76.10.75]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C654DF84; Mon, 6 Oct 2014 19:56:43 +0000 (UTC) Received: from mart.js.berklix.net (p57BCF751.dip0.t-ipconnect.de [87.188.247.81]) (authenticated bits=128) by land.berklix.org (8.14.5/8.14.5) with ESMTP id s96JrR8v034603; Mon, 6 Oct 2014 19:53:30 GMT (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by mart.js.berklix.net (8.14.3/8.14.3) with ESMTP id s96JuL3A080791; Mon, 6 Oct 2014 21:56:21 +0200 (CEST) (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.14.7/8.14.7) with ESMTP id s96Ju8S3089675; Mon, 6 Oct 2014 21:56:20 +0200 (CEST) (envelope-from jhs@berklix.com) Message-Id: <201410061956.s96Ju8S3089675@fire.js.berklix.net> To: freebsd-usb@freebsd.org Subject: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell From: "Julian H. Stacey" Organization: http://berklix.com BSD Linux Unix Consultants, Munich Germany User-agent: EXMH on FreeBSD http://www.berklix.com/free/ X-URL: http://www.berklix.com/~jhs/cv/ Date: Mon, 06 Oct 2014 21:56:08 +0200 Cc: freebsd-security@freebsd.org X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Oct 2014 19:56:44 -0000 Hi freebsd-usb@freebsd.org, (I suggest replies to usb@) cc: freebsd-security@freebsd.org FYI Ref. article on BadUSB pan OS (non FreeBSD specific) security loophole http://www.bbc.com/news/technology-29475566 Dated 6 October 2014 Last updated at 15:29 GMT I found https://github.com/search?utf8=%E2%9C%93&q=BadUSB Then viewed https://www.youtube.com/watch?v=nuruzFqMgIw ( Which BTW plays nicely inc. sound on FreeBSD-9.2-RELEASE + firefox without any flash installed (certainly no ports/graphics/gnash) A fascinating video by Lecturers Karsten Nohl & Jacob Lell at Black Hat USA 2014, Run time 44:30 ) (PS for non native English spekers on this global list, dont worry if you find Jacob's accent hard, Karsten resumes for last 3rd, listen on :-) It seems USB controllers (8041 or so based) can first masquerade one device, then pause & masquerade another device type. This is an OS independent security list. Lecturers includes both demo of an MS to Linux contamination, & consideration of other scenarios. A predominant USB controller manufacturer in Taipei was not happy. The lecturers didn't discuss MS or Linux or Android smart phone protection schemes (except to allude to the danger of someone saying "Can I plug in my smart phone to your PC to charge it ?". It can't be ignored as a smart phone exploit: the demo wasn't with a smart phone but a `dumb' stick. One can't get some protection by checking for sernum connecting, as devd shows: - my USB to PS2 adapter (vendor=0x04b4 product=0x8081) emits sernum="" - my real USB "Havit" keyboard (vendor=0x1241 product=0x1203) emits sernum="" For FreeBSD, I guess for serious security, every new device that is connected & recognised by /sbin/devd should in future be personaly authorised by a human ! One can no longer trust what reports itself to be eg a keyboard to actually Be a keyboard, etc. /usr/src/etc/devd/*.conf & my own .conf do Not meet that awkward security requirement... yet. I guess we'll need a couple of hooks that support Yes/No, one from cli & one for within X11. There's no security warning section in http://en.wikipedia.org/wiki/Flash_memory Cheers, Julian -- Julian Stacey, BSD Linux Unix'78 C Sys Eng Consultant Munich http://berklix.com Indent previous with "> ". Interleave reply paragraphs like a play script. Send plain text, not quoted-printable, HTML, base64, or multipart/alternative. ShellShock - http://www.berklix.com/~jhs/bash/ From owner-freebsd-usb@FreeBSD.ORG Mon Oct 6 20:01:21 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 76A603D7; Mon, 6 Oct 2014 20:01:21 +0000 (UTC) Received: from mail-wg0-x22b.google.com (mail-wg0-x22b.google.com [IPv6:2a00:1450:400c:c00::22b]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E0AAF11B; Mon, 6 Oct 2014 20:01:20 +0000 (UTC) Received: by mail-wg0-f43.google.com with SMTP id m15so7570203wgh.14 for ; Mon, 06 Oct 2014 13:01:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=12LhHdCodqNdCZzJJBBKhxHZ5o3z60E2t7LWV4mla28=; b=nozrCWQUPvIapfcInki/4nWBAooH8GvYr3cG8b31OJguE7QLpVoLxCQpRgtGJrdt/S i5lZBSUheCX9sI3t4xyQ+mt/kpDWw+iH+AhrWhoE6mThVQ+f5iYjXryFdCZabGA3FqQD GY8itapJKC0iWs2Bem1rUydeWqfiRGa4eTOx4eO46V4qWU6HVXkhbZadOw1tkxD3xjMP WFloPWg8sJOhfnNtaJGD22kgRG2XoHPEfKeHveRVdbak4qxCVEGqNK5KHGh3jAJYG8gA JNzMhlQi9q07ACvDl/IiideBDD4DxDR0fAQjqNfaql/Dx9ivctCka04vIfKmppNDTg8j V2Jw== MIME-Version: 1.0 X-Received: by 10.194.93.193 with SMTP id cw1mr33308829wjb.50.1412625679170; Mon, 06 Oct 2014 13:01:19 -0700 (PDT) Received: by 10.27.52.144 with HTTP; Mon, 6 Oct 2014 13:01:19 -0700 (PDT) In-Reply-To: <201410061956.s96Ju8S3089675@fire.js.berklix.net> References: <201410061956.s96Ju8S3089675@fire.js.berklix.net> Date: Mon, 6 Oct 2014 22:01:19 +0200 Message-ID: Subject: Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell From: Oliver Pinter To: "Julian H. Stacey" , HardenedBSD Developers Content-Type: text/plain; charset=ISO-8859-1 Cc: freebsd-security@freebsd.org, freebsd-usb@freebsd.org X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Oct 2014 20:01:21 -0000 fwd to HardenedBSD Developers On 10/6/14, Julian H. Stacey wrote: > Hi freebsd-usb@freebsd.org, (I suggest replies to usb@) > cc: freebsd-security@freebsd.org FYI > > Ref. article on BadUSB pan OS (non FreeBSD specific) security loophole > http://www.bbc.com/news/technology-29475566 > Dated 6 October 2014 Last updated at 15:29 GMT > > I found https://github.com/search?utf8=%E2%9C%93&q=BadUSB > > Then viewed https://www.youtube.com/watch?v=nuruzFqMgIw > ( Which BTW plays nicely inc. sound on FreeBSD-9.2-RELEASE > + firefox without any flash installed (certainly no > ports/graphics/gnash) > > A fascinating video by Lecturers Karsten Nohl & Jacob Lell at Black Hat > USA 2014, Run time 44:30 ) > (PS for non native English spekers on this global list, dont worry if > you find Jacob's accent hard, Karsten resumes for last 3rd, listen on :-) > > It seems USB controllers (8041 or so based) can first masquerade > one device, then pause & masquerade another device type. This is > an OS independent security list. Lecturers includes both demo of > an MS to Linux contamination, & consideration of other scenarios. > A predominant USB controller manufacturer in Taipei was not happy. > > The lecturers didn't discuss MS or Linux or Android smart phone > protection schemes (except to allude to the danger of someone saying > "Can I plug in my smart phone to your PC to charge it ?". > > It can't be ignored as a smart phone exploit: the demo wasn't with a > smart phone but a `dumb' stick. > > One can't get some protection by checking for sernum connecting, as devd > shows: > - my USB to PS2 adapter (vendor=0x04b4 product=0x8081) emits sernum="" > - my real USB "Havit" keyboard (vendor=0x1241 product=0x1203) emits > sernum="" > > For FreeBSD, > I guess for serious security, every new device that is connected > & recognised by /sbin/devd should in future be personaly authorised > by a human ! One can no longer trust what reports itself to be > eg a keyboard to actually Be a keyboard, etc. > > /usr/src/etc/devd/*.conf & my own .conf do Not meet that awkward > security requirement... yet. I guess we'll need a couple of hooks > that support Yes/No, one from cli & one for within X11. > > There's no security warning section in > http://en.wikipedia.org/wiki/Flash_memory > > Cheers, > Julian > -- > Julian Stacey, BSD Linux Unix'78 C Sys Eng Consultant Munich > http://berklix.com > Indent previous with "> ". Interleave reply paragraphs like a play > script. > Send plain text, not quoted-printable, HTML, base64, or > multipart/alternative. > ShellShock - http://www.berklix.com/~jhs/bash/ > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > From owner-freebsd-usb@FreeBSD.ORG Mon Oct 6 20:26:09 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BE2DBBB4 for ; Mon, 6 Oct 2014 20:26:09 +0000 (UTC) Received: from land.berklix.org (land.berklix.org [144.76.10.75]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4C7FA393 for ; Mon, 6 Oct 2014 20:26:08 +0000 (UTC) Received: from mart.js.berklix.net (p57BCF751.dip0.t-ipconnect.de [87.188.247.81]) (authenticated bits=128) by land.berklix.org (8.14.5/8.14.5) with ESMTP id s96KN7Cq035938 for ; Mon, 6 Oct 2014 20:23:07 GMT (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by mart.js.berklix.net (8.14.3/8.14.3) with ESMTP id s96KQ0s5080993 for ; Mon, 6 Oct 2014 22:26:00 +0200 (CEST) (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.14.7/8.14.7) with ESMTP id s96KPmCh090415 for ; Mon, 6 Oct 2014 22:26:00 +0200 (CEST) (envelope-from jhs@berklix.com) Message-Id: <201410062026.s96KPmCh090415@fire.js.berklix.net> To: freebsd-usb@freebsd.org Subject: Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell From: "Julian H. Stacey" Organization: http://berklix.com BSD Unix Linux Consultants, Munich Germany User-agent: EXMH on FreeBSD http://berklix.com/free/ X-URL: http://www.berklix.com In-reply-to: Your message "Mon, 06 Oct 2014 21:56:08 +0200." Date: Mon, 06 Oct 2014 22:25:48 +0200 X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Oct 2014 20:26:09 -0000 > one device, then pause & masquerade another device type. This is > an OS independent security list. .............................^^^^ Oops typed too fast. Swap /list/liability/ Cheers, Julian -- Julian Stacey, BSD Linux Unix C Sys Eng Consultant Munich http://berklix.com Indent previous with "> ". Interleave reply paragraphs like a play script. Send plain text, not quoted-printable, HTML, base64, or multipart/alternative. From owner-freebsd-usb@FreeBSD.ORG Mon Oct 6 20:30:09 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 63ED9E14; Mon, 6 Oct 2014 20:30:09 +0000 (UTC) Received: from phk.freebsd.dk (phk.freebsd.dk [130.225.244.222]) by mx1.freebsd.org (Postfix) with ESMTP id 227D23EC; Mon, 6 Oct 2014 20:30:08 +0000 (UTC) Received: from critter.freebsd.dk (unknown [192.168.60.3]) by phk.freebsd.dk (Postfix) with ESMTP id 9B5CA1598; Mon, 6 Oct 2014 20:30:01 +0000 (UTC) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.14.9/8.14.9) with ESMTP id s96KU0pH066234; Mon, 6 Oct 2014 20:30:01 GMT (envelope-from phk@phk.freebsd.dk) To: "Julian H. Stacey" Subject: Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell In-reply-to: <201410061956.s96Ju8S3089675@fire.js.berklix.net> From: "Poul-Henning Kamp" References: <201410061956.s96Ju8S3089675@fire.js.berklix.net> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <66232.1412627400.1@critter.freebsd.dk> Content-Transfer-Encoding: quoted-printable Date: Mon, 06 Oct 2014 20:30:00 +0000 Message-ID: <66233.1412627400@critter.freebsd.dk> Cc: freebsd-security@freebsd.org, freebsd-usb@freebsd.org X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Oct 2014 20:30:09 -0000 -------- In message <201410061956.s96Ju8S3089675@fire.js.berklix.net>, "Julian H. S= tacey " writes: >For FreeBSD, > I guess for serious security, every new device that is connected > & recognised by /sbin/devd should in future be personaly authorised > by a human ! One can no longer trust what reports itself to be > eg a keyboard to actually Be a keyboard, etc. "no longer" ? When you could you *ever* trust a USB device about anything ? -- = Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe = Never attribute to malice what can adequately be explained by incompetence= . From owner-freebsd-usb@FreeBSD.ORG Mon Oct 6 20:48:20 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8E0E763A; Mon, 6 Oct 2014 20:48:20 +0000 (UTC) Received: from mail.turbocat.net (mail.turbocat.net [IPv6:2a01:4f8:d16:4514::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 508D5826; Mon, 6 Oct 2014 20:48:20 +0000 (UTC) Received: from laptop015.home.selasky.org (cm-176.74.213.204.customer.telag.net [176.74.213.204]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mail.turbocat.net (Postfix) with ESMTPSA id AD4C01FE022; Mon, 6 Oct 2014 22:48:17 +0200 (CEST) Message-ID: <5433000E.7000404@selasky.org> Date: Mon, 06 Oct 2014 22:48:14 +0200 From: Hans Petter Selasky User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0 MIME-Version: 1.0 To: Poul-Henning Kamp , "Julian H. Stacey" Subject: Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell References: <201410061956.s96Ju8S3089675@fire.js.berklix.net> <66233.1412627400@critter.freebsd.dk> In-Reply-To: <66233.1412627400@critter.freebsd.dk> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-security@freebsd.org, freebsd-usb@freebsd.org X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Oct 2014 20:48:20 -0000 On 10/06/14 22:30, Poul-Henning Kamp wrote: > -------- > In message <201410061956.s96Ju8S3089675@fire.js.berklix.net>, "Julian H. Stacey > " writes: > >> For FreeBSD, >> I guess for serious security, every new device that is connected >> & recognised by /sbin/devd should in future be personaly authorised >> by a human ! One can no longer trust what reports itself to be >> eg a keyboard to actually Be a keyboard, etc. > > "no longer" ? > > When you could you *ever* trust a USB device about anything ? > Hi, You should not assume you can trust hardware :-) Especially removable hardware. It is possible to add a sysctl to halt the probing of USB devices, so that USB devices can only be detached from the system. The problem is that if the main input is a USB keyboard and that goes away, you have no easy way to recover your system ... Anyway, USB 2.0 and 1.0 are broadcast based, and technically one device might highjack the traffic of another one. --HPS From owner-freebsd-usb@FreeBSD.ORG Tue Oct 7 16:20:57 2014 Return-Path: Delivered-To: freebsd-usb@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 323D05A2 for ; Tue, 7 Oct 2014 16:20:57 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 18F328DC for ; Tue, 7 Oct 2014 16:20:57 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id s97GKune065564 for ; Tue, 7 Oct 2014 16:20:56 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-usb@FreeBSD.org Subject: [Bug 194226] New: USB does not work early in the boot process when 60/64 emulation support is enabled Date: Tue, 07 Oct 2014 16:20:57 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: usb X-Bugzilla-Version: 10.1-BETA3 X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: nefar@otherware.org X-Bugzilla-Status: Needs Triage X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-usb@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Oct 2014 16:20:57 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194226 Bug ID: 194226 Summary: USB does not work early in the boot process when 60/64 emulation support is enabled Product: Base System Version: 10.1-BETA3 Hardware: amd64 OS: Any Status: Needs Triage Severity: Affects Some People Priority: --- Component: usb Assignee: freebsd-usb@FreeBSD.org Reporter: nefar@otherware.org My motherboard (http://www.amazon.com/gp/product/B00FM4M7TQ) which I recently shipped arrived with "Port 60/64 emulation" enabled which according to the BIOS "enables I/O port 60h/64h emulation support" The downside of this emulation is that while I can select boot options, as soon as I'm past the boot prompt, my keyboard stops working until I'm prompted to login. The real problem is that when enabling root disk encryption with geli, the keyboard does NOT work when prompted for the geli keyboard. So it seems there's some issue dealing with this emulation. -- You are receiving this mail because: You are the assignee for the bug. From owner-freebsd-usb@FreeBSD.ORG Tue Oct 7 17:01:46 2014 Return-Path: Delivered-To: freebsd-usb@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 869A2C08 for ; Tue, 7 Oct 2014 17:01:46 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6CBB9ECE for ; Tue, 7 Oct 2014 17:01:46 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id s97H1kiP085797 for ; Tue, 7 Oct 2014 17:01:46 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-usb@FreeBSD.org Subject: [Bug 194226] USB does not work early in the boot process when 60/64 emulation support is enabled Date: Tue, 07 Oct 2014 17:01:46 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: usb X-Bugzilla-Version: 10.1-BETA3 X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: nefar@otherware.org X-Bugzilla-Status: Needs Triage X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-usb@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Oct 2014 17:01:46 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194226 --- Comment #1 from nefar@otherware.org --- It was disabling all legacy USB options that got it geli to work for me. However, then I was unable to choose bootloader option. So I enabled it again and tried disabling the emulation support. -- You are receiving this mail because: You are the assignee for the bug. From owner-freebsd-usb@FreeBSD.ORG Tue Oct 7 19:04:44 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 40E7338D for ; Tue, 7 Oct 2014 19:04:44 +0000 (UTC) Received: from smarthost1.sentex.ca (smarthost1.sentex.ca [IPv6:2607:f3e0:0:1::12]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "smarthost.sentex.ca", Issuer "smarthost.sentex.ca" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 0A220F73 for ; Tue, 7 Oct 2014 19:04:43 +0000 (UTC) Received: from [IPv6:2607:f3e0:0:4:f025:8813:7603:7e4a] (saphire3.sentex.ca [IPv6:2607:f3e0:0:4:f025:8813:7603:7e4a]) by smarthost1.sentex.ca (8.14.9/8.14.9) with ESMTP id s97J4fEe056198; Tue, 7 Oct 2014 15:04:42 -0400 (EDT) (envelope-from mike@sentex.net) Message-ID: <54343944.2040103@sentex.net> Date: Tue, 07 Oct 2014 15:04:36 -0400 From: Mike Tancsa Organization: Sentex Communications User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.1.2 MIME-Version: 1.0 To: freebsd-usb@freebsd.org Subject: XHCI device probe inconsistency Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.75 X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Oct 2014 19:04:44 -0000 Hi, on r272695 AMD64, I have a USB 3.0 CF reader/writer that does not consistently work the same. At bootup time, if I have the reader attached, it connects as a USB 2.0 device. If I disconnect and reconnect it, it attaches and seems to function at the proper speed. after physically disconnecting and reconnecting it shows as usbconfig ugen0.1: at usbus0, cfg=0 md=HOST spd=SUPER (5.0Gbps) pwr=SAVE (0mA) ugen1.1: at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) ugen2.1: at usbus2, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) ugen0.2: at usbus0, cfg=0 md=HOST spd=FULL (12Mbps) pwr=ON (100mA) ugen1.2: at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) ugen2.2: at usbus2, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) ugen0.3: at usbus0, cfg=0 md=HOST spd=LOW (1.5Mbps) pwr=ON (100mA) ugen0.5: at usbus0, cfg=0 md=HOST spd=FULL (12Mbps) pwr=ON (0mA) ugen0.4: at usbus0, cfg=0 md=HOST spd=SUPER (5.0Gbps) pwr=ON (200mA) ugen0.4: at usbus0, cfg=0 md=HOST spd=SUPER (5.0Gbps) pwr=ON (200mA) bLength = 0x0012 bDescriptorType = 0x0001 bcdUSB = 0x0300 bDeviceClass = 0x0000 bDeviceSubClass = 0x0000 bDeviceProtocol = 0x0000 bMaxPacketSize0 = 0x0009 idVendor = 0x11b0 idProduct = 0x6348 bcdDevice = 0x0308 iManufacturer = 0x0001 iProduct = 0x0002 iSerialNumber = 0x0003 <08735342214972> bNumConfigurations = 0x0001 At bootup time, dmesg shows ugen0.4: at usbus0 umass0: on usbus0 umass0: SCSI over Bulk-Only; quirks = 0x4000 umass0:7:0:-1: Attached to scbus7 da0 at umass-sim0 bus 0 scbus7 target 0 lun 0 da0: < FCR-HS3 -0 1.00> Removable Direct Access SCSI-4 device da0: Serial Number 08735342214972 da0: 40.000MB/s transfers da0: 1919MB (3931200 512 byte sectors: 255H 63S/T 244C) da0: quirks=0x2 da1 at umass-sim0 bus 0 scbus7 target 0 lun 1 da1: < FCR-HS3 -1 1.00> Removable Direct Access SCSI-4 device da1: Serial Number 08735342214972 da1: 40.000MB/s transfers da1: Attempt to query device size failed: NOT READY, Medium not present da1: quirks=0x2 da2 at umass-sim0 bus 0 scbus7 target 0 lun 2 da2: < FCR-HS3 -2 1.00> Removable Direct Access SCSI-4 device da2: Serial Number 08735342214972 da2: 40.000MB/s transfers da2: Attempt to query device size failed: NOT READY, Medium not present da2: quirks=0x2 da3 at umass-sim0 bus 0 scbus7 target 0 lun 3 da3: < FCR-HS3 -3 1.00> Removable Direct Access SCSI-4 device da3: Serial Number 08735342214972 da3: 40.000MB/s transfers da3: Attempt to query device size failed: NOT READY, Medium not present da3: quirks=0x2 Root mount waiting for: usbus0 and then disconnect .. (da2:umass-sim0:0:0:2): Periph destroyed (da3:umass-sim0:0:0:3): Periph destroyed ugen0.4: at usbus0 umass0: on usbus0 umass0: SCSI over Bulk-Only; quirks = 0x4000 umass0:7:0:-1: Attached to scbus7 (probe0:umass-sim0:0:0:0): REPORT LUNS. CDB: a0 00 00 00 00 00 00 00 00 10 00 00 (probe0:umass-sim0:0:0:0): CAM status: SCSI Status Error (probe0:umass-sim0:0:0:0): SCSI status: Check Condition (probe0:umass-sim0:0:0:0): SCSI sense: ILLEGAL REQUEST asc:24,0 (Invalid field in CDB) (probe0:umass-sim0:0:0:0): Error 22, Unretryable error da0 at umass-sim0 bus 0 scbus7 target 0 lun 0 da0: < FCR-HS3 -0 1.00> Removable Direct Access SCSI-6 device da0: Serial Number 08735342214972 da0: 400.000MB/s transfers da0: 1919MB (3931200 512 byte sectors: 255H 63S/T 244C) da0: quirks=0x2 da1 at umass-sim0 bus 0 scbus7 target 0 lun 1 da1: < FCR-HS3 -1 1.00> Removable Direct Access SCSI-6 device da1: Serial Number 08735342214972 da1: 400.000MB/s transfers da1: Attempt to query device size failed: NOT READY, Medium not present da1: quirks=0x2 da2 at umass-sim0 bus 0 scbus7 target 0 lun 2 da2: < FCR-HS3 -2 1.00> Removable Direct Access SCSI-6 device da2: Serial Number 08735342214972 da2: 400.000MB/s transfers da2: Attempt to query device size failed: NOT READY, Medium not present da2: quirks=0x2 da3 at umass-sim0 bus 0 scbus7 target 0 lun 3 da3: < FCR-HS3 -3 1.00> Removable Direct Access SCSI-6 device da3: Serial Number 08735342214972 da3: 400.000MB/s transfers da3: Attempt to query device size failed: NOT READY, Medium not present da3: quirks=0x2 and its the proper speed. MB is BIOS Information Vendor: Intel Corp. Version: S1200RP.86B.01.04.0002.011020141517 Release Date: 01/10/2014 Base Board Information Manufacturer: Intel Corporation Product Name: S1200RP_SE Version: G62252-406 xhci0@pci0:0:20:0: class=0x0c0330 card=0x35b78086 chip=0x8c318086 rev=0x05 hdr=0x00 vendor = 'Intel Corporation' device = 'Lynx Point USB xHCI Host Controller' class = serial bus subclass = USB bar [10] = type Memory, range 64, base 0xc0120000, size 65536, enabled cap 01[70] = powerspec 2 supports D0 D3 current D0 cap 05[80] = MSI supports 8 messages, 64 bit enabled with 1 message ehci0@pci0:0:26:0: class=0x0c0320 card=0x35b78086 chip=0x8c2d8086 rev=0x05 hdr=0x00 vendor = 'Intel Corporation' device = 'Lynx Point USB Enhanced Host Controller' class = serial bus subclass = USB bar [10] = type Memory, range 32, base 0xc1420000, size 1024, enabled cap 01[50] = powerspec 2 supports D0 D3 current D0 cap 0a[58] = EHCI Debug Port at offset 0xa0 in map 0x14 cap 13[98] = PCI Advanced Features: FLR TP -- ------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/ From owner-freebsd-usb@FreeBSD.ORG Tue Oct 7 21:20:02 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B0B6B742 for ; Tue, 7 Oct 2014 21:20:02 +0000 (UTC) Received: from cain.gsoft.com.au (cain.gsoft.com.au [203.31.81.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3A60B7B for ; Tue, 7 Oct 2014 21:20:01 +0000 (UTC) Received: from [10.0.2.95] (ppp14-2-3-181.lns21.adl2.internode.on.net [14.2.3.181]) (authenticated bits=0) by cain.gsoft.com.au (8.14.4/8.14.3) with ESMTP id s97LJUO0054165 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Wed, 8 Oct 2014 07:49:39 +1030 (CST) (envelope-from doconnor@gsoft.com.au) Subject: Re: Panic in usb_unref_device Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\)) Content-Type: text/plain; charset=windows-1252 From: "Daniel O'Connor" In-Reply-To: <542E8D27.2060505@selasky.org> Date: Wed, 8 Oct 2014 07:49:30 +1030 Content-Transfer-Encoding: quoted-printable Message-Id: References: <8B31CE4F-F310-49E7-8316-22D6170BF6C6@gsoft.com.au> <542E8D27.2060505@selasky.org> To: Hans Petter Selasky X-Mailer: Apple Mail (2.1878.6) X-Spam-Score: 0.163 () BAYES_00,RDNS_DYNAMIC X-Scanned-By: MIMEDefang 2.67 on 203.31.81.10 Cc: freebsd-usb@freebsd.org X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Oct 2014 21:20:02 -0000 On 3 Oct 2014, at 21:18, Hans Petter Selasky wrote: > On 10/03/14 13:19, Daniel O'Connor wrote: >> Hi, >> I have a custom USB device based on the Cypress FX2 and we are = finding that with some older kernels it hangs - this was fixed in = https://svnweb.freebsd.org/base?view=3Drevision&revision=3D267240 but = now it panics with=85 >>=20 > There's a minor bug there. Can you test the attached patch? Sorry for the late reply (there was a holiday on Monday here) - the = patch seems to have fixed the crash, thanks! -- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C From owner-freebsd-usb@FreeBSD.ORG Tue Oct 7 22:37:00 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 985F9FA0; Tue, 7 Oct 2014 22:37:00 +0000 (UTC) Received: from land.berklix.org (land.berklix.org [144.76.10.75]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 27236ACE; Tue, 7 Oct 2014 22:36:59 +0000 (UTC) Received: from mart.js.berklix.net (p5DCBCF45.dip0.t-ipconnect.de [93.203.207.69]) (authenticated bits=128) by land.berklix.org (8.14.5/8.14.5) with ESMTP id s97MXfdr003288; Tue, 7 Oct 2014 22:33:41 GMT (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by mart.js.berklix.net (8.14.3/8.14.3) with ESMTP id s97MaaLo089296; Wed, 8 Oct 2014 00:36:36 +0200 (CEST) (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.14.7/8.14.7) with ESMTP id s97Ma56M051223; Wed, 8 Oct 2014 00:36:23 +0200 (CEST) (envelope-from jhs@berklix.com) Message-Id: <201410072236.s97Ma56M051223@fire.js.berklix.net> To: Hans Petter Selasky Subject: Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell From: "Julian H. Stacey" Organization: http://berklix.com BSD Unix Linux Consultants, Munich Germany User-agent: EXMH on FreeBSD http://berklix.com/free/ X-URL: http://www.berklix.com In-reply-to: Your message "Mon, 06 Oct 2014 22:48:14 +0200." <5433000E.7000404@selasky.org> Date: Wed, 08 Oct 2014 00:36:05 +0200 Cc: freebsd-security@freebsd.org, Poul-Henning Kamp , freebsd-usb@freebsd.org X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Oct 2014 22:37:00 -0000 Hi Hans Petter Selasky wrote: > On 10/06/14 22:30, Poul-Henning Kamp wrote: > > -------- > > In message <201410061956.s96Ju8S3089675@fire.js.berklix.net>, "Julian H. Stacey > > " writes: > > > >> For FreeBSD, > >> I guess for serious security, every new device that is connected > >> & recognised by /sbin/devd should in future be personaly authorised > >> by a human ! One can no longer trust what reports itself to be > >> eg a keyboard to actually Be a keyboard, etc. > > > > "no longer" ? > > > > When you could you *ever* trust a USB device about anything ? Yes. Can't even trust a memory stick, even when avoiding a reboot, even when not mounting it. > Hi, > > You should not assume you can trust hardware :-) Especially removable > hardware. Yes. That lecture has fortified my lapsed paranoia ;-) > It is possible to add a sysctl to halt the probing of USB devices, so > that USB devices can only be detached from the system. Good idea. Would provide more protection than my idea of some confirm Yes/No command called from devd attach, (as a BadUSB device could masquerade a keyboard device to say Yes). sysctl -a -d | grep device | rev | sort | rev | more shows nothing, so I guess it would be nice if someone wrote such a sysctl. > The problem is > that if the main input is a USB keyboard and that goes away, you have no > easy way to recover your system ... Yes, sometimes some users wouldn't want to enable that sysctl, but it would allow considerable protection for others. I think it would be good to have, just a question of which default state at boot, inhibit off I guess, as now (least suprise). > Anyway, USB 2.0 and 1.0 are broadcast based, and technically one device > might highjack the traffic of another one. So a sysctl would provide more safety, but still not be totaly safe, best we can do I guess. The end of the lecture alluded to this masquerading possibility, that devices had no ID encryption key to prevent it, (& in some cases not even a serial number). Cheers, Julian -- Julian Stacey, BSD Linux Unix C Sys Eng Consultant Munich http://berklix.com Indent previous with "> ". Interleave reply paragraphs like a play script. Send plain text, not quoted-printable, HTML, base64, or multipart/alternative. From owner-freebsd-usb@FreeBSD.ORG Wed Oct 8 07:03:36 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E127DBCC; Wed, 8 Oct 2014 07:03:36 +0000 (UTC) Received: from mail.turbocat.net (heidi.turbocat.net [88.198.202.214]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9F17E12F; Wed, 8 Oct 2014 07:03:36 +0000 (UTC) Received: from laptop015.home.selasky.org (cm-176.74.213.204.customer.telag.net [176.74.213.204]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mail.turbocat.net (Postfix) with ESMTPSA id 6A47E1FE022; Wed, 8 Oct 2014 09:03:33 +0200 (CEST) Message-ID: <5434E1C3.9090605@selasky.org> Date: Wed, 08 Oct 2014 09:03:31 +0200 From: Hans Petter Selasky User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0 MIME-Version: 1.0 To: "Julian H. Stacey" Subject: Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell References: <201410072236.s97Ma56M051223@fire.js.berklix.net> In-Reply-To: <201410072236.s97Ma56M051223@fire.js.berklix.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-security@freebsd.org, Poul-Henning Kamp , freebsd-usb@freebsd.org X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Oct 2014 07:03:37 -0000 Hi, Can you test the following kernel patch and give some feedback: https://svnweb.freebsd.org/changeset/base/272733 After the patch you will get something like: hw.usb.disable_enumeration: 0 dev.uhub.0.disable_enumeration: 0 dev.uhub.1.disable_enumeration: 0 ... which is also settable through /boot/loader.conf (tunable) --HPS From owner-freebsd-usb@FreeBSD.ORG Wed Oct 8 09:23:32 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EF415D4F for ; Wed, 8 Oct 2014 09:23:32 +0000 (UTC) Received: from mail.turbocat.net (heidi.turbocat.net [88.198.202.214]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A3C6D1A2 for ; Wed, 8 Oct 2014 09:23:31 +0000 (UTC) Received: from laptop015.home.selasky.org (cm-176.74.213.204.customer.telag.net [176.74.213.204]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mail.turbocat.net (Postfix) with ESMTPSA id 5F9F01FE022; Wed, 8 Oct 2014 11:23:29 +0200 (CEST) Message-ID: <5435028F.1080806@selasky.org> Date: Wed, 08 Oct 2014 11:23:27 +0200 From: Hans Petter Selasky User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0 MIME-Version: 1.0 To: "freebsd-usb@freebsd.org" Subject: Re: xhci problem on UEFI boot MacBookPro 11,3 References: <541FBD6F.2080507@selasky.org> <541FDDF0.90502@selasky.org> <542662BE.5050908@selasky.org> <542701FA.2000408@selasky.org> <5427029B.3060502@selasky.org> <5427AC46.3040707@selasky.org> <542E3F02.4050401@selasky.org> <141592A3-A4CD-48F6-B26D-35BF10436012@gmail.com> In-Reply-To: <141592A3-A4CD-48F6-B26D-35BF10436012@gmail.com> Content-Type: text/plain; charset=GB2312 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Oct 2014 09:23:33 -0000 FYI This issue was fixed by: https://svnweb.freebsd.org/changeset/base/272589 --HPS From owner-freebsd-usb@FreeBSD.ORG Wed Oct 8 09:24:31 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 42A9CE6A for ; Wed, 8 Oct 2014 09:24:31 +0000 (UTC) Received: from mail.turbocat.net (mail.turbocat.net [IPv6:2a01:4f8:d16:4514::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 032211AD for ; Wed, 8 Oct 2014 09:24:31 +0000 (UTC) Received: from laptop015.home.selasky.org (cm-176.74.213.204.customer.telag.net [176.74.213.204]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mail.turbocat.net (Postfix) with ESMTPSA id CF8A01FE022; Wed, 8 Oct 2014 11:24:28 +0200 (CEST) Message-ID: <543502CA.1030707@selasky.org> Date: Wed, 08 Oct 2014 11:24:26 +0200 From: Hans Petter Selasky User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0 MIME-Version: 1.0 To: Daniel O'Connor Subject: Re: Panic in usb_unref_device References: <8B31CE4F-F310-49E7-8316-22D6170BF6C6@gsoft.com.au> <542E8D27.2060505@selasky.org> In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 8bit Cc: freebsd-usb@freebsd.org X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Oct 2014 09:24:31 -0000 On 10/07/14 23:19, Daniel O'Connor wrote: > > On 3 Oct 2014, at 21:18, Hans Petter Selasky wrote: >> On 10/03/14 13:19, Daniel O'Connor wrote: >>> Hi, >>> I have a custom USB device based on the Cypress FX2 and we are finding that with some older kernels it hangs - this was fixed in https://svnweb.freebsd.org/base?view=revision&revision=267240 but now it panics with… >>> >> There's a minor bug there. Can you test the attached patch? > > Sorry for the late reply (there was a holiday on Monday here) - the patch seems to have fixed the crash, thanks! You're welcome! --HPS From owner-freebsd-usb@FreeBSD.ORG Wed Oct 8 09:27:34 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3D615143 for ; Wed, 8 Oct 2014 09:27:34 +0000 (UTC) Received: from mail.turbocat.net (heidi.turbocat.net [88.198.202.214]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F1CA41E4 for ; Wed, 8 Oct 2014 09:27:33 +0000 (UTC) Received: from laptop015.home.selasky.org (cm-176.74.213.204.customer.telag.net [176.74.213.204]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mail.turbocat.net (Postfix) with ESMTPSA id 65A9D1FE022; Wed, 8 Oct 2014 11:27:31 +0200 (CEST) Message-ID: <54350381.4020609@selasky.org> Date: Wed, 08 Oct 2014 11:27:29 +0200 From: Hans Petter Selasky User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0 MIME-Version: 1.0 To: Mike Tancsa , freebsd-usb@freebsd.org Subject: Re: XHCI device probe inconsistency References: <54343944.2040103@sentex.net> In-Reply-To: <54343944.2040103@sentex.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Oct 2014 09:27:34 -0000 On 10/07/14 21:04, Mike Tancsa wrote: > ugen0.4: at usbus0, cfg=0 md=HOST > spd=SUPER (5.0Gbps) pwr=ON (200mA) Hi, If you plug the device after boot, what happens then? What speed does the BIOS enumerate the device at? Have you checked for USB related BIOS settings? --HPS From owner-freebsd-usb@FreeBSD.ORG Wed Oct 8 09:30:30 2014 Return-Path: Delivered-To: freebsd-usb@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C8890193 for ; Wed, 8 Oct 2014 09:30:30 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AF8801FA for ; Wed, 8 Oct 2014 09:30:30 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id s989UUeo070384 for ; Wed, 8 Oct 2014 09:30:30 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-usb@FreeBSD.org Subject: [Bug 194226] USB does not work early in the boot process when 60/64 emulation support is enabled Date: Wed, 08 Oct 2014 09:30:30 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: usb X-Bugzilla-Version: 10.1-BETA3 X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: hselasky@FreeBSD.org X-Bugzilla-Status: Needs Triage X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-usb@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Oct 2014 09:30:30 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194226 Hans Petter Selasky changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |hselasky@FreeBSD.org --- Comment #2 from Hans Petter Selasky --- Hi, Is the "ukbd" driver in the kernel or loaded as a module? If the keyboard is enumerated before the mount root prompt and password prompt, it should work. There are some loader options to make the kernel wait a bit more for USB devices to show up. BTW: Is this also a problem with 10-stable. Depending on your USB controller, the following patch might help: https://svnweb.freebsd.org/changeset/base/272589 --HPS -- You are receiving this mail because: You are the assignee for the bug. From owner-freebsd-usb@FreeBSD.ORG Wed Oct 8 09:30:49 2014 Return-Path: Delivered-To: freebsd-usb@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EEAAD302 for ; Wed, 8 Oct 2014 09:30:49 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D5CBA205 for ; Wed, 8 Oct 2014 09:30:49 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id s989UncS070510 for ; Wed, 8 Oct 2014 09:30:49 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-usb@FreeBSD.org Subject: [Bug 194226] USB does not work early in the boot process when 60/64 emulation support is enabled Date: Wed, 08 Oct 2014 09:30:50 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: usb X-Bugzilla-Version: 10.1-BETA3 X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: hselasky@FreeBSD.org X-Bugzilla-Status: In Discussion X-Bugzilla-Priority: Normal X-Bugzilla-Assigned-To: freebsd-usb@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: priority bug_status Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Oct 2014 09:30:50 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194226 Hans Petter Selasky changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|--- |Normal Status|Needs Triage |In Discussion -- You are receiving this mail because: You are the assignee for the bug. From owner-freebsd-usb@FreeBSD.ORG Wed Oct 8 14:37:59 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7ACB663A for ; Wed, 8 Oct 2014 14:37:59 +0000 (UTC) Received: from smarthost1.sentex.ca (smarthost1.sentex.ca [IPv6:2607:f3e0:0:1::12]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "smarthost.sentex.ca", Issuer "smarthost.sentex.ca" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 43AB3910 for ; Wed, 8 Oct 2014 14:37:58 +0000 (UTC) Received: from [IPv6:2607:f3e0:0:4:f025:8813:7603:7e4a] (saphire3.sentex.ca [IPv6:2607:f3e0:0:4:f025:8813:7603:7e4a]) by smarthost1.sentex.ca (8.14.9/8.14.9) with ESMTP id s98EbvDt082333; Wed, 8 Oct 2014 10:37:57 -0400 (EDT) (envelope-from mike@sentex.net) Message-ID: <54354C3E.5080100@sentex.net> Date: Wed, 08 Oct 2014 10:37:50 -0400 From: Mike Tancsa Organization: Sentex Communications User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.1.2 MIME-Version: 1.0 To: Hans Petter Selasky , freebsd-usb@freebsd.org Subject: Re: XHCI device probe inconsistency References: <54343944.2040103@sentex.net> <54350381.4020609@selasky.org> In-Reply-To: <54350381.4020609@selasky.org> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.75 X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Oct 2014 14:37:59 -0000 On 10/8/2014 5:27 AM, Hans Petter Selasky wrote: > Hi, > > If you plug the device after boot, what happens then? > > What speed does the BIOS enumerate the device at? > > Have you checked for USB related BIOS settings? Hi, Hmmm, I could not recreate the issue at first!! I tried both a soft and cold boot, and with and without a CF in it and it would always come up as USB3.... And then I remember setting the BIOS option Make USB Non Bootable (Enable/Disable) so it would not try and boot from the flash. Once I set that to enable, so it could not boot from a USB device, the CF Reader/Writer always probes as USB3 speed! When its disabled, at boot time it probes as USB2 speeds until I disconnect / reconnect. Thanks! ---Mike -- ------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/ From owner-freebsd-usb@FreeBSD.ORG Wed Oct 8 16:13:11 2014 Return-Path: Delivered-To: freebsd-usb@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D282AEEE for ; Wed, 8 Oct 2014 16:13:11 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B961968F for ; Wed, 8 Oct 2014 16:13:11 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id s98GDBaR053734 for ; Wed, 8 Oct 2014 16:13:11 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-usb@FreeBSD.org Subject: [Bug 194226] USB does not work early in the boot process when 60/64 emulation support is enabled Date: Wed, 08 Oct 2014 16:13:12 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: usb X-Bugzilla-Version: 10.1-BETA3 X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: nefar@otherware.org X-Bugzilla-Status: In Discussion X-Bugzilla-Priority: Normal X-Bugzilla-Assigned-To: freebsd-usb@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Oct 2014 16:13:11 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194226 --- Comment #3 from nefar@otherware.org --- Using vanilla 10.1-BETA3 kernel. No changes in kernel on how "ukbd" is loaded. -- You are receiving this mail because: You are the assignee for the bug. From owner-freebsd-usb@FreeBSD.ORG Wed Oct 8 16:17:36 2014 Return-Path: Delivered-To: freebsd-usb@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0E3F5189 for ; Wed, 8 Oct 2014 16:17:36 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E927B6CC for ; Wed, 8 Oct 2014 16:17:35 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id s98GHZXE056169 for ; Wed, 8 Oct 2014 16:17:35 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-usb@FreeBSD.org Subject: [Bug 194226] USB does not work early in the boot process when 60/64 emulation support is enabled Date: Wed, 08 Oct 2014 16:17:35 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: usb X-Bugzilla-Version: 10.1-BETA3 X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: hselasky@FreeBSD.org X-Bugzilla-Status: In Discussion X-Bugzilla-Priority: Normal X-Bugzilla-Assigned-To: freebsd-usb@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Oct 2014 16:17:36 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194226 --- Comment #4 from Hans Petter Selasky --- Can you show dmesg? --HPS -- You are receiving this mail because: You are the assignee for the bug. From owner-freebsd-usb@FreeBSD.ORG Wed Oct 8 16:20:14 2014 Return-Path: Delivered-To: freebsd-usb@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 724091E2 for ; Wed, 8 Oct 2014 16:20:14 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5932F6E0 for ; Wed, 8 Oct 2014 16:20:14 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id s98GKEfK058482 for ; Wed, 8 Oct 2014 16:20:14 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-usb@FreeBSD.org Subject: [Bug 194226] USB does not work early in the boot process when 60/64 emulation support is enabled Date: Wed, 08 Oct 2014 16:20:14 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: usb X-Bugzilla-Version: 10.1-BETA3 X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: nefar@otherware.org X-Bugzilla-Status: In Discussion X-Bugzilla-Priority: Normal X-Bugzilla-Assigned-To: freebsd-usb@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Oct 2014 16:20:14 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194226 --- Comment #5 from nefar@otherware.org --- Yes. Standby. -- You are receiving this mail because: You are the assignee for the bug. From owner-freebsd-usb@FreeBSD.ORG Wed Oct 8 20:01:04 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 055B7D97; Wed, 8 Oct 2014 20:01:04 +0000 (UTC) Received: from land.berklix.org (land.berklix.org [144.76.10.75]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 60AAA3D4; Wed, 8 Oct 2014 20:01:03 +0000 (UTC) Received: from mart.js.berklix.net (p5DCBD7F1.dip0.t-ipconnect.de [93.203.215.241]) (authenticated bits=128) by land.berklix.org (8.14.5/8.14.5) with ESMTP id s98IwfxH059028; Wed, 8 Oct 2014 18:58:41 GMT (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by mart.js.berklix.net (8.14.3/8.14.3) with ESMTP id s98J1aA1095608; Wed, 8 Oct 2014 21:01:37 +0200 (CEST) (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.14.7/8.14.7) with ESMTP id s98J160W019899; Wed, 8 Oct 2014 21:01:24 +0200 (CEST) (envelope-from jhs@berklix.com) Message-Id: <201410081901.s98J160W019899@fire.js.berklix.net> To: Hans Petter Selasky Subject: Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell From: "Julian H. Stacey" Organization: http://berklix.com BSD Unix Linux Consultants, Munich Germany User-agent: EXMH on FreeBSD http://berklix.com/free/ X-URL: http://www.berklix.com In-reply-to: Your message "Wed, 08 Oct 2014 09:03:31 +0200." <5434E1C3.9090605@selasky.org> Date: Wed, 08 Oct 2014 21:01:06 +0200 Cc: freebsd-security@freebsd.org, Poul-Henning Kamp , freebsd-usb@freebsd.org X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Oct 2014 20:01:04 -0000 Hans Petter Selasky wrote: > Hi, > > Can you test the following kernel patch and give some feedback: > > https://svnweb.freebsd.org/changeset/base/272733 > > After the patch you will get something like: > > hw.usb.disable_enumeration: 0 > dev.uhub.0.disable_enumeration: 0 > dev.uhub.1.disable_enumeration: 0 > ... > > which is also settable through /boot/loader.conf (tunable) Thanks, Quick work ! I downloaded, but before use, I ran a make world as my current was maybe a week or 2 old, I made a new generic kernel with CTM src-cur.11644.gz ie (latest CVS as supplied by CTM) But src/ make all failed so I ran make world, which also failed: ------------------- /usr/obj/usr/src/tmp/usr/include/dev/usb/usb.h:154:16: note: forward declaration of 'struct usb_device_request' typedef struct usb_device_request usb_device_request_t; ^ 19 errors generated. *** Error code 1 Stop. make[4]: stopped in /usr/src/lib/libusbhid ------------------- In parallel to make world I applied your patches to make & that failed: -------- /sys/amd64/compile/GENERIC ../../../dev/usb/usbdi.h:301:5: warning: 'USB_HAVE_COMPAT_LINUX' is not defined, evaluates to 0 [-Wundef] #if USB_HAVE_COMPAT_LINUX ^ 2 warnings generated. mkdep: compile failed *** Error code 1 Stop. make: stopped in /usr/src/sys/amd64/compile/GENERIC -------- But that may be because my system is pehaps a couple of weeks old or so. The latest generic src/ kernel booted OK FreeBSD lapr.js.berklix.net 11.0-CURRENT FreeBSD 11.0-CURRENT #1: Wed Oct 8 17:26:13 CEST 2014 jhs@lapr.js.berklix.net:/usr/src/sys/amd64/compile/GENERIC amd64 (though I noticed a named: lock order reversal that I will ignore) When I can get src/ to build (I'm using make -k all now :-), I'll go back to compiling GENERIC kernel with your changeset/base/272733 Cheers, Julian -- Julian Stacey, BSD Linux Unix C Sys Eng Consultant Munich http://berklix.com Indent previous with "> ". Interleave reply paragraphs like a play script. Send plain text, not quoted-printable, HTML, base64, or multipart/alternative. From owner-freebsd-usb@FreeBSD.ORG Wed Oct 8 23:47:44 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B5103CAD; Wed, 8 Oct 2014 23:47:44 +0000 (UTC) Received: from land.berklix.org (land.berklix.org [144.76.10.75]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5B5ADF7A; Wed, 8 Oct 2014 23:47:43 +0000 (UTC) Received: from mart.js.berklix.net (pD9FBFE44.dip0.t-ipconnect.de [217.251.254.68]) (authenticated bits=128) by land.berklix.org (8.14.5/8.14.5) with ESMTP id s98NiJ6F069561; Wed, 8 Oct 2014 23:44:19 GMT (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by mart.js.berklix.net (8.14.3/8.14.3) with ESMTP id s98NlFra097023; Thu, 9 Oct 2014 01:47:15 +0200 (CEST) (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.14.7/8.14.7) with ESMTP id s98NkjW3025396; Thu, 9 Oct 2014 01:47:03 +0200 (CEST) (envelope-from jhs@berklix.com) Message-Id: <201410082347.s98NkjW3025396@fire.js.berklix.net> To: Hans Petter Selasky , freebsd-security@freebsd.org, Poul-Henning Kamp , freebsd-usb@freebsd.org Subject: Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell From: "Julian H. Stacey" Organization: http://berklix.com BSD Unix Linux Consultants, Munich Germany User-agent: EXMH on FreeBSD http://berklix.com/free/ X-URL: http://www.berklix.com In-reply-to: Your message "Wed, 08 Oct 2014 21:01:06 +0200." <201410081901.s98J160W019899@fire.js.berklix.net> Date: Thu, 09 Oct 2014 01:46:44 +0200 X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Oct 2014 23:47:44 -0000 Hi Hans etc "Julian H. Stacey" wrote: > Hans Petter Selasky wrote: > > Hi, > > > > Can you test the following kernel patch and give some feedback: > > > > https://svnweb.freebsd.org/changeset/base/272733 I'm now on latest current with src & sys/ GENERIC /usr/src/.ctm_status # src-cur 11645 This time I downloaded your files properly (last time I was severely distracted & made a silly mistake) > > After the patch you will get something like: > > hw.usb.disable_enumeration: 0 > > dev.uhub.0.disable_enumeration: 0 > > dev.uhub.1.disable_enumeration: 0 > > ... sysctl -a | grep enumeration hw.usb.disable_enumeration: 0 dev.uhub.0.disable_enumeration: 0 dev.uhub.1.disable_enumeration: 0 dev.uhub.2.disable_enumeration: 0 dev.uhub.3.disable_enumeration: 0 dev.uhub.4.disable_enumeration: 0 sysctl -d hw.usb.disable_enumeration hw.usb.disable_enumeration: Set to disable all USB device enumeration. sysctl -d dev.uhub.4.disable_enumeration dev.uhub.4.disable_enumeration: Set to disable enumeration on this USB HUB. usbconfig ugen0.1: at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) ugen1.1: at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) ugen0.2: at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) ugen1.2: at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) ugen0.3: <1.3M WebCam XPA2535XY> at usbus0, cfg=255 md=HOST spd=HIGH (480Mbps) pwr=OFF (500mA) ugen1.3: at usbus1, cfg=0 md=HOST spd=LOW (1.5Mbps) pwr=ON (100mA) ugen1.4: at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (100mA) Inserted a WLAN stick usbconfig ugen1.5: <802.11 n WLAN Ralink> at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=ON (450mA) ifconfig -a shows run0 & wlan0 Removed WLAN stick sysctl dev.uhub.4.disable_enumeration=1 Added WLAN stick ifconfig -a No run0 & wlan0 Added WLAN stick on different direct PC socket: ifconfig -a Shows run0 & wlan0 usbconfig ugen0.1: at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) ugen1.1: at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) ugen0.2: at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) ugen1.2: at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) ugen0.3: <1.3M WebCam XPA2535XY> at usbus0, cfg=255 md=HOST spd=HIGH (480Mbps) pwr=OFF (500mA) ugen1.3: at usbus1, cfg=0 md=HOST spd=LOW (1.5Mbps) pwr=ON (100mA) ugen1.4: at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (100mA) ugen1.5: <802.11 n WLAN Ralink> at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=ON (450mA) Great ! Seems to work. (Though I need to read up on how major & minor of ugen relate to the digit in eg 4.disable_enumeration) > > which is also settable through /boot/loader.conf (tunable) Good, I hope/presume loader.conf gets run before any USB, cos I recall lecturer Karsten Nohl pointing out one could get BadUSB taking up residence in USB controller chips inside a PC, ie for a built in mouse or web cam, so one would need to turn off enumeration earlier than when first external USB approaches to connect. I've reported back on BBC news form: Ref. your 6 October 2014 Last updated at 15:29 GMT http://www.bbc.com/news/technology-29475566 The www.FreeBSD.org project (a Unix OS similar to Linux) took just 2 days to develop & test a free solution. http://lists.freebsd.org/pipermail/freebsd-usb/2014-October/013304.html Well done, Thanks Hans! Cheers, Julian -- Julian Stacey, BSD Linux Unix C Sys Eng Consultant Munich http://berklix.com Indent previous with "> ". Interleave reply paragraphs like a play script. Send plain text, not quoted-printable, HTML, base64, or multipart/alternative. From owner-freebsd-usb@FreeBSD.ORG Thu Oct 9 06:27:52 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 60C1DEE3; Thu, 9 Oct 2014 06:27:52 +0000 (UTC) Received: from mail.turbocat.net (mail.turbocat.net [IPv6:2a01:4f8:d16:4514::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E0DB4B75; Thu, 9 Oct 2014 06:27:51 +0000 (UTC) Received: from laptop015.home.selasky.org (cm-176.74.213.204.customer.telag.net [176.74.213.204]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mail.turbocat.net (Postfix) with ESMTPSA id 9D9F21FE022; Thu, 9 Oct 2014 08:27:48 +0200 (CEST) Message-ID: <54362AE2.90501@selasky.org> Date: Thu, 09 Oct 2014 08:27:46 +0200 From: Hans Petter Selasky User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0 MIME-Version: 1.0 To: "Julian H. Stacey" , freebsd-security@freebsd.org, Poul-Henning Kamp , freebsd-usb@freebsd.org Subject: Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell References: <201410082347.s98NkjW3025396@fire.js.berklix.net> In-Reply-To: <201410082347.s98NkjW3025396@fire.js.berklix.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Oct 2014 06:27:52 -0000 Hi Julian, On 10/09/14 01:46, Julian H. Stacey wrote: > Hi Hans etc > "Julian H. Stacey" wrote: >> Hans Petter Selasky wrote: >>> Hi, >>> >>> Can you test the following kernel patch and give some feedback: >>> >>> https://svnweb.freebsd.org/changeset/base/272733 > > I'm now on latest current with src & sys/ GENERIC > /usr/src/.ctm_status # src-cur 11645 > > This time I downloaded your files properly > (last time I was severely distracted & made a silly mistake) > >>> After the patch you will get something like: >>> hw.usb.disable_enumeration: 0 >>> dev.uhub.0.disable_enumeration: 0 >>> dev.uhub.1.disable_enumeration: 0 >>> ... > > sysctl -a | grep enumeration > hw.usb.disable_enumeration: 0 > dev.uhub.0.disable_enumeration: 0 > dev.uhub.1.disable_enumeration: 0 > dev.uhub.2.disable_enumeration: 0 > dev.uhub.3.disable_enumeration: 0 > dev.uhub.4.disable_enumeration: 0 > > sysctl -d hw.usb.disable_enumeration > hw.usb.disable_enumeration: Set to disable all USB device enumeration. > > sysctl -d dev.uhub.4.disable_enumeration > dev.uhub.4.disable_enumeration: Set to disable enumeration on this USB HUB. > > usbconfig > ugen0.1: at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) > ugen1.1: at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) > ugen0.2: at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) > ugen1.2: at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) > ugen0.3: <1.3M WebCam XPA2535XY> at usbus0, cfg=255 md=HOST spd=HIGH (480Mbps) pwr=OFF (500mA) > ugen1.3: at usbus1, cfg=0 md=HOST spd=LOW (1.5Mbps) pwr=ON (100mA) > ugen1.4: at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (100mA) > > > Great ! Seems to work. > > (Though I need to read up on how major & minor of ugen relate to > the digit in eg 4.disable_enumeration) > > >>> which is also settable through /boot/loader.conf (tunable) > > Good, > I hope/presume loader.conf gets run before any USB, cos I recall > lecturer Karsten Nohl pointing out one could get BadUSB taking up > residence in USB controller chips inside a PC, ie for a built in > mouse or web cam, so one would need to turn off enumeration earlier > than when first external USB approaches to connect. Yes, if set by the loader.conf, you will only see the RootHUB after boot. To get devices back after enabling enumeration again, you will need to reset the HUBs: usbconfig -d X.1 reset For example. BTW: I've added some exceptions, that existing devices can be detached, suspend/resumed and reset while the enumeration is disabled. https://svnweb.freebsd.org/changeset/base/272807 > > I've reported back on BBC news form: > Ref. your > 6 October 2014 Last updated at 15:29 GMT > http://www.bbc.com/news/technology-29475566 > > The www.FreeBSD.org project (a Unix OS similar to Linux) > took just 2 days to develop & test a free solution. > http://lists.freebsd.org/pipermail/freebsd-usb/2014-October/013304.html > Can you also test that patch? Thank you! --HPS From owner-freebsd-usb@FreeBSD.ORG Thu Oct 9 13:59:32 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 38352ABF; Thu, 9 Oct 2014 13:59:32 +0000 (UTC) Received: from mail-wg0-x22f.google.com (mail-wg0-x22f.google.com [IPv6:2a00:1450:400c:c00::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A195A6F; Thu, 9 Oct 2014 13:59:31 +0000 (UTC) Received: by mail-wg0-f47.google.com with SMTP id x13so1353274wgg.18 for ; Thu, 09 Oct 2014 06:59:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=u1g4OuKlLu+d5ix3yj+yrwWFCyVDYSCAmvxHTz2TgNA=; b=DvI8k/Sh6jJZeD2L0HvLIyY6pE2RzqDt+BkBXcMY7tBLVnR69micDmfaPpGpGZ3AI2 p5YXW12V4Y18vhyORQbVRTMkaievc3PV8yxbhh5Htf06o42bSEAmLWkSaOjiK0lEeW+m N9AzJDObIWm7n/h8OBcZcH/eZ/N0Pk8GL1dIfklV/UDnR611WTmXopQzqBSnRg2kcvQb 1deLRfkR4RD7JesyqCO6OnHbTvgZ5KhNY2Sw+I4bRj44oE1gDGGSnJ5qD7G4SLg/KxZ0 LvE+VGZcGm2pT7+9zKDEutFziskUtbPJxDrTMTDylmWNsrKXYNOHJoH8tB3M0UbewadD MMtQ== MIME-Version: 1.0 X-Received: by 10.180.83.134 with SMTP id q6mr41544839wiy.12.1412863168472; Thu, 09 Oct 2014 06:59:28 -0700 (PDT) Received: by 10.27.214.7 with HTTP; Thu, 9 Oct 2014 06:59:28 -0700 (PDT) In-Reply-To: <54362AE2.90501@selasky.org> References: <201410082347.s98NkjW3025396@fire.js.berklix.net> <54362AE2.90501@selasky.org> Date: Thu, 9 Oct 2014 15:59:28 +0200 Message-ID: Subject: Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell From: Oliver Pinter To: Hans Petter Selasky Content-Type: text/plain; charset=ISO-8859-1 Cc: freebsd-security@freebsd.org, "Julian H. Stacey" , Poul-Henning Kamp , freebsd-usb@freebsd.org X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Oct 2014 13:59:32 -0000 On 10/9/14, Hans Petter Selasky wrote: > Hi Julian, > > On 10/09/14 01:46, Julian H. Stacey wrote: >> Hi Hans etc >> "Julian H. Stacey" wrote: >>> Hans Petter Selasky wrote: >>>> Hi, >>>> >>>> Can you test the following kernel patch and give some feedback: >>>> >>>> https://svnweb.freebsd.org/changeset/base/272733 >> >> I'm now on latest current with src & sys/ GENERIC >> /usr/src/.ctm_status # src-cur 11645 >> >> This time I downloaded your files properly >> (last time I was severely distracted & made a silly mistake) >> >>>> After the patch you will get something like: >>>> hw.usb.disable_enumeration: 0 >>>> dev.uhub.0.disable_enumeration: 0 >>>> dev.uhub.1.disable_enumeration: 0 >>>> ... >> >> sysctl -a | grep enumeration >> hw.usb.disable_enumeration: 0 >> dev.uhub.0.disable_enumeration: 0 >> dev.uhub.1.disable_enumeration: 0 >> dev.uhub.2.disable_enumeration: 0 >> dev.uhub.3.disable_enumeration: 0 >> dev.uhub.4.disable_enumeration: 0 >> >> sysctl -d hw.usb.disable_enumeration >> hw.usb.disable_enumeration: Set to disable all USB device enumeration. >> >> sysctl -d dev.uhub.4.disable_enumeration >> dev.uhub.4.disable_enumeration: Set to disable enumeration on this USB >> HUB. >> >> usbconfig >> ugen0.1: at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) >> pwr=SAVE (0mA) >> ugen1.1: at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) >> pwr=SAVE (0mA) >> ugen0.2: at usbus0, cfg=0 md=HOST spd=HIGH >> (480Mbps) pwr=SAVE (0mA) >> ugen1.2: at usbus1, cfg=0 md=HOST spd=HIGH >> (480Mbps) pwr=SAVE (0mA) >> ugen0.3: <1.3M WebCam XPA2535XY> at usbus0, cfg=255 md=HOST spd=HIGH >> (480Mbps) pwr=OFF (500mA) >> ugen1.3: at usbus1, cfg=0 >> md=HOST spd=LOW (1.5Mbps) pwr=ON (100mA) >> ugen1.4: at usbus1, cfg=0 md=HOST spd=HIGH >> (480Mbps) pwr=SAVE (100mA) >> > >> >> Great ! Seems to work. >> >> (Though I need to read up on how major & minor of ugen relate to >> the digit in eg 4.disable_enumeration) >> >> >>>> which is also settable through /boot/loader.conf (tunable) >> >> Good, >> I hope/presume loader.conf gets run before any USB, cos I recall >> lecturer Karsten Nohl pointing out one could get BadUSB taking up >> residence in USB controller chips inside a PC, ie for a built in >> mouse or web cam, so one would need to turn off enumeration earlier >> than when first external USB approaches to connect. > > Yes, if set by the loader.conf, you will only see the RootHUB after boot. > > To get devices back after enabling enumeration again, you will need to > reset the HUBs: > > usbconfig -d X.1 reset > > For example. > > BTW: I've added some exceptions, that existing devices can be detached, > suspend/resumed and reset while the enumeration is disabled. Can we somehow improve this change, to powering down the ports/hubs which has the enumeration disabled? > > https://svnweb.freebsd.org/changeset/base/272807 > >> >> I've reported back on BBC news form: >> Ref. your >> 6 October 2014 Last updated at 15:29 GMT >> http://www.bbc.com/news/technology-29475566 >> >> The www.FreeBSD.org project (a Unix OS similar to Linux) >> took just 2 days to develop & test a free solution. >> http://lists.freebsd.org/pipermail/freebsd-usb/2014-October/013304.html >> > > Can you also test that patch? > > Thank you! > > --HPS > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > From owner-freebsd-usb@FreeBSD.ORG Thu Oct 9 14:07:17 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B03456AA; Thu, 9 Oct 2014 14:07:17 +0000 (UTC) Received: from land.berklix.org (land.berklix.org [144.76.10.75]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 52E561BA; Thu, 9 Oct 2014 14:07:16 +0000 (UTC) Received: from mart.js.berklix.net (pD9FBE981.dip0.t-ipconnect.de [217.251.233.129]) (authenticated bits=128) by land.berklix.org (8.14.5/8.14.5) with ESMTP id s99E413d004036; Thu, 9 Oct 2014 14:04:02 GMT (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by mart.js.berklix.net (8.14.3/8.14.3) with ESMTP id s99E6wrL001585; Thu, 9 Oct 2014 16:06:58 +0200 (CEST) (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.14.7/8.14.7) with ESMTP id s99E6MpE089417; Thu, 9 Oct 2014 16:06:34 +0200 (CEST) (envelope-from jhs@berklix.com) Message-Id: <201410091406.s99E6MpE089417@fire.js.berklix.net> To: Oliver Pinter Subject: Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell From: "Julian H. Stacey" Organization: http://berklix.com BSD Unix Linux Consultants, Munich Germany User-agent: EXMH on FreeBSD http://berklix.com/free/ X-URL: http://www.berklix.com In-reply-to: Your message "Thu, 09 Oct 2014 15:59:28 +0200." Date: Thu, 09 Oct 2014 16:06:21 +0200 Cc: freebsd-security@freebsd.org, Poul-Henning Kamp , freebsd-usb@freebsd.org X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Oct 2014 14:07:17 -0000 Hi, Reference: > From: Oliver Pinter > Date: Thu, 9 Oct 2014 15:59:28 +0200 Oliver Pinter wrote: > On 10/9/14, Hans Petter Selasky wrote: > > Hi Julian, > > > > On 10/09/14 01:46, Julian H. Stacey wrote: > >> Hi Hans etc > >> "Julian H. Stacey" wrote: > >>> Hans Petter Selasky wrote: > >>>> Hi, > >>>> > >>>> Can you test the following kernel patch and give some feedback: > >>>> > >>>> https://svnweb.freebsd.org/changeset/base/272733 > >> > >> I'm now on latest current with src & sys/ GENERIC > >> /usr/src/.ctm_status # src-cur 11645 > >> > >> This time I downloaded your files properly > >> (last time I was severely distracted & made a silly mistake) > >> > >>>> After the patch you will get something like: > >>>> hw.usb.disable_enumeration: 0 > >>>> dev.uhub.0.disable_enumeration: 0 > >>>> dev.uhub.1.disable_enumeration: 0 > >>>> ... > >> > >> sysctl -a | grep enumeration > >> hw.usb.disable_enumeration: 0 > >> dev.uhub.0.disable_enumeration: 0 > >> dev.uhub.1.disable_enumeration: 0 > >> dev.uhub.2.disable_enumeration: 0 > >> dev.uhub.3.disable_enumeration: 0 > >> dev.uhub.4.disable_enumeration: 0 > >> > >> sysctl -d hw.usb.disable_enumeration > >> hw.usb.disable_enumeration: Set to disable all USB device enumeration. > >> > >> sysctl -d dev.uhub.4.disable_enumeration > >> dev.uhub.4.disable_enumeration: Set to disable enumeration on this USB > >> HUB. > >> > >> usbconfig > >> ugen0.1: at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) > >> pwr=SAVE (0mA) > >> ugen1.1: at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) > >> pwr=SAVE (0mA) > >> ugen0.2: at usbus0, cfg=0 md=HOST spd=HIGH > >> (480Mbps) pwr=SAVE (0mA) > >> ugen1.2: at usbus1, cfg=0 md=HOST spd=HIGH > >> (480Mbps) pwr=SAVE (0mA) > >> ugen0.3: <1.3M WebCam XPA2535XY> at usbus0, cfg=255 md=HOST spd=HIGH > >> (480Mbps) pwr=OFF (500mA) > >> ugen1.3: at usbus1, cfg=0 > >> md=HOST spd=LOW (1.5Mbps) pwr=ON (100mA) > >> ugen1.4: at usbus1, cfg=0 md=HOST spd=HIGH > >> (480Mbps) pwr=SAVE (100mA) > >> > > > >> > >> Great ! Seems to work. > >> > >> (Though I need to read up on how major & minor of ugen relate to > >> the digit in eg 4.disable_enumeration) > >> > >> > >>>> which is also settable through /boot/loader.conf (tunable) > >> > >> Good, > >> I hope/presume loader.conf gets run before any USB, cos I recall > >> lecturer Karsten Nohl pointing out one could get BadUSB taking up > >> residence in USB controller chips inside a PC, ie for a built in > >> mouse or web cam, so one would need to turn off enumeration earlier > >> than when first external USB approaches to connect. > > > > Yes, if set by the loader.conf, you will only see the RootHUB after boot. > > > > To get devices back after enabling enumeration again, you will need to > > reset the HUBs: > > > > usbconfig -d X.1 reset > > > > For example. > > > > BTW: I've added some exceptions, that existing devices can be detached, > > suspend/resumed and reset while the enumeration is disabled. > > Can we somehow improve this change, to powering down the ports/hubs > which has the enumeration disabled? It's usefull to have the port remain powered up for when someone says "Can I charge my smart phone on your PC/ laptop ?" Cheers, Julian -- Julian Stacey, BSD Linux Unix C Sys Eng Consultant Munich http://berklix.com Indent previous with "> ". Interleave reply paragraphs like a play script. Send plain text, not quoted-printable, HTML, base64, or multipart/alternative. From owner-freebsd-usb@FreeBSD.ORG Thu Oct 9 14:30:12 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BEFABB18; Thu, 9 Oct 2014 14:30:12 +0000 (UTC) Received: from land.berklix.org (land.berklix.org [144.76.10.75]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4CAAA614; Thu, 9 Oct 2014 14:30:11 +0000 (UTC) Received: from mart.js.berklix.net (pD9FBE981.dip0.t-ipconnect.de [217.251.233.129]) (authenticated bits=128) by land.berklix.org (8.14.5/8.14.5) with ESMTP id s99ER6Dg005260; Thu, 9 Oct 2014 14:27:07 GMT (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by mart.js.berklix.net (8.14.3/8.14.3) with ESMTP id s99ETuqg001697; Thu, 9 Oct 2014 16:29:56 +0200 (CEST) (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.14.7/8.14.7) with ESMTP id s99ETQZ7090227; Thu, 9 Oct 2014 16:29:44 +0200 (CEST) (envelope-from jhs@berklix.com) Message-Id: <201410091429.s99ETQZ7090227@fire.js.berklix.net> To: Hans Petter Selasky Subject: Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell From: "Julian H. Stacey" Organization: http://berklix.com BSD Unix Linux Consultants, Munich Germany User-agent: EXMH on FreeBSD http://berklix.com/free/ X-URL: http://www.berklix.com In-reply-to: Your message "Thu, 09 Oct 2014 08:27:46 +0200." <54362AE2.90501@selasky.org> Date: Thu, 09 Oct 2014 16:29:26 +0200 Cc: freebsd-security@freebsd.org, Poul-Henning Kamp , freebsd-usb@freebsd.org X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Oct 2014 14:30:12 -0000 > BTW: I've added some exceptions, that existing devices can be detached, > suspend/resumed and reset while the enumeration is disabled. > > https://svnweb.freebsd.org/changeset/base/272807 > Can you also test that patch? OK, will do. (I've got a cold so I'm slow & making mistakes, sorry). I thought I had to first download & overlay those files to replace my (automatically CTM updated) current, (as I also replaced the last set manually, since backed out) It seems (from MD5s) your code is already in current. (& I can see diffs between eg revision=272733/sys/dev/usb/usb_hub.c revision=272807/sys/dev/usb/usb_hub.c ) & my current matches 272807 apart from a header line artifact of svn, I saw comment MFC & wrongly assumed Merge For Current in 2 weeks, I assume I was wrong & it's Merge From Current to stable in 2 weeks). So I've made & rebooted standard current & just need to test now. Cheers, Julian -- Julian Stacey, BSD Linux Unix C Sys Eng Consultant Munich http://berklix.com Indent previous with "> ". Interleave reply paragraphs like a play script. Send plain text, not quoted-printable, HTML, base64, or multipart/alternative. From owner-freebsd-usb@FreeBSD.ORG Thu Oct 9 14:44:24 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8DD28113; Thu, 9 Oct 2014 14:44:24 +0000 (UTC) Received: from mail.turbocat.net (mail.turbocat.net [IPv6:2a01:4f8:d16:4514::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 19D9784D; Thu, 9 Oct 2014 14:44:24 +0000 (UTC) Received: from laptop015.home.selasky.org (cm-176.74.213.204.customer.telag.net [176.74.213.204]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mail.turbocat.net (Postfix) with ESMTPSA id 9087A1FE022; Thu, 9 Oct 2014 16:44:21 +0200 (CEST) Message-ID: <54369F43.9010806@selasky.org> Date: Thu, 09 Oct 2014 16:44:19 +0200 From: Hans Petter Selasky User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0 MIME-Version: 1.0 To: Oliver Pinter Subject: Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell References: <201410082347.s98NkjW3025396@fire.js.berklix.net> <54362AE2.90501@selasky.org> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-security@freebsd.org, "Julian H. Stacey" , Poul-Henning Kamp , freebsd-usb@freebsd.org X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Oct 2014 14:44:24 -0000 On 10/09/14 15:59, Oliver Pinter wrote: > On 10/9/14, Hans Petter Selasky wrote: >> Hi Julian, >> >> On 10/09/14 01:46, Julian H. Stacey wrote: >>> Hi Hans etc >>> "Julian H. Stacey" wrote: >>>> Hans Petter Selasky wrote: >>>>> Hi, >>>>> >>>>> Can you test the following kernel patch and give some feedback: >>>>> >>>>> https://svnweb.freebsd.org/changeset/base/272733 >>> >>> I'm now on latest current with src & sys/ GENERIC >>> /usr/src/.ctm_status # src-cur 11645 >>> >>> This time I downloaded your files properly >>> (last time I was severely distracted & made a silly mistake) >>> >>>>> After the patch you will get something like: >>>>> hw.usb.disable_enumeration: 0 >>>>> dev.uhub.0.disable_enumeration: 0 >>>>> dev.uhub.1.disable_enumeration: 0 >>>>> ... >>> >>> sysctl -a | grep enumeration >>> hw.usb.disable_enumeration: 0 >>> dev.uhub.0.disable_enumeration: 0 >>> dev.uhub.1.disable_enumeration: 0 >>> dev.uhub.2.disable_enumeration: 0 >>> dev.uhub.3.disable_enumeration: 0 >>> dev.uhub.4.disable_enumeration: 0 >>> >>> sysctl -d hw.usb.disable_enumeration >>> hw.usb.disable_enumeration: Set to disable all USB device enumeration. >>> >>> sysctl -d dev.uhub.4.disable_enumeration >>> dev.uhub.4.disable_enumeration: Set to disable enumeration on this USB >>> HUB. >>> >>> usbconfig >>> ugen0.1: at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) >>> pwr=SAVE (0mA) >>> ugen1.1: at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) >>> pwr=SAVE (0mA) >>> ugen0.2: at usbus0, cfg=0 md=HOST spd=HIGH >>> (480Mbps) pwr=SAVE (0mA) >>> ugen1.2: at usbus1, cfg=0 md=HOST spd=HIGH >>> (480Mbps) pwr=SAVE (0mA) >>> ugen0.3: <1.3M WebCam XPA2535XY> at usbus0, cfg=255 md=HOST spd=HIGH >>> (480Mbps) pwr=OFF (500mA) >>> ugen1.3: at usbus1, cfg=0 >>> md=HOST spd=LOW (1.5Mbps) pwr=ON (100mA) >>> ugen1.4: at usbus1, cfg=0 md=HOST spd=HIGH >>> (480Mbps) pwr=SAVE (100mA) >>> >> >>> >>> Great ! Seems to work. >>> >>> (Though I need to read up on how major & minor of ugen relate to >>> the digit in eg 4.disable_enumeration) >>> >>> >>>>> which is also settable through /boot/loader.conf (tunable) >>> >>> Good, >>> I hope/presume loader.conf gets run before any USB, cos I recall >>> lecturer Karsten Nohl pointing out one could get BadUSB taking up >>> residence in USB controller chips inside a PC, ie for a built in >>> mouse or web cam, so one would need to turn off enumeration earlier >>> than when first external USB approaches to connect. >> >> Yes, if set by the loader.conf, you will only see the RootHUB after boot. >> >> To get devices back after enabling enumeration again, you will need to >> reset the HUBs: >> >> usbconfig -d X.1 reset >> >> For example. >> >> BTW: I've added some exceptions, that existing devices can be detached, >> suspend/resumed and reset while the enumeration is disabled. > > Can we somehow improve this change, to powering down the ports/hubs > which has the enumeration disabled? > Hi, I've added this as an orthogonal feature. Please test and report back: hw.usb.disable_enumeration: 0 hw.usb.disable_port_power: 0 dev.uhub.0.disable_enumeration: 0 dev.uhub.0.disable_port_power: 0 https://svnweb.freebsd.org/changeset/base/272822 Thank you! --HPS From owner-freebsd-usb@FreeBSD.ORG Thu Oct 9 15:04:12 2014 Return-Path: Delivered-To: freebsd-usb@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D68A162F; Thu, 9 Oct 2014 15:04:12 +0000 (UTC) Received: from mail-wi0-x233.google.com (mail-wi0-x233.google.com [IPv6:2a00:1450:400c:c05::233]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 28482A9D; Thu, 9 Oct 2014 15:04:12 +0000 (UTC) Received: by mail-wi0-f179.google.com with SMTP id d1so2081203wiv.12 for ; Thu, 09 Oct 2014 08:04:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=ZdZRtaHEg3GKx6Kbr4BeSjQ8o7wSuOj9uEzJxPXGHPk=; b=AL9XkzX58dJqGk9lBuuMJWoRJQDvmlSIL90QiA6TykMH1Bd47JVbVUKOjQS2jFiVvp wwQ0qdB+96/EMqD9tah8R9YYzwmrRrUyLDm0FeLDPVZohgS/sE/7tWhhRTc4y30Qjy3x i/yLTA7/5Y8S5nRaOw9gqm+T0oL6G3pEQPLjK4X6RDwXioZTc+HEAhlKxFw+1nxjgX74 Td8bzSBAs1kZYW8Bs2/gY9fch08x49wOgpYpaSOk1YLybX2oKy7VnsFO8Vo4drDmnwrn HR9Du/HXFOLOI+h/Kajb/pyqRzFWH4XNhVLS2GUMK4U4qZWq6iVFyQNGzU2Wg08Rftlq m6yg== MIME-Version: 1.0 X-Received: by 10.194.93.193 with SMTP id cw1mr19295486wjb.50.1412867050443; Thu, 09 Oct 2014 08:04:10 -0700 (PDT) Received: by 10.27.214.7 with HTTP; Thu, 9 Oct 2014 08:04:10 -0700 (PDT) In-Reply-To: <54369F43.9010806@selasky.org> References: <201410082347.s98NkjW3025396@fire.js.berklix.net> <54362AE2.90501@selasky.org> <54369F43.9010806@selasky.org> Date: Thu, 9 Oct 2014 17:04:10 +0200 Message-ID: Subject: Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell From: Oliver Pinter To: Hans Petter Selasky Content-Type: text/plain; charset=ISO-8859-1 Cc: freebsd-security@freebsd.org, "Julian H. Stacey" , Poul-Henning Kamp , freebsd-usb@freebsd.org X-BeenThere: freebsd-usb@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: FreeBSD support for USB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Oct 2014 15:04:12 -0000 On 10/9/14, Hans Petter Selasky wrote: > On 10/09/14 15:59, Oliver Pinter wrote: >> On 10/9/14, Hans Petter Selasky wrote: >>> Hi Julian, >>> >>> On 10/09/14 01:46, Julian H. Stacey wrote: >>>> Hi Hans etc >>>> "Julian H. Stacey" wrote: >>>>> Hans Petter Selasky wrote: >>>>>> Hi, >>>>>> >>>>>> Can you test the following kernel patch and give some feedback: >>>>>> >>>>>> https://svnweb.freebsd.org/changeset/base/272733 >>>> >>>> I'm now on latest current with src & sys/ GENERIC >>>> /usr/src/.ctm_status # src-cur 11645 >>>> >>>> This time I downloaded your files properly >>>> (last time I was severely distracted & made a silly mistake) >>>> >>>>>> After the patch you will get something like: >>>>>> hw.usb.disable_enumeration: 0 >>>>>> dev.uhub.0.disable_enumeration: 0 >>>>>> dev.uhub.1.disable_enumeration: 0 >>>>>> ... >>>> >>>> sysctl -a | grep enumeration >>>> hw.usb.disable_enumeration: 0 >>>> dev.uhub.0.disable_enumeration: 0 >>>> dev.uhub.1.disable_enumeration: 0 >>>> dev.uhub.2.disable_enumeration: 0 >>>> dev.uhub.3.disable_enumeration: 0 >>>> dev.uhub.4.disable_enumeration: 0 >>>> >>>> sysctl -d hw.usb.disable_enumeration >>>> hw.usb.disable_enumeration: Set to disable all USB device >>>> enumeration. >>>> >>>> sysctl -d dev.uhub.4.disable_enumeration >>>> dev.uhub.4.disable_enumeration: Set to disable enumeration on this >>>> USB >>>> HUB. >>>> >>>> usbconfig >>>> ugen0.1: at usbus0, cfg=0 md=HOST spd=HIGH >>>> (480Mbps) >>>> pwr=SAVE (0mA) >>>> ugen1.1: at usbus1, cfg=0 md=HOST spd=HIGH >>>> (480Mbps) >>>> pwr=SAVE (0mA) >>>> ugen0.2: at usbus0, cfg=0 md=HOST >>>> spd=HIGH >>>> (480Mbps) pwr=SAVE (0mA) >>>> ugen1.2: at usbus1, cfg=0 md=HOST >>>> spd=HIGH >>>> (480Mbps) pwr=SAVE (0mA) >>>> ugen0.3: <1.3M WebCam XPA2535XY> at usbus0, cfg=255 md=HOST spd=HIGH >>>> (480Mbps) pwr=OFF (500mA) >>>> ugen1.3: at usbus1, >>>> cfg=0 >>>> md=HOST spd=LOW (1.5Mbps) pwr=ON (100mA) >>>> ugen1.4: at usbus1, cfg=0 md=HOST spd=HIGH >>>> (480Mbps) pwr=SAVE (100mA) >>>> >>> >>>> >>>> Great ! Seems to work. >>>> >>>> (Though I need to read up on how major & minor of ugen relate to >>>> the digit in eg 4.disable_enumeration) >>>> >>>> >>>>>> which is also settable through /boot/loader.conf (tunable) >>>> >>>> Good, >>>> I hope/presume loader.conf gets run before any USB, cos I recall >>>> lecturer Karsten Nohl pointing out one could get BadUSB taking up >>>> residence in USB controller chips inside a PC, ie for a built in >>>> mouse or web cam, so one would need to turn off enumeration earlier >>>> than when first external USB approaches to connect. >>> >>> Yes, if set by the loader.conf, you will only see the RootHUB after >>> boot. >>> >>> To get devices back after enabling enumeration again, you will need to >>> reset the HUBs: >>> >>> usbconfig -d X.1 reset >>> >>> For example. >>> >>> BTW: I've added some exceptions, that existing devices can be detached, >>> suspend/resumed and reset while the enumeration is disabled. >> >> Can we somehow improve this change, to powering down the ports/hubs >> which has the enumeration disabled? >> > > Hi, > > I've added this as an orthogonal feature. Please test and report back: > > hw.usb.disable_enumeration: 0 > hw.usb.disable_port_power: 0 > > dev.uhub.0.disable_enumeration: 0 > dev.uhub.0.disable_port_power: 0 > > https://svnweb.freebsd.org/changeset/base/272822 Cool! Thanks! I will test it shortly. > > Thank you! > > --HPS > >