udev: mark all ccid/security devices with a special tag

This adds a udev tag that is supposed to be attached to all devices that might potentially expose a PKCS#11 slot, i.e. CCID smartcards and similar. We can then use the appearance of devices of this type as trigger to rescan PKCS#11 slots.
2019-11-05 16:42:57 +01:00 · 2019-11-05 16:42:57 +01:00 · f573629c0b
parent 839fddbe50
commit f573629c0b
1 changed files with 6 additions and 0 deletions
--- a/rules.d/60-fido-id.rules
+++ b/rules.d/60-fido-id.rules
@ -4,4 +4,10 @@ ACTION=="remove", GOTO="fido_id_end"

 SUBSYSTEM=="hidraw", IMPORT{program}="fido_id"

+# Tag any form of security token as such
+ENV{ID_SECURITY_TOKEN}=="1", TAG+="security-device"
+
+# Tag any CCID device (i.e. Smartcard Reader) as security token
+SUBSYSTEM=="usb", ATTR{bInterfaceClass}=="0b", TAG+="security-device"
+
 LABEL="fido_id_end"