1 /* 2 * USB Mass Storage Device emulation 3 * 4 * Copyright (c) 2006 CodeSourcery. 5 * Written by Paul Brook 6 * 7 * This code is licensed under the LGPL. 8 */ 9 10 #include "qemu-common.h" 11 #include "qemu/error-report.h" 12 #include "qemu/option.h" 13 #include "qemu/config-file.h" 14 #include "hw/usb.h" 15 #include "hw/usb/desc.h" 16 #include "hw/scsi/scsi.h" 17 #include "ui/console.h" 18 #include "monitor/monitor.h" 19 #include "sysemu/sysemu.h" 20 #include "sysemu/block-backend.h" 21 #include "sysemu/blockdev.h" 22 #include "qapi/visitor.h" 23 24 //#define DEBUG_MSD 25 26 #ifdef DEBUG_MSD 27 #define DPRINTF(fmt, ...) \ 28 do { printf("usb-msd: " fmt , ## __VA_ARGS__); } while (0) 29 #else 30 #define DPRINTF(fmt, ...) do {} while(0) 31 #endif 32 33 /* USB requests. */ 34 #define MassStorageReset 0xff 35 #define GetMaxLun 0xfe 36 37 enum USBMSDMode { 38 USB_MSDM_CBW, /* Command Block. */ 39 USB_MSDM_DATAOUT, /* Transfer data to device. */ 40 USB_MSDM_DATAIN, /* Transfer data from device. */ 41 USB_MSDM_CSW /* Command Status. */ 42 }; 43 44 struct usb_msd_csw { 45 uint32_t sig; 46 uint32_t tag; 47 uint32_t residue; 48 uint8_t status; 49 }; 50 51 typedef struct { 52 USBDevice dev; 53 enum USBMSDMode mode; 54 uint32_t scsi_off; 55 uint32_t scsi_len; 56 uint32_t data_len; 57 struct usb_msd_csw csw; 58 SCSIRequest *req; 59 SCSIBus bus; 60 /* For async completion. */ 61 USBPacket *packet; 62 /* usb-storage only */ 63 BlockConf conf; 64 uint32_t removable; 65 SCSIDevice *scsi_dev; 66 } MSDState; 67 68 #define TYPE_USB_STORAGE "usb-storage-dev" 69 #define USB_STORAGE_DEV(obj) OBJECT_CHECK(MSDState, (obj), TYPE_USB_STORAGE) 70 71 struct usb_msd_cbw { 72 uint32_t sig; 73 uint32_t tag; 74 uint32_t data_len; 75 uint8_t flags; 76 uint8_t lun; 77 uint8_t cmd_len; 78 uint8_t cmd[16]; 79 }; 80 81 enum { 82 STR_MANUFACTURER = 1, 83 STR_PRODUCT, 84 STR_SERIALNUMBER, 85 STR_CONFIG_FULL, 86 STR_CONFIG_HIGH, 87 STR_CONFIG_SUPER, 88 }; 89 90 static const USBDescStrings desc_strings = { 91 [STR_MANUFACTURER] = "QEMU", 92 [STR_PRODUCT] = "QEMU USB HARDDRIVE", 93 [STR_SERIALNUMBER] = "1", 94 [STR_CONFIG_FULL] = "Full speed config (usb 1.1)", 95 [STR_CONFIG_HIGH] = "High speed config (usb 2.0)", 96 [STR_CONFIG_SUPER] = "Super speed config (usb 3.0)", 97 }; 98 99 static const USBDescIface desc_iface_full = { 100 .bInterfaceNumber = 0, 101 .bNumEndpoints = 2, 102 .bInterfaceClass = USB_CLASS_MASS_STORAGE, 103 .bInterfaceSubClass = 0x06, /* SCSI */ 104 .bInterfaceProtocol = 0x50, /* Bulk */ 105 .eps = (USBDescEndpoint[]) { 106 { 107 .bEndpointAddress = USB_DIR_IN | 0x01, 108 .bmAttributes = USB_ENDPOINT_XFER_BULK, 109 .wMaxPacketSize = 64, 110 },{ 111 .bEndpointAddress = USB_DIR_OUT | 0x02, 112 .bmAttributes = USB_ENDPOINT_XFER_BULK, 113 .wMaxPacketSize = 64, 114 }, 115 } 116 }; 117 118 static const USBDescDevice desc_device_full = { 119 .bcdUSB = 0x0200, 120 .bMaxPacketSize0 = 8, 121 .bNumConfigurations = 1, 122 .confs = (USBDescConfig[]) { 123 { 124 .bNumInterfaces = 1, 125 .bConfigurationValue = 1, 126 .iConfiguration = STR_CONFIG_FULL, 127 .bmAttributes = USB_CFG_ATT_ONE | USB_CFG_ATT_SELFPOWER, 128 .nif = 1, 129 .ifs = &desc_iface_full, 130 }, 131 }, 132 }; 133 134 static const USBDescIface desc_iface_high = { 135 .bInterfaceNumber = 0, 136 .bNumEndpoints = 2, 137 .bInterfaceClass = USB_CLASS_MASS_STORAGE, 138 .bInterfaceSubClass = 0x06, /* SCSI */ 139 .bInterfaceProtocol = 0x50, /* Bulk */ 140 .eps = (USBDescEndpoint[]) { 141 { 142 .bEndpointAddress = USB_DIR_IN | 0x01, 143 .bmAttributes = USB_ENDPOINT_XFER_BULK, 144 .wMaxPacketSize = 512, 145 },{ 146 .bEndpointAddress = USB_DIR_OUT | 0x02, 147 .bmAttributes = USB_ENDPOINT_XFER_BULK, 148 .wMaxPacketSize = 512, 149 }, 150 } 151 }; 152 153 static const USBDescDevice desc_device_high = { 154 .bcdUSB = 0x0200, 155 .bMaxPacketSize0 = 64, 156 .bNumConfigurations = 1, 157 .confs = (USBDescConfig[]) { 158 { 159 .bNumInterfaces = 1, 160 .bConfigurationValue = 1, 161 .iConfiguration = STR_CONFIG_HIGH, 162 .bmAttributes = USB_CFG_ATT_ONE | USB_CFG_ATT_SELFPOWER, 163 .nif = 1, 164 .ifs = &desc_iface_high, 165 }, 166 }, 167 }; 168 169 static const USBDescIface desc_iface_super = { 170 .bInterfaceNumber = 0, 171 .bNumEndpoints = 2, 172 .bInterfaceClass = USB_CLASS_MASS_STORAGE, 173 .bInterfaceSubClass = 0x06, /* SCSI */ 174 .bInterfaceProtocol = 0x50, /* Bulk */ 175 .eps = (USBDescEndpoint[]) { 176 { 177 .bEndpointAddress = USB_DIR_IN | 0x01, 178 .bmAttributes = USB_ENDPOINT_XFER_BULK, 179 .wMaxPacketSize = 1024, 180 .bMaxBurst = 15, 181 },{ 182 .bEndpointAddress = USB_DIR_OUT | 0x02, 183 .bmAttributes = USB_ENDPOINT_XFER_BULK, 184 .wMaxPacketSize = 1024, 185 .bMaxBurst = 15, 186 }, 187 } 188 }; 189 190 static const USBDescDevice desc_device_super = { 191 .bcdUSB = 0x0300, 192 .bMaxPacketSize0 = 9, 193 .bNumConfigurations = 1, 194 .confs = (USBDescConfig[]) { 195 { 196 .bNumInterfaces = 1, 197 .bConfigurationValue = 1, 198 .iConfiguration = STR_CONFIG_SUPER, 199 .bmAttributes = USB_CFG_ATT_ONE | USB_CFG_ATT_SELFPOWER, 200 .nif = 1, 201 .ifs = &desc_iface_super, 202 }, 203 }, 204 }; 205 206 static const USBDesc desc = { 207 .id = { 208 .idVendor = 0x46f4, /* CRC16() of "QEMU" */ 209 .idProduct = 0x0001, 210 .bcdDevice = 0, 211 .iManufacturer = STR_MANUFACTURER, 212 .iProduct = STR_PRODUCT, 213 .iSerialNumber = STR_SERIALNUMBER, 214 }, 215 .full = &desc_device_full, 216 .high = &desc_device_high, 217 .super = &desc_device_super, 218 .str = desc_strings, 219 }; 220 221 static void usb_msd_copy_data(MSDState *s, USBPacket *p) 222 { 223 uint32_t len; 224 len = p->iov.size - p->actual_length; 225 if (len > s->scsi_len) 226 len = s->scsi_len; 227 usb_packet_copy(p, scsi_req_get_buf(s->req) + s->scsi_off, len); 228 s->scsi_len -= len; 229 s->scsi_off += len; 230 s->data_len -= len; 231 if (s->scsi_len == 0 || s->data_len == 0) { 232 scsi_req_continue(s->req); 233 } 234 } 235 236 static void usb_msd_send_status(MSDState *s, USBPacket *p) 237 { 238 int len; 239 240 DPRINTF("Command status %d tag 0x%x, len %zd\n", 241 s->csw.status, le32_to_cpu(s->csw.tag), p->iov.size); 242 243 assert(s->csw.sig == cpu_to_le32(0x53425355)); 244 len = MIN(sizeof(s->csw), p->iov.size); 245 usb_packet_copy(p, &s->csw, len); 246 memset(&s->csw, 0, sizeof(s->csw)); 247 } 248 249 static void usb_msd_packet_complete(MSDState *s) 250 { 251 USBPacket *p = s->packet; 252 253 /* Set s->packet to NULL before calling usb_packet_complete 254 because another request may be issued before 255 usb_packet_complete returns. */ 256 DPRINTF("Packet complete %p\n", p); 257 s->packet = NULL; 258 usb_packet_complete(&s->dev, p); 259 } 260 261 static void usb_msd_transfer_data(SCSIRequest *req, uint32_t len) 262 { 263 MSDState *s = DO_UPCAST(MSDState, dev.qdev, req->bus->qbus.parent); 264 USBPacket *p = s->packet; 265 266 assert((s->mode == USB_MSDM_DATAOUT) == (req->cmd.mode == SCSI_XFER_TO_DEV)); 267 s->scsi_len = len; 268 s->scsi_off = 0; 269 if (p) { 270 usb_msd_copy_data(s, p); 271 p = s->packet; 272 if (p && p->actual_length == p->iov.size) { 273 p->status = USB_RET_SUCCESS; /* Clear previous ASYNC status */ 274 usb_msd_packet_complete(s); 275 } 276 } 277 } 278 279 static void usb_msd_command_complete(SCSIRequest *req, uint32_t status, size_t resid) 280 { 281 MSDState *s = DO_UPCAST(MSDState, dev.qdev, req->bus->qbus.parent); 282 USBPacket *p = s->packet; 283 284 DPRINTF("Command complete %d tag 0x%x\n", status, req->tag); 285 286 s->csw.sig = cpu_to_le32(0x53425355); 287 s->csw.tag = cpu_to_le32(req->tag); 288 s->csw.residue = cpu_to_le32(s->data_len); 289 s->csw.status = status != 0; 290 291 if (s->packet) { 292 if (s->data_len == 0 && s->mode == USB_MSDM_DATAOUT) { 293 /* A deferred packet with no write data remaining must be 294 the status read packet. */ 295 usb_msd_send_status(s, p); 296 s->mode = USB_MSDM_CBW; 297 } else if (s->mode == USB_MSDM_CSW) { 298 usb_msd_send_status(s, p); 299 s->mode = USB_MSDM_CBW; 300 } else { 301 if (s->data_len) { 302 int len = (p->iov.size - p->actual_length); 303 usb_packet_skip(p, len); 304 s->data_len -= len; 305 } 306 if (s->data_len == 0) { 307 s->mode = USB_MSDM_CSW; 308 } 309 } 310 p->status = USB_RET_SUCCESS; /* Clear previous ASYNC status */ 311 usb_msd_packet_complete(s); 312 } else if (s->data_len == 0) { 313 s->mode = USB_MSDM_CSW; 314 } 315 scsi_req_unref(req); 316 s->req = NULL; 317 } 318 319 static void usb_msd_request_cancelled(SCSIRequest *req) 320 { 321 MSDState *s = DO_UPCAST(MSDState, dev.qdev, req->bus->qbus.parent); 322 323 if (req == s->req) { 324 scsi_req_unref(s->req); 325 s->req = NULL; 326 s->scsi_len = 0; 327 } 328 } 329 330 static void usb_msd_handle_reset(USBDevice *dev) 331 { 332 MSDState *s = (MSDState *)dev; 333 334 DPRINTF("Reset\n"); 335 if (s->req) { 336 scsi_req_cancel(s->req); 337 } 338 assert(s->req == NULL); 339 340 if (s->packet) { 341 s->packet->status = USB_RET_STALL; 342 usb_msd_packet_complete(s); 343 } 344 345 s->mode = USB_MSDM_CBW; 346 } 347 348 static void usb_msd_handle_control(USBDevice *dev, USBPacket *p, 349 int request, int value, int index, int length, uint8_t *data) 350 { 351 MSDState *s = (MSDState *)dev; 352 SCSIDevice *scsi_dev; 353 int ret, maxlun; 354 355 ret = usb_desc_handle_control(dev, p, request, value, index, length, data); 356 if (ret >= 0) { 357 return; 358 } 359 360 switch (request) { 361 case EndpointOutRequest | USB_REQ_CLEAR_FEATURE: 362 break; 363 /* Class specific requests. */ 364 case ClassInterfaceOutRequest | MassStorageReset: 365 /* Reset state ready for the next CBW. */ 366 s->mode = USB_MSDM_CBW; 367 break; 368 case ClassInterfaceRequest | GetMaxLun: 369 maxlun = 0; 370 for (;;) { 371 scsi_dev = scsi_device_find(&s->bus, 0, 0, maxlun+1); 372 if (scsi_dev == NULL) { 373 break; 374 } 375 if (scsi_dev->lun != maxlun+1) { 376 break; 377 } 378 maxlun++; 379 } 380 DPRINTF("MaxLun %d\n", maxlun); 381 data[0] = maxlun; 382 p->actual_length = 1; 383 break; 384 default: 385 p->status = USB_RET_STALL; 386 break; 387 } 388 } 389 390 static void usb_msd_cancel_io(USBDevice *dev, USBPacket *p) 391 { 392 MSDState *s = USB_STORAGE_DEV(dev); 393 394 assert(s->packet == p); 395 s->packet = NULL; 396 397 if (s->req) { 398 scsi_req_cancel(s->req); 399 } 400 } 401 402 static void usb_msd_handle_data(USBDevice *dev, USBPacket *p) 403 { 404 MSDState *s = (MSDState *)dev; 405 uint32_t tag; 406 struct usb_msd_cbw cbw; 407 uint8_t devep = p->ep->nr; 408 SCSIDevice *scsi_dev; 409 uint32_t len; 410 411 switch (p->pid) { 412 case USB_TOKEN_OUT: 413 if (devep != 2) 414 goto fail; 415 416 switch (s->mode) { 417 case USB_MSDM_CBW: 418 if (p->iov.size != 31) { 419 error_report("usb-msd: Bad CBW size"); 420 goto fail; 421 } 422 usb_packet_copy(p, &cbw, 31); 423 if (le32_to_cpu(cbw.sig) != 0x43425355) { 424 error_report("usb-msd: Bad signature %08x", 425 le32_to_cpu(cbw.sig)); 426 goto fail; 427 } 428 DPRINTF("Command on LUN %d\n", cbw.lun); 429 scsi_dev = scsi_device_find(&s->bus, 0, 0, cbw.lun); 430 if (scsi_dev == NULL) { 431 error_report("usb-msd: Bad LUN %d", cbw.lun); 432 goto fail; 433 } 434 tag = le32_to_cpu(cbw.tag); 435 s->data_len = le32_to_cpu(cbw.data_len); 436 if (s->data_len == 0) { 437 s->mode = USB_MSDM_CSW; 438 } else if (cbw.flags & 0x80) { 439 s->mode = USB_MSDM_DATAIN; 440 } else { 441 s->mode = USB_MSDM_DATAOUT; 442 } 443 DPRINTF("Command tag 0x%x flags %08x len %d data %d\n", 444 tag, cbw.flags, cbw.cmd_len, s->data_len); 445 assert(le32_to_cpu(s->csw.residue) == 0); 446 s->scsi_len = 0; 447 s->req = scsi_req_new(scsi_dev, tag, cbw.lun, cbw.cmd, NULL); 448 #ifdef DEBUG_MSD 449 scsi_req_print(s->req); 450 #endif 451 len = scsi_req_enqueue(s->req); 452 if (len) { 453 scsi_req_continue(s->req); 454 } 455 break; 456 457 case USB_MSDM_DATAOUT: 458 DPRINTF("Data out %zd/%d\n", p->iov.size, s->data_len); 459 if (p->iov.size > s->data_len) { 460 goto fail; 461 } 462 463 if (s->scsi_len) { 464 usb_msd_copy_data(s, p); 465 } 466 if (le32_to_cpu(s->csw.residue)) { 467 int len = p->iov.size - p->actual_length; 468 if (len) { 469 usb_packet_skip(p, len); 470 s->data_len -= len; 471 if (s->data_len == 0) { 472 s->mode = USB_MSDM_CSW; 473 } 474 } 475 } 476 if (p->actual_length < p->iov.size) { 477 DPRINTF("Deferring packet %p [wait data-out]\n", p); 478 s->packet = p; 479 p->status = USB_RET_ASYNC; 480 } 481 break; 482 483 default: 484 DPRINTF("Unexpected write (len %zd)\n", p->iov.size); 485 goto fail; 486 } 487 break; 488 489 case USB_TOKEN_IN: 490 if (devep != 1) 491 goto fail; 492 493 switch (s->mode) { 494 case USB_MSDM_DATAOUT: 495 if (s->data_len != 0 || p->iov.size < 13) { 496 goto fail; 497 } 498 /* Waiting for SCSI write to complete. */ 499 s->packet = p; 500 p->status = USB_RET_ASYNC; 501 break; 502 503 case USB_MSDM_CSW: 504 if (p->iov.size < 13) { 505 goto fail; 506 } 507 508 if (s->req) { 509 /* still in flight */ 510 DPRINTF("Deferring packet %p [wait status]\n", p); 511 s->packet = p; 512 p->status = USB_RET_ASYNC; 513 } else { 514 usb_msd_send_status(s, p); 515 s->mode = USB_MSDM_CBW; 516 } 517 break; 518 519 case USB_MSDM_DATAIN: 520 DPRINTF("Data in %zd/%d, scsi_len %d\n", 521 p->iov.size, s->data_len, s->scsi_len); 522 if (s->scsi_len) { 523 usb_msd_copy_data(s, p); 524 } 525 if (le32_to_cpu(s->csw.residue)) { 526 int len = p->iov.size - p->actual_length; 527 if (len) { 528 usb_packet_skip(p, len); 529 s->data_len -= len; 530 if (s->data_len == 0) { 531 s->mode = USB_MSDM_CSW; 532 } 533 } 534 } 535 if (p->actual_length < p->iov.size) { 536 DPRINTF("Deferring packet %p [wait data-in]\n", p); 537 s->packet = p; 538 p->status = USB_RET_ASYNC; 539 } 540 break; 541 542 default: 543 DPRINTF("Unexpected read (len %zd)\n", p->iov.size); 544 goto fail; 545 } 546 break; 547 548 default: 549 DPRINTF("Bad token\n"); 550 fail: 551 p->status = USB_RET_STALL; 552 break; 553 } 554 } 555 556 static void usb_msd_password_cb(void *opaque, int err) 557 { 558 MSDState *s = opaque; 559 Error *local_err = NULL; 560 561 if (!err) { 562 usb_device_attach(&s->dev, &local_err); 563 } 564 565 if (local_err) { 566 error_report_err(local_err); 567 qdev_unplug(&s->dev.qdev, NULL); 568 } 569 } 570 571 static void *usb_msd_load_request(QEMUFile *f, SCSIRequest *req) 572 { 573 MSDState *s = DO_UPCAST(MSDState, dev.qdev, req->bus->qbus.parent); 574 575 /* nothing to load, just store req in our state struct */ 576 assert(s->req == NULL); 577 scsi_req_ref(req); 578 s->req = req; 579 return NULL; 580 } 581 582 static const struct SCSIBusInfo usb_msd_scsi_info_storage = { 583 .tcq = false, 584 .max_target = 0, 585 .max_lun = 0, 586 587 .transfer_data = usb_msd_transfer_data, 588 .complete = usb_msd_command_complete, 589 .cancel = usb_msd_request_cancelled, 590 .load_request = usb_msd_load_request, 591 }; 592 593 static const struct SCSIBusInfo usb_msd_scsi_info_bot = { 594 .tcq = false, 595 .max_target = 0, 596 .max_lun = 15, 597 598 .transfer_data = usb_msd_transfer_data, 599 .complete = usb_msd_command_complete, 600 .cancel = usb_msd_request_cancelled, 601 .load_request = usb_msd_load_request, 602 }; 603 604 static void usb_msd_realize_storage(USBDevice *dev, Error **errp) 605 { 606 MSDState *s = USB_STORAGE_DEV(dev); 607 BlockBackend *blk = s->conf.blk; 608 SCSIDevice *scsi_dev; 609 Error *err = NULL; 610 611 if (!blk) { 612 error_setg(errp, "drive property not set"); 613 return; 614 } 615 616 bdrv_add_key(blk_bs(blk), NULL, &err); 617 if (err) { 618 if (monitor_cur_is_qmp()) { 619 error_propagate(errp, err); 620 return; 621 } 622 error_free(err); 623 err = NULL; 624 if (cur_mon) { 625 monitor_read_bdrv_key_start(cur_mon, blk_bs(blk), 626 usb_msd_password_cb, s); 627 s->dev.auto_attach = 0; 628 } else { 629 autostart = 0; 630 } 631 } 632 633 blkconf_serial(&s->conf, &dev->serial); 634 blkconf_blocksizes(&s->conf); 635 636 /* 637 * Hack alert: this pretends to be a block device, but it's really 638 * a SCSI bus that can serve only a single device, which it 639 * creates automatically. But first it needs to detach from its 640 * blockdev, or else scsi_bus_legacy_add_drive() dies when it 641 * attaches again. 642 * 643 * The hack is probably a bad idea. 644 */ 645 blk_detach_dev(blk, &s->dev.qdev); 646 s->conf.blk = NULL; 647 648 usb_desc_create_serial(dev); 649 usb_desc_init(dev); 650 scsi_bus_new(&s->bus, sizeof(s->bus), DEVICE(dev), 651 &usb_msd_scsi_info_storage, NULL); 652 scsi_dev = scsi_bus_legacy_add_drive(&s->bus, blk, 0, !!s->removable, 653 s->conf.bootindex, dev->serial, 654 &err); 655 if (!scsi_dev) { 656 error_propagate(errp, err); 657 return; 658 } 659 usb_msd_handle_reset(dev); 660 s->scsi_dev = scsi_dev; 661 } 662 663 static void usb_msd_realize_bot(USBDevice *dev, Error **errp) 664 { 665 MSDState *s = USB_STORAGE_DEV(dev); 666 667 usb_desc_create_serial(dev); 668 usb_desc_init(dev); 669 scsi_bus_new(&s->bus, sizeof(s->bus), DEVICE(dev), 670 &usb_msd_scsi_info_bot, NULL); 671 usb_msd_handle_reset(dev); 672 } 673 674 static USBDevice *usb_msd_init(USBBus *bus, const char *filename) 675 { 676 static int nr=0; 677 Error *err = NULL; 678 char id[8]; 679 QemuOpts *opts; 680 DriveInfo *dinfo; 681 USBDevice *dev; 682 const char *p1; 683 char fmt[32]; 684 685 /* parse -usbdevice disk: syntax into drive opts */ 686 do { 687 snprintf(id, sizeof(id), "usb%d", nr++); 688 opts = qemu_opts_create(qemu_find_opts("drive"), id, 1, NULL); 689 } while (!opts); 690 691 p1 = strchr(filename, ':'); 692 if (p1++) { 693 const char *p2; 694 695 if (strstart(filename, "format=", &p2)) { 696 int len = MIN(p1 - p2, sizeof(fmt)); 697 pstrcpy(fmt, len, p2); 698 qemu_opt_set(opts, "format", fmt, &error_abort); 699 } else if (*filename != ':') { 700 error_report("unrecognized USB mass-storage option %s", filename); 701 return NULL; 702 } 703 filename = p1; 704 } 705 if (!*filename) { 706 error_report("block device specification needed"); 707 return NULL; 708 } 709 qemu_opt_set(opts, "file", filename, &error_abort); 710 qemu_opt_set(opts, "if", "none", &error_abort); 711 712 /* create host drive */ 713 dinfo = drive_new(opts, 0); 714 if (!dinfo) { 715 qemu_opts_del(opts); 716 return NULL; 717 } 718 719 /* create guest device */ 720 dev = usb_create(bus, "usb-storage"); 721 qdev_prop_set_drive(&dev->qdev, "drive", blk_by_legacy_dinfo(dinfo), 722 &err); 723 if (err) { 724 error_report_err(err); 725 object_unparent(OBJECT(dev)); 726 return NULL; 727 } 728 return dev; 729 } 730 731 static const VMStateDescription vmstate_usb_msd = { 732 .name = "usb-storage", 733 .version_id = 1, 734 .minimum_version_id = 1, 735 .fields = (VMStateField[]) { 736 VMSTATE_USB_DEVICE(dev, MSDState), 737 VMSTATE_UINT32(mode, MSDState), 738 VMSTATE_UINT32(scsi_len, MSDState), 739 VMSTATE_UINT32(scsi_off, MSDState), 740 VMSTATE_UINT32(data_len, MSDState), 741 VMSTATE_UINT32(csw.sig, MSDState), 742 VMSTATE_UINT32(csw.tag, MSDState), 743 VMSTATE_UINT32(csw.residue, MSDState), 744 VMSTATE_UINT8(csw.status, MSDState), 745 VMSTATE_END_OF_LIST() 746 } 747 }; 748 749 static Property msd_properties[] = { 750 DEFINE_BLOCK_PROPERTIES(MSDState, conf), 751 DEFINE_PROP_BIT("removable", MSDState, removable, 0, false), 752 DEFINE_PROP_END_OF_LIST(), 753 }; 754 755 static void usb_msd_class_initfn_common(ObjectClass *klass, void *data) 756 { 757 DeviceClass *dc = DEVICE_CLASS(klass); 758 USBDeviceClass *uc = USB_DEVICE_CLASS(klass); 759 760 uc->product_desc = "QEMU USB MSD"; 761 uc->usb_desc = &desc; 762 uc->cancel_packet = usb_msd_cancel_io; 763 uc->handle_attach = usb_desc_attach; 764 uc->handle_reset = usb_msd_handle_reset; 765 uc->handle_control = usb_msd_handle_control; 766 uc->handle_data = usb_msd_handle_data; 767 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories); 768 dc->fw_name = "storage"; 769 dc->vmsd = &vmstate_usb_msd; 770 } 771 772 static void usb_msd_class_initfn_storage(ObjectClass *klass, void *data) 773 { 774 DeviceClass *dc = DEVICE_CLASS(klass); 775 USBDeviceClass *uc = USB_DEVICE_CLASS(klass); 776 777 uc->realize = usb_msd_realize_storage; 778 dc->props = msd_properties; 779 } 780 781 static void usb_msd_get_bootindex(Object *obj, Visitor *v, void *opaque, 782 const char *name, Error **errp) 783 { 784 USBDevice *dev = USB_DEVICE(obj); 785 MSDState *s = USB_STORAGE_DEV(dev); 786 787 visit_type_int32(v, &s->conf.bootindex, name, errp); 788 } 789 790 static void usb_msd_set_bootindex(Object *obj, Visitor *v, void *opaque, 791 const char *name, Error **errp) 792 { 793 USBDevice *dev = USB_DEVICE(obj); 794 MSDState *s = USB_STORAGE_DEV(dev); 795 int32_t boot_index; 796 Error *local_err = NULL; 797 798 visit_type_int32(v, &boot_index, name, &local_err); 799 if (local_err) { 800 goto out; 801 } 802 /* check whether bootindex is present in fw_boot_order list */ 803 check_boot_index(boot_index, &local_err); 804 if (local_err) { 805 goto out; 806 } 807 /* change bootindex to a new one */ 808 s->conf.bootindex = boot_index; 809 810 if (s->scsi_dev) { 811 object_property_set_int(OBJECT(s->scsi_dev), boot_index, "bootindex", 812 &error_abort); 813 } 814 815 out: 816 if (local_err) { 817 error_propagate(errp, local_err); 818 } 819 } 820 821 static const TypeInfo usb_storage_dev_type_info = { 822 .name = TYPE_USB_STORAGE, 823 .parent = TYPE_USB_DEVICE, 824 .instance_size = sizeof(MSDState), 825 .abstract = true, 826 .class_init = usb_msd_class_initfn_common, 827 }; 828 829 static void usb_msd_instance_init(Object *obj) 830 { 831 object_property_add(obj, "bootindex", "int32", 832 usb_msd_get_bootindex, 833 usb_msd_set_bootindex, NULL, NULL, NULL); 834 object_property_set_int(obj, -1, "bootindex", NULL); 835 } 836 837 static void usb_msd_class_initfn_bot(ObjectClass *klass, void *data) 838 { 839 USBDeviceClass *uc = USB_DEVICE_CLASS(klass); 840 DeviceClass *dc = DEVICE_CLASS(klass); 841 842 uc->realize = usb_msd_realize_bot; 843 dc->hotpluggable = false; 844 } 845 846 static const TypeInfo msd_info = { 847 .name = "usb-storage", 848 .parent = TYPE_USB_STORAGE, 849 .class_init = usb_msd_class_initfn_storage, 850 .instance_init = usb_msd_instance_init, 851 }; 852 853 static const TypeInfo bot_info = { 854 .name = "usb-bot", 855 .parent = TYPE_USB_STORAGE, 856 .class_init = usb_msd_class_initfn_bot, 857 }; 858 859 static void usb_msd_register_types(void) 860 { 861 type_register_static(&usb_storage_dev_type_info); 862 type_register_static(&msd_info); 863 type_register_static(&bot_info); 864 usb_legacy_register("usb-storage", "disk", usb_msd_init); 865 } 866 867 type_init(usb_msd_register_types) 868