]> git.proxmox.com Git - qemu.git/blob - usb-linux.c
projects / qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
usb-linux.c: fix buffer overflow
[qemu.git] / usb-linux.c
1 /*
2 * Linux host USB redirector
3 *
4 * Copyright (c) 2005 Fabrice Bellard
5 *
6 * Copyright (c) 2008 Max Krasnyansky
7 * Support for host device auto connect & disconnect
8 * Major rewrite to support fully async operation
9 *
10 * Copyright 2008 TJ <linux@tjworld.net>
11 * Added flexible support for /dev/bus/usb /sys/bus/usb/devices in addition
12 * to the legacy /proc/bus/usb USB device discovery and handling
13 *
14 * Permission is hereby granted, free of charge, to any person obtaining a copy
15 * of this software and associated documentation files (the "Software"), to deal
16 * in the Software without restriction, including without limitation the rights
17 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
18 * copies of the Software, and to permit persons to whom the Software is
19 * furnished to do so, subject to the following conditions:
20 *
21 * The above copyright notice and this permission notice shall be included in
22 * all copies or substantial portions of the Software.
23 *
24 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
25 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
26 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
27 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
28 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
29 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
30 * THE SOFTWARE.
31 */
32
33 #include "qemu-common.h"
34 #include "qemu-timer.h"
35 #include "monitor.h"
36
37 #include <dirent.h>
38 #include <sys/ioctl.h>
39 #include <signal.h>
40
41 #include <linux/usbdevice_fs.h>
42 #include <linux/version.h>
43 #include "hw/usb.h"
44
45 /* We redefine it to avoid version problems */
46 struct usb_ctrltransfer {
47 uint8_t bRequestType;
48 uint8_t bRequest;
49 uint16_t wValue;
50 uint16_t wIndex;
51 uint16_t wLength;
52 uint32_t timeout;
53 void *data;
54 };
55
56 struct usb_ctrlrequest {
57 uint8_t bRequestType;
58 uint8_t bRequest;
59 uint16_t wValue;
60 uint16_t wIndex;
61 uint16_t wLength;
62 };
63
64 typedef int USBScanFunc(void *opaque, int bus_num, int addr, int class_id,
65 int vendor_id, int product_id,
66 const char *product_name, int speed);
67 static int usb_host_find_device(int *pbus_num, int *paddr,
68 char *product_name, int product_name_size,
69 const char *devname);
70 //#define DEBUG
71
72 #ifdef DEBUG
73 #define dprintf printf
74 #else
75 #define dprintf(...)
76 #endif
77
78 #define USBDBG_DEVOPENED "husb: opened %s/devices\n"
79
80 #define USBPROCBUS_PATH "/proc/bus/usb"
81 #define PRODUCT_NAME_SZ 32
82 #define MAX_ENDPOINTS 16
83 #define USBDEVBUS_PATH "/dev/bus/usb"
84 #define USBSYSBUS_PATH "/sys/bus/usb"
85
86 static char *usb_host_device_path;
87
88 #define USB_FS_NONE 0
89 #define USB_FS_PROC 1
90 #define USB_FS_DEV 2
91 #define USB_FS_SYS 3
92
93 static int usb_fs_type;
94
95 /* endpoint association data */
96 struct endp_data {
97 uint8_t type;
98 uint8_t halted;
99 };
100
101 enum {
102 CTRL_STATE_IDLE = 0,
103 CTRL_STATE_SETUP,
104 CTRL_STATE_DATA,
105 CTRL_STATE_ACK
106 };
107
108 /*
109 * Control transfer state.
110 * Note that 'buffer' _must_ follow 'req' field because
111 * we need contigious buffer when we submit control URB.
112 */
113 struct ctrl_struct {
114 uint16_t len;
115 uint16_t offset;
116 uint8_t state;
117 struct usb_ctrlrequest req;
118 uint8_t buffer[2048];
119 };
120
121 typedef struct USBHostDevice {
122 USBDevice dev;
123 int fd;
124
125 uint8_t descr[1024];
126 int descr_len;
127 int configuration;
128 int ninterfaces;
129 int closing;
130
131 struct ctrl_struct ctrl;
132 struct endp_data endp_table[MAX_ENDPOINTS];
133
134 /* Host side address */
135 int bus_num;
136 int addr;
137
138 struct USBHostDevice *next;
139 } USBHostDevice;
140
141 static int is_isoc(USBHostDevice *s, int ep)
142 {
143 return s->endp_table[ep - 1].type == USBDEVFS_URB_TYPE_ISO;
144 }
145
146 static int is_halted(USBHostDevice *s, int ep)
147 {
148 return s->endp_table[ep - 1].halted;
149 }
150
151 static void clear_halt(USBHostDevice *s, int ep)
152 {
153 s->endp_table[ep - 1].halted = 0;
154 }
155
156 static void set_halt(USBHostDevice *s, int ep)
157 {
158 s->endp_table[ep - 1].halted = 1;
159 }
160
161 static USBHostDevice *hostdev_list;
162
163 static void hostdev_link(USBHostDevice *dev)
164 {
165 dev->next = hostdev_list;
166 hostdev_list = dev;
167 }
168
169 static void hostdev_unlink(USBHostDevice *dev)
170 {
171 USBHostDevice *pdev = hostdev_list;
172 USBHostDevice **prev = &hostdev_list;
173
174 while (pdev) {
175 if (pdev == dev) {
176 *prev = dev->next;
177 return;
178 }
179
180 prev = &pdev->next;
181 pdev = pdev->next;
182 }
183 }
184
185 static USBHostDevice *hostdev_find(int bus_num, int addr)
186 {
187 USBHostDevice *s = hostdev_list;
188 while (s) {
189 if (s->bus_num == bus_num && s->addr == addr)
190 return s;
191 s = s->next;
192 }
193 return NULL;
194 }
195
196 /*
197 * Async URB state.
198 * We always allocate one isoc descriptor even for bulk transfers
199 * to simplify allocation and casts.
200 */
201 typedef struct AsyncURB
202 {
203 struct usbdevfs_urb urb;
204 struct usbdevfs_iso_packet_desc isocpd;
205
206 USBPacket *packet;
207 USBHostDevice *hdev;
208 } AsyncURB;
209
210 static AsyncURB *async_alloc(void)
211 {
212 return (AsyncURB *) qemu_mallocz(sizeof(AsyncURB));
213 }
214
215 static void async_free(AsyncURB *aurb)
216 {
217 qemu_free(aurb);
218 }
219
220 static void async_complete_ctrl(USBHostDevice *s, USBPacket *p)
221 {
222 switch(s->ctrl.state) {
223 case CTRL_STATE_SETUP:
224 if (p->len < s->ctrl.len)
225 s->ctrl.len = p->len;
226 s->ctrl.state = CTRL_STATE_DATA;
227 p->len = 8;
228 break;
229
230 case CTRL_STATE_ACK:
231 s->ctrl.state = CTRL_STATE_IDLE;
232 p->len = 0;
233 break;
234
235 default:
236 break;
237 }
238 }
239
240 static void async_complete(void *opaque)
241 {
242 USBHostDevice *s = opaque;
243 AsyncURB *aurb;
244
245 while (1) {
246 USBPacket *p;
247
248 int r = ioctl(s->fd, USBDEVFS_REAPURBNDELAY, &aurb);
249 if (r < 0) {
250 if (errno == EAGAIN)
251 return;
252
253 if (errno == ENODEV && !s->closing) {
254 printf("husb: device %d.%d disconnected\n", s->bus_num, s->addr);
255 usb_device_delete_addr(s->bus_num, s->dev.addr);
256 return;
257 }
258
259 dprintf("husb: async. reap urb failed errno %d\n", errno);
260 return;
261 }
262
263 p = aurb->packet;
264
265 dprintf("husb: async completed. aurb %p status %d alen %d\n",
266 aurb, aurb->urb.status, aurb->urb.actual_length);
267
268 if (p) {
269 switch (aurb->urb.status) {
270 case 0:
271 p->len = aurb->urb.actual_length;
272 if (aurb->urb.type == USBDEVFS_URB_TYPE_CONTROL)
273 async_complete_ctrl(s, p);
274 break;
275
276 case -EPIPE:
277 set_halt(s, p->devep);
278 /* fall through */
279 default:
280 p->len = USB_RET_NAK;
281 break;
282 }
283
284 usb_packet_complete(p);
285 }
286
287 async_free(aurb);
288 }
289 }
290
291 static void async_cancel(USBPacket *unused, void *opaque)
292 {
293 AsyncURB *aurb = opaque;
294 USBHostDevice *s = aurb->hdev;
295
296 dprintf("husb: async cancel. aurb %p\n", aurb);
297
298 /* Mark it as dead (see async_complete above) */
299 aurb->packet = NULL;
300
301 int r = ioctl(s->fd, USBDEVFS_DISCARDURB, aurb);
302 if (r < 0) {
303 dprintf("husb: async. discard urb failed errno %d\n", errno);
304 }
305 }
306
307 static int usb_host_claim_interfaces(USBHostDevice *dev, int configuration)
308 {
309 int dev_descr_len, config_descr_len;
310 int interface, nb_interfaces, nb_configurations;
311 int ret, i;
312
313 if (configuration == 0) /* address state - ignore */
314 return 1;
315
316 dprintf("husb: claiming interfaces. config %d\n", configuration);
317
318 i = 0;
319 dev_descr_len = dev->descr[0];
320 if (dev_descr_len > dev->descr_len)
321 goto fail;
322 nb_configurations = dev->descr[17];
323
324 i += dev_descr_len;
325 while (i < dev->descr_len) {
326 dprintf("husb: i is %d, descr_len is %d, dl %d, dt %d\n", i, dev->descr_len,
327 dev->descr[i], dev->descr[i+1]);
328
329 if (dev->descr[i+1] != USB_DT_CONFIG) {
330 i += dev->descr[i];
331 continue;
332 }
333 config_descr_len = dev->descr[i];
334
335 printf("husb: config #%d need %d\n", dev->descr[i + 5], configuration);
336
337 if (configuration < 0 || configuration == dev->descr[i + 5]) {
338 configuration = dev->descr[i + 5];
339 break;
340 }
341
342 i += config_descr_len;
343 }
344
345 if (i >= dev->descr_len) {
346 fprintf(stderr, "husb: update iface failed. no matching configuration\n");
347 goto fail;
348 }
349 nb_interfaces = dev->descr[i + 4];
350
351 #ifdef USBDEVFS_DISCONNECT
352 /* earlier Linux 2.4 do not support that */
353 {
354 struct usbdevfs_ioctl ctrl;
355 for (interface = 0; interface < nb_interfaces; interface++) {
356 ctrl.ioctl_code = USBDEVFS_DISCONNECT;
357 ctrl.ifno = interface;
358 ret = ioctl(dev->fd, USBDEVFS_IOCTL, &ctrl);
359 if (ret < 0 && errno != ENODATA) {
360 perror("USBDEVFS_DISCONNECT");
361 goto fail;
362 }
363 }
364 }
365 #endif
366
367 /* XXX: only grab if all interfaces are free */
368 for (interface = 0; interface < nb_interfaces; interface++) {
369 ret = ioctl(dev->fd, USBDEVFS_CLAIMINTERFACE, &interface);
370 if (ret < 0) {
371 if (errno == EBUSY) {
372 printf("husb: update iface. device already grabbed\n");
373 } else {
374 perror("husb: failed to claim interface");
375 }
376 fail:
377 return 0;
378 }
379 }
380
381 printf("husb: %d interfaces claimed for configuration %d\n",
382 nb_interfaces, configuration);
383
384 dev->ninterfaces = nb_interfaces;
385 dev->configuration = configuration;
386 return 1;
387 }
388
389 static int usb_host_release_interfaces(USBHostDevice *s)
390 {
391 int ret, i;
392
393 dprintf("husb: releasing interfaces\n");
394
395 for (i = 0; i < s->ninterfaces; i++) {
396 ret = ioctl(s->fd, USBDEVFS_RELEASEINTERFACE, &i);
397 if (ret < 0) {
398 perror("husb: failed to release interface");
399 return 0;
400 }
401 }
402
403 return 1;
404 }
405
406 static void usb_host_handle_reset(USBDevice *dev)
407 {
408 USBHostDevice *s = (USBHostDevice *) dev;
409
410 dprintf("husb: reset device %u.%u\n", s->bus_num, s->addr);
411
412 ioctl(s->fd, USBDEVFS_RESET);
413
414 usb_host_claim_interfaces(s, s->configuration);
415 }
416
417 static void usb_host_handle_destroy(USBDevice *dev)
418 {
419 USBHostDevice *s = (USBHostDevice *)dev;
420
421 s->closing = 1;
422
423 qemu_set_fd_handler(s->fd, NULL, NULL, NULL);
424
425 hostdev_unlink(s);
426
427 async_complete(s);
428
429 if (s->fd >= 0)
430 close(s->fd);
431
432 qemu_free(s);
433 }
434
435 static int usb_linux_update_endp_table(USBHostDevice *s);
436
437 static int usb_host_handle_data(USBHostDevice *s, USBPacket *p)
438 {
439 struct usbdevfs_urb *urb;
440 AsyncURB *aurb;
441 int ret;
442
443 aurb = async_alloc();
444 aurb->hdev = s;
445 aurb->packet = p;
446
447 urb = &aurb->urb;
448
449 if (p->pid == USB_TOKEN_IN)
450 urb->endpoint = p->devep | 0x80;
451 else
452 urb->endpoint = p->devep;
453
454 if (is_halted(s, p->devep)) {
455 ret = ioctl(s->fd, USBDEVFS_CLEAR_HALT, &urb->endpoint);
456 if (ret < 0) {
457 dprintf("husb: failed to clear halt. ep 0x%x errno %d\n",
458 urb->endpoint, errno);
459 return USB_RET_NAK;
460 }
461 clear_halt(s, p->devep);
462 }
463
464 urb->buffer = p->data;
465 urb->buffer_length = p->len;
466
467 if (is_isoc(s, p->devep)) {
468 /* Setup ISOC transfer */
469 urb->type = USBDEVFS_URB_TYPE_ISO;
470 urb->flags = USBDEVFS_URB_ISO_ASAP;
471 urb->number_of_packets = 1;
472 urb->iso_frame_desc[0].length = p->len;
473 } else {
474 /* Setup bulk transfer */
475 urb->type = USBDEVFS_URB_TYPE_BULK;
476 }
477
478 urb->usercontext = s;
479
480 ret = ioctl(s->fd, USBDEVFS_SUBMITURB, urb);
481
482 dprintf("husb: data submit. ep 0x%x len %u aurb %p\n", urb->endpoint, p->len, aurb);
483
484 if (ret < 0) {
485 dprintf("husb: submit failed. errno %d\n", errno);
486 async_free(aurb);
487
488 switch(errno) {
489 case ETIMEDOUT:
490 return USB_RET_NAK;
491 case EPIPE:
492 default:
493 return USB_RET_STALL;
494 }
495 }
496
497 usb_defer_packet(p, async_cancel, aurb);
498 return USB_RET_ASYNC;
499 }
500
501 static int ctrl_error(void)
502 {
503 if (errno == ETIMEDOUT)
504 return USB_RET_NAK;
505 else
506 return USB_RET_STALL;
507 }
508
509 static int usb_host_set_address(USBHostDevice *s, int addr)
510 {
511 dprintf("husb: ctrl set addr %u\n", addr);
512 s->dev.addr = addr;
513 return 0;
514 }
515
516 static int usb_host_set_config(USBHostDevice *s, int config)
517 {
518 usb_host_release_interfaces(s);
519
520 int ret = ioctl(s->fd, USBDEVFS_SETCONFIGURATION, &config);
521
522 dprintf("husb: ctrl set config %d ret %d errno %d\n", config, ret, errno);
523
524 if (ret < 0)
525 return ctrl_error();
526
527 usb_host_claim_interfaces(s, config);
528 return 0;
529 }
530
531 static int usb_host_set_interface(USBHostDevice *s, int iface, int alt)
532 {
533 struct usbdevfs_setinterface si;
534 int ret;
535
536 si.interface = iface;
537 si.altsetting = alt;
538 ret = ioctl(s->fd, USBDEVFS_SETINTERFACE, &si);
539
540 dprintf("husb: ctrl set iface %d altset %d ret %d errno %d\n",
541 iface, alt, ret, errno);
542
543 if (ret < 0)
544 return ctrl_error();
545
546 usb_linux_update_endp_table(s);
547 return 0;
548 }
549
550 static int usb_host_handle_control(USBHostDevice *s, USBPacket *p)
551 {
552 struct usbdevfs_urb *urb;
553 AsyncURB *aurb;
554 int ret, value, index;
555 int buffer_len;
556
557 /*
558 * Process certain standard device requests.
559 * These are infrequent and are processed synchronously.
560 */
561 value = le16_to_cpu(s->ctrl.req.wValue);
562 index = le16_to_cpu(s->ctrl.req.wIndex);
563
564 dprintf("husb: ctrl type 0x%x req 0x%x val 0x%x index %u len %u\n",
565 s->ctrl.req.bRequestType, s->ctrl.req.bRequest, value, index,
566 s->ctrl.len);
567
568 if (s->ctrl.req.bRequestType == 0) {
569 switch (s->ctrl.req.bRequest) {
570 case USB_REQ_SET_ADDRESS:
571 return usb_host_set_address(s, value);
572
573 case USB_REQ_SET_CONFIGURATION:
574 return usb_host_set_config(s, value & 0xff);
575 }
576 }
577
578 if (s->ctrl.req.bRequestType == 1 &&
579 s->ctrl.req.bRequest == USB_REQ_SET_INTERFACE)
580 return usb_host_set_interface(s, index, value);
581
582 /* The rest are asynchronous */
583
584 buffer_len = 8 + s->ctrl.len;
585 if (buffer_len > sizeof(s->ctrl.buffer)) {
586 fprintf(stderr, "husb: ctrl buffer too small (%u > %lu)\n",
587 buffer_len, sizeof(s->ctrl.buffer));
588 return USB_RET_STALL;
589 }
590
591 aurb = async_alloc();
592 aurb->hdev = s;
593 aurb->packet = p;
594
595 /*
596 * Setup ctrl transfer.
597 *
598 * s->ctrl is layed out such that data buffer immediately follows
599 * 'req' struct which is exactly what usbdevfs expects.
600 */
601 urb = &aurb->urb;
602
603 urb->type = USBDEVFS_URB_TYPE_CONTROL;
604 urb->endpoint = p->devep;
605
606 urb->buffer = &s->ctrl.req;
607 urb->buffer_length = buffer_len;
608
609 urb->usercontext = s;
610
611 ret = ioctl(s->fd, USBDEVFS_SUBMITURB, urb);
612
613 dprintf("husb: submit ctrl. len %u aurb %p\n", urb->buffer_length, aurb);
614
615 if (ret < 0) {
616 dprintf("husb: submit failed. errno %d\n", errno);
617 async_free(aurb);
618
619 switch(errno) {
620 case ETIMEDOUT:
621 return USB_RET_NAK;
622 case EPIPE:
623 default:
624 return USB_RET_STALL;
625 }
626 }
627
628 usb_defer_packet(p, async_cancel, aurb);
629 return USB_RET_ASYNC;
630 }
631
632 static int do_token_setup(USBDevice *dev, USBPacket *p)
633 {
634 USBHostDevice *s = (USBHostDevice *) dev;
635 int ret = 0;
636
637 if (p->len != 8)
638 return USB_RET_STALL;
639
640 memcpy(&s->ctrl.req, p->data, 8);
641 s->ctrl.len = le16_to_cpu(s->ctrl.req.wLength);
642 s->ctrl.offset = 0;
643 s->ctrl.state = CTRL_STATE_SETUP;
644
645 if (s->ctrl.req.bRequestType & USB_DIR_IN) {
646 ret = usb_host_handle_control(s, p);
647 if (ret < 0)
648 return ret;
649
650 if (ret < s->ctrl.len)
651 s->ctrl.len = ret;
652 s->ctrl.state = CTRL_STATE_DATA;
653 } else {
654 if (s->ctrl.len == 0)
655 s->ctrl.state = CTRL_STATE_ACK;
656 else
657 s->ctrl.state = CTRL_STATE_DATA;
658 }
659
660 return ret;
661 }
662
663 static int do_token_in(USBDevice *dev, USBPacket *p)
664 {
665 USBHostDevice *s = (USBHostDevice *) dev;
666 int ret = 0;
667
668 if (p->devep != 0)
669 return usb_host_handle_data(s, p);
670
671 switch(s->ctrl.state) {
672 case CTRL_STATE_ACK:
673 if (!(s->ctrl.req.bRequestType & USB_DIR_IN)) {
674 ret = usb_host_handle_control(s, p);
675 if (ret == USB_RET_ASYNC)
676 return USB_RET_ASYNC;
677
678 s->ctrl.state = CTRL_STATE_IDLE;
679 return ret > 0 ? 0 : ret;
680 }
681
682 return 0;
683
684 case CTRL_STATE_DATA:
685 if (s->ctrl.req.bRequestType & USB_DIR_IN) {
686 int len = s->ctrl.len - s->ctrl.offset;
687 if (len > p->len)
688 len = p->len;
689 memcpy(p->data, s->ctrl.buffer + s->ctrl.offset, len);
690 s->ctrl.offset += len;
691 if (s->ctrl.offset >= s->ctrl.len)
692 s->ctrl.state = CTRL_STATE_ACK;
693 return len;
694 }
695
696 s->ctrl.state = CTRL_STATE_IDLE;
697 return USB_RET_STALL;
698
699 default:
700 return USB_RET_STALL;
701 }
702 }
703
704 static int do_token_out(USBDevice *dev, USBPacket *p)
705 {
706 USBHostDevice *s = (USBHostDevice *) dev;
707
708 if (p->devep != 0)
709 return usb_host_handle_data(s, p);
710
711 switch(s->ctrl.state) {
712 case CTRL_STATE_ACK:
713 if (s->ctrl.req.bRequestType & USB_DIR_IN) {
714 s->ctrl.state = CTRL_STATE_IDLE;
715 /* transfer OK */
716 } else {
717 /* ignore additional output */
718 }
719 return 0;
720
721 case CTRL_STATE_DATA:
722 if (!(s->ctrl.req.bRequestType & USB_DIR_IN)) {
723 int len = s->ctrl.len - s->ctrl.offset;
724 if (len > p->len)
725 len = p->len;
726 memcpy(s->ctrl.buffer + s->ctrl.offset, p->data, len);
727 s->ctrl.offset += len;
728 if (s->ctrl.offset >= s->ctrl.len)
729 s->ctrl.state = CTRL_STATE_ACK;
730 return len;
731 }
732
733 s->ctrl.state = CTRL_STATE_IDLE;
734 return USB_RET_STALL;
735
736 default:
737 return USB_RET_STALL;
738 }
739 }
740
741 /*
742 * Packet handler.
743 * Called by the HC (host controller).
744 *
745 * Returns length of the transaction or one of the USB_RET_XXX codes.
746 */
747 static int usb_host_handle_packet(USBDevice *s, USBPacket *p)
748 {
749 switch(p->pid) {
750 case USB_MSG_ATTACH:
751 s->state = USB_STATE_ATTACHED;
752 return 0;
753
754 case USB_MSG_DETACH:
755 s->state = USB_STATE_NOTATTACHED;
756 return 0;
757
758 case USB_MSG_RESET:
759 s->remote_wakeup = 0;
760 s->addr = 0;
761 s->state = USB_STATE_DEFAULT;
762 s->info->handle_reset(s);
763 return 0;
764 }
765
766 /* Rest of the PIDs must match our address */
767 if (s->state < USB_STATE_DEFAULT || p->devaddr != s->addr)
768 return USB_RET_NODEV;
769
770 switch (p->pid) {
771 case USB_TOKEN_SETUP:
772 return do_token_setup(s, p);
773
774 case USB_TOKEN_IN:
775 return do_token_in(s, p);
776
777 case USB_TOKEN_OUT:
778 return do_token_out(s, p);
779
780 default:
781 return USB_RET_STALL;
782 }
783 }
784
785 /* returns 1 on problem encountered or 0 for success */
786 static int usb_linux_update_endp_table(USBHostDevice *s)
787 {
788 uint8_t *descriptors;
789 uint8_t devep, type, configuration, alt_interface;
790 struct usb_ctrltransfer ct;
791 int interface, ret, length, i;
792
793 ct.bRequestType = USB_DIR_IN;
794 ct.bRequest = USB_REQ_GET_CONFIGURATION;
795 ct.wValue = 0;
796 ct.wIndex = 0;
797 ct.wLength = 1;
798 ct.data = &configuration;
799 ct.timeout = 50;
800
801 ret = ioctl(s->fd, USBDEVFS_CONTROL, &ct);
802 if (ret < 0) {
803 perror("usb_linux_update_endp_table");
804 return 1;
805 }
806
807 /* in address state */
808 if (configuration == 0)
809 return 1;
810
811 /* get the desired configuration, interface, and endpoint descriptors
812 * from device description */
813 descriptors = &s->descr[18];
814 length = s->descr_len - 18;
815 i = 0;
816
817 if (descriptors[i + 1] != USB_DT_CONFIG ||
818 descriptors[i + 5] != configuration) {
819 dprintf("invalid descriptor data - configuration\n");
820 return 1;
821 }
822 i += descriptors[i];
823
824 while (i < length) {
825 if (descriptors[i + 1] != USB_DT_INTERFACE ||
826 (descriptors[i + 1] == USB_DT_INTERFACE &&
827 descriptors[i + 4] == 0)) {
828 i += descriptors[i];
829 continue;
830 }
831
832 interface = descriptors[i + 2];
833
834 ct.bRequestType = USB_DIR_IN | USB_RECIP_INTERFACE;
835 ct.bRequest = USB_REQ_GET_INTERFACE;
836 ct.wValue = 0;
837 ct.wIndex = interface;
838 ct.wLength = 1;
839 ct.data = &alt_interface;
840 ct.timeout = 50;
841
842 ret = ioctl(s->fd, USBDEVFS_CONTROL, &ct);
843 if (ret < 0) {
844 alt_interface = interface;
845 }
846
847 /* the current interface descriptor is the active interface
848 * and has endpoints */
849 if (descriptors[i + 3] != alt_interface) {
850 i += descriptors[i];
851 continue;
852 }
853
854 /* advance to the endpoints */
855 while (i < length && descriptors[i +1] != USB_DT_ENDPOINT)
856 i += descriptors[i];
857
858 if (i >= length)
859 break;
860
861 while (i < length) {
862 if (descriptors[i + 1] != USB_DT_ENDPOINT)
863 break;
864
865 devep = descriptors[i + 2];
866 switch (descriptors[i + 3] & 0x3) {
867 case 0x00:
868 type = USBDEVFS_URB_TYPE_CONTROL;
869 break;
870 case 0x01:
871 type = USBDEVFS_URB_TYPE_ISO;
872 break;
873 case 0x02:
874 type = USBDEVFS_URB_TYPE_BULK;
875 break;
876 case 0x03:
877 type = USBDEVFS_URB_TYPE_INTERRUPT;
878 break;
879 default:
880 dprintf("usb_host: malformed endpoint type\n");
881 type = USBDEVFS_URB_TYPE_BULK;
882 }
883 s->endp_table[(devep & 0xf) - 1].type = type;
884 s->endp_table[(devep & 0xf) - 1].halted = 0;
885
886 i += descriptors[i];
887 }
888 }
889 return 0;
890 }
891
892 static int usb_host_initfn(USBDevice *dev)
893 {
894 return 0;
895 }
896
897 static USBDevice *usb_host_device_open_addr(int bus_num, int addr, const char *prod_name)
898 {
899 int fd = -1, ret;
900 USBDevice *d = NULL;
901 USBHostDevice *dev;
902 struct usbdevfs_connectinfo ci;
903 char buf[1024];
904
905 printf("husb: open device %d.%d\n", bus_num, addr);
906
907 if (!usb_host_device_path) {
908 perror("husb: USB Host Device Path not set");
909 goto fail;
910 }
911 snprintf(buf, sizeof(buf), "%s/%03d/%03d", usb_host_device_path,
912 bus_num, addr);
913 fd = open(buf, O_RDWR | O_NONBLOCK);
914 if (fd < 0) {
915 perror(buf);
916 goto fail;
917 }
918 dprintf("husb: opened %s\n", buf);
919
920 d = usb_create(NULL /* FIXME */, "USB Host Device");
921 dev = DO_UPCAST(USBHostDevice, dev, d);
922
923 dev->bus_num = bus_num;
924 dev->addr = addr;
925
926 /* read the device description */
927 dev->descr_len = read(fd, dev->descr, sizeof(dev->descr));
928 if (dev->descr_len <= 0) {
929 perror("husb: reading device data failed");
930 goto fail;
931 }
932
933 #ifdef DEBUG
934 {
935 int x;
936 printf("=== begin dumping device descriptor data ===\n");
937 for (x = 0; x < dev->descr_len; x++)
938 printf("%02x ", dev->descr[x]);
939 printf("\n=== end dumping device descriptor data ===\n");
940 }
941 #endif
942
943
944 /*
945 * Initial configuration is -1 which makes us claim first
946 * available config. We used to start with 1, which does not
947 * always work. I've seen devices where first config starts
948 * with 2.
949 */
950 if (!usb_host_claim_interfaces(dev, -1))
951 goto fail;
952
953 ret = ioctl(fd, USBDEVFS_CONNECTINFO, &ci);
954 if (ret < 0) {
955 perror("usb_host_device_open: USBDEVFS_CONNECTINFO");
956 goto fail;
957 }
958
959 printf("husb: grabbed usb device %d.%d\n", bus_num, addr);
960
961 ret = usb_linux_update_endp_table(dev);
962 if (ret)
963 goto fail;
964
965 if (ci.slow)
966 dev->dev.speed = USB_SPEED_LOW;
967 else
968 dev->dev.speed = USB_SPEED_HIGH;
969
970 if (!prod_name || prod_name[0] == '\0')
971 snprintf(dev->dev.devname, sizeof(dev->dev.devname),
972 "host:%d.%d", bus_num, addr);
973 else
974 pstrcpy(dev->dev.devname, sizeof(dev->dev.devname),
975 prod_name);
976
977 /* USB devio uses 'write' flag to check for async completions */
978 qemu_set_fd_handler(dev->fd, NULL, async_complete, dev);
979
980 hostdev_link(dev);
981
982 return (USBDevice *) dev;
983
984 fail:
985 if (d)
986 qdev_free(&d->qdev);
987 if (fd != -1)
988 close(fd);
989 return NULL;
990 }
991
992 static struct USBDeviceInfo usb_host_dev_info = {
993 .qdev.name = "USB Host Device",
994 .qdev.size = sizeof(USBHostDevice),
995 .init = usb_host_initfn,
996 .handle_packet = usb_host_handle_packet,
997 .handle_reset = usb_host_handle_reset,
998 #if 0
999 .handle_control = usb_host_handle_control,
1000 .handle_data = usb_host_handle_data,
1001 #endif
1002 .handle_destroy = usb_host_handle_destroy,
1003 };
1004
1005 static void usb_host_register_devices(void)
1006 {
1007 usb_qdev_register(&usb_host_dev_info);
1008 }
1009 device_init(usb_host_register_devices)
1010
1011 static int usb_host_auto_add(const char *spec);
1012 static int usb_host_auto_del(const char *spec);
1013
1014 USBDevice *usb_host_device_open(const char *devname)
1015 {
1016 Monitor *mon = cur_mon;
1017 int bus_num, addr;
1018 char product_name[PRODUCT_NAME_SZ];
1019
1020 if (strstr(devname, "auto:")) {
1021 usb_host_auto_add(devname);
1022 return NULL;
1023 }
1024
1025 if (usb_host_find_device(&bus_num, &addr, product_name, sizeof(product_name),
1026 devname) < 0)
1027 return NULL;
1028
1029 if (hostdev_find(bus_num, addr)) {
1030 monitor_printf(mon, "husb: host usb device %d.%d is already open\n",
1031 bus_num, addr);
1032 return NULL;
1033 }
1034
1035 return usb_host_device_open_addr(bus_num, addr, product_name);
1036 }
1037
1038 int usb_host_device_close(const char *devname)
1039 {
1040 char product_name[PRODUCT_NAME_SZ];
1041 int bus_num, addr;
1042 USBHostDevice *s;
1043
1044 if (strstr(devname, "auto:"))
1045 return usb_host_auto_del(devname);
1046
1047 if (usb_host_find_device(&bus_num, &addr, product_name, sizeof(product_name),
1048 devname) < 0)
1049 return -1;
1050
1051 s = hostdev_find(bus_num, addr);
1052 if (s) {
1053 usb_device_delete_addr(s->bus_num, s->dev.addr);
1054 return 0;
1055 }
1056
1057 return -1;
1058 }
1059
1060 static int get_tag_value(char *buf, int buf_size,
1061 const char *str, const char *tag,
1062 const char *stopchars)
1063 {
1064 const char *p;
1065 char *q;
1066 p = strstr(str, tag);
1067 if (!p)
1068 return -1;
1069 p += strlen(tag);
1070 while (qemu_isspace(*p))
1071 p++;
1072 q = buf;
1073 while (*p != '\0' && !strchr(stopchars, *p)) {
1074 if ((q - buf) < (buf_size - 1))
1075 *q++ = *p;
1076 p++;
1077 }
1078 *q = '\0';
1079 return q - buf;
1080 }
1081
1082 /*
1083 * Use /proc/bus/usb/devices or /dev/bus/usb/devices file to determine
1084 * host's USB devices. This is legacy support since many distributions
1085 * are moving to /sys/bus/usb
1086 */
1087 static int usb_host_scan_dev(void *opaque, USBScanFunc *func)
1088 {
1089 FILE *f = NULL;
1090 char line[1024];
1091 char buf[1024];
1092 int bus_num, addr, speed, device_count, class_id, product_id, vendor_id;
1093 char product_name[512];
1094 int ret = 0;
1095
1096 if (!usb_host_device_path) {
1097 perror("husb: USB Host Device Path not set");
1098 goto the_end;
1099 }
1100 snprintf(line, sizeof(line), "%s/devices", usb_host_device_path);
1101 f = fopen(line, "r");
1102 if (!f) {
1103 perror("husb: cannot open devices file");
1104 goto the_end;
1105 }
1106
1107 device_count = 0;
1108 bus_num = addr = speed = class_id = product_id = vendor_id = 0;
1109 for(;;) {
1110 if (fgets(line, sizeof(line), f) == NULL)
1111 break;
1112 if (strlen(line) > 0)
1113 line[strlen(line) - 1] = '\0';
1114 if (line[0] == 'T' && line[1] == ':') {
1115 if (device_count && (vendor_id || product_id)) {
1116 /* New device. Add the previously discovered device. */
1117 ret = func(opaque, bus_num, addr, class_id, vendor_id,
1118 product_id, product_name, speed);
1119 if (ret)
1120 goto the_end;
1121 }
1122 if (get_tag_value(buf, sizeof(buf), line, "Bus=", " ") < 0)
1123 goto fail;
1124 bus_num = atoi(buf);
1125 if (get_tag_value(buf, sizeof(buf), line, "Dev#=", " ") < 0)
1126 goto fail;
1127 addr = atoi(buf);
1128 if (get_tag_value(buf, sizeof(buf), line, "Spd=", " ") < 0)
1129 goto fail;
1130 if (!strcmp(buf, "480"))
1131 speed = USB_SPEED_HIGH;
1132 else if (!strcmp(buf, "1.5"))
1133 speed = USB_SPEED_LOW;
1134 else
1135 speed = USB_SPEED_FULL;
1136 product_name[0] = '\0';
1137 class_id = 0xff;
1138 device_count++;
1139 product_id = 0;
1140 vendor_id = 0;
1141 } else if (line[0] == 'P' && line[1] == ':') {
1142 if (get_tag_value(buf, sizeof(buf), line, "Vendor=", " ") < 0)
1143 goto fail;
1144 vendor_id = strtoul(buf, NULL, 16);
1145 if (get_tag_value(buf, sizeof(buf), line, "ProdID=", " ") < 0)
1146 goto fail;
1147 product_id = strtoul(buf, NULL, 16);
1148 } else if (line[0] == 'S' && line[1] == ':') {
1149 if (get_tag_value(buf, sizeof(buf), line, "Product=", "") < 0)
1150 goto fail;
1151 pstrcpy(product_name, sizeof(product_name), buf);
1152 } else if (line[0] == 'D' && line[1] == ':') {
1153 if (get_tag_value(buf, sizeof(buf), line, "Cls=", " (") < 0)
1154 goto fail;
1155 class_id = strtoul(buf, NULL, 16);
1156 }
1157 fail: ;
1158 }
1159 if (device_count && (vendor_id || product_id)) {
1160 /* Add the last device. */
1161 ret = func(opaque, bus_num, addr, class_id, vendor_id,
1162 product_id, product_name, speed);
1163 }
1164 the_end:
1165 if (f)
1166 fclose(f);
1167 return ret;
1168 }
1169
1170 /*
1171 * Read sys file-system device file
1172 *
1173 * @line address of buffer to put file contents in
1174 * @line_size size of line
1175 * @device_file path to device file (printf format string)
1176 * @device_name device being opened (inserted into device_file)
1177 *
1178 * @return 0 failed, 1 succeeded ('line' contains data)
1179 */
1180 static int usb_host_read_file(char *line, size_t line_size, const char *device_file, const char *device_name)
1181 {
1182 Monitor *mon = cur_mon;
1183 FILE *f;
1184 int ret = 0;
1185 char filename[PATH_MAX];
1186
1187 snprintf(filename, PATH_MAX, USBSYSBUS_PATH "/devices/%s/%s", device_name,
1188 device_file);
1189 f = fopen(filename, "r");
1190 if (f) {
1191 fgets(line, line_size, f);
1192 fclose(f);
1193 ret = 1;
1194 } else {
1195 monitor_printf(mon, "husb: could not open %s\n", filename);
1196 }
1197
1198 return ret;
1199 }
1200
1201 /*
1202 * Use /sys/bus/usb/devices/ directory to determine host's USB
1203 * devices.
1204 *
1205 * This code is based on Robert Schiele's original patches posted to
1206 * the Novell bug-tracker https://bugzilla.novell.com/show_bug.cgi?id=241950
1207 */
1208 static int usb_host_scan_sys(void *opaque, USBScanFunc *func)
1209 {
1210 DIR *dir = NULL;
1211 char line[1024];
1212 int bus_num, addr, speed, class_id, product_id, vendor_id;
1213 int ret = 0;
1214 char product_name[512];
1215 struct dirent *de;
1216
1217 dir = opendir(USBSYSBUS_PATH "/devices");
1218 if (!dir) {
1219 perror("husb: cannot open devices directory");
1220 goto the_end;
1221 }
1222
1223 while ((de = readdir(dir))) {
1224 if (de->d_name[0] != '.' && !strchr(de->d_name, ':')) {
1225 char *tmpstr = de->d_name;
1226 if (!strncmp(de->d_name, "usb", 3))
1227 tmpstr += 3;
1228 bus_num = atoi(tmpstr);
1229
1230 if (!usb_host_read_file(line, sizeof(line), "devnum", de->d_name))
1231 goto the_end;
1232 if (sscanf(line, "%d", &addr) != 1)
1233 goto the_end;
1234
1235 if (!usb_host_read_file(line, sizeof(line), "bDeviceClass",
1236 de->d_name))
1237 goto the_end;
1238 if (sscanf(line, "%x", &class_id) != 1)
1239 goto the_end;
1240
1241 if (!usb_host_read_file(line, sizeof(line), "idVendor", de->d_name))
1242 goto the_end;
1243 if (sscanf(line, "%x", &vendor_id) != 1)
1244 goto the_end;
1245
1246 if (!usb_host_read_file(line, sizeof(line), "idProduct",
1247 de->d_name))
1248 goto the_end;
1249 if (sscanf(line, "%x", &product_id) != 1)
1250 goto the_end;
1251
1252 if (!usb_host_read_file(line, sizeof(line), "product",
1253 de->d_name)) {
1254 *product_name = 0;
1255 } else {
1256 if (strlen(line) > 0)
1257 line[strlen(line) - 1] = '\0';
1258 pstrcpy(product_name, sizeof(product_name), line);
1259 }
1260
1261 if (!usb_host_read_file(line, sizeof(line), "speed", de->d_name))
1262 goto the_end;
1263 if (!strcmp(line, "480\n"))
1264 speed = USB_SPEED_HIGH;
1265 else if (!strcmp(line, "1.5\n"))
1266 speed = USB_SPEED_LOW;
1267 else
1268 speed = USB_SPEED_FULL;
1269
1270 ret = func(opaque, bus_num, addr, class_id, vendor_id,
1271 product_id, product_name, speed);
1272 if (ret)
1273 goto the_end;
1274 }
1275 }
1276 the_end:
1277 if (dir)
1278 closedir(dir);
1279 return ret;
1280 }
1281
1282 /*
1283 * Determine how to access the host's USB devices and call the
1284 * specific support function.
1285 */
1286 static int usb_host_scan(void *opaque, USBScanFunc *func)
1287 {
1288 Monitor *mon = cur_mon;
1289 FILE *f = NULL;
1290 DIR *dir = NULL;
1291 int ret = 0;
1292 const char *fs_type[] = {"unknown", "proc", "dev", "sys"};
1293 char devpath[PATH_MAX];
1294
1295 /* only check the host once */
1296 if (!usb_fs_type) {
1297 dir = opendir(USBSYSBUS_PATH "/devices");
1298 if (dir) {
1299 /* devices found in /dev/bus/usb/ (yes - not a mistake!) */
1300 strcpy(devpath, USBDEVBUS_PATH);
1301 usb_fs_type = USB_FS_SYS;
1302 closedir(dir);
1303 dprintf(USBDBG_DEVOPENED, USBSYSBUS_PATH);
1304 goto found_devices;
1305 }
1306 f = fopen(USBPROCBUS_PATH "/devices", "r");
1307 if (f) {
1308 /* devices found in /proc/bus/usb/ */
1309 strcpy(devpath, USBPROCBUS_PATH);
1310 usb_fs_type = USB_FS_PROC;
1311 fclose(f);
1312 dprintf(USBDBG_DEVOPENED, USBPROCBUS_PATH);
1313 goto found_devices;
1314 }
1315 /* try additional methods if an access method hasn't been found yet */
1316 f = fopen(USBDEVBUS_PATH "/devices", "r");
1317 if (f) {
1318 /* devices found in /dev/bus/usb/ */
1319 strcpy(devpath, USBDEVBUS_PATH);
1320 usb_fs_type = USB_FS_DEV;
1321 fclose(f);
1322 dprintf(USBDBG_DEVOPENED, USBDEVBUS_PATH);
1323 goto found_devices;
1324 }
1325 found_devices:
1326 if (!usb_fs_type) {
1327 monitor_printf(mon, "husb: unable to access USB devices\n");
1328 return -ENOENT;
1329 }
1330
1331 /* the module setting (used later for opening devices) */
1332 usb_host_device_path = qemu_mallocz(strlen(devpath)+1);
1333 strcpy(usb_host_device_path, devpath);
1334 monitor_printf(mon, "husb: using %s file-system with %s\n",
1335 fs_type[usb_fs_type], usb_host_device_path);
1336 }
1337
1338 switch (usb_fs_type) {
1339 case USB_FS_PROC:
1340 case USB_FS_DEV:
1341 ret = usb_host_scan_dev(opaque, func);
1342 break;
1343 case USB_FS_SYS:
1344 ret = usb_host_scan_sys(opaque, func);
1345 break;
1346 default:
1347 ret = -EINVAL;
1348 break;
1349 }
1350 return ret;
1351 }
1352
1353 struct USBAutoFilter {
1354 struct USBAutoFilter *next;
1355 int bus_num;
1356 int addr;
1357 int vendor_id;
1358 int product_id;
1359 };
1360
1361 static QEMUTimer *usb_auto_timer;
1362 static struct USBAutoFilter *usb_auto_filter;
1363
1364 static int usb_host_auto_scan(void *opaque, int bus_num, int addr,
1365 int class_id, int vendor_id, int product_id,
1366 const char *product_name, int speed)
1367 {
1368 struct USBAutoFilter *f;
1369 struct USBDevice *dev;
1370
1371 /* Ignore hubs */
1372 if (class_id == 9)
1373 return 0;
1374
1375 for (f = usb_auto_filter; f; f = f->next) {
1376 if (f->bus_num >= 0 && f->bus_num != bus_num)
1377 continue;
1378
1379 if (f->addr >= 0 && f->addr != addr)
1380 continue;
1381
1382 if (f->vendor_id >= 0 && f->vendor_id != vendor_id)
1383 continue;
1384
1385 if (f->product_id >= 0 && f->product_id != product_id)
1386 continue;
1387
1388 /* We got a match */
1389
1390 /* Allredy attached ? */
1391 if (hostdev_find(bus_num, addr))
1392 return 0;
1393
1394 dprintf("husb: auto open: bus_num %d addr %d\n", bus_num, addr);
1395
1396 dev = usb_host_device_open_addr(bus_num, addr, product_name);
1397 if (dev)
1398 qdev_init(&dev->qdev);
1399 }
1400
1401 return 0;
1402 }
1403
1404 static void usb_host_auto_timer(void *unused)
1405 {
1406 usb_host_scan(NULL, usb_host_auto_scan);
1407 qemu_mod_timer(usb_auto_timer, qemu_get_clock(rt_clock) + 2000);
1408 }
1409
1410 /*
1411 * Autoconnect filter
1412 * Format:
1413 * auto:bus:dev[:vid:pid]
1414 * auto:bus.dev[:vid:pid]
1415 *
1416 * bus - bus number (dec, * means any)
1417 * dev - device number (dec, * means any)
1418 * vid - vendor id (hex, * means any)
1419 * pid - product id (hex, * means any)
1420 *
1421 * See 'lsusb' output.
1422 */
1423 static int parse_filter(const char *spec, struct USBAutoFilter *f)
1424 {
1425 enum { BUS, DEV, VID, PID, DONE };
1426 const char *p = spec;
1427 int i;
1428
1429 f->bus_num = -1;
1430 f->addr = -1;
1431 f->vendor_id = -1;
1432 f->product_id = -1;
1433
1434 for (i = BUS; i < DONE; i++) {
1435 p = strpbrk(p, ":.");
1436 if (!p) break;
1437 p++;
1438
1439 if (*p == '*')
1440 continue;
1441
1442 switch(i) {
1443 case BUS: f->bus_num = strtol(p, NULL, 10); break;
1444 case DEV: f->addr = strtol(p, NULL, 10); break;
1445 case VID: f->vendor_id = strtol(p, NULL, 16); break;
1446 case PID: f->product_id = strtol(p, NULL, 16); break;
1447 }
1448 }
1449
1450 if (i < DEV) {
1451 fprintf(stderr, "husb: invalid auto filter spec %s\n", spec);
1452 return -1;
1453 }
1454
1455 return 0;
1456 }
1457
1458 static int match_filter(const struct USBAutoFilter *f1,
1459 const struct USBAutoFilter *f2)
1460 {
1461 return f1->bus_num == f2->bus_num &&
1462 f1->addr == f2->addr &&
1463 f1->vendor_id == f2->vendor_id &&
1464 f1->product_id == f2->product_id;
1465 }
1466
1467 static int usb_host_auto_add(const char *spec)
1468 {
1469 struct USBAutoFilter filter, *f;
1470
1471 if (parse_filter(spec, &filter) < 0)
1472 return -1;
1473
1474 f = qemu_mallocz(sizeof(*f));
1475
1476 *f = filter;
1477
1478 if (!usb_auto_filter) {
1479 /*
1480 * First entry. Init and start the monitor.
1481 * Right now we're using timer to check for new devices.
1482 * If this turns out to be too expensive we can move that into a
1483 * separate thread.
1484 */
1485 usb_auto_timer = qemu_new_timer(rt_clock, usb_host_auto_timer, NULL);
1486 if (!usb_auto_timer) {
1487 fprintf(stderr, "husb: failed to allocate auto scan timer\n");
1488 qemu_free(f);
1489 return -1;
1490 }
1491
1492 /* Check for new devices every two seconds */
1493 qemu_mod_timer(usb_auto_timer, qemu_get_clock(rt_clock) + 2000);
1494 }
1495
1496 dprintf("husb: added auto filter: bus_num %d addr %d vid %d pid %d\n",
1497 f->bus_num, f->addr, f->vendor_id, f->product_id);
1498
1499 f->next = usb_auto_filter;
1500 usb_auto_filter = f;
1501
1502 return 0;
1503 }
1504
1505 static int usb_host_auto_del(const char *spec)
1506 {
1507 struct USBAutoFilter *pf = usb_auto_filter;
1508 struct USBAutoFilter **prev = &usb_auto_filter;
1509 struct USBAutoFilter filter;
1510
1511 if (parse_filter(spec, &filter) < 0)
1512 return -1;
1513
1514 while (pf) {
1515 if (match_filter(pf, &filter)) {
1516 dprintf("husb: removed auto filter: bus_num %d addr %d vid %d pid %d\n",
1517 pf->bus_num, pf->addr, pf->vendor_id, pf->product_id);
1518
1519 *prev = pf->next;
1520
1521 if (!usb_auto_filter) {
1522 /* No more filters. Stop scanning. */
1523 qemu_del_timer(usb_auto_timer);
1524 qemu_free_timer(usb_auto_timer);
1525 }
1526
1527 return 0;
1528 }
1529
1530 prev = &pf->next;
1531 pf = pf->next;
1532 }
1533
1534 return -1;
1535 }
1536
1537 typedef struct FindDeviceState {
1538 int vendor_id;
1539 int product_id;
1540 int bus_num;
1541 int addr;
1542 char product_name[PRODUCT_NAME_SZ];
1543 } FindDeviceState;
1544
1545 static int usb_host_find_device_scan(void *opaque, int bus_num, int addr,
1546 int class_id,
1547 int vendor_id, int product_id,
1548 const char *product_name, int speed)
1549 {
1550 FindDeviceState *s = opaque;
1551 if ((vendor_id == s->vendor_id &&
1552 product_id == s->product_id) ||
1553 (bus_num == s->bus_num &&
1554 addr == s->addr)) {
1555 pstrcpy(s->product_name, PRODUCT_NAME_SZ, product_name);
1556 s->bus_num = bus_num;
1557 s->addr = addr;
1558 return 1;
1559 } else {
1560 return 0;
1561 }
1562 }
1563
1564 /* the syntax is :
1565 'bus.addr' (decimal numbers) or
1566 'vendor_id:product_id' (hexa numbers) */
1567 static int usb_host_find_device(int *pbus_num, int *paddr,
1568 char *product_name, int product_name_size,
1569 const char *devname)
1570 {
1571 const char *p;
1572 int ret;
1573 FindDeviceState fs;
1574
1575 p = strchr(devname, '.');
1576 if (p) {
1577 *pbus_num = strtoul(devname, NULL, 0);
1578 *paddr = strtoul(p + 1, NULL, 0);
1579 fs.bus_num = *pbus_num;
1580 fs.addr = *paddr;
1581 ret = usb_host_scan(&fs, usb_host_find_device_scan);
1582 if (ret)
1583 pstrcpy(product_name, product_name_size, fs.product_name);
1584 return 0;
1585 }
1586
1587 p = strchr(devname, ':');
1588 if (p) {
1589 fs.vendor_id = strtoul(devname, NULL, 16);
1590 fs.product_id = strtoul(p + 1, NULL, 16);
1591 ret = usb_host_scan(&fs, usb_host_find_device_scan);
1592 if (ret) {
1593 *pbus_num = fs.bus_num;
1594 *paddr = fs.addr;
1595 pstrcpy(product_name, product_name_size, fs.product_name);
1596 return 0;
1597 }
1598 }
1599 return -1;
1600 }
1601
1602 /**********************/
1603 /* USB host device info */
1604
1605 struct usb_class_info {
1606 int class;
1607 const char *class_name;
1608 };
1609
1610 static const struct usb_class_info usb_class_info[] = {
1611 { USB_CLASS_AUDIO, "Audio"},
1612 { USB_CLASS_COMM, "Communication"},
1613 { USB_CLASS_HID, "HID"},
1614 { USB_CLASS_HUB, "Hub" },
1615 { USB_CLASS_PHYSICAL, "Physical" },
1616 { USB_CLASS_PRINTER, "Printer" },
1617 { USB_CLASS_MASS_STORAGE, "Storage" },
1618 { USB_CLASS_CDC_DATA, "Data" },
1619 { USB_CLASS_APP_SPEC, "Application Specific" },
1620 { USB_CLASS_VENDOR_SPEC, "Vendor Specific" },
1621 { USB_CLASS_STILL_IMAGE, "Still Image" },
1622 { USB_CLASS_CSCID, "Smart Card" },
1623 { USB_CLASS_CONTENT_SEC, "Content Security" },
1624 { -1, NULL }
1625 };
1626
1627 static const char *usb_class_str(uint8_t class)
1628 {
1629 const struct usb_class_info *p;
1630 for(p = usb_class_info; p->class != -1; p++) {
1631 if (p->class == class)
1632 break;
1633 }
1634 return p->class_name;
1635 }
1636
1637 static void usb_info_device(Monitor *mon, int bus_num, int addr, int class_id,
1638 int vendor_id, int product_id,
1639 const char *product_name,
1640 int speed)
1641 {
1642 const char *class_str, *speed_str;
1643
1644 switch(speed) {
1645 case USB_SPEED_LOW:
1646 speed_str = "1.5";
1647 break;
1648 case USB_SPEED_FULL:
1649 speed_str = "12";
1650 break;
1651 case USB_SPEED_HIGH:
1652 speed_str = "480";
1653 break;
1654 default:
1655 speed_str = "?";
1656 break;
1657 }
1658
1659 monitor_printf(mon, " Device %d.%d, speed %s Mb/s\n",
1660 bus_num, addr, speed_str);
1661 class_str = usb_class_str(class_id);
1662 if (class_str)
1663 monitor_printf(mon, " %s:", class_str);
1664 else
1665 monitor_printf(mon, " Class %02x:", class_id);
1666 monitor_printf(mon, " USB device %04x:%04x", vendor_id, product_id);
1667 if (product_name[0] != '\0')
1668 monitor_printf(mon, ", %s", product_name);
1669 monitor_printf(mon, "\n");
1670 }
1671
1672 static int usb_host_info_device(void *opaque, int bus_num, int addr,
1673 int class_id,
1674 int vendor_id, int product_id,
1675 const char *product_name,
1676 int speed)
1677 {
1678 Monitor *mon = opaque;
1679
1680 usb_info_device(mon, bus_num, addr, class_id, vendor_id, product_id,
1681 product_name, speed);
1682 return 0;
1683 }
1684
1685 static void dec2str(int val, char *str, size_t size)
1686 {
1687 if (val == -1)
1688 snprintf(str, size, "*");
1689 else
1690 snprintf(str, size, "%d", val);
1691 }
1692
1693 static void hex2str(int val, char *str, size_t size)
1694 {
1695 if (val == -1)
1696 snprintf(str, size, "*");
1697 else
1698 snprintf(str, size, "%x", val);
1699 }
1700
1701 void usb_host_info(Monitor *mon)
1702 {
1703 struct USBAutoFilter *f;
1704
1705 usb_host_scan(mon, usb_host_info_device);
1706
1707 if (usb_auto_filter)
1708 monitor_printf(mon, " Auto filters:\n");
1709 for (f = usb_auto_filter; f; f = f->next) {
1710 char bus[10], addr[10], vid[10], pid[10];
1711 dec2str(f->bus_num, bus, sizeof(bus));
1712 dec2str(f->addr, addr, sizeof(addr));
1713 hex2str(f->vendor_id, vid, sizeof(vid));
1714 hex2str(f->product_id, pid, sizeof(pid));
1715 monitor_printf(mon, " Device %s.%s ID %s:%s\n",
1716 bus, addr, vid, pid);
1717 }
1718 }
Qemu copy for testing