search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
usb-mtp: Support delete of mtp objects
[qemu/ar7.git] / hw / usb / dev-mtp.c
blob5ef77f3e9f382f51b85b447f8e469134a6a8b2f4
1 /*
2 * Media Transfer Protocol implementation, backed by host filesystem.
3 *
4 * Copyright Red Hat, Inc 2014
5 *
6 * Author:
7 * Gerd Hoffmann <kraxel@redhat.com>
8 *
9 * This code is licensed under the GPL v2 or later.
10 */
11
12 #include "qemu/osdep.h"
13 #include "qapi/error.h"
14 #include <wchar.h>
15 #include <dirent.h>
16
17 #include <sys/statvfs.h>
18 #ifdef CONFIG_INOTIFY1
19 #include <sys/inotify.h>
20 #include "qemu/main-loop.h"
21 #endif
22
23 #include "qemu-common.h"
24 #include "qemu/iov.h"
25 #include "trace.h"
26 #include "hw/usb.h"
27 #include "hw/usb/desc.h"
28
29 /* ----------------------------------------------------------------------- */
30
31 enum mtp_container_type {
32 TYPE_COMMAND = 1,
33 TYPE_DATA = 2,
34 TYPE_RESPONSE = 3,
35 TYPE_EVENT = 4,
36 };
37
38 enum mtp_code {
39 /* command codes */
40 CMD_GET_DEVICE_INFO = 0x1001,
41 CMD_OPEN_SESSION = 0x1002,
42 CMD_CLOSE_SESSION = 0x1003,
43 CMD_GET_STORAGE_IDS = 0x1004,
44 CMD_GET_STORAGE_INFO = 0x1005,
45 CMD_GET_NUM_OBJECTS = 0x1006,
46 CMD_GET_OBJECT_HANDLES = 0x1007,
47 CMD_GET_OBJECT_INFO = 0x1008,
48 CMD_GET_OBJECT = 0x1009,
49 CMD_DELETE_OBJECT = 0x100b,
50 CMD_GET_PARTIAL_OBJECT = 0x101b,
51 CMD_GET_OBJECT_PROPS_SUPPORTED = 0x9801,
52 CMD_GET_OBJECT_PROP_DESC = 0x9802,
53 CMD_GET_OBJECT_PROP_VALUE = 0x9803,
54
55 /* response codes */
56 RES_OK = 0x2001,
57 RES_GENERAL_ERROR = 0x2002,
58 RES_SESSION_NOT_OPEN = 0x2003,
59 RES_INVALID_TRANSACTION_ID = 0x2004,
60 RES_OPERATION_NOT_SUPPORTED = 0x2005,
61 RES_PARAMETER_NOT_SUPPORTED = 0x2006,
62 RES_INCOMPLETE_TRANSFER = 0x2007,
63 RES_INVALID_STORAGE_ID = 0x2008,
64 RES_INVALID_OBJECT_HANDLE = 0x2009,
65 RES_INVALID_OBJECT_FORMAT_CODE = 0x200b,
66 RES_STORE_READ_ONLY = 0x200e,
67 RES_PARTIAL_DELETE = 0x2012,
68 RES_SPEC_BY_FORMAT_UNSUPPORTED = 0x2014,
69 RES_INVALID_PARENT_OBJECT = 0x201a,
70 RES_INVALID_PARAMETER = 0x201d,
71 RES_SESSION_ALREADY_OPEN = 0x201e,
72 RES_INVALID_OBJECT_PROP_CODE = 0xA801,
73
74 /* format codes */
75 FMT_UNDEFINED_OBJECT = 0x3000,
76 FMT_ASSOCIATION = 0x3001,
77
78 /* event codes */
79 EVT_OBJ_ADDED = 0x4002,
80 EVT_OBJ_REMOVED = 0x4003,
81 EVT_OBJ_INFO_CHANGED = 0x4007,
82
83 /* object properties */
84 PROP_STORAGE_ID = 0xDC01,
85 PROP_OBJECT_FORMAT = 0xDC02,
86 PROP_OBJECT_COMPRESSED_SIZE = 0xDC04,
87 PROP_PARENT_OBJECT = 0xDC0B,
88 PROP_PERSISTENT_UNIQUE_OBJECT_IDENTIFIER = 0xDC41,
89 PROP_NAME = 0xDC44,
90 };
91
92 enum mtp_data_type {
93 DATA_TYPE_UINT16 = 0x0004,
94 DATA_TYPE_UINT32 = 0x0006,
95 DATA_TYPE_UINT64 = 0x0008,
96 DATA_TYPE_UINT128 = 0x000a,
97 DATA_TYPE_STRING = 0xffff,
98 };
99
100 typedef struct {
101 uint32_t length;
102 uint16_t type;
103 uint16_t code;
104 uint32_t trans;
105 } QEMU_PACKED mtp_container;
106
107 /* ----------------------------------------------------------------------- */
108
109 typedef struct MTPState MTPState;
110 typedef struct MTPControl MTPControl;
111 typedef struct MTPData MTPData;
112 typedef struct MTPObject MTPObject;
113
114 enum {
115 EP_DATA_IN = 1,
116 EP_DATA_OUT,
117 EP_EVENT,
118 };
119
120 #ifdef CONFIG_INOTIFY1
121 typedef struct MTPMonEntry MTPMonEntry;
122
123 struct MTPMonEntry {
124 uint32_t event;
125 uint32_t handle;
126
127 QTAILQ_ENTRY(MTPMonEntry) next;
128 };
129 #endif
130
131 struct MTPControl {
132 uint16_t code;
133 uint32_t trans;
134 int argc;
135 uint32_t argv[5];
136 };
137
138 struct MTPData {
139 uint16_t code;
140 uint32_t trans;
141 uint64_t offset;
142 uint64_t length;
143 uint32_t alloc;
144 uint8_t *data;
145 bool first;
146 int fd;
147 };
148
149 struct MTPObject {
150 uint32_t handle;
151 uint16_t format;
152 char *name;
153 char *path;
154 struct stat stat;
155 #ifdef CONFIG_INOTIFY1
156 /* inotify watch cookie */
157 int watchfd;
158 #endif
159 MTPObject *parent;
160 uint32_t nchildren;
161 QLIST_HEAD(, MTPObject) children;
162 QLIST_ENTRY(MTPObject) list;
163 bool have_children;
164 QTAILQ_ENTRY(MTPObject) next;
165 };
166
167 struct MTPState {
168 USBDevice dev;
169 char *root;
170 char *desc;
171 uint32_t flags;
172
173 MTPData *data_in;
174 MTPData *data_out;
175 MTPControl *result;
176 uint32_t session;
177 uint32_t next_handle;
178 bool readonly;
179
180 QTAILQ_HEAD(, MTPObject) objects;
181 #ifdef CONFIG_INOTIFY1
182 /* inotify descriptor */
183 int inotifyfd;
184 QTAILQ_HEAD(events, MTPMonEntry) events;
185 #endif
186 };
187
188 #define TYPE_USB_MTP "usb-mtp"
189 #define USB_MTP(obj) OBJECT_CHECK(MTPState, (obj), TYPE_USB_MTP)
190
191 #define QEMU_STORAGE_ID 0x00010001
192
193 #define MTP_FLAG_WRITABLE 0
194
195 #define FLAG_SET(_mtp, _flag) ((_mtp)->flags & (1 << (_flag)))
196
197 /* ----------------------------------------------------------------------- */
198
199 #define MTP_MANUFACTURER "QEMU"
200 #define MTP_PRODUCT "QEMU filesharing"
201
202 enum {
203 STR_MANUFACTURER = 1,
204 STR_PRODUCT,
205 STR_SERIALNUMBER,
206 STR_MTP,
207 STR_CONFIG_FULL,
208 STR_CONFIG_HIGH,
209 STR_CONFIG_SUPER,
210 };
211
212 static const USBDescStrings desc_strings = {
213 [STR_MANUFACTURER] = MTP_MANUFACTURER,
214 [STR_PRODUCT] = MTP_PRODUCT,
215 [STR_SERIALNUMBER] = "34617",
216 [STR_MTP] = "MTP",
217 [STR_CONFIG_FULL] = "Full speed config (usb 1.1)",
218 [STR_CONFIG_HIGH] = "High speed config (usb 2.0)",
219 [STR_CONFIG_SUPER] = "Super speed config (usb 3.0)",
220 };
221
222 static const USBDescIface desc_iface_full = {
223 .bInterfaceNumber = 0,
224 .bNumEndpoints = 3,
225 .bInterfaceClass = USB_CLASS_STILL_IMAGE,
226 .bInterfaceSubClass = 0x01,
227 .bInterfaceProtocol = 0x01,
228 .iInterface = STR_MTP,
229 .eps = (USBDescEndpoint[]) {
230 {
231 .bEndpointAddress = USB_DIR_IN | EP_DATA_IN,
232 .bmAttributes = USB_ENDPOINT_XFER_BULK,
233 .wMaxPacketSize = 64,
234 },{
235 .bEndpointAddress = USB_DIR_OUT | EP_DATA_OUT,
236 .bmAttributes = USB_ENDPOINT_XFER_BULK,
237 .wMaxPacketSize = 64,
238 },{
239 .bEndpointAddress = USB_DIR_IN | EP_EVENT,
240 .bmAttributes = USB_ENDPOINT_XFER_INT,
241 .wMaxPacketSize = 64,
242 .bInterval = 0x0a,
243 },
244 }
245 };
246
247 static const USBDescDevice desc_device_full = {
248 .bcdUSB = 0x0200,
249 .bMaxPacketSize0 = 8,
250 .bNumConfigurations = 1,
251 .confs = (USBDescConfig[]) {
252 {
253 .bNumInterfaces = 1,
254 .bConfigurationValue = 1,
255 .iConfiguration = STR_CONFIG_FULL,
256 .bmAttributes = USB_CFG_ATT_ONE | USB_CFG_ATT_WAKEUP,
257 .bMaxPower = 2,
258 .nif = 1,
259 .ifs = &desc_iface_full,
260 },
261 },
262 };
263
264 static const USBDescIface desc_iface_high = {
265 .bInterfaceNumber = 0,
266 .bNumEndpoints = 3,
267 .bInterfaceClass = USB_CLASS_STILL_IMAGE,
268 .bInterfaceSubClass = 0x01,
269 .bInterfaceProtocol = 0x01,
270 .iInterface = STR_MTP,
271 .eps = (USBDescEndpoint[]) {
272 {
273 .bEndpointAddress = USB_DIR_IN | EP_DATA_IN,
274 .bmAttributes = USB_ENDPOINT_XFER_BULK,
275 .wMaxPacketSize = 512,
276 },{
277 .bEndpointAddress = USB_DIR_OUT | EP_DATA_OUT,
278 .bmAttributes = USB_ENDPOINT_XFER_BULK,
279 .wMaxPacketSize = 512,
280 },{
281 .bEndpointAddress = USB_DIR_IN | EP_EVENT,
282 .bmAttributes = USB_ENDPOINT_XFER_INT,
283 .wMaxPacketSize = 64,
284 .bInterval = 0x0a,
285 },
286 }
287 };
288
289 static const USBDescDevice desc_device_high = {
290 .bcdUSB = 0x0200,
291 .bMaxPacketSize0 = 64,
292 .bNumConfigurations = 1,
293 .confs = (USBDescConfig[]) {
294 {
295 .bNumInterfaces = 1,
296 .bConfigurationValue = 1,
297 .iConfiguration = STR_CONFIG_HIGH,
298 .bmAttributes = USB_CFG_ATT_ONE | USB_CFG_ATT_WAKEUP,
299 .bMaxPower = 2,
300 .nif = 1,
301 .ifs = &desc_iface_high,
302 },
303 },
304 };
305
306 static const USBDescMSOS desc_msos = {
307 .CompatibleID = "MTP",
308 .SelectiveSuspendEnabled = true,
309 };
310
311 static const USBDesc desc = {
312 .id = {
313 .idVendor = 0x46f4, /* CRC16() of "QEMU" */
314 .idProduct = 0x0004,
315 .bcdDevice = 0,
316 .iManufacturer = STR_MANUFACTURER,
317 .iProduct = STR_PRODUCT,
318 .iSerialNumber = STR_SERIALNUMBER,
319 },
320 .full = &desc_device_full,
321 .high = &desc_device_high,
322 .str = desc_strings,
323 .msos = &desc_msos,
324 };
325
326 /* ----------------------------------------------------------------------- */
327
328 static MTPObject *usb_mtp_object_alloc(MTPState *s, uint32_t handle,
329 MTPObject *parent, char *name)
330 {
331 MTPObject *o = g_new0(MTPObject, 1);
332
333 if (name[0] == '.') {
334 goto ignore;
335 }
336
337 o->handle = handle;
338 o->parent = parent;
339 o->name = g_strdup(name);
340 if (parent == NULL) {
341 o->path = g_strdup(name);
342 } else {
343 o->path = g_strdup_printf("%s/%s", parent->path, name);
344 }
345
346 if (lstat(o->path, &o->stat) != 0) {
347 goto ignore;
348 }
349 if (S_ISREG(o->stat.st_mode)) {
350 o->format = FMT_UNDEFINED_OBJECT;
351 } else if (S_ISDIR(o->stat.st_mode)) {
352 o->format = FMT_ASSOCIATION;
353 } else {
354 goto ignore;
355 }
356
357 if (access(o->path, R_OK) != 0) {
358 goto ignore;
359 }
360
361 trace_usb_mtp_object_alloc(s->dev.addr, o->handle, o->path);
362
363 QTAILQ_INSERT_TAIL(&s->objects, o, next);
364 return o;
365
366 ignore:
367 g_free(o->name);
368 g_free(o->path);
369 g_free(o);
370 return NULL;
371 }
372
373 static void usb_mtp_object_free(MTPState *s, MTPObject *o)
374 {
375 MTPObject *iter;
376
377 if (!o) {
378 return;
379 }
380
381 trace_usb_mtp_object_free(s->dev.addr, o->handle, o->path);
382
383 QTAILQ_REMOVE(&s->objects, o, next);
384 if (o->parent) {
385 QLIST_REMOVE(o, list);
386 o->parent->nchildren--;
387 }
388
389 while (!QLIST_EMPTY(&o->children)) {
390 iter = QLIST_FIRST(&o->children);
391 usb_mtp_object_free(s, iter);
392 }
393 g_free(o->name);
394 g_free(o->path);
395 g_free(o);
396 }
397
398 static MTPObject *usb_mtp_object_lookup(MTPState *s, uint32_t handle)
399 {
400 MTPObject *o;
401
402 QTAILQ_FOREACH(o, &s->objects, next) {
403 if (o->handle == handle) {
404 return o;
405 }
406 }
407 return NULL;
408 }
409
410 static MTPObject *usb_mtp_add_child(MTPState *s, MTPObject *o,
411 char *name)
412 {
413 MTPObject *child =
414 usb_mtp_object_alloc(s, s->next_handle++, o, name);
415
416 if (child) {
417 trace_usb_mtp_add_child(s->dev.addr, child->handle, child->path);
418 QLIST_INSERT_HEAD(&o->children, child, list);
419 o->nchildren++;
420
421 if (child->format == FMT_ASSOCIATION) {
422 QLIST_INIT(&child->children);
423 }
424 }
425
426 return child;
427 }
428
429 #ifdef CONFIG_INOTIFY1
430 static MTPObject *usb_mtp_object_lookup_name(MTPObject *parent,
431 char *name, int len)
432 {
433 MTPObject *iter;
434
435 QLIST_FOREACH(iter, &parent->children, list) {
436 if (strncmp(iter->name, name, len) == 0) {
437 return iter;
438 }
439 }
440
441 return NULL;
442 }
443
444 static MTPObject *usb_mtp_object_lookup_wd(MTPState *s, int wd)
445 {
446 MTPObject *iter;
447
448 QTAILQ_FOREACH(iter, &s->objects, next) {
449 if (iter->watchfd == wd) {
450 return iter;
451 }
452 }
453
454 return NULL;
455 }
456
457 static void inotify_watchfn(void *arg)
458 {
459 MTPState *s = arg;
460 ssize_t bytes;
461 /* From the man page: atleast one event can be read */
462 int pos;
463 char buf[sizeof(struct inotify_event) + NAME_MAX + 1];
464
465 for (;;) {
466 bytes = read(s->inotifyfd, buf, sizeof(buf));
467 pos = 0;
468
469 if (bytes <= 0) {
470 /* Better luck next time */
471 return;
472 }
473
474 /*
475 * TODO: Ignore initiator initiated events.
476 * For now we are good because the store is RO
477 */
478 while (bytes > 0) {
479 char *p = buf + pos;
480 struct inotify_event *event = (struct inotify_event *)p;
481 int watchfd = 0;
482 uint32_t mask = event->mask & (IN_CREATE | IN_DELETE |
483 IN_MODIFY | IN_IGNORED);
484 MTPObject *parent = usb_mtp_object_lookup_wd(s, event->wd);
485 MTPMonEntry *entry = NULL;
486 MTPObject *o;
487
488 pos = pos + sizeof(struct inotify_event) + event->len;
489 bytes = bytes - pos;
490
491 if (!parent) {
492 continue;
493 }
494
495 switch (mask) {
496 case IN_CREATE:
497 if (usb_mtp_object_lookup_name
498 (parent, event->name, event->len)) {
499 /* Duplicate create event */
500 continue;
501 }
502 entry = g_new0(MTPMonEntry, 1);
503 entry->handle = s->next_handle;
504 entry->event = EVT_OBJ_ADDED;
505 o = usb_mtp_add_child(s, parent, event->name);
506 if (!o) {
507 g_free(entry);
508 continue;
509 }
510 o->watchfd = watchfd;
511 trace_usb_mtp_inotify_event(s->dev.addr, event->name,
512 event->mask, "Obj Added");
513 break;
514
515 case IN_DELETE:
516 /*
517 * The kernel issues a IN_IGNORED event
518 * when a dir containing a watchpoint is
519 * deleted, so we don't have to delete the
520 * watchpoint
521 */
522 o = usb_mtp_object_lookup_name(parent, event->name, event->len);
523 if (!o) {
524 continue;
525 }
526 entry = g_new0(MTPMonEntry, 1);
527 entry->handle = o->handle;
528 entry->event = EVT_OBJ_REMOVED;
529 trace_usb_mtp_inotify_event(s->dev.addr, o->path,
530 event->mask, "Obj Deleted");
531 usb_mtp_object_free(s, o);
532 break;
533
534 case IN_MODIFY:
535 o = usb_mtp_object_lookup_name(parent, event->name, event->len);
536 if (!o) {
537 continue;
538 }
539 entry = g_new0(MTPMonEntry, 1);
540 entry->handle = o->handle;
541 entry->event = EVT_OBJ_INFO_CHANGED;
542 trace_usb_mtp_inotify_event(s->dev.addr, o->path,
543 event->mask, "Obj Modified");
544 break;
545
546 case IN_IGNORED:
547 trace_usb_mtp_inotify_event(s->dev.addr, parent->path,
548 event->mask, "Obj parent dir ignored");
549 break;
550
551 default:
552 fprintf(stderr, "usb-mtp: failed to parse inotify event\n");
553 continue;
554 }
555
556 if (entry) {
557 QTAILQ_INSERT_HEAD(&s->events, entry, next);
558 }
559 }
560 }
561 }
562
563 static int usb_mtp_inotify_init(MTPState *s)
564 {
565 int fd;
566
567 fd = inotify_init1(IN_NONBLOCK);
568 if (fd == -1) {
569 return 1;
570 }
571
572 QTAILQ_INIT(&s->events);
573 s->inotifyfd = fd;
574
575 qemu_set_fd_handler(fd, inotify_watchfn, NULL, s);
576
577 return 0;
578 }
579
580 static void usb_mtp_inotify_cleanup(MTPState *s)
581 {
582 MTPMonEntry *e, *p;
583
584 if (!s->inotifyfd) {
585 return;
586 }
587
588 qemu_set_fd_handler(s->inotifyfd, NULL, NULL, s);
589 close(s->inotifyfd);
590
591 QTAILQ_FOREACH_SAFE(e, &s->events, next, p) {
592 QTAILQ_REMOVE(&s->events, e, next);
593 g_free(e);
594 }
595 }
596
597 static int usb_mtp_add_watch(int inotifyfd, char *path)
598 {
599 uint32_t mask = IN_CREATE | IN_DELETE | IN_MODIFY |
600 IN_ISDIR;
601
602 return inotify_add_watch(inotifyfd, path, mask);
603 }
604 #endif
605
606 static void usb_mtp_object_readdir(MTPState *s, MTPObject *o)
607 {
608 struct dirent *entry;
609 DIR *dir;
610
611 if (o->have_children) {
612 return;
613 }
614 o->have_children = true;
615
616 dir = opendir(o->path);
617 if (!dir) {
618 return;
619 }
620 #ifdef CONFIG_INOTIFY1
621 int watchfd = usb_mtp_add_watch(s->inotifyfd, o->path);
622 if (watchfd == -1) {
623 fprintf(stderr, "usb-mtp: failed to add watch for %s\n", o->path);
624 } else {
625 trace_usb_mtp_inotify_event(s->dev.addr, o->path,
626 0, "Watch Added");
627 o->watchfd = watchfd;
628 }
629 #endif
630 while ((entry = readdir(dir)) != NULL) {
631 usb_mtp_add_child(s, o, entry->d_name);
632 }
633 closedir(dir);
634 }
635
636 /* ----------------------------------------------------------------------- */
637
638 static MTPData *usb_mtp_data_alloc(MTPControl *c)
639 {
640 MTPData *data = g_new0(MTPData, 1);
641
642 data->code = c->code;
643 data->trans = c->trans;
644 data->fd = -1;
645 data->first = true;
646 return data;
647 }
648
649 static void usb_mtp_data_free(MTPData *data)
650 {
651 if (data == NULL) {
652 return;
653 }
654 if (data->fd != -1) {
655 close(data->fd);
656 }
657 g_free(data->data);
658 g_free(data);
659 }
660
661 static void usb_mtp_realloc(MTPData *data, uint32_t bytes)
662 {
663 if (data->length + bytes <= data->alloc) {
664 return;
665 }
666 data->alloc = (data->length + bytes + 0xff) & ~0xff;
667 data->data = g_realloc(data->data, data->alloc);
668 }
669
670 static void usb_mtp_add_u8(MTPData *data, uint8_t val)
671 {
672 usb_mtp_realloc(data, 1);
673 data->data[data->length++] = val;
674 }
675
676 static void usb_mtp_add_u16(MTPData *data, uint16_t val)
677 {
678 usb_mtp_realloc(data, 2);
679 data->data[data->length++] = (val >> 0) & 0xff;
680 data->data[data->length++] = (val >> 8) & 0xff;
681 }
682
683 static void usb_mtp_add_u32(MTPData *data, uint32_t val)
684 {
685 usb_mtp_realloc(data, 4);
686 data->data[data->length++] = (val >> 0) & 0xff;
687 data->data[data->length++] = (val >> 8) & 0xff;
688 data->data[data->length++] = (val >> 16) & 0xff;
689 data->data[data->length++] = (val >> 24) & 0xff;
690 }
691
692 static void usb_mtp_add_u64(MTPData *data, uint64_t val)
693 {
694 usb_mtp_realloc(data, 8);
695 data->data[data->length++] = (val >> 0) & 0xff;
696 data->data[data->length++] = (val >> 8) & 0xff;
697 data->data[data->length++] = (val >> 16) & 0xff;
698 data->data[data->length++] = (val >> 24) & 0xff;
699 data->data[data->length++] = (val >> 32) & 0xff;
700 data->data[data->length++] = (val >> 40) & 0xff;
701 data->data[data->length++] = (val >> 48) & 0xff;
702 data->data[data->length++] = (val >> 56) & 0xff;
703 }
704
705 static void usb_mtp_add_u16_array(MTPData *data, uint32_t len,
706 const uint16_t *vals)
707 {
708 int i;
709
710 usb_mtp_add_u32(data, len);
711 for (i = 0; i < len; i++) {
712 usb_mtp_add_u16(data, vals[i]);
713 }
714 }
715
716 static void usb_mtp_add_u32_array(MTPData *data, uint32_t len,
717 const uint32_t *vals)
718 {
719 int i;
720
721 usb_mtp_add_u32(data, len);
722 for (i = 0; i < len; i++) {
723 usb_mtp_add_u32(data, vals[i]);
724 }
725 }
726
727 static void usb_mtp_add_wstr(MTPData *data, const wchar_t *str)
728 {
729 uint32_t len = wcslen(str);
730 int i;
731
732 if (len > 0) {
733 len++; /* include terminating L'\0' */
734 }
735
736 usb_mtp_add_u8(data, len);
737 for (i = 0; i < len; i++) {
738 usb_mtp_add_u16(data, str[i]);
739 }
740 }
741
742 static void usb_mtp_add_str(MTPData *data, const char *str)
743 {
744 uint32_t len = strlen(str)+1;
745 wchar_t *wstr = g_new(wchar_t, len);
746 size_t ret;
747
748 ret = mbstowcs(wstr, str, len);
749 if (ret == -1) {
750 usb_mtp_add_wstr(data, L"Oops");
751 } else {
752 usb_mtp_add_wstr(data, wstr);
753 }
754
755 g_free(wstr);
756 }
757
758 static void usb_mtp_add_time(MTPData *data, time_t time)
759 {
760 char buf[16];
761 struct tm tm;
762
763 gmtime_r(&time, &tm);
764 strftime(buf, sizeof(buf), "%Y%m%dT%H%M%S", &tm);
765 usb_mtp_add_str(data, buf);
766 }
767
768 /* ----------------------------------------------------------------------- */
769
770 static void usb_mtp_queue_result(MTPState *s, uint16_t code, uint32_t trans,
771 int argc, uint32_t arg0, uint32_t arg1,
772 uint32_t arg2)
773 {
774 MTPControl *c = g_new0(MTPControl, 1);
775
776 c->code = code;
777 c->trans = trans;
778 c->argc = argc;
779 if (argc > 0) {
780 c->argv[0] = arg0;
781 }
782 if (argc > 1) {
783 c->argv[1] = arg1;
784 }
785 if (argc > 2) {
786 c->argv[2] = arg2;
787 }
788
789 assert(s->result == NULL);
790 s->result = c;
791 }
792
793 /* ----------------------------------------------------------------------- */
794
795 static MTPData *usb_mtp_get_device_info(MTPState *s, MTPControl *c)
796 {
797 static const uint16_t ops[] = {
798 CMD_GET_DEVICE_INFO,
799 CMD_OPEN_SESSION,
800 CMD_CLOSE_SESSION,
801 CMD_GET_STORAGE_IDS,
802 CMD_GET_STORAGE_INFO,
803 CMD_GET_NUM_OBJECTS,
804 CMD_GET_OBJECT_HANDLES,
805 CMD_GET_OBJECT_INFO,
806 CMD_DELETE_OBJECT,
807 CMD_GET_OBJECT,
808 CMD_GET_PARTIAL_OBJECT,
809 CMD_GET_OBJECT_PROPS_SUPPORTED,
810 CMD_GET_OBJECT_PROP_DESC,
811 CMD_GET_OBJECT_PROP_VALUE,
812 };
813 static const uint16_t fmt[] = {
814 FMT_UNDEFINED_OBJECT,
815 FMT_ASSOCIATION,
816 };
817 MTPData *d = usb_mtp_data_alloc(c);
818
819 trace_usb_mtp_op_get_device_info(s->dev.addr);
820
821 usb_mtp_add_u16(d, 100);
822 usb_mtp_add_u32(d, 0x00000006);
823 usb_mtp_add_u16(d, 0x0064);
824 usb_mtp_add_wstr(d, L"");
825 usb_mtp_add_u16(d, 0x0000);
826
827 usb_mtp_add_u16_array(d, ARRAY_SIZE(ops), ops);
828 usb_mtp_add_u16_array(d, 0, NULL);
829 usb_mtp_add_u16_array(d, 0, NULL);
830 usb_mtp_add_u16_array(d, 0, NULL);
831 usb_mtp_add_u16_array(d, ARRAY_SIZE(fmt), fmt);
832
833 usb_mtp_add_wstr(d, L"" MTP_MANUFACTURER);
834 usb_mtp_add_wstr(d, L"" MTP_PRODUCT);
835 usb_mtp_add_wstr(d, L"0.1");
836 usb_mtp_add_wstr(d, L"0123456789abcdef0123456789abcdef");
837
838 return d;
839 }
840
841 static MTPData *usb_mtp_get_storage_ids(MTPState *s, MTPControl *c)
842 {
843 static const uint32_t ids[] = {
844 QEMU_STORAGE_ID,
845 };
846 MTPData *d = usb_mtp_data_alloc(c);
847
848 trace_usb_mtp_op_get_storage_ids(s->dev.addr);
849
850 usb_mtp_add_u32_array(d, ARRAY_SIZE(ids), ids);
851
852 return d;
853 }
854
855 static MTPData *usb_mtp_get_storage_info(MTPState *s, MTPControl *c)
856 {
857 MTPData *d = usb_mtp_data_alloc(c);
858 struct statvfs buf;
859 int rc;
860
861 trace_usb_mtp_op_get_storage_info(s->dev.addr);
862
863 if (FLAG_SET(s, MTP_FLAG_WRITABLE)) {
864 usb_mtp_add_u16(d, 0x0003);
865 usb_mtp_add_u16(d, 0x0002);
866 usb_mtp_add_u16(d, 0x0000);
867 } else {
868 usb_mtp_add_u16(d, 0x0001);
869 usb_mtp_add_u16(d, 0x0002);
870 usb_mtp_add_u16(d, 0x0001);
871 }
872
873 rc = statvfs(s->root, &buf);
874 if (rc == 0) {
875 usb_mtp_add_u64(d, (uint64_t)buf.f_frsize * buf.f_blocks);
876 usb_mtp_add_u64(d, (uint64_t)buf.f_bavail * buf.f_blocks);
877 usb_mtp_add_u32(d, buf.f_ffree);
878 } else {
879 usb_mtp_add_u64(d, 0xffffffff);
880 usb_mtp_add_u64(d, 0xffffffff);
881 usb_mtp_add_u32(d, 0xffffffff);
882 }
883
884 usb_mtp_add_str(d, s->desc);
885 usb_mtp_add_wstr(d, L"123456789abcdef");
886 return d;
887 }
888
889 static MTPData *usb_mtp_get_object_handles(MTPState *s, MTPControl *c,
890 MTPObject *o)
891 {
892 MTPData *d = usb_mtp_data_alloc(c);
893 uint32_t i = 0, handles[o->nchildren];
894 MTPObject *iter;
895
896 trace_usb_mtp_op_get_object_handles(s->dev.addr, o->handle, o->path);
897
898 QLIST_FOREACH(iter, &o->children, list) {
899 handles[i++] = iter->handle;
900 }
901 assert(i == o->nchildren);
902 usb_mtp_add_u32_array(d, o->nchildren, handles);
903
904 return d;
905 }
906
907 static MTPData *usb_mtp_get_object_info(MTPState *s, MTPControl *c,
908 MTPObject *o)
909 {
910 MTPData *d = usb_mtp_data_alloc(c);
911
912 trace_usb_mtp_op_get_object_info(s->dev.addr, o->handle, o->path);
913
914 usb_mtp_add_u32(d, QEMU_STORAGE_ID);
915 usb_mtp_add_u16(d, o->format);
916 usb_mtp_add_u16(d, 0);
917
918 if (o->stat.st_size > 0xFFFFFFFF) {
919 usb_mtp_add_u32(d, 0xFFFFFFFF);
920 } else {
921 usb_mtp_add_u32(d, o->stat.st_size);
922 }
923
924 usb_mtp_add_u16(d, 0);
925 usb_mtp_add_u32(d, 0);
926 usb_mtp_add_u32(d, 0);
927 usb_mtp_add_u32(d, 0);
928 usb_mtp_add_u32(d, 0);
929 usb_mtp_add_u32(d, 0);
930 usb_mtp_add_u32(d, 0);
931
932 if (o->parent) {
933 usb_mtp_add_u32(d, o->parent->handle);
934 } else {
935 usb_mtp_add_u32(d, 0);
936 }
937 if (o->format == FMT_ASSOCIATION) {
938 usb_mtp_add_u16(d, 0x0001);
939 usb_mtp_add_u32(d, 0x00000001);
940 usb_mtp_add_u32(d, 0);
941 } else {
942 usb_mtp_add_u16(d, 0);
943 usb_mtp_add_u32(d, 0);
944 usb_mtp_add_u32(d, 0);
945 }
946
947 usb_mtp_add_str(d, o->name);
948 usb_mtp_add_time(d, o->stat.st_ctime);
949 usb_mtp_add_time(d, o->stat.st_mtime);
950 usb_mtp_add_wstr(d, L"");
951
952 return d;
953 }
954
955 static MTPData *usb_mtp_get_object(MTPState *s, MTPControl *c,
956 MTPObject *o)
957 {
958 MTPData *d = usb_mtp_data_alloc(c);
959
960 trace_usb_mtp_op_get_object(s->dev.addr, o->handle, o->path);
961
962 d->fd = open(o->path, O_RDONLY);
963 if (d->fd == -1) {
964 usb_mtp_data_free(d);
965 return NULL;
966 }
967 d->length = o->stat.st_size;
968 d->alloc = 512;
969 d->data = g_malloc(d->alloc);
970 return d;
971 }
972
973 static MTPData *usb_mtp_get_partial_object(MTPState *s, MTPControl *c,
974 MTPObject *o)
975 {
976 MTPData *d = usb_mtp_data_alloc(c);
977 off_t offset;
978
979 trace_usb_mtp_op_get_partial_object(s->dev.addr, o->handle, o->path,
980 c->argv[1], c->argv[2]);
981
982 d->fd = open(o->path, O_RDONLY);
983 if (d->fd == -1) {
984 usb_mtp_data_free(d);
985 return NULL;
986 }
987
988 offset = c->argv[1];
989 if (offset > o->stat.st_size) {
990 offset = o->stat.st_size;
991 }
992 if (lseek(d->fd, offset, SEEK_SET) < 0) {
993 usb_mtp_data_free(d);
994 return NULL;
995 }
996
997 d->length = c->argv[2];
998 if (d->length > o->stat.st_size - offset) {
999 d->length = o->stat.st_size - offset;
1000 }
1001
1002 return d;
1003 }
1004
1005 static MTPData *usb_mtp_get_object_props_supported(MTPState *s, MTPControl *c)
1006 {
1007 static const uint16_t props[] = {
1008 PROP_STORAGE_ID,
1009 PROP_OBJECT_FORMAT,
1010 PROP_OBJECT_COMPRESSED_SIZE,
1011 PROP_PARENT_OBJECT,
1012 PROP_PERSISTENT_UNIQUE_OBJECT_IDENTIFIER,
1013 PROP_NAME,
1014 };
1015 MTPData *d = usb_mtp_data_alloc(c);
1016 usb_mtp_add_u16_array(d, ARRAY_SIZE(props), props);
1017
1018 return d;
1019 }
1020
1021 static MTPData *usb_mtp_get_object_prop_desc(MTPState *s, MTPControl *c)
1022 {
1023 MTPData *d = usb_mtp_data_alloc(c);
1024 switch (c->argv[0]) {
1025 case PROP_STORAGE_ID:
1026 usb_mtp_add_u16(d, PROP_STORAGE_ID);
1027 usb_mtp_add_u16(d, DATA_TYPE_UINT32);
1028 usb_mtp_add_u8(d, 0x00);
1029 usb_mtp_add_u32(d, 0x00000000);
1030 usb_mtp_add_u32(d, 0x00000000);
1031 usb_mtp_add_u8(d, 0x00);
1032 break;
1033 case PROP_OBJECT_FORMAT:
1034 usb_mtp_add_u16(d, PROP_OBJECT_FORMAT);
1035 usb_mtp_add_u16(d, DATA_TYPE_UINT16);
1036 usb_mtp_add_u8(d, 0x00);
1037 usb_mtp_add_u16(d, 0x0000);
1038 usb_mtp_add_u32(d, 0x00000000);
1039 usb_mtp_add_u8(d, 0x00);
1040 break;
1041 case PROP_OBJECT_COMPRESSED_SIZE:
1042 usb_mtp_add_u16(d, PROP_OBJECT_COMPRESSED_SIZE);
1043 usb_mtp_add_u16(d, DATA_TYPE_UINT64);
1044 usb_mtp_add_u8(d, 0x00);
1045 usb_mtp_add_u64(d, 0x0000000000000000);
1046 usb_mtp_add_u32(d, 0x00000000);
1047 usb_mtp_add_u8(d, 0x00);
1048 break;
1049 case PROP_PARENT_OBJECT:
1050 usb_mtp_add_u16(d, PROP_PARENT_OBJECT);
1051 usb_mtp_add_u16(d, DATA_TYPE_UINT32);
1052 usb_mtp_add_u8(d, 0x00);
1053 usb_mtp_add_u32(d, 0x00000000);
1054 usb_mtp_add_u32(d, 0x00000000);
1055 usb_mtp_add_u8(d, 0x00);
1056 break;
1057 case PROP_PERSISTENT_UNIQUE_OBJECT_IDENTIFIER:
1058 usb_mtp_add_u16(d, PROP_PERSISTENT_UNIQUE_OBJECT_IDENTIFIER);
1059 usb_mtp_add_u16(d, DATA_TYPE_UINT128);
1060 usb_mtp_add_u8(d, 0x00);
1061 usb_mtp_add_u64(d, 0x0000000000000000);
1062 usb_mtp_add_u64(d, 0x0000000000000000);
1063 usb_mtp_add_u32(d, 0x00000000);
1064 usb_mtp_add_u8(d, 0x00);
1065 break;
1066 case PROP_NAME:
1067 usb_mtp_add_u16(d, PROP_NAME);
1068 usb_mtp_add_u16(d, DATA_TYPE_STRING);
1069 usb_mtp_add_u8(d, 0x00);
1070 usb_mtp_add_u8(d, 0x00);
1071 usb_mtp_add_u32(d, 0x00000000);
1072 usb_mtp_add_u8(d, 0x00);
1073 break;
1074 default:
1075 usb_mtp_data_free(d);
1076 return NULL;
1077 }
1078
1079 return d;
1080 }
1081
1082 static MTPData *usb_mtp_get_object_prop_value(MTPState *s, MTPControl *c,
1083 MTPObject *o)
1084 {
1085 MTPData *d = usb_mtp_data_alloc(c);
1086 switch (c->argv[1]) {
1087 case PROP_STORAGE_ID:
1088 usb_mtp_add_u32(d, QEMU_STORAGE_ID);
1089 break;
1090 case PROP_OBJECT_FORMAT:
1091 usb_mtp_add_u16(d, o->format);
1092 break;
1093 case PROP_OBJECT_COMPRESSED_SIZE:
1094 usb_mtp_add_u64(d, o->stat.st_size);
1095 break;
1096 case PROP_PARENT_OBJECT:
1097 if (o->parent == NULL) {
1098 usb_mtp_add_u32(d, 0x00000000);
1099 } else {
1100 usb_mtp_add_u32(d, o->parent->handle);
1101 }
1102 break;
1103 case PROP_PERSISTENT_UNIQUE_OBJECT_IDENTIFIER:
1104 /* Should be persistent between sessions,
1105 * but using our objedt ID is "good enough"
1106 * for now */
1107 usb_mtp_add_u64(d, 0x0000000000000000);
1108 usb_mtp_add_u64(d, o->handle);
1109 break;
1110 case PROP_NAME:
1111 usb_mtp_add_str(d, o->name);
1112 break;
1113 default:
1114 usb_mtp_data_free(d);
1115 return NULL;
1116 }
1117
1118 return d;
1119 }
1120
1121 /* Return correct return code for a delete event */
1122 enum {
1123 ALL_DELETE,
1124 PARTIAL_DELETE,
1125 READ_ONLY,
1126 };
1127
1128 /* Assumes that children, if any, have been already freed */
1129 static void usb_mtp_object_free_one(MTPState *s, MTPObject *o)
1130 {
1131 #ifndef CONFIG_INOTIFY1
1132 assert(o->nchildren == 0);
1133 QTAILQ_REMOVE(&s->objects, o, next);
1134 g_free(o->name);
1135 g_free(o->path);
1136 g_free(o);
1137 #endif
1138 }
1139
1140 static int usb_mtp_deletefn(MTPState *s, MTPObject *o, uint32_t trans)
1141 {
1142 MTPObject *iter, *iter2;
1143 bool partial_delete = false;
1144 bool success = false;
1145
1146 /*
1147 * TODO: Add support for Protection Status
1148 */
1149
1150 QLIST_FOREACH(iter, &o->children, list) {
1151 if (iter->format == FMT_ASSOCIATION) {
1152 QLIST_FOREACH(iter2, &iter->children, list) {
1153 usb_mtp_deletefn(s, iter2, trans);
1154 }
1155 }
1156 }
1157
1158 if (o->format == FMT_UNDEFINED_OBJECT) {
1159 if (remove(o->path)) {
1160 partial_delete = true;
1161 } else {
1162 usb_mtp_object_free_one(s, o);
1163 success = true;
1164 }
1165 }
1166
1167 if (o->format == FMT_ASSOCIATION) {
1168 if (rmdir(o->path)) {
1169 partial_delete = true;
1170 } else {
1171 usb_mtp_object_free_one(s, o);
1172 success = true;
1173 }
1174 }
1175
1176 if (success && partial_delete) {
1177 return PARTIAL_DELETE;
1178 }
1179 if (!success && partial_delete) {
1180 return READ_ONLY;
1181 }
1182 return ALL_DELETE;
1183 }
1184
1185 static void usb_mtp_object_delete(MTPState *s, uint32_t handle,
1186 uint32_t format_code, uint32_t trans)
1187 {
1188 MTPObject *o;
1189 int ret;
1190
1191 /* Return error if store is read-only */
1192 if (!FLAG_SET(s, MTP_FLAG_WRITABLE)) {
1193 usb_mtp_queue_result(s, RES_STORE_READ_ONLY,
1194 trans, 0, 0, 0, 0);
1195 return;
1196 }
1197
1198 if (format_code != 0) {
1199 usb_mtp_queue_result(s, RES_SPEC_BY_FORMAT_UNSUPPORTED,
1200 trans, 0, 0, 0, 0);
1201 return;
1202 }
1203
1204 if (handle == 0xFFFFFFF) {
1205 o = QTAILQ_FIRST(&s->objects);
1206 } else {
1207 o = usb_mtp_object_lookup(s, handle);
1208 }
1209 if (o == NULL) {
1210 usb_mtp_queue_result(s, RES_INVALID_OBJECT_HANDLE,
1211 trans, 0, 0, 0, 0);
1212 return;
1213 }
1214
1215 ret = usb_mtp_deletefn(s, o, trans);
1216 if (ret == PARTIAL_DELETE) {
1217 usb_mtp_queue_result(s, RES_PARTIAL_DELETE,
1218 trans, 0, 0, 0, 0);
1219 return;
1220 } else if (ret == READ_ONLY) {
1221 usb_mtp_queue_result(s, RES_STORE_READ_ONLY, trans,
1222 0, 0, 0, 0);
1223 return;
1224 } else {
1225 usb_mtp_queue_result(s, RES_OK, trans,
1226 0, 0, 0, 0);
1227 return;
1228 }
1229 }
1230
1231 static void usb_mtp_command(MTPState *s, MTPControl *c)
1232 {
1233 MTPData *data_in = NULL;
1234 MTPObject *o;
1235 uint32_t nres = 0, res0 = 0;
1236
1237 /* sanity checks */
1238 if (c->code >= CMD_CLOSE_SESSION && s->session == 0) {
1239 usb_mtp_queue_result(s, RES_SESSION_NOT_OPEN,
1240 c->trans, 0, 0, 0, 0);
1241 return;
1242 }
1243
1244 /* process commands */
1245 switch (c->code) {
1246 case CMD_GET_DEVICE_INFO:
1247 data_in = usb_mtp_get_device_info(s, c);
1248 break;
1249 case CMD_OPEN_SESSION:
1250 if (s->session) {
1251 usb_mtp_queue_result(s, RES_SESSION_ALREADY_OPEN,
1252 c->trans, 1, s->session, 0, 0);
1253 return;
1254 }
1255 if (c->argv[0] == 0) {
1256 usb_mtp_queue_result(s, RES_INVALID_PARAMETER,
1257 c->trans, 0, 0, 0, 0);
1258 return;
1259 }
1260 trace_usb_mtp_op_open_session(s->dev.addr);
1261 s->session = c->argv[0];
1262 usb_mtp_object_alloc(s, s->next_handle++, NULL, s->root);
1263 #ifdef CONFIG_INOTIFY1
1264 if (usb_mtp_inotify_init(s)) {
1265 fprintf(stderr, "usb-mtp: file monitoring init failed\n");
1266 }
1267 #endif
1268 break;
1269 case CMD_CLOSE_SESSION:
1270 trace_usb_mtp_op_close_session(s->dev.addr);
1271 s->session = 0;
1272 s->next_handle = 0;
1273 #ifdef CONFIG_INOTIFY1
1274 usb_mtp_inotify_cleanup(s);
1275 #endif
1276 usb_mtp_object_free(s, QTAILQ_FIRST(&s->objects));
1277 assert(QTAILQ_EMPTY(&s->objects));
1278 break;
1279 case CMD_GET_STORAGE_IDS:
1280 data_in = usb_mtp_get_storage_ids(s, c);
1281 break;
1282 case CMD_GET_STORAGE_INFO:
1283 if (c->argv[0] != QEMU_STORAGE_ID &&
1284 c->argv[0] != 0xffffffff) {
1285 usb_mtp_queue_result(s, RES_INVALID_STORAGE_ID,
1286 c->trans, 0, 0, 0, 0);
1287 return;
1288 }
1289 data_in = usb_mtp_get_storage_info(s, c);
1290 break;
1291 case CMD_GET_NUM_OBJECTS:
1292 case CMD_GET_OBJECT_HANDLES:
1293 if (c->argv[0] != QEMU_STORAGE_ID &&
1294 c->argv[0] != 0xffffffff) {
1295 usb_mtp_queue_result(s, RES_INVALID_STORAGE_ID,
1296 c->trans, 0, 0, 0, 0);
1297 return;
1298 }
1299 if (c->argv[1] != 0x00000000) {
1300 usb_mtp_queue_result(s, RES_SPEC_BY_FORMAT_UNSUPPORTED,
1301 c->trans, 0, 0, 0, 0);
1302 return;
1303 }
1304 if (c->argv[2] == 0x00000000 ||
1305 c->argv[2] == 0xffffffff) {
1306 o = QTAILQ_FIRST(&s->objects);
1307 } else {
1308 o = usb_mtp_object_lookup(s, c->argv[2]);
1309 }
1310 if (o == NULL) {
1311 usb_mtp_queue_result(s, RES_INVALID_OBJECT_HANDLE,
1312 c->trans, 0, 0, 0, 0);
1313 return;
1314 }
1315 if (o->format != FMT_ASSOCIATION) {
1316 usb_mtp_queue_result(s, RES_INVALID_PARENT_OBJECT,
1317 c->trans, 0, 0, 0, 0);
1318 return;
1319 }
1320 usb_mtp_object_readdir(s, o);
1321 if (c->code == CMD_GET_NUM_OBJECTS) {
1322 trace_usb_mtp_op_get_num_objects(s->dev.addr, o->handle, o->path);
1323 nres = 1;
1324 res0 = o->nchildren;
1325 } else {
1326 data_in = usb_mtp_get_object_handles(s, c, o);
1327 }
1328 break;
1329 case CMD_GET_OBJECT_INFO:
1330 o = usb_mtp_object_lookup(s, c->argv[0]);
1331 if (o == NULL) {
1332 usb_mtp_queue_result(s, RES_INVALID_OBJECT_HANDLE,
1333 c->trans, 0, 0, 0, 0);
1334 return;
1335 }
1336 data_in = usb_mtp_get_object_info(s, c, o);
1337 break;
1338 case CMD_GET_OBJECT:
1339 o = usb_mtp_object_lookup(s, c->argv[0]);
1340 if (o == NULL) {
1341 usb_mtp_queue_result(s, RES_INVALID_OBJECT_HANDLE,
1342 c->trans, 0, 0, 0, 0);
1343 return;
1344 }
1345 if (o->format == FMT_ASSOCIATION) {
1346 usb_mtp_queue_result(s, RES_INVALID_OBJECT_HANDLE,
1347 c->trans, 0, 0, 0, 0);
1348 return;
1349 }
1350 data_in = usb_mtp_get_object(s, c, o);
1351 if (data_in == NULL) {
1352 usb_mtp_queue_result(s, RES_GENERAL_ERROR,
1353 c->trans, 0, 0, 0, 0);
1354 return;
1355 }
1356 break;
1357 case CMD_DELETE_OBJECT:
1358 usb_mtp_object_delete(s, c->argv[0], c->argv[1], c->trans);
1359 return;
1360 case CMD_GET_PARTIAL_OBJECT:
1361 o = usb_mtp_object_lookup(s, c->argv[0]);
1362 if (o == NULL) {
1363 usb_mtp_queue_result(s, RES_INVALID_OBJECT_HANDLE,
1364 c->trans, 0, 0, 0, 0);
1365 return;
1366 }
1367 if (o->format == FMT_ASSOCIATION) {
1368 usb_mtp_queue_result(s, RES_INVALID_OBJECT_HANDLE,
1369 c->trans, 0, 0, 0, 0);
1370 return;
1371 }
1372 data_in = usb_mtp_get_partial_object(s, c, o);
1373 if (data_in == NULL) {
1374 usb_mtp_queue_result(s, RES_GENERAL_ERROR,
1375 c->trans, 0, 0, 0, 0);
1376 return;
1377 }
1378 nres = 1;
1379 res0 = data_in->length;
1380 break;
1381 case CMD_GET_OBJECT_PROPS_SUPPORTED:
1382 if (c->argv[0] != FMT_UNDEFINED_OBJECT &&
1383 c->argv[0] != FMT_ASSOCIATION) {
1384 usb_mtp_queue_result(s, RES_INVALID_OBJECT_FORMAT_CODE,
1385 c->trans, 0, 0, 0, 0);
1386 return;
1387 }
1388 data_in = usb_mtp_get_object_props_supported(s, c);
1389 break;
1390 case CMD_GET_OBJECT_PROP_DESC:
1391 if (c->argv[1] != FMT_UNDEFINED_OBJECT &&
1392 c->argv[1] != FMT_ASSOCIATION) {
1393 usb_mtp_queue_result(s, RES_INVALID_OBJECT_FORMAT_CODE,
1394 c->trans, 0, 0, 0, 0);
1395 return;
1396 }
1397 data_in = usb_mtp_get_object_prop_desc(s, c);
1398 if (data_in == NULL) {
1399 usb_mtp_queue_result(s, RES_INVALID_OBJECT_PROP_CODE,
1400 c->trans, 0, 0, 0, 0);
1401 return;
1402 }
1403 break;
1404 case CMD_GET_OBJECT_PROP_VALUE:
1405 o = usb_mtp_object_lookup(s, c->argv[0]);
1406 if (o == NULL) {
1407 usb_mtp_queue_result(s, RES_INVALID_OBJECT_HANDLE,
1408 c->trans, 0, 0, 0, 0);
1409 return;
1410 }
1411 data_in = usb_mtp_get_object_prop_value(s, c, o);
1412 if (data_in == NULL) {
1413 usb_mtp_queue_result(s, RES_INVALID_OBJECT_PROP_CODE,
1414 c->trans, 0, 0, 0, 0);
1415 return;
1416 }
1417 break;
1418 default:
1419 trace_usb_mtp_op_unknown(s->dev.addr, c->code);
1420 usb_mtp_queue_result(s, RES_OPERATION_NOT_SUPPORTED,
1421 c->trans, 0, 0, 0, 0);
1422 return;
1423 }
1424
1425 /* return results on success */
1426 if (data_in) {
1427 assert(s->data_in == NULL);
1428 s->data_in = data_in;
1429 }
1430 usb_mtp_queue_result(s, RES_OK, c->trans, nres, res0, 0, 0);
1431 }
1432
1433 /* ----------------------------------------------------------------------- */
1434
1435 static void usb_mtp_handle_reset(USBDevice *dev)
1436 {
1437 MTPState *s = USB_MTP(dev);
1438
1439 trace_usb_mtp_reset(s->dev.addr);
1440
1441 #ifdef CONFIG_INOTIFY1
1442 usb_mtp_inotify_cleanup(s);
1443 #endif
1444 usb_mtp_object_free(s, QTAILQ_FIRST(&s->objects));
1445 s->session = 0;
1446 usb_mtp_data_free(s->data_in);
1447 s->data_in = NULL;
1448 usb_mtp_data_free(s->data_out);
1449 s->data_out = NULL;
1450 g_free(s->result);
1451 s->result = NULL;
1452 }
1453
1454 static void usb_mtp_handle_control(USBDevice *dev, USBPacket *p,
1455 int request, int value, int index,
1456 int length, uint8_t *data)
1457 {
1458 int ret;
1459
1460 ret = usb_desc_handle_control(dev, p, request, value, index, length, data);
1461 if (ret >= 0) {
1462 return;
1463 }
1464
1465 trace_usb_mtp_stall(dev->addr, "unknown control request");
1466 p->status = USB_RET_STALL;
1467 }
1468
1469 static void usb_mtp_cancel_packet(USBDevice *dev, USBPacket *p)
1470 {
1471 /* we don't use async packets, so this should never be called */
1472 fprintf(stderr, "%s\n", __func__);
1473 }
1474
1475 static void usb_mtp_handle_data(USBDevice *dev, USBPacket *p)
1476 {
1477 MTPState *s = USB_MTP(dev);
1478 MTPControl cmd;
1479 mtp_container container;
1480 uint32_t params[5];
1481 int i, rc;
1482
1483 switch (p->ep->nr) {
1484 case EP_DATA_IN:
1485 if (s->data_out != NULL) {
1486 /* guest bug */
1487 trace_usb_mtp_stall(s->dev.addr, "awaiting data-out");
1488 p->status = USB_RET_STALL;
1489 return;
1490 }
1491 if (p->iov.size < sizeof(container)) {
1492 trace_usb_mtp_stall(s->dev.addr, "packet too small");
1493 p->status = USB_RET_STALL;
1494 return;
1495 }
1496 if (s->data_in != NULL) {
1497 MTPData *d = s->data_in;
1498 uint64_t dlen = d->length - d->offset;
1499 if (d->first) {
1500 trace_usb_mtp_data_in(s->dev.addr, d->trans, d->length);
1501 if (d->length + sizeof(container) > 0xFFFFFFFF) {
1502 container.length = cpu_to_le32(0xFFFFFFFF);
1503 } else {
1504 container.length =
1505 cpu_to_le32(d->length + sizeof(container));
1506 }
1507 container.type = cpu_to_le16(TYPE_DATA);
1508 container.code = cpu_to_le16(d->code);
1509 container.trans = cpu_to_le32(d->trans);
1510 usb_packet_copy(p, &container, sizeof(container));
1511 d->first = false;
1512 if (dlen > p->iov.size - sizeof(container)) {
1513 dlen = p->iov.size - sizeof(container);
1514 }
1515 } else {
1516 if (dlen > p->iov.size) {
1517 dlen = p->iov.size;
1518 }
1519 }
1520 if (d->fd == -1) {
1521 usb_packet_copy(p, d->data + d->offset, dlen);
1522 } else {
1523 if (d->alloc < p->iov.size) {
1524 d->alloc = p->iov.size;
1525 d->data = g_realloc(d->data, d->alloc);
1526 }
1527 rc = read(d->fd, d->data, dlen);
1528 if (rc != dlen) {
1529 memset(d->data, 0, dlen);
1530 s->result->code = RES_INCOMPLETE_TRANSFER;
1531 }
1532 usb_packet_copy(p, d->data, dlen);
1533 }
1534 d->offset += dlen;
1535 if (d->offset == d->length) {
1536 usb_mtp_data_free(s->data_in);
1537 s->data_in = NULL;
1538 }
1539 } else if (s->result != NULL) {
1540 MTPControl *r = s->result;
1541 int length = sizeof(container) + r->argc * sizeof(uint32_t);
1542 if (r->code == RES_OK) {
1543 trace_usb_mtp_success(s->dev.addr, r->trans,
1544 (r->argc > 0) ? r->argv[0] : 0,
1545 (r->argc > 1) ? r->argv[1] : 0);
1546 } else {
1547 trace_usb_mtp_error(s->dev.addr, r->code, r->trans,
1548 (r->argc > 0) ? r->argv[0] : 0,
1549 (r->argc > 1) ? r->argv[1] : 0);
1550 }
1551 container.length = cpu_to_le32(length);
1552 container.type = cpu_to_le16(TYPE_RESPONSE);
1553 container.code = cpu_to_le16(r->code);
1554 container.trans = cpu_to_le32(r->trans);
1555 for (i = 0; i < r->argc; i++) {
1556 params[i] = cpu_to_le32(r->argv[i]);
1557 }
1558 usb_packet_copy(p, &container, sizeof(container));
1559 usb_packet_copy(p, &params, length - sizeof(container));
1560 g_free(s->result);
1561 s->result = NULL;
1562 }
1563 break;
1564 case EP_DATA_OUT:
1565 if (p->iov.size < sizeof(container)) {
1566 trace_usb_mtp_stall(s->dev.addr, "packet too small");
1567 p->status = USB_RET_STALL;
1568 return;
1569 }
1570 usb_packet_copy(p, &container, sizeof(container));
1571 switch (le16_to_cpu(container.type)) {
1572 case TYPE_COMMAND:
1573 if (s->data_in || s->data_out || s->result) {
1574 trace_usb_mtp_stall(s->dev.addr, "transaction inflight");
1575 p->status = USB_RET_STALL;
1576 return;
1577 }
1578 cmd.code = le16_to_cpu(container.code);
1579 cmd.argc = (le32_to_cpu(container.length) - sizeof(container))
1580 / sizeof(uint32_t);
1581 cmd.trans = le32_to_cpu(container.trans);
1582 if (cmd.argc > ARRAY_SIZE(cmd.argv)) {
1583 cmd.argc = ARRAY_SIZE(cmd.argv);
1584 }
1585 if (p->iov.size < sizeof(container) + cmd.argc * sizeof(uint32_t)) {
1586 trace_usb_mtp_stall(s->dev.addr, "packet too small");
1587 p->status = USB_RET_STALL;
1588 return;
1589 }
1590 usb_packet_copy(p, &params, cmd.argc * sizeof(uint32_t));
1591 for (i = 0; i < cmd.argc; i++) {
1592 cmd.argv[i] = le32_to_cpu(params[i]);
1593 }
1594 trace_usb_mtp_command(s->dev.addr, cmd.code, cmd.trans,
1595 (cmd.argc > 0) ? cmd.argv[0] : 0,
1596 (cmd.argc > 1) ? cmd.argv[1] : 0,
1597 (cmd.argc > 2) ? cmd.argv[2] : 0,
1598 (cmd.argc > 3) ? cmd.argv[3] : 0,
1599 (cmd.argc > 4) ? cmd.argv[4] : 0);
1600 usb_mtp_command(s, &cmd);
1601 break;
1602 default:
1603 /* not needed as long as the mtp device is read-only */
1604 p->status = USB_RET_STALL;
1605 return;
1606 }
1607 break;
1608 case EP_EVENT:
1609 #ifdef CONFIG_INOTIFY1
1610 if (!QTAILQ_EMPTY(&s->events)) {
1611 struct MTPMonEntry *e = QTAILQ_LAST(&s->events, events);
1612 uint32_t handle;
1613 int len = sizeof(container) + sizeof(uint32_t);
1614
1615 if (p->iov.size < len) {
1616 trace_usb_mtp_stall(s->dev.addr,
1617 "packet too small to send event");
1618 p->status = USB_RET_STALL;
1619 return;
1620 }
1621
1622 QTAILQ_REMOVE(&s->events, e, next);
1623 container.length = cpu_to_le32(len);
1624 container.type = cpu_to_le32(TYPE_EVENT);
1625 container.code = cpu_to_le16(e->event);
1626 container.trans = 0; /* no trans specific events */
1627 handle = cpu_to_le32(e->handle);
1628 usb_packet_copy(p, &container, sizeof(container));
1629 usb_packet_copy(p, &handle, sizeof(uint32_t));
1630 g_free(e);
1631 return;
1632 }
1633 #endif
1634 p->status = USB_RET_NAK;
1635 return;
1636 default:
1637 trace_usb_mtp_stall(s->dev.addr, "invalid endpoint");
1638 p->status = USB_RET_STALL;
1639 return;
1640 }
1641
1642 if (p->actual_length == 0) {
1643 trace_usb_mtp_nak(s->dev.addr, p->ep->nr);
1644 p->status = USB_RET_NAK;
1645 return;
1646 } else {
1647 trace_usb_mtp_xfer(s->dev.addr, p->ep->nr, p->actual_length,
1648 p->iov.size);
1649 return;
1650 }
1651 }
1652
1653 static void usb_mtp_realize(USBDevice *dev, Error **errp)
1654 {
1655 MTPState *s = USB_MTP(dev);
1656
1657 usb_desc_create_serial(dev);
1658 usb_desc_init(dev);
1659 QTAILQ_INIT(&s->objects);
1660 if (s->desc == NULL) {
1661 if (s->root == NULL) {
1662 error_setg(errp, "usb-mtp: x-root property must be configured");
1663 return;
1664 }
1665 s->desc = strrchr(s->root, '/');
1666 /* Mark store as RW */
1667 if (!s->readonly) {
1668 s->flags |= (1 << MTP_FLAG_WRITABLE);
1669 }
1670 if (s->desc && s->desc[0]) {
1671 s->desc = g_strdup(s->desc + 1);
1672 } else {
1673 s->desc = g_strdup("none");
1674 }
1675 }
1676 }
1677
1678 static const VMStateDescription vmstate_usb_mtp = {
1679 .name = "usb-mtp",
1680 .unmigratable = 1,
1681 .version_id = 1,
1682 .minimum_version_id = 1,
1683 .fields = (VMStateField[]) {
1684 VMSTATE_USB_DEVICE(dev, MTPState),
1685 VMSTATE_END_OF_LIST()
1686 }
1687 };
1688
1689 static Property mtp_properties[] = {
1690 DEFINE_PROP_STRING("x-root", MTPState, root),
1691 DEFINE_PROP_STRING("desc", MTPState, desc),
1692 DEFINE_PROP_BOOL("readonly", MTPState, readonly, true),
1693 DEFINE_PROP_END_OF_LIST(),
1694 };
1695
1696 static void usb_mtp_class_initfn(ObjectClass *klass, void *data)
1697 {
1698 DeviceClass *dc = DEVICE_CLASS(klass);
1699 USBDeviceClass *uc = USB_DEVICE_CLASS(klass);
1700
1701 uc->realize = usb_mtp_realize;
1702 uc->product_desc = "QEMU USB MTP";
1703 uc->usb_desc = &desc;
1704 uc->cancel_packet = usb_mtp_cancel_packet;
1705 uc->handle_attach = usb_desc_attach;
1706 uc->handle_reset = usb_mtp_handle_reset;
1707 uc->handle_control = usb_mtp_handle_control;
1708 uc->handle_data = usb_mtp_handle_data;
1709 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
1710 dc->desc = "USB Media Transfer Protocol device";
1711 dc->fw_name = "mtp";
1712 dc->vmsd = &vmstate_usb_mtp;
1713 dc->props = mtp_properties;
1714 }
1715
1716 static TypeInfo mtp_info = {
1717 .name = TYPE_USB_MTP,
1718 .parent = TYPE_USB_DEVICE,
1719 .instance_size = sizeof(MTPState),
1720 .class_init = usb_mtp_class_initfn,
1721 };
1722
1723 static void usb_mtp_register_types(void)
1724 {
1725 type_register_static(&mtp_info);
1726 }
1727
1728 type_init(usb_mtp_register_types)
AR7 emulation for QEMU