Bug 1729880 - ccid: Fix incorrect dwProtocol advertisement of T=0 [rhel-7.7.z]
Summary: ccid: Fix incorrect dwProtocol advertisement of T=0 [rhel-7.7.z]
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: qemu-kvm-rhev
Version: 7.7
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: rc
: ---
Assignee: Maxim Levitsky
QA Contact: Virtualization Bugs
URL:
Whiteboard:
Depends On: 1721522
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-07-15 08:23 UTC by RAD team bot copy to z-stream
Modified: 2019-10-22 15:24 UTC (History)
13 users (show)

Fixed In Version: qemu-kvm-rhev-2.12.0-33.el7_7.1
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1721522
Environment:
Last Closed: 2019-10-22 15:24:05 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2019:3179 None None None 2019-10-22 15:24:29 UTC

Description RAD team bot copy to z-stream 2019-07-15 08:23:49 UTC
This bug has been copied from bug #1721522 and has been proposed to be backported to 7.7 z-stream (EUS).

Comment 12 Michael 2019-09-16 03:03:43 UTC
Hi all:

Now, we can verify this Bug. Basically check that dwProtocols field in lsusb output doesn't complain about invalid values on Linux, which can verify this Bug. Thus, we can reproduce this Bug first. 

Reproduced version:
kernel:3.10.0-1062.1.1.el7.x86_64
qemu-kvm-rhev-2.12.0-33.el7.x86_64

Test steps:

[1] To emulate a software smartcard, in the host, we need to generate 3 certificates which will be used for the "fake" smartcard.
# mkdir ~/.netscape
# certutil -N (use an empty password)
# certutil -x -t "CT,CT,CT" -S -s "CN=cert1" -n cert1
# certutil -x -t "CT,CT,CT" -S -s "CN=cert2" -n cert2
# certutil -x -t "CT,CT,CT" -S -s "CN=cert3" -n cert3

[2] list 3 certs created in setp1
# certutil -L

Certificate Nickname                                         Trust Attributes
                                                             SSL,S/MIME,JAR/XPI

cert1                                                        CTu,Cu,Cu
cert2                                                        CTu,Cu,Cu
cert3                                                        CTu,Cu,Cu

[3] On the host.
# yum groupinstall "smart card support"
# systemctl restart pcscd

[4] Start the guest with follow command
-spice port=5930,disable-ticketing \
-chardev spicevmc,name=smartcard,id=ccid  \
-device usb-ccid,debug=1 \      <---enable debug for qemu
-device ccid-card-passthru,chardev=ccid \   <---passthru smart card in the host
-usb \

[5] Start the remover with ccid parameter. 
# remote-viewer spice://localhost:5930 --spice-smartcard --spice-smartcard-db ~/.netscape/ --spice-smartcard-certificates cert1,cert2,cert3

[6] check the usb device inside the guest. 
# lsusb
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 002 Device 002: ID 08e6:4433 Gemalto (was Gemplus) GemPC433-Swap   <-- emulation ccid device
Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub

[7] check the dwProtocols in the lsusb. 
# lsusb -vvv -d 08e6:4433

Bus 002 Device 002: ID 08e6:4433 Gemalto (was Gemplus) GemPC433-Swap
Device Descriptor:
  bLength                18
  bDescriptorType         1
  bcdUSB               1.10
  bDeviceClass            0 
  bDeviceSubClass         0 
  bDeviceProtocol         0 
  bMaxPacketSize0        64
  idVendor           0x08e6 Gemalto (was Gemplus)
  idProduct          0x4433 GemPC433-Swap
  bcdDevice            0.00
  iManufacturer           1 QEMU
  iProduct                2 QEMU USB CCID
  iSerial                 3 1-0000:00:1d.7-1
  bNumConfigurations      1
  Configuration Descriptor:
    bLength                 9
    bDescriptorType         2
    wTotalLength       0x005d
    bNumInterfaces          1
    bConfigurationValue     1
    iConfiguration          0 
    bmAttributes         0xe0
      Self Powered
      Remote Wakeup
    MaxPower              100mA
    Interface Descriptor:
      bLength                 9
      bDescriptorType         4
      bInterfaceNumber        0
      bAlternateSetting       0
      bNumEndpoints           3
      bInterfaceClass        11 Chip/SmartCard
      bInterfaceSubClass      0 
      bInterfaceProtocol      0 
      iInterface              4 CCID Interface
      ChipCard Interface Descriptor:
        bLength                54
        bDescriptorType        33
        bcdCCID              1.10  (Warning: Only accurate for version 1.0)
        nMaxSlotIndex           0
        bVoltageSupport         7  5.0V 3.0V 1.8V 
      **dwProtocols**       65536  (Invalid values detected)        <--- Bug reproduced. 
        dwDefaultClock       4000
        dwMaxiumumClock     65536
        bNumClockSupported      0
        dwDataRate           9600 bps
        dwMaxDataRate      115200 bps
        bNumDataRatesSupp.      0
        dwMaxIFSD             254
        dwSyncProtocols  00000000 
        dwMechanical     00000000 
        dwFeatures       000104FE
          Auto configuration based on ATR
          Auto activation on insert
          Auto voltage selection
          Auto clock change
          Auto baud rate change
          Auto parameter negotiation made by CCID
          Auto IFSD exchange
          TPDU level exchange
        dwMaxCCIDMsgLen     65554
        bClassGetResponse    echo
        bClassEnvelope       echo
        wlcdLayout           none
        bPINSupport             1  verification
        bMaxCCIDBusySlots       1
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x81  EP 1 IN
        bmAttributes            3
          Transfer Type            Interrupt
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0040  1x 64 bytes
        bInterval             255
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x82  EP 2 IN
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0040  1x 64 bytes
        bInterval               0
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x03  EP 3 OUT
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0040  1x 64 bytes
        bInterval               0
can't get debug descriptor: Resource temporarily unavailable
Device Status:     0x0001
  Self Powered



Now change to the fixed version to verify this Bug. 

qemu-kvm-rhev-2.12.0-33.el7_7.4.x86_64

repeat the above steps and check the dwProtocols output. 
# lsusb -vvv -d 08e6:4433
... ...
dwProtocols             1  T=0 
... ...


Thus, we can mark this Bug as verified. If any one have question, just free for contact me. 

Thanks.

Comment 15 errata-xmlrpc 2019-10-22 15:24:05 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2019:3179


Note You need to log in before you can comment on or make changes to this bug.