Package: libccid
Version: 1.8.1-1
Severity: normal
After upgrading libccid (and restarting pcscd), pcsc_scan no longer
finds my Yubikey. Bisection in the upstream git repository points to
a1ccc12 (Correctly close the slots of a multi-slots reader, 2026-06-03).
Building libccid with that commit and then running "pcscd --foreground
--debug" produces these log entries:
00000029 ../src/ifdhandler.c:91:CreateChannelByNameOrChannel() Lun: 10000,
device: usb:1050/0406:libudev:1:/dev/bus/usb/001/002
00000005 ../src/utils.c:77:GetNewReaderIndex() Lun: 10000 is already used
00000004 ../src/readerfactory.c:1144:RFInitializeReader() Open Port 0x200001
Failed (usb:1050/0406:libudev:1:/dev/bus/usb/001/002)
00000004 ../src/readerfactory.c:371:RFAddReader() Yubico YubiKey FIDO+CCID init
failed.
00000006 ../src/readerfactory.c:627:RFRemoveReader() UnrefReader() count was: 1
00000003 ../src/readerfactory.c:1157:RFUnInitializeReader() Attempting shutdown
of Yubico YubiKey FIDO+CCID 01 00.
00000007 ../src/hotplug_libudev.c:527:HPAddDevice() Failed adding USB device:
Yubico YubiKey FIDO+CCID
whereas building with the parent of that commit, the "Lun: 10000 is
already used" error does not occur (and then it actually opens the
device).
The "CreateChannelByNameOrChannel(): Lun: 10000" line appears twice,
even in the working case. So I guess we open it twice while probing for
the correct driver, but the change in a1ccc12 means we do not correctly
close the channel, and the second attempt then fails.
I think we never hit the ReleaseReaderIndex() call in CloseUSB(), and
the one in FreeChannel() is now gone. Doing this:
diff --git a/src/ifdhandler.c b/src/ifdhandler.c
index 63b7cd7..03a03c1 100644
--- a/src/ifdhandler.c
+++ b/src/ifdhandler.c
@@ -203,6 +203,7 @@ error:
if (return_value != IFD_SUCCESS)
{
/* release the allocated resources */
+ ReleaseReaderIndex(ccid_reader->reader_index);
FreeChannel(ccid_reader);
}
fixes it for me, but I don't know the code well enough to say if that's
a sane fix. It looks like FreeChannel() calls ClosePort(), which is
#define'd to CloseUSB(), which is where the new release code was added.
But we never hit that code, because ccid_reader->device->dev_handle is
NULL and we return early. So maybe it needs to try harder to release the
index in this case?
-- System Information:
Debian Release: forky/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 7.0.12+deb14-amd64 (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages libccid depends on:
ii libc6 2.42-16
ii libusb-1.0-0 2:1.0.30-1
libccid recommends no packages.
Versions of packages libccid suggests:
pn pcmciautils <none>
-- no debconf information
