Bug 1721522 - ccid: Fix incorrect dwProtocol advertisement of T=0
Summary: ccid: Fix incorrect dwProtocol advertisement of T=0
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: qemu-kvm-rhev
Version: 7.7
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: rc
: ---
Assignee: Maxim Levitsky
QA Contact: Xueqiang Wei
URL:
Whiteboard:
Depends On:
Blocks: 917867 1729880
TreeView+ depends on / blocked
 
Reported: 2019-06-18 13:23 UTC by Jakub Jelen
Modified: 2020-03-31 14:37 UTC (History)
10 users (show)

Fixed In Version: qemu-kvm-rhev-2.12.0-35.el7
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1729880 1746361 (view as bug list)
Environment:
Last Closed: 2020-03-31 14:34:48 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2020:1216 None None None 2020-03-31 14:37:02 UTC

Description Jakub Jelen 2019-06-18 13:23:29 UTC
Description of problem:
The current qemu in RHEL 7 carries a bug described in the upstream commit [1], which is preventing Smart Card Sharing functionality with Windows guests.

I verified the attached upstream patch resolves the described issue for me in the RHEL7 environment.

Version-Release number of selected component (if applicable):
current RHEL7 versions of qemu-kvm and qemu-kvm-rhev

How reproducible:
always

Steps to Reproduce:
1. Configure smart card sharing with Windows guest according to bugzilla #917867
2. Try to access smart card

Actual results:
Observe the errors in the the windows Event log:

Smart Card Reader 'QEMU QEMU USB CCID 0' rejected IOCTL SET_PROTOCOL: Incorrect function.  If this error persists, your smart card or reader may not be functioning correctly.

Expected results:
Emulated CCID driver functions as expected.

Additional info:
[1] https://github.com/qemu/qemu/commit/0ee86bb6c5beb6498488850104f7557c376d0bef

Comment 14 Michael 2019-09-19 01:48:48 UTC
Hi all:

According Bug 1729880#c12, we can use the same method to verify this Bug. The reproduce version had been tested. Now we can try the fix version. 

fixed version:
3.10.0-1062.1.1.el7.x86_64
qemu-kvm-rhev-2.12.0-35.el7.x86_64


Test steps:

[1] To emulate a software smartcard, in the host, we need to generate 3 certificates which will be used for the "fake" smartcard.
# mkdir ~/.netscape
# certutil -N (use an empty password)
# certutil -x -t "CT,CT,CT" -S -s "CN=cert1" -n cert1
# certutil -x -t "CT,CT,CT" -S -s "CN=cert2" -n cert2
# certutil -x -t "CT,CT,CT" -S -s "CN=cert3" -n cert3

[2] list 3 certs created in setp1
# certutil -L

Certificate Nickname                                         Trust Attributes
                                                             SSL,S/MIME,JAR/XPI

cert1                                                        CTu,Cu,Cu
cert2                                                        CTu,Cu,Cu
cert3                                                        CTu,Cu,Cu

[3] On the host.
# yum groupinstall "smart card support"
# systemctl restart pcscd

[4] Start the guest with follow command
-spice port=5930,disable-ticketing \
-chardev spicevmc,name=smartcard,id=ccid  \
-device usb-ccid,debug=1 \      <---enable debug for qemu
-device ccid-card-passthru,chardev=ccid \   <---passthru smart card in the host
-usb \

[5] Start the remover with ccid parameter. 
# remote-viewer spice://localhost:5930 --spice-smartcard --spice-smartcard-db ~/.netscape/ --spice-smartcard-certificates cert1,cert2,cert3

[6] check the usb device inside the guest. 
# lsusb
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 002 Device 002: ID 08e6:4433 Gemalto (was Gemplus) GemPC433-Swap   <-- emulation ccid device
Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub

[7] check the dwProtocols in the lsusb. 
# lsusb -vvv -d 08e6:4433

Bus 002 Device 002: ID 08e6:4433 Gemalto (was Gemplus) GemPC433-Swap
Device Descriptor:
  bLength                18
  bDescriptorType         1
  bcdUSB               1.10
  bDeviceClass            0 
  bDeviceSubClass         0 
  bDeviceProtocol         0 
  bMaxPacketSize0        64
  idVendor           0x08e6 Gemalto (was Gemplus)
  idProduct          0x4433 GemPC433-Swap
  bcdDevice            0.00
  iManufacturer           1 QEMU
  iProduct                2 QEMU USB CCID
  iSerial                 3 1-0000:00:1d.7-1
  bNumConfigurations      1
  Configuration Descriptor:
    bLength                 9
    bDescriptorType         2
    wTotalLength       0x005d
    bNumInterfaces          1
    bConfigurationValue     1
    iConfiguration          0 
    bmAttributes         0xe0
      Self Powered
      Remote Wakeup
    MaxPower              100mA
    Interface Descriptor:
      bLength                 9
      bDescriptorType         4
      bInterfaceNumber        0
      bAlternateSetting       0
      bNumEndpoints           3
      bInterfaceClass        11 Chip/SmartCard
      bInterfaceSubClass      0 
      bInterfaceProtocol      0 
      iInterface              4 CCID Interface
      ChipCard Interface Descriptor:
        bLength                54
        bDescriptorType        33
        bcdCCID              1.10  (Warning: Only accurate for version 1.0)
        nMaxSlotIndex           0
        bVoltageSupport         7  5.0V 3.0V 1.8V 
        dwProtocols             1  T=0                 <-------The dwProtocols has been fixed. 
        dwDefaultClock       4000
        dwMaxiumumClock     65536
        bNumClockSupported      0
        dwDataRate           9600 bps
        dwMaxDataRate      115200 bps
        bNumDataRatesSupp.      0
        dwMaxIFSD             254
        dwSyncProtocols  00000000 
        dwMechanical     00000000 
        dwFeatures       000104FE
          Auto configuration based on ATR
          Auto activation on insert
          Auto voltage selection
          Auto clock change
          Auto baud rate change
          Auto parameter negotiation made by CCID
          Auto IFSD exchange
          TPDU level exchange
        dwMaxCCIDMsgLen     65554
        bClassGetResponse    echo
        bClassEnvelope       echo
        wlcdLayout           none
        bPINSupport             1  verification
        bMaxCCIDBusySlots       1
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x81  EP 1 IN
        bmAttributes            3
          Transfer Type            Interrupt
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0040  1x 64 bytes
        bInterval             255
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x82  EP 2 IN
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0040  1x 64 bytes
        bInterval               0
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x03  EP 3 OUT
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0040  1x 64 bytes
        bInterval               0
can't get debug descriptor: Resource temporarily unavailable
Device Status:     0x0001
  Self Powered


Thus, mark this Bug as verify. If any question, just free for let me know.

Comment 17 errata-xmlrpc 2020-03-31 14:34:48 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:1216


Note You need to log in before you can comment on or make changes to this bug.