1 /* 2 * USB redirector usb-guest 3 * 4 * Copyright (c) 2011 Red Hat, Inc. 5 * 6 * Red Hat Authors: 7 * Hans de Goede <hdegoede@redhat.com> 8 * 9 * Permission is hereby granted, free of charge, to any person obtaining a copy 10 * of this software and associated documentation files (the "Software"), to deal 11 * in the Software without restriction, including without limitation the rights 12 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 13 * copies of the Software, and to permit persons to whom the Software is 14 * furnished to do so, subject to the following conditions: 15 * 16 * The above copyright notice and this permission notice shall be included in 17 * all copies or substantial portions of the Software. 18 * 19 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 20 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 21 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 22 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 23 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 24 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 25 * THE SOFTWARE. 26 */ 27 28 #include "qemu-common.h" 29 #include "qemu-timer.h" 30 #include "monitor.h" 31 #include "sysemu.h" 32 33 #include <dirent.h> 34 #include <sys/ioctl.h> 35 #include <signal.h> 36 #include <usbredirparser.h> 37 #include <usbredirfilter.h> 38 39 #include "hw/usb.h" 40 41 #define MAX_ENDPOINTS 32 42 #define EP2I(ep_address) (((ep_address & 0x80) >> 3) | (ep_address & 0x0f)) 43 #define I2EP(i) (((i & 0x10) << 3) | (i & 0x0f)) 44 45 typedef struct AsyncURB AsyncURB; 46 typedef struct USBRedirDevice USBRedirDevice; 47 48 /* Struct to hold buffered packets (iso or int input packets) */ 49 struct buf_packet { 50 uint8_t *data; 51 int len; 52 int status; 53 QTAILQ_ENTRY(buf_packet)next; 54 }; 55 56 struct endp_data { 57 uint8_t type; 58 uint8_t interval; 59 uint8_t interface; /* bInterfaceNumber this ep belongs to */ 60 uint8_t iso_started; 61 uint8_t iso_error; /* For reporting iso errors to the HC */ 62 uint8_t interrupt_started; 63 uint8_t interrupt_error; 64 uint8_t bufpq_prefilled; 65 uint8_t bufpq_dropping_packets; 66 QTAILQ_HEAD(, buf_packet) bufpq; 67 int bufpq_size; 68 int bufpq_target_size; 69 }; 70 71 struct USBRedirDevice { 72 USBDevice dev; 73 /* Properties */ 74 CharDriverState *cs; 75 uint8_t debug; 76 char *filter_str; 77 int32_t bootindex; 78 /* Data passed from chardev the fd_read cb to the usbredirparser read cb */ 79 const uint8_t *read_buf; 80 int read_buf_size; 81 /* For async handling of open/close */ 82 QEMUBH *open_close_bh; 83 /* To delay the usb attach in case of quick chardev close + open */ 84 QEMUTimer *attach_timer; 85 int64_t next_attach_time; 86 struct usbredirparser *parser; 87 struct endp_data endpoint[MAX_ENDPOINTS]; 88 uint32_t packet_id; 89 QTAILQ_HEAD(, AsyncURB) asyncq; 90 /* Data for device filtering */ 91 struct usb_redir_device_connect_header device_info; 92 struct usb_redir_interface_info_header interface_info; 93 struct usbredirfilter_rule *filter_rules; 94 int filter_rules_count; 95 }; 96 97 struct AsyncURB { 98 USBRedirDevice *dev; 99 USBPacket *packet; 100 uint32_t packet_id; 101 int get; 102 union { 103 struct usb_redir_control_packet_header control_packet; 104 struct usb_redir_bulk_packet_header bulk_packet; 105 struct usb_redir_interrupt_packet_header interrupt_packet; 106 }; 107 QTAILQ_ENTRY(AsyncURB)next; 108 }; 109 110 static void usbredir_hello(void *priv, struct usb_redir_hello_header *h); 111 static void usbredir_device_connect(void *priv, 112 struct usb_redir_device_connect_header *device_connect); 113 static void usbredir_device_disconnect(void *priv); 114 static void usbredir_interface_info(void *priv, 115 struct usb_redir_interface_info_header *interface_info); 116 static void usbredir_ep_info(void *priv, 117 struct usb_redir_ep_info_header *ep_info); 118 static void usbredir_configuration_status(void *priv, uint32_t id, 119 struct usb_redir_configuration_status_header *configuration_status); 120 static void usbredir_alt_setting_status(void *priv, uint32_t id, 121 struct usb_redir_alt_setting_status_header *alt_setting_status); 122 static void usbredir_iso_stream_status(void *priv, uint32_t id, 123 struct usb_redir_iso_stream_status_header *iso_stream_status); 124 static void usbredir_interrupt_receiving_status(void *priv, uint32_t id, 125 struct usb_redir_interrupt_receiving_status_header 126 *interrupt_receiving_status); 127 static void usbredir_bulk_streams_status(void *priv, uint32_t id, 128 struct usb_redir_bulk_streams_status_header *bulk_streams_status); 129 static void usbredir_control_packet(void *priv, uint32_t id, 130 struct usb_redir_control_packet_header *control_packet, 131 uint8_t *data, int data_len); 132 static void usbredir_bulk_packet(void *priv, uint32_t id, 133 struct usb_redir_bulk_packet_header *bulk_packet, 134 uint8_t *data, int data_len); 135 static void usbredir_iso_packet(void *priv, uint32_t id, 136 struct usb_redir_iso_packet_header *iso_packet, 137 uint8_t *data, int data_len); 138 static void usbredir_interrupt_packet(void *priv, uint32_t id, 139 struct usb_redir_interrupt_packet_header *interrupt_header, 140 uint8_t *data, int data_len); 141 142 static int usbredir_handle_status(USBRedirDevice *dev, 143 int status, int actual_len); 144 145 #define VERSION "qemu usb-redir guest " QEMU_VERSION 146 147 /* 148 * Logging stuff 149 */ 150 151 #define ERROR(...) \ 152 do { \ 153 if (dev->debug >= usbredirparser_error) { \ 154 error_report("usb-redir error: " __VA_ARGS__); \ 155 } \ 156 } while (0) 157 #define WARNING(...) \ 158 do { \ 159 if (dev->debug >= usbredirparser_warning) { \ 160 error_report("usb-redir warning: " __VA_ARGS__); \ 161 } \ 162 } while (0) 163 #define INFO(...) \ 164 do { \ 165 if (dev->debug >= usbredirparser_info) { \ 166 error_report("usb-redir: " __VA_ARGS__); \ 167 } \ 168 } while (0) 169 #define DPRINTF(...) \ 170 do { \ 171 if (dev->debug >= usbredirparser_debug) { \ 172 error_report("usb-redir: " __VA_ARGS__); \ 173 } \ 174 } while (0) 175 #define DPRINTF2(...) \ 176 do { \ 177 if (dev->debug >= usbredirparser_debug_data) { \ 178 error_report("usb-redir: " __VA_ARGS__); \ 179 } \ 180 } while (0) 181 182 static void usbredir_log(void *priv, int level, const char *msg) 183 { 184 USBRedirDevice *dev = priv; 185 186 if (dev->debug < level) { 187 return; 188 } 189 190 error_report("%s", msg); 191 } 192 193 static void usbredir_log_data(USBRedirDevice *dev, const char *desc, 194 const uint8_t *data, int len) 195 { 196 int i, j, n; 197 198 if (dev->debug < usbredirparser_debug_data) { 199 return; 200 } 201 202 for (i = 0; i < len; i += j) { 203 char buf[128]; 204 205 n = sprintf(buf, "%s", desc); 206 for (j = 0; j < 8 && i + j < len; j++) { 207 n += sprintf(buf + n, " %02X", data[i + j]); 208 } 209 error_report("%s", buf); 210 } 211 } 212 213 /* 214 * usbredirparser io functions 215 */ 216 217 static int usbredir_read(void *priv, uint8_t *data, int count) 218 { 219 USBRedirDevice *dev = priv; 220 221 if (dev->read_buf_size < count) { 222 count = dev->read_buf_size; 223 } 224 225 memcpy(data, dev->read_buf, count); 226 227 dev->read_buf_size -= count; 228 if (dev->read_buf_size) { 229 dev->read_buf += count; 230 } else { 231 dev->read_buf = NULL; 232 } 233 234 return count; 235 } 236 237 static int usbredir_write(void *priv, uint8_t *data, int count) 238 { 239 USBRedirDevice *dev = priv; 240 241 if (!dev->cs->opened) { 242 return 0; 243 } 244 245 return qemu_chr_fe_write(dev->cs, data, count); 246 } 247 248 /* 249 * Async and buffered packets helpers 250 */ 251 252 static AsyncURB *async_alloc(USBRedirDevice *dev, USBPacket *p) 253 { 254 AsyncURB *aurb = (AsyncURB *) g_malloc0(sizeof(AsyncURB)); 255 aurb->dev = dev; 256 aurb->packet = p; 257 aurb->packet_id = dev->packet_id; 258 QTAILQ_INSERT_TAIL(&dev->asyncq, aurb, next); 259 dev->packet_id++; 260 261 return aurb; 262 } 263 264 static void async_free(USBRedirDevice *dev, AsyncURB *aurb) 265 { 266 QTAILQ_REMOVE(&dev->asyncq, aurb, next); 267 g_free(aurb); 268 } 269 270 static AsyncURB *async_find(USBRedirDevice *dev, uint32_t packet_id) 271 { 272 AsyncURB *aurb; 273 274 QTAILQ_FOREACH(aurb, &dev->asyncq, next) { 275 if (aurb->packet_id == packet_id) { 276 return aurb; 277 } 278 } 279 ERROR("could not find async urb for packet_id %u\n", packet_id); 280 return NULL; 281 } 282 283 static void usbredir_cancel_packet(USBDevice *udev, USBPacket *p) 284 { 285 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 286 AsyncURB *aurb; 287 288 QTAILQ_FOREACH(aurb, &dev->asyncq, next) { 289 if (p != aurb->packet) { 290 continue; 291 } 292 293 DPRINTF("async cancel id %u\n", aurb->packet_id); 294 usbredirparser_send_cancel_data_packet(dev->parser, aurb->packet_id); 295 usbredirparser_do_write(dev->parser); 296 297 /* Mark it as dead */ 298 aurb->packet = NULL; 299 break; 300 } 301 } 302 303 static void bufp_alloc(USBRedirDevice *dev, 304 uint8_t *data, int len, int status, uint8_t ep) 305 { 306 struct buf_packet *bufp; 307 308 if (!dev->endpoint[EP2I(ep)].bufpq_dropping_packets && 309 dev->endpoint[EP2I(ep)].bufpq_size > 310 2 * dev->endpoint[EP2I(ep)].bufpq_target_size) { 311 DPRINTF("bufpq overflow, dropping packets ep %02X\n", ep); 312 dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 1; 313 } 314 /* Since we're interupting the stream anyways, drop enough packets to get 315 back to our target buffer size */ 316 if (dev->endpoint[EP2I(ep)].bufpq_dropping_packets) { 317 if (dev->endpoint[EP2I(ep)].bufpq_size > 318 dev->endpoint[EP2I(ep)].bufpq_target_size) { 319 free(data); 320 return; 321 } 322 dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 0; 323 } 324 325 bufp = g_malloc(sizeof(struct buf_packet)); 326 bufp->data = data; 327 bufp->len = len; 328 bufp->status = status; 329 QTAILQ_INSERT_TAIL(&dev->endpoint[EP2I(ep)].bufpq, bufp, next); 330 dev->endpoint[EP2I(ep)].bufpq_size++; 331 } 332 333 static void bufp_free(USBRedirDevice *dev, struct buf_packet *bufp, 334 uint8_t ep) 335 { 336 QTAILQ_REMOVE(&dev->endpoint[EP2I(ep)].bufpq, bufp, next); 337 dev->endpoint[EP2I(ep)].bufpq_size--; 338 free(bufp->data); 339 g_free(bufp); 340 } 341 342 static void usbredir_free_bufpq(USBRedirDevice *dev, uint8_t ep) 343 { 344 struct buf_packet *buf, *buf_next; 345 346 QTAILQ_FOREACH_SAFE(buf, &dev->endpoint[EP2I(ep)].bufpq, next, buf_next) { 347 bufp_free(dev, buf, ep); 348 } 349 } 350 351 /* 352 * USBDevice callbacks 353 */ 354 355 static void usbredir_handle_reset(USBDevice *udev) 356 { 357 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 358 359 DPRINTF("reset device\n"); 360 usbredirparser_send_reset(dev->parser); 361 usbredirparser_do_write(dev->parser); 362 } 363 364 static int usbredir_handle_iso_data(USBRedirDevice *dev, USBPacket *p, 365 uint8_t ep) 366 { 367 int status, len; 368 if (!dev->endpoint[EP2I(ep)].iso_started && 369 !dev->endpoint[EP2I(ep)].iso_error) { 370 struct usb_redir_start_iso_stream_header start_iso = { 371 .endpoint = ep, 372 }; 373 int pkts_per_sec; 374 375 if (dev->dev.speed == USB_SPEED_HIGH) { 376 pkts_per_sec = 8000 / dev->endpoint[EP2I(ep)].interval; 377 } else { 378 pkts_per_sec = 1000 / dev->endpoint[EP2I(ep)].interval; 379 } 380 /* Testing has shown that we need circa 60 ms buffer */ 381 dev->endpoint[EP2I(ep)].bufpq_target_size = (pkts_per_sec * 60) / 1000; 382 383 /* Aim for approx 100 interrupts / second on the client to 384 balance latency and interrupt load */ 385 start_iso.pkts_per_urb = pkts_per_sec / 100; 386 if (start_iso.pkts_per_urb < 1) { 387 start_iso.pkts_per_urb = 1; 388 } else if (start_iso.pkts_per_urb > 32) { 389 start_iso.pkts_per_urb = 32; 390 } 391 392 start_iso.no_urbs = (dev->endpoint[EP2I(ep)].bufpq_target_size + 393 start_iso.pkts_per_urb - 1) / 394 start_iso.pkts_per_urb; 395 /* Output endpoints pre-fill only 1/2 of the packets, keeping the rest 396 as overflow buffer. Also see the usbredir protocol documentation */ 397 if (!(ep & USB_DIR_IN)) { 398 start_iso.no_urbs *= 2; 399 } 400 if (start_iso.no_urbs > 16) { 401 start_iso.no_urbs = 16; 402 } 403 404 /* No id, we look at the ep when receiving a status back */ 405 usbredirparser_send_start_iso_stream(dev->parser, 0, &start_iso); 406 usbredirparser_do_write(dev->parser); 407 DPRINTF("iso stream started pkts/sec %d pkts/urb %d urbs %d ep %02X\n", 408 pkts_per_sec, start_iso.pkts_per_urb, start_iso.no_urbs, ep); 409 dev->endpoint[EP2I(ep)].iso_started = 1; 410 dev->endpoint[EP2I(ep)].bufpq_prefilled = 0; 411 dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 0; 412 } 413 414 if (ep & USB_DIR_IN) { 415 struct buf_packet *isop; 416 417 if (dev->endpoint[EP2I(ep)].iso_started && 418 !dev->endpoint[EP2I(ep)].bufpq_prefilled) { 419 if (dev->endpoint[EP2I(ep)].bufpq_size < 420 dev->endpoint[EP2I(ep)].bufpq_target_size) { 421 return usbredir_handle_status(dev, 0, 0); 422 } 423 dev->endpoint[EP2I(ep)].bufpq_prefilled = 1; 424 } 425 426 isop = QTAILQ_FIRST(&dev->endpoint[EP2I(ep)].bufpq); 427 if (isop == NULL) { 428 DPRINTF("iso-token-in ep %02X, no isop, iso_error: %d\n", 429 ep, dev->endpoint[EP2I(ep)].iso_error); 430 /* Re-fill the buffer */ 431 dev->endpoint[EP2I(ep)].bufpq_prefilled = 0; 432 /* Check iso_error for stream errors, otherwise its an underrun */ 433 status = dev->endpoint[EP2I(ep)].iso_error; 434 dev->endpoint[EP2I(ep)].iso_error = 0; 435 return status ? USB_RET_IOERROR : 0; 436 } 437 DPRINTF2("iso-token-in ep %02X status %d len %d queue-size: %d\n", ep, 438 isop->status, isop->len, dev->endpoint[EP2I(ep)].bufpq_size); 439 440 status = isop->status; 441 if (status != usb_redir_success) { 442 bufp_free(dev, isop, ep); 443 return USB_RET_IOERROR; 444 } 445 446 len = isop->len; 447 if (len > p->iov.size) { 448 ERROR("received iso data is larger then packet ep %02X (%d > %d)\n", 449 ep, len, (int)p->iov.size); 450 bufp_free(dev, isop, ep); 451 return USB_RET_BABBLE; 452 } 453 usb_packet_copy(p, isop->data, len); 454 bufp_free(dev, isop, ep); 455 return len; 456 } else { 457 /* If the stream was not started because of a pending error don't 458 send the packet to the usb-host */ 459 if (dev->endpoint[EP2I(ep)].iso_started) { 460 struct usb_redir_iso_packet_header iso_packet = { 461 .endpoint = ep, 462 .length = p->iov.size 463 }; 464 uint8_t buf[p->iov.size]; 465 /* No id, we look at the ep when receiving a status back */ 466 usb_packet_copy(p, buf, p->iov.size); 467 usbredirparser_send_iso_packet(dev->parser, 0, &iso_packet, 468 buf, p->iov.size); 469 usbredirparser_do_write(dev->parser); 470 } 471 status = dev->endpoint[EP2I(ep)].iso_error; 472 dev->endpoint[EP2I(ep)].iso_error = 0; 473 DPRINTF2("iso-token-out ep %02X status %d len %zd\n", ep, status, 474 p->iov.size); 475 return usbredir_handle_status(dev, status, p->iov.size); 476 } 477 } 478 479 static void usbredir_stop_iso_stream(USBRedirDevice *dev, uint8_t ep) 480 { 481 struct usb_redir_stop_iso_stream_header stop_iso_stream = { 482 .endpoint = ep 483 }; 484 if (dev->endpoint[EP2I(ep)].iso_started) { 485 usbredirparser_send_stop_iso_stream(dev->parser, 0, &stop_iso_stream); 486 DPRINTF("iso stream stopped ep %02X\n", ep); 487 dev->endpoint[EP2I(ep)].iso_started = 0; 488 } 489 dev->endpoint[EP2I(ep)].iso_error = 0; 490 usbredir_free_bufpq(dev, ep); 491 } 492 493 static int usbredir_handle_bulk_data(USBRedirDevice *dev, USBPacket *p, 494 uint8_t ep) 495 { 496 AsyncURB *aurb = async_alloc(dev, p); 497 struct usb_redir_bulk_packet_header bulk_packet; 498 499 DPRINTF("bulk-out ep %02X len %zd id %u\n", ep, 500 p->iov.size, aurb->packet_id); 501 502 bulk_packet.endpoint = ep; 503 bulk_packet.length = p->iov.size; 504 bulk_packet.stream_id = 0; 505 aurb->bulk_packet = bulk_packet; 506 507 if (ep & USB_DIR_IN) { 508 usbredirparser_send_bulk_packet(dev->parser, aurb->packet_id, 509 &bulk_packet, NULL, 0); 510 } else { 511 uint8_t buf[p->iov.size]; 512 usb_packet_copy(p, buf, p->iov.size); 513 usbredir_log_data(dev, "bulk data out:", buf, p->iov.size); 514 usbredirparser_send_bulk_packet(dev->parser, aurb->packet_id, 515 &bulk_packet, buf, p->iov.size); 516 } 517 usbredirparser_do_write(dev->parser); 518 return USB_RET_ASYNC; 519 } 520 521 static int usbredir_handle_interrupt_data(USBRedirDevice *dev, 522 USBPacket *p, uint8_t ep) 523 { 524 if (ep & USB_DIR_IN) { 525 /* Input interrupt endpoint, buffered packet input */ 526 struct buf_packet *intp; 527 int status, len; 528 529 if (!dev->endpoint[EP2I(ep)].interrupt_started && 530 !dev->endpoint[EP2I(ep)].interrupt_error) { 531 struct usb_redir_start_interrupt_receiving_header start_int = { 532 .endpoint = ep, 533 }; 534 /* No id, we look at the ep when receiving a status back */ 535 usbredirparser_send_start_interrupt_receiving(dev->parser, 0, 536 &start_int); 537 usbredirparser_do_write(dev->parser); 538 DPRINTF("interrupt recv started ep %02X\n", ep); 539 dev->endpoint[EP2I(ep)].interrupt_started = 1; 540 /* We don't really want to drop interrupt packets ever, but 541 having some upper limit to how much we buffer is good. */ 542 dev->endpoint[EP2I(ep)].bufpq_target_size = 1000; 543 dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 0; 544 } 545 546 intp = QTAILQ_FIRST(&dev->endpoint[EP2I(ep)].bufpq); 547 if (intp == NULL) { 548 DPRINTF2("interrupt-token-in ep %02X, no intp\n", ep); 549 /* Check interrupt_error for stream errors */ 550 status = dev->endpoint[EP2I(ep)].interrupt_error; 551 dev->endpoint[EP2I(ep)].interrupt_error = 0; 552 if (status) { 553 return usbredir_handle_status(dev, status, 0); 554 } 555 return USB_RET_NAK; 556 } 557 DPRINTF("interrupt-token-in ep %02X status %d len %d\n", ep, 558 intp->status, intp->len); 559 560 status = intp->status; 561 if (status != usb_redir_success) { 562 bufp_free(dev, intp, ep); 563 return usbredir_handle_status(dev, status, 0); 564 } 565 566 len = intp->len; 567 if (len > p->iov.size) { 568 ERROR("received int data is larger then packet ep %02X\n", ep); 569 bufp_free(dev, intp, ep); 570 return USB_RET_BABBLE; 571 } 572 usb_packet_copy(p, intp->data, len); 573 bufp_free(dev, intp, ep); 574 return len; 575 } else { 576 /* Output interrupt endpoint, normal async operation */ 577 AsyncURB *aurb = async_alloc(dev, p); 578 struct usb_redir_interrupt_packet_header interrupt_packet; 579 uint8_t buf[p->iov.size]; 580 581 DPRINTF("interrupt-out ep %02X len %zd id %u\n", ep, p->iov.size, 582 aurb->packet_id); 583 584 interrupt_packet.endpoint = ep; 585 interrupt_packet.length = p->iov.size; 586 aurb->interrupt_packet = interrupt_packet; 587 588 usb_packet_copy(p, buf, p->iov.size); 589 usbredir_log_data(dev, "interrupt data out:", buf, p->iov.size); 590 usbredirparser_send_interrupt_packet(dev->parser, aurb->packet_id, 591 &interrupt_packet, buf, p->iov.size); 592 usbredirparser_do_write(dev->parser); 593 return USB_RET_ASYNC; 594 } 595 } 596 597 static void usbredir_stop_interrupt_receiving(USBRedirDevice *dev, 598 uint8_t ep) 599 { 600 struct usb_redir_stop_interrupt_receiving_header stop_interrupt_recv = { 601 .endpoint = ep 602 }; 603 if (dev->endpoint[EP2I(ep)].interrupt_started) { 604 usbredirparser_send_stop_interrupt_receiving(dev->parser, 0, 605 &stop_interrupt_recv); 606 DPRINTF("interrupt recv stopped ep %02X\n", ep); 607 dev->endpoint[EP2I(ep)].interrupt_started = 0; 608 } 609 dev->endpoint[EP2I(ep)].interrupt_error = 0; 610 usbredir_free_bufpq(dev, ep); 611 } 612 613 static int usbredir_handle_data(USBDevice *udev, USBPacket *p) 614 { 615 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 616 uint8_t ep; 617 618 ep = p->ep->nr; 619 if (p->pid == USB_TOKEN_IN) { 620 ep |= USB_DIR_IN; 621 } 622 623 switch (dev->endpoint[EP2I(ep)].type) { 624 case USB_ENDPOINT_XFER_CONTROL: 625 ERROR("handle_data called for control transfer on ep %02X\n", ep); 626 return USB_RET_NAK; 627 case USB_ENDPOINT_XFER_ISOC: 628 return usbredir_handle_iso_data(dev, p, ep); 629 case USB_ENDPOINT_XFER_BULK: 630 return usbredir_handle_bulk_data(dev, p, ep); 631 case USB_ENDPOINT_XFER_INT: 632 return usbredir_handle_interrupt_data(dev, p, ep); 633 default: 634 ERROR("handle_data ep %02X has unknown type %d\n", ep, 635 dev->endpoint[EP2I(ep)].type); 636 return USB_RET_NAK; 637 } 638 } 639 640 static int usbredir_set_config(USBRedirDevice *dev, USBPacket *p, 641 int config) 642 { 643 struct usb_redir_set_configuration_header set_config; 644 AsyncURB *aurb = async_alloc(dev, p); 645 int i; 646 647 DPRINTF("set config %d id %u\n", config, aurb->packet_id); 648 649 for (i = 0; i < MAX_ENDPOINTS; i++) { 650 switch (dev->endpoint[i].type) { 651 case USB_ENDPOINT_XFER_ISOC: 652 usbredir_stop_iso_stream(dev, I2EP(i)); 653 break; 654 case USB_ENDPOINT_XFER_INT: 655 if (i & 0x10) { 656 usbredir_stop_interrupt_receiving(dev, I2EP(i)); 657 } 658 break; 659 } 660 usbredir_free_bufpq(dev, I2EP(i)); 661 } 662 663 set_config.configuration = config; 664 usbredirparser_send_set_configuration(dev->parser, aurb->packet_id, 665 &set_config); 666 usbredirparser_do_write(dev->parser); 667 return USB_RET_ASYNC; 668 } 669 670 static int usbredir_get_config(USBRedirDevice *dev, USBPacket *p) 671 { 672 AsyncURB *aurb = async_alloc(dev, p); 673 674 DPRINTF("get config id %u\n", aurb->packet_id); 675 676 aurb->get = 1; 677 usbredirparser_send_get_configuration(dev->parser, aurb->packet_id); 678 usbredirparser_do_write(dev->parser); 679 return USB_RET_ASYNC; 680 } 681 682 static int usbredir_set_interface(USBRedirDevice *dev, USBPacket *p, 683 int interface, int alt) 684 { 685 struct usb_redir_set_alt_setting_header set_alt; 686 AsyncURB *aurb = async_alloc(dev, p); 687 int i; 688 689 DPRINTF("set interface %d alt %d id %u\n", interface, alt, 690 aurb->packet_id); 691 692 for (i = 0; i < MAX_ENDPOINTS; i++) { 693 if (dev->endpoint[i].interface == interface) { 694 switch (dev->endpoint[i].type) { 695 case USB_ENDPOINT_XFER_ISOC: 696 usbredir_stop_iso_stream(dev, I2EP(i)); 697 break; 698 case USB_ENDPOINT_XFER_INT: 699 if (i & 0x10) { 700 usbredir_stop_interrupt_receiving(dev, I2EP(i)); 701 } 702 break; 703 } 704 usbredir_free_bufpq(dev, I2EP(i)); 705 } 706 } 707 708 set_alt.interface = interface; 709 set_alt.alt = alt; 710 usbredirparser_send_set_alt_setting(dev->parser, aurb->packet_id, 711 &set_alt); 712 usbredirparser_do_write(dev->parser); 713 return USB_RET_ASYNC; 714 } 715 716 static int usbredir_get_interface(USBRedirDevice *dev, USBPacket *p, 717 int interface) 718 { 719 struct usb_redir_get_alt_setting_header get_alt; 720 AsyncURB *aurb = async_alloc(dev, p); 721 722 DPRINTF("get interface %d id %u\n", interface, aurb->packet_id); 723 724 get_alt.interface = interface; 725 aurb->get = 1; 726 usbredirparser_send_get_alt_setting(dev->parser, aurb->packet_id, 727 &get_alt); 728 usbredirparser_do_write(dev->parser); 729 return USB_RET_ASYNC; 730 } 731 732 static int usbredir_handle_control(USBDevice *udev, USBPacket *p, 733 int request, int value, int index, int length, uint8_t *data) 734 { 735 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 736 struct usb_redir_control_packet_header control_packet; 737 AsyncURB *aurb; 738 739 /* Special cases for certain standard device requests */ 740 switch (request) { 741 case DeviceOutRequest | USB_REQ_SET_ADDRESS: 742 DPRINTF("set address %d\n", value); 743 dev->dev.addr = value; 744 return 0; 745 case DeviceOutRequest | USB_REQ_SET_CONFIGURATION: 746 return usbredir_set_config(dev, p, value & 0xff); 747 case DeviceRequest | USB_REQ_GET_CONFIGURATION: 748 return usbredir_get_config(dev, p); 749 case InterfaceOutRequest | USB_REQ_SET_INTERFACE: 750 return usbredir_set_interface(dev, p, index, value); 751 case InterfaceRequest | USB_REQ_GET_INTERFACE: 752 return usbredir_get_interface(dev, p, index); 753 } 754 755 /* "Normal" ctrl requests */ 756 aurb = async_alloc(dev, p); 757 758 /* Note request is (bRequestType << 8) | bRequest */ 759 DPRINTF("ctrl-out type 0x%x req 0x%x val 0x%x index %d len %d id %u\n", 760 request >> 8, request & 0xff, value, index, length, 761 aurb->packet_id); 762 763 control_packet.request = request & 0xFF; 764 control_packet.requesttype = request >> 8; 765 control_packet.endpoint = control_packet.requesttype & USB_DIR_IN; 766 control_packet.value = value; 767 control_packet.index = index; 768 control_packet.length = length; 769 aurb->control_packet = control_packet; 770 771 if (control_packet.requesttype & USB_DIR_IN) { 772 usbredirparser_send_control_packet(dev->parser, aurb->packet_id, 773 &control_packet, NULL, 0); 774 } else { 775 usbredir_log_data(dev, "ctrl data out:", data, length); 776 usbredirparser_send_control_packet(dev->parser, aurb->packet_id, 777 &control_packet, data, length); 778 } 779 usbredirparser_do_write(dev->parser); 780 return USB_RET_ASYNC; 781 } 782 783 /* 784 * Close events can be triggered by usbredirparser_do_write which gets called 785 * from within the USBDevice data / control packet callbacks and doing a 786 * usb_detach from within these callbacks is not a good idea. 787 * 788 * So we use a bh handler to take care of close events. We also handle 789 * open events from this callback to make sure that a close directly followed 790 * by an open gets handled in the right order. 791 */ 792 static void usbredir_open_close_bh(void *opaque) 793 { 794 USBRedirDevice *dev = opaque; 795 uint32_t caps[USB_REDIR_CAPS_SIZE] = { 0, }; 796 797 usbredir_device_disconnect(dev); 798 799 if (dev->parser) { 800 usbredirparser_destroy(dev->parser); 801 dev->parser = NULL; 802 } 803 804 if (dev->cs->opened) { 805 dev->parser = qemu_oom_check(usbredirparser_create()); 806 dev->parser->priv = dev; 807 dev->parser->log_func = usbredir_log; 808 dev->parser->read_func = usbredir_read; 809 dev->parser->write_func = usbredir_write; 810 dev->parser->hello_func = usbredir_hello; 811 dev->parser->device_connect_func = usbredir_device_connect; 812 dev->parser->device_disconnect_func = usbredir_device_disconnect; 813 dev->parser->interface_info_func = usbredir_interface_info; 814 dev->parser->ep_info_func = usbredir_ep_info; 815 dev->parser->configuration_status_func = usbredir_configuration_status; 816 dev->parser->alt_setting_status_func = usbredir_alt_setting_status; 817 dev->parser->iso_stream_status_func = usbredir_iso_stream_status; 818 dev->parser->interrupt_receiving_status_func = 819 usbredir_interrupt_receiving_status; 820 dev->parser->bulk_streams_status_func = usbredir_bulk_streams_status; 821 dev->parser->control_packet_func = usbredir_control_packet; 822 dev->parser->bulk_packet_func = usbredir_bulk_packet; 823 dev->parser->iso_packet_func = usbredir_iso_packet; 824 dev->parser->interrupt_packet_func = usbredir_interrupt_packet; 825 dev->read_buf = NULL; 826 dev->read_buf_size = 0; 827 828 usbredirparser_caps_set_cap(caps, usb_redir_cap_connect_device_version); 829 usbredirparser_caps_set_cap(caps, usb_redir_cap_filter); 830 usbredirparser_init(dev->parser, VERSION, caps, USB_REDIR_CAPS_SIZE, 0); 831 usbredirparser_do_write(dev->parser); 832 } 833 } 834 835 static void usbredir_do_attach(void *opaque) 836 { 837 USBRedirDevice *dev = opaque; 838 839 if (usb_device_attach(&dev->dev) != 0) { 840 usbredir_device_disconnect(dev); 841 if (usbredirparser_peer_has_cap(dev->parser, usb_redir_cap_filter)) { 842 usbredirparser_send_filter_reject(dev->parser); 843 usbredirparser_do_write(dev->parser); 844 } 845 } 846 } 847 848 /* 849 * chardev callbacks 850 */ 851 852 static int usbredir_chardev_can_read(void *opaque) 853 { 854 USBRedirDevice *dev = opaque; 855 856 if (dev->parser) { 857 /* usbredir_parser_do_read will consume *all* data we give it */ 858 return 1024 * 1024; 859 } else { 860 /* usbredir_open_close_bh hasn't handled the open event yet */ 861 return 0; 862 } 863 } 864 865 static void usbredir_chardev_read(void *opaque, const uint8_t *buf, int size) 866 { 867 USBRedirDevice *dev = opaque; 868 869 /* No recursion allowed! */ 870 assert(dev->read_buf == NULL); 871 872 dev->read_buf = buf; 873 dev->read_buf_size = size; 874 875 usbredirparser_do_read(dev->parser); 876 /* Send any acks, etc. which may be queued now */ 877 usbredirparser_do_write(dev->parser); 878 } 879 880 static void usbredir_chardev_event(void *opaque, int event) 881 { 882 USBRedirDevice *dev = opaque; 883 884 switch (event) { 885 case CHR_EVENT_OPENED: 886 case CHR_EVENT_CLOSED: 887 qemu_bh_schedule(dev->open_close_bh); 888 break; 889 } 890 } 891 892 /* 893 * init + destroy 894 */ 895 896 static int usbredir_initfn(USBDevice *udev) 897 { 898 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 899 int i; 900 901 if (dev->cs == NULL) { 902 qerror_report(QERR_MISSING_PARAMETER, "chardev"); 903 return -1; 904 } 905 906 if (dev->filter_str) { 907 i = usbredirfilter_string_to_rules(dev->filter_str, ":", "|", 908 &dev->filter_rules, 909 &dev->filter_rules_count); 910 if (i) { 911 qerror_report(QERR_INVALID_PARAMETER_VALUE, "filter", 912 "a usb device filter string"); 913 return -1; 914 } 915 } 916 917 dev->open_close_bh = qemu_bh_new(usbredir_open_close_bh, dev); 918 dev->attach_timer = qemu_new_timer_ms(vm_clock, usbredir_do_attach, dev); 919 920 QTAILQ_INIT(&dev->asyncq); 921 for (i = 0; i < MAX_ENDPOINTS; i++) { 922 QTAILQ_INIT(&dev->endpoint[i].bufpq); 923 } 924 925 /* We'll do the attach once we receive the speed from the usb-host */ 926 udev->auto_attach = 0; 927 928 /* Let the backend know we are ready */ 929 qemu_chr_fe_open(dev->cs); 930 qemu_chr_add_handlers(dev->cs, usbredir_chardev_can_read, 931 usbredir_chardev_read, usbredir_chardev_event, dev); 932 933 add_boot_device_path(dev->bootindex, &udev->qdev, NULL); 934 return 0; 935 } 936 937 static void usbredir_cleanup_device_queues(USBRedirDevice *dev) 938 { 939 AsyncURB *aurb, *next_aurb; 940 int i; 941 942 QTAILQ_FOREACH_SAFE(aurb, &dev->asyncq, next, next_aurb) { 943 async_free(dev, aurb); 944 } 945 for (i = 0; i < MAX_ENDPOINTS; i++) { 946 usbredir_free_bufpq(dev, I2EP(i)); 947 } 948 } 949 950 static void usbredir_handle_destroy(USBDevice *udev) 951 { 952 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 953 954 qemu_chr_fe_close(dev->cs); 955 qemu_chr_delete(dev->cs); 956 /* Note must be done after qemu_chr_close, as that causes a close event */ 957 qemu_bh_delete(dev->open_close_bh); 958 959 qemu_del_timer(dev->attach_timer); 960 qemu_free_timer(dev->attach_timer); 961 962 usbredir_cleanup_device_queues(dev); 963 964 if (dev->parser) { 965 usbredirparser_destroy(dev->parser); 966 } 967 968 free(dev->filter_rules); 969 } 970 971 static int usbredir_check_filter(USBRedirDevice *dev) 972 { 973 if (dev->interface_info.interface_count == 0) { 974 ERROR("No interface info for device\n"); 975 goto error; 976 } 977 978 if (dev->filter_rules) { 979 if (!usbredirparser_peer_has_cap(dev->parser, 980 usb_redir_cap_connect_device_version)) { 981 ERROR("Device filter specified and peer does not have the " 982 "connect_device_version capability\n"); 983 goto error; 984 } 985 986 if (usbredirfilter_check( 987 dev->filter_rules, 988 dev->filter_rules_count, 989 dev->device_info.device_class, 990 dev->device_info.device_subclass, 991 dev->device_info.device_protocol, 992 dev->interface_info.interface_class, 993 dev->interface_info.interface_subclass, 994 dev->interface_info.interface_protocol, 995 dev->interface_info.interface_count, 996 dev->device_info.vendor_id, 997 dev->device_info.product_id, 998 dev->device_info.device_version_bcd, 999 0) != 0) { 1000 goto error; 1001 } 1002 } 1003 1004 return 0; 1005 1006 error: 1007 usbredir_device_disconnect(dev); 1008 if (usbredirparser_peer_has_cap(dev->parser, usb_redir_cap_filter)) { 1009 usbredirparser_send_filter_reject(dev->parser); 1010 usbredirparser_do_write(dev->parser); 1011 } 1012 return -1; 1013 } 1014 1015 /* 1016 * usbredirparser packet complete callbacks 1017 */ 1018 1019 static int usbredir_handle_status(USBRedirDevice *dev, 1020 int status, int actual_len) 1021 { 1022 switch (status) { 1023 case usb_redir_success: 1024 return actual_len; 1025 case usb_redir_stall: 1026 return USB_RET_STALL; 1027 case usb_redir_cancelled: 1028 WARNING("returning cancelled packet to HC?\n"); 1029 return USB_RET_NAK; 1030 case usb_redir_inval: 1031 WARNING("got invalid param error from usb-host?\n"); 1032 return USB_RET_NAK; 1033 case usb_redir_ioerror: 1034 case usb_redir_timeout: 1035 default: 1036 return USB_RET_IOERROR; 1037 } 1038 } 1039 1040 static void usbredir_hello(void *priv, struct usb_redir_hello_header *h) 1041 { 1042 USBRedirDevice *dev = priv; 1043 1044 /* Try to send the filter info now that we've the usb-host's caps */ 1045 if (usbredirparser_peer_has_cap(dev->parser, usb_redir_cap_filter) && 1046 dev->filter_rules) { 1047 usbredirparser_send_filter_filter(dev->parser, dev->filter_rules, 1048 dev->filter_rules_count); 1049 usbredirparser_do_write(dev->parser); 1050 } 1051 } 1052 1053 static void usbredir_device_connect(void *priv, 1054 struct usb_redir_device_connect_header *device_connect) 1055 { 1056 USBRedirDevice *dev = priv; 1057 const char *speed; 1058 1059 if (qemu_timer_pending(dev->attach_timer) || dev->dev.attached) { 1060 ERROR("Received device connect while already connected\n"); 1061 return; 1062 } 1063 1064 switch (device_connect->speed) { 1065 case usb_redir_speed_low: 1066 speed = "low speed"; 1067 dev->dev.speed = USB_SPEED_LOW; 1068 break; 1069 case usb_redir_speed_full: 1070 speed = "full speed"; 1071 dev->dev.speed = USB_SPEED_FULL; 1072 break; 1073 case usb_redir_speed_high: 1074 speed = "high speed"; 1075 dev->dev.speed = USB_SPEED_HIGH; 1076 break; 1077 case usb_redir_speed_super: 1078 speed = "super speed"; 1079 dev->dev.speed = USB_SPEED_SUPER; 1080 break; 1081 default: 1082 speed = "unknown speed"; 1083 dev->dev.speed = USB_SPEED_FULL; 1084 } 1085 1086 if (usbredirparser_peer_has_cap(dev->parser, 1087 usb_redir_cap_connect_device_version)) { 1088 INFO("attaching %s device %04x:%04x version %d.%d class %02x\n", 1089 speed, device_connect->vendor_id, device_connect->product_id, 1090 ((device_connect->device_version_bcd & 0xf000) >> 12) * 10 + 1091 ((device_connect->device_version_bcd & 0x0f00) >> 8), 1092 ((device_connect->device_version_bcd & 0x00f0) >> 4) * 10 + 1093 ((device_connect->device_version_bcd & 0x000f) >> 0), 1094 device_connect->device_class); 1095 } else { 1096 INFO("attaching %s device %04x:%04x class %02x\n", speed, 1097 device_connect->vendor_id, device_connect->product_id, 1098 device_connect->device_class); 1099 } 1100 1101 dev->dev.speedmask = (1 << dev->dev.speed); 1102 dev->device_info = *device_connect; 1103 1104 if (usbredir_check_filter(dev)) { 1105 WARNING("Device %04x:%04x rejected by device filter, not attaching\n", 1106 device_connect->vendor_id, device_connect->product_id); 1107 return; 1108 } 1109 1110 qemu_mod_timer(dev->attach_timer, dev->next_attach_time); 1111 } 1112 1113 static void usbredir_device_disconnect(void *priv) 1114 { 1115 USBRedirDevice *dev = priv; 1116 int i; 1117 1118 /* Stop any pending attaches */ 1119 qemu_del_timer(dev->attach_timer); 1120 1121 if (dev->dev.attached) { 1122 usb_device_detach(&dev->dev); 1123 /* 1124 * Delay next usb device attach to give the guest a chance to see 1125 * see the detach / attach in case of quick close / open succession 1126 */ 1127 dev->next_attach_time = qemu_get_clock_ms(vm_clock) + 200; 1128 } 1129 1130 /* Reset state so that the next dev connected starts with a clean slate */ 1131 usbredir_cleanup_device_queues(dev); 1132 memset(dev->endpoint, 0, sizeof(dev->endpoint)); 1133 for (i = 0; i < MAX_ENDPOINTS; i++) { 1134 QTAILQ_INIT(&dev->endpoint[i].bufpq); 1135 } 1136 usb_ep_init(&dev->dev); 1137 dev->interface_info.interface_count = 0; 1138 } 1139 1140 static void usbredir_interface_info(void *priv, 1141 struct usb_redir_interface_info_header *interface_info) 1142 { 1143 USBRedirDevice *dev = priv; 1144 1145 dev->interface_info = *interface_info; 1146 1147 /* 1148 * If we receive interface info after the device has already been 1149 * connected (ie on a set_config), re-check the filter. 1150 */ 1151 if (qemu_timer_pending(dev->attach_timer) || dev->dev.attached) { 1152 if (usbredir_check_filter(dev)) { 1153 ERROR("Device no longer matches filter after interface info " 1154 "change, disconnecting!\n"); 1155 } 1156 } 1157 } 1158 1159 static void usbredir_ep_info(void *priv, 1160 struct usb_redir_ep_info_header *ep_info) 1161 { 1162 USBRedirDevice *dev = priv; 1163 struct USBEndpoint *usb_ep; 1164 int i; 1165 1166 for (i = 0; i < MAX_ENDPOINTS; i++) { 1167 dev->endpoint[i].type = ep_info->type[i]; 1168 dev->endpoint[i].interval = ep_info->interval[i]; 1169 dev->endpoint[i].interface = ep_info->interface[i]; 1170 switch (dev->endpoint[i].type) { 1171 case usb_redir_type_invalid: 1172 break; 1173 case usb_redir_type_iso: 1174 case usb_redir_type_interrupt: 1175 if (dev->endpoint[i].interval == 0) { 1176 ERROR("Received 0 interval for isoc or irq endpoint\n"); 1177 usbredir_device_disconnect(dev); 1178 } 1179 /* Fall through */ 1180 case usb_redir_type_control: 1181 case usb_redir_type_bulk: 1182 DPRINTF("ep: %02X type: %d interface: %d\n", I2EP(i), 1183 dev->endpoint[i].type, dev->endpoint[i].interface); 1184 break; 1185 default: 1186 ERROR("Received invalid endpoint type\n"); 1187 usbredir_device_disconnect(dev); 1188 return; 1189 } 1190 usb_ep = usb_ep_get(&dev->dev, 1191 (i & 0x10) ? USB_TOKEN_IN : USB_TOKEN_OUT, 1192 i & 0x0f); 1193 usb_ep->type = dev->endpoint[i].type; 1194 usb_ep->ifnum = dev->endpoint[i].interface; 1195 } 1196 } 1197 1198 static void usbredir_configuration_status(void *priv, uint32_t id, 1199 struct usb_redir_configuration_status_header *config_status) 1200 { 1201 USBRedirDevice *dev = priv; 1202 AsyncURB *aurb; 1203 int len = 0; 1204 1205 DPRINTF("set config status %d config %d id %u\n", config_status->status, 1206 config_status->configuration, id); 1207 1208 aurb = async_find(dev, id); 1209 if (!aurb) { 1210 return; 1211 } 1212 if (aurb->packet) { 1213 if (aurb->get) { 1214 dev->dev.data_buf[0] = config_status->configuration; 1215 len = 1; 1216 } 1217 aurb->packet->result = 1218 usbredir_handle_status(dev, config_status->status, len); 1219 usb_generic_async_ctrl_complete(&dev->dev, aurb->packet); 1220 } 1221 async_free(dev, aurb); 1222 } 1223 1224 static void usbredir_alt_setting_status(void *priv, uint32_t id, 1225 struct usb_redir_alt_setting_status_header *alt_setting_status) 1226 { 1227 USBRedirDevice *dev = priv; 1228 AsyncURB *aurb; 1229 int len = 0; 1230 1231 DPRINTF("alt status %d intf %d alt %d id: %u\n", 1232 alt_setting_status->status, 1233 alt_setting_status->interface, 1234 alt_setting_status->alt, id); 1235 1236 aurb = async_find(dev, id); 1237 if (!aurb) { 1238 return; 1239 } 1240 if (aurb->packet) { 1241 if (aurb->get) { 1242 dev->dev.data_buf[0] = alt_setting_status->alt; 1243 len = 1; 1244 } 1245 aurb->packet->result = 1246 usbredir_handle_status(dev, alt_setting_status->status, len); 1247 usb_generic_async_ctrl_complete(&dev->dev, aurb->packet); 1248 } 1249 async_free(dev, aurb); 1250 } 1251 1252 static void usbredir_iso_stream_status(void *priv, uint32_t id, 1253 struct usb_redir_iso_stream_status_header *iso_stream_status) 1254 { 1255 USBRedirDevice *dev = priv; 1256 uint8_t ep = iso_stream_status->endpoint; 1257 1258 DPRINTF("iso status %d ep %02X id %u\n", iso_stream_status->status, 1259 ep, id); 1260 1261 if (!dev->dev.attached || !dev->endpoint[EP2I(ep)].iso_started) { 1262 return; 1263 } 1264 1265 dev->endpoint[EP2I(ep)].iso_error = iso_stream_status->status; 1266 if (iso_stream_status->status == usb_redir_stall) { 1267 DPRINTF("iso stream stopped by peer ep %02X\n", ep); 1268 dev->endpoint[EP2I(ep)].iso_started = 0; 1269 } 1270 } 1271 1272 static void usbredir_interrupt_receiving_status(void *priv, uint32_t id, 1273 struct usb_redir_interrupt_receiving_status_header 1274 *interrupt_receiving_status) 1275 { 1276 USBRedirDevice *dev = priv; 1277 uint8_t ep = interrupt_receiving_status->endpoint; 1278 1279 DPRINTF("interrupt recv status %d ep %02X id %u\n", 1280 interrupt_receiving_status->status, ep, id); 1281 1282 if (!dev->dev.attached || !dev->endpoint[EP2I(ep)].interrupt_started) { 1283 return; 1284 } 1285 1286 dev->endpoint[EP2I(ep)].interrupt_error = 1287 interrupt_receiving_status->status; 1288 if (interrupt_receiving_status->status == usb_redir_stall) { 1289 DPRINTF("interrupt receiving stopped by peer ep %02X\n", ep); 1290 dev->endpoint[EP2I(ep)].interrupt_started = 0; 1291 } 1292 } 1293 1294 static void usbredir_bulk_streams_status(void *priv, uint32_t id, 1295 struct usb_redir_bulk_streams_status_header *bulk_streams_status) 1296 { 1297 } 1298 1299 static void usbredir_control_packet(void *priv, uint32_t id, 1300 struct usb_redir_control_packet_header *control_packet, 1301 uint8_t *data, int data_len) 1302 { 1303 USBRedirDevice *dev = priv; 1304 int len = control_packet->length; 1305 AsyncURB *aurb; 1306 1307 DPRINTF("ctrl-in status %d len %d id %u\n", control_packet->status, 1308 len, id); 1309 1310 aurb = async_find(dev, id); 1311 if (!aurb) { 1312 free(data); 1313 return; 1314 } 1315 1316 aurb->control_packet.status = control_packet->status; 1317 aurb->control_packet.length = control_packet->length; 1318 if (memcmp(&aurb->control_packet, control_packet, 1319 sizeof(*control_packet))) { 1320 ERROR("return control packet mismatch, please report this!\n"); 1321 len = USB_RET_NAK; 1322 } 1323 1324 if (aurb->packet) { 1325 len = usbredir_handle_status(dev, control_packet->status, len); 1326 if (len > 0) { 1327 usbredir_log_data(dev, "ctrl data in:", data, data_len); 1328 if (data_len <= sizeof(dev->dev.data_buf)) { 1329 memcpy(dev->dev.data_buf, data, data_len); 1330 } else { 1331 ERROR("ctrl buffer too small (%d > %zu)\n", 1332 data_len, sizeof(dev->dev.data_buf)); 1333 len = USB_RET_STALL; 1334 } 1335 } 1336 aurb->packet->result = len; 1337 usb_generic_async_ctrl_complete(&dev->dev, aurb->packet); 1338 } 1339 async_free(dev, aurb); 1340 free(data); 1341 } 1342 1343 static void usbredir_bulk_packet(void *priv, uint32_t id, 1344 struct usb_redir_bulk_packet_header *bulk_packet, 1345 uint8_t *data, int data_len) 1346 { 1347 USBRedirDevice *dev = priv; 1348 uint8_t ep = bulk_packet->endpoint; 1349 int len = bulk_packet->length; 1350 AsyncURB *aurb; 1351 1352 DPRINTF("bulk-in status %d ep %02X len %d id %u\n", bulk_packet->status, 1353 ep, len, id); 1354 1355 aurb = async_find(dev, id); 1356 if (!aurb) { 1357 free(data); 1358 return; 1359 } 1360 1361 if (aurb->bulk_packet.endpoint != bulk_packet->endpoint || 1362 aurb->bulk_packet.stream_id != bulk_packet->stream_id) { 1363 ERROR("return bulk packet mismatch, please report this!\n"); 1364 len = USB_RET_NAK; 1365 } 1366 1367 if (aurb->packet) { 1368 len = usbredir_handle_status(dev, bulk_packet->status, len); 1369 if (len > 0) { 1370 usbredir_log_data(dev, "bulk data in:", data, data_len); 1371 if (data_len <= aurb->packet->iov.size) { 1372 usb_packet_copy(aurb->packet, data, data_len); 1373 } else { 1374 ERROR("bulk buffer too small (%d > %zd)\n", data_len, 1375 aurb->packet->iov.size); 1376 len = USB_RET_STALL; 1377 } 1378 } 1379 aurb->packet->result = len; 1380 usb_packet_complete(&dev->dev, aurb->packet); 1381 } 1382 async_free(dev, aurb); 1383 free(data); 1384 } 1385 1386 static void usbredir_iso_packet(void *priv, uint32_t id, 1387 struct usb_redir_iso_packet_header *iso_packet, 1388 uint8_t *data, int data_len) 1389 { 1390 USBRedirDevice *dev = priv; 1391 uint8_t ep = iso_packet->endpoint; 1392 1393 DPRINTF2("iso-in status %d ep %02X len %d id %u\n", iso_packet->status, ep, 1394 data_len, id); 1395 1396 if (dev->endpoint[EP2I(ep)].type != USB_ENDPOINT_XFER_ISOC) { 1397 ERROR("received iso packet for non iso endpoint %02X\n", ep); 1398 free(data); 1399 return; 1400 } 1401 1402 if (dev->endpoint[EP2I(ep)].iso_started == 0) { 1403 DPRINTF("received iso packet for non started stream ep %02X\n", ep); 1404 free(data); 1405 return; 1406 } 1407 1408 /* bufp_alloc also adds the packet to the ep queue */ 1409 bufp_alloc(dev, data, data_len, iso_packet->status, ep); 1410 } 1411 1412 static void usbredir_interrupt_packet(void *priv, uint32_t id, 1413 struct usb_redir_interrupt_packet_header *interrupt_packet, 1414 uint8_t *data, int data_len) 1415 { 1416 USBRedirDevice *dev = priv; 1417 uint8_t ep = interrupt_packet->endpoint; 1418 1419 DPRINTF("interrupt-in status %d ep %02X len %d id %u\n", 1420 interrupt_packet->status, ep, data_len, id); 1421 1422 if (dev->endpoint[EP2I(ep)].type != USB_ENDPOINT_XFER_INT) { 1423 ERROR("received int packet for non interrupt endpoint %02X\n", ep); 1424 free(data); 1425 return; 1426 } 1427 1428 if (ep & USB_DIR_IN) { 1429 if (dev->endpoint[EP2I(ep)].interrupt_started == 0) { 1430 DPRINTF("received int packet while not started ep %02X\n", ep); 1431 free(data); 1432 return; 1433 } 1434 1435 /* bufp_alloc also adds the packet to the ep queue */ 1436 bufp_alloc(dev, data, data_len, interrupt_packet->status, ep); 1437 } else { 1438 int len = interrupt_packet->length; 1439 1440 AsyncURB *aurb = async_find(dev, id); 1441 if (!aurb) { 1442 return; 1443 } 1444 1445 if (aurb->interrupt_packet.endpoint != interrupt_packet->endpoint) { 1446 ERROR("return int packet mismatch, please report this!\n"); 1447 len = USB_RET_NAK; 1448 } 1449 1450 if (aurb->packet) { 1451 aurb->packet->result = usbredir_handle_status(dev, 1452 interrupt_packet->status, len); 1453 usb_packet_complete(&dev->dev, aurb->packet); 1454 } 1455 async_free(dev, aurb); 1456 } 1457 } 1458 1459 static Property usbredir_properties[] = { 1460 DEFINE_PROP_CHR("chardev", USBRedirDevice, cs), 1461 DEFINE_PROP_UINT8("debug", USBRedirDevice, debug, 0), 1462 DEFINE_PROP_STRING("filter", USBRedirDevice, filter_str), 1463 DEFINE_PROP_INT32("bootindex", USBRedirDevice, bootindex, -1), 1464 DEFINE_PROP_END_OF_LIST(), 1465 }; 1466 1467 static void usbredir_class_initfn(ObjectClass *klass, void *data) 1468 { 1469 USBDeviceClass *uc = USB_DEVICE_CLASS(klass); 1470 DeviceClass *dc = DEVICE_CLASS(klass); 1471 1472 uc->init = usbredir_initfn; 1473 uc->product_desc = "USB Redirection Device"; 1474 uc->handle_destroy = usbredir_handle_destroy; 1475 uc->cancel_packet = usbredir_cancel_packet; 1476 uc->handle_reset = usbredir_handle_reset; 1477 uc->handle_data = usbredir_handle_data; 1478 uc->handle_control = usbredir_handle_control; 1479 dc->props = usbredir_properties; 1480 } 1481 1482 static TypeInfo usbredir_dev_info = { 1483 .name = "usb-redir", 1484 .parent = TYPE_USB_DEVICE, 1485 .instance_size = sizeof(USBRedirDevice), 1486 .class_init = usbredir_class_initfn, 1487 }; 1488 1489 static void usbredir_register_types(void) 1490 { 1491 type_register_static(&usbredir_dev_info); 1492 } 1493 1494 type_init(usbredir_register_types) 1495