Bug 1729880
| Summary: | ccid: Fix incorrect dwProtocol advertisement of T=0 [rhel-7.7.z] | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | RAD team bot copy to z-stream <autobot-eus-copy> |
| Component: | qemu-kvm-rhev | Assignee: | Maxim Levitsky <mlevitsk> |
| Status: | CLOSED ERRATA | QA Contact: | Virtualization Bugs <virt-bugs> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 7.7 | CC: | coli, jinzhao, jjelen, juzhang, kraxel, mkalinin, mlevitsk, mrezanin, mtessun, ngu, philmd, toneata, virt-maint |
| Target Milestone: | rc | Keywords: | ZStream |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | qemu-kvm-rhev-2.12.0-33.el7_7.1 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | 1721522 | Environment: | |
| Last Closed: | 2019-10-22 15:24:05 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1721522 | ||
| Bug Blocks: | |||
|
Description
RAD team bot copy to z-stream
2019-07-15 08:23:49 UTC
Hi all:
Now, we can verify this Bug. Basically check that dwProtocols field in lsusb output doesn't complain about invalid values on Linux, which can verify this Bug. Thus, we can reproduce this Bug first.
Reproduced version:
kernel:3.10.0-1062.1.1.el7.x86_64
qemu-kvm-rhev-2.12.0-33.el7.x86_64
Test steps:
[1] To emulate a software smartcard, in the host, we need to generate 3 certificates which will be used for the "fake" smartcard.
# mkdir ~/.netscape
# certutil -N (use an empty password)
# certutil -x -t "CT,CT,CT" -S -s "CN=cert1" -n cert1
# certutil -x -t "CT,CT,CT" -S -s "CN=cert2" -n cert2
# certutil -x -t "CT,CT,CT" -S -s "CN=cert3" -n cert3
[2] list 3 certs created in setp1
# certutil -L
Certificate Nickname Trust Attributes
SSL,S/MIME,JAR/XPI
cert1 CTu,Cu,Cu
cert2 CTu,Cu,Cu
cert3 CTu,Cu,Cu
[3] On the host.
# yum groupinstall "smart card support"
# systemctl restart pcscd
[4] Start the guest with follow command
-spice port=5930,disable-ticketing \
-chardev spicevmc,name=smartcard,id=ccid \
-device usb-ccid,debug=1 \ <---enable debug for qemu
-device ccid-card-passthru,chardev=ccid \ <---passthru smart card in the host
-usb \
[5] Start the remover with ccid parameter.
# remote-viewer spice://localhost:5930 --spice-smartcard --spice-smartcard-db ~/.netscape/ --spice-smartcard-certificates cert1,cert2,cert3
[6] check the usb device inside the guest.
# lsusb
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 002 Device 002: ID 08e6:4433 Gemalto (was Gemplus) GemPC433-Swap <-- emulation ccid device
Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
[7] check the dwProtocols in the lsusb.
# lsusb -vvv -d 08e6:4433
Bus 002 Device 002: ID 08e6:4433 Gemalto (was Gemplus) GemPC433-Swap
Device Descriptor:
bLength 18
bDescriptorType 1
bcdUSB 1.10
bDeviceClass 0
bDeviceSubClass 0
bDeviceProtocol 0
bMaxPacketSize0 64
idVendor 0x08e6 Gemalto (was Gemplus)
idProduct 0x4433 GemPC433-Swap
bcdDevice 0.00
iManufacturer 1 QEMU
iProduct 2 QEMU USB CCID
iSerial 3 1-0000:00:1d.7-1
bNumConfigurations 1
Configuration Descriptor:
bLength 9
bDescriptorType 2
wTotalLength 0x005d
bNumInterfaces 1
bConfigurationValue 1
iConfiguration 0
bmAttributes 0xe0
Self Powered
Remote Wakeup
MaxPower 100mA
Interface Descriptor:
bLength 9
bDescriptorType 4
bInterfaceNumber 0
bAlternateSetting 0
bNumEndpoints 3
bInterfaceClass 11 Chip/SmartCard
bInterfaceSubClass 0
bInterfaceProtocol 0
iInterface 4 CCID Interface
ChipCard Interface Descriptor:
bLength 54
bDescriptorType 33
bcdCCID 1.10 (Warning: Only accurate for version 1.0)
nMaxSlotIndex 0
bVoltageSupport 7 5.0V 3.0V 1.8V
**dwProtocols** 65536 (Invalid values detected) <--- Bug reproduced.
dwDefaultClock 4000
dwMaxiumumClock 65536
bNumClockSupported 0
dwDataRate 9600 bps
dwMaxDataRate 115200 bps
bNumDataRatesSupp. 0
dwMaxIFSD 254
dwSyncProtocols 00000000
dwMechanical 00000000
dwFeatures 000104FE
Auto configuration based on ATR
Auto activation on insert
Auto voltage selection
Auto clock change
Auto baud rate change
Auto parameter negotiation made by CCID
Auto IFSD exchange
TPDU level exchange
dwMaxCCIDMsgLen 65554
bClassGetResponse echo
bClassEnvelope echo
wlcdLayout none
bPINSupport 1 verification
bMaxCCIDBusySlots 1
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x81 EP 1 IN
bmAttributes 3
Transfer Type Interrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x0040 1x 64 bytes
bInterval 255
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x82 EP 2 IN
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x0040 1x 64 bytes
bInterval 0
Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x03 EP 3 OUT
bmAttributes 2
Transfer Type Bulk
Synch Type None
Usage Type Data
wMaxPacketSize 0x0040 1x 64 bytes
bInterval 0
can't get debug descriptor: Resource temporarily unavailable
Device Status: 0x0001
Self Powered
Now change to the fixed version to verify this Bug.
qemu-kvm-rhev-2.12.0-33.el7_7.4.x86_64
repeat the above steps and check the dwProtocols output.
# lsusb -vvv -d 08e6:4433
... ...
dwProtocols 1 T=0
... ...
Thus, we can mark this Bug as verified. If any one have question, just free for contact me.
Thanks.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2019:3179 |