search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
linux-user: fix page_unprotect when host page size > target page size
[qemu.git] / hw / usb-net.c
blobff0ca442372485ae44f0fbedb9b55190e3f23dcb
1 /*
2 * QEMU USB Net devices
3 *
4 * Copyright (c) 2006 Thomas Sailer
5 * Copyright (c) 2008 Andrzej Zaborowski
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25
26 #include "qemu-common.h"
27 #include "usb.h"
28 #include "net.h"
29 #include "qemu-queue.h"
30
31 /*#define TRAFFIC_DEBUG*/
32 /* Thanks to NetChip Technologies for donating this product ID.
33 * It's for devices with only CDC Ethernet configurations.
34 */
35 #define CDC_VENDOR_NUM 0x0525 /* NetChip */
36 #define CDC_PRODUCT_NUM 0xa4a1 /* Linux-USB Ethernet Gadget */
37 /* For hardware that can talk RNDIS and either of the above protocols,
38 * use this ID ... the windows INF files will know it.
39 */
40 #define RNDIS_VENDOR_NUM 0x0525 /* NetChip */
41 #define RNDIS_PRODUCT_NUM 0xa4a2 /* Ethernet/RNDIS Gadget */
42
43 enum usbstring_idx {
44 STRING_MANUFACTURER = 1,
45 STRING_PRODUCT,
46 STRING_ETHADDR,
47 STRING_DATA,
48 STRING_CONTROL,
49 STRING_RNDIS_CONTROL,
50 STRING_CDC,
51 STRING_SUBSET,
52 STRING_RNDIS,
53 STRING_SERIALNUMBER,
54 };
55
56 #define DEV_CONFIG_VALUE 1 /* CDC or a subset */
57 #define DEV_RNDIS_CONFIG_VALUE 2 /* RNDIS; optional */
58
59 #define USB_CDC_SUBCLASS_ACM 0x02
60 #define USB_CDC_SUBCLASS_ETHERNET 0x06
61
62 #define USB_CDC_PROTO_NONE 0
63 #define USB_CDC_ACM_PROTO_VENDOR 0xff
64
65 #define USB_CDC_HEADER_TYPE 0x00 /* header_desc */
66 #define USB_CDC_CALL_MANAGEMENT_TYPE 0x01 /* call_mgmt_descriptor */
67 #define USB_CDC_ACM_TYPE 0x02 /* acm_descriptor */
68 #define USB_CDC_UNION_TYPE 0x06 /* union_desc */
69 #define USB_CDC_ETHERNET_TYPE 0x0f /* ether_desc */
70
71 #define USB_DT_CS_INTERFACE 0x24
72 #define USB_DT_CS_ENDPOINT 0x25
73
74 #define USB_CDC_SEND_ENCAPSULATED_COMMAND 0x00
75 #define USB_CDC_GET_ENCAPSULATED_RESPONSE 0x01
76 #define USB_CDC_REQ_SET_LINE_CODING 0x20
77 #define USB_CDC_REQ_GET_LINE_CODING 0x21
78 #define USB_CDC_REQ_SET_CONTROL_LINE_STATE 0x22
79 #define USB_CDC_REQ_SEND_BREAK 0x23
80 #define USB_CDC_SET_ETHERNET_MULTICAST_FILTERS 0x40
81 #define USB_CDC_SET_ETHERNET_PM_PATTERN_FILTER 0x41
82 #define USB_CDC_GET_ETHERNET_PM_PATTERN_FILTER 0x42
83 #define USB_CDC_SET_ETHERNET_PACKET_FILTER 0x43
84 #define USB_CDC_GET_ETHERNET_STATISTIC 0x44
85
86 #define LOG2_STATUS_INTERVAL_MSEC 5 /* 1 << 5 == 32 msec */
87 #define STATUS_BYTECOUNT 16 /* 8 byte header + data */
88
89 #define ETH_FRAME_LEN 1514 /* Max. octets in frame sans FCS */
90
91 /*
92 * mostly the same descriptor as the linux gadget rndis driver
93 */
94 static const uint8_t qemu_net_dev_descriptor[] = {
95 0x12, /* u8 bLength; */
96 USB_DT_DEVICE, /* u8 bDescriptorType; Device */
97 0x00, 0x02, /* u16 bcdUSB; v2.0 */
98 USB_CLASS_COMM, /* u8 bDeviceClass; */
99 0x00, /* u8 bDeviceSubClass; */
100 0x00, /* u8 bDeviceProtocol; [ low/full only ] */
101 0x40, /* u8 bMaxPacketSize0 */
102 RNDIS_VENDOR_NUM & 0xff, RNDIS_VENDOR_NUM >> 8, /* u16 idVendor; */
103 RNDIS_PRODUCT_NUM & 0xff, RNDIS_PRODUCT_NUM >> 8, /* u16 idProduct; */
104 0x00, 0x00, /* u16 bcdDevice */
105 STRING_MANUFACTURER, /* u8 iManufacturer; */
106 STRING_PRODUCT, /* u8 iProduct; */
107 STRING_SERIALNUMBER, /* u8 iSerialNumber; */
108 0x02, /* u8 bNumConfigurations; */
109 };
110
111 static const uint8_t qemu_net_rndis_config_descriptor[] = {
112 /* Configuration Descriptor */
113 0x09, /* u8 bLength */
114 USB_DT_CONFIG, /* u8 bDescriptorType */
115 0x43, 0x00, /* le16 wTotalLength */
116 0x02, /* u8 bNumInterfaces */
117 DEV_RNDIS_CONFIG_VALUE, /* u8 bConfigurationValue */
118 STRING_RNDIS, /* u8 iConfiguration */
119 0xc0, /* u8 bmAttributes */
120 0x32, /* u8 bMaxPower */
121 /* RNDIS Control Interface */
122 0x09, /* u8 bLength */
123 USB_DT_INTERFACE, /* u8 bDescriptorType */
124 0x00, /* u8 bInterfaceNumber */
125 0x00, /* u8 bAlternateSetting */
126 0x01, /* u8 bNumEndpoints */
127 USB_CLASS_COMM, /* u8 bInterfaceClass */
128 USB_CDC_SUBCLASS_ACM, /* u8 bInterfaceSubClass */
129 USB_CDC_ACM_PROTO_VENDOR, /* u8 bInterfaceProtocol */
130 STRING_RNDIS_CONTROL, /* u8 iInterface */
131 /* Header Descriptor */
132 0x05, /* u8 bLength */
133 USB_DT_CS_INTERFACE, /* u8 bDescriptorType */
134 USB_CDC_HEADER_TYPE, /* u8 bDescriptorSubType */
135 0x10, 0x01, /* le16 bcdCDC */
136 /* Call Management Descriptor */
137 0x05, /* u8 bLength */
138 USB_DT_CS_INTERFACE, /* u8 bDescriptorType */
139 USB_CDC_CALL_MANAGEMENT_TYPE, /* u8 bDescriptorSubType */
140 0x00, /* u8 bmCapabilities */
141 0x01, /* u8 bDataInterface */
142 /* ACM Descriptor */
143 0x04, /* u8 bLength */
144 USB_DT_CS_INTERFACE, /* u8 bDescriptorType */
145 USB_CDC_ACM_TYPE, /* u8 bDescriptorSubType */
146 0x00, /* u8 bmCapabilities */
147 /* Union Descriptor */
148 0x05, /* u8 bLength */
149 USB_DT_CS_INTERFACE, /* u8 bDescriptorType */
150 USB_CDC_UNION_TYPE, /* u8 bDescriptorSubType */
151 0x00, /* u8 bMasterInterface0 */
152 0x01, /* u8 bSlaveInterface0 */
153 /* Status Descriptor */
154 0x07, /* u8 bLength */
155 USB_DT_ENDPOINT, /* u8 bDescriptorType */
156 USB_DIR_IN | 1, /* u8 bEndpointAddress */
157 USB_ENDPOINT_XFER_INT, /* u8 bmAttributes */
158 STATUS_BYTECOUNT & 0xff, STATUS_BYTECOUNT >> 8, /* le16 wMaxPacketSize */
159 1 << LOG2_STATUS_INTERVAL_MSEC, /* u8 bInterval */
160 /* RNDIS Data Interface */
161 0x09, /* u8 bLength */
162 USB_DT_INTERFACE, /* u8 bDescriptorType */
163 0x01, /* u8 bInterfaceNumber */
164 0x00, /* u8 bAlternateSetting */
165 0x02, /* u8 bNumEndpoints */
166 USB_CLASS_CDC_DATA, /* u8 bInterfaceClass */
167 0x00, /* u8 bInterfaceSubClass */
168 0x00, /* u8 bInterfaceProtocol */
169 STRING_DATA, /* u8 iInterface */
170 /* Source Endpoint */
171 0x07, /* u8 bLength */
172 USB_DT_ENDPOINT, /* u8 bDescriptorType */
173 USB_DIR_IN | 2, /* u8 bEndpointAddress */
174 USB_ENDPOINT_XFER_BULK, /* u8 bmAttributes */
175 0x40, 0x00, /* le16 wMaxPacketSize */
176 0x00, /* u8 bInterval */
177 /* Sink Endpoint */
178 0x07, /* u8 bLength */
179 USB_DT_ENDPOINT, /* u8 bDescriptorType */
180 USB_DIR_OUT | 2, /* u8 bEndpointAddress */
181 USB_ENDPOINT_XFER_BULK, /* u8 bmAttributes */
182 0x40, 0x00, /* le16 wMaxPacketSize */
183 0x00 /* u8 bInterval */
184 };
185
186 static const uint8_t qemu_net_cdc_config_descriptor[] = {
187 /* Configuration Descriptor */
188 0x09, /* u8 bLength */
189 USB_DT_CONFIG, /* u8 bDescriptorType */
190 0x50, 0x00, /* le16 wTotalLength */
191 0x02, /* u8 bNumInterfaces */
192 DEV_CONFIG_VALUE, /* u8 bConfigurationValue */
193 STRING_CDC, /* u8 iConfiguration */
194 0xc0, /* u8 bmAttributes */
195 0x32, /* u8 bMaxPower */
196 /* CDC Control Interface */
197 0x09, /* u8 bLength */
198 USB_DT_INTERFACE, /* u8 bDescriptorType */
199 0x00, /* u8 bInterfaceNumber */
200 0x00, /* u8 bAlternateSetting */
201 0x01, /* u8 bNumEndpoints */
202 USB_CLASS_COMM, /* u8 bInterfaceClass */
203 USB_CDC_SUBCLASS_ETHERNET, /* u8 bInterfaceSubClass */
204 USB_CDC_PROTO_NONE, /* u8 bInterfaceProtocol */
205 STRING_CONTROL, /* u8 iInterface */
206 /* Header Descriptor */
207 0x05, /* u8 bLength */
208 USB_DT_CS_INTERFACE, /* u8 bDescriptorType */
209 USB_CDC_HEADER_TYPE, /* u8 bDescriptorSubType */
210 0x10, 0x01, /* le16 bcdCDC */
211 /* Union Descriptor */
212 0x05, /* u8 bLength */
213 USB_DT_CS_INTERFACE, /* u8 bDescriptorType */
214 USB_CDC_UNION_TYPE, /* u8 bDescriptorSubType */
215 0x00, /* u8 bMasterInterface0 */
216 0x01, /* u8 bSlaveInterface0 */
217 /* Ethernet Descriptor */
218 0x0d, /* u8 bLength */
219 USB_DT_CS_INTERFACE, /* u8 bDescriptorType */
220 USB_CDC_ETHERNET_TYPE, /* u8 bDescriptorSubType */
221 STRING_ETHADDR, /* u8 iMACAddress */
222 0x00, 0x00, 0x00, 0x00, /* le32 bmEthernetStatistics */
223 ETH_FRAME_LEN & 0xff, ETH_FRAME_LEN >> 8, /* le16 wMaxSegmentSize */
224 0x00, 0x00, /* le16 wNumberMCFilters */
225 0x00, /* u8 bNumberPowerFilters */
226 /* Status Descriptor */
227 0x07, /* u8 bLength */
228 USB_DT_ENDPOINT, /* u8 bDescriptorType */
229 USB_DIR_IN | 1, /* u8 bEndpointAddress */
230 USB_ENDPOINT_XFER_INT, /* u8 bmAttributes */
231 STATUS_BYTECOUNT & 0xff, STATUS_BYTECOUNT >> 8, /* le16 wMaxPacketSize */
232 1 << LOG2_STATUS_INTERVAL_MSEC, /* u8 bInterval */
233 /* CDC Data (nop) Interface */
234 0x09, /* u8 bLength */
235 USB_DT_INTERFACE, /* u8 bDescriptorType */
236 0x01, /* u8 bInterfaceNumber */
237 0x00, /* u8 bAlternateSetting */
238 0x00, /* u8 bNumEndpoints */
239 USB_CLASS_CDC_DATA, /* u8 bInterfaceClass */
240 0x00, /* u8 bInterfaceSubClass */
241 0x00, /* u8 bInterfaceProtocol */
242 0x00, /* u8 iInterface */
243 /* CDC Data Interface */
244 0x09, /* u8 bLength */
245 USB_DT_INTERFACE, /* u8 bDescriptorType */
246 0x01, /* u8 bInterfaceNumber */
247 0x01, /* u8 bAlternateSetting */
248 0x02, /* u8 bNumEndpoints */
249 USB_CLASS_CDC_DATA, /* u8 bInterfaceClass */
250 0x00, /* u8 bInterfaceSubClass */
251 0x00, /* u8 bInterfaceProtocol */
252 STRING_DATA, /* u8 iInterface */
253 /* Source Endpoint */
254 0x07, /* u8 bLength */
255 USB_DT_ENDPOINT, /* u8 bDescriptorType */
256 USB_DIR_IN | 2, /* u8 bEndpointAddress */
257 USB_ENDPOINT_XFER_BULK, /* u8 bmAttributes */
258 0x40, 0x00, /* le16 wMaxPacketSize */
259 0x00, /* u8 bInterval */
260 /* Sink Endpoint */
261 0x07, /* u8 bLength */
262 USB_DT_ENDPOINT, /* u8 bDescriptorType */
263 USB_DIR_OUT | 2, /* u8 bEndpointAddress */
264 USB_ENDPOINT_XFER_BULK, /* u8 bmAttributes */
265 0x40, 0x00, /* le16 wMaxPacketSize */
266 0x00 /* u8 bInterval */
267 };
268
269 /*
270 * RNDIS Definitions - in theory not specific to USB.
271 */
272 #define RNDIS_MAXIMUM_FRAME_SIZE 1518
273 #define RNDIS_MAX_TOTAL_SIZE 1558
274
275 /* Remote NDIS Versions */
276 #define RNDIS_MAJOR_VERSION 1
277 #define RNDIS_MINOR_VERSION 0
278
279 /* Status Values */
280 #define RNDIS_STATUS_SUCCESS 0x00000000U /* Success */
281 #define RNDIS_STATUS_FAILURE 0xc0000001U /* Unspecified error */
282 #define RNDIS_STATUS_INVALID_DATA 0xc0010015U /* Invalid data */
283 #define RNDIS_STATUS_NOT_SUPPORTED 0xc00000bbU /* Unsupported request */
284 #define RNDIS_STATUS_MEDIA_CONNECT 0x4001000bU /* Device connected */
285 #define RNDIS_STATUS_MEDIA_DISCONNECT 0x4001000cU /* Device disconnected */
286
287 /* Message Set for Connectionless (802.3) Devices */
288 enum {
289 RNDIS_PACKET_MSG = 1,
290 RNDIS_INITIALIZE_MSG = 2, /* Initialize device */
291 RNDIS_HALT_MSG = 3,
292 RNDIS_QUERY_MSG = 4,
293 RNDIS_SET_MSG = 5,
294 RNDIS_RESET_MSG = 6,
295 RNDIS_INDICATE_STATUS_MSG = 7,
296 RNDIS_KEEPALIVE_MSG = 8,
297 };
298
299 /* Message completion */
300 enum {
301 RNDIS_INITIALIZE_CMPLT = 0x80000002U,
302 RNDIS_QUERY_CMPLT = 0x80000004U,
303 RNDIS_SET_CMPLT = 0x80000005U,
304 RNDIS_RESET_CMPLT = 0x80000006U,
305 RNDIS_KEEPALIVE_CMPLT = 0x80000008U,
306 };
307
308 /* Device Flags */
309 enum {
310 RNDIS_DF_CONNECTIONLESS = 1,
311 RNDIS_DF_CONNECTIONORIENTED = 2,
312 };
313
314 #define RNDIS_MEDIUM_802_3 0x00000000U
315
316 /* from drivers/net/sk98lin/h/skgepnmi.h */
317 #define OID_PNP_CAPABILITIES 0xfd010100
318 #define OID_PNP_SET_POWER 0xfd010101
319 #define OID_PNP_QUERY_POWER 0xfd010102
320 #define OID_PNP_ADD_WAKE_UP_PATTERN 0xfd010103
321 #define OID_PNP_REMOVE_WAKE_UP_PATTERN 0xfd010104
322 #define OID_PNP_ENABLE_WAKE_UP 0xfd010106
323
324 typedef uint32_t le32;
325
326 typedef struct rndis_init_msg_type {
327 le32 MessageType;
328 le32 MessageLength;
329 le32 RequestID;
330 le32 MajorVersion;
331 le32 MinorVersion;
332 le32 MaxTransferSize;
333 } rndis_init_msg_type;
334
335 typedef struct rndis_init_cmplt_type {
336 le32 MessageType;
337 le32 MessageLength;
338 le32 RequestID;
339 le32 Status;
340 le32 MajorVersion;
341 le32 MinorVersion;
342 le32 DeviceFlags;
343 le32 Medium;
344 le32 MaxPacketsPerTransfer;
345 le32 MaxTransferSize;
346 le32 PacketAlignmentFactor;
347 le32 AFListOffset;
348 le32 AFListSize;
349 } rndis_init_cmplt_type;
350
351 typedef struct rndis_halt_msg_type {
352 le32 MessageType;
353 le32 MessageLength;
354 le32 RequestID;
355 } rndis_halt_msg_type;
356
357 typedef struct rndis_query_msg_type {
358 le32 MessageType;
359 le32 MessageLength;
360 le32 RequestID;
361 le32 OID;
362 le32 InformationBufferLength;
363 le32 InformationBufferOffset;
364 le32 DeviceVcHandle;
365 } rndis_query_msg_type;
366
367 typedef struct rndis_query_cmplt_type {
368 le32 MessageType;
369 le32 MessageLength;
370 le32 RequestID;
371 le32 Status;
372 le32 InformationBufferLength;
373 le32 InformationBufferOffset;
374 } rndis_query_cmplt_type;
375
376 typedef struct rndis_set_msg_type {
377 le32 MessageType;
378 le32 MessageLength;
379 le32 RequestID;
380 le32 OID;
381 le32 InformationBufferLength;
382 le32 InformationBufferOffset;
383 le32 DeviceVcHandle;
384 } rndis_set_msg_type;
385
386 typedef struct rndis_set_cmplt_type {
387 le32 MessageType;
388 le32 MessageLength;
389 le32 RequestID;
390 le32 Status;
391 } rndis_set_cmplt_type;
392
393 typedef struct rndis_reset_msg_type {
394 le32 MessageType;
395 le32 MessageLength;
396 le32 Reserved;
397 } rndis_reset_msg_type;
398
399 typedef struct rndis_reset_cmplt_type {
400 le32 MessageType;
401 le32 MessageLength;
402 le32 Status;
403 le32 AddressingReset;
404 } rndis_reset_cmplt_type;
405
406 typedef struct rndis_indicate_status_msg_type {
407 le32 MessageType;
408 le32 MessageLength;
409 le32 Status;
410 le32 StatusBufferLength;
411 le32 StatusBufferOffset;
412 } rndis_indicate_status_msg_type;
413
414 typedef struct rndis_keepalive_msg_type {
415 le32 MessageType;
416 le32 MessageLength;
417 le32 RequestID;
418 } rndis_keepalive_msg_type;
419
420 typedef struct rndis_keepalive_cmplt_type {
421 le32 MessageType;
422 le32 MessageLength;
423 le32 RequestID;
424 le32 Status;
425 } rndis_keepalive_cmplt_type;
426
427 struct rndis_packet_msg_type {
428 le32 MessageType;
429 le32 MessageLength;
430 le32 DataOffset;
431 le32 DataLength;
432 le32 OOBDataOffset;
433 le32 OOBDataLength;
434 le32 NumOOBDataElements;
435 le32 PerPacketInfoOffset;
436 le32 PerPacketInfoLength;
437 le32 VcHandle;
438 le32 Reserved;
439 };
440
441 struct rndis_config_parameter {
442 le32 ParameterNameOffset;
443 le32 ParameterNameLength;
444 le32 ParameterType;
445 le32 ParameterValueOffset;
446 le32 ParameterValueLength;
447 };
448
449 /* implementation specific */
450 enum rndis_state
451 {
452 RNDIS_UNINITIALIZED,
453 RNDIS_INITIALIZED,
454 RNDIS_DATA_INITIALIZED,
455 };
456
457 /* from ndis.h */
458 enum ndis_oid {
459 /* Required Object IDs (OIDs) */
460 OID_GEN_SUPPORTED_LIST = 0x00010101,
461 OID_GEN_HARDWARE_STATUS = 0x00010102,
462 OID_GEN_MEDIA_SUPPORTED = 0x00010103,
463 OID_GEN_MEDIA_IN_USE = 0x00010104,
464 OID_GEN_MAXIMUM_LOOKAHEAD = 0x00010105,
465 OID_GEN_MAXIMUM_FRAME_SIZE = 0x00010106,
466 OID_GEN_LINK_SPEED = 0x00010107,
467 OID_GEN_TRANSMIT_BUFFER_SPACE = 0x00010108,
468 OID_GEN_RECEIVE_BUFFER_SPACE = 0x00010109,
469 OID_GEN_TRANSMIT_BLOCK_SIZE = 0x0001010a,
470 OID_GEN_RECEIVE_BLOCK_SIZE = 0x0001010b,
471 OID_GEN_VENDOR_ID = 0x0001010c,
472 OID_GEN_VENDOR_DESCRIPTION = 0x0001010d,
473 OID_GEN_CURRENT_PACKET_FILTER = 0x0001010e,
474 OID_GEN_CURRENT_LOOKAHEAD = 0x0001010f,
475 OID_GEN_DRIVER_VERSION = 0x00010110,
476 OID_GEN_MAXIMUM_TOTAL_SIZE = 0x00010111,
477 OID_GEN_PROTOCOL_OPTIONS = 0x00010112,
478 OID_GEN_MAC_OPTIONS = 0x00010113,
479 OID_GEN_MEDIA_CONNECT_STATUS = 0x00010114,
480 OID_GEN_MAXIMUM_SEND_PACKETS = 0x00010115,
481 OID_GEN_VENDOR_DRIVER_VERSION = 0x00010116,
482 OID_GEN_SUPPORTED_GUIDS = 0x00010117,
483 OID_GEN_NETWORK_LAYER_ADDRESSES = 0x00010118,
484 OID_GEN_TRANSPORT_HEADER_OFFSET = 0x00010119,
485 OID_GEN_MACHINE_NAME = 0x0001021a,
486 OID_GEN_RNDIS_CONFIG_PARAMETER = 0x0001021b,
487 OID_GEN_VLAN_ID = 0x0001021c,
488
489 /* Optional OIDs */
490 OID_GEN_MEDIA_CAPABILITIES = 0x00010201,
491 OID_GEN_PHYSICAL_MEDIUM = 0x00010202,
492
493 /* Required statistics OIDs */
494 OID_GEN_XMIT_OK = 0x00020101,
495 OID_GEN_RCV_OK = 0x00020102,
496 OID_GEN_XMIT_ERROR = 0x00020103,
497 OID_GEN_RCV_ERROR = 0x00020104,
498 OID_GEN_RCV_NO_BUFFER = 0x00020105,
499
500 /* Optional statistics OIDs */
501 OID_GEN_DIRECTED_BYTES_XMIT = 0x00020201,
502 OID_GEN_DIRECTED_FRAMES_XMIT = 0x00020202,
503 OID_GEN_MULTICAST_BYTES_XMIT = 0x00020203,
504 OID_GEN_MULTICAST_FRAMES_XMIT = 0x00020204,
505 OID_GEN_BROADCAST_BYTES_XMIT = 0x00020205,
506 OID_GEN_BROADCAST_FRAMES_XMIT = 0x00020206,
507 OID_GEN_DIRECTED_BYTES_RCV = 0x00020207,
508 OID_GEN_DIRECTED_FRAMES_RCV = 0x00020208,
509 OID_GEN_MULTICAST_BYTES_RCV = 0x00020209,
510 OID_GEN_MULTICAST_FRAMES_RCV = 0x0002020a,
511 OID_GEN_BROADCAST_BYTES_RCV = 0x0002020b,
512 OID_GEN_BROADCAST_FRAMES_RCV = 0x0002020c,
513 OID_GEN_RCV_CRC_ERROR = 0x0002020d,
514 OID_GEN_TRANSMIT_QUEUE_LENGTH = 0x0002020e,
515 OID_GEN_GET_TIME_CAPS = 0x0002020f,
516 OID_GEN_GET_NETCARD_TIME = 0x00020210,
517 OID_GEN_NETCARD_LOAD = 0x00020211,
518 OID_GEN_DEVICE_PROFILE = 0x00020212,
519 OID_GEN_INIT_TIME_MS = 0x00020213,
520 OID_GEN_RESET_COUNTS = 0x00020214,
521 OID_GEN_MEDIA_SENSE_COUNTS = 0x00020215,
522 OID_GEN_FRIENDLY_NAME = 0x00020216,
523 OID_GEN_MINIPORT_INFO = 0x00020217,
524 OID_GEN_RESET_VERIFY_PARAMETERS = 0x00020218,
525
526 /* IEEE 802.3 (Ethernet) OIDs */
527 OID_802_3_PERMANENT_ADDRESS = 0x01010101,
528 OID_802_3_CURRENT_ADDRESS = 0x01010102,
529 OID_802_3_MULTICAST_LIST = 0x01010103,
530 OID_802_3_MAXIMUM_LIST_SIZE = 0x01010104,
531 OID_802_3_MAC_OPTIONS = 0x01010105,
532 OID_802_3_RCV_ERROR_ALIGNMENT = 0x01020101,
533 OID_802_3_XMIT_ONE_COLLISION = 0x01020102,
534 OID_802_3_XMIT_MORE_COLLISIONS = 0x01020103,
535 OID_802_3_XMIT_DEFERRED = 0x01020201,
536 OID_802_3_XMIT_MAX_COLLISIONS = 0x01020202,
537 OID_802_3_RCV_OVERRUN = 0x01020203,
538 OID_802_3_XMIT_UNDERRUN = 0x01020204,
539 OID_802_3_XMIT_HEARTBEAT_FAILURE = 0x01020205,
540 OID_802_3_XMIT_TIMES_CRS_LOST = 0x01020206,
541 OID_802_3_XMIT_LATE_COLLISIONS = 0x01020207,
542 };
543
544 static const uint32_t oid_supported_list[] =
545 {
546 /* the general stuff */
547 OID_GEN_SUPPORTED_LIST,
548 OID_GEN_HARDWARE_STATUS,
549 OID_GEN_MEDIA_SUPPORTED,
550 OID_GEN_MEDIA_IN_USE,
551 OID_GEN_MAXIMUM_FRAME_SIZE,
552 OID_GEN_LINK_SPEED,
553 OID_GEN_TRANSMIT_BLOCK_SIZE,
554 OID_GEN_RECEIVE_BLOCK_SIZE,
555 OID_GEN_VENDOR_ID,
556 OID_GEN_VENDOR_DESCRIPTION,
557 OID_GEN_VENDOR_DRIVER_VERSION,
558 OID_GEN_CURRENT_PACKET_FILTER,
559 OID_GEN_MAXIMUM_TOTAL_SIZE,
560 OID_GEN_MEDIA_CONNECT_STATUS,
561 OID_GEN_PHYSICAL_MEDIUM,
562
563 /* the statistical stuff */
564 OID_GEN_XMIT_OK,
565 OID_GEN_RCV_OK,
566 OID_GEN_XMIT_ERROR,
567 OID_GEN_RCV_ERROR,
568 OID_GEN_RCV_NO_BUFFER,
569
570 /* IEEE 802.3 */
571 /* the general stuff */
572 OID_802_3_PERMANENT_ADDRESS,
573 OID_802_3_CURRENT_ADDRESS,
574 OID_802_3_MULTICAST_LIST,
575 OID_802_3_MAC_OPTIONS,
576 OID_802_3_MAXIMUM_LIST_SIZE,
577
578 /* the statistical stuff */
579 OID_802_3_RCV_ERROR_ALIGNMENT,
580 OID_802_3_XMIT_ONE_COLLISION,
581 OID_802_3_XMIT_MORE_COLLISIONS,
582 };
583
584 #define NDIS_MAC_OPTION_COPY_LOOKAHEAD_DATA (1 << 0)
585 #define NDIS_MAC_OPTION_RECEIVE_SERIALIZED (1 << 1)
586 #define NDIS_MAC_OPTION_TRANSFERS_NOT_PEND (1 << 2)
587 #define NDIS_MAC_OPTION_NO_LOOPBACK (1 << 3)
588 #define NDIS_MAC_OPTION_FULL_DUPLEX (1 << 4)
589 #define NDIS_MAC_OPTION_EOTX_INDICATION (1 << 5)
590 #define NDIS_MAC_OPTION_8021P_PRIORITY (1 << 6)
591
592 struct rndis_response {
593 QTAILQ_ENTRY(rndis_response) entries;
594 uint32_t length;
595 uint8_t buf[0];
596 };
597
598 typedef struct USBNetState {
599 USBDevice dev;
600
601 unsigned int rndis;
602 enum rndis_state rndis_state;
603 uint32_t medium;
604 uint32_t speed;
605 uint32_t media_state;
606 uint16_t filter;
607 uint32_t vendorid;
608
609 unsigned int out_ptr;
610 uint8_t out_buf[2048];
611
612 USBPacket *inpkt;
613 unsigned int in_ptr, in_len;
614 uint8_t in_buf[2048];
615
616 char usbstring_mac[13];
617 NICState *nic;
618 NICConf conf;
619 QTAILQ_HEAD(rndis_resp_head, rndis_response) rndis_resp;
620 } USBNetState;
621
622 static int ndis_query(USBNetState *s, uint32_t oid,
623 uint8_t *inbuf, unsigned int inlen, uint8_t *outbuf,
624 size_t outlen)
625 {
626 unsigned int i;
627
628 switch (oid) {
629 /* general oids (table 4-1) */
630 /* mandatory */
631 case OID_GEN_SUPPORTED_LIST:
632 for (i = 0; i < ARRAY_SIZE(oid_supported_list); i++)
633 ((le32 *) outbuf)[i] = cpu_to_le32(oid_supported_list[i]);
634 return sizeof(oid_supported_list);
635
636 /* mandatory */
637 case OID_GEN_HARDWARE_STATUS:
638 *((le32 *) outbuf) = cpu_to_le32(0);
639 return sizeof(le32);
640
641 /* mandatory */
642 case OID_GEN_MEDIA_SUPPORTED:
643 *((le32 *) outbuf) = cpu_to_le32(s->medium);
644 return sizeof(le32);
645
646 /* mandatory */
647 case OID_GEN_MEDIA_IN_USE:
648 *((le32 *) outbuf) = cpu_to_le32(s->medium);
649 return sizeof(le32);
650
651 /* mandatory */
652 case OID_GEN_MAXIMUM_FRAME_SIZE:
653 *((le32 *) outbuf) = cpu_to_le32(ETH_FRAME_LEN);
654 return sizeof(le32);
655
656 /* mandatory */
657 case OID_GEN_LINK_SPEED:
658 *((le32 *) outbuf) = cpu_to_le32(s->speed);
659 return sizeof(le32);
660
661 /* mandatory */
662 case OID_GEN_TRANSMIT_BLOCK_SIZE:
663 *((le32 *) outbuf) = cpu_to_le32(ETH_FRAME_LEN);
664 return sizeof(le32);
665
666 /* mandatory */
667 case OID_GEN_RECEIVE_BLOCK_SIZE:
668 *((le32 *) outbuf) = cpu_to_le32(ETH_FRAME_LEN);
669 return sizeof(le32);
670
671 /* mandatory */
672 case OID_GEN_VENDOR_ID:
673 *((le32 *) outbuf) = cpu_to_le32(s->vendorid);
674 return sizeof(le32);
675
676 /* mandatory */
677 case OID_GEN_VENDOR_DESCRIPTION:
678 pstrcpy((char *)outbuf, outlen, "QEMU USB RNDIS Net");
679 return strlen((char *)outbuf) + 1;
680
681 case OID_GEN_VENDOR_DRIVER_VERSION:
682 *((le32 *) outbuf) = cpu_to_le32(1);
683 return sizeof(le32);
684
685 /* mandatory */
686 case OID_GEN_CURRENT_PACKET_FILTER:
687 *((le32 *) outbuf) = cpu_to_le32(s->filter);
688 return sizeof(le32);
689
690 /* mandatory */
691 case OID_GEN_MAXIMUM_TOTAL_SIZE:
692 *((le32 *) outbuf) = cpu_to_le32(RNDIS_MAX_TOTAL_SIZE);
693 return sizeof(le32);
694
695 /* mandatory */
696 case OID_GEN_MEDIA_CONNECT_STATUS:
697 *((le32 *) outbuf) = cpu_to_le32(s->media_state);
698 return sizeof(le32);
699
700 case OID_GEN_PHYSICAL_MEDIUM:
701 *((le32 *) outbuf) = cpu_to_le32(0);
702 return sizeof(le32);
703
704 case OID_GEN_MAC_OPTIONS:
705 *((le32 *) outbuf) = cpu_to_le32(
706 NDIS_MAC_OPTION_RECEIVE_SERIALIZED |
707 NDIS_MAC_OPTION_FULL_DUPLEX);
708 return sizeof(le32);
709
710 /* statistics OIDs (table 4-2) */
711 /* mandatory */
712 case OID_GEN_XMIT_OK:
713 *((le32 *) outbuf) = cpu_to_le32(0);
714 return sizeof(le32);
715
716 /* mandatory */
717 case OID_GEN_RCV_OK:
718 *((le32 *) outbuf) = cpu_to_le32(0);
719 return sizeof(le32);
720
721 /* mandatory */
722 case OID_GEN_XMIT_ERROR:
723 *((le32 *) outbuf) = cpu_to_le32(0);
724 return sizeof(le32);
725
726 /* mandatory */
727 case OID_GEN_RCV_ERROR:
728 *((le32 *) outbuf) = cpu_to_le32(0);
729 return sizeof(le32);
730
731 /* mandatory */
732 case OID_GEN_RCV_NO_BUFFER:
733 *((le32 *) outbuf) = cpu_to_le32(0);
734 return sizeof(le32);
735
736 /* ieee802.3 OIDs (table 4-3) */
737 /* mandatory */
738 case OID_802_3_PERMANENT_ADDRESS:
739 memcpy(outbuf, s->conf.macaddr.a, 6);
740 return 6;
741
742 /* mandatory */
743 case OID_802_3_CURRENT_ADDRESS:
744 memcpy(outbuf, s->conf.macaddr.a, 6);
745 return 6;
746
747 /* mandatory */
748 case OID_802_3_MULTICAST_LIST:
749 *((le32 *) outbuf) = cpu_to_le32(0xe0000000);
750 return sizeof(le32);
751
752 /* mandatory */
753 case OID_802_3_MAXIMUM_LIST_SIZE:
754 *((le32 *) outbuf) = cpu_to_le32(1);
755 return sizeof(le32);
756
757 case OID_802_3_MAC_OPTIONS:
758 return 0;
759
760 /* ieee802.3 statistics OIDs (table 4-4) */
761 /* mandatory */
762 case OID_802_3_RCV_ERROR_ALIGNMENT:
763 *((le32 *) outbuf) = cpu_to_le32(0);
764 return sizeof(le32);
765
766 /* mandatory */
767 case OID_802_3_XMIT_ONE_COLLISION:
768 *((le32 *) outbuf) = cpu_to_le32(0);
769 return sizeof(le32);
770
771 /* mandatory */
772 case OID_802_3_XMIT_MORE_COLLISIONS:
773 *((le32 *) outbuf) = cpu_to_le32(0);
774 return sizeof(le32);
775
776 default:
777 fprintf(stderr, "usbnet: unknown OID 0x%08x\n", oid);
778 return 0;
779 }
780 return -1;
781 }
782
783 static int ndis_set(USBNetState *s, uint32_t oid,
784 uint8_t *inbuf, unsigned int inlen)
785 {
786 switch (oid) {
787 case OID_GEN_CURRENT_PACKET_FILTER:
788 s->filter = le32_to_cpup((le32 *) inbuf);
789 if (s->filter) {
790 s->rndis_state = RNDIS_DATA_INITIALIZED;
791 } else {
792 s->rndis_state = RNDIS_INITIALIZED;
793 }
794 return 0;
795
796 case OID_802_3_MULTICAST_LIST:
797 return 0;
798 }
799 return -1;
800 }
801
802 static int rndis_get_response(USBNetState *s, uint8_t *buf)
803 {
804 int ret = 0;
805 struct rndis_response *r = s->rndis_resp.tqh_first;
806
807 if (!r)
808 return ret;
809
810 QTAILQ_REMOVE(&s->rndis_resp, r, entries);
811 ret = r->length;
812 memcpy(buf, r->buf, r->length);
813 qemu_free(r);
814
815 return ret;
816 }
817
818 static void *rndis_queue_response(USBNetState *s, unsigned int length)
819 {
820 struct rndis_response *r =
821 qemu_mallocz(sizeof(struct rndis_response) + length);
822
823 QTAILQ_INSERT_TAIL(&s->rndis_resp, r, entries);
824 r->length = length;
825
826 return &r->buf[0];
827 }
828
829 static void rndis_clear_responsequeue(USBNetState *s)
830 {
831 struct rndis_response *r;
832
833 while ((r = s->rndis_resp.tqh_first)) {
834 QTAILQ_REMOVE(&s->rndis_resp, r, entries);
835 qemu_free(r);
836 }
837 }
838
839 static int rndis_init_response(USBNetState *s, rndis_init_msg_type *buf)
840 {
841 rndis_init_cmplt_type *resp =
842 rndis_queue_response(s, sizeof(rndis_init_cmplt_type));
843
844 if (!resp)
845 return USB_RET_STALL;
846
847 resp->MessageType = cpu_to_le32(RNDIS_INITIALIZE_CMPLT);
848 resp->MessageLength = cpu_to_le32(sizeof(rndis_init_cmplt_type));
849 resp->RequestID = buf->RequestID; /* Still LE in msg buffer */
850 resp->Status = cpu_to_le32(RNDIS_STATUS_SUCCESS);
851 resp->MajorVersion = cpu_to_le32(RNDIS_MAJOR_VERSION);
852 resp->MinorVersion = cpu_to_le32(RNDIS_MINOR_VERSION);
853 resp->DeviceFlags = cpu_to_le32(RNDIS_DF_CONNECTIONLESS);
854 resp->Medium = cpu_to_le32(RNDIS_MEDIUM_802_3);
855 resp->MaxPacketsPerTransfer = cpu_to_le32(1);
856 resp->MaxTransferSize = cpu_to_le32(ETH_FRAME_LEN +
857 sizeof(struct rndis_packet_msg_type) + 22);
858 resp->PacketAlignmentFactor = cpu_to_le32(0);
859 resp->AFListOffset = cpu_to_le32(0);
860 resp->AFListSize = cpu_to_le32(0);
861 return 0;
862 }
863
864 static int rndis_query_response(USBNetState *s,
865 rndis_query_msg_type *buf, unsigned int length)
866 {
867 rndis_query_cmplt_type *resp;
868 /* oid_supported_list is the largest data reply */
869 uint8_t infobuf[sizeof(oid_supported_list)];
870 uint32_t bufoffs, buflen;
871 int infobuflen;
872 unsigned int resplen;
873
874 bufoffs = le32_to_cpu(buf->InformationBufferOffset) + 8;
875 buflen = le32_to_cpu(buf->InformationBufferLength);
876 if (bufoffs + buflen > length)
877 return USB_RET_STALL;
878
879 infobuflen = ndis_query(s, le32_to_cpu(buf->OID),
880 bufoffs + (uint8_t *) buf, buflen, infobuf,
881 sizeof(infobuf));
882 resplen = sizeof(rndis_query_cmplt_type) +
883 ((infobuflen < 0) ? 0 : infobuflen);
884 resp = rndis_queue_response(s, resplen);
885 if (!resp)
886 return USB_RET_STALL;
887
888 resp->MessageType = cpu_to_le32(RNDIS_QUERY_CMPLT);
889 resp->RequestID = buf->RequestID; /* Still LE in msg buffer */
890 resp->MessageLength = cpu_to_le32(resplen);
891
892 if (infobuflen < 0) {
893 /* OID not supported */
894 resp->Status = cpu_to_le32(RNDIS_STATUS_NOT_SUPPORTED);
895 resp->InformationBufferLength = cpu_to_le32(0);
896 resp->InformationBufferOffset = cpu_to_le32(0);
897 return 0;
898 }
899
900 resp->Status = cpu_to_le32(RNDIS_STATUS_SUCCESS);
901 resp->InformationBufferOffset =
902 cpu_to_le32(infobuflen ? sizeof(rndis_query_cmplt_type) - 8 : 0);
903 resp->InformationBufferLength = cpu_to_le32(infobuflen);
904 memcpy(resp + 1, infobuf, infobuflen);
905
906 return 0;
907 }
908
909 static int rndis_set_response(USBNetState *s,
910 rndis_set_msg_type *buf, unsigned int length)
911 {
912 rndis_set_cmplt_type *resp =
913 rndis_queue_response(s, sizeof(rndis_set_cmplt_type));
914 uint32_t bufoffs, buflen;
915 int ret;
916
917 if (!resp)
918 return USB_RET_STALL;
919
920 bufoffs = le32_to_cpu(buf->InformationBufferOffset) + 8;
921 buflen = le32_to_cpu(buf->InformationBufferLength);
922 if (bufoffs + buflen > length)
923 return USB_RET_STALL;
924
925 ret = ndis_set(s, le32_to_cpu(buf->OID),
926 bufoffs + (uint8_t *) buf, buflen);
927 resp->MessageType = cpu_to_le32(RNDIS_SET_CMPLT);
928 resp->RequestID = buf->RequestID; /* Still LE in msg buffer */
929 resp->MessageLength = cpu_to_le32(sizeof(rndis_set_cmplt_type));
930 if (ret < 0) {
931 /* OID not supported */
932 resp->Status = cpu_to_le32(RNDIS_STATUS_NOT_SUPPORTED);
933 return 0;
934 }
935 resp->Status = cpu_to_le32(RNDIS_STATUS_SUCCESS);
936
937 return 0;
938 }
939
940 static int rndis_reset_response(USBNetState *s, rndis_reset_msg_type *buf)
941 {
942 rndis_reset_cmplt_type *resp =
943 rndis_queue_response(s, sizeof(rndis_reset_cmplt_type));
944
945 if (!resp)
946 return USB_RET_STALL;
947
948 resp->MessageType = cpu_to_le32(RNDIS_RESET_CMPLT);
949 resp->MessageLength = cpu_to_le32(sizeof(rndis_reset_cmplt_type));
950 resp->Status = cpu_to_le32(RNDIS_STATUS_SUCCESS);
951 resp->AddressingReset = cpu_to_le32(1); /* reset information */
952
953 return 0;
954 }
955
956 static int rndis_keepalive_response(USBNetState *s,
957 rndis_keepalive_msg_type *buf)
958 {
959 rndis_keepalive_cmplt_type *resp =
960 rndis_queue_response(s, sizeof(rndis_keepalive_cmplt_type));
961
962 if (!resp)
963 return USB_RET_STALL;
964
965 resp->MessageType = cpu_to_le32(RNDIS_KEEPALIVE_CMPLT);
966 resp->MessageLength = cpu_to_le32(sizeof(rndis_keepalive_cmplt_type));
967 resp->RequestID = buf->RequestID; /* Still LE in msg buffer */
968 resp->Status = cpu_to_le32(RNDIS_STATUS_SUCCESS);
969
970 return 0;
971 }
972
973 static int rndis_parse(USBNetState *s, uint8_t *data, int length)
974 {
975 uint32_t msg_type, msg_length;
976 le32 *tmp = (le32 *) data;
977
978 msg_type = le32_to_cpup(tmp++);
979 msg_length = le32_to_cpup(tmp++);
980
981 switch (msg_type) {
982 case RNDIS_INITIALIZE_MSG:
983 s->rndis_state = RNDIS_INITIALIZED;
984 return rndis_init_response(s, (rndis_init_msg_type *) data);
985
986 case RNDIS_HALT_MSG:
987 s->rndis_state = RNDIS_UNINITIALIZED;
988 return 0;
989
990 case RNDIS_QUERY_MSG:
991 return rndis_query_response(s, (rndis_query_msg_type *) data, length);
992
993 case RNDIS_SET_MSG:
994 return rndis_set_response(s, (rndis_set_msg_type *) data, length);
995
996 case RNDIS_RESET_MSG:
997 rndis_clear_responsequeue(s);
998 s->out_ptr = s->in_ptr = s->in_len = 0;
999 return rndis_reset_response(s, (rndis_reset_msg_type *) data);
1000
1001 case RNDIS_KEEPALIVE_MSG:
1002 /* For USB: host does this every 5 seconds */
1003 return rndis_keepalive_response(s, (rndis_keepalive_msg_type *) data);
1004 }
1005
1006 return USB_RET_STALL;
1007 }
1008
1009 static void usb_net_handle_reset(USBDevice *dev)
1010 {
1011 }
1012
1013 static const char * const usb_net_stringtable[] = {
1014 [STRING_MANUFACTURER] = "QEMU",
1015 [STRING_PRODUCT] = "RNDIS/QEMU USB Network Device",
1016 [STRING_ETHADDR] = "400102030405",
1017 [STRING_DATA] = "QEMU USB Net Data Interface",
1018 [STRING_CONTROL] = "QEMU USB Net Control Interface",
1019 [STRING_RNDIS_CONTROL] = "QEMU USB Net RNDIS Control Interface",
1020 [STRING_CDC] = "QEMU USB Net CDC",
1021 [STRING_SUBSET] = "QEMU USB Net Subset",
1022 [STRING_RNDIS] = "QEMU USB Net RNDIS",
1023 [STRING_SERIALNUMBER] = "1",
1024 };
1025
1026 static int usb_net_handle_control(USBDevice *dev, int request, int value,
1027 int index, int length, uint8_t *data)
1028 {
1029 USBNetState *s = (USBNetState *) dev;
1030 int ret = 0;
1031
1032 switch(request) {
1033 case DeviceRequest | USB_REQ_GET_STATUS:
1034 data[0] = (1 << USB_DEVICE_SELF_POWERED) |
1035 (dev->remote_wakeup << USB_DEVICE_REMOTE_WAKEUP);
1036 data[1] = 0x00;
1037 ret = 2;
1038 break;
1039
1040 case DeviceOutRequest | USB_REQ_CLEAR_FEATURE:
1041 if (value == USB_DEVICE_REMOTE_WAKEUP) {
1042 dev->remote_wakeup = 0;
1043 } else {
1044 goto fail;
1045 }
1046 ret = 0;
1047 break;
1048
1049 case DeviceOutRequest | USB_REQ_SET_FEATURE:
1050 if (value == USB_DEVICE_REMOTE_WAKEUP) {
1051 dev->remote_wakeup = 1;
1052 } else {
1053 goto fail;
1054 }
1055 ret = 0;
1056 break;
1057
1058 case DeviceOutRequest | USB_REQ_SET_ADDRESS:
1059 dev->addr = value;
1060 ret = 0;
1061 break;
1062
1063 case ClassInterfaceOutRequest | USB_CDC_SEND_ENCAPSULATED_COMMAND:
1064 if (!s->rndis || value || index != 0)
1065 goto fail;
1066 #ifdef TRAFFIC_DEBUG
1067 {
1068 unsigned int i;
1069 fprintf(stderr, "SEND_ENCAPSULATED_COMMAND:");
1070 for (i = 0; i < length; i++) {
1071 if (!(i & 15))
1072 fprintf(stderr, "\n%04x:", i);
1073 fprintf(stderr, " %02x", data[i]);
1074 }
1075 fprintf(stderr, "\n\n");
1076 }
1077 #endif
1078 ret = rndis_parse(s, data, length);
1079 break;
1080
1081 case ClassInterfaceRequest | USB_CDC_GET_ENCAPSULATED_RESPONSE:
1082 if (!s->rndis || value || index != 0)
1083 goto fail;
1084 ret = rndis_get_response(s, data);
1085 if (!ret) {
1086 data[0] = 0;
1087 ret = 1;
1088 }
1089 #ifdef TRAFFIC_DEBUG
1090 {
1091 unsigned int i;
1092 fprintf(stderr, "GET_ENCAPSULATED_RESPONSE:");
1093 for (i = 0; i < ret; i++) {
1094 if (!(i & 15))
1095 fprintf(stderr, "\n%04x:", i);
1096 fprintf(stderr, " %02x", data[i]);
1097 }
1098 fprintf(stderr, "\n\n");
1099 }
1100 #endif
1101 break;
1102
1103 case DeviceRequest | USB_REQ_GET_DESCRIPTOR:
1104 switch(value >> 8) {
1105 case USB_DT_DEVICE:
1106 ret = sizeof(qemu_net_dev_descriptor);
1107 memcpy(data, qemu_net_dev_descriptor, ret);
1108 break;
1109
1110 case USB_DT_CONFIG:
1111 switch (value & 0xff) {
1112 case 0:
1113 ret = sizeof(qemu_net_rndis_config_descriptor);
1114 memcpy(data, qemu_net_rndis_config_descriptor, ret);
1115 break;
1116
1117 case 1:
1118 ret = sizeof(qemu_net_cdc_config_descriptor);
1119 memcpy(data, qemu_net_cdc_config_descriptor, ret);
1120 break;
1121
1122 default:
1123 goto fail;
1124 }
1125
1126 data[2] = ret & 0xff;
1127 data[3] = ret >> 8;
1128 break;
1129
1130 case USB_DT_STRING:
1131 switch (value & 0xff) {
1132 case 0:
1133 /* language ids */
1134 data[0] = 4;
1135 data[1] = 3;
1136 data[2] = 0x09;
1137 data[3] = 0x04;
1138 ret = 4;
1139 break;
1140
1141 case STRING_ETHADDR:
1142 ret = set_usb_string(data, s->usbstring_mac);
1143 break;
1144
1145 default:
1146 if (usb_net_stringtable[value & 0xff]) {
1147 ret = set_usb_string(data,
1148 usb_net_stringtable[value & 0xff]);
1149 break;
1150 }
1151
1152 goto fail;
1153 }
1154 break;
1155
1156 default:
1157 goto fail;
1158 }
1159 break;
1160
1161 case DeviceRequest | USB_REQ_GET_CONFIGURATION:
1162 data[0] = s->rndis ? DEV_RNDIS_CONFIG_VALUE : DEV_CONFIG_VALUE;
1163 ret = 1;
1164 break;
1165
1166 case DeviceOutRequest | USB_REQ_SET_CONFIGURATION:
1167 switch (value & 0xff) {
1168 case DEV_CONFIG_VALUE:
1169 s->rndis = 0;
1170 break;
1171
1172 case DEV_RNDIS_CONFIG_VALUE:
1173 s->rndis = 1;
1174 break;
1175
1176 default:
1177 goto fail;
1178 }
1179 ret = 0;
1180 break;
1181
1182 case DeviceRequest | USB_REQ_GET_INTERFACE:
1183 case InterfaceRequest | USB_REQ_GET_INTERFACE:
1184 data[0] = 0;
1185 ret = 1;
1186 break;
1187
1188 case DeviceOutRequest | USB_REQ_SET_INTERFACE:
1189 case InterfaceOutRequest | USB_REQ_SET_INTERFACE:
1190 ret = 0;
1191 break;
1192
1193 default:
1194 fail:
1195 fprintf(stderr, "usbnet: failed control transaction: "
1196 "request 0x%x value 0x%x index 0x%x length 0x%x\n",
1197 request, value, index, length);
1198 ret = USB_RET_STALL;
1199 break;
1200 }
1201 return ret;
1202 }
1203
1204 static int usb_net_handle_statusin(USBNetState *s, USBPacket *p)
1205 {
1206 int ret = 8;
1207
1208 if (p->len < 8)
1209 return USB_RET_STALL;
1210
1211 ((le32 *) p->data)[0] = cpu_to_le32(1);
1212 ((le32 *) p->data)[1] = cpu_to_le32(0);
1213 if (!s->rndis_resp.tqh_first)
1214 ret = USB_RET_NAK;
1215
1216 #ifdef TRAFFIC_DEBUG
1217 fprintf(stderr, "usbnet: interrupt poll len %u return %d", p->len, ret);
1218 {
1219 int i;
1220 fprintf(stderr, ":");
1221 for (i = 0; i < ret; i++) {
1222 if (!(i & 15))
1223 fprintf(stderr, "\n%04x:", i);
1224 fprintf(stderr, " %02x", p->data[i]);
1225 }
1226 fprintf(stderr, "\n\n");
1227 }
1228 #endif
1229
1230 return ret;
1231 }
1232
1233 static int usb_net_handle_datain(USBNetState *s, USBPacket *p)
1234 {
1235 int ret = USB_RET_NAK;
1236
1237 if (s->in_ptr > s->in_len) {
1238 s->in_ptr = s->in_len = 0;
1239 ret = USB_RET_NAK;
1240 return ret;
1241 }
1242 if (!s->in_len) {
1243 ret = USB_RET_NAK;
1244 return ret;
1245 }
1246 ret = s->in_len - s->in_ptr;
1247 if (ret > p->len)
1248 ret = p->len;
1249 memcpy(p->data, &s->in_buf[s->in_ptr], ret);
1250 s->in_ptr += ret;
1251 if (s->in_ptr >= s->in_len &&
1252 (s->rndis || (s->in_len & (64 - 1)) || !ret)) {
1253 /* no short packet necessary */
1254 s->in_ptr = s->in_len = 0;
1255 }
1256
1257 #ifdef TRAFFIC_DEBUG
1258 fprintf(stderr, "usbnet: data in len %u return %d", p->len, ret);
1259 {
1260 int i;
1261 fprintf(stderr, ":");
1262 for (i = 0; i < ret; i++) {
1263 if (!(i & 15))
1264 fprintf(stderr, "\n%04x:", i);
1265 fprintf(stderr, " %02x", p->data[i]);
1266 }
1267 fprintf(stderr, "\n\n");
1268 }
1269 #endif
1270
1271 return ret;
1272 }
1273
1274 static int usb_net_handle_dataout(USBNetState *s, USBPacket *p)
1275 {
1276 int ret = p->len;
1277 int sz = sizeof(s->out_buf) - s->out_ptr;
1278 struct rndis_packet_msg_type *msg =
1279 (struct rndis_packet_msg_type *) s->out_buf;
1280 uint32_t len;
1281
1282 #ifdef TRAFFIC_DEBUG
1283 fprintf(stderr, "usbnet: data out len %u\n", p->len);
1284 {
1285 int i;
1286 fprintf(stderr, ":");
1287 for (i = 0; i < p->len; i++) {
1288 if (!(i & 15))
1289 fprintf(stderr, "\n%04x:", i);
1290 fprintf(stderr, " %02x", p->data[i]);
1291 }
1292 fprintf(stderr, "\n\n");
1293 }
1294 #endif
1295
1296 if (sz > ret)
1297 sz = ret;
1298 memcpy(&s->out_buf[s->out_ptr], p->data, sz);
1299 s->out_ptr += sz;
1300
1301 if (!s->rndis) {
1302 if (ret < 64) {
1303 qemu_send_packet(&s->nic->nc, s->out_buf, s->out_ptr);
1304 s->out_ptr = 0;
1305 }
1306 return ret;
1307 }
1308 len = le32_to_cpu(msg->MessageLength);
1309 if (s->out_ptr < 8 || s->out_ptr < len)
1310 return ret;
1311 if (le32_to_cpu(msg->MessageType) == RNDIS_PACKET_MSG) {
1312 uint32_t offs = 8 + le32_to_cpu(msg->DataOffset);
1313 uint32_t size = le32_to_cpu(msg->DataLength);
1314 if (offs + size <= len)
1315 qemu_send_packet(&s->nic->nc, s->out_buf + offs, size);
1316 }
1317 s->out_ptr -= len;
1318 memmove(s->out_buf, &s->out_buf[len], s->out_ptr);
1319
1320 return ret;
1321 }
1322
1323 static int usb_net_handle_data(USBDevice *dev, USBPacket *p)
1324 {
1325 USBNetState *s = (USBNetState *) dev;
1326 int ret = 0;
1327
1328 switch(p->pid) {
1329 case USB_TOKEN_IN:
1330 switch (p->devep) {
1331 case 1:
1332 ret = usb_net_handle_statusin(s, p);
1333 break;
1334
1335 case 2:
1336 ret = usb_net_handle_datain(s, p);
1337 break;
1338
1339 default:
1340 goto fail;
1341 }
1342 break;
1343
1344 case USB_TOKEN_OUT:
1345 switch (p->devep) {
1346 case 2:
1347 ret = usb_net_handle_dataout(s, p);
1348 break;
1349
1350 default:
1351 goto fail;
1352 }
1353 break;
1354
1355 default:
1356 fail:
1357 ret = USB_RET_STALL;
1358 break;
1359 }
1360 if (ret == USB_RET_STALL)
1361 fprintf(stderr, "usbnet: failed data transaction: "
1362 "pid 0x%x ep 0x%x len 0x%x\n",
1363 p->pid, p->devep, p->len);
1364 return ret;
1365 }
1366
1367 static ssize_t usbnet_receive(VLANClientState *nc, const uint8_t *buf, size_t size)
1368 {
1369 USBNetState *s = DO_UPCAST(NICState, nc, nc)->opaque;
1370 struct rndis_packet_msg_type *msg;
1371
1372 if (s->rndis) {
1373 msg = (struct rndis_packet_msg_type *) s->in_buf;
1374 if (!s->rndis_state == RNDIS_DATA_INITIALIZED)
1375 return -1;
1376 if (size + sizeof(struct rndis_packet_msg_type) > sizeof(s->in_buf))
1377 return -1;
1378
1379 memset(msg, 0, sizeof(struct rndis_packet_msg_type));
1380 msg->MessageType = cpu_to_le32(RNDIS_PACKET_MSG);
1381 msg->MessageLength = cpu_to_le32(size + sizeof(struct rndis_packet_msg_type));
1382 msg->DataOffset = cpu_to_le32(sizeof(struct rndis_packet_msg_type) - 8);
1383 msg->DataLength = cpu_to_le32(size);
1384 /* msg->OOBDataOffset;
1385 * msg->OOBDataLength;
1386 * msg->NumOOBDataElements;
1387 * msg->PerPacketInfoOffset;
1388 * msg->PerPacketInfoLength;
1389 * msg->VcHandle;
1390 * msg->Reserved;
1391 */
1392 memcpy(msg + 1, buf, size);
1393 s->in_len = size + sizeof(struct rndis_packet_msg_type);
1394 } else {
1395 if (size > sizeof(s->in_buf))
1396 return -1;
1397 memcpy(s->in_buf, buf, size);
1398 s->in_len = size;
1399 }
1400 s->in_ptr = 0;
1401 return size;
1402 }
1403
1404 static int usbnet_can_receive(VLANClientState *nc)
1405 {
1406 USBNetState *s = DO_UPCAST(NICState, nc, nc)->opaque;
1407
1408 if (s->rndis && !s->rndis_state == RNDIS_DATA_INITIALIZED)
1409 return 1;
1410
1411 return !s->in_len;
1412 }
1413
1414 static void usbnet_cleanup(VLANClientState *nc)
1415 {
1416 USBNetState *s = DO_UPCAST(NICState, nc, nc)->opaque;
1417
1418 s->nic = NULL;
1419 }
1420
1421 static void usb_net_handle_destroy(USBDevice *dev)
1422 {
1423 USBNetState *s = (USBNetState *) dev;
1424
1425 /* TODO: remove the nd_table[] entry */
1426 rndis_clear_responsequeue(s);
1427 qemu_del_vlan_client(&s->nic->nc);
1428 }
1429
1430 static NetClientInfo net_usbnet_info = {
1431 .type = NET_CLIENT_TYPE_NIC,
1432 .size = sizeof(NICState),
1433 .can_receive = usbnet_can_receive,
1434 .receive = usbnet_receive,
1435 .cleanup = usbnet_cleanup,
1436 };
1437
1438 static int usb_net_initfn(USBDevice *dev)
1439 {
1440 USBNetState *s = DO_UPCAST(USBNetState, dev, dev);
1441
1442 s->dev.speed = USB_SPEED_FULL;
1443
1444 s->rndis = 1;
1445 s->rndis_state = RNDIS_UNINITIALIZED;
1446 QTAILQ_INIT(&s->rndis_resp);
1447
1448 s->medium = 0; /* NDIS_MEDIUM_802_3 */
1449 s->speed = 1000000; /* 100MBps, in 100Bps units */
1450 s->media_state = 0; /* NDIS_MEDIA_STATE_CONNECTED */;
1451 s->filter = 0;
1452 s->vendorid = 0x1234;
1453
1454 qemu_macaddr_default_if_unset(&s->conf.macaddr);
1455 s->nic = qemu_new_nic(&net_usbnet_info, &s->conf,
1456 s->dev.qdev.info->name, s->dev.qdev.id, s);
1457 qemu_format_nic_info_str(&s->nic->nc, s->conf.macaddr.a);
1458 snprintf(s->usbstring_mac, sizeof(s->usbstring_mac),
1459 "%02x%02x%02x%02x%02x%02x",
1460 0x40,
1461 s->conf.macaddr.a[1],
1462 s->conf.macaddr.a[2],
1463 s->conf.macaddr.a[3],
1464 s->conf.macaddr.a[4],
1465 s->conf.macaddr.a[5]);
1466
1467 return 0;
1468 }
1469
1470 static USBDevice *usb_net_init(const char *cmdline)
1471 {
1472 USBDevice *dev;
1473 QemuOpts *opts;
1474 int idx;
1475
1476 opts = qemu_opts_parse(&qemu_net_opts, cmdline, 0);
1477 if (!opts) {
1478 return NULL;
1479 }
1480 qemu_opt_set(opts, "type", "nic");
1481 qemu_opt_set(opts, "model", "usb");
1482
1483 idx = net_client_init(NULL, opts, 0);
1484 if (idx == -1) {
1485 return NULL;
1486 }
1487
1488 dev = usb_create(NULL /* FIXME */, "usb-net");
1489 if (!dev) {
1490 return NULL;
1491 }
1492 qdev_set_nic_properties(&dev->qdev, &nd_table[idx]);
1493 qdev_init_nofail(&dev->qdev);
1494 return dev;
1495 }
1496
1497 static struct USBDeviceInfo net_info = {
1498 .product_desc = "QEMU USB Network Interface",
1499 .qdev.name = "usb-net",
1500 .qdev.size = sizeof(USBNetState),
1501 .init = usb_net_initfn,
1502 .handle_packet = usb_generic_handle_packet,
1503 .handle_reset = usb_net_handle_reset,
1504 .handle_control = usb_net_handle_control,
1505 .handle_data = usb_net_handle_data,
1506 .handle_destroy = usb_net_handle_destroy,
1507 .usbdevice_name = "net",
1508 .usbdevice_init = usb_net_init,
1509 .qdev.props = (Property[]) {
1510 DEFINE_NIC_PROPERTIES(USBNetState, conf),
1511 DEFINE_PROP_END_OF_LIST(),
1512 }
1513 };
1514
1515 static void usb_net_register_devices(void)
1516 {
1517 usb_qdev_register(&net_info);
1518 }
1519 device_init(usb_net_register_devices)
QEmu