From nobody Mon Nov 25 00:48:46 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1719337045; cv=none; d=zohomail.com; s=zohoarc; b=DrqPP2Q+xF6bzD6hTq20NWCW15+l6Vd6ZBapJMy4BndtIYfHHkwY20kO9FWYWpf53aDn7mtscI/Z0TYzkyHhCMy6dN7/G9dgR88O+hf7fH8PEzTn5YzzHBPebF59rTnw+MVjIGUNJlWopTUvTytxks39CzvL/Xu/cgWfMsKzn8E= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1719337045; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=FTEABTvUlmGhewuD80/IM0/j/3yvJVyKCKjnPPFuNU0=; b=Q6uHLyf1+6F9CJbCS1r8ACXCYkkRjVX7Z0cyuBiaM13Rt2lR9qBVPFNylwAMTEo/r/lC2l28DbTmH1CLzzcu45JT74Tf/J6f6pX0JmRm/qgaJTj3KrrUIuNrr/QxZia9A1xy7GswMLv3uc5ZaunwIBm8cOCDfbTYR/z9k9A0YQs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1719337045616436.51081224303346; Tue, 25 Jun 2024 10:37:25 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sM9ys-00022O-U4; Tue, 25 Jun 2024 13:29:31 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sM7Yx-0003iz-Hz for qemu-devel@nongnu.org; Tue, 25 Jun 2024 10:54:27 -0400 Received: from mail-ed1-x530.google.com ([2a00:1450:4864:20::530]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sM7Yv-0003Ih-QA for qemu-devel@nongnu.org; Tue, 25 Jun 2024 10:54:27 -0400 Received: by mail-ed1-x530.google.com with SMTP id 4fb4d7f45d1cf-57d20d89748so5472806a12.0 for ; Tue, 25 Jun 2024 07:54:25 -0700 (PDT) Received: from 41414141.home (84-82-177-210.fixed.kpn.net. [84.82.177.210]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-57d3042d421sm6092740a12.42.2024.06.25.07.54.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 25 Jun 2024 07:54:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1719327264; x=1719932064; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=FTEABTvUlmGhewuD80/IM0/j/3yvJVyKCKjnPPFuNU0=; b=k8HYSXgd51oJj2eU40HRf/HIBE+3Du/YmvD+/xaCUftsZsmKY4W52lbpHunHHd2G2b WYEjX9X+geTYDM4W/Kf5IVt1Q+5sqSYw6UcNoLd/Gyo/Wg/3TPiBFc2l1QPgNXdjtzLN yCO6ynYV8PXX60f8ZrVqlDngKdpxKUjFkV2fPyHTpu0jai0H0YN1i5xQgoTJ/m4PGT+E c6rH1SJkkMd0R6dnCYTLA9UeOX0XesBR0svcDG7m21lyZqAwtk7qeUvZkfrwyN40xjI0 wT6Kz2mVB+mTH5qkG9AMTK4keLaua5bgSVCfbuH6e0O+bheDBLte0qxLxMk/0wVO1KpB w2eA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1719327264; x=1719932064; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=FTEABTvUlmGhewuD80/IM0/j/3yvJVyKCKjnPPFuNU0=; b=tsEr1NAqyOhdOecHBkxXHhA7HTmYCSW1g6TOVzUSAKCtpwkn+pnAH2rTUNXA7W/2fi sVU+QcUffss9nWgXmTWQlTBh0XaNkt5SrOHzhUUHJIfppEoQ1lJ/ws+INT88gQQmUhK5 KxMDzffMitIZFbcO0t6cDMQ2r2y4b9dfDfniTStozY5XYczoAckp049xhzzTfKueEpKq HTXj8rpX8vukqtzq+mxjOxqu0WwW5Ac4DZPSfUfF/Yu9m0PfQzuP5Oms5hqyH2bgt2yg NB96VkZAbXGNjluCvlsnXVDO6YODsGqut1C7OkYFgZ4I+MSLx0VP3hEkKfYatAA3Gp4/ fSTg== X-Gm-Message-State: AOJu0YzG4BgFuz2eC/KmckTMZ/07IezynkMWUThUuO+7F+jHxBjvzX/W E8dbgf4yI+IwQUyKOEILw7sss4VyjhiaRR90KX3aCMQvFkmFFZQfl7zexA== X-Google-Smtp-Source: AGHT+IHX12OXseF02pCwYdu3uF8zcxfHzMRAHLlJqHuLhiPN/zKgFHLh+cXRKPot5fkv3+UKKUv1uQ== X-Received: by 2002:a50:8ad7:0:b0:57d:692:33ee with SMTP id 4fb4d7f45d1cf-57d4a03eba4mr5905730a12.36.1719327264064; Tue, 25 Jun 2024 07:54:24 -0700 (PDT) From: David Bouman To: qemu-devel@nongnu.org Cc: David Bouman Subject: [PATCH 4/4] hw/usb/u2f-passthru: Implement FIDO U2FHID keep-alive Date: Tue, 25 Jun 2024 16:53:50 +0200 Message-Id: <20240625145350.65978-5-dbouman03@gmail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240625145350.65978-1-dbouman03@gmail.com> References: <20240625145350.65978-1-dbouman03@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2a00:1450:4864:20::530; envelope-from=dbouman03@gmail.com; helo=mail-ed1-x530.google.com X-Spam_score_int: -17 X-Spam_score: -1.8 X-Spam_bar: - X-Spam_report: (-1.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Mailman-Approved-At: Tue, 25 Jun 2024 13:25:51 -0400 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @gmail.com) X-ZM-MESSAGEID: 1719337047571100003 Content-Type: text/plain; charset="utf-8" FIDO U2FHID features a keep-alive response command (code 0xbb). A keep-alive response signifies that the request is being processed and the transaction should not be closed yet. u2f-passthru does not recognize this command, and hence closes the transaction prematurely upon receiving it. This prevents some U2F security keys from being passed through correctly (Yubikey 4/5). Fix this by recognizing the keep-alive response and, if received, by keeping the transaction alive regardless of the resp_bcnt limit. Signed-off-by: David Bouman Fixes: 299976b050bf (hw/usb: Add U2F key passthru mode) Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2293 --- hw/usb/u2f-passthru.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/hw/usb/u2f-passthru.c b/hw/usb/u2f-passthru.c index d0fb7b377c..c1e4db3467 100644 --- a/hw/usb/u2f-passthru.c +++ b/hw/usb/u2f-passthru.c @@ -296,10 +296,14 @@ static void u2f_passthru_recv_from_host(U2FPassthruSt= ate *key, return; } =20 + bool keepalive =3D false; if (packet_is_init(packet)) { transaction->resp_bcnt =3D packet_init_get_bcnt(packet); transaction->resp_size =3D PACKET_INIT_DATA_SIZE; =20 + if (packet->init.cmd =3D=3D U2FHID_CMD_KEEPALIVE) + keepalive =3D true; + if (packet->cid =3D=3D BROADCAST_CID) { /* Nonce checking for legitimate response */ if (memcmp(transaction->nonce, packet->init.data, NONCE_SIZE) @@ -312,7 +316,7 @@ static void u2f_passthru_recv_from_host(U2FPassthruStat= e *key, } =20 /* Transaction end check */ - if (transaction->resp_size >=3D transaction->resp_bcnt) { + if (!keepalive && transaction->resp_size >=3D transaction->resp_bcnt) { u2f_transaction_close(key, cid); } u2f_send_to_guest(&key->base, raw_packet); --=20 2.34.1