Bug 1746361

Summary: ccid: Fix incorrect dwProtocol advertisement of T=0
Product: Red Hat Enterprise Linux 8 Reporter: Jakub Jelen <jjelen>
Component: qemu-kvmAssignee: Maxim Levitsky <mlevitsk>
qemu-kvm sub component: General QA Contact: Xueqiang Wei <xuwei>
Status: CLOSED ERRATA Docs Contact:
Severity: high    
Priority: high CC: jferlan, jinzhao, juzhang, knoel, mkalinin, mlevitsk, mrezanin, mtessun, ngu, philmd, rbalakri, toneata, virt-maint
Version: 8.0   
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: qemu-kvm-2.12.0-89.module+el8.2.0+4436+f3a2188d Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1721522 Environment:
Last Closed: 2020-04-28 15:32:15 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1615840    

Comment 11 Xueqiang Wei 2019-10-17 06:42:26 UTC 
According to https://bugzilla.redhat.com/show_bug.cgi?id=1721522#c14, reproduce it on qemu-kvm-2.12.0-88.module+el8.1.0+4233+bc44be3f

error message like: "dwProtocols         65536  (Invalid values detected)"


Retested on qemu-kvm-2.12.0-89.module+el8.2.0+4436+f3a2188d. Not hit this issue, so set status to VERIFIED.


Details:

Versions:
Host:
kernel-4.18.0-147.6.el8.x86_64
qemu-kvm-2.12.0-89.module+el8.2.0+4436+f3a2188d

Guest:
kernel-4.18.0-147.6.el8.x86_64


Test steps:

[1] To emulate a software smartcard, in the host, we need to generate 3 certificates which will be used for the "fake" smartcard.
# mkdir ~/.netscape
# certutil -N (use an empty password)
# certutil -x -t "CT,CT,CT" -S -s "CN=cert1" -n cert1
# certutil -x -t "CT,CT,CT" -S -s "CN=cert2" -n cert2
# certutil -x -t "CT,CT,CT" -S -s "CN=cert3" -n cert3

[2] list 3 certs created in setp1
# certutil -L

Certificate Nickname                                         Trust Attributes
                                                             SSL,S/MIME,JAR/XPI

cert1                                                        CTu,Cu,Cu
cert2                                                        CTu,Cu,Cu
cert3                                                        CTu,Cu,Cu

[3] On the host.
# yum groupinstall "smart card support"
# systemctl restart pcscd

[4] Start the guest with follow command
/usr/libexec/qemu-kvm \
-M pc \
-cpu SandyBridge \
-enable-kvm \
-m 4G \
-smp 4 \
-nodefaults \
-rtc base=utc,clock=host,driftfix=slew \
-drive file=/home/kvm_autotest_root/images/rhel820-64-virtio.qcow2,if=none,id=drive-virtio-0-0,media=disk,format=qcow2,cache=none \
-device virtio-blk-pci,drive=drive-virtio-0-0,id=virt0-0-0 \
-device virtio-net-pci,mac=00:9c:02:ad:36:1c,id=netdev1,vectors=4,netdev=net1 \
-netdev tap,id=net1,vhost=on \
-spice port=5930,disable-ticketing \
-chardev spicevmc,name=smartcard,id=ccid  \
-device usb-ccid,debug=1 \
-device ccid-card-passthru,chardev=ccid \
-usb \
-qmp tcp:0:4443,server,nowait \
-monitor stdio \
-vga qxl \
-boot menu=on \

[5] Start the remover with ccid parameter. 
# remote-viewer spice://localhost:5930 --spice-smartcard --spice-smartcard-db ~/.netscape/ --spice-smartcard-certificates cert1,cert2,cert3

[6] check the usb device inside the guest. 
# lsusb
Bus 001 Device 002: ID 08e6:4433 Gemalto (was Gemplus) GemPC433-Swap   <-- emulation ccid device
Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub

[7] check the dwProtocols in the lsusb. 
# lsusb -vvv -d 08e6:4433

Bus 001 Device 002: ID 08e6:4433 Gemalto (was Gemplus) GemPC433-Swap
Device Descriptor:
  bLength                18
  bDescriptorType         1
  bcdUSB               1.10
  bDeviceClass            0 
  bDeviceSubClass         0 
  bDeviceProtocol         0 
  bMaxPacketSize0        64
  idVendor           0x08e6 Gemalto (was Gemplus)
  idProduct          0x4433 GemPC433-Swap
  bcdDevice            0.00
  iManufacturer           1 QEMU
  iProduct                2 QEMU USB CCID
  iSerial                 3 1-0000:00:01.2-1
  bNumConfigurations      1
  Configuration Descriptor:
    bLength                 9
    bDescriptorType         2
    wTotalLength       0x005d
    bNumInterfaces          1
    bConfigurationValue     1
    iConfiguration          0 
    bmAttributes         0xe0
      Self Powered
      Remote Wakeup
    MaxPower              100mA
    Interface Descriptor:
      bLength                 9
      bDescriptorType         4
      bInterfaceNumber        0
      bAlternateSetting       0
      bNumEndpoints           3
      bInterfaceClass        11 Chip/SmartCard
      bInterfaceSubClass      0 
      bInterfaceProtocol      0 
      iInterface              4 CCID Interface
      ChipCard Interface Descriptor:
        bLength                54
        bDescriptorType        33
        bcdCCID              1.10  (Warning: Only accurate for version 1.0)
        nMaxSlotIndex           0
        bVoltageSupport         7  5.0V 3.0V 1.8V 
        dwProtocols             1  T=0                  <-------The dwProtocols has been fixed.
        dwDefaultClock       4000
        dwMaxiumumClock     65536
        bNumClockSupported      0
        dwDataRate           9600 bps
        dwMaxDataRate      115200 bps
        bNumDataRatesSupp.      0
        dwMaxIFSD             254
        dwSyncProtocols  00000000 
        dwMechanical     00000000 
        dwFeatures       000104FE
          Auto configuration based on ATR
          Auto activation on insert
          Auto voltage selection
          Auto clock change
          Auto baud rate change
          Auto parameter negotiation made by CCID
          Auto IFSD exchange
          TPDU level exchange
        dwMaxCCIDMsgLen     65554
        bClassGetResponse    echo
        bClassEnvelope       echo
        wlcdLayout           none
        bPINSupport             1  verification
        bMaxCCIDBusySlots       1
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x81  EP 1 IN
        bmAttributes            3
          Transfer Type            Interrupt
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0040  1x 64 bytes
        bInterval             255
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x82  EP 2 IN
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0040  1x 64 bytes
        bInterval               0
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x03  EP 3 OUT
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0040  1x 64 bytes
        bInterval               0
can't get debug descriptor: Resource temporarily unavailable
Device Status:     0x0001
  Self Powered
Comment 12 Ademar Reis 2020-02-05 23:04:12 UTC 
QEMU has been recently split into sub-components and as a one-time operation to avoid breakage of tools, we are setting the QEMU sub-component of this BZ to "General". Please review and change the sub-component if necessary the next time you review this BZ. Thanks
Comment 14 errata-xmlrpc 2020-04-28 15:32:15 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2020:1587