Is it possible to disable both USB 3.0 and USB 2.0 support, while keeping USB 1.0/1.1 support, on my 2012 Mac Mini, under OS X 10.13 High Sierra? Perhaps by removing certain kernel drivers while leaving others in-place?
I need only USB 1.0/1.1 support to allow a simple USB keyboard + mouse to be connected.
I am concerned about physical hardware-based DMA attacks on my Mac Mini with USB 3.0 ports. (Because USB 3.0 can be used as an avenue for direct access to the Mac's internal PCIe bus.)
(I will be disabling or physically removing all other interfaces on the device, i.e. epoxying the Lightning and Firewire connectors so they are unusable, epoxying the Mac Mini's case shut so it becomes tamper-evident, removing the 802.11 wifi and Bluetooth boards, etc. I just need a dumb USB 1.0/1.1 port for keyboard, and an Ethernet RJ45 port.)
Best Answer
All Intel-based USB host controllers use hardware-based DMA engine to execute linked list of TD (transaction descriptors) from main memory. This is/was true for all three of them, UHCI, EHCI, and latest xHCI. More, in recent Intel platforms the UHCI (which did handle full-speed and low-speed) is now abandoned.
In intermediate USB architectures (Sandy Bridge, Ivy Bridge, series 7 chipsets) the only remaining controllers were EHCI and xHCI, which is still an eclectic mix. Funny, it looks like the FS/LS modes are handled via xHCI (USB3) controller if the EHCI controller determines that the attached device is LS or FS, and mark port ownership to "companion controller".
In recent USB architectures there is only one, xHCI type of controllers, which handles all modes (SS, HS, FS, and LS) uniformly via the same DMA access method.
So this is highly unlikely that you can avoid using xHCI USB 3.0 controller if you still want your USB keyboard and mouse.
You can try to use a regular HS hub to connect your keyboard and mouse. In this case the traffic will be controlled via EHCI HS controller (if this is C216 chipset), and xHCI can be disabled, if EHCI makes you feel more secure.