On Wed, Aug 12, 2020 at 11:41:22AM +0200, César Belley wrote: > This patch series adds the U2F dedicated support to Qemu through a USB > U2F key device that can operate in two modes: pass-through and emulated. > > This work is also part of the GSoC program of this year and follows the > proposal I made for the 'Virtual FIDO2/U2F security key' subject, > suggested and mentored by by Gerd Hoffmann. > > U2F is an open authentication standard. It enables relying parties > exposed to the internet to offer a strong second factor option for end > user authentication. > > The standard brings many advantages to both parties, client and server, > allowing to reduce over-reliance on passwords, it increases > authentication security and simplifies passwords. > > The second factor is materialized by a device implementing the U2F > protocol. In case of a USB U2F security key, it is a USB HID device > that implements the U2F protocol. > > The USB U2F key device given in this patch series allows to add guest > U2F security keys via two possible modes: pass-through and emulated. > > The pass-through mode consists of passing all requests made from the > guest to the physical security key connected to the host machine and > vice versa. In addition, the dedicated pass-through allows to have a > U2F security key shared on several guests which is not possible with > a simple host device assignment pass-through. > > The emulated mode consists of completely emulating the behavior of an > U2F device through software part. Libu2f-emu is used for that.
Reviewed & tested. Nice job. Queued up for merge, pull req goes out in a moment. Note there is a pending patch series converting the qemu build system to meson which very likely conflicts with the Makefile changes. So there is a chance that the series needs a rebase because of that. take care, Gerd
