BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell

Julian H. Stacey jhs at berklix.com
Wed Oct 8 20:01:04 UTC 2014 

Hans Petter Selasky wrote:
> Hi,
> 
> Can you test the following kernel patch and give some feedback:
> 
> https://svnweb.freebsd.org/changeset/base/272733
> 
> After the patch you will get something like:
> 
> hw.usb.disable_enumeration: 0
> dev.uhub.0.disable_enumeration: 0
> dev.uhub.1.disable_enumeration: 0
> ...
> 
> which is also settable through /boot/loader.conf (tunable)

Thanks, Quick work !
I downloaded, but before use,
I ran a make world as my current was maybe a week or 2 old,
I made a new generic kernel with CTM src-cur.11644.gz ie (latest
CVS as supplied by CTM)
But src/ make all failed so I ran make world, which also failed:
	-------------------
	/usr/obj/usr/src/tmp/usr/include/dev/usb/usb.h:154:16: note: forward declaration
	      of 'struct usb_device_request'
	typedef struct usb_device_request usb_device_request_t;
	               ^
	19 errors generated.
	*** Error code 1
	
	Stop.
	make[4]: stopped in /usr/src/lib/libusbhid
	-------------------

In parallel to make world I applied your patches to make & that failed:
	--------
	/sys/amd64/compile/GENERIC 
	../../../dev/usb/usbdi.h:301:5: warning: 'USB_HAVE_COMPAT_LINUX' is not defined, evaluates to 0 [-Wundef]
	#if USB_HAVE_COMPAT_LINUX
	    ^
	2 warnings generated.
	mkdep: compile failed
	*** Error code 1
	
	Stop.
	make: stopped in /usr/src/sys/amd64/compile/GENERIC
	--------
But that may be because my system is pehaps a couple of weeks old or so.

The latest generic src/ kernel booted OK 
	FreeBSD lapr.js.berklix.net 11.0-CURRENT FreeBSD 11.0-CURRENT #1: Wed Oct  8 17:26:13 CEST 2014     jhs at lapr.js.berklix.net:/usr/src/sys/amd64/compile/GENERIC  amd64
	(though I noticed a named: lock order reversal that I will ignore)

When I can get src/ to build (I'm using make -k all now :-),
I'll go back to compiling GENERIC kernel with your changeset/base/272733

Cheers,
Julian
-- 
Julian Stacey, BSD Linux Unix C Sys Eng Consultant Munich http://berklix.com
 Indent previous with "> ".  Interleave reply paragraphs like a play script.
 Send plain text, not quoted-printable, HTML, base64, or multipart/alternative.

More information about the freebsd-security mailing list