BadUSB - On Accessories that Turn Evil, by Karsten Nohl + Jakob Lell
Julian H. Stacey
jhs at berklix.com
Wed Oct 8 20:01:04 UTC 2014
Hans Petter Selasky wrote:
> Hi,
>
> Can you test the following kernel patch and give some feedback:
>
> https://svnweb.freebsd.org/changeset/base/272733
>
> After the patch you will get something like:
>
> hw.usb.disable_enumeration: 0
> dev.uhub.0.disable_enumeration: 0
> dev.uhub.1.disable_enumeration: 0
> ...
>
> which is also settable through /boot/loader.conf (tunable)
Thanks, Quick work !
I downloaded, but before use,
I ran a make world as my current was maybe a week or 2 old,
I made a new generic kernel with CTM src-cur.11644.gz ie (latest
CVS as supplied by CTM)
But src/ make all failed so I ran make world, which also failed:
-------------------
/usr/obj/usr/src/tmp/usr/include/dev/usb/usb.h:154:16: note: forward declaration
of 'struct usb_device_request'
typedef struct usb_device_request usb_device_request_t;
^
19 errors generated.
*** Error code 1
Stop.
make[4]: stopped in /usr/src/lib/libusbhid
-------------------
In parallel to make world I applied your patches to make & that failed:
--------
/sys/amd64/compile/GENERIC
../../../dev/usb/usbdi.h:301:5: warning: 'USB_HAVE_COMPAT_LINUX' is not defined, evaluates to 0 [-Wundef]
#if USB_HAVE_COMPAT_LINUX
^
2 warnings generated.
mkdep: compile failed
*** Error code 1
Stop.
make: stopped in /usr/src/sys/amd64/compile/GENERIC
--------
But that may be because my system is pehaps a couple of weeks old or so.
The latest generic src/ kernel booted OK
FreeBSD lapr.js.berklix.net 11.0-CURRENT FreeBSD 11.0-CURRENT #1: Wed Oct 8 17:26:13 CEST 2014 jhs at lapr.js.berklix.net:/usr/src/sys/amd64/compile/GENERIC amd64
(though I noticed a named: lock order reversal that I will ignore)
When I can get src/ to build (I'm using make -k all now :-),
I'll go back to compiling GENERIC kernel with your changeset/base/272733
Cheers,
Julian
--
Julian Stacey, BSD Linux Unix C Sys Eng Consultant Munich http://berklix.com
Indent previous with "> ". Interleave reply paragraphs like a play script.
Send plain text, not quoted-printable, HTML, base64, or multipart/alternative.
More information about the freebsd-security
mailing list