|
On 12/23/2014 12:49 PM, Jeremy White
wrote:
It depends on usage. The main thing to be careful of is card sharing between various VMs and hosts. They fall into two categories: card locking - software like pcsc-lite allows applications to lock the card. APDUs are stateful, and if you have two entities* sending APDUs to the card at the same time you can run into various issues (like one entity switching applets out from under another entity, or the failure to complete on global platform secure channel (which requires full protocol of APDUs and responses orchestrated together without any intervening APDUs). card login state - Cards are logged in or not logged in globally. This means that if the host or one VM is logged into a card, all of them are. As long as you are only accessing the card from one VM at a time then you are fine. I think initially we emulated the card the client side of spice rather than in the VM. Upstream preferred it happening in the VM, and that a generic protocol smart card protocol should be used. If you are just using APDU's as your protocol from the VM to the host, but are still emulating at the host, then you don't have any of the issues in 1 above. If you aren't emulating, things will seem to work most of the time and fail randomly (when applications decide to colide)... and attackers in the VM could get access to a logged in smart card without supplying a ping. If you are emulating on the spice side, however, sending raw apdu's are just fine. bob
|
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx http://lists.freedesktop.org/mailman/listinfo/spice-devel