1 /* 2 * USB redirector usb-guest 3 * 4 * Copyright (c) 2011 Red Hat, Inc. 5 * 6 * Red Hat Authors: 7 * Hans de Goede <hdegoede@redhat.com> 8 * 9 * Permission is hereby granted, free of charge, to any person obtaining a copy 10 * of this software and associated documentation files (the "Software"), to deal 11 * in the Software without restriction, including without limitation the rights 12 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 13 * copies of the Software, and to permit persons to whom the Software is 14 * furnished to do so, subject to the following conditions: 15 * 16 * The above copyright notice and this permission notice shall be included in 17 * all copies or substantial portions of the Software. 18 * 19 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 20 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 21 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 22 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 23 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 24 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 25 * THE SOFTWARE. 26 */ 27 28 #include "qemu-common.h" 29 #include "qemu-timer.h" 30 #include "monitor.h" 31 #include "sysemu.h" 32 33 #include <dirent.h> 34 #include <sys/ioctl.h> 35 #include <signal.h> 36 #include <usbredirparser.h> 37 #include <usbredirfilter.h> 38 39 #include "hw/usb.h" 40 41 #define MAX_ENDPOINTS 32 42 #define NO_INTERFACE_INFO 255 /* Valid interface_count always <= 32 */ 43 #define EP2I(ep_address) (((ep_address & 0x80) >> 3) | (ep_address & 0x0f)) 44 #define I2EP(i) (((i & 0x10) << 3) | (i & 0x0f)) 45 46 typedef struct AsyncURB AsyncURB; 47 typedef struct USBRedirDevice USBRedirDevice; 48 49 /* Struct to hold buffered packets (iso or int input packets) */ 50 struct buf_packet { 51 uint8_t *data; 52 int len; 53 int status; 54 QTAILQ_ENTRY(buf_packet)next; 55 }; 56 57 struct endp_data { 58 uint8_t type; 59 uint8_t interval; 60 uint8_t interface; /* bInterfaceNumber this ep belongs to */ 61 uint8_t iso_started; 62 uint8_t iso_error; /* For reporting iso errors to the HC */ 63 uint8_t interrupt_started; 64 uint8_t interrupt_error; 65 uint8_t bufpq_prefilled; 66 uint8_t bufpq_dropping_packets; 67 QTAILQ_HEAD(, buf_packet) bufpq; 68 int bufpq_size; 69 int bufpq_target_size; 70 }; 71 72 struct USBRedirDevice { 73 USBDevice dev; 74 /* Properties */ 75 CharDriverState *cs; 76 uint8_t debug; 77 char *filter_str; 78 int32_t bootindex; 79 /* Data passed from chardev the fd_read cb to the usbredirparser read cb */ 80 const uint8_t *read_buf; 81 int read_buf_size; 82 /* For async handling of open/close */ 83 QEMUBH *open_close_bh; 84 /* To delay the usb attach in case of quick chardev close + open */ 85 QEMUTimer *attach_timer; 86 int64_t next_attach_time; 87 struct usbredirparser *parser; 88 struct endp_data endpoint[MAX_ENDPOINTS]; 89 uint32_t packet_id; 90 QTAILQ_HEAD(, AsyncURB) asyncq; 91 /* Data for device filtering */ 92 struct usb_redir_device_connect_header device_info; 93 struct usb_redir_interface_info_header interface_info; 94 struct usbredirfilter_rule *filter_rules; 95 int filter_rules_count; 96 }; 97 98 struct AsyncURB { 99 USBRedirDevice *dev; 100 USBPacket *packet; 101 uint32_t packet_id; 102 int get; 103 union { 104 struct usb_redir_control_packet_header control_packet; 105 struct usb_redir_bulk_packet_header bulk_packet; 106 struct usb_redir_interrupt_packet_header interrupt_packet; 107 }; 108 QTAILQ_ENTRY(AsyncURB)next; 109 }; 110 111 static void usbredir_hello(void *priv, struct usb_redir_hello_header *h); 112 static void usbredir_device_connect(void *priv, 113 struct usb_redir_device_connect_header *device_connect); 114 static void usbredir_device_disconnect(void *priv); 115 static void usbredir_interface_info(void *priv, 116 struct usb_redir_interface_info_header *interface_info); 117 static void usbredir_ep_info(void *priv, 118 struct usb_redir_ep_info_header *ep_info); 119 static void usbredir_configuration_status(void *priv, uint32_t id, 120 struct usb_redir_configuration_status_header *configuration_status); 121 static void usbredir_alt_setting_status(void *priv, uint32_t id, 122 struct usb_redir_alt_setting_status_header *alt_setting_status); 123 static void usbredir_iso_stream_status(void *priv, uint32_t id, 124 struct usb_redir_iso_stream_status_header *iso_stream_status); 125 static void usbredir_interrupt_receiving_status(void *priv, uint32_t id, 126 struct usb_redir_interrupt_receiving_status_header 127 *interrupt_receiving_status); 128 static void usbredir_bulk_streams_status(void *priv, uint32_t id, 129 struct usb_redir_bulk_streams_status_header *bulk_streams_status); 130 static void usbredir_control_packet(void *priv, uint32_t id, 131 struct usb_redir_control_packet_header *control_packet, 132 uint8_t *data, int data_len); 133 static void usbredir_bulk_packet(void *priv, uint32_t id, 134 struct usb_redir_bulk_packet_header *bulk_packet, 135 uint8_t *data, int data_len); 136 static void usbredir_iso_packet(void *priv, uint32_t id, 137 struct usb_redir_iso_packet_header *iso_packet, 138 uint8_t *data, int data_len); 139 static void usbredir_interrupt_packet(void *priv, uint32_t id, 140 struct usb_redir_interrupt_packet_header *interrupt_header, 141 uint8_t *data, int data_len); 142 143 static int usbredir_handle_status(USBRedirDevice *dev, 144 int status, int actual_len); 145 146 #define VERSION "qemu usb-redir guest " QEMU_VERSION 147 148 /* 149 * Logging stuff 150 */ 151 152 #define ERROR(...) \ 153 do { \ 154 if (dev->debug >= usbredirparser_error) { \ 155 error_report("usb-redir error: " __VA_ARGS__); \ 156 } \ 157 } while (0) 158 #define WARNING(...) \ 159 do { \ 160 if (dev->debug >= usbredirparser_warning) { \ 161 error_report("usb-redir warning: " __VA_ARGS__); \ 162 } \ 163 } while (0) 164 #define INFO(...) \ 165 do { \ 166 if (dev->debug >= usbredirparser_info) { \ 167 error_report("usb-redir: " __VA_ARGS__); \ 168 } \ 169 } while (0) 170 #define DPRINTF(...) \ 171 do { \ 172 if (dev->debug >= usbredirparser_debug) { \ 173 error_report("usb-redir: " __VA_ARGS__); \ 174 } \ 175 } while (0) 176 #define DPRINTF2(...) \ 177 do { \ 178 if (dev->debug >= usbredirparser_debug_data) { \ 179 error_report("usb-redir: " __VA_ARGS__); \ 180 } \ 181 } while (0) 182 183 static void usbredir_log(void *priv, int level, const char *msg) 184 { 185 USBRedirDevice *dev = priv; 186 187 if (dev->debug < level) { 188 return; 189 } 190 191 error_report("%s", msg); 192 } 193 194 static void usbredir_log_data(USBRedirDevice *dev, const char *desc, 195 const uint8_t *data, int len) 196 { 197 int i, j, n; 198 199 if (dev->debug < usbredirparser_debug_data) { 200 return; 201 } 202 203 for (i = 0; i < len; i += j) { 204 char buf[128]; 205 206 n = sprintf(buf, "%s", desc); 207 for (j = 0; j < 8 && i + j < len; j++) { 208 n += sprintf(buf + n, " %02X", data[i + j]); 209 } 210 error_report("%s", buf); 211 } 212 } 213 214 /* 215 * usbredirparser io functions 216 */ 217 218 static int usbredir_read(void *priv, uint8_t *data, int count) 219 { 220 USBRedirDevice *dev = priv; 221 222 if (dev->read_buf_size < count) { 223 count = dev->read_buf_size; 224 } 225 226 memcpy(data, dev->read_buf, count); 227 228 dev->read_buf_size -= count; 229 if (dev->read_buf_size) { 230 dev->read_buf += count; 231 } else { 232 dev->read_buf = NULL; 233 } 234 235 return count; 236 } 237 238 static int usbredir_write(void *priv, uint8_t *data, int count) 239 { 240 USBRedirDevice *dev = priv; 241 242 if (!dev->cs->opened) { 243 return 0; 244 } 245 246 return qemu_chr_fe_write(dev->cs, data, count); 247 } 248 249 /* 250 * Async and buffered packets helpers 251 */ 252 253 static AsyncURB *async_alloc(USBRedirDevice *dev, USBPacket *p) 254 { 255 AsyncURB *aurb = (AsyncURB *) g_malloc0(sizeof(AsyncURB)); 256 aurb->dev = dev; 257 aurb->packet = p; 258 aurb->packet_id = dev->packet_id; 259 QTAILQ_INSERT_TAIL(&dev->asyncq, aurb, next); 260 dev->packet_id++; 261 262 return aurb; 263 } 264 265 static void async_free(USBRedirDevice *dev, AsyncURB *aurb) 266 { 267 QTAILQ_REMOVE(&dev->asyncq, aurb, next); 268 g_free(aurb); 269 } 270 271 static AsyncURB *async_find(USBRedirDevice *dev, uint32_t packet_id) 272 { 273 AsyncURB *aurb; 274 275 QTAILQ_FOREACH(aurb, &dev->asyncq, next) { 276 if (aurb->packet_id == packet_id) { 277 return aurb; 278 } 279 } 280 DPRINTF("could not find async urb for packet_id %u\n", packet_id); 281 return NULL; 282 } 283 284 static void usbredir_cancel_packet(USBDevice *udev, USBPacket *p) 285 { 286 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 287 AsyncURB *aurb; 288 289 QTAILQ_FOREACH(aurb, &dev->asyncq, next) { 290 if (p != aurb->packet) { 291 continue; 292 } 293 294 DPRINTF("async cancel id %u\n", aurb->packet_id); 295 usbredirparser_send_cancel_data_packet(dev->parser, aurb->packet_id); 296 usbredirparser_do_write(dev->parser); 297 298 /* Mark it as dead */ 299 aurb->packet = NULL; 300 break; 301 } 302 } 303 304 static void bufp_alloc(USBRedirDevice *dev, 305 uint8_t *data, int len, int status, uint8_t ep) 306 { 307 struct buf_packet *bufp; 308 309 if (!dev->endpoint[EP2I(ep)].bufpq_dropping_packets && 310 dev->endpoint[EP2I(ep)].bufpq_size > 311 2 * dev->endpoint[EP2I(ep)].bufpq_target_size) { 312 DPRINTF("bufpq overflow, dropping packets ep %02X\n", ep); 313 dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 1; 314 } 315 /* Since we're interupting the stream anyways, drop enough packets to get 316 back to our target buffer size */ 317 if (dev->endpoint[EP2I(ep)].bufpq_dropping_packets) { 318 if (dev->endpoint[EP2I(ep)].bufpq_size > 319 dev->endpoint[EP2I(ep)].bufpq_target_size) { 320 free(data); 321 return; 322 } 323 dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 0; 324 } 325 326 bufp = g_malloc(sizeof(struct buf_packet)); 327 bufp->data = data; 328 bufp->len = len; 329 bufp->status = status; 330 QTAILQ_INSERT_TAIL(&dev->endpoint[EP2I(ep)].bufpq, bufp, next); 331 dev->endpoint[EP2I(ep)].bufpq_size++; 332 } 333 334 static void bufp_free(USBRedirDevice *dev, struct buf_packet *bufp, 335 uint8_t ep) 336 { 337 QTAILQ_REMOVE(&dev->endpoint[EP2I(ep)].bufpq, bufp, next); 338 dev->endpoint[EP2I(ep)].bufpq_size--; 339 free(bufp->data); 340 g_free(bufp); 341 } 342 343 static void usbredir_free_bufpq(USBRedirDevice *dev, uint8_t ep) 344 { 345 struct buf_packet *buf, *buf_next; 346 347 QTAILQ_FOREACH_SAFE(buf, &dev->endpoint[EP2I(ep)].bufpq, next, buf_next) { 348 bufp_free(dev, buf, ep); 349 } 350 } 351 352 /* 353 * USBDevice callbacks 354 */ 355 356 static void usbredir_handle_reset(USBDevice *udev) 357 { 358 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 359 360 DPRINTF("reset device\n"); 361 usbredirparser_send_reset(dev->parser); 362 usbredirparser_do_write(dev->parser); 363 } 364 365 static int usbredir_handle_iso_data(USBRedirDevice *dev, USBPacket *p, 366 uint8_t ep) 367 { 368 int status, len; 369 if (!dev->endpoint[EP2I(ep)].iso_started && 370 !dev->endpoint[EP2I(ep)].iso_error) { 371 struct usb_redir_start_iso_stream_header start_iso = { 372 .endpoint = ep, 373 }; 374 int pkts_per_sec; 375 376 if (dev->dev.speed == USB_SPEED_HIGH) { 377 pkts_per_sec = 8000 / dev->endpoint[EP2I(ep)].interval; 378 } else { 379 pkts_per_sec = 1000 / dev->endpoint[EP2I(ep)].interval; 380 } 381 /* Testing has shown that we need circa 60 ms buffer */ 382 dev->endpoint[EP2I(ep)].bufpq_target_size = (pkts_per_sec * 60) / 1000; 383 384 /* Aim for approx 100 interrupts / second on the client to 385 balance latency and interrupt load */ 386 start_iso.pkts_per_urb = pkts_per_sec / 100; 387 if (start_iso.pkts_per_urb < 1) { 388 start_iso.pkts_per_urb = 1; 389 } else if (start_iso.pkts_per_urb > 32) { 390 start_iso.pkts_per_urb = 32; 391 } 392 393 start_iso.no_urbs = (dev->endpoint[EP2I(ep)].bufpq_target_size + 394 start_iso.pkts_per_urb - 1) / 395 start_iso.pkts_per_urb; 396 /* Output endpoints pre-fill only 1/2 of the packets, keeping the rest 397 as overflow buffer. Also see the usbredir protocol documentation */ 398 if (!(ep & USB_DIR_IN)) { 399 start_iso.no_urbs *= 2; 400 } 401 if (start_iso.no_urbs > 16) { 402 start_iso.no_urbs = 16; 403 } 404 405 /* No id, we look at the ep when receiving a status back */ 406 usbredirparser_send_start_iso_stream(dev->parser, 0, &start_iso); 407 usbredirparser_do_write(dev->parser); 408 DPRINTF("iso stream started pkts/sec %d pkts/urb %d urbs %d ep %02X\n", 409 pkts_per_sec, start_iso.pkts_per_urb, start_iso.no_urbs, ep); 410 dev->endpoint[EP2I(ep)].iso_started = 1; 411 dev->endpoint[EP2I(ep)].bufpq_prefilled = 0; 412 dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 0; 413 } 414 415 if (ep & USB_DIR_IN) { 416 struct buf_packet *isop; 417 418 if (dev->endpoint[EP2I(ep)].iso_started && 419 !dev->endpoint[EP2I(ep)].bufpq_prefilled) { 420 if (dev->endpoint[EP2I(ep)].bufpq_size < 421 dev->endpoint[EP2I(ep)].bufpq_target_size) { 422 return usbredir_handle_status(dev, 0, 0); 423 } 424 dev->endpoint[EP2I(ep)].bufpq_prefilled = 1; 425 } 426 427 isop = QTAILQ_FIRST(&dev->endpoint[EP2I(ep)].bufpq); 428 if (isop == NULL) { 429 DPRINTF("iso-token-in ep %02X, no isop, iso_error: %d\n", 430 ep, dev->endpoint[EP2I(ep)].iso_error); 431 /* Re-fill the buffer */ 432 dev->endpoint[EP2I(ep)].bufpq_prefilled = 0; 433 /* Check iso_error for stream errors, otherwise its an underrun */ 434 status = dev->endpoint[EP2I(ep)].iso_error; 435 dev->endpoint[EP2I(ep)].iso_error = 0; 436 return status ? USB_RET_IOERROR : 0; 437 } 438 DPRINTF2("iso-token-in ep %02X status %d len %d queue-size: %d\n", ep, 439 isop->status, isop->len, dev->endpoint[EP2I(ep)].bufpq_size); 440 441 status = isop->status; 442 if (status != usb_redir_success) { 443 bufp_free(dev, isop, ep); 444 return USB_RET_IOERROR; 445 } 446 447 len = isop->len; 448 if (len > p->iov.size) { 449 ERROR("received iso data is larger then packet ep %02X (%d > %d)\n", 450 ep, len, (int)p->iov.size); 451 bufp_free(dev, isop, ep); 452 return USB_RET_BABBLE; 453 } 454 usb_packet_copy(p, isop->data, len); 455 bufp_free(dev, isop, ep); 456 return len; 457 } else { 458 /* If the stream was not started because of a pending error don't 459 send the packet to the usb-host */ 460 if (dev->endpoint[EP2I(ep)].iso_started) { 461 struct usb_redir_iso_packet_header iso_packet = { 462 .endpoint = ep, 463 .length = p->iov.size 464 }; 465 uint8_t buf[p->iov.size]; 466 /* No id, we look at the ep when receiving a status back */ 467 usb_packet_copy(p, buf, p->iov.size); 468 usbredirparser_send_iso_packet(dev->parser, 0, &iso_packet, 469 buf, p->iov.size); 470 usbredirparser_do_write(dev->parser); 471 } 472 status = dev->endpoint[EP2I(ep)].iso_error; 473 dev->endpoint[EP2I(ep)].iso_error = 0; 474 DPRINTF2("iso-token-out ep %02X status %d len %zd\n", ep, status, 475 p->iov.size); 476 return usbredir_handle_status(dev, status, p->iov.size); 477 } 478 } 479 480 static void usbredir_stop_iso_stream(USBRedirDevice *dev, uint8_t ep) 481 { 482 struct usb_redir_stop_iso_stream_header stop_iso_stream = { 483 .endpoint = ep 484 }; 485 if (dev->endpoint[EP2I(ep)].iso_started) { 486 usbredirparser_send_stop_iso_stream(dev->parser, 0, &stop_iso_stream); 487 DPRINTF("iso stream stopped ep %02X\n", ep); 488 dev->endpoint[EP2I(ep)].iso_started = 0; 489 } 490 dev->endpoint[EP2I(ep)].iso_error = 0; 491 usbredir_free_bufpq(dev, ep); 492 } 493 494 static int usbredir_handle_bulk_data(USBRedirDevice *dev, USBPacket *p, 495 uint8_t ep) 496 { 497 AsyncURB *aurb = async_alloc(dev, p); 498 struct usb_redir_bulk_packet_header bulk_packet; 499 500 DPRINTF("bulk-out ep %02X len %zd id %u\n", ep, 501 p->iov.size, aurb->packet_id); 502 503 bulk_packet.endpoint = ep; 504 bulk_packet.length = p->iov.size; 505 bulk_packet.stream_id = 0; 506 aurb->bulk_packet = bulk_packet; 507 508 if (ep & USB_DIR_IN) { 509 usbredirparser_send_bulk_packet(dev->parser, aurb->packet_id, 510 &bulk_packet, NULL, 0); 511 } else { 512 uint8_t buf[p->iov.size]; 513 usb_packet_copy(p, buf, p->iov.size); 514 usbredir_log_data(dev, "bulk data out:", buf, p->iov.size); 515 usbredirparser_send_bulk_packet(dev->parser, aurb->packet_id, 516 &bulk_packet, buf, p->iov.size); 517 } 518 usbredirparser_do_write(dev->parser); 519 return USB_RET_ASYNC; 520 } 521 522 static int usbredir_handle_interrupt_data(USBRedirDevice *dev, 523 USBPacket *p, uint8_t ep) 524 { 525 if (ep & USB_DIR_IN) { 526 /* Input interrupt endpoint, buffered packet input */ 527 struct buf_packet *intp; 528 int status, len; 529 530 if (!dev->endpoint[EP2I(ep)].interrupt_started && 531 !dev->endpoint[EP2I(ep)].interrupt_error) { 532 struct usb_redir_start_interrupt_receiving_header start_int = { 533 .endpoint = ep, 534 }; 535 /* No id, we look at the ep when receiving a status back */ 536 usbredirparser_send_start_interrupt_receiving(dev->parser, 0, 537 &start_int); 538 usbredirparser_do_write(dev->parser); 539 DPRINTF("interrupt recv started ep %02X\n", ep); 540 dev->endpoint[EP2I(ep)].interrupt_started = 1; 541 /* We don't really want to drop interrupt packets ever, but 542 having some upper limit to how much we buffer is good. */ 543 dev->endpoint[EP2I(ep)].bufpq_target_size = 1000; 544 dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 0; 545 } 546 547 intp = QTAILQ_FIRST(&dev->endpoint[EP2I(ep)].bufpq); 548 if (intp == NULL) { 549 DPRINTF2("interrupt-token-in ep %02X, no intp\n", ep); 550 /* Check interrupt_error for stream errors */ 551 status = dev->endpoint[EP2I(ep)].interrupt_error; 552 dev->endpoint[EP2I(ep)].interrupt_error = 0; 553 if (status) { 554 return usbredir_handle_status(dev, status, 0); 555 } 556 return USB_RET_NAK; 557 } 558 DPRINTF("interrupt-token-in ep %02X status %d len %d\n", ep, 559 intp->status, intp->len); 560 561 status = intp->status; 562 if (status != usb_redir_success) { 563 bufp_free(dev, intp, ep); 564 return usbredir_handle_status(dev, status, 0); 565 } 566 567 len = intp->len; 568 if (len > p->iov.size) { 569 ERROR("received int data is larger then packet ep %02X\n", ep); 570 bufp_free(dev, intp, ep); 571 return USB_RET_BABBLE; 572 } 573 usb_packet_copy(p, intp->data, len); 574 bufp_free(dev, intp, ep); 575 return len; 576 } else { 577 /* Output interrupt endpoint, normal async operation */ 578 AsyncURB *aurb = async_alloc(dev, p); 579 struct usb_redir_interrupt_packet_header interrupt_packet; 580 uint8_t buf[p->iov.size]; 581 582 DPRINTF("interrupt-out ep %02X len %zd id %u\n", ep, p->iov.size, 583 aurb->packet_id); 584 585 interrupt_packet.endpoint = ep; 586 interrupt_packet.length = p->iov.size; 587 aurb->interrupt_packet = interrupt_packet; 588 589 usb_packet_copy(p, buf, p->iov.size); 590 usbredir_log_data(dev, "interrupt data out:", buf, p->iov.size); 591 usbredirparser_send_interrupt_packet(dev->parser, aurb->packet_id, 592 &interrupt_packet, buf, p->iov.size); 593 usbredirparser_do_write(dev->parser); 594 return USB_RET_ASYNC; 595 } 596 } 597 598 static void usbredir_stop_interrupt_receiving(USBRedirDevice *dev, 599 uint8_t ep) 600 { 601 struct usb_redir_stop_interrupt_receiving_header stop_interrupt_recv = { 602 .endpoint = ep 603 }; 604 if (dev->endpoint[EP2I(ep)].interrupt_started) { 605 usbredirparser_send_stop_interrupt_receiving(dev->parser, 0, 606 &stop_interrupt_recv); 607 DPRINTF("interrupt recv stopped ep %02X\n", ep); 608 dev->endpoint[EP2I(ep)].interrupt_started = 0; 609 } 610 dev->endpoint[EP2I(ep)].interrupt_error = 0; 611 usbredir_free_bufpq(dev, ep); 612 } 613 614 static int usbredir_handle_data(USBDevice *udev, USBPacket *p) 615 { 616 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 617 uint8_t ep; 618 619 ep = p->ep->nr; 620 if (p->pid == USB_TOKEN_IN) { 621 ep |= USB_DIR_IN; 622 } 623 624 switch (dev->endpoint[EP2I(ep)].type) { 625 case USB_ENDPOINT_XFER_CONTROL: 626 ERROR("handle_data called for control transfer on ep %02X\n", ep); 627 return USB_RET_NAK; 628 case USB_ENDPOINT_XFER_ISOC: 629 return usbredir_handle_iso_data(dev, p, ep); 630 case USB_ENDPOINT_XFER_BULK: 631 return usbredir_handle_bulk_data(dev, p, ep); 632 case USB_ENDPOINT_XFER_INT: 633 return usbredir_handle_interrupt_data(dev, p, ep); 634 default: 635 ERROR("handle_data ep %02X has unknown type %d\n", ep, 636 dev->endpoint[EP2I(ep)].type); 637 return USB_RET_NAK; 638 } 639 } 640 641 static int usbredir_set_config(USBRedirDevice *dev, USBPacket *p, 642 int config) 643 { 644 struct usb_redir_set_configuration_header set_config; 645 AsyncURB *aurb = async_alloc(dev, p); 646 int i; 647 648 DPRINTF("set config %d id %u\n", config, aurb->packet_id); 649 650 for (i = 0; i < MAX_ENDPOINTS; i++) { 651 switch (dev->endpoint[i].type) { 652 case USB_ENDPOINT_XFER_ISOC: 653 usbredir_stop_iso_stream(dev, I2EP(i)); 654 break; 655 case USB_ENDPOINT_XFER_INT: 656 if (i & 0x10) { 657 usbredir_stop_interrupt_receiving(dev, I2EP(i)); 658 } 659 break; 660 } 661 usbredir_free_bufpq(dev, I2EP(i)); 662 } 663 664 set_config.configuration = config; 665 usbredirparser_send_set_configuration(dev->parser, aurb->packet_id, 666 &set_config); 667 usbredirparser_do_write(dev->parser); 668 return USB_RET_ASYNC; 669 } 670 671 static int usbredir_get_config(USBRedirDevice *dev, USBPacket *p) 672 { 673 AsyncURB *aurb = async_alloc(dev, p); 674 675 DPRINTF("get config id %u\n", aurb->packet_id); 676 677 aurb->get = 1; 678 usbredirparser_send_get_configuration(dev->parser, aurb->packet_id); 679 usbredirparser_do_write(dev->parser); 680 return USB_RET_ASYNC; 681 } 682 683 static int usbredir_set_interface(USBRedirDevice *dev, USBPacket *p, 684 int interface, int alt) 685 { 686 struct usb_redir_set_alt_setting_header set_alt; 687 AsyncURB *aurb = async_alloc(dev, p); 688 int i; 689 690 DPRINTF("set interface %d alt %d id %u\n", interface, alt, 691 aurb->packet_id); 692 693 for (i = 0; i < MAX_ENDPOINTS; i++) { 694 if (dev->endpoint[i].interface == interface) { 695 switch (dev->endpoint[i].type) { 696 case USB_ENDPOINT_XFER_ISOC: 697 usbredir_stop_iso_stream(dev, I2EP(i)); 698 break; 699 case USB_ENDPOINT_XFER_INT: 700 if (i & 0x10) { 701 usbredir_stop_interrupt_receiving(dev, I2EP(i)); 702 } 703 break; 704 } 705 usbredir_free_bufpq(dev, I2EP(i)); 706 } 707 } 708 709 set_alt.interface = interface; 710 set_alt.alt = alt; 711 usbredirparser_send_set_alt_setting(dev->parser, aurb->packet_id, 712 &set_alt); 713 usbredirparser_do_write(dev->parser); 714 return USB_RET_ASYNC; 715 } 716 717 static int usbredir_get_interface(USBRedirDevice *dev, USBPacket *p, 718 int interface) 719 { 720 struct usb_redir_get_alt_setting_header get_alt; 721 AsyncURB *aurb = async_alloc(dev, p); 722 723 DPRINTF("get interface %d id %u\n", interface, aurb->packet_id); 724 725 get_alt.interface = interface; 726 aurb->get = 1; 727 usbredirparser_send_get_alt_setting(dev->parser, aurb->packet_id, 728 &get_alt); 729 usbredirparser_do_write(dev->parser); 730 return USB_RET_ASYNC; 731 } 732 733 static int usbredir_handle_control(USBDevice *udev, USBPacket *p, 734 int request, int value, int index, int length, uint8_t *data) 735 { 736 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 737 struct usb_redir_control_packet_header control_packet; 738 AsyncURB *aurb; 739 740 /* Special cases for certain standard device requests */ 741 switch (request) { 742 case DeviceOutRequest | USB_REQ_SET_ADDRESS: 743 DPRINTF("set address %d\n", value); 744 dev->dev.addr = value; 745 return 0; 746 case DeviceOutRequest | USB_REQ_SET_CONFIGURATION: 747 return usbredir_set_config(dev, p, value & 0xff); 748 case DeviceRequest | USB_REQ_GET_CONFIGURATION: 749 return usbredir_get_config(dev, p); 750 case InterfaceOutRequest | USB_REQ_SET_INTERFACE: 751 return usbredir_set_interface(dev, p, index, value); 752 case InterfaceRequest | USB_REQ_GET_INTERFACE: 753 return usbredir_get_interface(dev, p, index); 754 } 755 756 /* "Normal" ctrl requests */ 757 aurb = async_alloc(dev, p); 758 759 /* Note request is (bRequestType << 8) | bRequest */ 760 DPRINTF("ctrl-out type 0x%x req 0x%x val 0x%x index %d len %d id %u\n", 761 request >> 8, request & 0xff, value, index, length, 762 aurb->packet_id); 763 764 control_packet.request = request & 0xFF; 765 control_packet.requesttype = request >> 8; 766 control_packet.endpoint = control_packet.requesttype & USB_DIR_IN; 767 control_packet.value = value; 768 control_packet.index = index; 769 control_packet.length = length; 770 aurb->control_packet = control_packet; 771 772 if (control_packet.requesttype & USB_DIR_IN) { 773 usbredirparser_send_control_packet(dev->parser, aurb->packet_id, 774 &control_packet, NULL, 0); 775 } else { 776 usbredir_log_data(dev, "ctrl data out:", data, length); 777 usbredirparser_send_control_packet(dev->parser, aurb->packet_id, 778 &control_packet, data, length); 779 } 780 usbredirparser_do_write(dev->parser); 781 return USB_RET_ASYNC; 782 } 783 784 /* 785 * Close events can be triggered by usbredirparser_do_write which gets called 786 * from within the USBDevice data / control packet callbacks and doing a 787 * usb_detach from within these callbacks is not a good idea. 788 * 789 * So we use a bh handler to take care of close events. We also handle 790 * open events from this callback to make sure that a close directly followed 791 * by an open gets handled in the right order. 792 */ 793 static void usbredir_open_close_bh(void *opaque) 794 { 795 USBRedirDevice *dev = opaque; 796 uint32_t caps[USB_REDIR_CAPS_SIZE] = { 0, }; 797 798 usbredir_device_disconnect(dev); 799 800 if (dev->parser) { 801 usbredirparser_destroy(dev->parser); 802 dev->parser = NULL; 803 } 804 805 if (dev->cs->opened) { 806 dev->parser = qemu_oom_check(usbredirparser_create()); 807 dev->parser->priv = dev; 808 dev->parser->log_func = usbredir_log; 809 dev->parser->read_func = usbredir_read; 810 dev->parser->write_func = usbredir_write; 811 dev->parser->hello_func = usbredir_hello; 812 dev->parser->device_connect_func = usbredir_device_connect; 813 dev->parser->device_disconnect_func = usbredir_device_disconnect; 814 dev->parser->interface_info_func = usbredir_interface_info; 815 dev->parser->ep_info_func = usbredir_ep_info; 816 dev->parser->configuration_status_func = usbredir_configuration_status; 817 dev->parser->alt_setting_status_func = usbredir_alt_setting_status; 818 dev->parser->iso_stream_status_func = usbredir_iso_stream_status; 819 dev->parser->interrupt_receiving_status_func = 820 usbredir_interrupt_receiving_status; 821 dev->parser->bulk_streams_status_func = usbredir_bulk_streams_status; 822 dev->parser->control_packet_func = usbredir_control_packet; 823 dev->parser->bulk_packet_func = usbredir_bulk_packet; 824 dev->parser->iso_packet_func = usbredir_iso_packet; 825 dev->parser->interrupt_packet_func = usbredir_interrupt_packet; 826 dev->read_buf = NULL; 827 dev->read_buf_size = 0; 828 829 usbredirparser_caps_set_cap(caps, usb_redir_cap_connect_device_version); 830 usbredirparser_caps_set_cap(caps, usb_redir_cap_filter); 831 usbredirparser_init(dev->parser, VERSION, caps, USB_REDIR_CAPS_SIZE, 0); 832 usbredirparser_do_write(dev->parser); 833 } 834 } 835 836 static void usbredir_do_attach(void *opaque) 837 { 838 USBRedirDevice *dev = opaque; 839 840 if (usb_device_attach(&dev->dev) != 0) { 841 usbredir_device_disconnect(dev); 842 if (usbredirparser_peer_has_cap(dev->parser, usb_redir_cap_filter)) { 843 usbredirparser_send_filter_reject(dev->parser); 844 usbredirparser_do_write(dev->parser); 845 } 846 } 847 } 848 849 /* 850 * chardev callbacks 851 */ 852 853 static int usbredir_chardev_can_read(void *opaque) 854 { 855 USBRedirDevice *dev = opaque; 856 857 if (dev->parser) { 858 /* usbredir_parser_do_read will consume *all* data we give it */ 859 return 1024 * 1024; 860 } else { 861 /* usbredir_open_close_bh hasn't handled the open event yet */ 862 return 0; 863 } 864 } 865 866 static void usbredir_chardev_read(void *opaque, const uint8_t *buf, int size) 867 { 868 USBRedirDevice *dev = opaque; 869 870 /* No recursion allowed! */ 871 assert(dev->read_buf == NULL); 872 873 dev->read_buf = buf; 874 dev->read_buf_size = size; 875 876 usbredirparser_do_read(dev->parser); 877 /* Send any acks, etc. which may be queued now */ 878 usbredirparser_do_write(dev->parser); 879 } 880 881 static void usbredir_chardev_event(void *opaque, int event) 882 { 883 USBRedirDevice *dev = opaque; 884 885 switch (event) { 886 case CHR_EVENT_OPENED: 887 case CHR_EVENT_CLOSED: 888 qemu_bh_schedule(dev->open_close_bh); 889 break; 890 } 891 } 892 893 /* 894 * init + destroy 895 */ 896 897 static int usbredir_initfn(USBDevice *udev) 898 { 899 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 900 int i; 901 902 if (dev->cs == NULL) { 903 qerror_report(QERR_MISSING_PARAMETER, "chardev"); 904 return -1; 905 } 906 907 if (dev->filter_str) { 908 i = usbredirfilter_string_to_rules(dev->filter_str, ":", "|", 909 &dev->filter_rules, 910 &dev->filter_rules_count); 911 if (i) { 912 qerror_report(QERR_INVALID_PARAMETER_VALUE, "filter", 913 "a usb device filter string"); 914 return -1; 915 } 916 } 917 918 dev->open_close_bh = qemu_bh_new(usbredir_open_close_bh, dev); 919 dev->attach_timer = qemu_new_timer_ms(vm_clock, usbredir_do_attach, dev); 920 921 QTAILQ_INIT(&dev->asyncq); 922 for (i = 0; i < MAX_ENDPOINTS; i++) { 923 QTAILQ_INIT(&dev->endpoint[i].bufpq); 924 } 925 926 /* We'll do the attach once we receive the speed from the usb-host */ 927 udev->auto_attach = 0; 928 929 /* Let the backend know we are ready */ 930 qemu_chr_fe_open(dev->cs); 931 qemu_chr_add_handlers(dev->cs, usbredir_chardev_can_read, 932 usbredir_chardev_read, usbredir_chardev_event, dev); 933 934 add_boot_device_path(dev->bootindex, &udev->qdev, NULL); 935 return 0; 936 } 937 938 static void usbredir_cleanup_device_queues(USBRedirDevice *dev) 939 { 940 AsyncURB *aurb, *next_aurb; 941 int i; 942 943 QTAILQ_FOREACH_SAFE(aurb, &dev->asyncq, next, next_aurb) { 944 async_free(dev, aurb); 945 } 946 for (i = 0; i < MAX_ENDPOINTS; i++) { 947 usbredir_free_bufpq(dev, I2EP(i)); 948 } 949 } 950 951 static void usbredir_handle_destroy(USBDevice *udev) 952 { 953 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 954 955 qemu_chr_fe_close(dev->cs); 956 qemu_chr_delete(dev->cs); 957 /* Note must be done after qemu_chr_close, as that causes a close event */ 958 qemu_bh_delete(dev->open_close_bh); 959 960 qemu_del_timer(dev->attach_timer); 961 qemu_free_timer(dev->attach_timer); 962 963 usbredir_cleanup_device_queues(dev); 964 965 if (dev->parser) { 966 usbredirparser_destroy(dev->parser); 967 } 968 969 free(dev->filter_rules); 970 } 971 972 static int usbredir_check_filter(USBRedirDevice *dev) 973 { 974 if (dev->interface_info.interface_count == NO_INTERFACE_INFO) { 975 ERROR("No interface info for device\n"); 976 goto error; 977 } 978 979 if (dev->filter_rules) { 980 if (!usbredirparser_peer_has_cap(dev->parser, 981 usb_redir_cap_connect_device_version)) { 982 ERROR("Device filter specified and peer does not have the " 983 "connect_device_version capability\n"); 984 goto error; 985 } 986 987 if (usbredirfilter_check( 988 dev->filter_rules, 989 dev->filter_rules_count, 990 dev->device_info.device_class, 991 dev->device_info.device_subclass, 992 dev->device_info.device_protocol, 993 dev->interface_info.interface_class, 994 dev->interface_info.interface_subclass, 995 dev->interface_info.interface_protocol, 996 dev->interface_info.interface_count, 997 dev->device_info.vendor_id, 998 dev->device_info.product_id, 999 dev->device_info.device_version_bcd, 1000 0) != 0) { 1001 goto error; 1002 } 1003 } 1004 1005 return 0; 1006 1007 error: 1008 usbredir_device_disconnect(dev); 1009 if (usbredirparser_peer_has_cap(dev->parser, usb_redir_cap_filter)) { 1010 usbredirparser_send_filter_reject(dev->parser); 1011 usbredirparser_do_write(dev->parser); 1012 } 1013 return -1; 1014 } 1015 1016 /* 1017 * usbredirparser packet complete callbacks 1018 */ 1019 1020 static int usbredir_handle_status(USBRedirDevice *dev, 1021 int status, int actual_len) 1022 { 1023 switch (status) { 1024 case usb_redir_success: 1025 return actual_len; 1026 case usb_redir_stall: 1027 return USB_RET_STALL; 1028 case usb_redir_cancelled: 1029 WARNING("returning cancelled packet to HC?\n"); 1030 return USB_RET_NAK; 1031 case usb_redir_inval: 1032 WARNING("got invalid param error from usb-host?\n"); 1033 return USB_RET_NAK; 1034 case usb_redir_ioerror: 1035 case usb_redir_timeout: 1036 default: 1037 return USB_RET_IOERROR; 1038 } 1039 } 1040 1041 static void usbredir_hello(void *priv, struct usb_redir_hello_header *h) 1042 { 1043 USBRedirDevice *dev = priv; 1044 1045 /* Try to send the filter info now that we've the usb-host's caps */ 1046 if (usbredirparser_peer_has_cap(dev->parser, usb_redir_cap_filter) && 1047 dev->filter_rules) { 1048 usbredirparser_send_filter_filter(dev->parser, dev->filter_rules, 1049 dev->filter_rules_count); 1050 usbredirparser_do_write(dev->parser); 1051 } 1052 } 1053 1054 static void usbredir_device_connect(void *priv, 1055 struct usb_redir_device_connect_header *device_connect) 1056 { 1057 USBRedirDevice *dev = priv; 1058 const char *speed; 1059 1060 if (qemu_timer_pending(dev->attach_timer) || dev->dev.attached) { 1061 ERROR("Received device connect while already connected\n"); 1062 return; 1063 } 1064 1065 switch (device_connect->speed) { 1066 case usb_redir_speed_low: 1067 speed = "low speed"; 1068 dev->dev.speed = USB_SPEED_LOW; 1069 break; 1070 case usb_redir_speed_full: 1071 speed = "full speed"; 1072 dev->dev.speed = USB_SPEED_FULL; 1073 break; 1074 case usb_redir_speed_high: 1075 speed = "high speed"; 1076 dev->dev.speed = USB_SPEED_HIGH; 1077 break; 1078 case usb_redir_speed_super: 1079 speed = "super speed"; 1080 dev->dev.speed = USB_SPEED_SUPER; 1081 break; 1082 default: 1083 speed = "unknown speed"; 1084 dev->dev.speed = USB_SPEED_FULL; 1085 } 1086 1087 if (usbredirparser_peer_has_cap(dev->parser, 1088 usb_redir_cap_connect_device_version)) { 1089 INFO("attaching %s device %04x:%04x version %d.%d class %02x\n", 1090 speed, device_connect->vendor_id, device_connect->product_id, 1091 ((device_connect->device_version_bcd & 0xf000) >> 12) * 10 + 1092 ((device_connect->device_version_bcd & 0x0f00) >> 8), 1093 ((device_connect->device_version_bcd & 0x00f0) >> 4) * 10 + 1094 ((device_connect->device_version_bcd & 0x000f) >> 0), 1095 device_connect->device_class); 1096 } else { 1097 INFO("attaching %s device %04x:%04x class %02x\n", speed, 1098 device_connect->vendor_id, device_connect->product_id, 1099 device_connect->device_class); 1100 } 1101 1102 dev->dev.speedmask = (1 << dev->dev.speed); 1103 dev->device_info = *device_connect; 1104 1105 if (usbredir_check_filter(dev)) { 1106 WARNING("Device %04x:%04x rejected by device filter, not attaching\n", 1107 device_connect->vendor_id, device_connect->product_id); 1108 return; 1109 } 1110 1111 qemu_mod_timer(dev->attach_timer, dev->next_attach_time); 1112 } 1113 1114 static void usbredir_device_disconnect(void *priv) 1115 { 1116 USBRedirDevice *dev = priv; 1117 int i; 1118 1119 /* Stop any pending attaches */ 1120 qemu_del_timer(dev->attach_timer); 1121 1122 if (dev->dev.attached) { 1123 usb_device_detach(&dev->dev); 1124 /* 1125 * Delay next usb device attach to give the guest a chance to see 1126 * see the detach / attach in case of quick close / open succession 1127 */ 1128 dev->next_attach_time = qemu_get_clock_ms(vm_clock) + 200; 1129 } 1130 1131 /* Reset state so that the next dev connected starts with a clean slate */ 1132 usbredir_cleanup_device_queues(dev); 1133 memset(dev->endpoint, 0, sizeof(dev->endpoint)); 1134 for (i = 0; i < MAX_ENDPOINTS; i++) { 1135 QTAILQ_INIT(&dev->endpoint[i].bufpq); 1136 } 1137 usb_ep_init(&dev->dev); 1138 dev->interface_info.interface_count = NO_INTERFACE_INFO; 1139 dev->dev.addr = 0; 1140 dev->dev.speed = 0; 1141 } 1142 1143 static void usbredir_interface_info(void *priv, 1144 struct usb_redir_interface_info_header *interface_info) 1145 { 1146 USBRedirDevice *dev = priv; 1147 1148 dev->interface_info = *interface_info; 1149 1150 /* 1151 * If we receive interface info after the device has already been 1152 * connected (ie on a set_config), re-check the filter. 1153 */ 1154 if (qemu_timer_pending(dev->attach_timer) || dev->dev.attached) { 1155 if (usbredir_check_filter(dev)) { 1156 ERROR("Device no longer matches filter after interface info " 1157 "change, disconnecting!\n"); 1158 } 1159 } 1160 } 1161 1162 static void usbredir_ep_info(void *priv, 1163 struct usb_redir_ep_info_header *ep_info) 1164 { 1165 USBRedirDevice *dev = priv; 1166 struct USBEndpoint *usb_ep; 1167 int i; 1168 1169 for (i = 0; i < MAX_ENDPOINTS; i++) { 1170 dev->endpoint[i].type = ep_info->type[i]; 1171 dev->endpoint[i].interval = ep_info->interval[i]; 1172 dev->endpoint[i].interface = ep_info->interface[i]; 1173 switch (dev->endpoint[i].type) { 1174 case usb_redir_type_invalid: 1175 break; 1176 case usb_redir_type_iso: 1177 case usb_redir_type_interrupt: 1178 if (dev->endpoint[i].interval == 0) { 1179 ERROR("Received 0 interval for isoc or irq endpoint\n"); 1180 usbredir_device_disconnect(dev); 1181 } 1182 /* Fall through */ 1183 case usb_redir_type_control: 1184 case usb_redir_type_bulk: 1185 DPRINTF("ep: %02X type: %d interface: %d\n", I2EP(i), 1186 dev->endpoint[i].type, dev->endpoint[i].interface); 1187 break; 1188 default: 1189 ERROR("Received invalid endpoint type\n"); 1190 usbredir_device_disconnect(dev); 1191 return; 1192 } 1193 usb_ep = usb_ep_get(&dev->dev, 1194 (i & 0x10) ? USB_TOKEN_IN : USB_TOKEN_OUT, 1195 i & 0x0f); 1196 usb_ep->type = dev->endpoint[i].type; 1197 usb_ep->ifnum = dev->endpoint[i].interface; 1198 } 1199 } 1200 1201 static void usbredir_configuration_status(void *priv, uint32_t id, 1202 struct usb_redir_configuration_status_header *config_status) 1203 { 1204 USBRedirDevice *dev = priv; 1205 AsyncURB *aurb; 1206 int len = 0; 1207 1208 DPRINTF("set config status %d config %d id %u\n", config_status->status, 1209 config_status->configuration, id); 1210 1211 aurb = async_find(dev, id); 1212 if (!aurb) { 1213 return; 1214 } 1215 if (aurb->packet) { 1216 if (aurb->get) { 1217 dev->dev.data_buf[0] = config_status->configuration; 1218 len = 1; 1219 } 1220 aurb->packet->result = 1221 usbredir_handle_status(dev, config_status->status, len); 1222 usb_generic_async_ctrl_complete(&dev->dev, aurb->packet); 1223 } 1224 async_free(dev, aurb); 1225 } 1226 1227 static void usbredir_alt_setting_status(void *priv, uint32_t id, 1228 struct usb_redir_alt_setting_status_header *alt_setting_status) 1229 { 1230 USBRedirDevice *dev = priv; 1231 AsyncURB *aurb; 1232 int len = 0; 1233 1234 DPRINTF("alt status %d intf %d alt %d id: %u\n", 1235 alt_setting_status->status, 1236 alt_setting_status->interface, 1237 alt_setting_status->alt, id); 1238 1239 aurb = async_find(dev, id); 1240 if (!aurb) { 1241 return; 1242 } 1243 if (aurb->packet) { 1244 if (aurb->get) { 1245 dev->dev.data_buf[0] = alt_setting_status->alt; 1246 len = 1; 1247 } 1248 aurb->packet->result = 1249 usbredir_handle_status(dev, alt_setting_status->status, len); 1250 usb_generic_async_ctrl_complete(&dev->dev, aurb->packet); 1251 } 1252 async_free(dev, aurb); 1253 } 1254 1255 static void usbredir_iso_stream_status(void *priv, uint32_t id, 1256 struct usb_redir_iso_stream_status_header *iso_stream_status) 1257 { 1258 USBRedirDevice *dev = priv; 1259 uint8_t ep = iso_stream_status->endpoint; 1260 1261 DPRINTF("iso status %d ep %02X id %u\n", iso_stream_status->status, 1262 ep, id); 1263 1264 if (!dev->dev.attached || !dev->endpoint[EP2I(ep)].iso_started) { 1265 return; 1266 } 1267 1268 dev->endpoint[EP2I(ep)].iso_error = iso_stream_status->status; 1269 if (iso_stream_status->status == usb_redir_stall) { 1270 DPRINTF("iso stream stopped by peer ep %02X\n", ep); 1271 dev->endpoint[EP2I(ep)].iso_started = 0; 1272 } 1273 } 1274 1275 static void usbredir_interrupt_receiving_status(void *priv, uint32_t id, 1276 struct usb_redir_interrupt_receiving_status_header 1277 *interrupt_receiving_status) 1278 { 1279 USBRedirDevice *dev = priv; 1280 uint8_t ep = interrupt_receiving_status->endpoint; 1281 1282 DPRINTF("interrupt recv status %d ep %02X id %u\n", 1283 interrupt_receiving_status->status, ep, id); 1284 1285 if (!dev->dev.attached || !dev->endpoint[EP2I(ep)].interrupt_started) { 1286 return; 1287 } 1288 1289 dev->endpoint[EP2I(ep)].interrupt_error = 1290 interrupt_receiving_status->status; 1291 if (interrupt_receiving_status->status == usb_redir_stall) { 1292 DPRINTF("interrupt receiving stopped by peer ep %02X\n", ep); 1293 dev->endpoint[EP2I(ep)].interrupt_started = 0; 1294 } 1295 } 1296 1297 static void usbredir_bulk_streams_status(void *priv, uint32_t id, 1298 struct usb_redir_bulk_streams_status_header *bulk_streams_status) 1299 { 1300 } 1301 1302 static void usbredir_control_packet(void *priv, uint32_t id, 1303 struct usb_redir_control_packet_header *control_packet, 1304 uint8_t *data, int data_len) 1305 { 1306 USBRedirDevice *dev = priv; 1307 int len = control_packet->length; 1308 AsyncURB *aurb; 1309 1310 DPRINTF("ctrl-in status %d len %d id %u\n", control_packet->status, 1311 len, id); 1312 1313 aurb = async_find(dev, id); 1314 if (!aurb) { 1315 free(data); 1316 return; 1317 } 1318 1319 aurb->control_packet.status = control_packet->status; 1320 aurb->control_packet.length = control_packet->length; 1321 if (memcmp(&aurb->control_packet, control_packet, 1322 sizeof(*control_packet))) { 1323 ERROR("return control packet mismatch, please report this!\n"); 1324 len = USB_RET_NAK; 1325 } 1326 1327 if (aurb->packet) { 1328 len = usbredir_handle_status(dev, control_packet->status, len); 1329 if (len > 0) { 1330 usbredir_log_data(dev, "ctrl data in:", data, data_len); 1331 if (data_len <= sizeof(dev->dev.data_buf)) { 1332 memcpy(dev->dev.data_buf, data, data_len); 1333 } else { 1334 ERROR("ctrl buffer too small (%d > %zu)\n", 1335 data_len, sizeof(dev->dev.data_buf)); 1336 len = USB_RET_STALL; 1337 } 1338 } 1339 aurb->packet->result = len; 1340 usb_generic_async_ctrl_complete(&dev->dev, aurb->packet); 1341 } 1342 async_free(dev, aurb); 1343 free(data); 1344 } 1345 1346 static void usbredir_bulk_packet(void *priv, uint32_t id, 1347 struct usb_redir_bulk_packet_header *bulk_packet, 1348 uint8_t *data, int data_len) 1349 { 1350 USBRedirDevice *dev = priv; 1351 uint8_t ep = bulk_packet->endpoint; 1352 int len = bulk_packet->length; 1353 AsyncURB *aurb; 1354 1355 DPRINTF("bulk-in status %d ep %02X len %d id %u\n", bulk_packet->status, 1356 ep, len, id); 1357 1358 aurb = async_find(dev, id); 1359 if (!aurb) { 1360 free(data); 1361 return; 1362 } 1363 1364 if (aurb->bulk_packet.endpoint != bulk_packet->endpoint || 1365 aurb->bulk_packet.stream_id != bulk_packet->stream_id) { 1366 ERROR("return bulk packet mismatch, please report this!\n"); 1367 len = USB_RET_NAK; 1368 } 1369 1370 if (aurb->packet) { 1371 len = usbredir_handle_status(dev, bulk_packet->status, len); 1372 if (len > 0) { 1373 usbredir_log_data(dev, "bulk data in:", data, data_len); 1374 if (data_len <= aurb->packet->iov.size) { 1375 usb_packet_copy(aurb->packet, data, data_len); 1376 } else { 1377 ERROR("bulk buffer too small (%d > %zd)\n", data_len, 1378 aurb->packet->iov.size); 1379 len = USB_RET_STALL; 1380 } 1381 } 1382 aurb->packet->result = len; 1383 usb_packet_complete(&dev->dev, aurb->packet); 1384 } 1385 async_free(dev, aurb); 1386 free(data); 1387 } 1388 1389 static void usbredir_iso_packet(void *priv, uint32_t id, 1390 struct usb_redir_iso_packet_header *iso_packet, 1391 uint8_t *data, int data_len) 1392 { 1393 USBRedirDevice *dev = priv; 1394 uint8_t ep = iso_packet->endpoint; 1395 1396 DPRINTF2("iso-in status %d ep %02X len %d id %u\n", iso_packet->status, ep, 1397 data_len, id); 1398 1399 if (dev->endpoint[EP2I(ep)].type != USB_ENDPOINT_XFER_ISOC) { 1400 ERROR("received iso packet for non iso endpoint %02X\n", ep); 1401 free(data); 1402 return; 1403 } 1404 1405 if (dev->endpoint[EP2I(ep)].iso_started == 0) { 1406 DPRINTF("received iso packet for non started stream ep %02X\n", ep); 1407 free(data); 1408 return; 1409 } 1410 1411 /* bufp_alloc also adds the packet to the ep queue */ 1412 bufp_alloc(dev, data, data_len, iso_packet->status, ep); 1413 } 1414 1415 static void usbredir_interrupt_packet(void *priv, uint32_t id, 1416 struct usb_redir_interrupt_packet_header *interrupt_packet, 1417 uint8_t *data, int data_len) 1418 { 1419 USBRedirDevice *dev = priv; 1420 uint8_t ep = interrupt_packet->endpoint; 1421 1422 DPRINTF("interrupt-in status %d ep %02X len %d id %u\n", 1423 interrupt_packet->status, ep, data_len, id); 1424 1425 if (dev->endpoint[EP2I(ep)].type != USB_ENDPOINT_XFER_INT) { 1426 ERROR("received int packet for non interrupt endpoint %02X\n", ep); 1427 free(data); 1428 return; 1429 } 1430 1431 if (ep & USB_DIR_IN) { 1432 if (dev->endpoint[EP2I(ep)].interrupt_started == 0) { 1433 DPRINTF("received int packet while not started ep %02X\n", ep); 1434 free(data); 1435 return; 1436 } 1437 1438 /* bufp_alloc also adds the packet to the ep queue */ 1439 bufp_alloc(dev, data, data_len, interrupt_packet->status, ep); 1440 } else { 1441 int len = interrupt_packet->length; 1442 1443 AsyncURB *aurb = async_find(dev, id); 1444 if (!aurb) { 1445 return; 1446 } 1447 1448 if (aurb->interrupt_packet.endpoint != interrupt_packet->endpoint) { 1449 ERROR("return int packet mismatch, please report this!\n"); 1450 len = USB_RET_NAK; 1451 } 1452 1453 if (aurb->packet) { 1454 aurb->packet->result = usbredir_handle_status(dev, 1455 interrupt_packet->status, len); 1456 usb_packet_complete(&dev->dev, aurb->packet); 1457 } 1458 async_free(dev, aurb); 1459 } 1460 } 1461 1462 static Property usbredir_properties[] = { 1463 DEFINE_PROP_CHR("chardev", USBRedirDevice, cs), 1464 DEFINE_PROP_UINT8("debug", USBRedirDevice, debug, 0), 1465 DEFINE_PROP_STRING("filter", USBRedirDevice, filter_str), 1466 DEFINE_PROP_INT32("bootindex", USBRedirDevice, bootindex, -1), 1467 DEFINE_PROP_END_OF_LIST(), 1468 }; 1469 1470 static void usbredir_class_initfn(ObjectClass *klass, void *data) 1471 { 1472 USBDeviceClass *uc = USB_DEVICE_CLASS(klass); 1473 DeviceClass *dc = DEVICE_CLASS(klass); 1474 1475 uc->init = usbredir_initfn; 1476 uc->product_desc = "USB Redirection Device"; 1477 uc->handle_destroy = usbredir_handle_destroy; 1478 uc->cancel_packet = usbredir_cancel_packet; 1479 uc->handle_reset = usbredir_handle_reset; 1480 uc->handle_data = usbredir_handle_data; 1481 uc->handle_control = usbredir_handle_control; 1482 dc->props = usbredir_properties; 1483 } 1484 1485 static TypeInfo usbredir_dev_info = { 1486 .name = "usb-redir", 1487 .parent = TYPE_USB_DEVICE, 1488 .instance_size = sizeof(USBRedirDevice), 1489 .class_init = usbredir_class_initfn, 1490 }; 1491 1492 static void usbredir_register_types(void) 1493 { 1494 type_register_static(&usbredir_dev_info); 1495 } 1496 1497 type_init(usbredir_register_types) 1498