diff options
Diffstat (limited to 'hw')
-rw-r--r-- | hw/usb/bus.c (renamed from hw/usb-bus.c) | 6 | ||||
-rw-r--r-- | hw/usb/core.c (renamed from hw/usb.c) | 2 | ||||
-rw-r--r-- | hw/usb/desc.c (renamed from hw/usb-desc.c) | 4 | ||||
-rw-r--r-- | hw/usb/desc.h (renamed from hw/usb-desc.h) | 0 | ||||
-rw-r--r-- | hw/usb/dev-audio.c (renamed from hw/usb-audio.c) | 8 | ||||
-rw-r--r-- | hw/usb/dev-bluetooth.c (renamed from hw/usb-bt.c) | 6 | ||||
-rw-r--r-- | hw/usb/dev-hid.c (renamed from hw/usb-hid.c) | 8 | ||||
-rw-r--r-- | hw/usb/dev-hub.c (renamed from hw/usb-hub.c) | 4 | ||||
-rw-r--r-- | hw/usb/dev-network.c (renamed from hw/usb-net.c) | 4 | ||||
-rw-r--r-- | hw/usb/dev-serial.c (renamed from hw/usb-serial.c) | 4 | ||||
-rw-r--r-- | hw/usb/dev-smartcard-reader.c (renamed from hw/usb-ccid.c) | 4 | ||||
-rw-r--r-- | hw/usb/dev-storage.c (renamed from hw/usb-msd.c) | 6 | ||||
-rw-r--r-- | hw/usb/dev-wacom.c (renamed from hw/usb-wacom.c) | 6 | ||||
-rw-r--r-- | hw/usb/hcd-ehci.c (renamed from hw/usb-ehci.c) | 6 | ||||
-rw-r--r-- | hw/usb/hcd-musb.c (renamed from hw/usb-musb.c) | 6 | ||||
-rw-r--r-- | hw/usb/hcd-ohci.c (renamed from hw/usb-ohci.c) | 12 | ||||
-rw-r--r-- | hw/usb/hcd-uhci.c (renamed from hw/usb-uhci.c) | 8 | ||||
-rw-r--r-- | hw/usb/hcd-xhci.c (renamed from hw/usb-xhci.c) | 10 | ||||
-rw-r--r-- | hw/usb/host-bsd.c | 647 | ||||
-rw-r--r-- | hw/usb/host-linux.c | 1913 | ||||
-rw-r--r-- | hw/usb/host-stub.c | 52 | ||||
-rw-r--r-- | hw/usb/libhw.c (renamed from hw/usb-libhw.c) | 2 | ||||
-rw-r--r-- | hw/usb/redirect.c | 1485 |
23 files changed, 4150 insertions, 53 deletions
diff --git a/hw/usb-bus.c b/hw/usb/bus.c index 70b7ebc086..d3f835895d 100644 --- a/hw/usb-bus.c +++ b/hw/usb/bus.c @@ -1,6 +1,6 @@ -#include "hw.h" -#include "usb.h" -#include "qdev.h" +#include "hw/hw.h" +#include "hw/usb.h" +#include "hw/qdev.h" #include "sysemu.h" #include "monitor.h" #include "trace.h" diff --git a/hw/usb.c b/hw/usb/core.c index 1ec2e90ef7..494989a5e7 100644 --- a/hw/usb.c +++ b/hw/usb/core.c @@ -24,7 +24,7 @@ * THE SOFTWARE. */ #include "qemu-common.h" -#include "usb.h" +#include "hw/usb.h" #include "iov.h" #include "trace.h" diff --git a/hw/usb-desc.c b/hw/usb/desc.c index ccf85ade9e..9847a75b83 100644 --- a/hw/usb-desc.c +++ b/hw/usb/desc.c @@ -1,5 +1,5 @@ -#include "usb.h" -#include "usb-desc.h" +#include "hw/usb.h" +#include "hw/usb/desc.h" #include "trace.h" /* ------------------------------------------------------------------ */ diff --git a/hw/usb-desc.h b/hw/usb/desc.h index d6e07ea5d2..d6e07ea5d2 100644 --- a/hw/usb-desc.h +++ b/hw/usb/desc.h diff --git a/hw/usb-audio.c b/hw/usb/dev-audio.c index fed136117b..426b95c82b 100644 --- a/hw/usb-audio.c +++ b/hw/usb/dev-audio.c @@ -30,10 +30,10 @@ */ #include "qemu-common.h" -#include "usb.h" -#include "usb-desc.h" -#include "hw.h" -#include "audiodev.h" +#include "hw/usb.h" +#include "hw/usb/desc.h" +#include "hw/hw.h" +#include "hw/audiodev.h" #include "audio/audio.h" #define USBAUDIO_VENDOR_NUM 0x46f4 /* CRC16() of "QEMU" */ diff --git a/hw/usb-bt.c b/hw/usb/dev-bluetooth.c index 23c39ecc23..195370c24a 100644 --- a/hw/usb-bt.c +++ b/hw/usb/dev-bluetooth.c @@ -19,10 +19,10 @@ */ #include "qemu-common.h" -#include "usb.h" -#include "usb-desc.h" +#include "hw/usb.h" +#include "hw/usb/desc.h" #include "net.h" -#include "bt.h" +#include "hw/bt.h" struct USBBtState { USBDevice dev; diff --git a/hw/usb-hid.c b/hw/usb/dev-hid.c index 37bca78eca..f29544d954 100644 --- a/hw/usb-hid.c +++ b/hw/usb/dev-hid.c @@ -22,12 +22,12 @@ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. */ -#include "hw.h" +#include "hw/hw.h" #include "console.h" -#include "usb.h" -#include "usb-desc.h" +#include "hw/usb.h" +#include "hw/usb/desc.h" #include "qemu-timer.h" -#include "hid.h" +#include "hw/hid.h" /* HID interface requests */ #define GET_REPORT 0xa101 diff --git a/hw/usb-hub.c b/hw/usb/dev-hub.c index a12856e2e9..eb4e711207 100644 --- a/hw/usb-hub.c +++ b/hw/usb/dev-hub.c @@ -22,8 +22,8 @@ * THE SOFTWARE. */ #include "qemu-common.h" -#include "usb.h" -#include "usb-desc.h" +#include "hw/usb.h" +#include "hw/usb/desc.h" //#define DEBUG diff --git a/hw/usb-net.c b/hw/usb/dev-network.c index 22b82017e3..cff55f223e 100644 --- a/hw/usb-net.c +++ b/hw/usb/dev-network.c @@ -24,8 +24,8 @@ */ #include "qemu-common.h" -#include "usb.h" -#include "usb-desc.h" +#include "hw/usb.h" +#include "hw/usb/desc.h" #include "net.h" #include "qemu-queue.h" #include "sysemu.h" diff --git a/hw/usb-serial.c b/hw/usb/dev-serial.c index 0aae379b20..8dcac8bc88 100644 --- a/hw/usb-serial.c +++ b/hw/usb/dev-serial.c @@ -10,8 +10,8 @@ #include "qemu-common.h" #include "qemu-error.h" -#include "usb.h" -#include "usb-desc.h" +#include "hw/usb.h" +#include "hw/usb/desc.h" #include "qemu-char.h" //#define DEBUG_Serial diff --git a/hw/usb-ccid.c b/hw/usb/dev-smartcard-reader.c index ced687f288..8e66675d86 100644 --- a/hw/usb-ccid.c +++ b/hw/usb/dev-smartcard-reader.c @@ -36,8 +36,8 @@ #include "qemu-common.h" #include "qemu-error.h" -#include "usb.h" -#include "usb-desc.h" +#include "hw/usb.h" +#include "hw/usb/desc.h" #include "monitor.h" #include "hw/ccid.h" diff --git a/hw/usb-msd.c b/hw/usb/dev-storage.c index c6f08a0313..6ffaf70661 100644 --- a/hw/usb-msd.c +++ b/hw/usb/dev-storage.c @@ -10,9 +10,9 @@ #include "qemu-common.h" #include "qemu-option.h" #include "qemu-config.h" -#include "usb.h" -#include "usb-desc.h" -#include "scsi.h" +#include "hw/usb.h" +#include "hw/usb/desc.h" +#include "hw/scsi.h" #include "console.h" #include "monitor.h" #include "sysemu.h" diff --git a/hw/usb-wacom.c b/hw/usb/dev-wacom.c index 197e2dced5..c1cfd74403 100644 --- a/hw/usb-wacom.c +++ b/hw/usb/dev-wacom.c @@ -25,10 +25,10 @@ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. */ -#include "hw.h" +#include "hw/hw.h" #include "console.h" -#include "usb.h" -#include "usb-desc.h" +#include "hw/usb.h" +#include "hw/usb/desc.h" /* Interface requests */ #define WACOM_GET_REPORT 0x2101 diff --git a/hw/usb-ehci.c b/hw/usb/hcd-ehci.c index df742f7f02..58811d3ef0 100644 --- a/hw/usb-ehci.c +++ b/hw/usb/hcd-ehci.c @@ -22,10 +22,10 @@ * along with this program; if not, see <http://www.gnu.org/licenses/>. */ -#include "hw.h" +#include "hw/hw.h" #include "qemu-timer.h" -#include "usb.h" -#include "pci.h" +#include "hw/usb.h" +#include "hw/pci.h" #include "monitor.h" #include "trace.h" #include "dma.h" diff --git a/hw/usb-musb.c b/hw/usb/hcd-musb.c index 820907a9a9..fa9385ee49 100644 --- a/hw/usb-musb.c +++ b/hw/usb/hcd-musb.c @@ -22,9 +22,9 @@ */ #include "qemu-common.h" #include "qemu-timer.h" -#include "usb.h" -#include "irq.h" -#include "hw.h" +#include "hw/usb.h" +#include "hw/irq.h" +#include "hw/hw.h" /* Common USB registers */ #define MUSB_HDRC_FADDR 0x00 /* 8-bit */ diff --git a/hw/usb-ohci.c b/hw/usb/hcd-ohci.c index 20aaa74250..dd79cef81f 100644 --- a/hw/usb-ohci.c +++ b/hw/usb/hcd-ohci.c @@ -26,13 +26,13 @@ * o BIOS work to boot from USB storage */ -#include "hw.h" +#include "hw/hw.h" #include "qemu-timer.h" -#include "usb.h" -#include "pci.h" -#include "usb-ohci.h" -#include "sysbus.h" -#include "qdev-addr.h" +#include "hw/usb.h" +#include "hw/pci.h" +#include "hw/usb-ohci.h" +#include "hw/sysbus.h" +#include "hw/qdev-addr.h" //#define DEBUG_OHCI /* Dump packet contents. */ diff --git a/hw/usb-uhci.c b/hw/usb/hcd-uhci.c index 304b84b831..7c2e9b35ff 100644 --- a/hw/usb-uhci.c +++ b/hw/usb/hcd-uhci.c @@ -25,11 +25,11 @@ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. */ -#include "hw.h" -#include "usb.h" -#include "pci.h" +#include "hw/hw.h" +#include "hw/usb.h" +#include "hw/pci.h" #include "qemu-timer.h" -#include "usb-uhci.h" +#include "hw/usb-uhci.h" #include "iov.h" #include "dma.h" diff --git a/hw/usb-xhci.c b/hw/usb/hcd-xhci.c index e8f1b6e3a5..73b0c7f5e5 100644 --- a/hw/usb-xhci.c +++ b/hw/usb/hcd-xhci.c @@ -18,12 +18,12 @@ * You should have received a copy of the GNU Lesser General Public * License along with this library; if not, see <http://www.gnu.org/licenses/>. */ -#include "hw.h" +#include "hw/hw.h" #include "qemu-timer.h" -#include "usb.h" -#include "pci.h" -#include "qdev-addr.h" -#include "msi.h" +#include "hw/usb.h" +#include "hw/pci.h" +#include "hw/qdev-addr.h" +#include "hw/msi.h" //#define DEBUG_XHCI //#define DEBUG_DATA diff --git a/hw/usb/host-bsd.c b/hw/usb/host-bsd.c new file mode 100644 index 0000000000..ec26266620 --- /dev/null +++ b/hw/usb/host-bsd.c @@ -0,0 +1,647 @@ +/* + * BSD host USB redirector + * + * Copyright (c) 2006 Lonnie Mendez + * Portions of code and concepts borrowed from + * usb-linux.c and libusb's bsd.c and are copyright their respective owners. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +#include "qemu-common.h" +#include "monitor.h" +#include "hw/usb.h" + +/* usb.h declares these */ +#undef USB_SPEED_HIGH +#undef USB_SPEED_FULL +#undef USB_SPEED_LOW + +#include <sys/ioctl.h> +#ifndef __DragonFly__ +#include <dev/usb/usb.h> +#else +#include <bus/usb/usb.h> +#endif + +/* This value has maximum potential at 16. + * You should also set hw.usb.debug to gain + * more detailed view. + */ +//#define DEBUG +#define UGEN_DEBUG_LEVEL 0 + + +typedef int USBScanFunc(void *opaque, int bus_num, int addr, int class_id, + int vendor_id, int product_id, + const char *product_name, int speed); +static int usb_host_find_device(int *pbus_num, int *paddr, + const char *devname); + +typedef struct USBHostDevice { + USBDevice dev; + int ep_fd[USB_MAX_ENDPOINTS]; + int devfd; + char devpath[32]; +} USBHostDevice; + + +static int ensure_ep_open(USBHostDevice *dev, int ep, int mode) +{ + char buf[32]; + int fd; + + /* Get the address for this endpoint */ + ep = UE_GET_ADDR(ep); + + if (dev->ep_fd[ep] < 0) { +#if defined(__FreeBSD__) || defined(__DragonFly__) + snprintf(buf, sizeof(buf) - 1, "%s.%d", dev->devpath, ep); +#else + snprintf(buf, sizeof(buf) - 1, "%s.%02d", dev->devpath, ep); +#endif + /* Try to open it O_RDWR first for those devices which have in and out + * endpoints with the same address (eg 0x02 and 0x82) + */ + fd = open(buf, O_RDWR); + if (fd < 0 && errno == ENXIO) + fd = open(buf, mode); + if (fd < 0) { +#ifdef DEBUG + printf("ensure_ep_open: failed to open device endpoint %s: %s\n", + buf, strerror(errno)); +#endif + } + dev->ep_fd[ep] = fd; + } + + return dev->ep_fd[ep]; +} + +static void ensure_eps_closed(USBHostDevice *dev) +{ + int epnum = 1; + + if (!dev) + return; + + while (epnum < USB_MAX_ENDPOINTS) { + if (dev->ep_fd[epnum] >= 0) { + close(dev->ep_fd[epnum]); + dev->ep_fd[epnum] = -1; + } + epnum++; + } +} + +static void usb_host_handle_reset(USBDevice *dev) +{ +#if 0 + USBHostDevice *s = (USBHostDevice *)dev; +#endif +} + +/* XXX: + * -check device states against transfer requests + * and return appropriate response + */ +static int usb_host_handle_control(USBDevice *dev, + USBPacket *p, + int request, + int value, + int index, + int length, + uint8_t *data) +{ + USBHostDevice *s = (USBHostDevice *)dev; + struct usb_ctl_request req; + struct usb_alt_interface aiface; + int ret, timeout = 50; + + if ((request >> 8) == UT_WRITE_DEVICE && + (request & 0xff) == UR_SET_ADDRESS) { + + /* specific SET_ADDRESS support */ + dev->addr = value; + return 0; + } else if ((request >> 8) == UT_WRITE_DEVICE && + (request & 0xff) == UR_SET_CONFIG) { + + ensure_eps_closed(s); /* can't do this without all eps closed */ + + ret = ioctl(s->devfd, USB_SET_CONFIG, &value); + if (ret < 0) { +#ifdef DEBUG + printf("handle_control: failed to set configuration - %s\n", + strerror(errno)); +#endif + return USB_RET_STALL; + } + + return 0; + } else if ((request >> 8) == UT_WRITE_INTERFACE && + (request & 0xff) == UR_SET_INTERFACE) { + + aiface.uai_interface_index = index; + aiface.uai_alt_no = value; + + ensure_eps_closed(s); /* can't do this without all eps closed */ + ret = ioctl(s->devfd, USB_SET_ALTINTERFACE, &aiface); + if (ret < 0) { +#ifdef DEBUG + printf("handle_control: failed to set alternate interface - %s\n", + strerror(errno)); +#endif + return USB_RET_STALL; + } + + return 0; + } else { + req.ucr_request.bmRequestType = request >> 8; + req.ucr_request.bRequest = request & 0xff; + USETW(req.ucr_request.wValue, value); + USETW(req.ucr_request.wIndex, index); + USETW(req.ucr_request.wLength, length); + req.ucr_data = data; + req.ucr_flags = USBD_SHORT_XFER_OK; + + ret = ioctl(s->devfd, USB_SET_TIMEOUT, &timeout); +#if defined(__NetBSD__) || defined(__OpenBSD__) + if (ret < 0 && errno != EINVAL) { +#else + if (ret < 0) { +#endif +#ifdef DEBUG + printf("handle_control: setting timeout failed - %s\n", + strerror(errno)); +#endif + } + + ret = ioctl(s->devfd, USB_DO_REQUEST, &req); + /* ugen returns EIO for usbd_do_request_ no matter what + * happens with the transfer */ + if (ret < 0) { +#ifdef DEBUG + printf("handle_control: error after request - %s\n", + strerror(errno)); +#endif + return USB_RET_NAK; // STALL + } else { + return req.ucr_actlen; + } + } +} + +static int usb_host_handle_data(USBDevice *dev, USBPacket *p) +{ + USBHostDevice *s = (USBHostDevice *)dev; + int ret, fd, mode; + int one = 1, shortpacket = 0, timeout = 50; + sigset_t new_mask, old_mask; + uint8_t devep = p->ep->nr; + + /* protect data transfers from SIGALRM signal */ + sigemptyset(&new_mask); + sigaddset(&new_mask, SIGALRM); + sigprocmask(SIG_BLOCK, &new_mask, &old_mask); + + if (p->pid == USB_TOKEN_IN) { + devep |= 0x80; + mode = O_RDONLY; + shortpacket = 1; + } else { + mode = O_WRONLY; + } + + fd = ensure_ep_open(s, devep, mode); + if (fd < 0) { + sigprocmask(SIG_SETMASK, &old_mask, NULL); + return USB_RET_NODEV; + } + + if (ioctl(fd, USB_SET_TIMEOUT, &timeout) < 0) { +#ifdef DEBUG + printf("handle_data: failed to set timeout - %s\n", + strerror(errno)); +#endif + } + + if (shortpacket) { + if (ioctl(fd, USB_SET_SHORT_XFER, &one) < 0) { +#ifdef DEBUG + printf("handle_data: failed to set short xfer mode - %s\n", + strerror(errno)); +#endif + sigprocmask(SIG_SETMASK, &old_mask, NULL); + } + } + + if (p->pid == USB_TOKEN_IN) + ret = readv(fd, p->iov.iov, p->iov.niov); + else + ret = writev(fd, p->iov.iov, p->iov.niov); + + sigprocmask(SIG_SETMASK, &old_mask, NULL); + + if (ret < 0) { +#ifdef DEBUG + printf("handle_data: error after %s data - %s\n", + pid == USB_TOKEN_IN ? "reading" : "writing", strerror(errno)); +#endif + switch(errno) { + case ETIMEDOUT: + case EINTR: + return USB_RET_NAK; + default: + return USB_RET_STALL; + } + } else { + return ret; + } +} + +static void usb_host_handle_destroy(USBDevice *opaque) +{ + USBHostDevice *s = (USBHostDevice *)opaque; + int i; + + for (i = 0; i < USB_MAX_ENDPOINTS; i++) + if (s->ep_fd[i] >= 0) + close(s->ep_fd[i]); + + if (s->devfd < 0) + return; + + close(s->devfd); + + g_free(s); +} + +static int usb_host_initfn(USBDevice *dev) +{ + return 0; +} + +USBDevice *usb_host_device_open(USBBus *guest_bus, const char *devname) +{ + struct usb_device_info bus_info, dev_info; + USBDevice *d = NULL, *ret = NULL; + USBHostDevice *dev; + char ctlpath[PATH_MAX + 1]; + char buspath[PATH_MAX + 1]; + int bfd, dfd, bus, address, i; + int ugendebug = UGEN_DEBUG_LEVEL; + + if (usb_host_find_device(&bus, &address, devname) < 0) { + goto fail; + } + + snprintf(buspath, PATH_MAX, "/dev/usb%d", bus); + + bfd = open(buspath, O_RDWR); + if (bfd < 0) { +#ifdef DEBUG + printf("usb_host_device_open: failed to open usb bus - %s\n", + strerror(errno)); +#endif + goto fail; + } + + bus_info.udi_addr = address; + if (ioctl(bfd, USB_DEVICEINFO, &bus_info) < 0) { +#ifdef DEBUG + printf("usb_host_device_open: failed to grab bus information - %s\n", + strerror(errno)); +#endif + goto fail_bfd; + } + +#if defined(__FreeBSD__) || defined(__FreeBSD_kernel__) || defined(__DragonFly__) + snprintf(ctlpath, PATH_MAX, "/dev/%s", bus_info.udi_devnames[0]); +#else + snprintf(ctlpath, PATH_MAX, "/dev/%s.00", bus_info.udi_devnames[0]); +#endif + + dfd = open(ctlpath, O_RDWR); + if (dfd < 0) { + dfd = open(ctlpath, O_RDONLY); + if (dfd < 0) { +#ifdef DEBUG + printf("usb_host_device_open: failed to open usb device %s - %s\n", + ctlpath, strerror(errno)); +#endif + } + goto fail_dfd; + } + + if (ioctl(dfd, USB_GET_DEVICEINFO, &dev_info) < 0) { +#ifdef DEBUG + printf("usb_host_device_open: failed to grab device info - %s\n", + strerror(errno)); +#endif + goto fail_dfd; + } + + d = usb_create(guest_bus, "usb-host"); + dev = DO_UPCAST(USBHostDevice, dev, d); + + if (dev_info.udi_speed == 1) { + dev->dev.speed = USB_SPEED_LOW - 1; + dev->dev.speedmask = USB_SPEED_MASK_LOW; + } else { + dev->dev.speed = USB_SPEED_FULL - 1; + dev->dev.speedmask = USB_SPEED_MASK_FULL; + } + + if (strncmp(dev_info.udi_product, "product", 7) != 0) { + pstrcpy(dev->dev.product_desc, sizeof(dev->dev.product_desc), + dev_info.udi_product); + } else { + snprintf(dev->dev.product_desc, sizeof(dev->dev.product_desc), + "host:%s", devname); + } + + pstrcpy(dev->devpath, sizeof(dev->devpath), "/dev/"); + pstrcat(dev->devpath, sizeof(dev->devpath), dev_info.udi_devnames[0]); + + /* Mark the endpoints as not yet open */ + for (i = 0; i < USB_MAX_ENDPOINTS; i++) { + dev->ep_fd[i] = -1; + } + + ioctl(dfd, USB_SETDEBUG, &ugendebug); + + ret = (USBDevice *)dev; + +fail_dfd: + close(dfd); +fail_bfd: + close(bfd); +fail: + return ret; +} + +static void usb_host_class_initfn(ObjectClass *klass, void *data) +{ + USBDeviceClass *uc = USB_DEVICE_CLASS(klass); + + uc->product_desc = "USB Host Device"; + uc->init = usb_host_initfn; + uc->handle_reset = usb_host_handle_reset; + uc->handle_control = usb_host_handle_control; + uc->handle_data = usb_host_handle_data; + uc->handle_destroy = usb_host_handle_destroy; +} + +static TypeInfo usb_host_dev_info = { + .name = "usb-host", + .parent = TYPE_USB_DEVICE, + .instance_size = sizeof(USBHostDevice), + .class_init = usb_host_class_initfn, +}; + +static void usb_host_register_types(void) +{ + type_register_static(&usb_host_dev_info); +} + +type_init(usb_host_register_types) + +static int usb_host_scan(void *opaque, USBScanFunc *func) +{ + struct usb_device_info bus_info; + struct usb_device_info dev_info; + uint16_t vendor_id, product_id, class_id, speed; + int bfd, dfd, bus, address; + char busbuf[20], devbuf[20], product_name[256]; + int ret = 0; + + for (bus = 0; bus < 10; bus++) { + + snprintf(busbuf, sizeof(busbuf) - 1, "/dev/usb%d", bus); + bfd = open(busbuf, O_RDWR); + if (bfd < 0) + continue; + + for (address = 1; address < 127; address++) { + + bus_info.udi_addr = address; + if (ioctl(bfd, USB_DEVICEINFO, &bus_info) < 0) + continue; + + /* only list devices that can be used by generic layer */ + if (strncmp(bus_info.udi_devnames[0], "ugen", 4) != 0) + continue; + +#if defined(__FreeBSD__) || defined(__FreeBSD_kernel__) || defined(__DragonFly__) + snprintf(devbuf, sizeof(devbuf) - 1, "/dev/%s", bus_info.udi_devnames[0]); +#else + snprintf(devbuf, sizeof(devbuf) - 1, "/dev/%s.00", bus_info.udi_devnames[0]); +#endif + + dfd = open(devbuf, O_RDONLY); + if (dfd < 0) { +#ifdef DEBUG + printf("usb_host_scan: couldn't open device %s - %s\n", devbuf, + strerror(errno)); +#endif + continue; + } + + if (ioctl(dfd, USB_GET_DEVICEINFO, &dev_info) < 0) + printf("usb_host_scan: couldn't get device information for %s - %s\n", + devbuf, strerror(errno)); + + /* XXX: might need to fixup endianness of word values before copying over */ + + vendor_id = dev_info.udi_vendorNo; + product_id = dev_info.udi_productNo; + class_id = dev_info.udi_class; + speed = dev_info.udi_speed; + + if (strncmp(dev_info.udi_product, "product", 7) != 0) + pstrcpy(product_name, sizeof(product_name), + dev_info.udi_product); + else + product_name[0] = '\0'; + + ret = func(opaque, bus, address, class_id, vendor_id, + product_id, product_name, speed); + + close(dfd); + + if (ret) + goto the_end; + } + + close(bfd); + } + +the_end: + return ret; +} + +typedef struct FindDeviceState { + int vendor_id; + int product_id; + int bus_num; + int addr; +} FindDeviceState; + +static int usb_host_find_device_scan(void *opaque, int bus_num, int addr, + int class_id, + int vendor_id, int product_id, + const char *product_name, int speed) +{ + FindDeviceState *s = opaque; + if (vendor_id == s->vendor_id && + product_id == s->product_id) { + s->bus_num = bus_num; + s->addr = addr; + return 1; + } else { + return 0; + } +} + + +/* the syntax is : + 'bus.addr' (decimal numbers) or + 'vendor_id:product_id' (hexa numbers) */ +static int usb_host_find_device(int *pbus_num, int *paddr, + const char *devname) +{ + const char *p; + int ret; + FindDeviceState fs; + + p = strchr(devname, '.'); + if (p) { + *pbus_num = strtoul(devname, NULL, 0); + *paddr = strtoul(p + 1, NULL, 0); + return 0; + } + p = strchr(devname, ':'); + if (p) { + fs.vendor_id = strtoul(devname, NULL, 16); + fs.product_id = strtoul(p + 1, NULL, 16); + ret = usb_host_scan(&fs, usb_host_find_device_scan); + if (ret) { + *pbus_num = fs.bus_num; + *paddr = fs.addr; + return 0; + } + } + return -1; +} + +/**********************/ +/* USB host device info */ + +struct usb_class_info { + int class; + const char *class_name; +}; + +static const struct usb_class_info usb_class_info[] = { + { USB_CLASS_AUDIO, "Audio"}, + { USB_CLASS_COMM, "Communication"}, + { USB_CLASS_HID, "HID"}, + { USB_CLASS_HUB, "Hub" }, + { USB_CLASS_PHYSICAL, "Physical" }, + { USB_CLASS_PRINTER, "Printer" }, + { USB_CLASS_MASS_STORAGE, "Storage" }, + { USB_CLASS_CDC_DATA, "Data" }, + { USB_CLASS_APP_SPEC, "Application Specific" }, + { USB_CLASS_VENDOR_SPEC, "Vendor Specific" }, + { USB_CLASS_STILL_IMAGE, "Still Image" }, + { USB_CLASS_CSCID, "Smart Card" }, + { USB_CLASS_CONTENT_SEC, "Content Security" }, + { -1, NULL } +}; + +static const char *usb_class_str(uint8_t class) +{ + const struct usb_class_info *p; + for (p = usb_class_info; p->class != -1; p++) { + if (p->class == class) + break; + } + return p->class_name; +} + +static void usb_info_device(Monitor *mon, int bus_num, int addr, int class_id, + int vendor_id, int product_id, + const char *product_name, + int speed) +{ + const char *class_str, *speed_str; + + switch(speed) { + case USB_SPEED_LOW: + speed_str = "1.5"; + break; + case USB_SPEED_FULL: + speed_str = "12"; + break; + case USB_SPEED_HIGH: + speed_str = "480"; + break; + default: + speed_str = "?"; + break; + } + + monitor_printf(mon, " Device %d.%d, speed %s Mb/s\n", + bus_num, addr, speed_str); + class_str = usb_class_str(class_id); + if (class_str) + monitor_printf(mon, " %s:", class_str); + else + monitor_printf(mon, " Class %02x:", class_id); + monitor_printf(mon, " USB device %04x:%04x", vendor_id, product_id); + if (product_name[0] != '\0') + monitor_printf(mon, ", %s", product_name); + monitor_printf(mon, "\n"); +} + +static int usb_host_info_device(void *opaque, + int bus_num, int addr, + int class_id, + int vendor_id, int product_id, + const char *product_name, + int speed) +{ + Monitor *mon = opaque; + + usb_info_device(mon, bus_num, addr, class_id, vendor_id, product_id, + product_name, speed); + return 0; +} + +void usb_host_info(Monitor *mon) +{ + usb_host_scan(mon, usb_host_info_device); +} + +/* XXX add this */ +int usb_host_device_close(const char *devname) +{ + return 0; +} diff --git a/hw/usb/host-linux.c b/hw/usb/host-linux.c new file mode 100644 index 0000000000..90919c242a --- /dev/null +++ b/hw/usb/host-linux.c @@ -0,0 +1,1913 @@ +/* + * Linux host USB redirector + * + * Copyright (c) 2005 Fabrice Bellard + * + * Copyright (c) 2008 Max Krasnyansky + * Support for host device auto connect & disconnect + * Major rewrite to support fully async operation + * + * Copyright 2008 TJ <linux@tjworld.net> + * Added flexible support for /dev/bus/usb /sys/bus/usb/devices in addition + * to the legacy /proc/bus/usb USB device discovery and handling + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +#include "qemu-common.h" +#include "qemu-timer.h" +#include "monitor.h" +#include "sysemu.h" +#include "trace.h" + +#include <dirent.h> +#include <sys/ioctl.h> + +#include <linux/usbdevice_fs.h> +#include <linux/version.h> +#include "hw/usb.h" + +/* We redefine it to avoid version problems */ +struct usb_ctrltransfer { + uint8_t bRequestType; + uint8_t bRequest; + uint16_t wValue; + uint16_t wIndex; + uint16_t wLength; + uint32_t timeout; + void *data; +}; + +typedef int USBScanFunc(void *opaque, int bus_num, int addr, const char *port, + int class_id, int vendor_id, int product_id, + const char *product_name, int speed); + +//#define DEBUG + +#ifdef DEBUG +#define DPRINTF printf +#else +#define DPRINTF(...) +#endif + +#define PRODUCT_NAME_SZ 32 +#define MAX_PORTLEN 16 + +/* endpoint association data */ +#define ISO_FRAME_DESC_PER_URB 32 + +/* devio.c limits single requests to 16k */ +#define MAX_USBFS_BUFFER_SIZE 16384 + +typedef struct AsyncURB AsyncURB; + +struct endp_data { + uint8_t halted; + uint8_t iso_started; + AsyncURB *iso_urb; + int iso_urb_idx; + int iso_buffer_used; + int inflight; +}; + +struct USBAutoFilter { + uint32_t bus_num; + uint32_t addr; + char *port; + uint32_t vendor_id; + uint32_t product_id; +}; + +typedef struct USBHostDevice { + USBDevice dev; + int fd; + int hub_fd; + int hub_port; + + uint8_t descr[8192]; + int descr_len; + int closing; + uint32_t iso_urb_count; + Notifier exit; + + struct endp_data ep_in[USB_MAX_ENDPOINTS]; + struct endp_data ep_out[USB_MAX_ENDPOINTS]; + QLIST_HEAD(, AsyncURB) aurbs; + + /* Host side address */ + int bus_num; + int addr; + char port[MAX_PORTLEN]; + struct USBAutoFilter match; + int seen, errcount; + + QTAILQ_ENTRY(USBHostDevice) next; +} USBHostDevice; + +static QTAILQ_HEAD(, USBHostDevice) hostdevs = QTAILQ_HEAD_INITIALIZER(hostdevs); + +static int usb_host_close(USBHostDevice *dev); +static int parse_filter(const char *spec, struct USBAutoFilter *f); +static void usb_host_auto_check(void *unused); +static int usb_host_read_file(char *line, size_t line_size, + const char *device_file, const char *device_name); +static int usb_linux_update_endp_table(USBHostDevice *s); + +static int usb_host_usbfs_type(USBHostDevice *s, USBPacket *p) +{ + static const int usbfs[] = { + [USB_ENDPOINT_XFER_CONTROL] = USBDEVFS_URB_TYPE_CONTROL, + [USB_ENDPOINT_XFER_ISOC] = USBDEVFS_URB_TYPE_ISO, + [USB_ENDPOINT_XFER_BULK] = USBDEVFS_URB_TYPE_BULK, + [USB_ENDPOINT_XFER_INT] = USBDEVFS_URB_TYPE_INTERRUPT, + }; + uint8_t type = p->ep->type; + assert(type < ARRAY_SIZE(usbfs)); + return usbfs[type]; +} + +static int usb_host_do_reset(USBHostDevice *dev) +{ + struct timeval s, e; + uint32_t usecs; + int ret; + + gettimeofday(&s, NULL); + ret = ioctl(dev->fd, USBDEVFS_RESET); + gettimeofday(&e, NULL); + usecs = (e.tv_sec - s.tv_sec) * 1000000; + usecs += e.tv_usec - s.tv_usec; + if (usecs > 1000000) { + /* more than a second, something is fishy, broken usb device? */ + fprintf(stderr, "husb: device %d:%d reset took %d.%06d seconds\n", + dev->bus_num, dev->addr, usecs / 1000000, usecs % 1000000); + } + return ret; +} + +static struct endp_data *get_endp(USBHostDevice *s, int pid, int ep) +{ + struct endp_data *eps = pid == USB_TOKEN_IN ? s->ep_in : s->ep_out; + assert(pid == USB_TOKEN_IN || pid == USB_TOKEN_OUT); + assert(ep > 0 && ep <= USB_MAX_ENDPOINTS); + return eps + ep - 1; +} + +static int is_isoc(USBHostDevice *s, int pid, int ep) +{ + return usb_ep_get_type(&s->dev, pid, ep) == USB_ENDPOINT_XFER_ISOC; +} + +static int is_valid(USBHostDevice *s, int pid, int ep) +{ + return usb_ep_get_type(&s->dev, pid, ep) != USB_ENDPOINT_XFER_INVALID; +} + +static int is_halted(USBHostDevice *s, int pid, int ep) +{ + return get_endp(s, pid, ep)->halted; +} + +static void clear_halt(USBHostDevice *s, int pid, int ep) +{ + trace_usb_host_ep_clear_halt(s->bus_num, s->addr, ep); + get_endp(s, pid, ep)->halted = 0; +} + +static void set_halt(USBHostDevice *s, int pid, int ep) +{ + if (ep != 0) { + trace_usb_host_ep_set_halt(s->bus_num, s->addr, ep); + get_endp(s, pid, ep)->halted = 1; + } +} + +static int is_iso_started(USBHostDevice *s, int pid, int ep) +{ + return get_endp(s, pid, ep)->iso_started; +} + +static void clear_iso_started(USBHostDevice *s, int pid, int ep) +{ + trace_usb_host_ep_stop_iso(s->bus_num, s->addr, ep); + get_endp(s, pid, ep)->iso_started = 0; +} + +static void set_iso_started(USBHostDevice *s, int pid, int ep) +{ + struct endp_data *e = get_endp(s, pid, ep); + + trace_usb_host_ep_start_iso(s->bus_num, s->addr, ep); + if (!e->iso_started) { + e->iso_started = 1; + e->inflight = 0; + } +} + +static int change_iso_inflight(USBHostDevice *s, int pid, int ep, int value) +{ + struct endp_data *e = get_endp(s, pid, ep); + + e->inflight += value; + return e->inflight; +} + +static void set_iso_urb(USBHostDevice *s, int pid, int ep, AsyncURB *iso_urb) +{ + get_endp(s, pid, ep)->iso_urb = iso_urb; +} + +static AsyncURB *get_iso_urb(USBHostDevice *s, int pid, int ep) +{ + return get_endp(s, pid, ep)->iso_urb; +} + +static void set_iso_urb_idx(USBHostDevice *s, int pid, int ep, int i) +{ + get_endp(s, pid, ep)->iso_urb_idx = i; +} + +static int get_iso_urb_idx(USBHostDevice *s, int pid, int ep) +{ + return get_endp(s, pid, ep)->iso_urb_idx; +} + +static void set_iso_buffer_used(USBHostDevice *s, int pid, int ep, int i) +{ + get_endp(s, pid, ep)->iso_buffer_used = i; +} + +static int get_iso_buffer_used(USBHostDevice *s, int pid, int ep) +{ + return get_endp(s, pid, ep)->iso_buffer_used; +} + +/* + * Async URB state. + * We always allocate iso packet descriptors even for bulk transfers + * to simplify allocation and casts. + */ +struct AsyncURB +{ + struct usbdevfs_urb urb; + struct usbdevfs_iso_packet_desc isocpd[ISO_FRAME_DESC_PER_URB]; + USBHostDevice *hdev; + QLIST_ENTRY(AsyncURB) next; + + /* For regular async urbs */ + USBPacket *packet; + int more; /* large transfer, more urbs follow */ + + /* For buffered iso handling */ + int iso_frame_idx; /* -1 means in flight */ +}; + +static AsyncURB *async_alloc(USBHostDevice *s) +{ + AsyncURB *aurb = g_malloc0(sizeof(AsyncURB)); + aurb->hdev = s; + QLIST_INSERT_HEAD(&s->aurbs, aurb, next); + return aurb; +} + +static void async_free(AsyncURB *aurb) +{ + QLIST_REMOVE(aurb, next); + g_free(aurb); +} + +static void do_disconnect(USBHostDevice *s) +{ + usb_host_close(s); + usb_host_auto_check(NULL); +} + +static void async_complete(void *opaque) +{ + USBHostDevice *s = opaque; + AsyncURB *aurb; + int urbs = 0; + + while (1) { + USBPacket *p; + + int r = ioctl(s->fd, USBDEVFS_REAPURBNDELAY, &aurb); + if (r < 0) { + if (errno == EAGAIN) { + if (urbs > 2) { + fprintf(stderr, "husb: %d iso urbs finished at once\n", urbs); + } + return; + } + if (errno == ENODEV) { + if (!s->closing) { + trace_usb_host_disconnect(s->bus_num, s->addr); + do_disconnect(s); + } + return; + } + + perror("USBDEVFS_REAPURBNDELAY"); + return; + } + + DPRINTF("husb: async completed. aurb %p status %d alen %d\n", + aurb, aurb->urb.status, aurb->urb.actual_length); + + /* If this is a buffered iso urb mark it as complete and don't do + anything else (it is handled further in usb_host_handle_iso_data) */ + if (aurb->iso_frame_idx == -1) { + int inflight; + int pid = (aurb->urb.endpoint & USB_DIR_IN) ? + USB_TOKEN_IN : USB_TOKEN_OUT; + int ep = aurb->urb.endpoint & 0xf; + if (aurb->urb.status == -EPIPE) { + set_halt(s, pid, ep); + } + aurb->iso_frame_idx = 0; + urbs++; + inflight = change_iso_inflight(s, pid, ep, -1); + if (inflight == 0 && is_iso_started(s, pid, ep)) { + fprintf(stderr, "husb: out of buffers for iso stream\n"); + } + continue; + } + + p = aurb->packet; + trace_usb_host_urb_complete(s->bus_num, s->addr, aurb, aurb->urb.status, + aurb->urb.actual_length, aurb->more); + + if (p) { + switch (aurb->urb.status) { + case 0: + p->result += aurb->urb.actual_length; + break; + + case -EPIPE: + set_halt(s, p->pid, p->ep->nr); + p->result = USB_RET_STALL; + break; + + case -EOVERFLOW: + p->result = USB_RET_BABBLE; + break; + + default: + p->result = USB_RET_IOERROR; + break; + } + + if (aurb->urb.type == USBDEVFS_URB_TYPE_CONTROL) { + trace_usb_host_req_complete(s->bus_num, s->addr, p->result); + usb_generic_async_ctrl_complete(&s->dev, p); + } else if (!aurb->more) { + trace_usb_host_req_complete(s->bus_num, s->addr, p->result); + usb_packet_complete(&s->dev, p); + } + } + + async_free(aurb); + } +} + +static void usb_host_async_cancel(USBDevice *dev, USBPacket *p) +{ + USBHostDevice *s = DO_UPCAST(USBHostDevice, dev, dev); + AsyncURB *aurb; + + QLIST_FOREACH(aurb, &s->aurbs, next) { + if (p != aurb->packet) { + continue; + } + + DPRINTF("husb: async cancel: packet %p, aurb %p\n", p, aurb); + + /* Mark it as dead (see async_complete above) */ + aurb->packet = NULL; + + int r = ioctl(s->fd, USBDEVFS_DISCARDURB, aurb); + if (r < 0) { + DPRINTF("husb: async. discard urb failed errno %d\n", errno); + } + } +} + +static int usb_host_open_device(int bus, int addr) +{ + const char *usbfs = NULL; + char filename[32]; + struct stat st; + int fd, rc; + + rc = stat("/dev/bus/usb", &st); + if (rc == 0 && S_ISDIR(st.st_mode)) { + /* udev-created device nodes available */ + usbfs = "/dev/bus/usb"; + } else { + /* fallback: usbfs mounted below /proc */ + usbfs = "/proc/bus/usb"; + } + + snprintf(filename, sizeof(filename), "%s/%03d/%03d", + usbfs, bus, addr); + fd = open(filename, O_RDWR | O_NONBLOCK); + if (fd < 0) { + fprintf(stderr, "husb: open %s: %s\n", filename, strerror(errno)); + } + return fd; +} + +static int usb_host_claim_port(USBHostDevice *s) +{ +#ifdef USBDEVFS_CLAIM_PORT + char *h, hub_name[64], line[1024]; + int hub_addr, ret; + + snprintf(hub_name, sizeof(hub_name), "%d-%s", + s->match.bus_num, s->match.port); + + /* try strip off last ".$portnr" to get hub */ + h = strrchr(hub_name, '.'); + if (h != NULL) { + s->hub_port = atoi(h+1); + *h = '\0'; + } else { + /* no dot in there -> it is the root hub */ + snprintf(hub_name, sizeof(hub_name), "usb%d", + s->match.bus_num); + s->hub_port = atoi(s->match.port); + } + + if (!usb_host_read_file(line, sizeof(line), "devnum", + hub_name)) { + return -1; + } + if (sscanf(line, "%d", &hub_addr) != 1) { + return -1; + } + + s->hub_fd = usb_host_open_device(s->match.bus_num, hub_addr); + if (s->hub_fd < 0) { + return -1; + } + + ret = ioctl(s->hub_fd, USBDEVFS_CLAIM_PORT, &s->hub_port); + if (ret < 0) { + close(s->hub_fd); + s->hub_fd = -1; + return -1; + } + + trace_usb_host_claim_port(s->match.bus_num, hub_addr, s->hub_port); + return 0; +#else + return -1; +#endif +} + +static void usb_host_release_port(USBHostDevice *s) +{ + if (s->hub_fd == -1) { + return; + } +#ifdef USBDEVFS_RELEASE_PORT + ioctl(s->hub_fd, USBDEVFS_RELEASE_PORT, &s->hub_port); +#endif + close(s->hub_fd); + s->hub_fd = -1; +} + +static int usb_host_disconnect_ifaces(USBHostDevice *dev, int nb_interfaces) +{ + /* earlier Linux 2.4 do not support that */ +#ifdef USBDEVFS_DISCONNECT + struct usbdevfs_ioctl ctrl; + int ret, interface; + + for (interface = 0; interface < nb_interfaces; interface++) { + ctrl.ioctl_code = USBDEVFS_DISCONNECT; + ctrl.ifno = interface; + ctrl.data = 0; + ret = ioctl(dev->fd, USBDEVFS_IOCTL, &ctrl); + if (ret < 0 && errno != ENODATA) { + perror("USBDEVFS_DISCONNECT"); + return -1; + } + } +#endif + return 0; +} + +static int usb_linux_get_num_interfaces(USBHostDevice *s) +{ + char device_name[64], line[1024]; + int num_interfaces = 0; + + sprintf(device_name, "%d-%s", s->bus_num, s->port); + if (!usb_host_read_file(line, sizeof(line), "bNumInterfaces", + device_name)) { + return -1; + } + if (sscanf(line, "%d", &num_interfaces) != 1) { + return -1; + } + return num_interfaces; +} + +static int usb_host_claim_interfaces(USBHostDevice *dev, int configuration) +{ + const char *op = NULL; + int dev_descr_len, config_descr_len; + int interface, nb_interfaces; + int ret, i; + + for (i = 0; i < USB_MAX_INTERFACES; i++) { + dev->dev.altsetting[i] = 0; + } + + if (configuration == 0) { /* address state - ignore */ + dev->dev.ninterfaces = 0; + dev->dev.configuration = 0; + return 1; + } + + DPRINTF("husb: claiming interfaces. config %d\n", configuration); + + i = 0; + dev_descr_len = dev->descr[0]; + if (dev_descr_len > dev->descr_len) { + fprintf(stderr, "husb: update iface failed. descr too short\n"); + return 0; + } + + i += dev_descr_len; + while (i < dev->descr_len) { + DPRINTF("husb: i is %d, descr_len is %d, dl %d, dt %d\n", + i, dev->descr_len, + dev->descr[i], dev->descr[i+1]); + + if (dev->descr[i+1] != USB_DT_CONFIG) { + i += dev->descr[i]; + continue; + } + config_descr_len = dev->descr[i]; + + DPRINTF("husb: config #%d need %d\n", dev->descr[i + 5], configuration); + + if (configuration == dev->descr[i + 5]) { + configuration = dev->descr[i + 5]; + break; + } + + i += config_descr_len; + } + + if (i >= dev->descr_len) { + fprintf(stderr, + "husb: update iface failed. no matching configuration\n"); + return 0; + } + nb_interfaces = dev->descr[i + 4]; + + if (usb_host_disconnect_ifaces(dev, nb_interfaces) < 0) { + goto fail; + } + + /* XXX: only grab if all interfaces are free */ + for (interface = 0; interface < nb_interfaces; interface++) { + op = "USBDEVFS_CLAIMINTERFACE"; + ret = ioctl(dev->fd, USBDEVFS_CLAIMINTERFACE, &interface); + if (ret < 0) { + goto fail; + } + } + + trace_usb_host_claim_interfaces(dev->bus_num, dev->addr, + nb_interfaces, configuration); + + dev->dev.ninterfaces = nb_interfaces; + dev->dev.configuration = configuration; + return 1; + +fail: + if (errno == ENODEV) { + do_disconnect(dev); + } + perror(op); + return 0; +} + +static int usb_host_release_interfaces(USBHostDevice *s) +{ + int ret, i; + + trace_usb_host_release_interfaces(s->bus_num, s->addr); + + for (i = 0; i < s->dev.ninterfaces; i++) { + ret = ioctl(s->fd, USBDEVFS_RELEASEINTERFACE, &i); + if (ret < 0) { + perror("USBDEVFS_RELEASEINTERFACE"); + return 0; + } + } + return 1; +} + +static void usb_host_handle_reset(USBDevice *dev) +{ + USBHostDevice *s = DO_UPCAST(USBHostDevice, dev, dev); + + trace_usb_host_reset(s->bus_num, s->addr); + + usb_host_do_reset(s);; + + usb_host_claim_interfaces(s, 0); + usb_linux_update_endp_table(s); +} + +static void usb_host_handle_destroy(USBDevice *dev) +{ + USBHostDevice *s = (USBHostDevice *)dev; + + usb_host_release_port(s); + usb_host_close(s); + QTAILQ_REMOVE(&hostdevs, s, next); + qemu_remove_exit_notifier(&s->exit); +} + +/* iso data is special, we need to keep enough urbs in flight to make sure + that the controller never runs out of them, otherwise the device will + likely suffer a buffer underrun / overrun. */ +static AsyncURB *usb_host_alloc_iso(USBHostDevice *s, int pid, uint8_t ep) +{ + AsyncURB *aurb; + int i, j, len = usb_ep_get_max_packet_size(&s->dev, pid, ep); + + aurb = g_malloc0(s->iso_urb_count * sizeof(*aurb)); + for (i = 0; i < s->iso_urb_count; i++) { + aurb[i].urb.endpoint = ep; + aurb[i].urb.buffer_length = ISO_FRAME_DESC_PER_URB * len; + aurb[i].urb.buffer = g_malloc(aurb[i].urb.buffer_length); + aurb[i].urb.type = USBDEVFS_URB_TYPE_ISO; + aurb[i].urb.flags = USBDEVFS_URB_ISO_ASAP; + aurb[i].urb.number_of_packets = ISO_FRAME_DESC_PER_URB; + for (j = 0 ; j < ISO_FRAME_DESC_PER_URB; j++) + aurb[i].urb.iso_frame_desc[j].length = len; + if (pid == USB_TOKEN_IN) { + aurb[i].urb.endpoint |= 0x80; + /* Mark as fully consumed (idle) */ + aurb[i].iso_frame_idx = ISO_FRAME_DESC_PER_URB; + } + } + set_iso_urb(s, pid, ep, aurb); + + return aurb; +} + +static void usb_host_stop_n_free_iso(USBHostDevice *s, int pid, uint8_t ep) +{ + AsyncURB *aurb; + int i, ret, killed = 0, free = 1; + + aurb = get_iso_urb(s, pid, ep); + if (!aurb) { + return; + } + + for (i = 0; i < s->iso_urb_count; i++) { + /* in flight? */ + if (aurb[i].iso_frame_idx == -1) { + ret = ioctl(s->fd, USBDEVFS_DISCARDURB, &aurb[i]); + if (ret < 0) { + perror("USBDEVFS_DISCARDURB"); + free = 0; + continue; + } + killed++; + } + } + + /* Make sure any urbs we've killed are reaped before we free them */ + if (killed) { + async_complete(s); + } + + for (i = 0; i < s->iso_urb_count; i++) { + g_free(aurb[i].urb.buffer); + } + + if (free) + g_free(aurb); + else + printf("husb: leaking iso urbs because of discard failure\n"); + set_iso_urb(s, pid, ep, NULL); + set_iso_urb_idx(s, pid, ep, 0); + clear_iso_started(s, pid, ep); +} + +static int urb_status_to_usb_ret(int status) +{ + switch (status) { + case -EPIPE: + return USB_RET_STALL; + case -EOVERFLOW: + return USB_RET_BABBLE; + default: + return USB_RET_IOERROR; + } +} + +static int usb_host_handle_iso_data(USBHostDevice *s, USBPacket *p, int in) +{ + AsyncURB *aurb; + int i, j, ret, max_packet_size, offset, len = 0; + uint8_t *buf; + + max_packet_size = p->ep->max_packet_size; + if (max_packet_size == 0) + return USB_RET_NAK; + + aurb = get_iso_urb(s, p->pid, p->ep->nr); + if (!aurb) { + aurb = usb_host_alloc_iso(s, p->pid, p->ep->nr); + } + + i = get_iso_urb_idx(s, p->pid, p->ep->nr); + j = aurb[i].iso_frame_idx; + if (j >= 0 && j < ISO_FRAME_DESC_PER_URB) { + if (in) { + /* Check urb status */ + if (aurb[i].urb.status) { + len = urb_status_to_usb_ret(aurb[i].urb.status); + /* Move to the next urb */ + aurb[i].iso_frame_idx = ISO_FRAME_DESC_PER_URB - 1; + /* Check frame status */ + } else if (aurb[i].urb.iso_frame_desc[j].status) { + len = urb_status_to_usb_ret( + aurb[i].urb.iso_frame_desc[j].status); + /* Check the frame fits */ + } else if (aurb[i].urb.iso_frame_desc[j].actual_length + > p->iov.size) { + printf("husb: received iso data is larger then packet\n"); + len = USB_RET_BABBLE; + /* All good copy data over */ + } else { + len = aurb[i].urb.iso_frame_desc[j].actual_length; + buf = aurb[i].urb.buffer + + j * aurb[i].urb.iso_frame_desc[0].length; + usb_packet_copy(p, buf, len); + } + } else { + len = p->iov.size; + offset = (j == 0) ? 0 : get_iso_buffer_used(s, p->pid, p->ep->nr); + + /* Check the frame fits */ + if (len > max_packet_size) { + printf("husb: send iso data is larger then max packet size\n"); + return USB_RET_NAK; + } + + /* All good copy data over */ + usb_packet_copy(p, aurb[i].urb.buffer + offset, len); + aurb[i].urb.iso_frame_desc[j].length = len; + offset += len; + set_iso_buffer_used(s, p->pid, p->ep->nr, offset); + + /* Start the stream once we have buffered enough data */ + if (!is_iso_started(s, p->pid, p->ep->nr) && i == 1 && j == 8) { + set_iso_started(s, p->pid, p->ep->nr); + } + } + aurb[i].iso_frame_idx++; + if (aurb[i].iso_frame_idx == ISO_FRAME_DESC_PER_URB) { + i = (i + 1) % s->iso_urb_count; + set_iso_urb_idx(s, p->pid, p->ep->nr, i); + } + } else { + if (in) { + set_iso_started(s, p->pid, p->ep->nr); + } else { + DPRINTF("hubs: iso out error no free buffer, dropping packet\n"); + } + } + + if (is_iso_started(s, p->pid, p->ep->nr)) { + /* (Re)-submit all fully consumed / filled urbs */ + for (i = 0; i < s->iso_urb_count; i++) { + if (aurb[i].iso_frame_idx == ISO_FRAME_DESC_PER_URB) { + ret = ioctl(s->fd, USBDEVFS_SUBMITURB, &aurb[i]); + if (ret < 0) { + perror("USBDEVFS_SUBMITURB"); + if (!in || len == 0) { + switch(errno) { + case ETIMEDOUT: + len = USB_RET_NAK; + break; + case EPIPE: + default: + len = USB_RET_STALL; + } + } + break; + } + aurb[i].iso_frame_idx = -1; + change_iso_inflight(s, p->pid, p->ep->nr, 1); + } + } + } + + return len; +} + +static int usb_host_handle_data(USBDevice *dev, USBPacket *p) +{ + USBHostDevice *s = DO_UPCAST(USBHostDevice, dev, dev); + struct usbdevfs_urb *urb; + AsyncURB *aurb; + int ret, rem, prem, v; + uint8_t *pbuf; + uint8_t ep; + + trace_usb_host_req_data(s->bus_num, s->addr, + p->pid == USB_TOKEN_IN, + p->ep->nr, p->iov.size); + + if (!is_valid(s, p->pid, p->ep->nr)) { + trace_usb_host_req_complete(s->bus_num, s->addr, USB_RET_NAK); + return USB_RET_NAK; + } + + if (p->pid == USB_TOKEN_IN) { + ep = p->ep->nr | 0x80; + } else { + ep = p->ep->nr; + } + + if (is_halted(s, p->pid, p->ep->nr)) { + unsigned int arg = ep; + ret = ioctl(s->fd, USBDEVFS_CLEAR_HALT, &arg); + if (ret < 0) { + perror("USBDEVFS_CLEAR_HALT"); + trace_usb_host_req_complete(s->bus_num, s->addr, USB_RET_NAK); + return USB_RET_NAK; + } + clear_halt(s, p->pid, p->ep->nr); + } + + if (is_isoc(s, p->pid, p->ep->nr)) { + return usb_host_handle_iso_data(s, p, p->pid == USB_TOKEN_IN); + } + + v = 0; + prem = p->iov.iov[v].iov_len; + pbuf = p->iov.iov[v].iov_base; + rem = p->iov.size; + while (rem) { + if (prem == 0) { + v++; + assert(v < p->iov.niov); + prem = p->iov.iov[v].iov_len; + pbuf = p->iov.iov[v].iov_base; + assert(prem <= rem); + } + aurb = async_alloc(s); + aurb->packet = p; + + urb = &aurb->urb; + urb->endpoint = ep; + urb->type = usb_host_usbfs_type(s, p); + urb->usercontext = s; + urb->buffer = pbuf; + urb->buffer_length = prem; + + if (urb->buffer_length > MAX_USBFS_BUFFER_SIZE) { + urb->buffer_length = MAX_USBFS_BUFFER_SIZE; + } + pbuf += urb->buffer_length; + prem -= urb->buffer_length; + rem -= urb->buffer_length; + if (rem) { + aurb->more = 1; + } + + trace_usb_host_urb_submit(s->bus_num, s->addr, aurb, + urb->buffer_length, aurb->more); + ret = ioctl(s->fd, USBDEVFS_SUBMITURB, urb); + + DPRINTF("husb: data submit: ep 0x%x, len %u, more %d, packet %p, aurb %p\n", + urb->endpoint, urb->buffer_length, aurb->more, p, aurb); + + if (ret < 0) { + perror("USBDEVFS_SUBMITURB"); + async_free(aurb); + + switch(errno) { + case ETIMEDOUT: + trace_usb_host_req_complete(s->bus_num, s->addr, USB_RET_NAK); + return USB_RET_NAK; + case EPIPE: + default: + trace_usb_host_req_complete(s->bus_num, s->addr, USB_RET_STALL); + return USB_RET_STALL; + } + } + } + + return USB_RET_ASYNC; +} + +static int ctrl_error(void) +{ + if (errno == ETIMEDOUT) { + return USB_RET_NAK; + } else { + return USB_RET_STALL; + } +} + +static int usb_host_set_address(USBHostDevice *s, int addr) +{ + trace_usb_host_set_address(s->bus_num, s->addr, addr); + s->dev.addr = addr; + return 0; +} + +static int usb_host_set_config(USBHostDevice *s, int config) +{ + int ret, first = 1; + + trace_usb_host_set_config(s->bus_num, s->addr, config); + + usb_host_release_interfaces(s); + +again: + ret = ioctl(s->fd, USBDEVFS_SETCONFIGURATION, &config); + + DPRINTF("husb: ctrl set config %d ret %d errno %d\n", config, ret, errno); + + if (ret < 0 && errno == EBUSY && first) { + /* happens if usb device is in use by host drivers */ + int count = usb_linux_get_num_interfaces(s); + if (count > 0) { + DPRINTF("husb: busy -> disconnecting %d interfaces\n", count); + usb_host_disconnect_ifaces(s, count); + first = 0; + goto again; + } + } + + if (ret < 0) { + return ctrl_error(); + } + usb_host_claim_interfaces(s, config); + usb_linux_update_endp_table(s); + return 0; +} + +static int usb_host_set_interface(USBHostDevice *s, int iface, int alt) +{ + struct usbdevfs_setinterface si; + int i, ret; + + trace_usb_host_set_interface(s->bus_num, s->addr, iface, alt); + + for (i = 1; i <= USB_MAX_ENDPOINTS; i++) { + if (is_isoc(s, USB_TOKEN_IN, i)) { + usb_host_stop_n_free_iso(s, USB_TOKEN_IN, i); + } + if (is_isoc(s, USB_TOKEN_OUT, i)) { + usb_host_stop_n_free_iso(s, USB_TOKEN_OUT, i); + } + } + + if (iface >= USB_MAX_INTERFACES) { + return USB_RET_STALL; + } + + si.interface = iface; + si.altsetting = alt; + ret = ioctl(s->fd, USBDEVFS_SETINTERFACE, &si); + + DPRINTF("husb: ctrl set iface %d altset %d ret %d errno %d\n", + iface, alt, ret, errno); + + if (ret < 0) { + return ctrl_error(); + } + + s->dev.altsetting[iface] = alt; + usb_linux_update_endp_table(s); + return 0; +} + +static int usb_host_handle_control(USBDevice *dev, USBPacket *p, + int request, int value, int index, int length, uint8_t *data) +{ + USBHostDevice *s = DO_UPCAST(USBHostDevice, dev, dev); + struct usbdevfs_urb *urb; + AsyncURB *aurb; + int ret; + + /* + * Process certain standard device requests. + * These are infrequent and are processed synchronously. + */ + + /* Note request is (bRequestType << 8) | bRequest */ + trace_usb_host_req_control(s->bus_num, s->addr, request, value, index); + + switch (request) { + case DeviceOutRequest | USB_REQ_SET_ADDRESS: + return usb_host_set_address(s, value); + + case DeviceOutRequest | USB_REQ_SET_CONFIGURATION: + return usb_host_set_config(s, value & 0xff); + + case InterfaceOutRequest | USB_REQ_SET_INTERFACE: + return usb_host_set_interface(s, index, value); + } + + /* The rest are asynchronous */ + + if (length > sizeof(dev->data_buf)) { + fprintf(stderr, "husb: ctrl buffer too small (%d > %zu)\n", + length, sizeof(dev->data_buf)); + return USB_RET_STALL; + } + + aurb = async_alloc(s); + aurb->packet = p; + + /* + * Setup ctrl transfer. + * + * s->ctrl is laid out such that data buffer immediately follows + * 'req' struct which is exactly what usbdevfs expects. + */ + urb = &aurb->urb; + + urb->type = USBDEVFS_URB_TYPE_CONTROL; + urb->endpoint = p->ep->nr; + + urb->buffer = &dev->setup_buf; + urb->buffer_length = length + 8; + + urb->usercontext = s; + + trace_usb_host_urb_submit(s->bus_num, s->addr, aurb, + urb->buffer_length, aurb->more); + ret = ioctl(s->fd, USBDEVFS_SUBMITURB, urb); + + DPRINTF("husb: submit ctrl. len %u aurb %p\n", urb->buffer_length, aurb); + + if (ret < 0) { + DPRINTF("husb: submit failed. errno %d\n", errno); + async_free(aurb); + + switch(errno) { + case ETIMEDOUT: + return USB_RET_NAK; + case EPIPE: + default: + return USB_RET_STALL; + } + } + + return USB_RET_ASYNC; +} + +static uint8_t usb_linux_get_alt_setting(USBHostDevice *s, + uint8_t configuration, uint8_t interface) +{ + char device_name[64], line[1024]; + int alt_setting; + + sprintf(device_name, "%d-%s:%d.%d", s->bus_num, s->port, + (int)configuration, (int)interface); + + if (!usb_host_read_file(line, sizeof(line), "bAlternateSetting", + device_name)) { + /* Assume alt 0 on error */ + return 0; + } + if (sscanf(line, "%d", &alt_setting) != 1) { + /* Assume alt 0 on error */ + return 0; + } + return alt_setting; +} + +/* returns 1 on problem encountered or 0 for success */ +static int usb_linux_update_endp_table(USBHostDevice *s) +{ + uint8_t *descriptors; + uint8_t devep, type, alt_interface; + uint16_t raw; + int interface, length, i, ep, pid; + struct endp_data *epd; + + usb_ep_init(&s->dev); + + if (s->dev.configuration == 0) { + /* not configured yet -- leave all endpoints disabled */ + return 0; + } + + /* get the desired configuration, interface, and endpoint descriptors + * from device description */ + descriptors = &s->descr[18]; + length = s->descr_len - 18; + i = 0; + + while (i < length) { + if (descriptors[i + 1] != USB_DT_CONFIG) { + fprintf(stderr, "invalid descriptor data\n"); + return 1; + } else if (descriptors[i + 5] != s->dev.configuration) { + DPRINTF("not requested configuration %d\n", s->dev.configuration); + i += (descriptors[i + 3] << 8) + descriptors[i + 2]; + continue; + } + i += descriptors[i]; + + if (descriptors[i + 1] != USB_DT_INTERFACE || + (descriptors[i + 1] == USB_DT_INTERFACE && + descriptors[i + 4] == 0)) { + i += descriptors[i]; + continue; + } + + interface = descriptors[i + 2]; + alt_interface = usb_linux_get_alt_setting(s, s->dev.configuration, + interface); + + /* the current interface descriptor is the active interface + * and has endpoints */ + if (descriptors[i + 3] != alt_interface) { + i += descriptors[i]; + continue; + } + + /* advance to the endpoints */ + while (i < length && descriptors[i +1] != USB_DT_ENDPOINT) { + i += descriptors[i]; + } + + if (i >= length) + break; + + while (i < length) { + if (descriptors[i + 1] != USB_DT_ENDPOINT) { + break; + } + + devep = descriptors[i + 2]; + pid = (devep & USB_DIR_IN) ? USB_TOKEN_IN : USB_TOKEN_OUT; + ep = devep & 0xf; + if (ep == 0) { + fprintf(stderr, "usb-linux: invalid ep descriptor, ep == 0\n"); + return 1; + } + + type = descriptors[i + 3] & 0x3; + raw = descriptors[i + 4] + (descriptors[i + 5] << 8); + usb_ep_set_max_packet_size(&s->dev, pid, ep, raw); + assert(usb_ep_get_type(&s->dev, pid, ep) == + USB_ENDPOINT_XFER_INVALID); + usb_ep_set_type(&s->dev, pid, ep, type); + usb_ep_set_ifnum(&s->dev, pid, ep, interface); + if (type == USB_ENDPOINT_XFER_BULK) { + usb_ep_set_pipeline(&s->dev, pid, ep, true); + } + + epd = get_endp(s, pid, ep); + epd->halted = 0; + + i += descriptors[i]; + } + } +#ifdef DEBUG + usb_ep_dump(&s->dev); +#endif + return 0; +} + +/* + * Check if we can safely redirect a usb2 device to a usb1 virtual controller, + * this function assumes this is safe, if: + * 1) There are no isoc endpoints + * 2) There are no interrupt endpoints with a max_packet_size > 64 + * Note bulk endpoints with a max_packet_size > 64 in theory also are not + * usb1 compatible, but in practice this seems to work fine. + */ +static int usb_linux_full_speed_compat(USBHostDevice *dev) +{ + int i, packet_size; + + /* + * usb_linux_update_endp_table only registers info about ep in the current + * interface altsettings, so we need to parse the descriptors again. + */ + for (i = 0; (i + 5) < dev->descr_len; i += dev->descr[i]) { + if (dev->descr[i + 1] == USB_DT_ENDPOINT) { + switch (dev->descr[i + 3] & 0x3) { + case 0x00: /* CONTROL */ + break; + case 0x01: /* ISO */ + return 0; + case 0x02: /* BULK */ + break; + case 0x03: /* INTERRUPT */ + packet_size = dev->descr[i + 4] + (dev->descr[i + 5] << 8); + if (packet_size > 64) + return 0; + break; + } + } + } + return 1; +} + +static int usb_host_open(USBHostDevice *dev, int bus_num, + int addr, const char *port, + const char *prod_name, int speed) +{ + int fd = -1, ret; + + trace_usb_host_open_started(bus_num, addr); + + if (dev->fd != -1) { + goto fail; + } + + fd = usb_host_open_device(bus_num, addr); + if (fd < 0) { + goto fail; + } + DPRINTF("husb: opened %s\n", buf); + + dev->bus_num = bus_num; + dev->addr = addr; + strcpy(dev->port, port); + dev->fd = fd; + + /* read the device description */ + dev->descr_len = read(fd, dev->descr, sizeof(dev->descr)); + if (dev->descr_len <= 0) { + perror("husb: reading device data failed"); + goto fail; + } + +#ifdef DEBUG + { + int x; + printf("=== begin dumping device descriptor data ===\n"); + for (x = 0; x < dev->descr_len; x++) { + printf("%02x ", dev->descr[x]); + } + printf("\n=== end dumping device descriptor data ===\n"); + } +#endif + + + /* start unconfigured -- we'll wait for the guest to set a configuration */ + if (!usb_host_claim_interfaces(dev, 0)) { + goto fail; + } + + ret = usb_linux_update_endp_table(dev); + if (ret) { + goto fail; + } + + if (speed == -1) { + struct usbdevfs_connectinfo ci; + + ret = ioctl(fd, USBDEVFS_CONNECTINFO, &ci); + if (ret < 0) { + perror("usb_host_device_open: USBDEVFS_CONNECTINFO"); + goto fail; + } + + if (ci.slow) { + speed = USB_SPEED_LOW; + } else { + speed = USB_SPEED_HIGH; + } + } + dev->dev.speed = speed; + dev->dev.speedmask = (1 << speed); + if (dev->dev.speed == USB_SPEED_HIGH && usb_linux_full_speed_compat(dev)) { + dev->dev.speedmask |= USB_SPEED_MASK_FULL; + } + + trace_usb_host_open_success(bus_num, addr); + + if (!prod_name || prod_name[0] == '\0') { + snprintf(dev->dev.product_desc, sizeof(dev->dev.product_desc), + "host:%d.%d", bus_num, addr); + } else { + pstrcpy(dev->dev.product_desc, sizeof(dev->dev.product_desc), + prod_name); + } + + ret = usb_device_attach(&dev->dev); + if (ret) { + goto fail; + } + + /* USB devio uses 'write' flag to check for async completions */ + qemu_set_fd_handler(dev->fd, NULL, async_complete, dev); + + return 0; + +fail: + trace_usb_host_open_failure(bus_num, addr); + if (dev->fd != -1) { + close(dev->fd); + dev->fd = -1; + } + return -1; +} + +static int usb_host_close(USBHostDevice *dev) +{ + int i; + + if (dev->fd == -1) { + return -1; + } + + trace_usb_host_close(dev->bus_num, dev->addr); + + qemu_set_fd_handler(dev->fd, NULL, NULL, NULL); + dev->closing = 1; + for (i = 1; i <= USB_MAX_ENDPOINTS; i++) { + if (is_isoc(dev, USB_TOKEN_IN, i)) { + usb_host_stop_n_free_iso(dev, USB_TOKEN_IN, i); + } + if (is_isoc(dev, USB_TOKEN_OUT, i)) { + usb_host_stop_n_free_iso(dev, USB_TOKEN_OUT, i); + } + } + async_complete(dev); + dev->closing = 0; + if (dev->dev.attached) { + usb_device_detach(&dev->dev); + } + usb_host_do_reset(dev); + close(dev->fd); + dev->fd = -1; + return 0; +} + +static void usb_host_exit_notifier(struct Notifier *n, void *data) +{ + USBHostDevice *s = container_of(n, USBHostDevice, exit); + + usb_host_release_port(s); + if (s->fd != -1) { + usb_host_do_reset(s);; + } +} + +static int usb_host_initfn(USBDevice *dev) +{ + USBHostDevice *s = DO_UPCAST(USBHostDevice, dev, dev); + + dev->auto_attach = 0; + s->fd = -1; + s->hub_fd = -1; + + QTAILQ_INSERT_TAIL(&hostdevs, s, next); + s->exit.notify = usb_host_exit_notifier; + qemu_add_exit_notifier(&s->exit); + usb_host_auto_check(NULL); + + if (s->match.bus_num != 0 && s->match.port != NULL) { + usb_host_claim_port(s); + } + return 0; +} + +static const VMStateDescription vmstate_usb_host = { + .name = "usb-host", + .unmigratable = 1, +}; + +static Property usb_host_dev_properties[] = { + DEFINE_PROP_UINT32("hostbus", USBHostDevice, match.bus_num, 0), + DEFINE_PROP_UINT32("hostaddr", USBHostDevice, match.addr, 0), + DEFINE_PROP_STRING("hostport", USBHostDevice, match.port), + DEFINE_PROP_HEX32("vendorid", USBHostDevice, match.vendor_id, 0), + DEFINE_PROP_HEX32("productid", USBHostDevice, match.product_id, 0), + DEFINE_PROP_UINT32("isobufs", USBHostDevice, iso_urb_count, 4), + DEFINE_PROP_END_OF_LIST(), +}; + +static void usb_host_class_initfn(ObjectClass *klass, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(klass); + USBDeviceClass *uc = USB_DEVICE_CLASS(klass); + + uc->init = usb_host_initfn; + uc->product_desc = "USB Host Device"; + uc->cancel_packet = usb_host_async_cancel; + uc->handle_data = usb_host_handle_data; + uc->handle_control = usb_host_handle_control; + uc->handle_reset = usb_host_handle_reset; + uc->handle_destroy = usb_host_handle_destroy; + dc->vmsd = &vmstate_usb_host; + dc->props = usb_host_dev_properties; +} + +static TypeInfo usb_host_dev_info = { + .name = "usb-host", + .parent = TYPE_USB_DEVICE, + .instance_size = sizeof(USBHostDevice), + .class_init = usb_host_class_initfn, +}; + +static void usb_host_register_types(void) +{ + type_register_static(&usb_host_dev_info); + usb_legacy_register("usb-host", "host", usb_host_device_open); +} + +type_init(usb_host_register_types) + +USBDevice *usb_host_device_open(USBBus *bus, const char *devname) +{ + struct USBAutoFilter filter; + USBDevice *dev; + char *p; + + dev = usb_create(bus, "usb-host"); + + if (strstr(devname, "auto:")) { + if (parse_filter(devname, &filter) < 0) { + goto fail; + } + } else { + if ((p = strchr(devname, '.'))) { + filter.bus_num = strtoul(devname, NULL, 0); + filter.addr = strtoul(p + 1, NULL, 0); + filter.vendor_id = 0; + filter.product_id = 0; + } else if ((p = strchr(devname, ':'))) { + filter.bus_num = 0; + filter.addr = 0; + filter.vendor_id = strtoul(devname, NULL, 16); + filter.product_id = strtoul(p + 1, NULL, 16); + } else { + goto fail; + } + } + + qdev_prop_set_uint32(&dev->qdev, "hostbus", filter.bus_num); + qdev_prop_set_uint32(&dev->qdev, "hostaddr", filter.addr); + qdev_prop_set_uint32(&dev->qdev, "vendorid", filter.vendor_id); + qdev_prop_set_uint32(&dev->qdev, "productid", filter.product_id); + qdev_init_nofail(&dev->qdev); + return dev; + +fail: + qdev_free(&dev->qdev); + return NULL; +} + +int usb_host_device_close(const char *devname) +{ +#if 0 + char product_name[PRODUCT_NAME_SZ]; + int bus_num, addr; + USBHostDevice *s; + + if (strstr(devname, "auto:")) { + return usb_host_auto_del(devname); + } + if (usb_host_find_device(&bus_num, &addr, product_name, + sizeof(product_name), devname) < 0) { + return -1; + } + s = hostdev_find(bus_num, addr); + if (s) { + usb_device_delete_addr(s->bus_num, s->dev.addr); + return 0; + } +#endif + + return -1; +} + +/* + * Read sys file-system device file + * + * @line address of buffer to put file contents in + * @line_size size of line + * @device_file path to device file (printf format string) + * @device_name device being opened (inserted into device_file) + * + * @return 0 failed, 1 succeeded ('line' contains data) + */ +static int usb_host_read_file(char *line, size_t line_size, + const char *device_file, const char *device_name) +{ + FILE *f; + int ret = 0; + char filename[PATH_MAX]; + + snprintf(filename, PATH_MAX, "/sys/bus/usb/devices/%s/%s", device_name, + device_file); + f = fopen(filename, "r"); + if (f) { + ret = fgets(line, line_size, f) != NULL; + fclose(f); + } + + return ret; +} + +/* + * Use /sys/bus/usb/devices/ directory to determine host's USB + * devices. + * + * This code is based on Robert Schiele's original patches posted to + * the Novell bug-tracker https://bugzilla.novell.com/show_bug.cgi?id=241950 + */ +static int usb_host_scan(void *opaque, USBScanFunc *func) +{ + DIR *dir = NULL; + char line[1024]; + int bus_num, addr, speed, class_id, product_id, vendor_id; + int ret = 0; + char port[MAX_PORTLEN]; + char product_name[512]; + struct dirent *de; + + dir = opendir("/sys/bus/usb/devices"); + if (!dir) { + perror("husb: opendir /sys/bus/usb/devices"); + fprintf(stderr, "husb: please make sure sysfs is mounted at /sys\n"); + goto the_end; + } + + while ((de = readdir(dir))) { + if (de->d_name[0] != '.' && !strchr(de->d_name, ':')) { + if (sscanf(de->d_name, "%d-%7[0-9.]", &bus_num, port) < 2) { + continue; + } + + if (!usb_host_read_file(line, sizeof(line), "devnum", de->d_name)) { + goto the_end; + } + if (sscanf(line, "%d", &addr) != 1) { + goto the_end; + } + if (!usb_host_read_file(line, sizeof(line), "bDeviceClass", + de->d_name)) { + goto the_end; + } + if (sscanf(line, "%x", &class_id) != 1) { + goto the_end; + } + + if (!usb_host_read_file(line, sizeof(line), "idVendor", + de->d_name)) { + goto the_end; + } + if (sscanf(line, "%x", &vendor_id) != 1) { + goto the_end; + } + if (!usb_host_read_file(line, sizeof(line), "idProduct", + de->d_name)) { + goto the_end; + } + if (sscanf(line, "%x", &product_id) != 1) { + goto the_end; + } + if (!usb_host_read_file(line, sizeof(line), "product", + de->d_name)) { + *product_name = 0; + } else { + if (strlen(line) > 0) { + line[strlen(line) - 1] = '\0'; + } + pstrcpy(product_name, sizeof(product_name), line); + } + + if (!usb_host_read_file(line, sizeof(line), "speed", de->d_name)) { + goto the_end; + } + if (!strcmp(line, "5000\n")) { + speed = USB_SPEED_SUPER; + } else if (!strcmp(line, "480\n")) { + speed = USB_SPEED_HIGH; + } else if (!strcmp(line, "1.5\n")) { + speed = USB_SPEED_LOW; + } else { + speed = USB_SPEED_FULL; + } + + ret = func(opaque, bus_num, addr, port, class_id, vendor_id, + product_id, product_name, speed); + if (ret) { + goto the_end; + } + } + } + the_end: + if (dir) { + closedir(dir); + } + return ret; +} + +static QEMUTimer *usb_auto_timer; + +static int usb_host_auto_scan(void *opaque, int bus_num, + int addr, const char *port, + int class_id, int vendor_id, int product_id, + const char *product_name, int speed) +{ + struct USBAutoFilter *f; + struct USBHostDevice *s; + + /* Ignore hubs */ + if (class_id == 9) + return 0; + + QTAILQ_FOREACH(s, &hostdevs, next) { + f = &s->match; + + if (f->bus_num > 0 && f->bus_num != bus_num) { + continue; + } + if (f->addr > 0 && f->addr != addr) { + continue; + } + if (f->port != NULL && (port == NULL || strcmp(f->port, port) != 0)) { + continue; + } + + if (f->vendor_id > 0 && f->vendor_id != vendor_id) { + continue; + } + + if (f->product_id > 0 && f->product_id != product_id) { + continue; + } + /* We got a match */ + s->seen++; + if (s->errcount >= 3) { + return 0; + } + + /* Already attached ? */ + if (s->fd != -1) { + return 0; + } + DPRINTF("husb: auto open: bus_num %d addr %d\n", bus_num, addr); + + if (usb_host_open(s, bus_num, addr, port, product_name, speed) < 0) { + s->errcount++; + } + break; + } + + return 0; +} + +static void usb_host_auto_check(void *unused) +{ + struct USBHostDevice *s; + int unconnected = 0; + + usb_host_scan(NULL, usb_host_auto_scan); + + QTAILQ_FOREACH(s, &hostdevs, next) { + if (s->fd == -1) { + unconnected++; + } + if (s->seen == 0) { + s->errcount = 0; + } + s->seen = 0; + } + + if (unconnected == 0) { + /* nothing to watch */ + if (usb_auto_timer) { + qemu_del_timer(usb_auto_timer); + trace_usb_host_auto_scan_disabled(); + } + return; + } + + if (!usb_auto_timer) { + usb_auto_timer = qemu_new_timer_ms(rt_clock, usb_host_auto_check, NULL); + if (!usb_auto_timer) { + return; + } + trace_usb_host_auto_scan_enabled(); + } + qemu_mod_timer(usb_auto_timer, qemu_get_clock_ms(rt_clock) + 2000); +} + +/* + * Autoconnect filter + * Format: + * auto:bus:dev[:vid:pid] + * auto:bus.dev[:vid:pid] + * + * bus - bus number (dec, * means any) + * dev - device number (dec, * means any) + * vid - vendor id (hex, * means any) + * pid - product id (hex, * means any) + * + * See 'lsusb' output. + */ +static int parse_filter(const char *spec, struct USBAutoFilter *f) +{ + enum { BUS, DEV, VID, PID, DONE }; + const char *p = spec; + int i; + + f->bus_num = 0; + f->addr = 0; + f->vendor_id = 0; + f->product_id = 0; + + for (i = BUS; i < DONE; i++) { + p = strpbrk(p, ":."); + if (!p) { + break; + } + p++; + + if (*p == '*') { + continue; + } + switch(i) { + case BUS: f->bus_num = strtol(p, NULL, 10); break; + case DEV: f->addr = strtol(p, NULL, 10); break; + case VID: f->vendor_id = strtol(p, NULL, 16); break; + case PID: f->product_id = strtol(p, NULL, 16); break; + } + } + + if (i < DEV) { + fprintf(stderr, "husb: invalid auto filter spec %s\n", spec); + return -1; + } + + return 0; +} + +/**********************/ +/* USB host device info */ + +struct usb_class_info { + int class; + const char *class_name; +}; + +static const struct usb_class_info usb_class_info[] = { + { USB_CLASS_AUDIO, "Audio"}, + { USB_CLASS_COMM, "Communication"}, + { USB_CLASS_HID, "HID"}, + { USB_CLASS_HUB, "Hub" }, + { USB_CLASS_PHYSICAL, "Physical" }, + { USB_CLASS_PRINTER, "Printer" }, + { USB_CLASS_MASS_STORAGE, "Storage" }, + { USB_CLASS_CDC_DATA, "Data" }, + { USB_CLASS_APP_SPEC, "Application Specific" }, + { USB_CLASS_VENDOR_SPEC, "Vendor Specific" }, + { USB_CLASS_STILL_IMAGE, "Still Image" }, + { USB_CLASS_CSCID, "Smart Card" }, + { USB_CLASS_CONTENT_SEC, "Content Security" }, + { -1, NULL } +}; + +static const char *usb_class_str(uint8_t class) +{ + const struct usb_class_info *p; + for(p = usb_class_info; p->class != -1; p++) { + if (p->class == class) { + break; + } + } + return p->class_name; +} + +static void usb_info_device(Monitor *mon, int bus_num, + int addr, const char *port, + int class_id, int vendor_id, int product_id, + const char *product_name, + int speed) +{ + const char *class_str, *speed_str; + + switch(speed) { + case USB_SPEED_LOW: + speed_str = "1.5"; + break; + case USB_SPEED_FULL: + speed_str = "12"; + break; + case USB_SPEED_HIGH: + speed_str = "480"; + break; + case USB_SPEED_SUPER: + speed_str = "5000"; + break; + default: + speed_str = "?"; + break; + } + + monitor_printf(mon, " Bus %d, Addr %d, Port %s, Speed %s Mb/s\n", + bus_num, addr, port, speed_str); + class_str = usb_class_str(class_id); + if (class_str) { + monitor_printf(mon, " %s:", class_str); + } else { + monitor_printf(mon, " Class %02x:", class_id); + } + monitor_printf(mon, " USB device %04x:%04x", vendor_id, product_id); + if (product_name[0] != '\0') { + monitor_printf(mon, ", %s", product_name); + } + monitor_printf(mon, "\n"); +} + +static int usb_host_info_device(void *opaque, int bus_num, int addr, + const char *path, int class_id, + int vendor_id, int product_id, + const char *product_name, + int speed) +{ + Monitor *mon = opaque; + + usb_info_device(mon, bus_num, addr, path, class_id, vendor_id, product_id, + product_name, speed); + return 0; +} + +static void dec2str(int val, char *str, size_t size) +{ + if (val == 0) { + snprintf(str, size, "*"); + } else { + snprintf(str, size, "%d", val); + } +} + +static void hex2str(int val, char *str, size_t size) +{ + if (val == 0) { + snprintf(str, size, "*"); + } else { + snprintf(str, size, "%04x", val); + } +} + +void usb_host_info(Monitor *mon) +{ + struct USBAutoFilter *f; + struct USBHostDevice *s; + + usb_host_scan(mon, usb_host_info_device); + + if (QTAILQ_EMPTY(&hostdevs)) { + return; + } + + monitor_printf(mon, " Auto filters:\n"); + QTAILQ_FOREACH(s, &hostdevs, next) { + char bus[10], addr[10], vid[10], pid[10]; + f = &s->match; + dec2str(f->bus_num, bus, sizeof(bus)); + dec2str(f->addr, addr, sizeof(addr)); + hex2str(f->vendor_id, vid, sizeof(vid)); + hex2str(f->product_id, pid, sizeof(pid)); + monitor_printf(mon, " Bus %s, Addr %s, Port %s, ID %s:%s\n", + bus, addr, f->port ? f->port : "*", vid, pid); + } +} diff --git a/hw/usb/host-stub.c b/hw/usb/host-stub.c new file mode 100644 index 0000000000..b4e10c12ca --- /dev/null +++ b/hw/usb/host-stub.c @@ -0,0 +1,52 @@ +/* + * Stub host USB redirector + * + * Copyright (c) 2005 Fabrice Bellard + * + * Copyright (c) 2008 Max Krasnyansky + * Support for host device auto connect & disconnect + * Major rewrite to support fully async operation + * + * Copyright 2008 TJ <linux@tjworld.net> + * Added flexible support for /dev/bus/usb /sys/bus/usb/devices in addition + * to the legacy /proc/bus/usb USB device discovery and handling + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +#include "qemu-common.h" +#include "console.h" +#include "hw/usb.h" +#include "monitor.h" + +void usb_host_info(Monitor *mon) +{ + monitor_printf(mon, "USB host devices not supported\n"); +} + +/* XXX: modify configure to compile the right host driver */ +USBDevice *usb_host_device_open(USBBus *bus, const char *devname) +{ + return NULL; +} + +int usb_host_device_close(const char *devname) +{ + return 0; +} diff --git a/hw/usb-libhw.c b/hw/usb/libhw.c index 162b42bd5b..2462351389 100644 --- a/hw/usb-libhw.c +++ b/hw/usb/libhw.c @@ -21,7 +21,7 @@ */ #include "qemu-common.h" #include "cpu-common.h" -#include "usb.h" +#include "hw/usb.h" #include "dma.h" int usb_packet_map(USBPacket *p, QEMUSGList *sgl) diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c new file mode 100644 index 0000000000..8e9f175dbb --- /dev/null +++ b/hw/usb/redirect.c @@ -0,0 +1,1485 @@ +/* + * USB redirector usb-guest + * + * Copyright (c) 2011 Red Hat, Inc. + * + * Red Hat Authors: + * Hans de Goede <hdegoede@redhat.com> + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +#include "qemu-common.h" +#include "qemu-timer.h" +#include "monitor.h" +#include "sysemu.h" + +#include <dirent.h> +#include <sys/ioctl.h> +#include <signal.h> +#include <usbredirparser.h> +#include <usbredirfilter.h> + +#include "hw/usb.h" + +#define MAX_ENDPOINTS 32 +#define EP2I(ep_address) (((ep_address & 0x80) >> 3) | (ep_address & 0x0f)) +#define I2EP(i) (((i & 0x10) << 3) | (i & 0x0f)) + +typedef struct AsyncURB AsyncURB; +typedef struct USBRedirDevice USBRedirDevice; + +/* Struct to hold buffered packets (iso or int input packets) */ +struct buf_packet { + uint8_t *data; + int len; + int status; + QTAILQ_ENTRY(buf_packet)next; +}; + +struct endp_data { + uint8_t type; + uint8_t interval; + uint8_t interface; /* bInterfaceNumber this ep belongs to */ + uint8_t iso_started; + uint8_t iso_error; /* For reporting iso errors to the HC */ + uint8_t interrupt_started; + uint8_t interrupt_error; + uint8_t bufpq_prefilled; + uint8_t bufpq_dropping_packets; + QTAILQ_HEAD(, buf_packet) bufpq; + int bufpq_size; + int bufpq_target_size; +}; + +struct USBRedirDevice { + USBDevice dev; + /* Properties */ + CharDriverState *cs; + uint8_t debug; + char *filter_str; + /* Data passed from chardev the fd_read cb to the usbredirparser read cb */ + const uint8_t *read_buf; + int read_buf_size; + /* For async handling of open/close */ + QEMUBH *open_close_bh; + /* To delay the usb attach in case of quick chardev close + open */ + QEMUTimer *attach_timer; + int64_t next_attach_time; + struct usbredirparser *parser; + struct endp_data endpoint[MAX_ENDPOINTS]; + uint32_t packet_id; + QTAILQ_HEAD(, AsyncURB) asyncq; + /* Data for device filtering */ + struct usb_redir_device_connect_header device_info; + struct usb_redir_interface_info_header interface_info; + struct usbredirfilter_rule *filter_rules; + int filter_rules_count; +}; + +struct AsyncURB { + USBRedirDevice *dev; + USBPacket *packet; + uint32_t packet_id; + int get; + union { + struct usb_redir_control_packet_header control_packet; + struct usb_redir_bulk_packet_header bulk_packet; + struct usb_redir_interrupt_packet_header interrupt_packet; + }; + QTAILQ_ENTRY(AsyncURB)next; +}; + +static void usbredir_hello(void *priv, struct usb_redir_hello_header *h); +static void usbredir_device_connect(void *priv, + struct usb_redir_device_connect_header *device_connect); +static void usbredir_device_disconnect(void *priv); +static void usbredir_interface_info(void *priv, + struct usb_redir_interface_info_header *interface_info); +static void usbredir_ep_info(void *priv, + struct usb_redir_ep_info_header *ep_info); +static void usbredir_configuration_status(void *priv, uint32_t id, + struct usb_redir_configuration_status_header *configuration_status); +static void usbredir_alt_setting_status(void *priv, uint32_t id, + struct usb_redir_alt_setting_status_header *alt_setting_status); +static void usbredir_iso_stream_status(void *priv, uint32_t id, + struct usb_redir_iso_stream_status_header *iso_stream_status); +static void usbredir_interrupt_receiving_status(void *priv, uint32_t id, + struct usb_redir_interrupt_receiving_status_header + *interrupt_receiving_status); +static void usbredir_bulk_streams_status(void *priv, uint32_t id, + struct usb_redir_bulk_streams_status_header *bulk_streams_status); +static void usbredir_control_packet(void *priv, uint32_t id, + struct usb_redir_control_packet_header *control_packet, + uint8_t *data, int data_len); +static void usbredir_bulk_packet(void *priv, uint32_t id, + struct usb_redir_bulk_packet_header *bulk_packet, + uint8_t *data, int data_len); +static void usbredir_iso_packet(void *priv, uint32_t id, + struct usb_redir_iso_packet_header *iso_packet, + uint8_t *data, int data_len); +static void usbredir_interrupt_packet(void *priv, uint32_t id, + struct usb_redir_interrupt_packet_header *interrupt_header, + uint8_t *data, int data_len); + +static int usbredir_handle_status(USBRedirDevice *dev, + int status, int actual_len); + +#define VERSION "qemu usb-redir guest " QEMU_VERSION + +/* + * Logging stuff + */ + +#define ERROR(...) \ + do { \ + if (dev->debug >= usbredirparser_error) { \ + error_report("usb-redir error: " __VA_ARGS__); \ + } \ + } while (0) +#define WARNING(...) \ + do { \ + if (dev->debug >= usbredirparser_warning) { \ + error_report("usb-redir warning: " __VA_ARGS__); \ + } \ + } while (0) +#define INFO(...) \ + do { \ + if (dev->debug >= usbredirparser_info) { \ + error_report("usb-redir: " __VA_ARGS__); \ + } \ + } while (0) +#define DPRINTF(...) \ + do { \ + if (dev->debug >= usbredirparser_debug) { \ + error_report("usb-redir: " __VA_ARGS__); \ + } \ + } while (0) +#define DPRINTF2(...) \ + do { \ + if (dev->debug >= usbredirparser_debug_data) { \ + error_report("usb-redir: " __VA_ARGS__); \ + } \ + } while (0) + +static void usbredir_log(void *priv, int level, const char *msg) +{ + USBRedirDevice *dev = priv; + + if (dev->debug < level) { + return; + } + + error_report("%s", msg); +} + +static void usbredir_log_data(USBRedirDevice *dev, const char *desc, + const uint8_t *data, int len) +{ + int i, j, n; + + if (dev->debug < usbredirparser_debug_data) { + return; + } + + for (i = 0; i < len; i += j) { + char buf[128]; + + n = sprintf(buf, "%s", desc); + for (j = 0; j < 8 && i + j < len; j++) { + n += sprintf(buf + n, " %02X", data[i + j]); + } + error_report("%s", buf); + } +} + +/* + * usbredirparser io functions + */ + +static int usbredir_read(void *priv, uint8_t *data, int count) +{ + USBRedirDevice *dev = priv; + + if (dev->read_buf_size < count) { + count = dev->read_buf_size; + } + + memcpy(data, dev->read_buf, count); + + dev->read_buf_size -= count; + if (dev->read_buf_size) { + dev->read_buf += count; + } else { + dev->read_buf = NULL; + } + + return count; +} + +static int usbredir_write(void *priv, uint8_t *data, int count) +{ + USBRedirDevice *dev = priv; + + if (!dev->cs->opened) { + return 0; + } + + return qemu_chr_fe_write(dev->cs, data, count); +} + +/* + * Async and buffered packets helpers + */ + +static AsyncURB *async_alloc(USBRedirDevice *dev, USBPacket *p) +{ + AsyncURB *aurb = (AsyncURB *) g_malloc0(sizeof(AsyncURB)); + aurb->dev = dev; + aurb->packet = p; + aurb->packet_id = dev->packet_id; + QTAILQ_INSERT_TAIL(&dev->asyncq, aurb, next); + dev->packet_id++; + + return aurb; +} + +static void async_free(USBRedirDevice *dev, AsyncURB *aurb) +{ + QTAILQ_REMOVE(&dev->asyncq, aurb, next); + g_free(aurb); +} + +static AsyncURB *async_find(USBRedirDevice *dev, uint32_t packet_id) +{ + AsyncURB *aurb; + + QTAILQ_FOREACH(aurb, &dev->asyncq, next) { + if (aurb->packet_id == packet_id) { + return aurb; + } + } + ERROR("could not find async urb for packet_id %u\n", packet_id); + return NULL; +} + +static void usbredir_cancel_packet(USBDevice *udev, USBPacket *p) +{ + USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); + AsyncURB *aurb; + + QTAILQ_FOREACH(aurb, &dev->asyncq, next) { + if (p != aurb->packet) { + continue; + } + + DPRINTF("async cancel id %u\n", aurb->packet_id); + usbredirparser_send_cancel_data_packet(dev->parser, aurb->packet_id); + usbredirparser_do_write(dev->parser); + + /* Mark it as dead */ + aurb->packet = NULL; + break; + } +} + +static void bufp_alloc(USBRedirDevice *dev, + uint8_t *data, int len, int status, uint8_t ep) +{ + struct buf_packet *bufp; + + if (!dev->endpoint[EP2I(ep)].bufpq_dropping_packets && + dev->endpoint[EP2I(ep)].bufpq_size > + 2 * dev->endpoint[EP2I(ep)].bufpq_target_size) { + DPRINTF("bufpq overflow, dropping packets ep %02X\n", ep); + dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 1; + } + /* Since we're interupting the stream anyways, drop enough packets to get + back to our target buffer size */ + if (dev->endpoint[EP2I(ep)].bufpq_dropping_packets) { + if (dev->endpoint[EP2I(ep)].bufpq_size > + dev->endpoint[EP2I(ep)].bufpq_target_size) { + free(data); + return; + } + dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 0; + } + + bufp = g_malloc(sizeof(struct buf_packet)); + bufp->data = data; + bufp->len = len; + bufp->status = status; + QTAILQ_INSERT_TAIL(&dev->endpoint[EP2I(ep)].bufpq, bufp, next); + dev->endpoint[EP2I(ep)].bufpq_size++; +} + +static void bufp_free(USBRedirDevice *dev, struct buf_packet *bufp, + uint8_t ep) +{ + QTAILQ_REMOVE(&dev->endpoint[EP2I(ep)].bufpq, bufp, next); + dev->endpoint[EP2I(ep)].bufpq_size--; + free(bufp->data); + g_free(bufp); +} + +static void usbredir_free_bufpq(USBRedirDevice *dev, uint8_t ep) +{ + struct buf_packet *buf, *buf_next; + + QTAILQ_FOREACH_SAFE(buf, &dev->endpoint[EP2I(ep)].bufpq, next, buf_next) { + bufp_free(dev, buf, ep); + } +} + +/* + * USBDevice callbacks + */ + +static void usbredir_handle_reset(USBDevice *udev) +{ + USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); + + DPRINTF("reset device\n"); + usbredirparser_send_reset(dev->parser); + usbredirparser_do_write(dev->parser); +} + +static int usbredir_handle_iso_data(USBRedirDevice *dev, USBPacket *p, + uint8_t ep) +{ + int status, len; + if (!dev->endpoint[EP2I(ep)].iso_started && + !dev->endpoint[EP2I(ep)].iso_error) { + struct usb_redir_start_iso_stream_header start_iso = { + .endpoint = ep, + }; + int pkts_per_sec; + + if (dev->dev.speed == USB_SPEED_HIGH) { + pkts_per_sec = 8000 / dev->endpoint[EP2I(ep)].interval; + } else { + pkts_per_sec = 1000 / dev->endpoint[EP2I(ep)].interval; + } + /* Testing has shown that we need circa 60 ms buffer */ + dev->endpoint[EP2I(ep)].bufpq_target_size = (pkts_per_sec * 60) / 1000; + + /* Aim for approx 100 interrupts / second on the client to + balance latency and interrupt load */ + start_iso.pkts_per_urb = pkts_per_sec / 100; + if (start_iso.pkts_per_urb < 1) { + start_iso.pkts_per_urb = 1; + } else if (start_iso.pkts_per_urb > 32) { + start_iso.pkts_per_urb = 32; + } + + start_iso.no_urbs = (dev->endpoint[EP2I(ep)].bufpq_target_size + + start_iso.pkts_per_urb - 1) / + start_iso.pkts_per_urb; + /* Output endpoints pre-fill only 1/2 of the packets, keeping the rest + as overflow buffer. Also see the usbredir protocol documentation */ + if (!(ep & USB_DIR_IN)) { + start_iso.no_urbs *= 2; + } + if (start_iso.no_urbs > 16) { + start_iso.no_urbs = 16; + } + + /* No id, we look at the ep when receiving a status back */ + usbredirparser_send_start_iso_stream(dev->parser, 0, &start_iso); + usbredirparser_do_write(dev->parser); + DPRINTF("iso stream started pkts/sec %d pkts/urb %d urbs %d ep %02X\n", + pkts_per_sec, start_iso.pkts_per_urb, start_iso.no_urbs, ep); + dev->endpoint[EP2I(ep)].iso_started = 1; + dev->endpoint[EP2I(ep)].bufpq_prefilled = 0; + dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 0; + } + + if (ep & USB_DIR_IN) { + struct buf_packet *isop; + + if (dev->endpoint[EP2I(ep)].iso_started && + !dev->endpoint[EP2I(ep)].bufpq_prefilled) { + if (dev->endpoint[EP2I(ep)].bufpq_size < + dev->endpoint[EP2I(ep)].bufpq_target_size) { + return usbredir_handle_status(dev, 0, 0); + } + dev->endpoint[EP2I(ep)].bufpq_prefilled = 1; + } + + isop = QTAILQ_FIRST(&dev->endpoint[EP2I(ep)].bufpq); + if (isop == NULL) { + DPRINTF("iso-token-in ep %02X, no isop, iso_error: %d\n", + ep, dev->endpoint[EP2I(ep)].iso_error); + /* Re-fill the buffer */ + dev->endpoint[EP2I(ep)].bufpq_prefilled = 0; + /* Check iso_error for stream errors, otherwise its an underrun */ + status = dev->endpoint[EP2I(ep)].iso_error; + dev->endpoint[EP2I(ep)].iso_error = 0; + return status ? USB_RET_IOERROR : 0; + } + DPRINTF2("iso-token-in ep %02X status %d len %d queue-size: %d\n", ep, + isop->status, isop->len, dev->endpoint[EP2I(ep)].bufpq_size); + + status = isop->status; + if (status != usb_redir_success) { + bufp_free(dev, isop, ep); + return USB_RET_IOERROR; + } + + len = isop->len; + if (len > p->iov.size) { + ERROR("received iso data is larger then packet ep %02X (%d > %d)\n", + ep, len, (int)p->iov.size); + bufp_free(dev, isop, ep); + return USB_RET_BABBLE; + } + usb_packet_copy(p, isop->data, len); + bufp_free(dev, isop, ep); + return len; + } else { + /* If the stream was not started because of a pending error don't + send the packet to the usb-host */ + if (dev->endpoint[EP2I(ep)].iso_started) { + struct usb_redir_iso_packet_header iso_packet = { + .endpoint = ep, + .length = p->iov.size + }; + uint8_t buf[p->iov.size]; + /* No id, we look at the ep when receiving a status back */ + usb_packet_copy(p, buf, p->iov.size); + usbredirparser_send_iso_packet(dev->parser, 0, &iso_packet, + buf, p->iov.size); + usbredirparser_do_write(dev->parser); + } + status = dev->endpoint[EP2I(ep)].iso_error; + dev->endpoint[EP2I(ep)].iso_error = 0; + DPRINTF2("iso-token-out ep %02X status %d len %zd\n", ep, status, + p->iov.size); + return usbredir_handle_status(dev, status, p->iov.size); + } +} + +static void usbredir_stop_iso_stream(USBRedirDevice *dev, uint8_t ep) +{ + struct usb_redir_stop_iso_stream_header stop_iso_stream = { + .endpoint = ep + }; + if (dev->endpoint[EP2I(ep)].iso_started) { + usbredirparser_send_stop_iso_stream(dev->parser, 0, &stop_iso_stream); + DPRINTF("iso stream stopped ep %02X\n", ep); + dev->endpoint[EP2I(ep)].iso_started = 0; + } + dev->endpoint[EP2I(ep)].iso_error = 0; + usbredir_free_bufpq(dev, ep); +} + +static int usbredir_handle_bulk_data(USBRedirDevice *dev, USBPacket *p, + uint8_t ep) +{ + AsyncURB *aurb = async_alloc(dev, p); + struct usb_redir_bulk_packet_header bulk_packet; + + DPRINTF("bulk-out ep %02X len %zd id %u\n", ep, + p->iov.size, aurb->packet_id); + + bulk_packet.endpoint = ep; + bulk_packet.length = p->iov.size; + bulk_packet.stream_id = 0; + aurb->bulk_packet = bulk_packet; + + if (ep & USB_DIR_IN) { + usbredirparser_send_bulk_packet(dev->parser, aurb->packet_id, + &bulk_packet, NULL, 0); + } else { + uint8_t buf[p->iov.size]; + usb_packet_copy(p, buf, p->iov.size); + usbredir_log_data(dev, "bulk data out:", buf, p->iov.size); + usbredirparser_send_bulk_packet(dev->parser, aurb->packet_id, + &bulk_packet, buf, p->iov.size); + } + usbredirparser_do_write(dev->parser); + return USB_RET_ASYNC; +} + +static int usbredir_handle_interrupt_data(USBRedirDevice *dev, + USBPacket *p, uint8_t ep) +{ + if (ep & USB_DIR_IN) { + /* Input interrupt endpoint, buffered packet input */ + struct buf_packet *intp; + int status, len; + + if (!dev->endpoint[EP2I(ep)].interrupt_started && + !dev->endpoint[EP2I(ep)].interrupt_error) { + struct usb_redir_start_interrupt_receiving_header start_int = { + .endpoint = ep, + }; + /* No id, we look at the ep when receiving a status back */ + usbredirparser_send_start_interrupt_receiving(dev->parser, 0, + &start_int); + usbredirparser_do_write(dev->parser); + DPRINTF("interrupt recv started ep %02X\n", ep); + dev->endpoint[EP2I(ep)].interrupt_started = 1; + /* We don't really want to drop interrupt packets ever, but + having some upper limit to how much we buffer is good. */ + dev->endpoint[EP2I(ep)].bufpq_target_size = 1000; + dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 0; + } + + intp = QTAILQ_FIRST(&dev->endpoint[EP2I(ep)].bufpq); + if (intp == NULL) { + DPRINTF2("interrupt-token-in ep %02X, no intp\n", ep); + /* Check interrupt_error for stream errors */ + status = dev->endpoint[EP2I(ep)].interrupt_error; + dev->endpoint[EP2I(ep)].interrupt_error = 0; + if (status) { + return usbredir_handle_status(dev, status, 0); + } + return USB_RET_NAK; + } + DPRINTF("interrupt-token-in ep %02X status %d len %d\n", ep, + intp->status, intp->len); + + status = intp->status; + if (status != usb_redir_success) { + bufp_free(dev, intp, ep); + return usbredir_handle_status(dev, status, 0); + } + + len = intp->len; + if (len > p->iov.size) { + ERROR("received int data is larger then packet ep %02X\n", ep); + bufp_free(dev, intp, ep); + return USB_RET_BABBLE; + } + usb_packet_copy(p, intp->data, len); + bufp_free(dev, intp, ep); + return len; + } else { + /* Output interrupt endpoint, normal async operation */ + AsyncURB *aurb = async_alloc(dev, p); + struct usb_redir_interrupt_packet_header interrupt_packet; + uint8_t buf[p->iov.size]; + + DPRINTF("interrupt-out ep %02X len %zd id %u\n", ep, p->iov.size, + aurb->packet_id); + + interrupt_packet.endpoint = ep; + interrupt_packet.length = p->iov.size; + aurb->interrupt_packet = interrupt_packet; + + usb_packet_copy(p, buf, p->iov.size); + usbredir_log_data(dev, "interrupt data out:", buf, p->iov.size); + usbredirparser_send_interrupt_packet(dev->parser, aurb->packet_id, + &interrupt_packet, buf, p->iov.size); + usbredirparser_do_write(dev->parser); + return USB_RET_ASYNC; + } +} + +static void usbredir_stop_interrupt_receiving(USBRedirDevice *dev, + uint8_t ep) +{ + struct usb_redir_stop_interrupt_receiving_header stop_interrupt_recv = { + .endpoint = ep + }; + if (dev->endpoint[EP2I(ep)].interrupt_started) { + usbredirparser_send_stop_interrupt_receiving(dev->parser, 0, + &stop_interrupt_recv); + DPRINTF("interrupt recv stopped ep %02X\n", ep); + dev->endpoint[EP2I(ep)].interrupt_started = 0; + } + dev->endpoint[EP2I(ep)].interrupt_error = 0; + usbredir_free_bufpq(dev, ep); +} + +static int usbredir_handle_data(USBDevice *udev, USBPacket *p) +{ + USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); + uint8_t ep; + + ep = p->ep->nr; + if (p->pid == USB_TOKEN_IN) { + ep |= USB_DIR_IN; + } + + switch (dev->endpoint[EP2I(ep)].type) { + case USB_ENDPOINT_XFER_CONTROL: + ERROR("handle_data called for control transfer on ep %02X\n", ep); + return USB_RET_NAK; + case USB_ENDPOINT_XFER_ISOC: + return usbredir_handle_iso_data(dev, p, ep); + case USB_ENDPOINT_XFER_BULK: + return usbredir_handle_bulk_data(dev, p, ep); + case USB_ENDPOINT_XFER_INT: + return usbredir_handle_interrupt_data(dev, p, ep); + default: + ERROR("handle_data ep %02X has unknown type %d\n", ep, + dev->endpoint[EP2I(ep)].type); + return USB_RET_NAK; + } +} + +static int usbredir_set_config(USBRedirDevice *dev, USBPacket *p, + int config) +{ + struct usb_redir_set_configuration_header set_config; + AsyncURB *aurb = async_alloc(dev, p); + int i; + + DPRINTF("set config %d id %u\n", config, aurb->packet_id); + + for (i = 0; i < MAX_ENDPOINTS; i++) { + switch (dev->endpoint[i].type) { + case USB_ENDPOINT_XFER_ISOC: + usbredir_stop_iso_stream(dev, I2EP(i)); + break; + case USB_ENDPOINT_XFER_INT: + if (i & 0x10) { + usbredir_stop_interrupt_receiving(dev, I2EP(i)); + } + break; + } + usbredir_free_bufpq(dev, I2EP(i)); + } + + set_config.configuration = config; + usbredirparser_send_set_configuration(dev->parser, aurb->packet_id, + &set_config); + usbredirparser_do_write(dev->parser); + return USB_RET_ASYNC; +} + +static int usbredir_get_config(USBRedirDevice *dev, USBPacket *p) +{ + AsyncURB *aurb = async_alloc(dev, p); + + DPRINTF("get config id %u\n", aurb->packet_id); + + aurb->get = 1; + usbredirparser_send_get_configuration(dev->parser, aurb->packet_id); + usbredirparser_do_write(dev->parser); + return USB_RET_ASYNC; +} + +static int usbredir_set_interface(USBRedirDevice *dev, USBPacket *p, + int interface, int alt) +{ + struct usb_redir_set_alt_setting_header set_alt; + AsyncURB *aurb = async_alloc(dev, p); + int i; + + DPRINTF("set interface %d alt %d id %u\n", interface, alt, + aurb->packet_id); + + for (i = 0; i < MAX_ENDPOINTS; i++) { + if (dev->endpoint[i].interface == interface) { + switch (dev->endpoint[i].type) { + case USB_ENDPOINT_XFER_ISOC: + usbredir_stop_iso_stream(dev, I2EP(i)); + break; + case USB_ENDPOINT_XFER_INT: + if (i & 0x10) { + usbredir_stop_interrupt_receiving(dev, I2EP(i)); + } + break; + } + usbredir_free_bufpq(dev, I2EP(i)); + } + } + + set_alt.interface = interface; + set_alt.alt = alt; + usbredirparser_send_set_alt_setting(dev->parser, aurb->packet_id, + &set_alt); + usbredirparser_do_write(dev->parser); + return USB_RET_ASYNC; +} + +static int usbredir_get_interface(USBRedirDevice *dev, USBPacket *p, + int interface) +{ + struct usb_redir_get_alt_setting_header get_alt; + AsyncURB *aurb = async_alloc(dev, p); + + DPRINTF("get interface %d id %u\n", interface, aurb->packet_id); + + get_alt.interface = interface; + aurb->get = 1; + usbredirparser_send_get_alt_setting(dev->parser, aurb->packet_id, + &get_alt); + usbredirparser_do_write(dev->parser); + return USB_RET_ASYNC; +} + +static int usbredir_handle_control(USBDevice *udev, USBPacket *p, + int request, int value, int index, int length, uint8_t *data) +{ + USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); + struct usb_redir_control_packet_header control_packet; + AsyncURB *aurb; + + /* Special cases for certain standard device requests */ + switch (request) { + case DeviceOutRequest | USB_REQ_SET_ADDRESS: + DPRINTF("set address %d\n", value); + dev->dev.addr = value; + return 0; + case DeviceOutRequest | USB_REQ_SET_CONFIGURATION: + return usbredir_set_config(dev, p, value & 0xff); + case DeviceRequest | USB_REQ_GET_CONFIGURATION: + return usbredir_get_config(dev, p); + case InterfaceOutRequest | USB_REQ_SET_INTERFACE: + return usbredir_set_interface(dev, p, index, value); + case InterfaceRequest | USB_REQ_GET_INTERFACE: + return usbredir_get_interface(dev, p, index); + } + + /* "Normal" ctrl requests */ + aurb = async_alloc(dev, p); + + /* Note request is (bRequestType << 8) | bRequest */ + DPRINTF("ctrl-out type 0x%x req 0x%x val 0x%x index %d len %d id %u\n", + request >> 8, request & 0xff, value, index, length, + aurb->packet_id); + + control_packet.request = request & 0xFF; + control_packet.requesttype = request >> 8; + control_packet.endpoint = control_packet.requesttype & USB_DIR_IN; + control_packet.value = value; + control_packet.index = index; + control_packet.length = length; + aurb->control_packet = control_packet; + + if (control_packet.requesttype & USB_DIR_IN) { + usbredirparser_send_control_packet(dev->parser, aurb->packet_id, + &control_packet, NULL, 0); + } else { + usbredir_log_data(dev, "ctrl data out:", data, length); + usbredirparser_send_control_packet(dev->parser, aurb->packet_id, + &control_packet, data, length); + } + usbredirparser_do_write(dev->parser); + return USB_RET_ASYNC; +} + +/* + * Close events can be triggered by usbredirparser_do_write which gets called + * from within the USBDevice data / control packet callbacks and doing a + * usb_detach from within these callbacks is not a good idea. + * + * So we use a bh handler to take care of close events. We also handle + * open events from this callback to make sure that a close directly followed + * by an open gets handled in the right order. + */ +static void usbredir_open_close_bh(void *opaque) +{ + USBRedirDevice *dev = opaque; + uint32_t caps[USB_REDIR_CAPS_SIZE] = { 0, }; + + usbredir_device_disconnect(dev); + + if (dev->parser) { + usbredirparser_destroy(dev->parser); + dev->parser = NULL; + } + + if (dev->cs->opened) { + dev->parser = qemu_oom_check(usbredirparser_create()); + dev->parser->priv = dev; + dev->parser->log_func = usbredir_log; + dev->parser->read_func = usbredir_read; + dev->parser->write_func = usbredir_write; + dev->parser->hello_func = usbredir_hello; + dev->parser->device_connect_func = usbredir_device_connect; + dev->parser->device_disconnect_func = usbredir_device_disconnect; + dev->parser->interface_info_func = usbredir_interface_info; + dev->parser->ep_info_func = usbredir_ep_info; + dev->parser->configuration_status_func = usbredir_configuration_status; + dev->parser->alt_setting_status_func = usbredir_alt_setting_status; + dev->parser->iso_stream_status_func = usbredir_iso_stream_status; + dev->parser->interrupt_receiving_status_func = + usbredir_interrupt_receiving_status; + dev->parser->bulk_streams_status_func = usbredir_bulk_streams_status; + dev->parser->control_packet_func = usbredir_control_packet; + dev->parser->bulk_packet_func = usbredir_bulk_packet; + dev->parser->iso_packet_func = usbredir_iso_packet; + dev->parser->interrupt_packet_func = usbredir_interrupt_packet; + dev->read_buf = NULL; + dev->read_buf_size = 0; + + usbredirparser_caps_set_cap(caps, usb_redir_cap_connect_device_version); + usbredirparser_caps_set_cap(caps, usb_redir_cap_filter); + usbredirparser_init(dev->parser, VERSION, caps, USB_REDIR_CAPS_SIZE, 0); + usbredirparser_do_write(dev->parser); + } +} + +static void usbredir_do_attach(void *opaque) +{ + USBRedirDevice *dev = opaque; + + usb_device_attach(&dev->dev); +} + +/* + * chardev callbacks + */ + +static int usbredir_chardev_can_read(void *opaque) +{ + USBRedirDevice *dev = opaque; + + if (dev->parser) { + /* usbredir_parser_do_read will consume *all* data we give it */ + return 1024 * 1024; + } else { + /* usbredir_open_close_bh hasn't handled the open event yet */ + return 0; + } +} + +static void usbredir_chardev_read(void *opaque, const uint8_t *buf, int size) +{ + USBRedirDevice *dev = opaque; + + /* No recursion allowed! */ + assert(dev->read_buf == NULL); + + dev->read_buf = buf; + dev->read_buf_size = size; + + usbredirparser_do_read(dev->parser); + /* Send any acks, etc. which may be queued now */ + usbredirparser_do_write(dev->parser); +} + +static void usbredir_chardev_event(void *opaque, int event) +{ + USBRedirDevice *dev = opaque; + + switch (event) { + case CHR_EVENT_OPENED: + case CHR_EVENT_CLOSED: + qemu_bh_schedule(dev->open_close_bh); + break; + } +} + +/* + * init + destroy + */ + +static int usbredir_initfn(USBDevice *udev) +{ + USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); + int i; + + if (dev->cs == NULL) { + qerror_report(QERR_MISSING_PARAMETER, "chardev"); + return -1; + } + + if (dev->filter_str) { + i = usbredirfilter_string_to_rules(dev->filter_str, ":", "|", + &dev->filter_rules, + &dev->filter_rules_count); + if (i) { + qerror_report(QERR_INVALID_PARAMETER_VALUE, "filter", + "a usb device filter string"); + return -1; + } + } + + dev->open_close_bh = qemu_bh_new(usbredir_open_close_bh, dev); + dev->attach_timer = qemu_new_timer_ms(vm_clock, usbredir_do_attach, dev); + + QTAILQ_INIT(&dev->asyncq); + for (i = 0; i < MAX_ENDPOINTS; i++) { + QTAILQ_INIT(&dev->endpoint[i].bufpq); + } + + /* We'll do the attach once we receive the speed from the usb-host */ + udev->auto_attach = 0; + + /* Let the backend know we are ready */ + qemu_chr_fe_open(dev->cs); + qemu_chr_add_handlers(dev->cs, usbredir_chardev_can_read, + usbredir_chardev_read, usbredir_chardev_event, dev); + + return 0; +} + +static void usbredir_cleanup_device_queues(USBRedirDevice *dev) +{ + AsyncURB *aurb, *next_aurb; + int i; + + QTAILQ_FOREACH_SAFE(aurb, &dev->asyncq, next, next_aurb) { + async_free(dev, aurb); + } + for (i = 0; i < MAX_ENDPOINTS; i++) { + usbredir_free_bufpq(dev, I2EP(i)); + } +} + +static void usbredir_handle_destroy(USBDevice *udev) +{ + USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); + + qemu_chr_fe_close(dev->cs); + qemu_chr_delete(dev->cs); + /* Note must be done after qemu_chr_close, as that causes a close event */ + qemu_bh_delete(dev->open_close_bh); + + qemu_del_timer(dev->attach_timer); + qemu_free_timer(dev->attach_timer); + + usbredir_cleanup_device_queues(dev); + + if (dev->parser) { + usbredirparser_destroy(dev->parser); + } + + free(dev->filter_rules); +} + +static int usbredir_check_filter(USBRedirDevice *dev) +{ + if (dev->interface_info.interface_count == 0) { + ERROR("No interface info for device\n"); + goto error; + } + + if (dev->filter_rules) { + if (!usbredirparser_peer_has_cap(dev->parser, + usb_redir_cap_connect_device_version)) { + ERROR("Device filter specified and peer does not have the " + "connect_device_version capability\n"); + goto error; + } + + if (usbredirfilter_check( + dev->filter_rules, + dev->filter_rules_count, + dev->device_info.device_class, + dev->device_info.device_subclass, + dev->device_info.device_protocol, + dev->interface_info.interface_class, + dev->interface_info.interface_subclass, + dev->interface_info.interface_protocol, + dev->interface_info.interface_count, + dev->device_info.vendor_id, + dev->device_info.product_id, + dev->device_info.device_version_bcd, + 0) != 0) { + goto error; + } + } + + return 0; + +error: + usbredir_device_disconnect(dev); + if (usbredirparser_peer_has_cap(dev->parser, usb_redir_cap_filter)) { + usbredirparser_send_filter_reject(dev->parser); + usbredirparser_do_write(dev->parser); + } + return -1; +} + +/* + * usbredirparser packet complete callbacks + */ + +static int usbredir_handle_status(USBRedirDevice *dev, + int status, int actual_len) +{ + switch (status) { + case usb_redir_success: + return actual_len; + case usb_redir_stall: + return USB_RET_STALL; + case usb_redir_cancelled: + WARNING("returning cancelled packet to HC?\n"); + return USB_RET_NAK; + case usb_redir_inval: + WARNING("got invalid param error from usb-host?\n"); + return USB_RET_NAK; + case usb_redir_ioerror: + case usb_redir_timeout: + default: + return USB_RET_IOERROR; + } +} + +static void usbredir_hello(void *priv, struct usb_redir_hello_header *h) +{ + USBRedirDevice *dev = priv; + + /* Try to send the filter info now that we've the usb-host's caps */ + if (usbredirparser_peer_has_cap(dev->parser, usb_redir_cap_filter) && + dev->filter_rules) { + usbredirparser_send_filter_filter(dev->parser, dev->filter_rules, + dev->filter_rules_count); + usbredirparser_do_write(dev->parser); + } +} + +static void usbredir_device_connect(void *priv, + struct usb_redir_device_connect_header *device_connect) +{ + USBRedirDevice *dev = priv; + const char *speed; + + if (qemu_timer_pending(dev->attach_timer) || dev->dev.attached) { + ERROR("Received device connect while already connected\n"); + return; + } + + switch (device_connect->speed) { + case usb_redir_speed_low: + speed = "low speed"; + dev->dev.speed = USB_SPEED_LOW; + break; + case usb_redir_speed_full: + speed = "full speed"; + dev->dev.speed = USB_SPEED_FULL; + break; + case usb_redir_speed_high: + speed = "high speed"; + dev->dev.speed = USB_SPEED_HIGH; + break; + case usb_redir_speed_super: + speed = "super speed"; + dev->dev.speed = USB_SPEED_SUPER; + break; + default: + speed = "unknown speed"; + dev->dev.speed = USB_SPEED_FULL; + } + + if (usbredirparser_peer_has_cap(dev->parser, + usb_redir_cap_connect_device_version)) { + INFO("attaching %s device %04x:%04x version %d.%d class %02x\n", + speed, device_connect->vendor_id, device_connect->product_id, + ((device_connect->device_version_bcd & 0xf000) >> 12) * 10 + + ((device_connect->device_version_bcd & 0x0f00) >> 8), + ((device_connect->device_version_bcd & 0x00f0) >> 4) * 10 + + ((device_connect->device_version_bcd & 0x000f) >> 0), + device_connect->device_class); + } else { + INFO("attaching %s device %04x:%04x class %02x\n", speed, + device_connect->vendor_id, device_connect->product_id, + device_connect->device_class); + } + + dev->dev.speedmask = (1 << dev->dev.speed); + dev->device_info = *device_connect; + + if (usbredir_check_filter(dev)) { + WARNING("Device %04x:%04x rejected by device filter, not attaching\n", + device_connect->vendor_id, device_connect->product_id); + return; + } + + qemu_mod_timer(dev->attach_timer, dev->next_attach_time); +} + +static void usbredir_device_disconnect(void *priv) +{ + USBRedirDevice *dev = priv; + int i; + + /* Stop any pending attaches */ + qemu_del_timer(dev->attach_timer); + + if (dev->dev.attached) { + usb_device_detach(&dev->dev); + /* + * Delay next usb device attach to give the guest a chance to see + * see the detach / attach in case of quick close / open succession + */ + dev->next_attach_time = qemu_get_clock_ms(vm_clock) + 200; + } + + /* Reset state so that the next dev connected starts with a clean slate */ + usbredir_cleanup_device_queues(dev); + memset(dev->endpoint, 0, sizeof(dev->endpoint)); + for (i = 0; i < MAX_ENDPOINTS; i++) { + QTAILQ_INIT(&dev->endpoint[i].bufpq); + } + usb_ep_init(&dev->dev); + dev->interface_info.interface_count = 0; +} + +static void usbredir_interface_info(void *priv, + struct usb_redir_interface_info_header *interface_info) +{ + USBRedirDevice *dev = priv; + + dev->interface_info = *interface_info; + + /* + * If we receive interface info after the device has already been + * connected (ie on a set_config), re-check the filter. + */ + if (qemu_timer_pending(dev->attach_timer) || dev->dev.attached) { + if (usbredir_check_filter(dev)) { + ERROR("Device no longer matches filter after interface info " + "change, disconnecting!\n"); + } + } +} + +static void usbredir_ep_info(void *priv, + struct usb_redir_ep_info_header *ep_info) +{ + USBRedirDevice *dev = priv; + struct USBEndpoint *usb_ep; + int i; + + for (i = 0; i < MAX_ENDPOINTS; i++) { + dev->endpoint[i].type = ep_info->type[i]; + dev->endpoint[i].interval = ep_info->interval[i]; + dev->endpoint[i].interface = ep_info->interface[i]; + switch (dev->endpoint[i].type) { + case usb_redir_type_invalid: + break; + case usb_redir_type_iso: + case usb_redir_type_interrupt: + if (dev->endpoint[i].interval == 0) { + ERROR("Received 0 interval for isoc or irq endpoint\n"); + usbredir_device_disconnect(dev); + } + /* Fall through */ + case usb_redir_type_control: + case usb_redir_type_bulk: + DPRINTF("ep: %02X type: %d interface: %d\n", I2EP(i), + dev->endpoint[i].type, dev->endpoint[i].interface); + break; + default: + ERROR("Received invalid endpoint type\n"); + usbredir_device_disconnect(dev); + return; + } + usb_ep = usb_ep_get(&dev->dev, + (i & 0x10) ? USB_TOKEN_IN : USB_TOKEN_OUT, + i & 0x0f); + usb_ep->type = dev->endpoint[i].type; + usb_ep->ifnum = dev->endpoint[i].interface; + } +} + +static void usbredir_configuration_status(void *priv, uint32_t id, + struct usb_redir_configuration_status_header *config_status) +{ + USBRedirDevice *dev = priv; + AsyncURB *aurb; + int len = 0; + + DPRINTF("set config status %d config %d id %u\n", config_status->status, + config_status->configuration, id); + + aurb = async_find(dev, id); + if (!aurb) { + return; + } + if (aurb->packet) { + if (aurb->get) { + dev->dev.data_buf[0] = config_status->configuration; + len = 1; + } + aurb->packet->result = + usbredir_handle_status(dev, config_status->status, len); + usb_generic_async_ctrl_complete(&dev->dev, aurb->packet); + } + async_free(dev, aurb); +} + +static void usbredir_alt_setting_status(void *priv, uint32_t id, + struct usb_redir_alt_setting_status_header *alt_setting_status) +{ + USBRedirDevice *dev = priv; + AsyncURB *aurb; + int len = 0; + + DPRINTF("alt status %d intf %d alt %d id: %u\n", + alt_setting_status->status, + alt_setting_status->interface, + alt_setting_status->alt, id); + + aurb = async_find(dev, id); + if (!aurb) { + return; + } + if (aurb->packet) { + if (aurb->get) { + dev->dev.data_buf[0] = alt_setting_status->alt; + len = 1; + } + aurb->packet->result = + usbredir_handle_status(dev, alt_setting_status->status, len); + usb_generic_async_ctrl_complete(&dev->dev, aurb->packet); + } + async_free(dev, aurb); +} + +static void usbredir_iso_stream_status(void *priv, uint32_t id, + struct usb_redir_iso_stream_status_header *iso_stream_status) +{ + USBRedirDevice *dev = priv; + uint8_t ep = iso_stream_status->endpoint; + + DPRINTF("iso status %d ep %02X id %u\n", iso_stream_status->status, + ep, id); + + if (!dev->dev.attached || !dev->endpoint[EP2I(ep)].iso_started) { + return; + } + + dev->endpoint[EP2I(ep)].iso_error = iso_stream_status->status; + if (iso_stream_status->status == usb_redir_stall) { + DPRINTF("iso stream stopped by peer ep %02X\n", ep); + dev->endpoint[EP2I(ep)].iso_started = 0; + } +} + +static void usbredir_interrupt_receiving_status(void *priv, uint32_t id, + struct usb_redir_interrupt_receiving_status_header + *interrupt_receiving_status) +{ + USBRedirDevice *dev = priv; + uint8_t ep = interrupt_receiving_status->endpoint; + + DPRINTF("interrupt recv status %d ep %02X id %u\n", + interrupt_receiving_status->status, ep, id); + + if (!dev->dev.attached || !dev->endpoint[EP2I(ep)].interrupt_started) { + return; + } + + dev->endpoint[EP2I(ep)].interrupt_error = + interrupt_receiving_status->status; + if (interrupt_receiving_status->status == usb_redir_stall) { + DPRINTF("interrupt receiving stopped by peer ep %02X\n", ep); + dev->endpoint[EP2I(ep)].interrupt_started = 0; + } +} + +static void usbredir_bulk_streams_status(void *priv, uint32_t id, + struct usb_redir_bulk_streams_status_header *bulk_streams_status) +{ +} + +static void usbredir_control_packet(void *priv, uint32_t id, + struct usb_redir_control_packet_header *control_packet, + uint8_t *data, int data_len) +{ + USBRedirDevice *dev = priv; + int len = control_packet->length; + AsyncURB *aurb; + + DPRINTF("ctrl-in status %d len %d id %u\n", control_packet->status, + len, id); + + aurb = async_find(dev, id); + if (!aurb) { + free(data); + return; + } + + aurb->control_packet.status = control_packet->status; + aurb->control_packet.length = control_packet->length; + if (memcmp(&aurb->control_packet, control_packet, + sizeof(*control_packet))) { + ERROR("return control packet mismatch, please report this!\n"); + len = USB_RET_NAK; + } + + if (aurb->packet) { + len = usbredir_handle_status(dev, control_packet->status, len); + if (len > 0) { + usbredir_log_data(dev, "ctrl data in:", data, data_len); + if (data_len <= sizeof(dev->dev.data_buf)) { + memcpy(dev->dev.data_buf, data, data_len); + } else { + ERROR("ctrl buffer too small (%d > %zu)\n", + data_len, sizeof(dev->dev.data_buf)); + len = USB_RET_STALL; + } + } + aurb->packet->result = len; + usb_generic_async_ctrl_complete(&dev->dev, aurb->packet); + } + async_free(dev, aurb); + free(data); +} + +static void usbredir_bulk_packet(void *priv, uint32_t id, + struct usb_redir_bulk_packet_header *bulk_packet, + uint8_t *data, int data_len) +{ + USBRedirDevice *dev = priv; + uint8_t ep = bulk_packet->endpoint; + int len = bulk_packet->length; + AsyncURB *aurb; + + DPRINTF("bulk-in status %d ep %02X len %d id %u\n", bulk_packet->status, + ep, len, id); + + aurb = async_find(dev, id); + if (!aurb) { + free(data); + return; + } + + if (aurb->bulk_packet.endpoint != bulk_packet->endpoint || + aurb->bulk_packet.stream_id != bulk_packet->stream_id) { + ERROR("return bulk packet mismatch, please report this!\n"); + len = USB_RET_NAK; + } + + if (aurb->packet) { + len = usbredir_handle_status(dev, bulk_packet->status, len); + if (len > 0) { + usbredir_log_data(dev, "bulk data in:", data, data_len); + if (data_len <= aurb->packet->iov.size) { + usb_packet_copy(aurb->packet, data, data_len); + } else { + ERROR("bulk buffer too small (%d > %zd)\n", data_len, + aurb->packet->iov.size); + len = USB_RET_STALL; + } + } + aurb->packet->result = len; + usb_packet_complete(&dev->dev, aurb->packet); + } + async_free(dev, aurb); + free(data); +} + +static void usbredir_iso_packet(void *priv, uint32_t id, + struct usb_redir_iso_packet_header *iso_packet, + uint8_t *data, int data_len) +{ + USBRedirDevice *dev = priv; + uint8_t ep = iso_packet->endpoint; + + DPRINTF2("iso-in status %d ep %02X len %d id %u\n", iso_packet->status, ep, + data_len, id); + + if (dev->endpoint[EP2I(ep)].type != USB_ENDPOINT_XFER_ISOC) { + ERROR("received iso packet for non iso endpoint %02X\n", ep); + free(data); + return; + } + + if (dev->endpoint[EP2I(ep)].iso_started == 0) { + DPRINTF("received iso packet for non started stream ep %02X\n", ep); + free(data); + return; + } + + /* bufp_alloc also adds the packet to the ep queue */ + bufp_alloc(dev, data, data_len, iso_packet->status, ep); +} + +static void usbredir_interrupt_packet(void *priv, uint32_t id, + struct usb_redir_interrupt_packet_header *interrupt_packet, + uint8_t *data, int data_len) +{ + USBRedirDevice *dev = priv; + uint8_t ep = interrupt_packet->endpoint; + + DPRINTF("interrupt-in status %d ep %02X len %d id %u\n", + interrupt_packet->status, ep, data_len, id); + + if (dev->endpoint[EP2I(ep)].type != USB_ENDPOINT_XFER_INT) { + ERROR("received int packet for non interrupt endpoint %02X\n", ep); + free(data); + return; + } + + if (ep & USB_DIR_IN) { + if (dev->endpoint[EP2I(ep)].interrupt_started == 0) { + DPRINTF("received int packet while not started ep %02X\n", ep); + free(data); + return; + } + + /* bufp_alloc also adds the packet to the ep queue */ + bufp_alloc(dev, data, data_len, interrupt_packet->status, ep); + } else { + int len = interrupt_packet->length; + + AsyncURB *aurb = async_find(dev, id); + if (!aurb) { + return; + } + + if (aurb->interrupt_packet.endpoint != interrupt_packet->endpoint) { + ERROR("return int packet mismatch, please report this!\n"); + len = USB_RET_NAK; + } + + if (aurb->packet) { + aurb->packet->result = usbredir_handle_status(dev, + interrupt_packet->status, len); + usb_packet_complete(&dev->dev, aurb->packet); + } + async_free(dev, aurb); + } +} + +static Property usbredir_properties[] = { + DEFINE_PROP_CHR("chardev", USBRedirDevice, cs), + DEFINE_PROP_UINT8("debug", USBRedirDevice, debug, 0), + DEFINE_PROP_STRING("filter", USBRedirDevice, filter_str), + DEFINE_PROP_END_OF_LIST(), +}; + +static void usbredir_class_initfn(ObjectClass *klass, void *data) +{ + USBDeviceClass *uc = USB_DEVICE_CLASS(klass); + DeviceClass *dc = DEVICE_CLASS(klass); + + uc->init = usbredir_initfn; + uc->product_desc = "USB Redirection Device"; + uc->handle_destroy = usbredir_handle_destroy; + uc->cancel_packet = usbredir_cancel_packet; + uc->handle_reset = usbredir_handle_reset; + uc->handle_data = usbredir_handle_data; + uc->handle_control = usbredir_handle_control; + dc->props = usbredir_properties; +} + +static TypeInfo usbredir_dev_info = { + .name = "usb-redir", + .parent = TYPE_USB_DEVICE, + .instance_size = sizeof(USBRedirDevice), + .class_init = usbredir_class_initfn, +}; + +static void usbredir_register_types(void) +{ + type_register_static(&usbredir_dev_info); +} + +type_init(usbredir_register_types) |