Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Stop USB communication when the Chrome OS user session is locked #100

Closed
emaxx-google opened this issue Dec 5, 2019 · 1 comment
Closed

Stop USB communication when the Chrome OS user session is locked #100

emaxx-google opened this issue Dec 5, 2019 · 1 comment
Assignees
@Fabian-Sommer
Labels
enhancement

Comments

@emaxx-google
Copy link
Collaborator

The Smart Card Connector app should monitor the Chrome OS session state and, if it's running in-session and the session becomes locked, it should stop talking to the smart card readers. If we don't do this, then the users that use smart cards for logging into Chrome OS won't be able to unlock their session, since the Lock Screen implementation talks to another instance of the app that runs in the sign-in profile context, but only one app can talk to a single USB device at a time.

The chrome.loginState API can be used for getting all the needed information: https://cs.chromium.org/chromium/src/chrome/common/extensions/api/login_state.idl
Fabian-Sommer added a commit that referenced this issue Dec 11, 2019
@Fabian-Sommer
Enable unlocking user profile from lock screen. Close #100. Close #90.
046f04a 
Fix bug #100: Previously, smartcard users could not unlock the lock screen since
the user space smartcard connector app would still own the smartcard reader.
This makes the app show no available devices when the user is locking the
screen. PCSC automatically releases devices that it used to own but no longer
show as present.

This alone is not sufficient to solve the problem. PCSC scans devices only once
every second. When locking the screen, the login-space app might already try to
access the reader before the user-space app releases it. This race condition is
fixed by issue #90: When connecting to a reader fails, we retry connecting
later. This is done by showing another Bus number for the device.
We need to fake Bus numbers anyway as chrome.usb does not let us retrieve them.
PCSC then views it as a different device from the previous one and attempts
to connect to it once a smartcard reader needs to be accessed.
@Fabian-Sommer Fabian-Sommer mentioned this issue Dec 11, 2019
Merged
@emaxx-google
Copy link
Collaborator Author

For the reference, the chrome.loginState API was enabled for the Smart Card Connector app on the Chrome side in the issue https://crbug.com/1034927. The minimum Chrome version is 81.0.4028.0.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Fabian-Sommer Fabian-Sommer

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Fabian-Sommer @emaxx-google