Date: Thu, 09 Oct 2014 01:46:44 +0200 From: "Julian H. Stacey" <jhs@berklix.com> To: Hans Petter Selasky <hps@selasky.org>, freebsd-security@freebsd.org, Poul-Henning Kamp <phk@phk.freebsd.dk>, freebsd-usb@freebsd.org Subject: Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell Message-ID: <201410082347.s98NkjW3025396@fire.js.berklix.net> In-Reply-To: Your message "Wed, 08 Oct 2014 21:01:06 %2B0200." <201410081901.s98J160W019899@fire.js.berklix.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Hans etc "Julian H. Stacey" wrote: > Hans Petter Selasky wrote: > > Hi, > > > > Can you test the following kernel patch and give some feedback: > > > > https://svnweb.freebsd.org/changeset/base/272733 I'm now on latest current with src & sys/ GENERIC /usr/src/.ctm_status # src-cur 11645 This time I downloaded your files properly (last time I was severely distracted & made a silly mistake) > > After the patch you will get something like: > > hw.usb.disable_enumeration: 0 > > dev.uhub.0.disable_enumeration: 0 > > dev.uhub.1.disable_enumeration: 0 > > ... sysctl -a | grep enumeration hw.usb.disable_enumeration: 0 dev.uhub.0.disable_enumeration: 0 dev.uhub.1.disable_enumeration: 0 dev.uhub.2.disable_enumeration: 0 dev.uhub.3.disable_enumeration: 0 dev.uhub.4.disable_enumeration: 0 sysctl -d hw.usb.disable_enumeration hw.usb.disable_enumeration: Set to disable all USB device enumeration. sysctl -d dev.uhub.4.disable_enumeration dev.uhub.4.disable_enumeration: Set to disable enumeration on this USB HUB. usbconfig ugen0.1: <EHCI root HUB Intel> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) ugen1.1: <EHCI root HUB Intel> at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) ugen0.2: <product 0x0020 vendor 0x8087> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) ugen1.2: <product 0x0020 vendor 0x8087> at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) ugen0.3: <1.3M WebCam XPA2535XY> at usbus0, cfg=255 md=HOST spd=HIGH (480Mbps) pwr=OFF (500mA) ugen1.3: <Semi Tech PS2 Keyboard - PS2 Mouse Semi Tech> at usbus1, cfg=0 md=HOST spd=LOW (1.5Mbps) pwr=ON (100mA) ugen1.4: <USB2.0 Hub vendor 0x05e3> at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (100mA) Inserted a WLAN stick usbconfig ugen1.5: <802.11 n WLAN Ralink> at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=ON (450mA) ifconfig -a shows run0 & wlan0 Removed WLAN stick sysctl dev.uhub.4.disable_enumeration=1 Added WLAN stick ifconfig -a No run0 & wlan0 Added WLAN stick on different direct PC socket: ifconfig -a Shows run0 & wlan0 usbconfig ugen0.1: <EHCI root HUB Intel> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) ugen1.1: <EHCI root HUB Intel> at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) ugen0.2: <product 0x0020 vendor 0x8087> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) ugen1.2: <product 0x0020 vendor 0x8087> at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA) ugen0.3: <1.3M WebCam XPA2535XY> at usbus0, cfg=255 md=HOST spd=HIGH (480Mbps) pwr=OFF (500mA) ugen1.3: <Semi Tech PS2 Keyboard - PS2 Mouse Semi Tech> at usbus1, cfg=0 md=HOST spd=LOW (1.5Mbps) pwr=ON (100mA) ugen1.4: <USB2.0 Hub vendor 0x05e3> at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (100mA) ugen1.5: <802.11 n WLAN Ralink> at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=ON (450mA) Great ! Seems to work. (Though I need to read up on how major & minor of ugen relate to the digit in eg 4.disable_enumeration) > > which is also settable through /boot/loader.conf (tunable) Good, I hope/presume loader.conf gets run before any USB, cos I recall lecturer Karsten Nohl pointing out one could get BadUSB taking up residence in USB controller chips inside a PC, ie for a built in mouse or web cam, so one would need to turn off enumeration earlier than when first external USB approaches to connect. I've reported back on BBC news form: Ref. your 6 October 2014 Last updated at 15:29 GMT http://www.bbc.com/news/technology-29475566 The www.FreeBSD.org project (a Unix OS similar to Linux) took just 2 days to develop & test a free solution. http://lists.freebsd.org/pipermail/freebsd-usb/2014-October/013304.html Well done, Thanks Hans! Cheers, Julian -- Julian Stacey, BSD Linux Unix C Sys Eng Consultant Munich http://berklix.com Indent previous with "> ". Interleave reply paragraphs like a play script. Send plain text, not quoted-printable, HTML, base64, or multipart/alternative.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201410082347.s98NkjW3025396>