[Qemu-devel] [PULL 0/5] usb patch queue.

[Qemu-devel] [PULL 0/5] usb patch queue.

[Gerd Hoffmann]

  Hi,

Here is the usb patch queue, with some libcacard fixes, a uhci cleanup
and a new property for xhci.

please pull,
  Gerd

The following changes since commit 3e9418e160cd8901c83a3c88967158084f5b5c03:

  Revert "main-loop.c: Handle SIGINT, SIGHUP and SIGTERM synchronously" (2014-10-27 15:05:09 +0000)

are available in the git repository at:

  git://git.kraxel.org/qemu tags/pull-usb-20141028-1

for you to fetch changes up to a65e4ef90f0fb437b8e74e250a6f94aa4ecfa25c:

  uhci: remove useless DEBUG (2014-10-28 11:38:18 +0100)

----------------------------------------------------------------
Fixes for libcacard (usb smartcard emulation), xhci and uhci.

----------------------------------------------------------------
Gerd Hoffmann (1):
      xhci: add property to turn on/off streams support

Gonglei (1):
      uhci: remove useless DEBUG

Ray Strode (3):
      libcacard: introduce new vcard_emul_logout
      libcacard: Lock NSS cert db when selecting an applet on an emulated card
      libcacard: don't free sign buffer while sign op is pending

 hw/usb/hcd-uhci.c          |  3 ---
 hw/usb/hcd-xhci.c          | 15 ++++++++++++---
 libcacard/cac.c            | 10 +++++++---
 libcacard/vcard.c          |  5 +++++
 libcacard/vcard_emul.h     |  1 +
 libcacard/vcard_emul_nss.c | 16 ++++++++++++----
 6 files changed, 37 insertions(+), 13 deletions(-)

[Qemu-devel] [PULL 1/5] libcacard: introduce new vcard_emul_logout

[Gerd Hoffmann]

From: Ray Strode <rstrode@redhat.com>

vcard_emul_reset currently only logs NSS out, but there is a TODO
for potentially sending insertion/removal events when powering down
or powering up.

For clarity, this commit moves the current guts of vcard_emul_reset to
a new vcard_emul_logout function which will never send insertion/removal
events. The vcard_emul_reset function now just calls vcard_emul_logout,
but also retains its TODO for watching power state transitions and sending
insertion/removal events.

Signed-off-by: Ray Strode <rstrode@redhat.com>
Reviewed-By: Robert Relyea <rrelyea@redhat.com>
Reviewed-By: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 libcacard/vcard_emul.h     |  1 +
 libcacard/vcard_emul_nss.c | 16 ++++++++++++----
 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/libcacard/vcard_emul.h b/libcacard/vcard_emul.h
index 963563f..f09ee98 100644
--- a/libcacard/vcard_emul.h
+++ b/libcacard/vcard_emul.h
@@ -40,6 +40,7 @@ int vcard_emul_get_login_count(VCard *card);
 /* login into the card, return the 7816 status word (sw2 || sw1) */
 vcard_7816_status_t vcard_emul_login(VCard *card, unsigned char *pin,
                                      int pin_len);
+void vcard_emul_logout(VCard *card);
 
 /*
  * key functions
diff --git a/libcacard/vcard_emul_nss.c b/libcacard/vcard_emul_nss.c
index 07b4464..950edee 100644
--- a/libcacard/vcard_emul_nss.c
+++ b/libcacard/vcard_emul_nss.c
@@ -401,7 +401,7 @@ vcard_emul_login(VCard *card, unsigned char *pin, int pin_len)
 }
 
 void
-vcard_emul_reset(VCard *card, VCardPower power)
+vcard_emul_logout(VCard *card)
 {
     PK11SlotInfo *slot;
 
@@ -409,16 +409,24 @@ vcard_emul_reset(VCard *card, VCardPower power)
         return;
     }
 
+    slot = vcard_emul_card_get_slot(card);
+    if (PK11_IsLoggedIn(slot, NULL)) {
+        PK11_Logout(slot); /* NOTE: ignoring SECStatus return value */
+    }
+}
+
+void
+vcard_emul_reset(VCard *card, VCardPower power)
+{
     /*
      * if we reset the card (either power on or power off), we lose our login
      * state
      */
+    vcard_emul_logout(card);
+
     /* TODO: we may also need to send insertion/removal events? */
-    slot = vcard_emul_card_get_slot(card);
-    PK11_Logout(slot); /* NOTE: ignoring SECStatus return value */
 }
 
-
 static VReader *
 vcard_emul_find_vreader_from_slot(PK11SlotInfo *slot)
 {
-- 
1.8.3.1

[Qemu-devel] [PULL 2/5] libcacard: Lock NSS cert db when selecting an applet on an emulated card

[Gerd Hoffmann]

From: Ray Strode <rstrode@redhat.com>

When a process in a guest uses an emulated smartcard, libcacard running
on the host passes the PIN from the guest to the PK11_Authenticate NSS
function. The first time PK11_Authenticate is called the passed in PIN
is used to unlock the certificate database. Subsequent calls to
PK11_Authenticate will transparently succeed, regardless of the passed in
PIN. This is a convenience for applications provided by NSS.

Of course, the guest may have many applications using the one emulated
smart card all driven from the same host QEMU process.  That means if a
user enters the right PIN in one program in the guest, and then enters the
wrong PIN in another program in the guest, the wrong PIN will still
successfully unlock the virtual smartcard.

This commit forces the NSS certificate database to be locked anytime an
applet is selected on an emulated smartcard by calling vcard_emul_logout.

Signed-off-by: Ray Strode <rstrode@redhat.com>
Reviewed-By: Robert Relyea <rrelyea@redhat.com>
Reviewed-By: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 libcacard/vcard.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/libcacard/vcard.c b/libcacard/vcard.c
index 87ad516..d140a8e 100644
--- a/libcacard/vcard.c
+++ b/libcacard/vcard.c
@@ -250,6 +250,11 @@ void
 vcard_select_applet(VCard *card, int channel, VCardApplet *applet)
 {
     assert(channel < MAX_CHANNEL);
+
+    /* If using an emulated card, make sure to log out of any already logged in
+     * session. */
+    vcard_emul_logout(card);
+
     card->current_applet[channel] = applet;
     /* reset the applet */
     if (applet && applet->reset_applet) {
-- 
1.8.3.1

[Qemu-devel] [PULL 3/5] libcacard: don't free sign buffer while sign op is pending

[Gerd Hoffmann]

From: Ray Strode <rstrode@redhat.com>

commit 57f97834efe0c208ffadc9d2959f3d3d55580e52 cleaned up
the cac_applet_pki_process_apdu function to have a single
exit point. Unfortunately, that commit introduced a bug
where the sign buffer can get free'd and nullified while
it's still being used.

This commit corrects the bug by introducing a boolean to
track whether or not the sign buffer should be freed in
the function exit path.

Signed-off-by: Ray Strode <rstrode@redhat.com>
Reviewed-by: Alon Levy <alon@pobox.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 libcacard/cac.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/libcacard/cac.c b/libcacard/cac.c
index ae8c378..f38fdce 100644
--- a/libcacard/cac.c
+++ b/libcacard/cac.c
@@ -115,6 +115,7 @@ cac_applet_pki_process_apdu(VCard *card, VCardAPDU *apdu,
     VCardAppletPrivate *applet_private;
     int size, next;
     unsigned char *sign_buffer;
+    bool retain_sign_buffer = FALSE;
     vcard_7816_status_t status;
     VCardStatus ret = VCARD_FAIL;
 
@@ -178,6 +179,7 @@ cac_applet_pki_process_apdu(VCard *card, VCardAPDU *apdu,
             pki_applet->sign_buffer = sign_buffer;
             pki_applet->sign_buffer_len = size;
             *response = vcard_make_response(VCARD7816_STATUS_SUCCESS);
+            retain_sign_buffer = TRUE;
             break;
         case 0x00:
             /* we now have the whole buffer, do the operation, result will be
@@ -200,9 +202,11 @@ cac_applet_pki_process_apdu(VCard *card, VCardAPDU *apdu,
                                 VCARD7816_STATUS_ERROR_P1_P2_INCORRECT);
             break;
         }
-        g_free(sign_buffer);
-        pki_applet->sign_buffer = NULL;
-        pki_applet->sign_buffer_len = 0;
+        if (!retain_sign_buffer) {
+            g_free(sign_buffer);
+            pki_applet->sign_buffer = NULL;
+            pki_applet->sign_buffer_len = 0;
+        }
         ret = VCARD_DONE;
         break;
     case CAC_READ_BUFFER:
-- 
1.8.3.1

[Qemu-devel] [PULL 4/5] xhci: add property to turn on/off streams support

[Gerd Hoffmann]

streams support in usb-redir and usb-host works only with recent enough
versions of the support libraries (libusbredir and libusbx).  Failure
mode is rather unelegant:  Any stream usb transfers will throw stall
errors.  Turning off support for streams in the xhci host controller
will work better as the guest can figure beforehand that streams are
not going to work.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
---
 hw/usb/hcd-xhci.c | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
index a27c9d3..2930b72 100644
--- a/hw/usb/hcd-xhci.c
+++ b/hw/usb/hcd-xhci.c
@@ -459,6 +459,7 @@ struct XHCIState {
     uint32_t numintrs;
     uint32_t numslots;
     uint32_t flags;
+    uint32_t max_pstreams_mask;
 
     /* Operational Registers */
     uint32_t usbcmd;
@@ -500,6 +501,7 @@ enum xhci_flags {
     XHCI_FLAG_USE_MSI_X,
     XHCI_FLAG_SS_FIRST,
     XHCI_FLAG_FORCE_PCIE_ENDCAP,
+    XHCI_FLAG_ENABLE_STREAMS,
 };
 
 static void xhci_kick_ep(XHCIState *xhci, unsigned int slotid,
@@ -1384,7 +1386,7 @@ static void xhci_init_epctx(XHCIEPContext *epctx,
     epctx->pctx = pctx;
     epctx->max_psize = ctx[1]>>16;
     epctx->max_psize *= 1+((ctx[1]>>8)&0xff);
-    epctx->max_pstreams = (ctx[0] >> 10) & 0xf;
+    epctx->max_pstreams = (ctx[0] >> 10) & epctx->xhci->max_pstreams_mask;
     epctx->lsa = (ctx[0] >> 15) & 1;
     if (epctx->max_pstreams) {
         xhci_alloc_streams(epctx, dequeue);
@@ -2956,9 +2958,9 @@ static uint64_t xhci_cap_read(void *ptr, hwaddr reg, unsigned size)
         break;
     case 0x10: /* HCCPARAMS */
         if (sizeof(dma_addr_t) == 4) {
-            ret = 0x00087000;
+            ret = 0x00080000 | (xhci->max_pstreams_mask << 12);
         } else {
-            ret = 0x00087001;
+            ret = 0x00080001 | (xhci->max_pstreams_mask << 12);
         }
         break;
     case 0x14: /* DBOFF */
@@ -3590,6 +3592,11 @@ static int usb_xhci_initfn(struct PCIDevice *dev)
     if (xhci->numslots < 1) {
         xhci->numslots = 1;
     }
+    if (xhci_get_flag(xhci, XHCI_FLAG_ENABLE_STREAMS)) {
+        xhci->max_pstreams_mask = 7; /* == 256 primary streams */
+    } else {
+        xhci->max_pstreams_mask = 0;
+    }
 
     xhci->mfwrap_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, xhci_mfwrap_timer, xhci);
 
@@ -3853,6 +3860,8 @@ static Property xhci_properties[] = {
                     XHCIState, flags, XHCI_FLAG_SS_FIRST, true),
     DEFINE_PROP_BIT("force-pcie-endcap", XHCIState, flags,
                     XHCI_FLAG_FORCE_PCIE_ENDCAP, false),
+    DEFINE_PROP_BIT("streams", XHCIState, flags,
+                    XHCI_FLAG_ENABLE_STREAMS, true),
     DEFINE_PROP_UINT32("intrs", XHCIState, numintrs, MAXINTRS),
     DEFINE_PROP_UINT32("slots", XHCIState, numslots, MAXSLOTS),
     DEFINE_PROP_UINT32("p2",    XHCIState, numports_2, 4),
-- 
1.8.3.1

[Qemu-devel] [PULL 5/5] uhci: remove useless DEBUG

[Gerd Hoffmann]

From: Gonglei <arei.gonglei@huawei.com>

commit 50dcc0f8 (uhci: tracing support) had removed
DPRINTF, the DEBUG marco is useless now, remove it.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 hw/usb/hcd-uhci.c | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/hw/usb/hcd-uhci.c b/hw/usb/hcd-uhci.c
index 5b88f30..4a4215d 100644
--- a/hw/usb/hcd-uhci.c
+++ b/hw/usb/hcd-uhci.c
@@ -35,9 +35,6 @@
 #include "trace.h"
 #include "qemu/main-loop.h"
 
-//#define DEBUG
-//#define DEBUG_DUMP_DATA
-
 #define FRAME_TIMER_FREQ 1000
 
 #define FRAME_MAX_LOOPS  256
-- 
1.8.3.1

Re: [Qemu-devel] [PULL 0/5] usb patch queue.

[Peter Maydell]

On 28 October 2014 10:50, Gerd Hoffmann <kraxel@redhat.com> wrote:
>   Hi,
>
> Here is the usb patch queue, with some libcacard fixes, a uhci cleanup
> and a new property for xhci.
>
> please pull,
>   Gerd
>
> The following changes since commit 3e9418e160cd8901c83a3c88967158084f5b5c03:
>
>   Revert "main-loop.c: Handle SIGINT, SIGHUP and SIGTERM synchronously" (2014-10-27 15:05:09 +0000)
>
> are available in the git repository at:
>
>   git://git.kraxel.org/qemu tags/pull-usb-20141028-1
>
> for you to fetch changes up to a65e4ef90f0fb437b8e74e250a6f94aa4ecfa25c:
>
>   uhci: remove useless DEBUG (2014-10-28 11:38:18 +0100)
>
> ----------------------------------------------------------------
> Fixes for libcacard (usb smartcard emulation), xhci and uhci.

Applied, thanks.

-- PMM