Bug#821787: cleanup libusb when open fails

[Stefan Bühler]

Package: libccid
Version: 1.4.22-1
Tags: patch
Severity: important

Hi,

after suspend/resume pcscd burns a core:

---
[pid 23458] poll([{fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 2, 4294967295) 
= 1 ([{fd=5, revents=POLLIN}])
[pid 23458] recvmsg(11, 0x7f0332553d80, 0) = -1 EAGAIN (Resource temporarily 
unavailable)
[pid 23458] poll([{fd=6, events=POLLIN}, {fd=5, events=POLLIN}], 2, 4294967295) 
= 1 ([{fd=5, revents=POLLIN}])
[pid 23458] recvmsg(11, 0x7f0332553d80, 0) = -1 EAGAIN (Resource temporarily 
unavailable)
---

Some rounds of debugging and reading source lead me to a bug in ccid:
after initializing a certain reader failed pcscd unloads ccid, which
unloads libusb without proper cleanup.

This leads to various race conditions if libusb gets loaded again
later, and might crash pcscd in other cases.

---
Apr 19 10:08:13 $hostname systemd[1]: Started PC/SC Smart Card Daemon.
Apr 19 10:08:13 $hostname pcscd[10047]: 00000000 
ifdhandler.c:144:CreateChannelByNameOrChannel() failed
Apr 19 10:08:13 $hostname pcscd[10047]: 00000036 
readerfactory.c:1097:RFInitializeReader() Open Port 0x200000 Failed 
(usb:0a5c/5800:libudev:0:/dev/bus/usb/004/003)
Apr 19 10:08:13 $hostname pcscd[10047]: 00000004 
readerfactory.c:372:RFAddReader() Broadcom Corp 5880 [Broadcom USH] 
(0123456789ABCD) init failed.
---

See attached patch for a fix.

- Stefan

Description: cleanup libusb when open fails
 When OpenUSBByName fails it needs to call close_libusb_if_needed to
 cleanup the libusb context. Otherwise variouses resources (memory, file
 descriptors) leak and the linux_udev_event_thread_main thread keeps
 running when libccid gets dlclosed(). This results in very ugly race
 conditions if the library gets loaded again and
 linux_udev_event_thread_main gets started a second time.
 .
 This might resolve a number of issues involving pcscs crashing or
 burning 100% CPU: debian #749584, debian #718473, ubuntu #1296288
Author: Stefan Bühler <stbueh...@lighttpd.net>
Last-Update: 2016-04-19
--- ccid-1.4.22.orig/src/ccid_usb.c
+++ ccid-1.4.22/src/ccid_usb.c
@@ -724,6 +724,9 @@ end:
 			goto again_libusb;
 		}
 #endif
+
+		if (ctx) close_libusb_if_needed();
+
 		if (claim_failed)
 			return STATUS_COMM_ERROR;
 		DEBUG_INFO1("Device not found?");
@@ -739,6 +742,8 @@ end2:
 	libusb_free_device_list(devs, 1);
 
 end1:
+	if (ctx) close_libusb_if_needed();
+
 	/* free bundle list */
 	bundleRelease(&plist);
 

pgp2xvSFgZ4Nu.pgp
Description: OpenPGP digital signature