[gnome-settings-daemon/gnome-3-34] smartcard: Change manager to non-blocking
- From: Benjamin Berg <bberg src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-settings-daemon/gnome-3-34] smartcard: Change manager to non-blocking
- Date: Tue, 17 Sep 2019 15:05:54 +0000 (UTC)
commit 50aa833e23074e7f338b40d39a3a0ace46fc51aa
Author: Jack Massey <jacknmassey gmail com>
Date: Tue Sep 17 09:39:56 2019 +1000
smartcard: Change manager to non-blocking
NSS's SECMOND_WaitForAnyTokenEvent uses the pkcs11 C_WaitForSlotEvent,
and by default NSS will use p11-kit, at least on Fedora and Ubuntu.
p11-kit doesn't support the blocking call for C_WaitForSlotEvent so NSS
falls back to a polling simulation of the C_WaitForSlotEvent. This
causes the LED on the smartcard to blink constantly as the card is
polled.
If we instead use the non-blocking version of the call, which p11-kit
supports, NSS doesn't poll the card. The downside of this is that the
application will wake up every second to check for events even if there
hasn't been any, plus the fact that there could be up to a second delay
between the event and it being picked up by gsd-smartcard. However, NSS
is polling anyway so this is consistent with existing behaviour.
The reason a one second delay was chosen was because this is what was
currently used in NSS. nss/lib/dev/devslot.c:17
/* measured in seconds */
#define NSSSLOT_TOKEN_DELAY_TIME 1
(cherry picked from commit 2887ff25876c8e67bc96cc07f78a1b02743f2fa2)
plugins/smartcard/gsd-smartcard-manager.c | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
---
diff --git a/plugins/smartcard/gsd-smartcard-manager.c b/plugins/smartcard/gsd-smartcard-manager.c
index da1e0d6d..a92b7196 100644
--- a/plugins/smartcard/gsd-smartcard-manager.c
+++ b/plugins/smartcard/gsd-smartcard-manager.c
@@ -190,8 +190,13 @@ watch_one_event_from_driver (GsdSmartcardManager *self,
operation,
NULL);
- if (handler_id != 0)
- card = SECMOD_WaitForAnyTokenEvent (operation->driver, 0, PR_SecondsToInterval (1));
+ if (handler_id != 0) {
+ /* Use the non-blocking version of the call as p11-kit, which
+ * is used on both Fedora and Ubuntu, doesn't support the
+ * blocking version of the call.
+ */
+ card = SECMOD_WaitForAnyTokenEvent (operation->driver, CKF_DONT_BLOCK, PR_SecondsToInterval
(1));
+ }
g_cancellable_disconnect (cancellable, handler_id);
@@ -205,6 +210,12 @@ watch_one_event_from_driver (GsdSmartcardManager *self,
error_code = PORT_GetError ();
+ if (error_code == SEC_ERROR_NO_EVENT) {
+ g_usleep (1 * G_USEC_PER_SEC);
+
+ return TRUE;
+ }
+
operation->number_of_consecutive_errors++;
if (operation->number_of_consecutive_errors > 10) {
g_warning ("Got %d consecutive smartcard errors, so giving up.",
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]