| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 28 May 2018 11:32:54 +0200
From: Marcus Folkesson <marcus.folkesson@...il.com>
To: Andrzej Pietrasiewicz <andrzej.p@...sung.com>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Jonathan Corbet <corbet@....net>,
Felipe Balbi <balbi@...nel.org>, davem@...emloft.net,
Mauro Carvalho Chehab <mchehab+samsung@...nel.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Randy Dunlap <rdunlap@...radead.org>,
Ruslan Bilovol <ruslan.bilovol@...il.com>,
Thomas Gleixner <tglx@...utronix.de>,
Kate Stewart <kstewart@...uxfoundation.org>,
linux-usb@...r.kernel.org, linux-doc@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 1/3] usb: gadget: ccid: add support for USB CCID
Gadget Device
Hi Andrzej,
Thank you for reviewing.
On Mon, May 28, 2018 at 11:12:27AM +0200, Andrzej Pietrasiewicz wrote:
> W dniu 28.05.2018 o 10:38, Marcus Folkesson pisze:
> > Hi Andrzej,
> >
> > On Mon, May 28, 2018 at 09:04:51AM +0200, Andrzej Pietrasiewicz wrote:
> >> Mi Marcus,
> >>
> >> W dniu 26.05.2018 o 23:19, Marcus Folkesson pisze:
> >>> Chip Card Interface Device (CCID) protocol is a USB protocol that
> >>> allows a smartcard device to be connected to a computer via a card
> >>> reader using a standard USB interface, without the need for each manufacturer
> >>> of smartcards to provide its own reader or protocol.
> >>>
> >>> This gadget driver makes Linux show up as a CCID device to the host and let a
> >>> userspace daemon act as the smartcard.
> >>>
> >>> This is useful when the Linux gadget itself should act as a cryptographic
> >>> device or forward APDUs to an embedded smartcard device.
> >>>
> >>> Signed-off-by: Marcus Folkesson <marcus.folkesson@...il.com>
> >>> ---
> >>
> >>>
> >>> +config USB_CONFIGFS_CCID
> >>> + bool "Chip Card Interface Device (CCID)"
> >>> + depends on USB_CONFIGFS
> >>> + select USB_F_CCID
> >>> + help
> >>> + The CCID function driver provides generic emulation of a
> >>> + Chip Card Interface Device (CCID).
> >>> +
> >>> + You will need a user space server talking to /dev/ccidg*,
> >>> + since the kernel itself does not implement CCID/TPDU/APDU
> >>> + protocol.
> >>
> >> Your function needs a userspace daemon to work.
> >> It seems you want to use FunctionFS for such a purpose
> >> instead of creating a new function.
> >>
> >> Andrzej
> >
> >>> + since the kernel itself does not implement CCID/TPDU/APDU
> > Oops, the driver does handle CCID.
>
> Which parts of code do this handling?
My bad, I was thinking about the USB descriptors and endpoints setup.
That is of cause not part of the CCID protocol.
>
> Is there any kind of state machine usual for protocols?
> If the protocol is stateless then isn't it just a data format then?
The protocol is stateless.
>
> Which part of this handling must be done in kernel and why?
>
> Does the said handling do anything other than forwarding the
> traffic between USB and a character device?
No, it forward the CCID messages to the character device to be handled
by the application.
>
> What is the character device used for? I know: read, write and poll.
> But why? To do what?
It is used for the application to fetch, interpret and then perform actions depending on
commands.
>
> >
> > Well, yes, It needs an application that perform the "smartcard operations", such as
> > generate keys or sign data, as this depends on how it should be used.
> >
> > The actual smartcard operations could for example be in software,
> > use a crypto engine in SoC or external HSM (Hardware Security Module).
> >
> > Without the application, the gadget shows up as a smart card reader
> > with an unconnected smartcard.
> >
>
> Does showing up as anything require anything other than merely
> providing USB descriptors?
I guess.
>
> Andrzej
Thank you,
Marcus
Powered by blists - more mailing lists