Differential D51610

Add u2f(4), a HID driver for FIDO/U2F security keys
AbandonedPublic
Actions

Authored by wulf on Jul 28 2025, 9:32 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Wed, Oct 29, 2:31 AM

	Unknown Object (File)
	Sun, Oct 26, 11:57 PM

	Unknown Object (File)
	Sun, Oct 26, 8:11 AM

	Unknown Object (File)
	Sat, Oct 11, 8:15 AM

	Unknown Object (File)
	Sat, Oct 11, 8:15 AM

	Unknown Object (File)
	Sat, Oct 11, 12:54 AM

	Unknown Object (File)
	Oct 2 2025, 8:18 PM

	Unknown Object (File)
	Oct 2 2025, 7:15 AM

View All 14 Files

Subscribers

Details

Reviewers

emaste
manu
andrew

Summary

While FIDO/U2F keys were already supported by the generic uhid(4) and
hidraw(4) drivers, this driver adds some additional features an does
steps to tighten the security of FIDO/U2F access.

It automatically loads through devd.
Automatically enables HQ_NO_READAHEAD for FIDO/U2F devices.
Implements only miminum set of features.
Do not requires external devfs configuration to set character device permissions.
Names character device as u2f/# to make possible capsicum or any other pledge()-style sandboxing.

PR: 265528
MFC after: 1 week

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Skipped

Unit

Tests Skipped

Build Status

Buildable 65821
Build 62704: arc lint + arc unit

Event Timeline

wulf created this revision.Jul 28 2025, 9:32 PM

Herald added a reviewer: andrew. · View Herald TranscriptJul 28 2025, 9:32 PM

Herald added a reviewer: andrew. · View Herald Transcript

Herald added subscribers: riscv, ziaee, jhibbits, imp. · View Herald Transcript

wulf requested review of this revision.Jul 28 2025, 9:32 PM

Harbormaster completed remote builds in B65821: Diff 159375.Jul 28 2025, 9:32 PM

Duplicate of D51612

Revision Contents
Changeset List

Path

Size

share/

man/

man4/

1 line

93 lines

sys/

amd64/

conf/

1 line

arm/

conf/

1 line

arm64/

conf/

1 line

conf/

2 lines

1 line

1 line

dev/

hid/

590 lines

i386/

conf/

1 line

modules/

hid/

1 line

u2f/

8 lines

powerpc/

conf/

1 line

1 line

riscv/

conf/

1 line

Diff 159375

share/man/man4/Makefile

Loading...

share/man/man4/u2f.4

Loading...

sys/amd64/conf/GENERIC

Loading...

sys/arm/conf/GENERIC

Loading...

sys/arm64/conf/std.dev

Loading...

sys/conf/NOTES

Loading...

sys/conf/files

Loading...

sys/conf/options

Loading...

sys/dev/hid/u2f.c

Loading...

sys/i386/conf/GENERIC

Loading...

sys/modules/hid/Makefile

Loading...

sys/modules/hid/u2f/Makefile

Loading...

sys/powerpc/conf/GENERIC64

Loading...

sys/powerpc/conf/GENERIC64LE

Loading...

sys/riscv/conf/GENERIC

Loading...