[Spice-devel] [PATCH libcacard 2/2] vreader: Handle read failure
Jason Andryuk
jandryuk at gmail.com
Wed Aug 8 18:08:21 UTC 2018
On Wed, Aug 8, 2018 at 11:33 AM Jakub Jelen <jjelen at redhat.com> wrote:
>
> On Wed, 2018-08-08 at 16:51 +0200, Marc-André Lureau wrote:
> > Hi
> >
> > On Tue, Jul 24, 2018 at 8:34 PM, Jason Andryuk <jandryuk at gmail.com>
> > wrote:
> > > If a command fails, card_status will not match VCARD_DONE. That
> > > will
> > > trigger the assert and abort the process. Instead, handle
> > > VCARD_FAIL and
> > > return an error in that case. Client software can then deal with
> > > the
> > > error, and we continue running to handle future commands.
> > >
> > > This can be triggered by removing the physical smartcard mid-
> > > operation.
> >
> > There are other paths, like invalid instruction on
> > cac_common_process_apdu_read()
>
> The invalid instructions should return valid response with error
> indicated in SW (status words). The referenced function has the default
> VCARD_FAIL value is in the code somehow bogus in case we would like to
> fail early or fail to handle some case (?).
>
> The VCARD_FAIL option is really about more serious issues as Jason is
> pointing out.
>
> Handling the error here, rather than segfaulting in assert later sounds
> like a good idea. But from reading the code, I still can not find a
> path where we could encounter this value here.
>
> From what I see, all the paths here return either VCARD_DONE. Can you
> advice during which operation did you encounter this error?
My setup is qemu <-> vscclient <-> pcscd with passthru:
vscclient -e 'use_hw=yes hw_type=passthru'
In a Windows VM, I ran `certutil -scinfo` from a cmd window. While it
was running, I pulled out my smart card. Without my patch, vscclient
terminates. With it, vscclient continues running.
The call stack is:
vreader_xfr_bytes
vcard_process_apdu
vcard_process_applet_apdu
apdu_cb
apdu_cb can return VCARD_FAIL for send_receive or
vcard_response_new_data failure.
So you think src/capcsc.c:apdu_cb() should return VCARD_DONE but use
vcard_response_set_status_bytes to write an appropriate status word?
Is there a better tool than vscclient for passing through a physical
smart card to a VM? Spice isn't an option for my VM setup.
Thanks,
Jason
More information about the Spice-devel
mailing list