Skip to content

WIP: linux: add a 2 second read timeout for USB HID#360

Draft
micolous wants to merge 1 commit into
mozilla:ctap2-2021from
micolous:ctap2/1958831-linux-hid-timeout
Draft

WIP: linux: add a 2 second read timeout for USB HID#360
micolous wants to merge 1 commit into
mozilla:ctap2-2021from
micolous:ctap2/1958831-linux-hid-timeout

Conversation

@micolous

@micolous micolous commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Work in progress, do not merge yet!

Adds a 2 second read() timeout for USB HID on Linux.

Background

A bunch of projects exist that extend authenticator-rs' transport support by using uhid (and similar) to simulate a USB HID authenticator.

Unfortunately, some of these transports are less reliable than USB, and simulated devices may not even send CTAPHID_KEEPALIVE as frequently as suggested by the spec (100 ms). A misbehaving device can cause an application using this library to hang, potentially indefinitely.

I've written a tester for Linux which looks like a USB HID authenticator but never responds sends any replies, which causes authenticator_rs and (current) Firefox to hang: https://github.com/micolous/webauthn-toys/tree/main/fido_tarpit

This applies a 2 second timeout on all USB HID reads on Linux. Authenticators can still respond with CTAPHID_KEEPALIVE before this timeout, and get extra time. Applications can still pass a keep_alive parameter to impose further deadlines.

Potentially fixes https://bugzilla.mozilla.org/show_bug.cgi?id=1958831

TODO (for me)

I suspect an authenticator could stall indefinitely by sending CTAPHID_KEEPALIVE in response to CTAPHID_INIT. To test this, I'm planning to add a flag to fido_tarpit that responds to any command with CTAPHID_KEEPALIVE.

Then I'll look at only allowing CTAPHID_KEEPALIVE for CTAPHID_CBOR and CTAPHID_MSG (per spec), and test this against some authenticators in my collection.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant