1 /* 2 * USB Mass Storage Device emulation 3 * 4 * Copyright (c) 2006 CodeSourcery. 5 * Written by Paul Brook 6 * 7 * This code is licensed under the LGPL. 8 */ 9 10 #include "qemu-common.h" 11 #include "qemu/option.h" 12 #include "qemu/config-file.h" 13 #include "hw/usb.h" 14 #include "hw/usb/desc.h" 15 #include "hw/scsi/scsi.h" 16 #include "ui/console.h" 17 #include "monitor/monitor.h" 18 #include "sysemu/sysemu.h" 19 #include "sysemu/blockdev.h" 20 21 //#define DEBUG_MSD 22 23 #ifdef DEBUG_MSD 24 #define DPRINTF(fmt, ...) \ 25 do { printf("usb-msd: " fmt , ## __VA_ARGS__); } while (0) 26 #else 27 #define DPRINTF(fmt, ...) do {} while(0) 28 #endif 29 30 /* USB requests. */ 31 #define MassStorageReset 0xff 32 #define GetMaxLun 0xfe 33 34 enum USBMSDMode { 35 USB_MSDM_CBW, /* Command Block. */ 36 USB_MSDM_DATAOUT, /* Transfer data to device. */ 37 USB_MSDM_DATAIN, /* Transfer data from device. */ 38 USB_MSDM_CSW /* Command Status. */ 39 }; 40 41 struct usb_msd_csw { 42 uint32_t sig; 43 uint32_t tag; 44 uint32_t residue; 45 uint8_t status; 46 }; 47 48 typedef struct { 49 USBDevice dev; 50 enum USBMSDMode mode; 51 uint32_t scsi_off; 52 uint32_t scsi_len; 53 uint32_t data_len; 54 struct usb_msd_csw csw; 55 SCSIRequest *req; 56 SCSIBus bus; 57 /* For async completion. */ 58 USBPacket *packet; 59 /* usb-storage only */ 60 BlockConf conf; 61 char *serial; 62 uint32_t removable; 63 } MSDState; 64 65 struct usb_msd_cbw { 66 uint32_t sig; 67 uint32_t tag; 68 uint32_t data_len; 69 uint8_t flags; 70 uint8_t lun; 71 uint8_t cmd_len; 72 uint8_t cmd[16]; 73 }; 74 75 enum { 76 STR_MANUFACTURER = 1, 77 STR_PRODUCT, 78 STR_SERIALNUMBER, 79 STR_CONFIG_FULL, 80 STR_CONFIG_HIGH, 81 STR_CONFIG_SUPER, 82 }; 83 84 static const USBDescStrings desc_strings = { 85 [STR_MANUFACTURER] = "QEMU", 86 [STR_PRODUCT] = "QEMU USB HARDDRIVE", 87 [STR_SERIALNUMBER] = "1", 88 [STR_CONFIG_FULL] = "Full speed config (usb 1.1)", 89 [STR_CONFIG_HIGH] = "High speed config (usb 2.0)", 90 [STR_CONFIG_SUPER] = "Super speed config (usb 3.0)", 91 }; 92 93 static const USBDescIface desc_iface_full = { 94 .bInterfaceNumber = 0, 95 .bNumEndpoints = 2, 96 .bInterfaceClass = USB_CLASS_MASS_STORAGE, 97 .bInterfaceSubClass = 0x06, /* SCSI */ 98 .bInterfaceProtocol = 0x50, /* Bulk */ 99 .eps = (USBDescEndpoint[]) { 100 { 101 .bEndpointAddress = USB_DIR_IN | 0x01, 102 .bmAttributes = USB_ENDPOINT_XFER_BULK, 103 .wMaxPacketSize = 64, 104 },{ 105 .bEndpointAddress = USB_DIR_OUT | 0x02, 106 .bmAttributes = USB_ENDPOINT_XFER_BULK, 107 .wMaxPacketSize = 64, 108 }, 109 } 110 }; 111 112 static const USBDescDevice desc_device_full = { 113 .bcdUSB = 0x0200, 114 .bMaxPacketSize0 = 8, 115 .bNumConfigurations = 1, 116 .confs = (USBDescConfig[]) { 117 { 118 .bNumInterfaces = 1, 119 .bConfigurationValue = 1, 120 .iConfiguration = STR_CONFIG_FULL, 121 .bmAttributes = 0xc0, 122 .nif = 1, 123 .ifs = &desc_iface_full, 124 }, 125 }, 126 }; 127 128 static const USBDescIface desc_iface_high = { 129 .bInterfaceNumber = 0, 130 .bNumEndpoints = 2, 131 .bInterfaceClass = USB_CLASS_MASS_STORAGE, 132 .bInterfaceSubClass = 0x06, /* SCSI */ 133 .bInterfaceProtocol = 0x50, /* Bulk */ 134 .eps = (USBDescEndpoint[]) { 135 { 136 .bEndpointAddress = USB_DIR_IN | 0x01, 137 .bmAttributes = USB_ENDPOINT_XFER_BULK, 138 .wMaxPacketSize = 512, 139 },{ 140 .bEndpointAddress = USB_DIR_OUT | 0x02, 141 .bmAttributes = USB_ENDPOINT_XFER_BULK, 142 .wMaxPacketSize = 512, 143 }, 144 } 145 }; 146 147 static const USBDescDevice desc_device_high = { 148 .bcdUSB = 0x0200, 149 .bMaxPacketSize0 = 64, 150 .bNumConfigurations = 1, 151 .confs = (USBDescConfig[]) { 152 { 153 .bNumInterfaces = 1, 154 .bConfigurationValue = 1, 155 .iConfiguration = STR_CONFIG_HIGH, 156 .bmAttributes = 0xc0, 157 .nif = 1, 158 .ifs = &desc_iface_high, 159 }, 160 }, 161 }; 162 163 static const USBDescIface desc_iface_super = { 164 .bInterfaceNumber = 0, 165 .bNumEndpoints = 2, 166 .bInterfaceClass = USB_CLASS_MASS_STORAGE, 167 .bInterfaceSubClass = 0x06, /* SCSI */ 168 .bInterfaceProtocol = 0x50, /* Bulk */ 169 .eps = (USBDescEndpoint[]) { 170 { 171 .bEndpointAddress = USB_DIR_IN | 0x01, 172 .bmAttributes = USB_ENDPOINT_XFER_BULK, 173 .wMaxPacketSize = 1024, 174 .bMaxBurst = 15, 175 },{ 176 .bEndpointAddress = USB_DIR_OUT | 0x02, 177 .bmAttributes = USB_ENDPOINT_XFER_BULK, 178 .wMaxPacketSize = 1024, 179 .bMaxBurst = 15, 180 }, 181 } 182 }; 183 184 static const USBDescDevice desc_device_super = { 185 .bcdUSB = 0x0300, 186 .bMaxPacketSize0 = 9, 187 .bNumConfigurations = 1, 188 .confs = (USBDescConfig[]) { 189 { 190 .bNumInterfaces = 1, 191 .bConfigurationValue = 1, 192 .iConfiguration = STR_CONFIG_SUPER, 193 .bmAttributes = 0xc0, 194 .nif = 1, 195 .ifs = &desc_iface_super, 196 }, 197 }, 198 }; 199 200 static const USBDesc desc = { 201 .id = { 202 .idVendor = 0x46f4, /* CRC16() of "QEMU" */ 203 .idProduct = 0x0001, 204 .bcdDevice = 0, 205 .iManufacturer = STR_MANUFACTURER, 206 .iProduct = STR_PRODUCT, 207 .iSerialNumber = STR_SERIALNUMBER, 208 }, 209 .full = &desc_device_full, 210 .high = &desc_device_high, 211 .super = &desc_device_super, 212 .str = desc_strings, 213 }; 214 215 static void usb_msd_copy_data(MSDState *s, USBPacket *p) 216 { 217 uint32_t len; 218 len = p->iov.size - p->actual_length; 219 if (len > s->scsi_len) 220 len = s->scsi_len; 221 usb_packet_copy(p, scsi_req_get_buf(s->req) + s->scsi_off, len); 222 s->scsi_len -= len; 223 s->scsi_off += len; 224 s->data_len -= len; 225 if (s->scsi_len == 0 || s->data_len == 0) { 226 scsi_req_continue(s->req); 227 } 228 } 229 230 static void usb_msd_send_status(MSDState *s, USBPacket *p) 231 { 232 int len; 233 234 DPRINTF("Command status %d tag 0x%x, len %zd\n", 235 s->csw.status, le32_to_cpu(s->csw.tag), p->iov.size); 236 237 assert(s->csw.sig == cpu_to_le32(0x53425355)); 238 len = MIN(sizeof(s->csw), p->iov.size); 239 usb_packet_copy(p, &s->csw, len); 240 memset(&s->csw, 0, sizeof(s->csw)); 241 } 242 243 static void usb_msd_packet_complete(MSDState *s) 244 { 245 USBPacket *p = s->packet; 246 247 /* Set s->packet to NULL before calling usb_packet_complete 248 because another request may be issued before 249 usb_packet_complete returns. */ 250 DPRINTF("Packet complete %p\n", p); 251 s->packet = NULL; 252 usb_packet_complete(&s->dev, p); 253 } 254 255 static void usb_msd_transfer_data(SCSIRequest *req, uint32_t len) 256 { 257 MSDState *s = DO_UPCAST(MSDState, dev.qdev, req->bus->qbus.parent); 258 USBPacket *p = s->packet; 259 260 assert((s->mode == USB_MSDM_DATAOUT) == (req->cmd.mode == SCSI_XFER_TO_DEV)); 261 s->scsi_len = len; 262 s->scsi_off = 0; 263 if (p) { 264 usb_msd_copy_data(s, p); 265 p = s->packet; 266 if (p && p->actual_length == p->iov.size) { 267 p->status = USB_RET_SUCCESS; /* Clear previous ASYNC status */ 268 usb_msd_packet_complete(s); 269 } 270 } 271 } 272 273 static void usb_msd_command_complete(SCSIRequest *req, uint32_t status, size_t resid) 274 { 275 MSDState *s = DO_UPCAST(MSDState, dev.qdev, req->bus->qbus.parent); 276 USBPacket *p = s->packet; 277 278 DPRINTF("Command complete %d tag 0x%x\n", status, req->tag); 279 280 s->csw.sig = cpu_to_le32(0x53425355); 281 s->csw.tag = cpu_to_le32(req->tag); 282 s->csw.residue = cpu_to_le32(s->data_len); 283 s->csw.status = status != 0; 284 285 if (s->packet) { 286 if (s->data_len == 0 && s->mode == USB_MSDM_DATAOUT) { 287 /* A deferred packet with no write data remaining must be 288 the status read packet. */ 289 usb_msd_send_status(s, p); 290 s->mode = USB_MSDM_CBW; 291 } else if (s->mode == USB_MSDM_CSW) { 292 usb_msd_send_status(s, p); 293 s->mode = USB_MSDM_CBW; 294 } else { 295 if (s->data_len) { 296 int len = (p->iov.size - p->actual_length); 297 usb_packet_skip(p, len); 298 s->data_len -= len; 299 } 300 if (s->data_len == 0) { 301 s->mode = USB_MSDM_CSW; 302 } 303 } 304 p->status = USB_RET_SUCCESS; /* Clear previous ASYNC status */ 305 usb_msd_packet_complete(s); 306 } else if (s->data_len == 0) { 307 s->mode = USB_MSDM_CSW; 308 } 309 scsi_req_unref(req); 310 s->req = NULL; 311 } 312 313 static void usb_msd_request_cancelled(SCSIRequest *req) 314 { 315 MSDState *s = DO_UPCAST(MSDState, dev.qdev, req->bus->qbus.parent); 316 317 if (req == s->req) { 318 scsi_req_unref(s->req); 319 s->req = NULL; 320 s->scsi_len = 0; 321 } 322 } 323 324 static void usb_msd_handle_reset(USBDevice *dev) 325 { 326 MSDState *s = (MSDState *)dev; 327 328 DPRINTF("Reset\n"); 329 if (s->req) { 330 scsi_req_cancel(s->req); 331 } 332 assert(s->req == NULL); 333 334 if (s->packet) { 335 s->packet->status = USB_RET_STALL; 336 usb_msd_packet_complete(s); 337 } 338 339 s->mode = USB_MSDM_CBW; 340 } 341 342 static void usb_msd_handle_control(USBDevice *dev, USBPacket *p, 343 int request, int value, int index, int length, uint8_t *data) 344 { 345 MSDState *s = (MSDState *)dev; 346 SCSIDevice *scsi_dev; 347 int ret, maxlun; 348 349 ret = usb_desc_handle_control(dev, p, request, value, index, length, data); 350 if (ret >= 0) { 351 return; 352 } 353 354 switch (request) { 355 case EndpointOutRequest | USB_REQ_CLEAR_FEATURE: 356 break; 357 /* Class specific requests. */ 358 case ClassInterfaceOutRequest | MassStorageReset: 359 /* Reset state ready for the next CBW. */ 360 s->mode = USB_MSDM_CBW; 361 break; 362 case ClassInterfaceRequest | GetMaxLun: 363 maxlun = 0; 364 for (;;) { 365 scsi_dev = scsi_device_find(&s->bus, 0, 0, maxlun+1); 366 if (scsi_dev == NULL) { 367 break; 368 } 369 if (scsi_dev->lun != maxlun+1) { 370 break; 371 } 372 maxlun++; 373 } 374 DPRINTF("MaxLun %d\n", maxlun); 375 data[0] = maxlun; 376 p->actual_length = 1; 377 break; 378 default: 379 p->status = USB_RET_STALL; 380 break; 381 } 382 } 383 384 static void usb_msd_cancel_io(USBDevice *dev, USBPacket *p) 385 { 386 MSDState *s = DO_UPCAST(MSDState, dev, dev); 387 388 assert(s->packet == p); 389 s->packet = NULL; 390 391 if (s->req) { 392 scsi_req_cancel(s->req); 393 } 394 } 395 396 static void usb_msd_handle_data(USBDevice *dev, USBPacket *p) 397 { 398 MSDState *s = (MSDState *)dev; 399 uint32_t tag; 400 struct usb_msd_cbw cbw; 401 uint8_t devep = p->ep->nr; 402 SCSIDevice *scsi_dev; 403 uint32_t len; 404 405 switch (p->pid) { 406 case USB_TOKEN_OUT: 407 if (devep != 2) 408 goto fail; 409 410 switch (s->mode) { 411 case USB_MSDM_CBW: 412 if (p->iov.size != 31) { 413 fprintf(stderr, "usb-msd: Bad CBW size"); 414 goto fail; 415 } 416 usb_packet_copy(p, &cbw, 31); 417 if (le32_to_cpu(cbw.sig) != 0x43425355) { 418 fprintf(stderr, "usb-msd: Bad signature %08x\n", 419 le32_to_cpu(cbw.sig)); 420 goto fail; 421 } 422 DPRINTF("Command on LUN %d\n", cbw.lun); 423 scsi_dev = scsi_device_find(&s->bus, 0, 0, cbw.lun); 424 if (scsi_dev == NULL) { 425 fprintf(stderr, "usb-msd: Bad LUN %d\n", cbw.lun); 426 goto fail; 427 } 428 tag = le32_to_cpu(cbw.tag); 429 s->data_len = le32_to_cpu(cbw.data_len); 430 if (s->data_len == 0) { 431 s->mode = USB_MSDM_CSW; 432 } else if (cbw.flags & 0x80) { 433 s->mode = USB_MSDM_DATAIN; 434 } else { 435 s->mode = USB_MSDM_DATAOUT; 436 } 437 DPRINTF("Command tag 0x%x flags %08x len %d data %d\n", 438 tag, cbw.flags, cbw.cmd_len, s->data_len); 439 assert(le32_to_cpu(s->csw.residue) == 0); 440 s->scsi_len = 0; 441 s->req = scsi_req_new(scsi_dev, tag, cbw.lun, cbw.cmd, NULL); 442 #ifdef DEBUG_MSD 443 scsi_req_print(s->req); 444 #endif 445 len = scsi_req_enqueue(s->req); 446 if (len) { 447 scsi_req_continue(s->req); 448 } 449 break; 450 451 case USB_MSDM_DATAOUT: 452 DPRINTF("Data out %zd/%d\n", p->iov.size, s->data_len); 453 if (p->iov.size > s->data_len) { 454 goto fail; 455 } 456 457 if (s->scsi_len) { 458 usb_msd_copy_data(s, p); 459 } 460 if (le32_to_cpu(s->csw.residue)) { 461 int len = p->iov.size - p->actual_length; 462 if (len) { 463 usb_packet_skip(p, len); 464 s->data_len -= len; 465 if (s->data_len == 0) { 466 s->mode = USB_MSDM_CSW; 467 } 468 } 469 } 470 if (p->actual_length < p->iov.size) { 471 DPRINTF("Deferring packet %p [wait data-out]\n", p); 472 s->packet = p; 473 p->status = USB_RET_ASYNC; 474 } 475 break; 476 477 default: 478 DPRINTF("Unexpected write (len %zd)\n", p->iov.size); 479 goto fail; 480 } 481 break; 482 483 case USB_TOKEN_IN: 484 if (devep != 1) 485 goto fail; 486 487 switch (s->mode) { 488 case USB_MSDM_DATAOUT: 489 if (s->data_len != 0 || p->iov.size < 13) { 490 goto fail; 491 } 492 /* Waiting for SCSI write to complete. */ 493 s->packet = p; 494 p->status = USB_RET_ASYNC; 495 break; 496 497 case USB_MSDM_CSW: 498 if (p->iov.size < 13) { 499 goto fail; 500 } 501 502 if (s->req) { 503 /* still in flight */ 504 DPRINTF("Deferring packet %p [wait status]\n", p); 505 s->packet = p; 506 p->status = USB_RET_ASYNC; 507 } else { 508 usb_msd_send_status(s, p); 509 s->mode = USB_MSDM_CBW; 510 } 511 break; 512 513 case USB_MSDM_DATAIN: 514 DPRINTF("Data in %zd/%d, scsi_len %d\n", 515 p->iov.size, s->data_len, s->scsi_len); 516 if (s->scsi_len) { 517 usb_msd_copy_data(s, p); 518 } 519 if (le32_to_cpu(s->csw.residue)) { 520 int len = p->iov.size - p->actual_length; 521 if (len) { 522 usb_packet_skip(p, len); 523 s->data_len -= len; 524 if (s->data_len == 0) { 525 s->mode = USB_MSDM_CSW; 526 } 527 } 528 } 529 if (p->actual_length < p->iov.size) { 530 DPRINTF("Deferring packet %p [wait data-in]\n", p); 531 s->packet = p; 532 p->status = USB_RET_ASYNC; 533 } 534 break; 535 536 default: 537 DPRINTF("Unexpected read (len %zd)\n", p->iov.size); 538 goto fail; 539 } 540 break; 541 542 default: 543 DPRINTF("Bad token\n"); 544 fail: 545 p->status = USB_RET_STALL; 546 break; 547 } 548 } 549 550 static void usb_msd_password_cb(void *opaque, int err) 551 { 552 MSDState *s = opaque; 553 554 if (!err) 555 err = usb_device_attach(&s->dev); 556 557 if (err) 558 qdev_unplug(&s->dev.qdev, NULL); 559 } 560 561 static void *usb_msd_load_request(QEMUFile *f, SCSIRequest *req) 562 { 563 MSDState *s = DO_UPCAST(MSDState, dev.qdev, req->bus->qbus.parent); 564 565 /* nothing to load, just store req in our state struct */ 566 assert(s->req == NULL); 567 scsi_req_ref(req); 568 s->req = req; 569 return NULL; 570 } 571 572 static const struct SCSIBusInfo usb_msd_scsi_info_storage = { 573 .tcq = false, 574 .max_target = 0, 575 .max_lun = 0, 576 577 .transfer_data = usb_msd_transfer_data, 578 .complete = usb_msd_command_complete, 579 .cancel = usb_msd_request_cancelled, 580 .load_request = usb_msd_load_request, 581 }; 582 583 static const struct SCSIBusInfo usb_msd_scsi_info_bot = { 584 .tcq = false, 585 .max_target = 0, 586 .max_lun = 15, 587 588 .transfer_data = usb_msd_transfer_data, 589 .complete = usb_msd_command_complete, 590 .cancel = usb_msd_request_cancelled, 591 .load_request = usb_msd_load_request, 592 }; 593 594 static int usb_msd_initfn_storage(USBDevice *dev) 595 { 596 MSDState *s = DO_UPCAST(MSDState, dev, dev); 597 BlockDriverState *bs = s->conf.bs; 598 SCSIDevice *scsi_dev; 599 600 if (!bs) { 601 error_report("drive property not set"); 602 return -1; 603 } 604 605 blkconf_serial(&s->conf, &s->serial); 606 607 /* 608 * Hack alert: this pretends to be a block device, but it's really 609 * a SCSI bus that can serve only a single device, which it 610 * creates automatically. But first it needs to detach from its 611 * blockdev, or else scsi_bus_legacy_add_drive() dies when it 612 * attaches again. 613 * 614 * The hack is probably a bad idea. 615 */ 616 bdrv_detach_dev(bs, &s->dev.qdev); 617 s->conf.bs = NULL; 618 619 if (s->serial) { 620 usb_desc_set_string(dev, STR_SERIALNUMBER, s->serial); 621 } else { 622 usb_desc_create_serial(dev); 623 } 624 625 usb_desc_init(dev); 626 scsi_bus_new(&s->bus, &s->dev.qdev, &usb_msd_scsi_info_storage); 627 scsi_dev = scsi_bus_legacy_add_drive(&s->bus, bs, 0, !!s->removable, 628 s->conf.bootindex, s->serial); 629 if (!scsi_dev) { 630 return -1; 631 } 632 s->bus.qbus.allow_hotplug = 0; 633 usb_msd_handle_reset(dev); 634 635 if (bdrv_key_required(bs)) { 636 if (cur_mon) { 637 monitor_read_bdrv_key_start(cur_mon, bs, usb_msd_password_cb, s); 638 s->dev.auto_attach = 0; 639 } else { 640 autostart = 0; 641 } 642 } 643 644 return 0; 645 } 646 647 static int usb_msd_initfn_bot(USBDevice *dev) 648 { 649 MSDState *s = DO_UPCAST(MSDState, dev, dev); 650 651 usb_desc_create_serial(dev); 652 usb_desc_init(dev); 653 scsi_bus_new(&s->bus, &s->dev.qdev, &usb_msd_scsi_info_bot); 654 s->bus.qbus.allow_hotplug = 0; 655 usb_msd_handle_reset(dev); 656 657 return 0; 658 } 659 660 static USBDevice *usb_msd_init(USBBus *bus, const char *filename) 661 { 662 static int nr=0; 663 char id[8]; 664 QemuOpts *opts; 665 DriveInfo *dinfo; 666 USBDevice *dev; 667 const char *p1; 668 char fmt[32]; 669 670 /* parse -usbdevice disk: syntax into drive opts */ 671 snprintf(id, sizeof(id), "usb%d", nr++); 672 opts = qemu_opts_create(qemu_find_opts("drive"), id, 0, NULL); 673 674 p1 = strchr(filename, ':'); 675 if (p1++) { 676 const char *p2; 677 678 if (strstart(filename, "format=", &p2)) { 679 int len = MIN(p1 - p2, sizeof(fmt)); 680 pstrcpy(fmt, len, p2); 681 qemu_opt_set(opts, "format", fmt); 682 } else if (*filename != ':') { 683 printf("unrecognized USB mass-storage option %s\n", filename); 684 return NULL; 685 } 686 filename = p1; 687 } 688 if (!*filename) { 689 printf("block device specification needed\n"); 690 return NULL; 691 } 692 qemu_opt_set(opts, "file", filename); 693 qemu_opt_set(opts, "if", "none"); 694 695 /* create host drive */ 696 dinfo = drive_init(opts, 0); 697 if (!dinfo) { 698 qemu_opts_del(opts); 699 return NULL; 700 } 701 702 /* create guest device */ 703 dev = usb_create(bus, "usb-storage"); 704 if (!dev) { 705 return NULL; 706 } 707 if (qdev_prop_set_drive(&dev->qdev, "drive", dinfo->bdrv) < 0) { 708 qdev_free(&dev->qdev); 709 return NULL; 710 } 711 if (qdev_init(&dev->qdev) < 0) 712 return NULL; 713 714 return dev; 715 } 716 717 static const VMStateDescription vmstate_usb_msd = { 718 .name = "usb-storage", 719 .version_id = 1, 720 .minimum_version_id = 1, 721 .fields = (VMStateField []) { 722 VMSTATE_USB_DEVICE(dev, MSDState), 723 VMSTATE_UINT32(mode, MSDState), 724 VMSTATE_UINT32(scsi_len, MSDState), 725 VMSTATE_UINT32(scsi_off, MSDState), 726 VMSTATE_UINT32(data_len, MSDState), 727 VMSTATE_UINT32(csw.sig, MSDState), 728 VMSTATE_UINT32(csw.tag, MSDState), 729 VMSTATE_UINT32(csw.residue, MSDState), 730 VMSTATE_UINT8(csw.status, MSDState), 731 VMSTATE_END_OF_LIST() 732 } 733 }; 734 735 static Property msd_properties[] = { 736 DEFINE_BLOCK_PROPERTIES(MSDState, conf), 737 DEFINE_PROP_STRING("serial", MSDState, serial), 738 DEFINE_PROP_BIT("removable", MSDState, removable, 0, false), 739 DEFINE_PROP_END_OF_LIST(), 740 }; 741 742 static void usb_msd_class_initfn_common(ObjectClass *klass) 743 { 744 DeviceClass *dc = DEVICE_CLASS(klass); 745 USBDeviceClass *uc = USB_DEVICE_CLASS(klass); 746 747 uc->product_desc = "QEMU USB MSD"; 748 uc->usb_desc = &desc; 749 uc->cancel_packet = usb_msd_cancel_io; 750 uc->handle_attach = usb_desc_attach; 751 uc->handle_reset = usb_msd_handle_reset; 752 uc->handle_control = usb_msd_handle_control; 753 uc->handle_data = usb_msd_handle_data; 754 dc->fw_name = "storage"; 755 dc->vmsd = &vmstate_usb_msd; 756 } 757 758 static void usb_msd_class_initfn_storage(ObjectClass *klass, void *data) 759 { 760 DeviceClass *dc = DEVICE_CLASS(klass); 761 USBDeviceClass *uc = USB_DEVICE_CLASS(klass); 762 763 uc->init = usb_msd_initfn_storage; 764 dc->props = msd_properties; 765 usb_msd_class_initfn_common(klass); 766 } 767 768 static void usb_msd_class_initfn_bot(ObjectClass *klass, void *data) 769 { 770 USBDeviceClass *uc = USB_DEVICE_CLASS(klass); 771 772 uc->init = usb_msd_initfn_bot; 773 usb_msd_class_initfn_common(klass); 774 } 775 776 static const TypeInfo msd_info = { 777 .name = "usb-storage", 778 .parent = TYPE_USB_DEVICE, 779 .instance_size = sizeof(MSDState), 780 .class_init = usb_msd_class_initfn_storage, 781 }; 782 783 static const TypeInfo bot_info = { 784 .name = "usb-bot", 785 .parent = TYPE_USB_DEVICE, 786 .instance_size = sizeof(MSDState), 787 .class_init = usb_msd_class_initfn_bot, 788 }; 789 790 static void usb_msd_register_types(void) 791 { 792 type_register_static(&msd_info); 793 type_register_static(&bot_info); 794 usb_legacy_register("usb-storage", "disk", usb_msd_init); 795 } 796 797 type_init(usb_msd_register_types) 798