NetBSD Problem Report #53599
From gson@gson.org Wed Sep 12 13:00:57 2018
Return-Path: <gson@gson.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id AEA4C7A186
for <gnats-bugs@gnats.NetBSD.org>; Wed, 12 Sep 2018 13:00:57 +0000 (UTC)
Message-Id: <20180912130050.8B70E989770@guava.gson.org>
Date: Wed, 12 Sep 2018 16:00:50 +0300 (EEST)
From: gson@gson.org (Andreas Gustafsson)
Reply-To: gson@gson.org (Andreas Gustafsson)
To: gnats-bugs@NetBSD.org
Subject: Can't enter ddb using USB keyboard because console
X-Send-Pr-Version: 3.95
>Number: 53599
>Category: kern
>Synopsis: Can't enter ddb using USB keyboard because console
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed Sep 12 13:05:00 +0000 2018
>Last-Modified: Wed Sep 12 20:25:00 +0000 2018
>Originator: Andreas Gustafsson
>Release: NetBSD 8.0
>Organization:
>Environment:
System: NetBSD
Architecture: x86_64
Machine: amd64
>Description:
When I plug a USB keyboard into a USB port on a HP DL360 G7 running a
GENERIC kernel from the NetBSD/amd64 8.0 release and hit ctrl-alt-esc,
nothing happens.
Apparently this is because the call to console_debugger() in wskbd.c
is inside "if (sc->sc_isconsole)", and sc_isconsole is false. The
dmesg says:
pckbd0 at pckbc1 (kbd slot)
pckbc1: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard
[...]
uhidev0 at uhub0 port 1 configuration 1 interface 0
uhidev0: HP (0x3f0) Virtual Keyboard (0x7029), rev 1.10/0.02, addr 2, iclass 3/1
ukbd0 at uhidev0
wskbd1 at ukbd0 mux 1
wskbd1: connecting to wsdisplay0
[...]
uhidev2 at uhub3 port 1 configuration 1 interface 0
uhidev2: Hewlett-Packard Company (0x3f0) HP USB Smart Card Keyboard (0x1024), rev 2.00/5.35, addr 2, iclass 3/1
ukbd1 at uhidev2
wskbd2 at ukbd1 mux 1
wskbd2: connecting to wsdisplay0
The machine does not have a PS/2 keyboard connector. The keyboard I
plugged in and tried to enter ddb from is the one attached as wskbd2.
I realize that there is a tradeoff between security and debuggability
here, but at least there should be a simple and documented way to
configure the system to allow ddb to be entered from any USB keyboard
without having to build a custom kernel. If there already is one,
please enlighten me...
>How-To-Repeat:
>Fix:
>Audit-Trail:
From: Martin Husemann <martin@duskware.de>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: kern/53599: Can't enter ddb using USB keyboard because console
Date: Wed, 12 Sep 2018 15:08:57 +0200
Try
userconf=disable pcbkc*
in your /boot.cfg.
Martin
From: Andreas Gustafsson <gson@gson.org>
To: Martin Husemann <martin@duskware.de>
Cc: gnats-bugs@NetBSD.org
Subject: Re: kern/53599: Can't enter ddb using USB keyboard because console
Date: Wed, 12 Sep 2018 17:41:15 +0300
Martin Husemann wrote:
> Try
> userconf=disable pcbkc*
>
> in your /boot.cfg.
I think you mean pckbc*, not pcbkc*.
But that doesn't work, either: with "userconf=disable pckbc*" in
boot.cfg, the dmesg shows
[130] pckbc* disabled
but pckbc0 attaches anyway:
pckbc0 at isa0 port 0x60-0x64
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
If I add the two lines
userconf=disable pckbc0
userconf=disable pckbc*
no pckbc attaches, but I still get the "HP Virtual Keyboard" as
wskbd0:
uhidev0 at uhub0 port 1 configuration 1 interface 0
uhidev0: HP (0x3f0) Virtual Keyboard (0x7029), rev 1.10/0.02, addr 2, iclass 3/1
ukbd0 at uhidev0
wskbd0 at ukbd0 mux 1
wskbd0: connecting to wsdisplay0
uhidev1 at uhub0 port 1 configuration 1 interface 1
uhidev1: HP (0x3f0) Virtual Keyboard (0x7029), rev 1.10/0.02, addr 2, iclass 3/1
ums0 at uhidev1: 3 buttons
wsmouse0 at ums0 mux 0
uhidev2 at uhub3 port 1 configuration 1 interface 0
uhidev2: Hewlett-Packard Company (0x3f0) HP USB Smart Card Keyboard (0x1024), rev 2.00/5.35, addr 2, iclass 3/1
ukbd1 at uhidev2
wskbd1 at ukbd1 mux 1
wskbd1: connecting to wsdisplay0
Unsurprisingly, ctrl-alt-esc one the one physical keyboards still
doesn't work. But what I find most confusing is that now *none* of
the keyboards is marked as "console keyboard" in the dmesg.
--
Andreas Gustafsson, gson@gson.org
From: matthew green <mrg@eterna.com.au>
To: gnats-bugs@NetBSD.org
Cc: kern-bug-people@netbsd.org, gnats-admin@netbsd.org,
netbsd-bugs@netbsd.org, gson@gson.org (Andreas Gustafsson)
Subject: re: kern/53599: Can't enter ddb using USB keyboard because console
Date: Thu, 13 Sep 2018 06:20:02 +1000
> Martin Husemann wrote:
> > Try
> > userconf=disable pcbkc*
> >
> > in your /boot.cfg.
>
> I think you mean pckbc*, not pcbkc*.
>
> But that doesn't work, either: with "userconf=disable pckbc*" in
> boot.cfg, the dmesg shows
>
> [130] pckbc* disabled
>
> but pckbc0 attaches anyway:
>
> pckbc0 at isa0 port 0x60-0x64
> pckbd0 at pckbc0 (kbd slot)
> pckbc0: using irq 1 for kbd slot
> wskbd0 at pckbd0: console keyboard, using wsdisplay0
>
> If I add the two lines
>
> userconf=disable pckbc0
> userconf=disable pckbc*
>
> no pckbc attaches, but I still get the "HP Virtual Keyboard" as
> wskbd0:
yes - the "pckbc*" is a literal match here. it matches the
configuration "pckbc*", which itself is able to attach to
any instance, but it doesn't stop the literal pckbc0 at isa
that is in GENERIC. so, this is entirely "as designed".
the base problem - i wonder if we can have a wsconcstl or
wsconscfg based method (ioctl) to enable console/ddb. then
we can at least have a simple method to enable this while
not actually affecting security.
.mrg.
(Contact us)
$NetBSD: query-full-pr,v 1.43 2018/01/16 07:36:43 maya Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2017
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.
Home