search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix array subscript above array bounds error
[qemu/mini2440.git] / usb-linux.c
blob937ff12867dc5f43609da152cdf0d460d005b8e8
1 /*
2 * Linux host USB redirector
3 *
4 * Copyright (c) 2005 Fabrice Bellard
5 *
6 * Copyright (c) 2008 Max Krasnyansky
7 * Support for host device auto connect & disconnect
8 * Major rewrite to support fully async operation
9 *
10 * Permission is hereby granted, free of charge, to any person obtaining a copy
11 * of this software and associated documentation files (the "Software"), to deal
12 * in the Software without restriction, including without limitation the rights
13 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
14 * copies of the Software, and to permit persons to whom the Software is
15 * furnished to do so, subject to the following conditions:
16 *
17 * The above copyright notice and this permission notice shall be included in
18 * all copies or substantial portions of the Software.
19 *
20 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
21 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
23 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
24 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
25 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
26 * THE SOFTWARE.
27 */
28
29 #include "qemu-common.h"
30 #include "qemu-timer.h"
31 #include "console.h"
32
33 #if defined(__linux__)
34 #include <dirent.h>
35 #include <sys/ioctl.h>
36 #include <signal.h>
37
38 #include <linux/usb/ch9.h>
39 #include <linux/usbdevice_fs.h>
40 #include <linux/version.h>
41 #include "hw/usb.h"
42
43 typedef int USBScanFunc(void *opaque, int bus_num, int addr, int class_id,
44 int vendor_id, int product_id,
45 const char *product_name, int speed);
46 static int usb_host_find_device(int *pbus_num, int *paddr,
47 char *product_name, int product_name_size,
48 const char *devname);
49 //#define DEBUG
50
51 #ifdef DEBUG
52 #define dprintf printf
53 #else
54 #define dprintf(...)
55 #endif
56
57 #define USBDEVFS_PATH "/proc/bus/usb"
58 #define PRODUCT_NAME_SZ 32
59 #define MAX_ENDPOINTS 16
60
61 /* endpoint association data */
62 struct endp_data {
63 uint8_t type;
64 uint8_t halted;
65 };
66
67 enum {
68 CTRL_STATE_IDLE = 0,
69 CTRL_STATE_SETUP,
70 CTRL_STATE_DATA,
71 CTRL_STATE_ACK
72 };
73
74 /*
75 * Control transfer state.
76 * Note that 'buffer' _must_ follow 'req' field because
77 * we need contigious buffer when we submit control URB.
78 */
79 struct ctrl_struct {
80 uint16_t len;
81 uint16_t offset;
82 uint8_t state;
83 struct usb_ctrlrequest req;
84 uint8_t buffer[1024];
85 };
86
87 typedef struct USBHostDevice {
88 USBDevice dev;
89 int fd;
90
91 uint8_t descr[1024];
92 int descr_len;
93 int configuration;
94 int ninterfaces;
95 int closing;
96
97 struct ctrl_struct ctrl;
98 struct endp_data endp_table[MAX_ENDPOINTS];
99
100 /* Host side address */
101 int bus_num;
102 int addr;
103
104 struct USBHostDevice *next;
105 } USBHostDevice;
106
107 static int is_isoc(USBHostDevice *s, int ep)
108 {
109 return s->endp_table[ep - 1].type == USBDEVFS_URB_TYPE_ISO;
110 }
111
112 static int is_halted(USBHostDevice *s, int ep)
113 {
114 return s->endp_table[ep - 1].halted;
115 }
116
117 static void clear_halt(USBHostDevice *s, int ep)
118 {
119 s->endp_table[ep - 1].halted = 0;
120 }
121
122 static void set_halt(USBHostDevice *s, int ep)
123 {
124 s->endp_table[ep - 1].halted = 1;
125 }
126
127 static USBHostDevice *hostdev_list;
128
129 static void hostdev_link(USBHostDevice *dev)
130 {
131 dev->next = hostdev_list;
132 hostdev_list = dev;
133 }
134
135 static void hostdev_unlink(USBHostDevice *dev)
136 {
137 USBHostDevice *pdev = hostdev_list;
138 USBHostDevice **prev = &hostdev_list;
139
140 while (pdev) {
141 if (pdev == dev) {
142 *prev = dev->next;
143 return;
144 }
145
146 prev = &pdev->next;
147 pdev = pdev->next;
148 }
149 }
150
151 static USBHostDevice *hostdev_find(int bus_num, int addr)
152 {
153 USBHostDevice *s = hostdev_list;
154 while (s) {
155 if (s->bus_num == bus_num && s->addr == addr)
156 return s;
157 s = s->next;
158 }
159 return NULL;
160 }
161
162 /*
163 * Async URB state.
164 * We always allocate one isoc descriptor even for bulk transfers
165 * to simplify allocation and casts.
166 */
167 typedef struct AsyncURB
168 {
169 struct usbdevfs_urb urb;
170 struct usbdevfs_iso_packet_desc isocpd;
171
172 USBPacket *packet;
173 USBHostDevice *hdev;
174 } AsyncURB;
175
176 static AsyncURB *async_alloc(void)
177 {
178 return (AsyncURB *) qemu_mallocz(sizeof(AsyncURB));
179 }
180
181 static void async_free(AsyncURB *aurb)
182 {
183 qemu_free(aurb);
184 }
185
186 static void async_complete_ctrl(USBHostDevice *s, USBPacket *p)
187 {
188 switch(s->ctrl.state) {
189 case CTRL_STATE_SETUP:
190 if (p->len < s->ctrl.len)
191 s->ctrl.len = p->len;
192 s->ctrl.state = CTRL_STATE_DATA;
193 p->len = 8;
194 break;
195
196 case CTRL_STATE_ACK:
197 s->ctrl.state = CTRL_STATE_IDLE;
198 p->len = 0;
199 break;
200
201 default:
202 break;
203 }
204 }
205
206 static void async_complete(void *opaque)
207 {
208 USBHostDevice *s = opaque;
209 AsyncURB *aurb;
210
211 while (1) {
212 USBPacket *p;
213
214 int r = ioctl(s->fd, USBDEVFS_REAPURBNDELAY, &aurb);
215 if (r < 0) {
216 if (errno == EAGAIN)
217 return;
218
219 if (errno == ENODEV && !s->closing) {
220 printf("husb: device %d.%d disconnected\n", s->bus_num, s->addr);
221 usb_device_del_addr(0, s->dev.addr);
222 return;
223 }
224
225 dprintf("husb: async. reap urb failed errno %d\n", errno);
226 return;
227 }
228
229 p = aurb->packet;
230
231 dprintf("husb: async completed. aurb %p status %d alen %d\n",
232 aurb, aurb->urb.status, aurb->urb.actual_length);
233
234 if (p) {
235 switch (aurb->urb.status) {
236 case 0:
237 p->len = aurb->urb.actual_length;
238 if (aurb->urb.type == USBDEVFS_URB_TYPE_CONTROL)
239 async_complete_ctrl(s, p);
240 break;
241
242 case -EPIPE:
243 set_halt(s, p->devep);
244 /* fall through */
245 default:
246 p->len = USB_RET_NAK;
247 break;
248 }
249
250 usb_packet_complete(p);
251 }
252
253 async_free(aurb);
254 }
255 }
256
257 static void async_cancel(USBPacket *unused, void *opaque)
258 {
259 AsyncURB *aurb = opaque;
260 USBHostDevice *s = aurb->hdev;
261
262 dprintf("husb: async cancel. aurb %p\n", aurb);
263
264 /* Mark it as dead (see async_complete above) */
265 aurb->packet = NULL;
266
267 int r = ioctl(s->fd, USBDEVFS_DISCARDURB, aurb);
268 if (r < 0) {
269 dprintf("husb: async. discard urb failed errno %d\n", errno);
270 }
271 }
272
273 static int usb_host_claim_interfaces(USBHostDevice *dev, int configuration)
274 {
275 int dev_descr_len, config_descr_len;
276 int interface, nb_interfaces, nb_configurations;
277 int ret, i;
278
279 if (configuration == 0) /* address state - ignore */
280 return 1;
281
282 dprintf("husb: claiming interfaces. config %d\n", configuration);
283
284 i = 0;
285 dev_descr_len = dev->descr[0];
286 if (dev_descr_len > dev->descr_len)
287 goto fail;
288 nb_configurations = dev->descr[17];
289
290 i += dev_descr_len;
291 while (i < dev->descr_len) {
292 dprintf("husb: i is %d, descr_len is %d, dl %d, dt %d\n", i, dev->descr_len,
293 dev->descr[i], dev->descr[i+1]);
294
295 if (dev->descr[i+1] != USB_DT_CONFIG) {
296 i += dev->descr[i];
297 continue;
298 }
299 config_descr_len = dev->descr[i];
300
301 printf("husb: config #%d need %d\n", dev->descr[i + 5], configuration);
302
303 if (configuration < 0 || configuration == dev->descr[i + 5]) {
304 configuration = dev->descr[i + 5];
305 break;
306 }
307
308 i += config_descr_len;
309 }
310
311 if (i >= dev->descr_len) {
312 fprintf(stderr, "husb: update iface failed. no matching configuration\n");
313 goto fail;
314 }
315 nb_interfaces = dev->descr[i + 4];
316
317 #ifdef USBDEVFS_DISCONNECT
318 /* earlier Linux 2.4 do not support that */
319 {
320 struct usbdevfs_ioctl ctrl;
321 for (interface = 0; interface < nb_interfaces; interface++) {
322 ctrl.ioctl_code = USBDEVFS_DISCONNECT;
323 ctrl.ifno = interface;
324 ret = ioctl(dev->fd, USBDEVFS_IOCTL, &ctrl);
325 if (ret < 0 && errno != ENODATA) {
326 perror("USBDEVFS_DISCONNECT");
327 goto fail;
328 }
329 }
330 }
331 #endif
332
333 /* XXX: only grab if all interfaces are free */
334 for (interface = 0; interface < nb_interfaces; interface++) {
335 ret = ioctl(dev->fd, USBDEVFS_CLAIMINTERFACE, &interface);
336 if (ret < 0) {
337 if (errno == EBUSY) {
338 printf("husb: update iface. device already grabbed\n");
339 } else {
340 perror("husb: failed to claim interface");
341 }
342 fail:
343 return 0;
344 }
345 }
346
347 printf("husb: %d interfaces claimed for configuration %d\n",
348 nb_interfaces, configuration);
349
350 dev->ninterfaces = nb_interfaces;
351 dev->configuration = configuration;
352 return 1;
353 }
354
355 static int usb_host_release_interfaces(USBHostDevice *s)
356 {
357 int ret, i;
358
359 dprintf("husb: releasing interfaces\n");
360
361 for (i = 0; i < s->ninterfaces; i++) {
362 ret = ioctl(s->fd, USBDEVFS_RELEASEINTERFACE, &i);
363 if (ret < 0) {
364 perror("husb: failed to release interface");
365 return 0;
366 }
367 }
368
369 return 1;
370 }
371
372 static void usb_host_handle_reset(USBDevice *dev)
373 {
374 USBHostDevice *s = (USBHostDevice *) dev;
375
376 dprintf("husb: reset device %u.%u\n", s->bus_num, s->addr);
377
378 ioctl(s->fd, USBDEVFS_RESET);
379
380 usb_host_claim_interfaces(s, s->configuration);
381 }
382
383 static void usb_host_handle_destroy(USBDevice *dev)
384 {
385 USBHostDevice *s = (USBHostDevice *)dev;
386
387 s->closing = 1;
388
389 qemu_set_fd_handler(s->fd, NULL, NULL, NULL);
390
391 hostdev_unlink(s);
392
393 async_complete(s);
394
395 if (s->fd >= 0)
396 close(s->fd);
397
398 qemu_free(s);
399 }
400
401 static int usb_linux_update_endp_table(USBHostDevice *s);
402
403 static int usb_host_handle_data(USBHostDevice *s, USBPacket *p)
404 {
405 struct usbdevfs_urb *urb;
406 AsyncURB *aurb;
407 int ret;
408
409 aurb = async_alloc();
410 if (!aurb) {
411 dprintf("husb: async malloc failed\n");
412 return USB_RET_NAK;
413 }
414 aurb->hdev = s;
415 aurb->packet = p;
416
417 urb = &aurb->urb;
418
419 if (p->pid == USB_TOKEN_IN)
420 urb->endpoint = p->devep | 0x80;
421 else
422 urb->endpoint = p->devep;
423
424 if (is_halted(s, p->devep)) {
425 ret = ioctl(s->fd, USBDEVFS_CLEAR_HALT, &urb->endpoint);
426 if (ret < 0) {
427 dprintf("husb: failed to clear halt. ep 0x%x errno %d\n",
428 urb->endpoint, errno);
429 return USB_RET_NAK;
430 }
431 clear_halt(s, p->devep);
432 }
433
434 urb->buffer = p->data;
435 urb->buffer_length = p->len;
436
437 if (is_isoc(s, p->devep)) {
438 /* Setup ISOC transfer */
439 urb->type = USBDEVFS_URB_TYPE_ISO;
440 urb->flags = USBDEVFS_URB_ISO_ASAP;
441 urb->number_of_packets = 1;
442 urb->iso_frame_desc[0].length = p->len;
443 } else {
444 /* Setup bulk transfer */
445 urb->type = USBDEVFS_URB_TYPE_BULK;
446 }
447
448 urb->usercontext = s;
449
450 ret = ioctl(s->fd, USBDEVFS_SUBMITURB, urb);
451
452 dprintf("husb: data submit. ep 0x%x len %u aurb %p\n", urb->endpoint, p->len, aurb);
453
454 if (ret < 0) {
455 dprintf("husb: submit failed. errno %d\n", errno);
456 async_free(aurb);
457
458 switch(errno) {
459 case ETIMEDOUT:
460 return USB_RET_NAK;
461 case EPIPE:
462 default:
463 return USB_RET_STALL;
464 }
465 }
466
467 usb_defer_packet(p, async_cancel, aurb);
468 return USB_RET_ASYNC;
469 }
470
471 static int ctrl_error(void)
472 {
473 if (errno == ETIMEDOUT)
474 return USB_RET_NAK;
475 else
476 return USB_RET_STALL;
477 }
478
479 static int usb_host_set_address(USBHostDevice *s, int addr)
480 {
481 dprintf("husb: ctrl set addr %u\n", addr);
482 s->dev.addr = addr;
483 return 0;
484 }
485
486 static int usb_host_set_config(USBHostDevice *s, int config)
487 {
488 usb_host_release_interfaces(s);
489
490 int ret = ioctl(s->fd, USBDEVFS_SETCONFIGURATION, &config);
491
492 dprintf("husb: ctrl set config %d ret %d errno %d\n", config, ret, errno);
493
494 if (ret < 0)
495 return ctrl_error();
496
497 usb_host_claim_interfaces(s, config);
498 return 0;
499 }
500
501 static int usb_host_set_interface(USBHostDevice *s, int iface, int alt)
502 {
503 struct usbdevfs_setinterface si;
504 int ret;
505
506 si.interface = iface;
507 si.altsetting = alt;
508 ret = ioctl(s->fd, USBDEVFS_SETINTERFACE, &si);
509
510 dprintf("husb: ctrl set iface %d altset %d ret %d errno %d\n",
511 iface, alt, ret, errno);
512
513 if (ret < 0)
514 return ctrl_error();
515
516 usb_linux_update_endp_table(s);
517 return 0;
518 }
519
520 static int usb_host_handle_control(USBHostDevice *s, USBPacket *p)
521 {
522 struct usbdevfs_urb *urb;
523 AsyncURB *aurb;
524 int ret, value, index;
525
526 /*
527 * Process certain standard device requests.
528 * These are infrequent and are processed synchronously.
529 */
530 value = le16_to_cpu(s->ctrl.req.wValue);
531 index = le16_to_cpu(s->ctrl.req.wIndex);
532
533 dprintf("husb: ctrl type 0x%x req 0x%x val 0x%x index %u len %u\n",
534 s->ctrl.req.bRequestType, s->ctrl.req.bRequest, value, index,
535 s->ctrl.len);
536
537 if (s->ctrl.req.bRequestType == 0) {
538 switch (s->ctrl.req.bRequest) {
539 case USB_REQ_SET_ADDRESS:
540 return usb_host_set_address(s, value);
541
542 case USB_REQ_SET_CONFIGURATION:
543 return usb_host_set_config(s, value & 0xff);
544 }
545 }
546
547 if (s->ctrl.req.bRequestType == 1 &&
548 s->ctrl.req.bRequest == USB_REQ_SET_INTERFACE)
549 return usb_host_set_interface(s, index, value);
550
551 /* The rest are asynchronous */
552
553 aurb = async_alloc();
554 if (!aurb) {
555 dprintf("husb: async malloc failed\n");
556 return USB_RET_NAK;
557 }
558 aurb->hdev = s;
559 aurb->packet = p;
560
561 /*
562 * Setup ctrl transfer.
563 *
564 * s->ctrl is layed out such that data buffer immediately follows
565 * 'req' struct which is exactly what usbdevfs expects.
566 */
567 urb = &aurb->urb;
568
569 urb->type = USBDEVFS_URB_TYPE_CONTROL;
570 urb->endpoint = p->devep;
571
572 urb->buffer = &s->ctrl.req;
573 urb->buffer_length = 8 + s->ctrl.len;
574
575 urb->usercontext = s;
576
577 ret = ioctl(s->fd, USBDEVFS_SUBMITURB, urb);
578
579 dprintf("husb: submit ctrl. len %u aurb %p\n", urb->buffer_length, aurb);
580
581 if (ret < 0) {
582 dprintf("husb: submit failed. errno %d\n", errno);
583 async_free(aurb);
584
585 switch(errno) {
586 case ETIMEDOUT:
587 return USB_RET_NAK;
588 case EPIPE:
589 default:
590 return USB_RET_STALL;
591 }
592 }
593
594 usb_defer_packet(p, async_cancel, aurb);
595 return USB_RET_ASYNC;
596 }
597
598 static int do_token_setup(USBDevice *dev, USBPacket *p)
599 {
600 USBHostDevice *s = (USBHostDevice *) dev;
601 int ret = 0;
602
603 if (p->len != 8)
604 return USB_RET_STALL;
605
606 memcpy(&s->ctrl.req, p->data, 8);
607 s->ctrl.len = le16_to_cpu(s->ctrl.req.wLength);
608 s->ctrl.offset = 0;
609 s->ctrl.state = CTRL_STATE_SETUP;
610
611 if (s->ctrl.req.bRequestType & USB_DIR_IN) {
612 ret = usb_host_handle_control(s, p);
613 if (ret < 0)
614 return ret;
615
616 if (ret < s->ctrl.len)
617 s->ctrl.len = ret;
618 s->ctrl.state = CTRL_STATE_DATA;
619 } else {
620 if (s->ctrl.len == 0)
621 s->ctrl.state = CTRL_STATE_ACK;
622 else
623 s->ctrl.state = CTRL_STATE_DATA;
624 }
625
626 return ret;
627 }
628
629 static int do_token_in(USBDevice *dev, USBPacket *p)
630 {
631 USBHostDevice *s = (USBHostDevice *) dev;
632 int ret = 0;
633
634 if (p->devep != 0)
635 return usb_host_handle_data(s, p);
636
637 switch(s->ctrl.state) {
638 case CTRL_STATE_ACK:
639 if (!(s->ctrl.req.bRequestType & USB_DIR_IN)) {
640 ret = usb_host_handle_control(s, p);
641 if (ret == USB_RET_ASYNC)
642 return USB_RET_ASYNC;
643
644 s->ctrl.state = CTRL_STATE_IDLE;
645 return ret > 0 ? 0 : ret;
646 }
647
648 return 0;
649
650 case CTRL_STATE_DATA:
651 if (s->ctrl.req.bRequestType & USB_DIR_IN) {
652 int len = s->ctrl.len - s->ctrl.offset;
653 if (len > p->len)
654 len = p->len;
655 memcpy(p->data, s->ctrl.buffer + s->ctrl.offset, len);
656 s->ctrl.offset += len;
657 if (s->ctrl.offset >= s->ctrl.len)
658 s->ctrl.state = CTRL_STATE_ACK;
659 return len;
660 }
661
662 s->ctrl.state = CTRL_STATE_IDLE;
663 return USB_RET_STALL;
664
665 default:
666 return USB_RET_STALL;
667 }
668 }
669
670 static int do_token_out(USBDevice *dev, USBPacket *p)
671 {
672 USBHostDevice *s = (USBHostDevice *) dev;
673
674 if (p->devep != 0)
675 return usb_host_handle_data(s, p);
676
677 switch(s->ctrl.state) {
678 case CTRL_STATE_ACK:
679 if (s->ctrl.req.bRequestType & USB_DIR_IN) {
680 s->ctrl.state = CTRL_STATE_IDLE;
681 /* transfer OK */
682 } else {
683 /* ignore additional output */
684 }
685 return 0;
686
687 case CTRL_STATE_DATA:
688 if (!(s->ctrl.req.bRequestType & USB_DIR_IN)) {
689 int len = s->ctrl.len - s->ctrl.offset;
690 if (len > p->len)
691 len = p->len;
692 memcpy(s->ctrl.buffer + s->ctrl.offset, p->data, len);
693 s->ctrl.offset += len;
694 if (s->ctrl.offset >= s->ctrl.len)
695 s->ctrl.state = CTRL_STATE_ACK;
696 return len;
697 }
698
699 s->ctrl.state = CTRL_STATE_IDLE;
700 return USB_RET_STALL;
701
702 default:
703 return USB_RET_STALL;
704 }
705 }
706
707 /*
708 * Packet handler.
709 * Called by the HC (host controller).
710 *
711 * Returns length of the transaction or one of the USB_RET_XXX codes.
712 */
713 int usb_host_handle_packet(USBDevice *s, USBPacket *p)
714 {
715 switch(p->pid) {
716 case USB_MSG_ATTACH:
717 s->state = USB_STATE_ATTACHED;
718 return 0;
719
720 case USB_MSG_DETACH:
721 s->state = USB_STATE_NOTATTACHED;
722 return 0;
723
724 case USB_MSG_RESET:
725 s->remote_wakeup = 0;
726 s->addr = 0;
727 s->state = USB_STATE_DEFAULT;
728 s->handle_reset(s);
729 return 0;
730 }
731
732 /* Rest of the PIDs must match our address */
733 if (s->state < USB_STATE_DEFAULT || p->devaddr != s->addr)
734 return USB_RET_NODEV;
735
736 switch (p->pid) {
737 case USB_TOKEN_SETUP:
738 return do_token_setup(s, p);
739
740 case USB_TOKEN_IN:
741 return do_token_in(s, p);
742
743 case USB_TOKEN_OUT:
744 return do_token_out(s, p);
745
746 default:
747 return USB_RET_STALL;
748 }
749 }
750
751 /* returns 1 on problem encountered or 0 for success */
752 static int usb_linux_update_endp_table(USBHostDevice *s)
753 {
754 uint8_t *descriptors;
755 uint8_t devep, type, configuration, alt_interface;
756 struct usbdevfs_ctrltransfer ct;
757 int interface, ret, length, i;
758
759 ct.bRequestType = USB_DIR_IN;
760 ct.bRequest = USB_REQ_GET_CONFIGURATION;
761 ct.wValue = 0;
762 ct.wIndex = 0;
763 ct.wLength = 1;
764 ct.data = &configuration;
765 ct.timeout = 50;
766
767 ret = ioctl(s->fd, USBDEVFS_CONTROL, &ct);
768 if (ret < 0) {
769 perror("usb_linux_update_endp_table");
770 return 1;
771 }
772
773 /* in address state */
774 if (configuration == 0)
775 return 1;
776
777 /* get the desired configuration, interface, and endpoint descriptors
778 * from device description */
779 descriptors = &s->descr[18];
780 length = s->descr_len - 18;
781 i = 0;
782
783 if (descriptors[i + 1] != USB_DT_CONFIG ||
784 descriptors[i + 5] != configuration) {
785 dprintf("invalid descriptor data - configuration\n");
786 return 1;
787 }
788 i += descriptors[i];
789
790 while (i < length) {
791 if (descriptors[i + 1] != USB_DT_INTERFACE ||
792 (descriptors[i + 1] == USB_DT_INTERFACE &&
793 descriptors[i + 4] == 0)) {
794 i += descriptors[i];
795 continue;
796 }
797
798 interface = descriptors[i + 2];
799
800 ct.bRequestType = USB_DIR_IN | USB_RECIP_INTERFACE;
801 ct.bRequest = USB_REQ_GET_INTERFACE;
802 ct.wValue = 0;
803 ct.wIndex = interface;
804 ct.wLength = 1;
805 ct.data = &alt_interface;
806 ct.timeout = 50;
807
808 ret = ioctl(s->fd, USBDEVFS_CONTROL, &ct);
809 if (ret < 0) {
810 perror("usb_linux_update_endp_table");
811 return 1;
812 }
813
814 /* the current interface descriptor is the active interface
815 * and has endpoints */
816 if (descriptors[i + 3] != alt_interface) {
817 i += descriptors[i];
818 continue;
819 }
820
821 /* advance to the endpoints */
822 while (i < length && descriptors[i +1] != USB_DT_ENDPOINT)
823 i += descriptors[i];
824
825 if (i >= length)
826 break;
827
828 while (i < length) {
829 if (descriptors[i + 1] != USB_DT_ENDPOINT)
830 break;
831
832 devep = descriptors[i + 2];
833 switch (descriptors[i + 3] & 0x3) {
834 case 0x00:
835 type = USBDEVFS_URB_TYPE_CONTROL;
836 break;
837 case 0x01:
838 type = USBDEVFS_URB_TYPE_ISO;
839 break;
840 case 0x02:
841 type = USBDEVFS_URB_TYPE_BULK;
842 break;
843 case 0x03:
844 type = USBDEVFS_URB_TYPE_INTERRUPT;
845 break;
846 default:
847 dprintf("usb_host: malformed endpoint type\n");
848 type = USBDEVFS_URB_TYPE_BULK;
849 }
850 s->endp_table[(devep & 0xf) - 1].type = type;
851 s->endp_table[(devep & 0xf) - 1].halted = 0;
852
853 i += descriptors[i];
854 }
855 }
856 return 0;
857 }
858
859 static USBDevice *usb_host_device_open_addr(int bus_num, int addr, const char *prod_name)
860 {
861 int fd = -1, ret;
862 USBHostDevice *dev = NULL;
863 struct usbdevfs_connectinfo ci;
864 char buf[1024];
865
866 dev = qemu_mallocz(sizeof(USBHostDevice));
867 if (!dev)
868 goto fail;
869
870 dev->bus_num = bus_num;
871 dev->addr = addr;
872
873 printf("husb: open device %d.%d\n", bus_num, addr);
874
875 snprintf(buf, sizeof(buf), USBDEVFS_PATH "/%03d/%03d",
876 bus_num, addr);
877 fd = open(buf, O_RDWR | O_NONBLOCK);
878 if (fd < 0) {
879 perror(buf);
880 goto fail;
881 }
882
883 /* read the device description */
884 dev->descr_len = read(fd, dev->descr, sizeof(dev->descr));
885 if (dev->descr_len <= 0) {
886 perror("husb: reading device data failed");
887 goto fail;
888 }
889
890 #ifdef DEBUG
891 {
892 int x;
893 printf("=== begin dumping device descriptor data ===\n");
894 for (x = 0; x < dev->descr_len; x++)
895 printf("%02x ", dev->descr[x]);
896 printf("\n=== end dumping device descriptor data ===\n");
897 }
898 #endif
899
900 dev->fd = fd;
901
902 /*
903 * Initial configuration is -1 which makes us claim first
904 * available config. We used to start with 1, which does not
905 * always work. I've seen devices where first config starts
906 * with 2.
907 */
908 if (!usb_host_claim_interfaces(dev, -1))
909 goto fail;
910
911 ret = ioctl(fd, USBDEVFS_CONNECTINFO, &ci);
912 if (ret < 0) {
913 perror("usb_host_device_open: USBDEVFS_CONNECTINFO");
914 goto fail;
915 }
916
917 printf("husb: grabbed usb device %d.%d\n", bus_num, addr);
918
919 ret = usb_linux_update_endp_table(dev);
920 if (ret)
921 goto fail;
922
923 if (ci.slow)
924 dev->dev.speed = USB_SPEED_LOW;
925 else
926 dev->dev.speed = USB_SPEED_HIGH;
927
928 dev->dev.handle_packet = usb_host_handle_packet;
929 dev->dev.handle_reset = usb_host_handle_reset;
930 dev->dev.handle_destroy = usb_host_handle_destroy;
931
932 if (!prod_name || prod_name[0] == '\0')
933 snprintf(dev->dev.devname, sizeof(dev->dev.devname),
934 "host:%d.%d", bus_num, addr);
935 else
936 pstrcpy(dev->dev.devname, sizeof(dev->dev.devname),
937 prod_name);
938
939 /* USB devio uses 'write' flag to check for async completions */
940 qemu_set_fd_handler(dev->fd, NULL, async_complete, dev);
941
942 hostdev_link(dev);
943
944 return (USBDevice *) dev;
945
946 fail:
947 if (dev)
948 qemu_free(dev);
949
950 close(fd);
951 return NULL;
952 }
953
954 static int usb_host_auto_add(const char *spec);
955 static int usb_host_auto_del(const char *spec);
956
957 USBDevice *usb_host_device_open(const char *devname)
958 {
959 int bus_num, addr;
960 char product_name[PRODUCT_NAME_SZ];
961
962 if (strstr(devname, "auto:")) {
963 usb_host_auto_add(devname);
964 return NULL;
965 }
966
967 if (usb_host_find_device(&bus_num, &addr, product_name, sizeof(product_name),
968 devname) < 0)
969 return NULL;
970
971 if (hostdev_find(bus_num, addr)) {
972 term_printf("husb: host usb device %d.%d is already open\n", bus_num, addr);
973 return NULL;
974 }
975
976 return usb_host_device_open_addr(bus_num, addr, product_name);
977 }
978
979 int usb_host_device_close(const char *devname)
980 {
981 char product_name[PRODUCT_NAME_SZ];
982 int bus_num, addr;
983 USBHostDevice *s;
984
985 if (strstr(devname, "auto:"))
986 return usb_host_auto_del(devname);
987
988 if (usb_host_find_device(&bus_num, &addr, product_name, sizeof(product_name),
989 devname) < 0)
990 return -1;
991
992 s = hostdev_find(bus_num, addr);
993 if (s) {
994 usb_device_del_addr(0, s->dev.addr);
995 return 0;
996 }
997
998 return -1;
999 }
1000
1001 static int get_tag_value(char *buf, int buf_size,
1002 const char *str, const char *tag,
1003 const char *stopchars)
1004 {
1005 const char *p;
1006 char *q;
1007 p = strstr(str, tag);
1008 if (!p)
1009 return -1;
1010 p += strlen(tag);
1011 while (isspace(*p))
1012 p++;
1013 q = buf;
1014 while (*p != '\0' && !strchr(stopchars, *p)) {
1015 if ((q - buf) < (buf_size - 1))
1016 *q++ = *p;
1017 p++;
1018 }
1019 *q = '\0';
1020 return q - buf;
1021 }
1022
1023 static int usb_host_scan(void *opaque, USBScanFunc *func)
1024 {
1025 FILE *f;
1026 char line[1024];
1027 char buf[1024];
1028 int bus_num, addr, speed, device_count, class_id, product_id, vendor_id;
1029 int ret;
1030 char product_name[512];
1031
1032 f = fopen(USBDEVFS_PATH "/devices", "r");
1033 if (!f) {
1034 term_printf("husb: could not open %s\n", USBDEVFS_PATH "/devices");
1035 return 0;
1036 }
1037 device_count = 0;
1038 bus_num = addr = speed = class_id = product_id = vendor_id = 0;
1039 ret = 0;
1040 for(;;) {
1041 if (fgets(line, sizeof(line), f) == NULL)
1042 break;
1043 if (strlen(line) > 0)
1044 line[strlen(line) - 1] = '\0';
1045 if (line[0] == 'T' && line[1] == ':') {
1046 if (device_count && (vendor_id || product_id)) {
1047 /* New device. Add the previously discovered device. */
1048 ret = func(opaque, bus_num, addr, class_id, vendor_id,
1049 product_id, product_name, speed);
1050 if (ret)
1051 goto the_end;
1052 }
1053 if (get_tag_value(buf, sizeof(buf), line, "Bus=", " ") < 0)
1054 goto fail;
1055 bus_num = atoi(buf);
1056 if (get_tag_value(buf, sizeof(buf), line, "Dev#=", " ") < 0)
1057 goto fail;
1058 addr = atoi(buf);
1059 if (get_tag_value(buf, sizeof(buf), line, "Spd=", " ") < 0)
1060 goto fail;
1061 if (!strcmp(buf, "480"))
1062 speed = USB_SPEED_HIGH;
1063 else if (!strcmp(buf, "1.5"))
1064 speed = USB_SPEED_LOW;
1065 else
1066 speed = USB_SPEED_FULL;
1067 product_name[0] = '\0';
1068 class_id = 0xff;
1069 device_count++;
1070 product_id = 0;
1071 vendor_id = 0;
1072 } else if (line[0] == 'P' && line[1] == ':') {
1073 if (get_tag_value(buf, sizeof(buf), line, "Vendor=", " ") < 0)
1074 goto fail;
1075 vendor_id = strtoul(buf, NULL, 16);
1076 if (get_tag_value(buf, sizeof(buf), line, "ProdID=", " ") < 0)
1077 goto fail;
1078 product_id = strtoul(buf, NULL, 16);
1079 } else if (line[0] == 'S' && line[1] == ':') {
1080 if (get_tag_value(buf, sizeof(buf), line, "Product=", "") < 0)
1081 goto fail;
1082 pstrcpy(product_name, sizeof(product_name), buf);
1083 } else if (line[0] == 'D' && line[1] == ':') {
1084 if (get_tag_value(buf, sizeof(buf), line, "Cls=", " (") < 0)
1085 goto fail;
1086 class_id = strtoul(buf, NULL, 16);
1087 }
1088 fail: ;
1089 }
1090 if (device_count && (vendor_id || product_id)) {
1091 /* Add the last device. */
1092 ret = func(opaque, bus_num, addr, class_id, vendor_id,
1093 product_id, product_name, speed);
1094 }
1095 the_end:
1096 fclose(f);
1097 return ret;
1098 }
1099
1100 struct USBAutoFilter {
1101 struct USBAutoFilter *next;
1102 int bus_num;
1103 int addr;
1104 int vendor_id;
1105 int product_id;
1106 };
1107
1108 static QEMUTimer *usb_auto_timer;
1109 static struct USBAutoFilter *usb_auto_filter;
1110
1111 static int usb_host_auto_scan(void *opaque, int bus_num, int addr,
1112 int class_id, int vendor_id, int product_id,
1113 const char *product_name, int speed)
1114 {
1115 struct USBAutoFilter *f;
1116 struct USBDevice *dev;
1117
1118 /* Ignore hubs */
1119 if (class_id == 9)
1120 return 0;
1121
1122 for (f = usb_auto_filter; f; f = f->next) {
1123 if (f->bus_num >= 0 && f->bus_num != bus_num)
1124 continue;
1125
1126 if (f->addr >= 0 && f->addr != addr)
1127 continue;
1128
1129 if (f->vendor_id >= 0 && f->vendor_id != vendor_id)
1130 continue;
1131
1132 if (f->product_id >= 0 && f->product_id != product_id)
1133 continue;
1134
1135 /* We got a match */
1136
1137 /* Allredy attached ? */
1138 if (hostdev_find(bus_num, addr))
1139 return 0;
1140
1141 dprintf("husb: auto open: bus_num %d addr %d\n", bus_num, addr);
1142
1143 dev = usb_host_device_open_addr(bus_num, addr, product_name);
1144 if (dev)
1145 usb_device_add_dev(dev);
1146 }
1147
1148 return 0;
1149 }
1150
1151 static void usb_host_auto_timer(void *unused)
1152 {
1153 usb_host_scan(NULL, usb_host_auto_scan);
1154 qemu_mod_timer(usb_auto_timer, qemu_get_clock(rt_clock) + 2000);
1155 }
1156
1157 /*
1158 * Autoconnect filter
1159 * Format:
1160 * auto:bus:dev[:vid:pid]
1161 * auto:bus.dev[:vid:pid]
1162 *
1163 * bus - bus number (dec, * means any)
1164 * dev - device number (dec, * means any)
1165 * vid - vendor id (hex, * means any)
1166 * pid - product id (hex, * means any)
1167 *
1168 * See 'lsusb' output.
1169 */
1170 static int parse_filter(const char *spec, struct USBAutoFilter *f)
1171 {
1172 enum { BUS, DEV, VID, PID, DONE };
1173 const char *p = spec;
1174 int i;
1175
1176 f->bus_num = -1;
1177 f->addr = -1;
1178 f->vendor_id = -1;
1179 f->product_id = -1;
1180
1181 for (i = BUS; i < DONE; i++) {
1182 p = strpbrk(p, ":.");
1183 if (!p) break;
1184 p++;
1185
1186 if (*p == '*')
1187 continue;
1188
1189 switch(i) {
1190 case BUS: f->bus_num = strtol(p, NULL, 10); break;
1191 case DEV: f->addr = strtol(p, NULL, 10); break;
1192 case VID: f->vendor_id = strtol(p, NULL, 16); break;
1193 case PID: f->product_id = strtol(p, NULL, 16); break;
1194 }
1195 }
1196
1197 if (i < DEV) {
1198 fprintf(stderr, "husb: invalid auto filter spec %s\n", spec);
1199 return -1;
1200 }
1201
1202 return 0;
1203 }
1204
1205 static int match_filter(const struct USBAutoFilter *f1,
1206 const struct USBAutoFilter *f2)
1207 {
1208 return f1->bus_num == f2->bus_num &&
1209 f1->addr == f2->addr &&
1210 f1->vendor_id == f2->vendor_id &&
1211 f1->product_id == f2->product_id;
1212 }
1213
1214 static int usb_host_auto_add(const char *spec)
1215 {
1216 struct USBAutoFilter filter, *f;
1217
1218 if (parse_filter(spec, &filter) < 0)
1219 return -1;
1220
1221 f = qemu_mallocz(sizeof(*f));
1222 if (!f) {
1223 fprintf(stderr, "husb: failed to allocate auto filter\n");
1224 return -1;
1225 }
1226
1227 *f = filter;
1228
1229 if (!usb_auto_filter) {
1230 /*
1231 * First entry. Init and start the monitor.
1232 * Right now we're using timer to check for new devices.
1233 * If this turns out to be too expensive we can move that into a
1234 * separate thread.
1235 */
1236 usb_auto_timer = qemu_new_timer(rt_clock, usb_host_auto_timer, NULL);
1237 if (!usb_auto_timer) {
1238 fprintf(stderr, "husb: failed to allocate auto scan timer\n");
1239 qemu_free(f);
1240 return -1;
1241 }
1242
1243 /* Check for new devices every two seconds */
1244 qemu_mod_timer(usb_auto_timer, qemu_get_clock(rt_clock) + 2000);
1245 }
1246
1247 dprintf("husb: added auto filter: bus_num %d addr %d vid %d pid %d\n",
1248 f->bus_num, f->addr, f->vendor_id, f->product_id);
1249
1250 f->next = usb_auto_filter;
1251 usb_auto_filter = f;
1252
1253 return 0;
1254 }
1255
1256 static int usb_host_auto_del(const char *spec)
1257 {
1258 struct USBAutoFilter *pf = usb_auto_filter;
1259 struct USBAutoFilter **prev = &usb_auto_filter;
1260 struct USBAutoFilter filter;
1261
1262 if (parse_filter(spec, &filter) < 0)
1263 return -1;
1264
1265 while (pf) {
1266 if (match_filter(pf, &filter)) {
1267 dprintf("husb: removed auto filter: bus_num %d addr %d vid %d pid %d\n",
1268 pf->bus_num, pf->addr, pf->vendor_id, pf->product_id);
1269
1270 *prev = pf->next;
1271
1272 if (!usb_auto_filter) {
1273 /* No more filters. Stop scanning. */
1274 qemu_del_timer(usb_auto_timer);
1275 qemu_free_timer(usb_auto_timer);
1276 }
1277
1278 return 0;
1279 }
1280
1281 prev = &pf->next;
1282 pf = pf->next;
1283 }
1284
1285 return -1;
1286 }
1287
1288 typedef struct FindDeviceState {
1289 int vendor_id;
1290 int product_id;
1291 int bus_num;
1292 int addr;
1293 char product_name[PRODUCT_NAME_SZ];
1294 } FindDeviceState;
1295
1296 static int usb_host_find_device_scan(void *opaque, int bus_num, int addr,
1297 int class_id,
1298 int vendor_id, int product_id,
1299 const char *product_name, int speed)
1300 {
1301 FindDeviceState *s = opaque;
1302 if ((vendor_id == s->vendor_id &&
1303 product_id == s->product_id) ||
1304 (bus_num == s->bus_num &&
1305 addr == s->addr)) {
1306 pstrcpy(s->product_name, PRODUCT_NAME_SZ, product_name);
1307 s->bus_num = bus_num;
1308 s->addr = addr;
1309 return 1;
1310 } else {
1311 return 0;
1312 }
1313 }
1314
1315 /* the syntax is :
1316 'bus.addr' (decimal numbers) or
1317 'vendor_id:product_id' (hexa numbers) */
1318 static int usb_host_find_device(int *pbus_num, int *paddr,
1319 char *product_name, int product_name_size,
1320 const char *devname)
1321 {
1322 const char *p;
1323 int ret;
1324 FindDeviceState fs;
1325
1326 p = strchr(devname, '.');
1327 if (p) {
1328 *pbus_num = strtoul(devname, NULL, 0);
1329 *paddr = strtoul(p + 1, NULL, 0);
1330 fs.bus_num = *pbus_num;
1331 fs.addr = *paddr;
1332 ret = usb_host_scan(&fs, usb_host_find_device_scan);
1333 if (ret)
1334 pstrcpy(product_name, product_name_size, fs.product_name);
1335 return 0;
1336 }
1337
1338 p = strchr(devname, ':');
1339 if (p) {
1340 fs.vendor_id = strtoul(devname, NULL, 16);
1341 fs.product_id = strtoul(p + 1, NULL, 16);
1342 ret = usb_host_scan(&fs, usb_host_find_device_scan);
1343 if (ret) {
1344 *pbus_num = fs.bus_num;
1345 *paddr = fs.addr;
1346 pstrcpy(product_name, product_name_size, fs.product_name);
1347 return 0;
1348 }
1349 }
1350 return -1;
1351 }
1352
1353 /**********************/
1354 /* USB host device info */
1355
1356 struct usb_class_info {
1357 int class;
1358 const char *class_name;
1359 };
1360
1361 static const struct usb_class_info usb_class_info[] = {
1362 { USB_CLASS_AUDIO, "Audio"},
1363 { USB_CLASS_COMM, "Communication"},
1364 { USB_CLASS_HID, "HID"},
1365 { USB_CLASS_HUB, "Hub" },
1366 { USB_CLASS_PHYSICAL, "Physical" },
1367 { USB_CLASS_PRINTER, "Printer" },
1368 { USB_CLASS_MASS_STORAGE, "Storage" },
1369 { USB_CLASS_CDC_DATA, "Data" },
1370 { USB_CLASS_APP_SPEC, "Application Specific" },
1371 { USB_CLASS_VENDOR_SPEC, "Vendor Specific" },
1372 { USB_CLASS_STILL_IMAGE, "Still Image" },
1373 { USB_CLASS_CSCID, "Smart Card" },
1374 { USB_CLASS_CONTENT_SEC, "Content Security" },
1375 { -1, NULL }
1376 };
1377
1378 static const char *usb_class_str(uint8_t class)
1379 {
1380 const struct usb_class_info *p;
1381 for(p = usb_class_info; p->class != -1; p++) {
1382 if (p->class == class)
1383 break;
1384 }
1385 return p->class_name;
1386 }
1387
1388 static void usb_info_device(int bus_num, int addr, int class_id,
1389 int vendor_id, int product_id,
1390 const char *product_name,
1391 int speed)
1392 {
1393 const char *class_str, *speed_str;
1394
1395 switch(speed) {
1396 case USB_SPEED_LOW:
1397 speed_str = "1.5";
1398 break;
1399 case USB_SPEED_FULL:
1400 speed_str = "12";
1401 break;
1402 case USB_SPEED_HIGH:
1403 speed_str = "480";
1404 break;
1405 default:
1406 speed_str = "?";
1407 break;
1408 }
1409
1410 term_printf(" Device %d.%d, speed %s Mb/s\n",
1411 bus_num, addr, speed_str);
1412 class_str = usb_class_str(class_id);
1413 if (class_str)
1414 term_printf(" %s:", class_str);
1415 else
1416 term_printf(" Class %02x:", class_id);
1417 term_printf(" USB device %04x:%04x", vendor_id, product_id);
1418 if (product_name[0] != '\0')
1419 term_printf(", %s", product_name);
1420 term_printf("\n");
1421 }
1422
1423 static int usb_host_info_device(void *opaque, int bus_num, int addr,
1424 int class_id,
1425 int vendor_id, int product_id,
1426 const char *product_name,
1427 int speed)
1428 {
1429 usb_info_device(bus_num, addr, class_id, vendor_id, product_id,
1430 product_name, speed);
1431 return 0;
1432 }
1433
1434 static void dec2str(int val, char *str)
1435 {
1436 if (val == -1)
1437 strcpy(str, "*");
1438 else
1439 sprintf(str, "%d", val);
1440 }
1441
1442 static void hex2str(int val, char *str)
1443 {
1444 if (val == -1)
1445 strcpy(str, "*");
1446 else
1447 sprintf(str, "%x", val);
1448 }
1449
1450 void usb_host_info(void)
1451 {
1452 struct USBAutoFilter *f;
1453
1454 usb_host_scan(NULL, usb_host_info_device);
1455
1456 if (usb_auto_filter)
1457 term_printf(" Auto filters:\n");
1458 for (f = usb_auto_filter; f; f = f->next) {
1459 char bus[10], addr[10], vid[10], pid[10];
1460 dec2str(f->bus_num, bus);
1461 dec2str(f->addr, addr);
1462 hex2str(f->vendor_id, vid);
1463 hex2str(f->product_id, pid);
1464 term_printf(" Device %s.%s ID %s:%s\n", bus, addr, vid, pid);
1465 }
1466 }
1467
1468 #else
1469
1470 #include "hw/usb.h"
1471
1472 void usb_host_info(void)
1473 {
1474 term_printf("USB host devices not supported\n");
1475 }
1476
1477 /* XXX: modify configure to compile the right host driver */
1478 USBDevice *usb_host_device_open(const char *devname)
1479 {
1480 return NULL;
1481 }
1482
1483 int usb_host_device_close(const char *devname)
1484 {
1485 return 0;
1486 }
1487
1488 #endif
Samsung s3c2440 and arm920t support for the mini2440 dev board