6523c96c9c
It never worked. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com> Message-Id: <20210310173323.1422754-3-thuth@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
352 lines
10 KiB
C
352 lines
10 KiB
C
/*
|
|
* U2F USB device.
|
|
*
|
|
* Copyright (c) 2020 César Belley <cesar.belley@lse.epita.fr>
|
|
* Written by César Belley <cesar.belley@lse.epita.fr>
|
|
*
|
|
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
* of this software and associated documentation files (the "Software"), to deal
|
|
* in the Software without restriction, including without limitation the rights
|
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
* copies of the Software, and to permit persons to whom the Software is
|
|
* furnished to do so, subject to the following conditions:
|
|
*
|
|
* The above copyright notice and this permission notice shall be included in
|
|
* all copies or substantial portions of the Software.
|
|
*
|
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
|
|
* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
|
* THE SOFTWARE.
|
|
*/
|
|
|
|
#include "qemu/osdep.h"
|
|
#include "qemu/module.h"
|
|
#include "qapi/error.h"
|
|
#include "hw/usb.h"
|
|
#include "hw/usb/hid.h"
|
|
#include "migration/vmstate.h"
|
|
#include "desc.h"
|
|
|
|
#include "u2f.h"
|
|
|
|
/* U2F key Vendor / Product */
|
|
#define U2F_KEY_VENDOR_NUM 0x46f4 /* CRC16() of "QEMU" */
|
|
#define U2F_KEY_PRODUCT_NUM 0x0005
|
|
|
|
enum {
|
|
STR_MANUFACTURER = 1,
|
|
STR_PRODUCT,
|
|
STR_SERIALNUMBER,
|
|
STR_CONFIG,
|
|
STR_INTERFACE
|
|
};
|
|
|
|
static const USBDescStrings desc_strings = {
|
|
[STR_MANUFACTURER] = "QEMU",
|
|
[STR_PRODUCT] = "U2F USB key",
|
|
[STR_SERIALNUMBER] = "0",
|
|
[STR_CONFIG] = "U2F key config",
|
|
[STR_INTERFACE] = "U2F key interface"
|
|
};
|
|
|
|
static const USBDescIface desc_iface_u2f_key = {
|
|
.bInterfaceNumber = 0,
|
|
.bNumEndpoints = 2,
|
|
.bInterfaceClass = USB_CLASS_HID,
|
|
.bInterfaceSubClass = 0x0,
|
|
.bInterfaceProtocol = 0x0,
|
|
.ndesc = 1,
|
|
.descs = (USBDescOther[]) {
|
|
{
|
|
/* HID descriptor */
|
|
.data = (uint8_t[]) {
|
|
0x09, /* u8 bLength */
|
|
USB_DT_HID, /* u8 bDescriptorType */
|
|
0x10, 0x01, /* u16 HID_class */
|
|
0x00, /* u8 country_code */
|
|
0x01, /* u8 num_descriptors */
|
|
USB_DT_REPORT, /* u8 type: Report */
|
|
0x22, 0, /* u16 len */
|
|
},
|
|
},
|
|
},
|
|
.eps = (USBDescEndpoint[]) {
|
|
{
|
|
.bEndpointAddress = USB_DIR_IN | 0x01,
|
|
.bmAttributes = USB_ENDPOINT_XFER_INT,
|
|
.wMaxPacketSize = U2FHID_PACKET_SIZE,
|
|
.bInterval = 0x05,
|
|
}, {
|
|
.bEndpointAddress = USB_DIR_OUT | 0x01,
|
|
.bmAttributes = USB_ENDPOINT_XFER_INT,
|
|
.wMaxPacketSize = U2FHID_PACKET_SIZE,
|
|
.bInterval = 0x05,
|
|
},
|
|
},
|
|
|
|
};
|
|
|
|
static const USBDescDevice desc_device_u2f_key = {
|
|
.bcdUSB = 0x0100,
|
|
.bMaxPacketSize0 = U2FHID_PACKET_SIZE,
|
|
.bNumConfigurations = 1,
|
|
.confs = (USBDescConfig[]) {
|
|
{
|
|
.bNumInterfaces = 1,
|
|
.bConfigurationValue = 1,
|
|
.iConfiguration = STR_CONFIG,
|
|
.bmAttributes = USB_CFG_ATT_ONE,
|
|
.bMaxPower = 15,
|
|
.nif = 1,
|
|
.ifs = &desc_iface_u2f_key,
|
|
},
|
|
},
|
|
};
|
|
|
|
static const USBDesc desc_u2f_key = {
|
|
.id = {
|
|
.idVendor = U2F_KEY_VENDOR_NUM,
|
|
.idProduct = U2F_KEY_PRODUCT_NUM,
|
|
.bcdDevice = 0,
|
|
.iManufacturer = STR_MANUFACTURER,
|
|
.iProduct = STR_PRODUCT,
|
|
.iSerialNumber = STR_SERIALNUMBER,
|
|
},
|
|
.full = &desc_device_u2f_key,
|
|
.str = desc_strings,
|
|
};
|
|
|
|
static const uint8_t u2f_key_hid_report_desc[] = {
|
|
0x06, 0xd0, 0xf1, /* Usage Page (FIDO) */
|
|
0x09, 0x01, /* Usage (FIDO) */
|
|
0xa1, 0x01, /* Collection (HID Application) */
|
|
0x09, 0x20, /* Usage (FIDO data in) */
|
|
0x15, 0x00, /* Logical Minimum (0) */
|
|
0x26, 0xFF, 0x00, /* Logical Maximum (0xff) */
|
|
0x75, 0x08, /* Report Size (8) */
|
|
0x95, 0x40, /* Report Count (0x40) */
|
|
0x81, 0x02, /* Input (Data, Variable, Absolute) */
|
|
0x09, 0x21, /* Usage (FIDO data out) */
|
|
0x15, 0x00, /* Logical Minimum (0) */
|
|
0x26, 0xFF, 0x00, /* Logical Maximum (0xFF) */
|
|
0x75, 0x08, /* Report Size (8) */
|
|
0x95, 0x40, /* Report Count (0x40) */
|
|
0x91, 0x02, /* Output (Data, Variable, Absolute) */
|
|
0xC0 /* End Collection */
|
|
};
|
|
|
|
static void u2f_key_reset(U2FKeyState *key)
|
|
{
|
|
key->pending_in_start = 0;
|
|
key->pending_in_end = 0;
|
|
key->pending_in_num = 0;
|
|
}
|
|
|
|
static void u2f_key_handle_reset(USBDevice *dev)
|
|
{
|
|
U2FKeyState *key = U2F_KEY(dev);
|
|
|
|
u2f_key_reset(key);
|
|
}
|
|
|
|
static void u2f_key_handle_control(USBDevice *dev, USBPacket *p,
|
|
int request, int value, int index, int length, uint8_t *data)
|
|
{
|
|
U2FKeyState *key = U2F_KEY(dev);
|
|
int ret;
|
|
|
|
ret = usb_desc_handle_control(dev, p, request, value, index, length, data);
|
|
if (ret >= 0) {
|
|
return;
|
|
}
|
|
|
|
switch (request) {
|
|
case InterfaceRequest | USB_REQ_GET_DESCRIPTOR:
|
|
switch (value >> 8) {
|
|
case 0x22:
|
|
memcpy(data, u2f_key_hid_report_desc,
|
|
sizeof(u2f_key_hid_report_desc));
|
|
p->actual_length = sizeof(u2f_key_hid_report_desc);
|
|
break;
|
|
default:
|
|
goto fail;
|
|
}
|
|
break;
|
|
case HID_GET_IDLE:
|
|
data[0] = key->idle;
|
|
p->actual_length = 1;
|
|
break;
|
|
case HID_SET_IDLE:
|
|
key->idle = (uint8_t)(value >> 8);
|
|
break;
|
|
default:
|
|
fail:
|
|
p->status = USB_RET_STALL;
|
|
break;
|
|
}
|
|
|
|
}
|
|
|
|
static void u2f_key_recv_from_guest(U2FKeyState *key, USBPacket *p)
|
|
{
|
|
U2FKeyClass *kc = U2F_KEY_GET_CLASS(key);
|
|
uint8_t packet[U2FHID_PACKET_SIZE];
|
|
|
|
if (kc->recv_from_guest == NULL || p->iov.size != U2FHID_PACKET_SIZE) {
|
|
return;
|
|
}
|
|
|
|
usb_packet_copy(p, packet, p->iov.size);
|
|
kc->recv_from_guest(key, packet);
|
|
}
|
|
|
|
static void u2f_pending_in_add(U2FKeyState *key,
|
|
const uint8_t packet[U2FHID_PACKET_SIZE])
|
|
{
|
|
uint8_t index;
|
|
|
|
if (key->pending_in_num >= U2FHID_PENDING_IN_NUM) {
|
|
return;
|
|
}
|
|
|
|
index = key->pending_in_end;
|
|
key->pending_in_end = (index + 1) % U2FHID_PENDING_IN_NUM;
|
|
++key->pending_in_num;
|
|
|
|
memcpy(key->pending_in[index], packet, U2FHID_PACKET_SIZE);
|
|
}
|
|
|
|
static uint8_t *u2f_pending_in_get(U2FKeyState *key)
|
|
{
|
|
uint8_t index;
|
|
|
|
if (key->pending_in_num == 0) {
|
|
return NULL;
|
|
}
|
|
|
|
index = key->pending_in_start;
|
|
key->pending_in_start = (index + 1) % U2FHID_PENDING_IN_NUM;
|
|
--key->pending_in_num;
|
|
|
|
return key->pending_in[index];
|
|
}
|
|
|
|
static void u2f_key_handle_data(USBDevice *dev, USBPacket *p)
|
|
{
|
|
U2FKeyState *key = U2F_KEY(dev);
|
|
uint8_t *packet_in;
|
|
|
|
/* Endpoint number check */
|
|
if (p->ep->nr != 1) {
|
|
p->status = USB_RET_STALL;
|
|
return;
|
|
}
|
|
|
|
switch (p->pid) {
|
|
case USB_TOKEN_OUT:
|
|
u2f_key_recv_from_guest(key, p);
|
|
break;
|
|
case USB_TOKEN_IN:
|
|
packet_in = u2f_pending_in_get(key);
|
|
if (packet_in == NULL) {
|
|
p->status = USB_RET_NAK;
|
|
return;
|
|
}
|
|
usb_packet_copy(p, packet_in, U2FHID_PACKET_SIZE);
|
|
break;
|
|
default:
|
|
p->status = USB_RET_STALL;
|
|
break;
|
|
}
|
|
}
|
|
|
|
void u2f_send_to_guest(U2FKeyState *key,
|
|
const uint8_t packet[U2FHID_PACKET_SIZE])
|
|
{
|
|
u2f_pending_in_add(key, packet);
|
|
usb_wakeup(key->ep, 0);
|
|
}
|
|
|
|
static void u2f_key_unrealize(USBDevice *dev)
|
|
{
|
|
U2FKeyState *key = U2F_KEY(dev);
|
|
U2FKeyClass *kc = U2F_KEY_GET_CLASS(key);
|
|
|
|
if (kc->unrealize != NULL) {
|
|
kc->unrealize(key);
|
|
}
|
|
}
|
|
|
|
static void u2f_key_realize(USBDevice *dev, Error **errp)
|
|
{
|
|
U2FKeyState *key = U2F_KEY(dev);
|
|
U2FKeyClass *kc = U2F_KEY_GET_CLASS(key);
|
|
Error *local_err = NULL;
|
|
|
|
usb_desc_create_serial(dev);
|
|
usb_desc_init(dev);
|
|
u2f_key_reset(key);
|
|
|
|
if (kc->realize != NULL) {
|
|
kc->realize(key, &local_err);
|
|
if (local_err != NULL) {
|
|
error_propagate(errp, local_err);
|
|
return;
|
|
}
|
|
}
|
|
key->ep = usb_ep_get(dev, USB_TOKEN_IN, 1);
|
|
}
|
|
|
|
const VMStateDescription vmstate_u2f_key = {
|
|
.name = "u2f-key",
|
|
.version_id = 1,
|
|
.minimum_version_id = 1,
|
|
.fields = (VMStateField[]) {
|
|
VMSTATE_USB_DEVICE(dev, U2FKeyState),
|
|
VMSTATE_UINT8(idle, U2FKeyState),
|
|
VMSTATE_UINT8_2DARRAY(pending_in, U2FKeyState,
|
|
U2FHID_PENDING_IN_NUM, U2FHID_PACKET_SIZE),
|
|
VMSTATE_UINT8(pending_in_start, U2FKeyState),
|
|
VMSTATE_UINT8(pending_in_end, U2FKeyState),
|
|
VMSTATE_UINT8(pending_in_num, U2FKeyState),
|
|
VMSTATE_END_OF_LIST()
|
|
}
|
|
};
|
|
|
|
static void u2f_key_class_init(ObjectClass *klass, void *data)
|
|
{
|
|
DeviceClass *dc = DEVICE_CLASS(klass);
|
|
USBDeviceClass *uc = USB_DEVICE_CLASS(klass);
|
|
|
|
uc->product_desc = "QEMU U2F USB key";
|
|
uc->usb_desc = &desc_u2f_key;
|
|
uc->handle_reset = u2f_key_handle_reset;
|
|
uc->handle_control = u2f_key_handle_control;
|
|
uc->handle_data = u2f_key_handle_data;
|
|
uc->handle_attach = usb_desc_attach;
|
|
uc->realize = u2f_key_realize;
|
|
uc->unrealize = u2f_key_unrealize;
|
|
dc->desc = "QEMU U2F key";
|
|
dc->vmsd = &vmstate_u2f_key;
|
|
}
|
|
|
|
static const TypeInfo u2f_key_info = {
|
|
.name = TYPE_U2F_KEY,
|
|
.parent = TYPE_USB_DEVICE,
|
|
.instance_size = sizeof(U2FKeyState),
|
|
.abstract = true,
|
|
.class_size = sizeof(U2FKeyClass),
|
|
.class_init = u2f_key_class_init,
|
|
};
|
|
|
|
static void u2f_key_register_types(void)
|
|
{
|
|
type_register_static(&u2f_key_info);
|
|
}
|
|
|
|
type_init(u2f_key_register_types)
|