Bug 1721522
Summary: | ccid: Fix incorrect dwProtocol advertisement of T=0 | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Jakub Jelen <jjelen> | |
Component: | qemu-kvm-rhev | Assignee: | Maxim Levitsky <mlevitsk> | |
Status: | CLOSED ERRATA | QA Contact: | Xueqiang Wei <xuwei> | |
Severity: | high | Docs Contact: | ||
Priority: | high | |||
Version: | 7.7 | CC: | jinzhao, juzhang, mkalinin, mrezanin, mtessun, ngu, philmd, toneata, virt-maint, xuwei | |
Target Milestone: | rc | Keywords: | ZStream | |
Target Release: | --- | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | qemu-kvm-rhev-2.12.0-35.el7 | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 1729880 1746361 (view as bug list) | Environment: | ||
Last Closed: | 2020-03-31 14:34:48 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 917867, 1729880 |
Description
Jakub Jelen
2019-06-18 13:23:29 UTC
Hi all: According Bug 1729880#c12, we can use the same method to verify this Bug. The reproduce version had been tested. Now we can try the fix version. fixed version: 3.10.0-1062.1.1.el7.x86_64 qemu-kvm-rhev-2.12.0-35.el7.x86_64 Test steps: [1] To emulate a software smartcard, in the host, we need to generate 3 certificates which will be used for the "fake" smartcard. # mkdir ~/.netscape # certutil -N (use an empty password) # certutil -x -t "CT,CT,CT" -S -s "CN=cert1" -n cert1 # certutil -x -t "CT,CT,CT" -S -s "CN=cert2" -n cert2 # certutil -x -t "CT,CT,CT" -S -s "CN=cert3" -n cert3 [2] list 3 certs created in setp1 # certutil -L Certificate Nickname Trust Attributes SSL,S/MIME,JAR/XPI cert1 CTu,Cu,Cu cert2 CTu,Cu,Cu cert3 CTu,Cu,Cu [3] On the host. # yum groupinstall "smart card support" # systemctl restart pcscd [4] Start the guest with follow command -spice port=5930,disable-ticketing \ -chardev spicevmc,name=smartcard,id=ccid \ -device usb-ccid,debug=1 \ <---enable debug for qemu -device ccid-card-passthru,chardev=ccid \ <---passthru smart card in the host -usb \ [5] Start the remover with ccid parameter. # remote-viewer spice://localhost:5930 --spice-smartcard --spice-smartcard-db ~/.netscape/ --spice-smartcard-certificates cert1,cert2,cert3 [6] check the usb device inside the guest. # lsusb Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 002 Device 002: ID 08e6:4433 Gemalto (was Gemplus) GemPC433-Swap <-- emulation ccid device Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub [7] check the dwProtocols in the lsusb. # lsusb -vvv -d 08e6:4433 Bus 002 Device 002: ID 08e6:4433 Gemalto (was Gemplus) GemPC433-Swap Device Descriptor: bLength 18 bDescriptorType 1 bcdUSB 1.10 bDeviceClass 0 bDeviceSubClass 0 bDeviceProtocol 0 bMaxPacketSize0 64 idVendor 0x08e6 Gemalto (was Gemplus) idProduct 0x4433 GemPC433-Swap bcdDevice 0.00 iManufacturer 1 QEMU iProduct 2 QEMU USB CCID iSerial 3 1-0000:00:1d.7-1 bNumConfigurations 1 Configuration Descriptor: bLength 9 bDescriptorType 2 wTotalLength 0x005d bNumInterfaces 1 bConfigurationValue 1 iConfiguration 0 bmAttributes 0xe0 Self Powered Remote Wakeup MaxPower 100mA Interface Descriptor: bLength 9 bDescriptorType 4 bInterfaceNumber 0 bAlternateSetting 0 bNumEndpoints 3 bInterfaceClass 11 Chip/SmartCard bInterfaceSubClass 0 bInterfaceProtocol 0 iInterface 4 CCID Interface ChipCard Interface Descriptor: bLength 54 bDescriptorType 33 bcdCCID 1.10 (Warning: Only accurate for version 1.0) nMaxSlotIndex 0 bVoltageSupport 7 5.0V 3.0V 1.8V dwProtocols 1 T=0 <-------The dwProtocols has been fixed. dwDefaultClock 4000 dwMaxiumumClock 65536 bNumClockSupported 0 dwDataRate 9600 bps dwMaxDataRate 115200 bps bNumDataRatesSupp. 0 dwMaxIFSD 254 dwSyncProtocols 00000000 dwMechanical 00000000 dwFeatures 000104FE Auto configuration based on ATR Auto activation on insert Auto voltage selection Auto clock change Auto baud rate change Auto parameter negotiation made by CCID Auto IFSD exchange TPDU level exchange dwMaxCCIDMsgLen 65554 bClassGetResponse echo bClassEnvelope echo wlcdLayout none bPINSupport 1 verification bMaxCCIDBusySlots 1 Endpoint Descriptor: bLength 7 bDescriptorType 5 bEndpointAddress 0x81 EP 1 IN bmAttributes 3 Transfer Type Interrupt Synch Type None Usage Type Data wMaxPacketSize 0x0040 1x 64 bytes bInterval 255 Endpoint Descriptor: bLength 7 bDescriptorType 5 bEndpointAddress 0x82 EP 2 IN bmAttributes 2 Transfer Type Bulk Synch Type None Usage Type Data wMaxPacketSize 0x0040 1x 64 bytes bInterval 0 Endpoint Descriptor: bLength 7 bDescriptorType 5 bEndpointAddress 0x03 EP 3 OUT bmAttributes 2 Transfer Type Bulk Synch Type None Usage Type Data wMaxPacketSize 0x0040 1x 64 bytes bInterval 0 can't get debug descriptor: Resource temporarily unavailable Device Status: 0x0001 Self Powered Thus, mark this Bug as verify. If any question, just free for let me know. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:1216 |