-
Notifications
You must be signed in to change notification settings - Fork 711
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Recursion too deep in piv_card_reader_lock_obtained #3139
Comments
I put a workaround in like this, and my problem went away:
I don't think it's the right fix, but it's a fix. |
This problem maybe in other card drivers, as some also use the reader_lock_obtained feature. https://github.com/OpenSC/OpenSC/blob/master/src/libopensc/card-piv.c#L6139-L6143 added by Although f6b4a2e deals with PIV Secure Messaging from NIST sp800-73-4, the problem may occur without SM. Can you try this untested fix:
|
I build with the stock Debian build (i.e. "apt-get source opensc-pkcs11"), thus: |
could you please post an opensc debug log of one or two cycles of this behavior (level 3 should be enough)? I think the problem should be more generic. It seems that SCardBeginTransaction returns SCARD_W_RESET_CARD, which causes pcsc_lock to call pcsc_reconnect. After the reconnection, a second call to SCardBeginTransaction should not return SCARD_W_RESET_CARD anymore, which in your case doesn't seem to hold. That problem should then apply to all card driver that are implementing the reader_lock_obtained call back. |
Where can I read how to get logging working when using the opensc-pkcs11.so plugin in Firefox? |
If you have the default installation, you only need to uncomment the debugging options from |
Here is an example of the recursion until crash: opensc-debug.txt Thanks for your help! |
I think the problem is that reader-pcsc.c swallows some errors during transmit which causes the upper layer (card.c) to think that there only happened a reattachment from which one can easily recover. please try the following patch: diff --git a/src/libopensc/reader-pcsc.c b/src/libopensc/reader-pcsc.c
index 723bcfd01..ef33e3067 100644
--- a/src/libopensc/reader-pcsc.c
+++ b/src/libopensc/reader-pcsc.c
@@ -276,11 +276,15 @@ static int pcsc_internal_transmit(sc_reader_t *reader,
case SCARD_E_INVALID_HANDLE:
case SCARD_E_INVALID_VALUE:
case SCARD_E_READER_UNAVAILABLE:
- pcsc_connect(reader);
+ LOG_TEST_RET(reader->ctx,
+ pcsc_connect(reader),
+ "Could not connect to card after reattached reader.");
/* return failure so that upper layers will be notified */
return SC_ERROR_READER_REATTACHED;
case SCARD_W_RESET_CARD:
- pcsc_reconnect(reader, SCARD_LEAVE_CARD);
+ LOG_TEST_RET(reader->ctx,
+ pcsc_reconnect(reader, SCARD_LEAVE_CARD),
+ "Could not reconnect to card after reattached reader.");
/* return failure so that upper layers will be notified */
return SC_ERROR_CARD_RESET;
default: |
I'm 99% sure this fixes it for me. The 1% not sure comes from the fact that I have been unable to get a smoking gun A/B test to prove it. The problem just "all of a sudden went away" while working to prove this patch. |
Your log showed that your reader, i.e. yubikey, disappeared (SCARD_E_READER_UNAVAILABLE) while being in |
You mentioned the word "suspend" in the original issue. What OS are you using and is this "sleep" or "hibernate". These present special situations as while in sleep or hibernation a card could be removed and replaced or reinserted, which may be the OS taking that into account and causing pcsc to handle it as a special case. |
This is Debian 12, and it's "sleep", only closing the lid waiting a few seconds, removing the Yubikey and opening the laptop. I figured out why my before/after were not working (filename confusion left the patch installed while I was trying to reproduce the "before" scenario). So for me, the patch from @frankmorgner is good to go, it solves this problem. Thanks for your help. |
Problem Description
While researching #3138, I found a very long backtrace, over a 1000 frames deep. The recursion loop is:
There were 200 instances of piv_card_reader_lock_obtained in my backtrace. I suspect that this recursion consumes all stack space, causing #3138.
The call to piv_card_reader_lock_obtained from sc_lock is legitimate. At frame 1025, the call to sc_transmit_apdu is where the system discovers that the card is no longer present, in line 635:
So it seems that while locking the card, we enter a recursive loop by giving the card a 2nd (and 3rd, and 4th, etc) chance when we get an error talking to it.
There is the nice was_reset argument to pic_card_reader_lock_obtained, which we could use to avoid calling discover again?
Steps to reproduce
Same as #3138: Firefox uses pkcs11 card, sleep, remove card, wake, crash.
The text was updated successfully, but these errors were encountered: