Merge remote-tracking branch 'alon/libcacard_ccid.1' into staging

# By Alon Levy (15) and others
# Via Alon Levy
* alon/libcacard_ccid.1: (28 commits)
  libcacard/cac: change big switch functions to single return point
  dev-smartcard-reader: empty implementation for Mechanical (fail correctly)
  libcacard: move atr setting from macro to function
  libcacard/vreader: add debugging messages for apdu
  dev-smartcard-reader: copy atr protocol to ccid parameters
  dev-smartcard-reader: change default protocol to T=0
  dev-smartcard-reader: define structs for CCID_Parameter internals
  ccid-card-passthru, dev-smartcard-reader: add debug environment variables
  ccid-card-passthru: add atr check
  libcacard: change default ATR
  dev-smartcard-reader: reuse usb.h definitions
  dev-smartcard-reader: support windows guest
  dev-smartcard-reader: remove aborts (never triggered, but just in case)
  dev-smartcard-reader: nicer debug messages
  dev-smartcard-reader: white space fixes
  libcacard: remove default libcoolkey loading
  libcacard: remove sql: prefix
  libcacard: teach vscclient to use GMainLoop for portability
  libcacard: vscclient to use QemuThread for portability
  libcacard: split vscclient main() from socket reading
  ...

Message-id: [email protected]
Signed-off-by: Anthony Liguori <[email protected]>

Makefile

@@ -166,11 +166,15 @@ recurse-all: $(SUBDIR_RULES) $(ROMSUBDIR_RULES)
 
 bt-host.o: QEMU_CFLAGS += $(BLUEZ_CFLAGS)
 
-version.o: $(SRC_PATH)/version.rc config-host.h
+version.o: $(SRC_PATH)/version.rc config-host.h | version.lo
 	$(call quiet-command,$(WINDRES) -I. -o $@ $<,"  RC    $(TARGET_DIR)$@")
+version.lo: $(SRC_PATH)/version.rc config-host.h
+	$(call quiet-command,$(LIBTOOL) --mode=compile --tag=RC $(WINDRES) -I. -o $@ $<,"lt RC   $(TARGET_DIR)$@")
 
 version-obj-$(CONFIG_WIN32) += version.o
-Makefile: $(version-obj-y)
+version-lobj-$(CONFIG_WIN32) += $(if $(LIBTOOL),version.lo)
+Makefile: $(version-obj-y) $(version-lobj-y)
+
 
 ######################################################################
 # Build libraries

Makefile.objs

@@ -32,6 +32,7 @@ libcacard-y += libcacard/vcard.o libcacard/vreader.o
 libcacard-y += libcacard/vcard_emul_nss.o
 libcacard-y += libcacard/vcard_emul_type.o
 libcacard-y += libcacard/card_7816.o
+libcacard-y += libcacard/vcardt.o
 
 ######################################################################
 # Target independent part of system emulation. The long term path is to

configure

@@ -1244,7 +1244,7 @@ fi
 gcc_flags="-Wold-style-declaration -Wold-style-definition -Wtype-limits"
 gcc_flags="-Wformat-security -Wformat-y2k -Winit-self -Wignored-qualifiers $gcc_flags"
 gcc_flags="-Wmissing-include-dirs -Wempty-body -Wnested-externs $gcc_flags"
-gcc_flags="-fstack-protector-all -Wendif-labels $gcc_flags"
+gcc_flags="-Wendif-labels $gcc_flags"
 gcc_flags="-Wno-initializer-overrides $gcc_flags"
 # Note that we do not add -Werror to gcc_flags here, because that would
 # enable it for all configure tests. If a configure test failed due
@@ -1263,6 +1263,11 @@ for flag in $gcc_flags; do
     fi
 done
 
+if compile_prog "-Werror -fstack-protector-all" "" ; then
+    QEMU_CFLAGS="$QEMU_CFLAGS -fstack-protector-all"
+    LIBTOOLFLAGS="$LIBTOOLFLAGS -Wc,-fstack-protector-all"
+fi
+
 # Workaround for http://gcc.gnu.org/PR55489.  Happens with -fPIE/-fPIC and
 # large functions that use global variables.  The bug is in all releases of
 # GCC, but it became particularly acute in 4.6.x and 4.7.x.  It is fixed in
@@ -4078,6 +4083,7 @@ else
   echo "AUTOCONF_HOST := "                             >> $config_host_mak
 fi
 echo "LDFLAGS=$LDFLAGS" >> $config_host_mak
+echo "LIBTOOLFLAGS=$LIBTOOLFLAGS" >> $config_host_mak
 echo "LIBS+=$LIBS" >> $config_host_mak
 echo "LIBS_TOOLS+=$libs_tools" >> $config_host_mak
 echo "EXESUF=$EXESUF" >> $config_host_mak

hw/usb/ccid-card-emulated.c

@@ -462,17 +462,20 @@ typedef struct EnumTable {
     uint32_t value;
 } EnumTable;
 
-EnumTable backend_enum_table[] = {
+static const EnumTable backend_enum_table[] = {
     {BACKEND_NSS_EMULATED_NAME, BACKEND_NSS_EMULATED},
     {BACKEND_CERTIFICATES_NAME, BACKEND_CERTIFICATES},
     {NULL, 0},
 };
 
 static uint32_t parse_enumeration(char *str,
-    EnumTable *table, uint32_t not_found_value)
+    const EnumTable *table, uint32_t not_found_value)
 {
     uint32_t ret = not_found_value;
 
+    if (str == NULL)
+        return 0;
+
     while (table->name != NULL) {
         if (strcmp(table->name, str) == 0) {
             ret = table->value;
@@ -487,7 +490,7 @@ static int emulated_initfn(CCIDCardState *base)
 {
     EmulatedState *card = DO_UPCAST(EmulatedState, base, base);
     VCardEmulError ret;
-    EnumTable *ptable;
+    const EnumTable *ptable;
 
     QSIMPLEQ_INIT(&card->event_list);
     QSIMPLEQ_INIT(&card->guest_apdu_list);

hw/usb/ccid-card-passthru.c

@@ -27,7 +27,7 @@ do {                                                    \
 #define D_VERBOSE 4
 
 /* TODO: do we still need this? */
-uint8_t DEFAULT_ATR[] = {
+static const uint8_t DEFAULT_ATR[] = {
 /*
  * From some example somewhere
  * 0x3B, 0xB0, 0x18, 0x00, 0xD1, 0x81, 0x05, 0xB1, 0x40, 0x38, 0x1F, 0x03, 0x28
@@ -138,6 +138,59 @@ static void ccid_card_vscard_handle_init(
     ccid_card_vscard_send_init(card);
 }
 
+static int check_atr(PassthruState *card, uint8_t *data, int len)
+{
+    int historical_length, opt_bytes;
+    int td_count = 0;
+    int td;
+
+    if (len < 2) {
+        return 0;
+    }
+    historical_length = data[1] & 0xf;
+    opt_bytes = 0;
+    if (data[0] != 0x3b && data[0] != 0x3f) {
+        DPRINTF(card, D_WARN, "atr's T0 is 0x%X, not in {0x3b, 0x3f}\n",
+                data[0]);
+        return 0;
+    }
+    td_count = 0;
+    td = data[1] >> 4;
+    while (td && td_count < 2 && opt_bytes + historical_length + 2 < len) {
+        td_count++;
+        if (td & 0x1) {
+            opt_bytes++;
+        }
+        if (td & 0x2) {
+            opt_bytes++;
+        }
+        if (td & 0x4) {
+            opt_bytes++;
+        }
+        if (td & 0x8) {
+            opt_bytes++;
+            td = data[opt_bytes + 2] >> 4;
+        }
+    }
+    if (len < 2 + historical_length + opt_bytes) {
+        DPRINTF(card, D_WARN,
+            "atr too short: len %d, but historical_len %d, T1 0x%X\n",
+            len, historical_length, data[1]);
+        return 0;
+    }
+    if (len > 2 + historical_length + opt_bytes) {
+        DPRINTF(card, D_WARN,
+            "atr too long: len %d, but hist/opt %d/%d, T1 0x%X\n",
+            len, historical_length, opt_bytes, data[1]);
+        /* let it through */
+    }
+    DPRINTF(card, D_VERBOSE,
+            "atr passes check: %d total length, %d historical, %d optional\n",
+            len, historical_length, opt_bytes);
+
+    return 1;
+}
+
 static void ccid_card_vscard_handle_message(PassthruState *card,
     VSCMsgHeader *scr_msg_header)
 {
@@ -152,6 +205,12 @@ static void ccid_card_vscard_handle_message(PassthruState *card,
                                         VSC_GENERAL_ERROR);
             break;
         }
+        if (!check_atr(card, data, scr_msg_header->length)) {
+            error_report("ATR is inconsistent, ignoring");
+            ccid_card_vscard_send_error(card, scr_msg_header->reader_id,
+                                        VSC_GENERAL_ERROR);
+            break;
+        }
         memcpy(card->atr, data, scr_msg_header->length);
         card->atr_length = scr_msg_header->length;
         ccid_card_card_inserted(&card->base);
@@ -291,6 +350,8 @@ static int passthru_initfn(CCIDCardState *base)
         error_report("missing chardev");
         return -1;
     }
+    card->debug = parse_debug_env("QEMU_CCID_PASSTHRU_DEBUG", D_VERBOSE,
+                                  card->debug);
     assert(sizeof(DEFAULT_ATR) <= MAX_ATR_SIZE);
     memcpy(card->atr, DEFAULT_ATR, sizeof(DEFAULT_ATR));
     card->atr_length = sizeof(DEFAULT_ATR);