1 /* 2 * USB redirector usb-guest 3 * 4 * Copyright (c) 2011 Red Hat, Inc. 5 * 6 * Red Hat Authors: 7 * Hans de Goede <hdegoede@redhat.com> 8 * 9 * Permission is hereby granted, free of charge, to any person obtaining a copy 10 * of this software and associated documentation files (the "Software"), to deal 11 * in the Software without restriction, including without limitation the rights 12 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 13 * copies of the Software, and to permit persons to whom the Software is 14 * furnished to do so, subject to the following conditions: 15 * 16 * The above copyright notice and this permission notice shall be included in 17 * all copies or substantial portions of the Software. 18 * 19 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 20 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 21 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 22 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 23 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 24 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 25 * THE SOFTWARE. 26 */ 27 28 #include "qemu-common.h" 29 #include "qemu-timer.h" 30 #include "monitor.h" 31 #include "sysemu.h" 32 33 #include <dirent.h> 34 #include <sys/ioctl.h> 35 #include <signal.h> 36 #include <usbredirparser.h> 37 #include <usbredirfilter.h> 38 39 #include "hw/usb.h" 40 41 #define MAX_ENDPOINTS 32 42 #define EP2I(ep_address) (((ep_address & 0x80) >> 3) | (ep_address & 0x0f)) 43 #define I2EP(i) (((i & 0x10) << 3) | (i & 0x0f)) 44 45 typedef struct AsyncURB AsyncURB; 46 typedef struct USBRedirDevice USBRedirDevice; 47 48 /* Struct to hold buffered packets (iso or int input packets) */ 49 struct buf_packet { 50 uint8_t *data; 51 int len; 52 int status; 53 QTAILQ_ENTRY(buf_packet)next; 54 }; 55 56 struct endp_data { 57 uint8_t type; 58 uint8_t interval; 59 uint8_t interface; /* bInterfaceNumber this ep belongs to */ 60 uint8_t iso_started; 61 uint8_t iso_error; /* For reporting iso errors to the HC */ 62 uint8_t interrupt_started; 63 uint8_t interrupt_error; 64 uint8_t bufpq_prefilled; 65 uint8_t bufpq_dropping_packets; 66 QTAILQ_HEAD(, buf_packet) bufpq; 67 int bufpq_size; 68 int bufpq_target_size; 69 }; 70 71 struct USBRedirDevice { 72 USBDevice dev; 73 /* Properties */ 74 CharDriverState *cs; 75 uint8_t debug; 76 char *filter_str; 77 /* Data passed from chardev the fd_read cb to the usbredirparser read cb */ 78 const uint8_t *read_buf; 79 int read_buf_size; 80 /* For async handling of open/close */ 81 QEMUBH *open_close_bh; 82 /* To delay the usb attach in case of quick chardev close + open */ 83 QEMUTimer *attach_timer; 84 int64_t next_attach_time; 85 struct usbredirparser *parser; 86 struct endp_data endpoint[MAX_ENDPOINTS]; 87 uint32_t packet_id; 88 QTAILQ_HEAD(, AsyncURB) asyncq; 89 /* Data for device filtering */ 90 struct usb_redir_device_connect_header device_info; 91 struct usb_redir_interface_info_header interface_info; 92 struct usbredirfilter_rule *filter_rules; 93 int filter_rules_count; 94 }; 95 96 struct AsyncURB { 97 USBRedirDevice *dev; 98 USBPacket *packet; 99 uint32_t packet_id; 100 int get; 101 union { 102 struct usb_redir_control_packet_header control_packet; 103 struct usb_redir_bulk_packet_header bulk_packet; 104 struct usb_redir_interrupt_packet_header interrupt_packet; 105 }; 106 QTAILQ_ENTRY(AsyncURB)next; 107 }; 108 109 static void usbredir_hello(void *priv, struct usb_redir_hello_header *h); 110 static void usbredir_device_connect(void *priv, 111 struct usb_redir_device_connect_header *device_connect); 112 static void usbredir_device_disconnect(void *priv); 113 static void usbredir_interface_info(void *priv, 114 struct usb_redir_interface_info_header *interface_info); 115 static void usbredir_ep_info(void *priv, 116 struct usb_redir_ep_info_header *ep_info); 117 static void usbredir_configuration_status(void *priv, uint32_t id, 118 struct usb_redir_configuration_status_header *configuration_status); 119 static void usbredir_alt_setting_status(void *priv, uint32_t id, 120 struct usb_redir_alt_setting_status_header *alt_setting_status); 121 static void usbredir_iso_stream_status(void *priv, uint32_t id, 122 struct usb_redir_iso_stream_status_header *iso_stream_status); 123 static void usbredir_interrupt_receiving_status(void *priv, uint32_t id, 124 struct usb_redir_interrupt_receiving_status_header 125 *interrupt_receiving_status); 126 static void usbredir_bulk_streams_status(void *priv, uint32_t id, 127 struct usb_redir_bulk_streams_status_header *bulk_streams_status); 128 static void usbredir_control_packet(void *priv, uint32_t id, 129 struct usb_redir_control_packet_header *control_packet, 130 uint8_t *data, int data_len); 131 static void usbredir_bulk_packet(void *priv, uint32_t id, 132 struct usb_redir_bulk_packet_header *bulk_packet, 133 uint8_t *data, int data_len); 134 static void usbredir_iso_packet(void *priv, uint32_t id, 135 struct usb_redir_iso_packet_header *iso_packet, 136 uint8_t *data, int data_len); 137 static void usbredir_interrupt_packet(void *priv, uint32_t id, 138 struct usb_redir_interrupt_packet_header *interrupt_header, 139 uint8_t *data, int data_len); 140 141 static int usbredir_handle_status(USBRedirDevice *dev, 142 int status, int actual_len); 143 144 #define VERSION "qemu usb-redir guest " QEMU_VERSION 145 146 /* 147 * Logging stuff 148 */ 149 150 #define ERROR(...) \ 151 do { \ 152 if (dev->debug >= usbredirparser_error) { \ 153 error_report("usb-redir error: " __VA_ARGS__); \ 154 } \ 155 } while (0) 156 #define WARNING(...) \ 157 do { \ 158 if (dev->debug >= usbredirparser_warning) { \ 159 error_report("usb-redir warning: " __VA_ARGS__); \ 160 } \ 161 } while (0) 162 #define INFO(...) \ 163 do { \ 164 if (dev->debug >= usbredirparser_info) { \ 165 error_report("usb-redir: " __VA_ARGS__); \ 166 } \ 167 } while (0) 168 #define DPRINTF(...) \ 169 do { \ 170 if (dev->debug >= usbredirparser_debug) { \ 171 error_report("usb-redir: " __VA_ARGS__); \ 172 } \ 173 } while (0) 174 #define DPRINTF2(...) \ 175 do { \ 176 if (dev->debug >= usbredirparser_debug_data) { \ 177 error_report("usb-redir: " __VA_ARGS__); \ 178 } \ 179 } while (0) 180 181 static void usbredir_log(void *priv, int level, const char *msg) 182 { 183 USBRedirDevice *dev = priv; 184 185 if (dev->debug < level) { 186 return; 187 } 188 189 error_report("%s", msg); 190 } 191 192 static void usbredir_log_data(USBRedirDevice *dev, const char *desc, 193 const uint8_t *data, int len) 194 { 195 int i, j, n; 196 197 if (dev->debug < usbredirparser_debug_data) { 198 return; 199 } 200 201 for (i = 0; i < len; i += j) { 202 char buf[128]; 203 204 n = sprintf(buf, "%s", desc); 205 for (j = 0; j < 8 && i + j < len; j++) { 206 n += sprintf(buf + n, " %02X", data[i + j]); 207 } 208 error_report("%s", buf); 209 } 210 } 211 212 /* 213 * usbredirparser io functions 214 */ 215 216 static int usbredir_read(void *priv, uint8_t *data, int count) 217 { 218 USBRedirDevice *dev = priv; 219 220 if (dev->read_buf_size < count) { 221 count = dev->read_buf_size; 222 } 223 224 memcpy(data, dev->read_buf, count); 225 226 dev->read_buf_size -= count; 227 if (dev->read_buf_size) { 228 dev->read_buf += count; 229 } else { 230 dev->read_buf = NULL; 231 } 232 233 return count; 234 } 235 236 static int usbredir_write(void *priv, uint8_t *data, int count) 237 { 238 USBRedirDevice *dev = priv; 239 240 if (!dev->cs->opened) { 241 return 0; 242 } 243 244 return qemu_chr_fe_write(dev->cs, data, count); 245 } 246 247 /* 248 * Async and buffered packets helpers 249 */ 250 251 static AsyncURB *async_alloc(USBRedirDevice *dev, USBPacket *p) 252 { 253 AsyncURB *aurb = (AsyncURB *) g_malloc0(sizeof(AsyncURB)); 254 aurb->dev = dev; 255 aurb->packet = p; 256 aurb->packet_id = dev->packet_id; 257 QTAILQ_INSERT_TAIL(&dev->asyncq, aurb, next); 258 dev->packet_id++; 259 260 return aurb; 261 } 262 263 static void async_free(USBRedirDevice *dev, AsyncURB *aurb) 264 { 265 QTAILQ_REMOVE(&dev->asyncq, aurb, next); 266 g_free(aurb); 267 } 268 269 static AsyncURB *async_find(USBRedirDevice *dev, uint32_t packet_id) 270 { 271 AsyncURB *aurb; 272 273 QTAILQ_FOREACH(aurb, &dev->asyncq, next) { 274 if (aurb->packet_id == packet_id) { 275 return aurb; 276 } 277 } 278 ERROR("could not find async urb for packet_id %u\n", packet_id); 279 return NULL; 280 } 281 282 static void usbredir_cancel_packet(USBDevice *udev, USBPacket *p) 283 { 284 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 285 AsyncURB *aurb; 286 287 QTAILQ_FOREACH(aurb, &dev->asyncq, next) { 288 if (p != aurb->packet) { 289 continue; 290 } 291 292 DPRINTF("async cancel id %u\n", aurb->packet_id); 293 usbredirparser_send_cancel_data_packet(dev->parser, aurb->packet_id); 294 usbredirparser_do_write(dev->parser); 295 296 /* Mark it as dead */ 297 aurb->packet = NULL; 298 break; 299 } 300 } 301 302 static void bufp_alloc(USBRedirDevice *dev, 303 uint8_t *data, int len, int status, uint8_t ep) 304 { 305 struct buf_packet *bufp; 306 307 if (!dev->endpoint[EP2I(ep)].bufpq_dropping_packets && 308 dev->endpoint[EP2I(ep)].bufpq_size > 309 2 * dev->endpoint[EP2I(ep)].bufpq_target_size) { 310 DPRINTF("bufpq overflow, dropping packets ep %02X\n", ep); 311 dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 1; 312 } 313 /* Since we're interupting the stream anyways, drop enough packets to get 314 back to our target buffer size */ 315 if (dev->endpoint[EP2I(ep)].bufpq_dropping_packets) { 316 if (dev->endpoint[EP2I(ep)].bufpq_size > 317 dev->endpoint[EP2I(ep)].bufpq_target_size) { 318 free(data); 319 return; 320 } 321 dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 0; 322 } 323 324 bufp = g_malloc(sizeof(struct buf_packet)); 325 bufp->data = data; 326 bufp->len = len; 327 bufp->status = status; 328 QTAILQ_INSERT_TAIL(&dev->endpoint[EP2I(ep)].bufpq, bufp, next); 329 dev->endpoint[EP2I(ep)].bufpq_size++; 330 } 331 332 static void bufp_free(USBRedirDevice *dev, struct buf_packet *bufp, 333 uint8_t ep) 334 { 335 QTAILQ_REMOVE(&dev->endpoint[EP2I(ep)].bufpq, bufp, next); 336 dev->endpoint[EP2I(ep)].bufpq_size--; 337 free(bufp->data); 338 g_free(bufp); 339 } 340 341 static void usbredir_free_bufpq(USBRedirDevice *dev, uint8_t ep) 342 { 343 struct buf_packet *buf, *buf_next; 344 345 QTAILQ_FOREACH_SAFE(buf, &dev->endpoint[EP2I(ep)].bufpq, next, buf_next) { 346 bufp_free(dev, buf, ep); 347 } 348 } 349 350 /* 351 * USBDevice callbacks 352 */ 353 354 static void usbredir_handle_reset(USBDevice *udev) 355 { 356 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 357 358 DPRINTF("reset device\n"); 359 usbredirparser_send_reset(dev->parser); 360 usbredirparser_do_write(dev->parser); 361 } 362 363 static int usbredir_handle_iso_data(USBRedirDevice *dev, USBPacket *p, 364 uint8_t ep) 365 { 366 int status, len; 367 if (!dev->endpoint[EP2I(ep)].iso_started && 368 !dev->endpoint[EP2I(ep)].iso_error) { 369 struct usb_redir_start_iso_stream_header start_iso = { 370 .endpoint = ep, 371 }; 372 int pkts_per_sec; 373 374 if (dev->dev.speed == USB_SPEED_HIGH) { 375 pkts_per_sec = 8000 / dev->endpoint[EP2I(ep)].interval; 376 } else { 377 pkts_per_sec = 1000 / dev->endpoint[EP2I(ep)].interval; 378 } 379 /* Testing has shown that we need circa 60 ms buffer */ 380 dev->endpoint[EP2I(ep)].bufpq_target_size = (pkts_per_sec * 60) / 1000; 381 382 /* Aim for approx 100 interrupts / second on the client to 383 balance latency and interrupt load */ 384 start_iso.pkts_per_urb = pkts_per_sec / 100; 385 if (start_iso.pkts_per_urb < 1) { 386 start_iso.pkts_per_urb = 1; 387 } else if (start_iso.pkts_per_urb > 32) { 388 start_iso.pkts_per_urb = 32; 389 } 390 391 start_iso.no_urbs = (dev->endpoint[EP2I(ep)].bufpq_target_size + 392 start_iso.pkts_per_urb - 1) / 393 start_iso.pkts_per_urb; 394 /* Output endpoints pre-fill only 1/2 of the packets, keeping the rest 395 as overflow buffer. Also see the usbredir protocol documentation */ 396 if (!(ep & USB_DIR_IN)) { 397 start_iso.no_urbs *= 2; 398 } 399 if (start_iso.no_urbs > 16) { 400 start_iso.no_urbs = 16; 401 } 402 403 /* No id, we look at the ep when receiving a status back */ 404 usbredirparser_send_start_iso_stream(dev->parser, 0, &start_iso); 405 usbredirparser_do_write(dev->parser); 406 DPRINTF("iso stream started pkts/sec %d pkts/urb %d urbs %d ep %02X\n", 407 pkts_per_sec, start_iso.pkts_per_urb, start_iso.no_urbs, ep); 408 dev->endpoint[EP2I(ep)].iso_started = 1; 409 dev->endpoint[EP2I(ep)].bufpq_prefilled = 0; 410 dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 0; 411 } 412 413 if (ep & USB_DIR_IN) { 414 struct buf_packet *isop; 415 416 if (dev->endpoint[EP2I(ep)].iso_started && 417 !dev->endpoint[EP2I(ep)].bufpq_prefilled) { 418 if (dev->endpoint[EP2I(ep)].bufpq_size < 419 dev->endpoint[EP2I(ep)].bufpq_target_size) { 420 return usbredir_handle_status(dev, 0, 0); 421 } 422 dev->endpoint[EP2I(ep)].bufpq_prefilled = 1; 423 } 424 425 isop = QTAILQ_FIRST(&dev->endpoint[EP2I(ep)].bufpq); 426 if (isop == NULL) { 427 DPRINTF("iso-token-in ep %02X, no isop, iso_error: %d\n", 428 ep, dev->endpoint[EP2I(ep)].iso_error); 429 /* Re-fill the buffer */ 430 dev->endpoint[EP2I(ep)].bufpq_prefilled = 0; 431 /* Check iso_error for stream errors, otherwise its an underrun */ 432 status = dev->endpoint[EP2I(ep)].iso_error; 433 dev->endpoint[EP2I(ep)].iso_error = 0; 434 return status ? USB_RET_IOERROR : 0; 435 } 436 DPRINTF2("iso-token-in ep %02X status %d len %d queue-size: %d\n", ep, 437 isop->status, isop->len, dev->endpoint[EP2I(ep)].bufpq_size); 438 439 status = isop->status; 440 if (status != usb_redir_success) { 441 bufp_free(dev, isop, ep); 442 return USB_RET_IOERROR; 443 } 444 445 len = isop->len; 446 if (len > p->iov.size) { 447 ERROR("received iso data is larger then packet ep %02X (%d > %d)\n", 448 ep, len, (int)p->iov.size); 449 bufp_free(dev, isop, ep); 450 return USB_RET_BABBLE; 451 } 452 usb_packet_copy(p, isop->data, len); 453 bufp_free(dev, isop, ep); 454 return len; 455 } else { 456 /* If the stream was not started because of a pending error don't 457 send the packet to the usb-host */ 458 if (dev->endpoint[EP2I(ep)].iso_started) { 459 struct usb_redir_iso_packet_header iso_packet = { 460 .endpoint = ep, 461 .length = p->iov.size 462 }; 463 uint8_t buf[p->iov.size]; 464 /* No id, we look at the ep when receiving a status back */ 465 usb_packet_copy(p, buf, p->iov.size); 466 usbredirparser_send_iso_packet(dev->parser, 0, &iso_packet, 467 buf, p->iov.size); 468 usbredirparser_do_write(dev->parser); 469 } 470 status = dev->endpoint[EP2I(ep)].iso_error; 471 dev->endpoint[EP2I(ep)].iso_error = 0; 472 DPRINTF2("iso-token-out ep %02X status %d len %zd\n", ep, status, 473 p->iov.size); 474 return usbredir_handle_status(dev, status, p->iov.size); 475 } 476 } 477 478 static void usbredir_stop_iso_stream(USBRedirDevice *dev, uint8_t ep) 479 { 480 struct usb_redir_stop_iso_stream_header stop_iso_stream = { 481 .endpoint = ep 482 }; 483 if (dev->endpoint[EP2I(ep)].iso_started) { 484 usbredirparser_send_stop_iso_stream(dev->parser, 0, &stop_iso_stream); 485 DPRINTF("iso stream stopped ep %02X\n", ep); 486 dev->endpoint[EP2I(ep)].iso_started = 0; 487 } 488 dev->endpoint[EP2I(ep)].iso_error = 0; 489 usbredir_free_bufpq(dev, ep); 490 } 491 492 static int usbredir_handle_bulk_data(USBRedirDevice *dev, USBPacket *p, 493 uint8_t ep) 494 { 495 AsyncURB *aurb = async_alloc(dev, p); 496 struct usb_redir_bulk_packet_header bulk_packet; 497 498 DPRINTF("bulk-out ep %02X len %zd id %u\n", ep, 499 p->iov.size, aurb->packet_id); 500 501 bulk_packet.endpoint = ep; 502 bulk_packet.length = p->iov.size; 503 bulk_packet.stream_id = 0; 504 aurb->bulk_packet = bulk_packet; 505 506 if (ep & USB_DIR_IN) { 507 usbredirparser_send_bulk_packet(dev->parser, aurb->packet_id, 508 &bulk_packet, NULL, 0); 509 } else { 510 uint8_t buf[p->iov.size]; 511 usb_packet_copy(p, buf, p->iov.size); 512 usbredir_log_data(dev, "bulk data out:", buf, p->iov.size); 513 usbredirparser_send_bulk_packet(dev->parser, aurb->packet_id, 514 &bulk_packet, buf, p->iov.size); 515 } 516 usbredirparser_do_write(dev->parser); 517 return USB_RET_ASYNC; 518 } 519 520 static int usbredir_handle_interrupt_data(USBRedirDevice *dev, 521 USBPacket *p, uint8_t ep) 522 { 523 if (ep & USB_DIR_IN) { 524 /* Input interrupt endpoint, buffered packet input */ 525 struct buf_packet *intp; 526 int status, len; 527 528 if (!dev->endpoint[EP2I(ep)].interrupt_started && 529 !dev->endpoint[EP2I(ep)].interrupt_error) { 530 struct usb_redir_start_interrupt_receiving_header start_int = { 531 .endpoint = ep, 532 }; 533 /* No id, we look at the ep when receiving a status back */ 534 usbredirparser_send_start_interrupt_receiving(dev->parser, 0, 535 &start_int); 536 usbredirparser_do_write(dev->parser); 537 DPRINTF("interrupt recv started ep %02X\n", ep); 538 dev->endpoint[EP2I(ep)].interrupt_started = 1; 539 /* We don't really want to drop interrupt packets ever, but 540 having some upper limit to how much we buffer is good. */ 541 dev->endpoint[EP2I(ep)].bufpq_target_size = 1000; 542 dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 0; 543 } 544 545 intp = QTAILQ_FIRST(&dev->endpoint[EP2I(ep)].bufpq); 546 if (intp == NULL) { 547 DPRINTF2("interrupt-token-in ep %02X, no intp\n", ep); 548 /* Check interrupt_error for stream errors */ 549 status = dev->endpoint[EP2I(ep)].interrupt_error; 550 dev->endpoint[EP2I(ep)].interrupt_error = 0; 551 if (status) { 552 return usbredir_handle_status(dev, status, 0); 553 } 554 return USB_RET_NAK; 555 } 556 DPRINTF("interrupt-token-in ep %02X status %d len %d\n", ep, 557 intp->status, intp->len); 558 559 status = intp->status; 560 if (status != usb_redir_success) { 561 bufp_free(dev, intp, ep); 562 return usbredir_handle_status(dev, status, 0); 563 } 564 565 len = intp->len; 566 if (len > p->iov.size) { 567 ERROR("received int data is larger then packet ep %02X\n", ep); 568 bufp_free(dev, intp, ep); 569 return USB_RET_BABBLE; 570 } 571 usb_packet_copy(p, intp->data, len); 572 bufp_free(dev, intp, ep); 573 return len; 574 } else { 575 /* Output interrupt endpoint, normal async operation */ 576 AsyncURB *aurb = async_alloc(dev, p); 577 struct usb_redir_interrupt_packet_header interrupt_packet; 578 uint8_t buf[p->iov.size]; 579 580 DPRINTF("interrupt-out ep %02X len %zd id %u\n", ep, p->iov.size, 581 aurb->packet_id); 582 583 interrupt_packet.endpoint = ep; 584 interrupt_packet.length = p->iov.size; 585 aurb->interrupt_packet = interrupt_packet; 586 587 usb_packet_copy(p, buf, p->iov.size); 588 usbredir_log_data(dev, "interrupt data out:", buf, p->iov.size); 589 usbredirparser_send_interrupt_packet(dev->parser, aurb->packet_id, 590 &interrupt_packet, buf, p->iov.size); 591 usbredirparser_do_write(dev->parser); 592 return USB_RET_ASYNC; 593 } 594 } 595 596 static void usbredir_stop_interrupt_receiving(USBRedirDevice *dev, 597 uint8_t ep) 598 { 599 struct usb_redir_stop_interrupt_receiving_header stop_interrupt_recv = { 600 .endpoint = ep 601 }; 602 if (dev->endpoint[EP2I(ep)].interrupt_started) { 603 usbredirparser_send_stop_interrupt_receiving(dev->parser, 0, 604 &stop_interrupt_recv); 605 DPRINTF("interrupt recv stopped ep %02X\n", ep); 606 dev->endpoint[EP2I(ep)].interrupt_started = 0; 607 } 608 dev->endpoint[EP2I(ep)].interrupt_error = 0; 609 usbredir_free_bufpq(dev, ep); 610 } 611 612 static int usbredir_handle_data(USBDevice *udev, USBPacket *p) 613 { 614 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 615 uint8_t ep; 616 617 ep = p->ep->nr; 618 if (p->pid == USB_TOKEN_IN) { 619 ep |= USB_DIR_IN; 620 } 621 622 switch (dev->endpoint[EP2I(ep)].type) { 623 case USB_ENDPOINT_XFER_CONTROL: 624 ERROR("handle_data called for control transfer on ep %02X\n", ep); 625 return USB_RET_NAK; 626 case USB_ENDPOINT_XFER_ISOC: 627 return usbredir_handle_iso_data(dev, p, ep); 628 case USB_ENDPOINT_XFER_BULK: 629 return usbredir_handle_bulk_data(dev, p, ep); 630 case USB_ENDPOINT_XFER_INT: 631 return usbredir_handle_interrupt_data(dev, p, ep); 632 default: 633 ERROR("handle_data ep %02X has unknown type %d\n", ep, 634 dev->endpoint[EP2I(ep)].type); 635 return USB_RET_NAK; 636 } 637 } 638 639 static int usbredir_set_config(USBRedirDevice *dev, USBPacket *p, 640 int config) 641 { 642 struct usb_redir_set_configuration_header set_config; 643 AsyncURB *aurb = async_alloc(dev, p); 644 int i; 645 646 DPRINTF("set config %d id %u\n", config, aurb->packet_id); 647 648 for (i = 0; i < MAX_ENDPOINTS; i++) { 649 switch (dev->endpoint[i].type) { 650 case USB_ENDPOINT_XFER_ISOC: 651 usbredir_stop_iso_stream(dev, I2EP(i)); 652 break; 653 case USB_ENDPOINT_XFER_INT: 654 if (i & 0x10) { 655 usbredir_stop_interrupt_receiving(dev, I2EP(i)); 656 } 657 break; 658 } 659 usbredir_free_bufpq(dev, I2EP(i)); 660 } 661 662 set_config.configuration = config; 663 usbredirparser_send_set_configuration(dev->parser, aurb->packet_id, 664 &set_config); 665 usbredirparser_do_write(dev->parser); 666 return USB_RET_ASYNC; 667 } 668 669 static int usbredir_get_config(USBRedirDevice *dev, USBPacket *p) 670 { 671 AsyncURB *aurb = async_alloc(dev, p); 672 673 DPRINTF("get config id %u\n", aurb->packet_id); 674 675 aurb->get = 1; 676 usbredirparser_send_get_configuration(dev->parser, aurb->packet_id); 677 usbredirparser_do_write(dev->parser); 678 return USB_RET_ASYNC; 679 } 680 681 static int usbredir_set_interface(USBRedirDevice *dev, USBPacket *p, 682 int interface, int alt) 683 { 684 struct usb_redir_set_alt_setting_header set_alt; 685 AsyncURB *aurb = async_alloc(dev, p); 686 int i; 687 688 DPRINTF("set interface %d alt %d id %u\n", interface, alt, 689 aurb->packet_id); 690 691 for (i = 0; i < MAX_ENDPOINTS; i++) { 692 if (dev->endpoint[i].interface == interface) { 693 switch (dev->endpoint[i].type) { 694 case USB_ENDPOINT_XFER_ISOC: 695 usbredir_stop_iso_stream(dev, I2EP(i)); 696 break; 697 case USB_ENDPOINT_XFER_INT: 698 if (i & 0x10) { 699 usbredir_stop_interrupt_receiving(dev, I2EP(i)); 700 } 701 break; 702 } 703 usbredir_free_bufpq(dev, I2EP(i)); 704 } 705 } 706 707 set_alt.interface = interface; 708 set_alt.alt = alt; 709 usbredirparser_send_set_alt_setting(dev->parser, aurb->packet_id, 710 &set_alt); 711 usbredirparser_do_write(dev->parser); 712 return USB_RET_ASYNC; 713 } 714 715 static int usbredir_get_interface(USBRedirDevice *dev, USBPacket *p, 716 int interface) 717 { 718 struct usb_redir_get_alt_setting_header get_alt; 719 AsyncURB *aurb = async_alloc(dev, p); 720 721 DPRINTF("get interface %d id %u\n", interface, aurb->packet_id); 722 723 get_alt.interface = interface; 724 aurb->get = 1; 725 usbredirparser_send_get_alt_setting(dev->parser, aurb->packet_id, 726 &get_alt); 727 usbredirparser_do_write(dev->parser); 728 return USB_RET_ASYNC; 729 } 730 731 static int usbredir_handle_control(USBDevice *udev, USBPacket *p, 732 int request, int value, int index, int length, uint8_t *data) 733 { 734 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 735 struct usb_redir_control_packet_header control_packet; 736 AsyncURB *aurb; 737 738 /* Special cases for certain standard device requests */ 739 switch (request) { 740 case DeviceOutRequest | USB_REQ_SET_ADDRESS: 741 DPRINTF("set address %d\n", value); 742 dev->dev.addr = value; 743 return 0; 744 case DeviceOutRequest | USB_REQ_SET_CONFIGURATION: 745 return usbredir_set_config(dev, p, value & 0xff); 746 case DeviceRequest | USB_REQ_GET_CONFIGURATION: 747 return usbredir_get_config(dev, p); 748 case InterfaceOutRequest | USB_REQ_SET_INTERFACE: 749 return usbredir_set_interface(dev, p, index, value); 750 case InterfaceRequest | USB_REQ_GET_INTERFACE: 751 return usbredir_get_interface(dev, p, index); 752 } 753 754 /* "Normal" ctrl requests */ 755 aurb = async_alloc(dev, p); 756 757 /* Note request is (bRequestType << 8) | bRequest */ 758 DPRINTF("ctrl-out type 0x%x req 0x%x val 0x%x index %d len %d id %u\n", 759 request >> 8, request & 0xff, value, index, length, 760 aurb->packet_id); 761 762 control_packet.request = request & 0xFF; 763 control_packet.requesttype = request >> 8; 764 control_packet.endpoint = control_packet.requesttype & USB_DIR_IN; 765 control_packet.value = value; 766 control_packet.index = index; 767 control_packet.length = length; 768 aurb->control_packet = control_packet; 769 770 if (control_packet.requesttype & USB_DIR_IN) { 771 usbredirparser_send_control_packet(dev->parser, aurb->packet_id, 772 &control_packet, NULL, 0); 773 } else { 774 usbredir_log_data(dev, "ctrl data out:", data, length); 775 usbredirparser_send_control_packet(dev->parser, aurb->packet_id, 776 &control_packet, data, length); 777 } 778 usbredirparser_do_write(dev->parser); 779 return USB_RET_ASYNC; 780 } 781 782 /* 783 * Close events can be triggered by usbredirparser_do_write which gets called 784 * from within the USBDevice data / control packet callbacks and doing a 785 * usb_detach from within these callbacks is not a good idea. 786 * 787 * So we use a bh handler to take care of close events. We also handle 788 * open events from this callback to make sure that a close directly followed 789 * by an open gets handled in the right order. 790 */ 791 static void usbredir_open_close_bh(void *opaque) 792 { 793 USBRedirDevice *dev = opaque; 794 uint32_t caps[USB_REDIR_CAPS_SIZE] = { 0, }; 795 796 usbredir_device_disconnect(dev); 797 798 if (dev->parser) { 799 usbredirparser_destroy(dev->parser); 800 dev->parser = NULL; 801 } 802 803 if (dev->cs->opened) { 804 dev->parser = qemu_oom_check(usbredirparser_create()); 805 dev->parser->priv = dev; 806 dev->parser->log_func = usbredir_log; 807 dev->parser->read_func = usbredir_read; 808 dev->parser->write_func = usbredir_write; 809 dev->parser->hello_func = usbredir_hello; 810 dev->parser->device_connect_func = usbredir_device_connect; 811 dev->parser->device_disconnect_func = usbredir_device_disconnect; 812 dev->parser->interface_info_func = usbredir_interface_info; 813 dev->parser->ep_info_func = usbredir_ep_info; 814 dev->parser->configuration_status_func = usbredir_configuration_status; 815 dev->parser->alt_setting_status_func = usbredir_alt_setting_status; 816 dev->parser->iso_stream_status_func = usbredir_iso_stream_status; 817 dev->parser->interrupt_receiving_status_func = 818 usbredir_interrupt_receiving_status; 819 dev->parser->bulk_streams_status_func = usbredir_bulk_streams_status; 820 dev->parser->control_packet_func = usbredir_control_packet; 821 dev->parser->bulk_packet_func = usbredir_bulk_packet; 822 dev->parser->iso_packet_func = usbredir_iso_packet; 823 dev->parser->interrupt_packet_func = usbredir_interrupt_packet; 824 dev->read_buf = NULL; 825 dev->read_buf_size = 0; 826 827 usbredirparser_caps_set_cap(caps, usb_redir_cap_connect_device_version); 828 usbredirparser_caps_set_cap(caps, usb_redir_cap_filter); 829 usbredirparser_init(dev->parser, VERSION, caps, USB_REDIR_CAPS_SIZE, 0); 830 usbredirparser_do_write(dev->parser); 831 } 832 } 833 834 static void usbredir_do_attach(void *opaque) 835 { 836 USBRedirDevice *dev = opaque; 837 838 usb_device_attach(&dev->dev); 839 } 840 841 /* 842 * chardev callbacks 843 */ 844 845 static int usbredir_chardev_can_read(void *opaque) 846 { 847 USBRedirDevice *dev = opaque; 848 849 if (dev->parser) { 850 /* usbredir_parser_do_read will consume *all* data we give it */ 851 return 1024 * 1024; 852 } else { 853 /* usbredir_open_close_bh hasn't handled the open event yet */ 854 return 0; 855 } 856 } 857 858 static void usbredir_chardev_read(void *opaque, const uint8_t *buf, int size) 859 { 860 USBRedirDevice *dev = opaque; 861 862 /* No recursion allowed! */ 863 assert(dev->read_buf == NULL); 864 865 dev->read_buf = buf; 866 dev->read_buf_size = size; 867 868 usbredirparser_do_read(dev->parser); 869 /* Send any acks, etc. which may be queued now */ 870 usbredirparser_do_write(dev->parser); 871 } 872 873 static void usbredir_chardev_event(void *opaque, int event) 874 { 875 USBRedirDevice *dev = opaque; 876 877 switch (event) { 878 case CHR_EVENT_OPENED: 879 case CHR_EVENT_CLOSED: 880 qemu_bh_schedule(dev->open_close_bh); 881 break; 882 } 883 } 884 885 /* 886 * init + destroy 887 */ 888 889 static int usbredir_initfn(USBDevice *udev) 890 { 891 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 892 int i; 893 894 if (dev->cs == NULL) { 895 qerror_report(QERR_MISSING_PARAMETER, "chardev"); 896 return -1; 897 } 898 899 if (dev->filter_str) { 900 i = usbredirfilter_string_to_rules(dev->filter_str, ":", "|", 901 &dev->filter_rules, 902 &dev->filter_rules_count); 903 if (i) { 904 qerror_report(QERR_INVALID_PARAMETER_VALUE, "filter", 905 "a usb device filter string"); 906 return -1; 907 } 908 } 909 910 dev->open_close_bh = qemu_bh_new(usbredir_open_close_bh, dev); 911 dev->attach_timer = qemu_new_timer_ms(vm_clock, usbredir_do_attach, dev); 912 913 QTAILQ_INIT(&dev->asyncq); 914 for (i = 0; i < MAX_ENDPOINTS; i++) { 915 QTAILQ_INIT(&dev->endpoint[i].bufpq); 916 } 917 918 /* We'll do the attach once we receive the speed from the usb-host */ 919 udev->auto_attach = 0; 920 921 /* Let the backend know we are ready */ 922 qemu_chr_fe_open(dev->cs); 923 qemu_chr_add_handlers(dev->cs, usbredir_chardev_can_read, 924 usbredir_chardev_read, usbredir_chardev_event, dev); 925 926 return 0; 927 } 928 929 static void usbredir_cleanup_device_queues(USBRedirDevice *dev) 930 { 931 AsyncURB *aurb, *next_aurb; 932 int i; 933 934 QTAILQ_FOREACH_SAFE(aurb, &dev->asyncq, next, next_aurb) { 935 async_free(dev, aurb); 936 } 937 for (i = 0; i < MAX_ENDPOINTS; i++) { 938 usbredir_free_bufpq(dev, I2EP(i)); 939 } 940 } 941 942 static void usbredir_handle_destroy(USBDevice *udev) 943 { 944 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 945 946 qemu_chr_fe_close(dev->cs); 947 qemu_chr_delete(dev->cs); 948 /* Note must be done after qemu_chr_close, as that causes a close event */ 949 qemu_bh_delete(dev->open_close_bh); 950 951 qemu_del_timer(dev->attach_timer); 952 qemu_free_timer(dev->attach_timer); 953 954 usbredir_cleanup_device_queues(dev); 955 956 if (dev->parser) { 957 usbredirparser_destroy(dev->parser); 958 } 959 960 free(dev->filter_rules); 961 } 962 963 static int usbredir_check_filter(USBRedirDevice *dev) 964 { 965 if (dev->interface_info.interface_count == 0) { 966 ERROR("No interface info for device\n"); 967 goto error; 968 } 969 970 if (dev->filter_rules) { 971 if (!usbredirparser_peer_has_cap(dev->parser, 972 usb_redir_cap_connect_device_version)) { 973 ERROR("Device filter specified and peer does not have the " 974 "connect_device_version capability\n"); 975 goto error; 976 } 977 978 if (usbredirfilter_check( 979 dev->filter_rules, 980 dev->filter_rules_count, 981 dev->device_info.device_class, 982 dev->device_info.device_subclass, 983 dev->device_info.device_protocol, 984 dev->interface_info.interface_class, 985 dev->interface_info.interface_subclass, 986 dev->interface_info.interface_protocol, 987 dev->interface_info.interface_count, 988 dev->device_info.vendor_id, 989 dev->device_info.product_id, 990 dev->device_info.device_version_bcd, 991 0) != 0) { 992 goto error; 993 } 994 } 995 996 return 0; 997 998 error: 999 usbredir_device_disconnect(dev); 1000 if (usbredirparser_peer_has_cap(dev->parser, usb_redir_cap_filter)) { 1001 usbredirparser_send_filter_reject(dev->parser); 1002 usbredirparser_do_write(dev->parser); 1003 } 1004 return -1; 1005 } 1006 1007 /* 1008 * usbredirparser packet complete callbacks 1009 */ 1010 1011 static int usbredir_handle_status(USBRedirDevice *dev, 1012 int status, int actual_len) 1013 { 1014 switch (status) { 1015 case usb_redir_success: 1016 return actual_len; 1017 case usb_redir_stall: 1018 return USB_RET_STALL; 1019 case usb_redir_cancelled: 1020 WARNING("returning cancelled packet to HC?\n"); 1021 return USB_RET_NAK; 1022 case usb_redir_inval: 1023 WARNING("got invalid param error from usb-host?\n"); 1024 return USB_RET_NAK; 1025 case usb_redir_ioerror: 1026 case usb_redir_timeout: 1027 default: 1028 return USB_RET_IOERROR; 1029 } 1030 } 1031 1032 static void usbredir_hello(void *priv, struct usb_redir_hello_header *h) 1033 { 1034 USBRedirDevice *dev = priv; 1035 1036 /* Try to send the filter info now that we've the usb-host's caps */ 1037 if (usbredirparser_peer_has_cap(dev->parser, usb_redir_cap_filter) && 1038 dev->filter_rules) { 1039 usbredirparser_send_filter_filter(dev->parser, dev->filter_rules, 1040 dev->filter_rules_count); 1041 usbredirparser_do_write(dev->parser); 1042 } 1043 } 1044 1045 static void usbredir_device_connect(void *priv, 1046 struct usb_redir_device_connect_header *device_connect) 1047 { 1048 USBRedirDevice *dev = priv; 1049 const char *speed; 1050 1051 if (qemu_timer_pending(dev->attach_timer) || dev->dev.attached) { 1052 ERROR("Received device connect while already connected\n"); 1053 return; 1054 } 1055 1056 switch (device_connect->speed) { 1057 case usb_redir_speed_low: 1058 speed = "low speed"; 1059 dev->dev.speed = USB_SPEED_LOW; 1060 break; 1061 case usb_redir_speed_full: 1062 speed = "full speed"; 1063 dev->dev.speed = USB_SPEED_FULL; 1064 break; 1065 case usb_redir_speed_high: 1066 speed = "high speed"; 1067 dev->dev.speed = USB_SPEED_HIGH; 1068 break; 1069 case usb_redir_speed_super: 1070 speed = "super speed"; 1071 dev->dev.speed = USB_SPEED_SUPER; 1072 break; 1073 default: 1074 speed = "unknown speed"; 1075 dev->dev.speed = USB_SPEED_FULL; 1076 } 1077 1078 if (usbredirparser_peer_has_cap(dev->parser, 1079 usb_redir_cap_connect_device_version)) { 1080 INFO("attaching %s device %04x:%04x version %d.%d class %02x\n", 1081 speed, device_connect->vendor_id, device_connect->product_id, 1082 ((device_connect->device_version_bcd & 0xf000) >> 12) * 10 + 1083 ((device_connect->device_version_bcd & 0x0f00) >> 8), 1084 ((device_connect->device_version_bcd & 0x00f0) >> 4) * 10 + 1085 ((device_connect->device_version_bcd & 0x000f) >> 0), 1086 device_connect->device_class); 1087 } else { 1088 INFO("attaching %s device %04x:%04x class %02x\n", speed, 1089 device_connect->vendor_id, device_connect->product_id, 1090 device_connect->device_class); 1091 } 1092 1093 dev->dev.speedmask = (1 << dev->dev.speed); 1094 dev->device_info = *device_connect; 1095 1096 if (usbredir_check_filter(dev)) { 1097 WARNING("Device %04x:%04x rejected by device filter, not attaching\n", 1098 device_connect->vendor_id, device_connect->product_id); 1099 return; 1100 } 1101 1102 qemu_mod_timer(dev->attach_timer, dev->next_attach_time); 1103 } 1104 1105 static void usbredir_device_disconnect(void *priv) 1106 { 1107 USBRedirDevice *dev = priv; 1108 int i; 1109 1110 /* Stop any pending attaches */ 1111 qemu_del_timer(dev->attach_timer); 1112 1113 if (dev->dev.attached) { 1114 usb_device_detach(&dev->dev); 1115 /* 1116 * Delay next usb device attach to give the guest a chance to see 1117 * see the detach / attach in case of quick close / open succession 1118 */ 1119 dev->next_attach_time = qemu_get_clock_ms(vm_clock) + 200; 1120 } 1121 1122 /* Reset state so that the next dev connected starts with a clean slate */ 1123 usbredir_cleanup_device_queues(dev); 1124 memset(dev->endpoint, 0, sizeof(dev->endpoint)); 1125 for (i = 0; i < MAX_ENDPOINTS; i++) { 1126 QTAILQ_INIT(&dev->endpoint[i].bufpq); 1127 } 1128 usb_ep_init(&dev->dev); 1129 dev->interface_info.interface_count = 0; 1130 } 1131 1132 static void usbredir_interface_info(void *priv, 1133 struct usb_redir_interface_info_header *interface_info) 1134 { 1135 USBRedirDevice *dev = priv; 1136 1137 dev->interface_info = *interface_info; 1138 1139 /* 1140 * If we receive interface info after the device has already been 1141 * connected (ie on a set_config), re-check the filter. 1142 */ 1143 if (qemu_timer_pending(dev->attach_timer) || dev->dev.attached) { 1144 if (usbredir_check_filter(dev)) { 1145 ERROR("Device no longer matches filter after interface info " 1146 "change, disconnecting!\n"); 1147 } 1148 } 1149 } 1150 1151 static void usbredir_ep_info(void *priv, 1152 struct usb_redir_ep_info_header *ep_info) 1153 { 1154 USBRedirDevice *dev = priv; 1155 struct USBEndpoint *usb_ep; 1156 int i; 1157 1158 for (i = 0; i < MAX_ENDPOINTS; i++) { 1159 dev->endpoint[i].type = ep_info->type[i]; 1160 dev->endpoint[i].interval = ep_info->interval[i]; 1161 dev->endpoint[i].interface = ep_info->interface[i]; 1162 switch (dev->endpoint[i].type) { 1163 case usb_redir_type_invalid: 1164 break; 1165 case usb_redir_type_iso: 1166 case usb_redir_type_interrupt: 1167 if (dev->endpoint[i].interval == 0) { 1168 ERROR("Received 0 interval for isoc or irq endpoint\n"); 1169 usbredir_device_disconnect(dev); 1170 } 1171 /* Fall through */ 1172 case usb_redir_type_control: 1173 case usb_redir_type_bulk: 1174 DPRINTF("ep: %02X type: %d interface: %d\n", I2EP(i), 1175 dev->endpoint[i].type, dev->endpoint[i].interface); 1176 break; 1177 default: 1178 ERROR("Received invalid endpoint type\n"); 1179 usbredir_device_disconnect(dev); 1180 return; 1181 } 1182 usb_ep = usb_ep_get(&dev->dev, 1183 (i & 0x10) ? USB_TOKEN_IN : USB_TOKEN_OUT, 1184 i & 0x0f); 1185 usb_ep->type = dev->endpoint[i].type; 1186 usb_ep->ifnum = dev->endpoint[i].interface; 1187 } 1188 } 1189 1190 static void usbredir_configuration_status(void *priv, uint32_t id, 1191 struct usb_redir_configuration_status_header *config_status) 1192 { 1193 USBRedirDevice *dev = priv; 1194 AsyncURB *aurb; 1195 int len = 0; 1196 1197 DPRINTF("set config status %d config %d id %u\n", config_status->status, 1198 config_status->configuration, id); 1199 1200 aurb = async_find(dev, id); 1201 if (!aurb) { 1202 return; 1203 } 1204 if (aurb->packet) { 1205 if (aurb->get) { 1206 dev->dev.data_buf[0] = config_status->configuration; 1207 len = 1; 1208 } 1209 aurb->packet->result = 1210 usbredir_handle_status(dev, config_status->status, len); 1211 usb_generic_async_ctrl_complete(&dev->dev, aurb->packet); 1212 } 1213 async_free(dev, aurb); 1214 } 1215 1216 static void usbredir_alt_setting_status(void *priv, uint32_t id, 1217 struct usb_redir_alt_setting_status_header *alt_setting_status) 1218 { 1219 USBRedirDevice *dev = priv; 1220 AsyncURB *aurb; 1221 int len = 0; 1222 1223 DPRINTF("alt status %d intf %d alt %d id: %u\n", 1224 alt_setting_status->status, 1225 alt_setting_status->interface, 1226 alt_setting_status->alt, id); 1227 1228 aurb = async_find(dev, id); 1229 if (!aurb) { 1230 return; 1231 } 1232 if (aurb->packet) { 1233 if (aurb->get) { 1234 dev->dev.data_buf[0] = alt_setting_status->alt; 1235 len = 1; 1236 } 1237 aurb->packet->result = 1238 usbredir_handle_status(dev, alt_setting_status->status, len); 1239 usb_generic_async_ctrl_complete(&dev->dev, aurb->packet); 1240 } 1241 async_free(dev, aurb); 1242 } 1243 1244 static void usbredir_iso_stream_status(void *priv, uint32_t id, 1245 struct usb_redir_iso_stream_status_header *iso_stream_status) 1246 { 1247 USBRedirDevice *dev = priv; 1248 uint8_t ep = iso_stream_status->endpoint; 1249 1250 DPRINTF("iso status %d ep %02X id %u\n", iso_stream_status->status, 1251 ep, id); 1252 1253 if (!dev->dev.attached || !dev->endpoint[EP2I(ep)].iso_started) { 1254 return; 1255 } 1256 1257 dev->endpoint[EP2I(ep)].iso_error = iso_stream_status->status; 1258 if (iso_stream_status->status == usb_redir_stall) { 1259 DPRINTF("iso stream stopped by peer ep %02X\n", ep); 1260 dev->endpoint[EP2I(ep)].iso_started = 0; 1261 } 1262 } 1263 1264 static void usbredir_interrupt_receiving_status(void *priv, uint32_t id, 1265 struct usb_redir_interrupt_receiving_status_header 1266 *interrupt_receiving_status) 1267 { 1268 USBRedirDevice *dev = priv; 1269 uint8_t ep = interrupt_receiving_status->endpoint; 1270 1271 DPRINTF("interrupt recv status %d ep %02X id %u\n", 1272 interrupt_receiving_status->status, ep, id); 1273 1274 if (!dev->dev.attached || !dev->endpoint[EP2I(ep)].interrupt_started) { 1275 return; 1276 } 1277 1278 dev->endpoint[EP2I(ep)].interrupt_error = 1279 interrupt_receiving_status->status; 1280 if (interrupt_receiving_status->status == usb_redir_stall) { 1281 DPRINTF("interrupt receiving stopped by peer ep %02X\n", ep); 1282 dev->endpoint[EP2I(ep)].interrupt_started = 0; 1283 } 1284 } 1285 1286 static void usbredir_bulk_streams_status(void *priv, uint32_t id, 1287 struct usb_redir_bulk_streams_status_header *bulk_streams_status) 1288 { 1289 } 1290 1291 static void usbredir_control_packet(void *priv, uint32_t id, 1292 struct usb_redir_control_packet_header *control_packet, 1293 uint8_t *data, int data_len) 1294 { 1295 USBRedirDevice *dev = priv; 1296 int len = control_packet->length; 1297 AsyncURB *aurb; 1298 1299 DPRINTF("ctrl-in status %d len %d id %u\n", control_packet->status, 1300 len, id); 1301 1302 aurb = async_find(dev, id); 1303 if (!aurb) { 1304 free(data); 1305 return; 1306 } 1307 1308 aurb->control_packet.status = control_packet->status; 1309 aurb->control_packet.length = control_packet->length; 1310 if (memcmp(&aurb->control_packet, control_packet, 1311 sizeof(*control_packet))) { 1312 ERROR("return control packet mismatch, please report this!\n"); 1313 len = USB_RET_NAK; 1314 } 1315 1316 if (aurb->packet) { 1317 len = usbredir_handle_status(dev, control_packet->status, len); 1318 if (len > 0) { 1319 usbredir_log_data(dev, "ctrl data in:", data, data_len); 1320 if (data_len <= sizeof(dev->dev.data_buf)) { 1321 memcpy(dev->dev.data_buf, data, data_len); 1322 } else { 1323 ERROR("ctrl buffer too small (%d > %zu)\n", 1324 data_len, sizeof(dev->dev.data_buf)); 1325 len = USB_RET_STALL; 1326 } 1327 } 1328 aurb->packet->result = len; 1329 usb_generic_async_ctrl_complete(&dev->dev, aurb->packet); 1330 } 1331 async_free(dev, aurb); 1332 free(data); 1333 } 1334 1335 static void usbredir_bulk_packet(void *priv, uint32_t id, 1336 struct usb_redir_bulk_packet_header *bulk_packet, 1337 uint8_t *data, int data_len) 1338 { 1339 USBRedirDevice *dev = priv; 1340 uint8_t ep = bulk_packet->endpoint; 1341 int len = bulk_packet->length; 1342 AsyncURB *aurb; 1343 1344 DPRINTF("bulk-in status %d ep %02X len %d id %u\n", bulk_packet->status, 1345 ep, len, id); 1346 1347 aurb = async_find(dev, id); 1348 if (!aurb) { 1349 free(data); 1350 return; 1351 } 1352 1353 if (aurb->bulk_packet.endpoint != bulk_packet->endpoint || 1354 aurb->bulk_packet.stream_id != bulk_packet->stream_id) { 1355 ERROR("return bulk packet mismatch, please report this!\n"); 1356 len = USB_RET_NAK; 1357 } 1358 1359 if (aurb->packet) { 1360 len = usbredir_handle_status(dev, bulk_packet->status, len); 1361 if (len > 0) { 1362 usbredir_log_data(dev, "bulk data in:", data, data_len); 1363 if (data_len <= aurb->packet->iov.size) { 1364 usb_packet_copy(aurb->packet, data, data_len); 1365 } else { 1366 ERROR("bulk buffer too small (%d > %zd)\n", data_len, 1367 aurb->packet->iov.size); 1368 len = USB_RET_STALL; 1369 } 1370 } 1371 aurb->packet->result = len; 1372 usb_packet_complete(&dev->dev, aurb->packet); 1373 } 1374 async_free(dev, aurb); 1375 free(data); 1376 } 1377 1378 static void usbredir_iso_packet(void *priv, uint32_t id, 1379 struct usb_redir_iso_packet_header *iso_packet, 1380 uint8_t *data, int data_len) 1381 { 1382 USBRedirDevice *dev = priv; 1383 uint8_t ep = iso_packet->endpoint; 1384 1385 DPRINTF2("iso-in status %d ep %02X len %d id %u\n", iso_packet->status, ep, 1386 data_len, id); 1387 1388 if (dev->endpoint[EP2I(ep)].type != USB_ENDPOINT_XFER_ISOC) { 1389 ERROR("received iso packet for non iso endpoint %02X\n", ep); 1390 free(data); 1391 return; 1392 } 1393 1394 if (dev->endpoint[EP2I(ep)].iso_started == 0) { 1395 DPRINTF("received iso packet for non started stream ep %02X\n", ep); 1396 free(data); 1397 return; 1398 } 1399 1400 /* bufp_alloc also adds the packet to the ep queue */ 1401 bufp_alloc(dev, data, data_len, iso_packet->status, ep); 1402 } 1403 1404 static void usbredir_interrupt_packet(void *priv, uint32_t id, 1405 struct usb_redir_interrupt_packet_header *interrupt_packet, 1406 uint8_t *data, int data_len) 1407 { 1408 USBRedirDevice *dev = priv; 1409 uint8_t ep = interrupt_packet->endpoint; 1410 1411 DPRINTF("interrupt-in status %d ep %02X len %d id %u\n", 1412 interrupt_packet->status, ep, data_len, id); 1413 1414 if (dev->endpoint[EP2I(ep)].type != USB_ENDPOINT_XFER_INT) { 1415 ERROR("received int packet for non interrupt endpoint %02X\n", ep); 1416 free(data); 1417 return; 1418 } 1419 1420 if (ep & USB_DIR_IN) { 1421 if (dev->endpoint[EP2I(ep)].interrupt_started == 0) { 1422 DPRINTF("received int packet while not started ep %02X\n", ep); 1423 free(data); 1424 return; 1425 } 1426 1427 /* bufp_alloc also adds the packet to the ep queue */ 1428 bufp_alloc(dev, data, data_len, interrupt_packet->status, ep); 1429 } else { 1430 int len = interrupt_packet->length; 1431 1432 AsyncURB *aurb = async_find(dev, id); 1433 if (!aurb) { 1434 return; 1435 } 1436 1437 if (aurb->interrupt_packet.endpoint != interrupt_packet->endpoint) { 1438 ERROR("return int packet mismatch, please report this!\n"); 1439 len = USB_RET_NAK; 1440 } 1441 1442 if (aurb->packet) { 1443 aurb->packet->result = usbredir_handle_status(dev, 1444 interrupt_packet->status, len); 1445 usb_packet_complete(&dev->dev, aurb->packet); 1446 } 1447 async_free(dev, aurb); 1448 } 1449 } 1450 1451 static Property usbredir_properties[] = { 1452 DEFINE_PROP_CHR("chardev", USBRedirDevice, cs), 1453 DEFINE_PROP_UINT8("debug", USBRedirDevice, debug, 0), 1454 DEFINE_PROP_STRING("filter", USBRedirDevice, filter_str), 1455 DEFINE_PROP_END_OF_LIST(), 1456 }; 1457 1458 static void usbredir_class_initfn(ObjectClass *klass, void *data) 1459 { 1460 USBDeviceClass *uc = USB_DEVICE_CLASS(klass); 1461 DeviceClass *dc = DEVICE_CLASS(klass); 1462 1463 uc->init = usbredir_initfn; 1464 uc->product_desc = "USB Redirection Device"; 1465 uc->handle_destroy = usbredir_handle_destroy; 1466 uc->cancel_packet = usbredir_cancel_packet; 1467 uc->handle_reset = usbredir_handle_reset; 1468 uc->handle_data = usbredir_handle_data; 1469 uc->handle_control = usbredir_handle_control; 1470 dc->props = usbredir_properties; 1471 } 1472 1473 static TypeInfo usbredir_dev_info = { 1474 .name = "usb-redir", 1475 .parent = TYPE_USB_DEVICE, 1476 .instance_size = sizeof(USBRedirDevice), 1477 .class_init = usbredir_class_initfn, 1478 }; 1479 1480 static void usbredir_register_types(void) 1481 { 1482 type_register_static(&usbredir_dev_info); 1483 } 1484 1485 type_init(usbredir_register_types) 1486