search

linuxboot / heads

A minimal Linux that runs as a coreboot or LinuxBoot ROM payload to provide a secure, flexible boot environment for laptops, workstations and servers.
https://osresearch.net/
GNU General Public License v2.0
1.42k stars 186 forks source link

Put `CONFIG_SUPPORT_USB_KEYBOARD=y` in all board configs #1780

Open tlaurion opened 1 month ago

tlaurion commented 1 month ago

CONFIG_SUPPORT_USB_KEYBOARD=y allows the user to enable USB keyboard support in config. It's off by default. I provide this for Librems due to popular demand.

You're thinking of CONFIG_USB_KEYBOARD_REQUIRED=y which means the device only has USB keyboards.

I'm not familiar with this hardware, but typically the internal keyboard is a PS/2 keyboard (well, really provided by the EC as an 8042 interface, no actual PS/2 port or signaling, but I digress). So I think you have this right @loftlifter31

_Originally posted by @JonathonHall-Purism in https://github.com/linuxboot/heads/pull/1774#discussion_r1745617700_

tlaurion commented 1 month ago

This has convenience VS security implications.

@marmarek is that what you would request for platforms having ps2 keyboards but where usb is needed for testing?

Remember rubber ducky with usb+hid support. Thoughts welcome

marmarek commented 1 month ago

Right, but since it's disabled by default, an USB keyboard can't enable itself on its own. And also the option is placed in the menu deep enough that IMO it can't be switched unknowingly.

tlaurion commented 1 month ago

Alright so plan is.

@marmarek @JonathonHall-Purism good enough as a plan?

JonathonHall-Purism commented 1 month ago 
* Make sure that usb keyboard only boards are enforcing usb required in board configs

This should already be the case, but never hurts to double check :crossed_fingers: 

* have all ps2 boards enable usb keyboard optional to be setup by ps2 keyboard if needed

Agree. I would do this by removing the CONFIG_SUPPORT_USB_KEYBOARD, since all boards will support it now, there's no need for the config any more. Just update config-gui.sh and modules/linux by removing the tests and keeping the logic that used to apply when it was 'y'.

* make sure config menu warns user of security implication, telling ps2 better for security vs convenience.

Yeah we have that:

if (whiptail --title 'Enable USB Keyboard?' \
--yesno "USB keyboards will be usable in $CONFIG_BRAND_NAME.
\n\nEnabling USB keyboards could allow a compromised USB device to control
\n$CONFIG_BRAND_NAME.
\n\nDo you want to proceed?" 0 80) then

I think that's clear and concise. It could allow a compromised USB device to control Heads.

marmarek commented 1 month ago

I just tried t430-hotp-maximized with added CONFIG_SUPPORT_USB_KEYBOARD=y, and it worked as expected:

  1. Initially USB keyboard was not enabled
  2. There is a menu option to enable it, that gives the above warning.
  3. After enabling, USB keyboard works.
tlaurion commented 3 days ago

Should be part of #1821, assigned myself