Date: Wed, 08 Oct 2014 21:01:06 +0200 From: "Julian H. Stacey" <jhs@berklix.com> To: Hans Petter Selasky <hps@selasky.org> Cc: freebsd-security@freebsd.org, Poul-Henning Kamp <phk@phk.freebsd.dk>, freebsd-usb@freebsd.org Subject: Re: BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell Message-ID: <201410081901.s98J160W019899@fire.js.berklix.net> In-Reply-To: Your message "Wed, 08 Oct 2014 09:03:31 %2B0200." <5434E1C3.9090605@selasky.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hans Petter Selasky wrote: > Hi, > > Can you test the following kernel patch and give some feedback: > > https://svnweb.freebsd.org/changeset/base/272733 > > After the patch you will get something like: > > hw.usb.disable_enumeration: 0 > dev.uhub.0.disable_enumeration: 0 > dev.uhub.1.disable_enumeration: 0 > ... > > which is also settable through /boot/loader.conf (tunable) Thanks, Quick work ! I downloaded, but before use, I ran a make world as my current was maybe a week or 2 old, I made a new generic kernel with CTM src-cur.11644.gz ie (latest CVS as supplied by CTM) But src/ make all failed so I ran make world, which also failed: ------------------- /usr/obj/usr/src/tmp/usr/include/dev/usb/usb.h:154:16: note: forward declaration of 'struct usb_device_request' typedef struct usb_device_request usb_device_request_t; ^ 19 errors generated. *** Error code 1 Stop. make[4]: stopped in /usr/src/lib/libusbhid ------------------- In parallel to make world I applied your patches to make & that failed: -------- /sys/amd64/compile/GENERIC ../../../dev/usb/usbdi.h:301:5: warning: 'USB_HAVE_COMPAT_LINUX' is not defined, evaluates to 0 [-Wundef] #if USB_HAVE_COMPAT_LINUX ^ 2 warnings generated. mkdep: compile failed *** Error code 1 Stop. make: stopped in /usr/src/sys/amd64/compile/GENERIC -------- But that may be because my system is pehaps a couple of weeks old or so. The latest generic src/ kernel booted OK FreeBSD lapr.js.berklix.net 11.0-CURRENT FreeBSD 11.0-CURRENT #1: Wed Oct 8 17:26:13 CEST 2014 jhs@lapr.js.berklix.net:/usr/src/sys/amd64/compile/GENERIC amd64 (though I noticed a named: lock order reversal that I will ignore) When I can get src/ to build (I'm using make -k all now :-), I'll go back to compiling GENERIC kernel with your changeset/base/272733 Cheers, Julian -- Julian Stacey, BSD Linux Unix C Sys Eng Consultant Munich http://berklix.com Indent previous with "> ". Interleave reply paragraphs like a play script. Send plain text, not quoted-printable, HTML, base64, or multipart/alternative.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201410081901.s98J160W019899>