1 /* 2 * USB redirector usb-guest 3 * 4 * Copyright (c) 2011 Red Hat, Inc. 5 * 6 * Red Hat Authors: 7 * Hans de Goede <hdegoede@redhat.com> 8 * 9 * Permission is hereby granted, free of charge, to any person obtaining a copy 10 * of this software and associated documentation files (the "Software"), to deal 11 * in the Software without restriction, including without limitation the rights 12 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 13 * copies of the Software, and to permit persons to whom the Software is 14 * furnished to do so, subject to the following conditions: 15 * 16 * The above copyright notice and this permission notice shall be included in 17 * all copies or substantial portions of the Software. 18 * 19 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 20 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 21 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 22 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 23 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 24 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 25 * THE SOFTWARE. 26 */ 27 28 #include "qemu-common.h" 29 #include "qemu-timer.h" 30 #include "monitor.h" 31 #include "sysemu.h" 32 33 #include <dirent.h> 34 #include <sys/ioctl.h> 35 #include <signal.h> 36 #include <usbredirparser.h> 37 #include <usbredirfilter.h> 38 39 #include "hw/usb.h" 40 41 #define MAX_ENDPOINTS 32 42 #define NO_INTERFACE_INFO 255 /* Valid interface_count always <= 32 */ 43 #define EP2I(ep_address) (((ep_address & 0x80) >> 3) | (ep_address & 0x0f)) 44 #define I2EP(i) (((i & 0x10) << 3) | (i & 0x0f)) 45 46 typedef struct AsyncURB AsyncURB; 47 typedef struct USBRedirDevice USBRedirDevice; 48 49 /* Struct to hold buffered packets (iso or int input packets) */ 50 struct buf_packet { 51 uint8_t *data; 52 int len; 53 int status; 54 QTAILQ_ENTRY(buf_packet)next; 55 }; 56 57 struct endp_data { 58 uint8_t type; 59 uint8_t interval; 60 uint8_t interface; /* bInterfaceNumber this ep belongs to */ 61 uint8_t iso_started; 62 uint8_t iso_error; /* For reporting iso errors to the HC */ 63 uint8_t interrupt_started; 64 uint8_t interrupt_error; 65 uint8_t bufpq_prefilled; 66 uint8_t bufpq_dropping_packets; 67 QTAILQ_HEAD(, buf_packet) bufpq; 68 int bufpq_size; 69 int bufpq_target_size; 70 }; 71 72 struct USBRedirDevice { 73 USBDevice dev; 74 /* Properties */ 75 CharDriverState *cs; 76 uint8_t debug; 77 char *filter_str; 78 int32_t bootindex; 79 /* Data passed from chardev the fd_read cb to the usbredirparser read cb */ 80 const uint8_t *read_buf; 81 int read_buf_size; 82 /* For async handling of open/close */ 83 QEMUBH *open_close_bh; 84 /* To delay the usb attach in case of quick chardev close + open */ 85 QEMUTimer *attach_timer; 86 int64_t next_attach_time; 87 struct usbredirparser *parser; 88 struct endp_data endpoint[MAX_ENDPOINTS]; 89 uint32_t packet_id; 90 QTAILQ_HEAD(, AsyncURB) asyncq; 91 /* Data for device filtering */ 92 struct usb_redir_device_connect_header device_info; 93 struct usb_redir_interface_info_header interface_info; 94 struct usbredirfilter_rule *filter_rules; 95 int filter_rules_count; 96 }; 97 98 struct AsyncURB { 99 USBRedirDevice *dev; 100 USBPacket *packet; 101 uint32_t packet_id; 102 int get; 103 union { 104 struct usb_redir_control_packet_header control_packet; 105 struct usb_redir_bulk_packet_header bulk_packet; 106 struct usb_redir_interrupt_packet_header interrupt_packet; 107 }; 108 QTAILQ_ENTRY(AsyncURB)next; 109 }; 110 111 static void usbredir_hello(void *priv, struct usb_redir_hello_header *h); 112 static void usbredir_device_connect(void *priv, 113 struct usb_redir_device_connect_header *device_connect); 114 static void usbredir_device_disconnect(void *priv); 115 static void usbredir_interface_info(void *priv, 116 struct usb_redir_interface_info_header *interface_info); 117 static void usbredir_ep_info(void *priv, 118 struct usb_redir_ep_info_header *ep_info); 119 static void usbredir_configuration_status(void *priv, uint32_t id, 120 struct usb_redir_configuration_status_header *configuration_status); 121 static void usbredir_alt_setting_status(void *priv, uint32_t id, 122 struct usb_redir_alt_setting_status_header *alt_setting_status); 123 static void usbredir_iso_stream_status(void *priv, uint32_t id, 124 struct usb_redir_iso_stream_status_header *iso_stream_status); 125 static void usbredir_interrupt_receiving_status(void *priv, uint32_t id, 126 struct usb_redir_interrupt_receiving_status_header 127 *interrupt_receiving_status); 128 static void usbredir_bulk_streams_status(void *priv, uint32_t id, 129 struct usb_redir_bulk_streams_status_header *bulk_streams_status); 130 static void usbredir_control_packet(void *priv, uint32_t id, 131 struct usb_redir_control_packet_header *control_packet, 132 uint8_t *data, int data_len); 133 static void usbredir_bulk_packet(void *priv, uint32_t id, 134 struct usb_redir_bulk_packet_header *bulk_packet, 135 uint8_t *data, int data_len); 136 static void usbredir_iso_packet(void *priv, uint32_t id, 137 struct usb_redir_iso_packet_header *iso_packet, 138 uint8_t *data, int data_len); 139 static void usbredir_interrupt_packet(void *priv, uint32_t id, 140 struct usb_redir_interrupt_packet_header *interrupt_header, 141 uint8_t *data, int data_len); 142 143 static int usbredir_handle_status(USBRedirDevice *dev, 144 int status, int actual_len); 145 146 /* 147 * Logging stuff 148 */ 149 150 #define ERROR(...) \ 151 do { \ 152 if (dev->debug >= usbredirparser_error) { \ 153 error_report("usb-redir error: " __VA_ARGS__); \ 154 } \ 155 } while (0) 156 #define WARNING(...) \ 157 do { \ 158 if (dev->debug >= usbredirparser_warning) { \ 159 error_report("usb-redir warning: " __VA_ARGS__); \ 160 } \ 161 } while (0) 162 #define INFO(...) \ 163 do { \ 164 if (dev->debug >= usbredirparser_info) { \ 165 error_report("usb-redir: " __VA_ARGS__); \ 166 } \ 167 } while (0) 168 #define DPRINTF(...) \ 169 do { \ 170 if (dev->debug >= usbredirparser_debug) { \ 171 error_report("usb-redir: " __VA_ARGS__); \ 172 } \ 173 } while (0) 174 #define DPRINTF2(...) \ 175 do { \ 176 if (dev->debug >= usbredirparser_debug_data) { \ 177 error_report("usb-redir: " __VA_ARGS__); \ 178 } \ 179 } while (0) 180 181 static void usbredir_log(void *priv, int level, const char *msg) 182 { 183 USBRedirDevice *dev = priv; 184 185 if (dev->debug < level) { 186 return; 187 } 188 189 error_report("%s", msg); 190 } 191 192 static void usbredir_log_data(USBRedirDevice *dev, const char *desc, 193 const uint8_t *data, int len) 194 { 195 int i, j, n; 196 197 if (dev->debug < usbredirparser_debug_data) { 198 return; 199 } 200 201 for (i = 0; i < len; i += j) { 202 char buf[128]; 203 204 n = sprintf(buf, "%s", desc); 205 for (j = 0; j < 8 && i + j < len; j++) { 206 n += sprintf(buf + n, " %02X", data[i + j]); 207 } 208 error_report("%s", buf); 209 } 210 } 211 212 /* 213 * usbredirparser io functions 214 */ 215 216 static int usbredir_read(void *priv, uint8_t *data, int count) 217 { 218 USBRedirDevice *dev = priv; 219 220 if (dev->read_buf_size < count) { 221 count = dev->read_buf_size; 222 } 223 224 memcpy(data, dev->read_buf, count); 225 226 dev->read_buf_size -= count; 227 if (dev->read_buf_size) { 228 dev->read_buf += count; 229 } else { 230 dev->read_buf = NULL; 231 } 232 233 return count; 234 } 235 236 static int usbredir_write(void *priv, uint8_t *data, int count) 237 { 238 USBRedirDevice *dev = priv; 239 240 if (!dev->cs->opened) { 241 return 0; 242 } 243 244 return qemu_chr_fe_write(dev->cs, data, count); 245 } 246 247 /* 248 * Async and buffered packets helpers 249 */ 250 251 static AsyncURB *async_alloc(USBRedirDevice *dev, USBPacket *p) 252 { 253 AsyncURB *aurb = (AsyncURB *) g_malloc0(sizeof(AsyncURB)); 254 aurb->dev = dev; 255 aurb->packet = p; 256 aurb->packet_id = dev->packet_id; 257 QTAILQ_INSERT_TAIL(&dev->asyncq, aurb, next); 258 dev->packet_id++; 259 260 return aurb; 261 } 262 263 static void async_free(USBRedirDevice *dev, AsyncURB *aurb) 264 { 265 QTAILQ_REMOVE(&dev->asyncq, aurb, next); 266 g_free(aurb); 267 } 268 269 static AsyncURB *async_find(USBRedirDevice *dev, uint32_t packet_id) 270 { 271 AsyncURB *aurb; 272 273 QTAILQ_FOREACH(aurb, &dev->asyncq, next) { 274 if (aurb->packet_id == packet_id) { 275 return aurb; 276 } 277 } 278 DPRINTF("could not find async urb for packet_id %u\n", packet_id); 279 return NULL; 280 } 281 282 static void usbredir_cancel_packet(USBDevice *udev, USBPacket *p) 283 { 284 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 285 AsyncURB *aurb; 286 287 QTAILQ_FOREACH(aurb, &dev->asyncq, next) { 288 if (p != aurb->packet) { 289 continue; 290 } 291 292 DPRINTF("async cancel id %u\n", aurb->packet_id); 293 usbredirparser_send_cancel_data_packet(dev->parser, aurb->packet_id); 294 usbredirparser_do_write(dev->parser); 295 296 /* Mark it as dead */ 297 aurb->packet = NULL; 298 break; 299 } 300 } 301 302 static void bufp_alloc(USBRedirDevice *dev, 303 uint8_t *data, int len, int status, uint8_t ep) 304 { 305 struct buf_packet *bufp; 306 307 if (!dev->endpoint[EP2I(ep)].bufpq_dropping_packets && 308 dev->endpoint[EP2I(ep)].bufpq_size > 309 2 * dev->endpoint[EP2I(ep)].bufpq_target_size) { 310 DPRINTF("bufpq overflow, dropping packets ep %02X\n", ep); 311 dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 1; 312 } 313 /* Since we're interupting the stream anyways, drop enough packets to get 314 back to our target buffer size */ 315 if (dev->endpoint[EP2I(ep)].bufpq_dropping_packets) { 316 if (dev->endpoint[EP2I(ep)].bufpq_size > 317 dev->endpoint[EP2I(ep)].bufpq_target_size) { 318 free(data); 319 return; 320 } 321 dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 0; 322 } 323 324 bufp = g_malloc(sizeof(struct buf_packet)); 325 bufp->data = data; 326 bufp->len = len; 327 bufp->status = status; 328 QTAILQ_INSERT_TAIL(&dev->endpoint[EP2I(ep)].bufpq, bufp, next); 329 dev->endpoint[EP2I(ep)].bufpq_size++; 330 } 331 332 static void bufp_free(USBRedirDevice *dev, struct buf_packet *bufp, 333 uint8_t ep) 334 { 335 QTAILQ_REMOVE(&dev->endpoint[EP2I(ep)].bufpq, bufp, next); 336 dev->endpoint[EP2I(ep)].bufpq_size--; 337 free(bufp->data); 338 g_free(bufp); 339 } 340 341 static void usbredir_free_bufpq(USBRedirDevice *dev, uint8_t ep) 342 { 343 struct buf_packet *buf, *buf_next; 344 345 QTAILQ_FOREACH_SAFE(buf, &dev->endpoint[EP2I(ep)].bufpq, next, buf_next) { 346 bufp_free(dev, buf, ep); 347 } 348 } 349 350 /* 351 * USBDevice callbacks 352 */ 353 354 static void usbredir_handle_reset(USBDevice *udev) 355 { 356 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 357 358 DPRINTF("reset device\n"); 359 usbredirparser_send_reset(dev->parser); 360 usbredirparser_do_write(dev->parser); 361 } 362 363 static int usbredir_handle_iso_data(USBRedirDevice *dev, USBPacket *p, 364 uint8_t ep) 365 { 366 int status, len; 367 if (!dev->endpoint[EP2I(ep)].iso_started && 368 !dev->endpoint[EP2I(ep)].iso_error) { 369 struct usb_redir_start_iso_stream_header start_iso = { 370 .endpoint = ep, 371 }; 372 int pkts_per_sec; 373 374 if (dev->dev.speed == USB_SPEED_HIGH) { 375 pkts_per_sec = 8000 / dev->endpoint[EP2I(ep)].interval; 376 } else { 377 pkts_per_sec = 1000 / dev->endpoint[EP2I(ep)].interval; 378 } 379 /* Testing has shown that we need circa 60 ms buffer */ 380 dev->endpoint[EP2I(ep)].bufpq_target_size = (pkts_per_sec * 60) / 1000; 381 382 /* Aim for approx 100 interrupts / second on the client to 383 balance latency and interrupt load */ 384 start_iso.pkts_per_urb = pkts_per_sec / 100; 385 if (start_iso.pkts_per_urb < 1) { 386 start_iso.pkts_per_urb = 1; 387 } else if (start_iso.pkts_per_urb > 32) { 388 start_iso.pkts_per_urb = 32; 389 } 390 391 start_iso.no_urbs = (dev->endpoint[EP2I(ep)].bufpq_target_size + 392 start_iso.pkts_per_urb - 1) / 393 start_iso.pkts_per_urb; 394 /* Output endpoints pre-fill only 1/2 of the packets, keeping the rest 395 as overflow buffer. Also see the usbredir protocol documentation */ 396 if (!(ep & USB_DIR_IN)) { 397 start_iso.no_urbs *= 2; 398 } 399 if (start_iso.no_urbs > 16) { 400 start_iso.no_urbs = 16; 401 } 402 403 /* No id, we look at the ep when receiving a status back */ 404 usbredirparser_send_start_iso_stream(dev->parser, 0, &start_iso); 405 usbredirparser_do_write(dev->parser); 406 DPRINTF("iso stream started pkts/sec %d pkts/urb %d urbs %d ep %02X\n", 407 pkts_per_sec, start_iso.pkts_per_urb, start_iso.no_urbs, ep); 408 dev->endpoint[EP2I(ep)].iso_started = 1; 409 dev->endpoint[EP2I(ep)].bufpq_prefilled = 0; 410 dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 0; 411 } 412 413 if (ep & USB_DIR_IN) { 414 struct buf_packet *isop; 415 416 if (dev->endpoint[EP2I(ep)].iso_started && 417 !dev->endpoint[EP2I(ep)].bufpq_prefilled) { 418 if (dev->endpoint[EP2I(ep)].bufpq_size < 419 dev->endpoint[EP2I(ep)].bufpq_target_size) { 420 return usbredir_handle_status(dev, 0, 0); 421 } 422 dev->endpoint[EP2I(ep)].bufpq_prefilled = 1; 423 } 424 425 isop = QTAILQ_FIRST(&dev->endpoint[EP2I(ep)].bufpq); 426 if (isop == NULL) { 427 DPRINTF("iso-token-in ep %02X, no isop, iso_error: %d\n", 428 ep, dev->endpoint[EP2I(ep)].iso_error); 429 /* Re-fill the buffer */ 430 dev->endpoint[EP2I(ep)].bufpq_prefilled = 0; 431 /* Check iso_error for stream errors, otherwise its an underrun */ 432 status = dev->endpoint[EP2I(ep)].iso_error; 433 dev->endpoint[EP2I(ep)].iso_error = 0; 434 return status ? USB_RET_IOERROR : 0; 435 } 436 DPRINTF2("iso-token-in ep %02X status %d len %d queue-size: %d\n", ep, 437 isop->status, isop->len, dev->endpoint[EP2I(ep)].bufpq_size); 438 439 status = isop->status; 440 if (status != usb_redir_success) { 441 bufp_free(dev, isop, ep); 442 return USB_RET_IOERROR; 443 } 444 445 len = isop->len; 446 if (len > p->iov.size) { 447 ERROR("received iso data is larger then packet ep %02X (%d > %d)\n", 448 ep, len, (int)p->iov.size); 449 bufp_free(dev, isop, ep); 450 return USB_RET_BABBLE; 451 } 452 usb_packet_copy(p, isop->data, len); 453 bufp_free(dev, isop, ep); 454 return len; 455 } else { 456 /* If the stream was not started because of a pending error don't 457 send the packet to the usb-host */ 458 if (dev->endpoint[EP2I(ep)].iso_started) { 459 struct usb_redir_iso_packet_header iso_packet = { 460 .endpoint = ep, 461 .length = p->iov.size 462 }; 463 uint8_t buf[p->iov.size]; 464 /* No id, we look at the ep when receiving a status back */ 465 usb_packet_copy(p, buf, p->iov.size); 466 usbredirparser_send_iso_packet(dev->parser, 0, &iso_packet, 467 buf, p->iov.size); 468 usbredirparser_do_write(dev->parser); 469 } 470 status = dev->endpoint[EP2I(ep)].iso_error; 471 dev->endpoint[EP2I(ep)].iso_error = 0; 472 DPRINTF2("iso-token-out ep %02X status %d len %zd\n", ep, status, 473 p->iov.size); 474 return usbredir_handle_status(dev, status, p->iov.size); 475 } 476 } 477 478 static void usbredir_stop_iso_stream(USBRedirDevice *dev, uint8_t ep) 479 { 480 struct usb_redir_stop_iso_stream_header stop_iso_stream = { 481 .endpoint = ep 482 }; 483 if (dev->endpoint[EP2I(ep)].iso_started) { 484 usbredirparser_send_stop_iso_stream(dev->parser, 0, &stop_iso_stream); 485 DPRINTF("iso stream stopped ep %02X\n", ep); 486 dev->endpoint[EP2I(ep)].iso_started = 0; 487 } 488 dev->endpoint[EP2I(ep)].iso_error = 0; 489 usbredir_free_bufpq(dev, ep); 490 } 491 492 static int usbredir_handle_bulk_data(USBRedirDevice *dev, USBPacket *p, 493 uint8_t ep) 494 { 495 AsyncURB *aurb = async_alloc(dev, p); 496 struct usb_redir_bulk_packet_header bulk_packet; 497 498 DPRINTF("bulk-out ep %02X len %zd id %u\n", ep, 499 p->iov.size, aurb->packet_id); 500 501 bulk_packet.endpoint = ep; 502 bulk_packet.length = p->iov.size; 503 bulk_packet.stream_id = 0; 504 aurb->bulk_packet = bulk_packet; 505 506 if (ep & USB_DIR_IN) { 507 usbredirparser_send_bulk_packet(dev->parser, aurb->packet_id, 508 &bulk_packet, NULL, 0); 509 } else { 510 uint8_t buf[p->iov.size]; 511 usb_packet_copy(p, buf, p->iov.size); 512 usbredir_log_data(dev, "bulk data out:", buf, p->iov.size); 513 usbredirparser_send_bulk_packet(dev->parser, aurb->packet_id, 514 &bulk_packet, buf, p->iov.size); 515 } 516 usbredirparser_do_write(dev->parser); 517 return USB_RET_ASYNC; 518 } 519 520 static int usbredir_handle_interrupt_data(USBRedirDevice *dev, 521 USBPacket *p, uint8_t ep) 522 { 523 if (ep & USB_DIR_IN) { 524 /* Input interrupt endpoint, buffered packet input */ 525 struct buf_packet *intp; 526 int status, len; 527 528 if (!dev->endpoint[EP2I(ep)].interrupt_started && 529 !dev->endpoint[EP2I(ep)].interrupt_error) { 530 struct usb_redir_start_interrupt_receiving_header start_int = { 531 .endpoint = ep, 532 }; 533 /* No id, we look at the ep when receiving a status back */ 534 usbredirparser_send_start_interrupt_receiving(dev->parser, 0, 535 &start_int); 536 usbredirparser_do_write(dev->parser); 537 DPRINTF("interrupt recv started ep %02X\n", ep); 538 dev->endpoint[EP2I(ep)].interrupt_started = 1; 539 /* We don't really want to drop interrupt packets ever, but 540 having some upper limit to how much we buffer is good. */ 541 dev->endpoint[EP2I(ep)].bufpq_target_size = 1000; 542 dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 0; 543 } 544 545 intp = QTAILQ_FIRST(&dev->endpoint[EP2I(ep)].bufpq); 546 if (intp == NULL) { 547 DPRINTF2("interrupt-token-in ep %02X, no intp\n", ep); 548 /* Check interrupt_error for stream errors */ 549 status = dev->endpoint[EP2I(ep)].interrupt_error; 550 dev->endpoint[EP2I(ep)].interrupt_error = 0; 551 if (status) { 552 return usbredir_handle_status(dev, status, 0); 553 } 554 return USB_RET_NAK; 555 } 556 DPRINTF("interrupt-token-in ep %02X status %d len %d\n", ep, 557 intp->status, intp->len); 558 559 status = intp->status; 560 if (status != usb_redir_success) { 561 bufp_free(dev, intp, ep); 562 return usbredir_handle_status(dev, status, 0); 563 } 564 565 len = intp->len; 566 if (len > p->iov.size) { 567 ERROR("received int data is larger then packet ep %02X\n", ep); 568 bufp_free(dev, intp, ep); 569 return USB_RET_BABBLE; 570 } 571 usb_packet_copy(p, intp->data, len); 572 bufp_free(dev, intp, ep); 573 return len; 574 } else { 575 /* Output interrupt endpoint, normal async operation */ 576 AsyncURB *aurb = async_alloc(dev, p); 577 struct usb_redir_interrupt_packet_header interrupt_packet; 578 uint8_t buf[p->iov.size]; 579 580 DPRINTF("interrupt-out ep %02X len %zd id %u\n", ep, p->iov.size, 581 aurb->packet_id); 582 583 interrupt_packet.endpoint = ep; 584 interrupt_packet.length = p->iov.size; 585 aurb->interrupt_packet = interrupt_packet; 586 587 usb_packet_copy(p, buf, p->iov.size); 588 usbredir_log_data(dev, "interrupt data out:", buf, p->iov.size); 589 usbredirparser_send_interrupt_packet(dev->parser, aurb->packet_id, 590 &interrupt_packet, buf, p->iov.size); 591 usbredirparser_do_write(dev->parser); 592 return USB_RET_ASYNC; 593 } 594 } 595 596 static void usbredir_stop_interrupt_receiving(USBRedirDevice *dev, 597 uint8_t ep) 598 { 599 struct usb_redir_stop_interrupt_receiving_header stop_interrupt_recv = { 600 .endpoint = ep 601 }; 602 if (dev->endpoint[EP2I(ep)].interrupt_started) { 603 usbredirparser_send_stop_interrupt_receiving(dev->parser, 0, 604 &stop_interrupt_recv); 605 DPRINTF("interrupt recv stopped ep %02X\n", ep); 606 dev->endpoint[EP2I(ep)].interrupt_started = 0; 607 } 608 dev->endpoint[EP2I(ep)].interrupt_error = 0; 609 usbredir_free_bufpq(dev, ep); 610 } 611 612 static int usbredir_handle_data(USBDevice *udev, USBPacket *p) 613 { 614 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 615 uint8_t ep; 616 617 ep = p->ep->nr; 618 if (p->pid == USB_TOKEN_IN) { 619 ep |= USB_DIR_IN; 620 } 621 622 switch (dev->endpoint[EP2I(ep)].type) { 623 case USB_ENDPOINT_XFER_CONTROL: 624 ERROR("handle_data called for control transfer on ep %02X\n", ep); 625 return USB_RET_NAK; 626 case USB_ENDPOINT_XFER_ISOC: 627 return usbredir_handle_iso_data(dev, p, ep); 628 case USB_ENDPOINT_XFER_BULK: 629 return usbredir_handle_bulk_data(dev, p, ep); 630 case USB_ENDPOINT_XFER_INT: 631 return usbredir_handle_interrupt_data(dev, p, ep); 632 default: 633 ERROR("handle_data ep %02X has unknown type %d\n", ep, 634 dev->endpoint[EP2I(ep)].type); 635 return USB_RET_NAK; 636 } 637 } 638 639 static int usbredir_set_config(USBRedirDevice *dev, USBPacket *p, 640 int config) 641 { 642 struct usb_redir_set_configuration_header set_config; 643 AsyncURB *aurb = async_alloc(dev, p); 644 int i; 645 646 DPRINTF("set config %d id %u\n", config, aurb->packet_id); 647 648 for (i = 0; i < MAX_ENDPOINTS; i++) { 649 switch (dev->endpoint[i].type) { 650 case USB_ENDPOINT_XFER_ISOC: 651 usbredir_stop_iso_stream(dev, I2EP(i)); 652 break; 653 case USB_ENDPOINT_XFER_INT: 654 if (i & 0x10) { 655 usbredir_stop_interrupt_receiving(dev, I2EP(i)); 656 } 657 break; 658 } 659 usbredir_free_bufpq(dev, I2EP(i)); 660 } 661 662 set_config.configuration = config; 663 usbredirparser_send_set_configuration(dev->parser, aurb->packet_id, 664 &set_config); 665 usbredirparser_do_write(dev->parser); 666 return USB_RET_ASYNC; 667 } 668 669 static int usbredir_get_config(USBRedirDevice *dev, USBPacket *p) 670 { 671 AsyncURB *aurb = async_alloc(dev, p); 672 673 DPRINTF("get config id %u\n", aurb->packet_id); 674 675 aurb->get = 1; 676 usbredirparser_send_get_configuration(dev->parser, aurb->packet_id); 677 usbredirparser_do_write(dev->parser); 678 return USB_RET_ASYNC; 679 } 680 681 static int usbredir_set_interface(USBRedirDevice *dev, USBPacket *p, 682 int interface, int alt) 683 { 684 struct usb_redir_set_alt_setting_header set_alt; 685 AsyncURB *aurb = async_alloc(dev, p); 686 int i; 687 688 DPRINTF("set interface %d alt %d id %u\n", interface, alt, 689 aurb->packet_id); 690 691 for (i = 0; i < MAX_ENDPOINTS; i++) { 692 if (dev->endpoint[i].interface == interface) { 693 switch (dev->endpoint[i].type) { 694 case USB_ENDPOINT_XFER_ISOC: 695 usbredir_stop_iso_stream(dev, I2EP(i)); 696 break; 697 case USB_ENDPOINT_XFER_INT: 698 if (i & 0x10) { 699 usbredir_stop_interrupt_receiving(dev, I2EP(i)); 700 } 701 break; 702 } 703 usbredir_free_bufpq(dev, I2EP(i)); 704 } 705 } 706 707 set_alt.interface = interface; 708 set_alt.alt = alt; 709 usbredirparser_send_set_alt_setting(dev->parser, aurb->packet_id, 710 &set_alt); 711 usbredirparser_do_write(dev->parser); 712 return USB_RET_ASYNC; 713 } 714 715 static int usbredir_get_interface(USBRedirDevice *dev, USBPacket *p, 716 int interface) 717 { 718 struct usb_redir_get_alt_setting_header get_alt; 719 AsyncURB *aurb = async_alloc(dev, p); 720 721 DPRINTF("get interface %d id %u\n", interface, aurb->packet_id); 722 723 get_alt.interface = interface; 724 aurb->get = 1; 725 usbredirparser_send_get_alt_setting(dev->parser, aurb->packet_id, 726 &get_alt); 727 usbredirparser_do_write(dev->parser); 728 return USB_RET_ASYNC; 729 } 730 731 static int usbredir_handle_control(USBDevice *udev, USBPacket *p, 732 int request, int value, int index, int length, uint8_t *data) 733 { 734 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 735 struct usb_redir_control_packet_header control_packet; 736 AsyncURB *aurb; 737 738 /* Special cases for certain standard device requests */ 739 switch (request) { 740 case DeviceOutRequest | USB_REQ_SET_ADDRESS: 741 DPRINTF("set address %d\n", value); 742 dev->dev.addr = value; 743 return 0; 744 case DeviceOutRequest | USB_REQ_SET_CONFIGURATION: 745 return usbredir_set_config(dev, p, value & 0xff); 746 case DeviceRequest | USB_REQ_GET_CONFIGURATION: 747 return usbredir_get_config(dev, p); 748 case InterfaceOutRequest | USB_REQ_SET_INTERFACE: 749 return usbredir_set_interface(dev, p, index, value); 750 case InterfaceRequest | USB_REQ_GET_INTERFACE: 751 return usbredir_get_interface(dev, p, index); 752 } 753 754 /* "Normal" ctrl requests */ 755 aurb = async_alloc(dev, p); 756 757 /* Note request is (bRequestType << 8) | bRequest */ 758 DPRINTF("ctrl-out type 0x%x req 0x%x val 0x%x index %d len %d id %u\n", 759 request >> 8, request & 0xff, value, index, length, 760 aurb->packet_id); 761 762 control_packet.request = request & 0xFF; 763 control_packet.requesttype = request >> 8; 764 control_packet.endpoint = control_packet.requesttype & USB_DIR_IN; 765 control_packet.value = value; 766 control_packet.index = index; 767 control_packet.length = length; 768 aurb->control_packet = control_packet; 769 770 if (control_packet.requesttype & USB_DIR_IN) { 771 usbredirparser_send_control_packet(dev->parser, aurb->packet_id, 772 &control_packet, NULL, 0); 773 } else { 774 usbredir_log_data(dev, "ctrl data out:", data, length); 775 usbredirparser_send_control_packet(dev->parser, aurb->packet_id, 776 &control_packet, data, length); 777 } 778 usbredirparser_do_write(dev->parser); 779 return USB_RET_ASYNC; 780 } 781 782 /* 783 * Close events can be triggered by usbredirparser_do_write which gets called 784 * from within the USBDevice data / control packet callbacks and doing a 785 * usb_detach from within these callbacks is not a good idea. 786 * 787 * So we use a bh handler to take care of close events. We also handle 788 * open events from this callback to make sure that a close directly followed 789 * by an open gets handled in the right order. 790 */ 791 static void usbredir_open_close_bh(void *opaque) 792 { 793 USBRedirDevice *dev = opaque; 794 uint32_t caps[USB_REDIR_CAPS_SIZE] = { 0, }; 795 char version[32]; 796 797 strcpy(version, "qemu usb-redir guest "); 798 pstrcat(version, sizeof(version), qemu_get_version()); 799 800 usbredir_device_disconnect(dev); 801 802 if (dev->parser) { 803 usbredirparser_destroy(dev->parser); 804 dev->parser = NULL; 805 } 806 807 if (dev->cs->opened) { 808 dev->parser = qemu_oom_check(usbredirparser_create()); 809 dev->parser->priv = dev; 810 dev->parser->log_func = usbredir_log; 811 dev->parser->read_func = usbredir_read; 812 dev->parser->write_func = usbredir_write; 813 dev->parser->hello_func = usbredir_hello; 814 dev->parser->device_connect_func = usbredir_device_connect; 815 dev->parser->device_disconnect_func = usbredir_device_disconnect; 816 dev->parser->interface_info_func = usbredir_interface_info; 817 dev->parser->ep_info_func = usbredir_ep_info; 818 dev->parser->configuration_status_func = usbredir_configuration_status; 819 dev->parser->alt_setting_status_func = usbredir_alt_setting_status; 820 dev->parser->iso_stream_status_func = usbredir_iso_stream_status; 821 dev->parser->interrupt_receiving_status_func = 822 usbredir_interrupt_receiving_status; 823 dev->parser->bulk_streams_status_func = usbredir_bulk_streams_status; 824 dev->parser->control_packet_func = usbredir_control_packet; 825 dev->parser->bulk_packet_func = usbredir_bulk_packet; 826 dev->parser->iso_packet_func = usbredir_iso_packet; 827 dev->parser->interrupt_packet_func = usbredir_interrupt_packet; 828 dev->read_buf = NULL; 829 dev->read_buf_size = 0; 830 831 usbredirparser_caps_set_cap(caps, usb_redir_cap_connect_device_version); 832 usbredirparser_caps_set_cap(caps, usb_redir_cap_filter); 833 usbredirparser_init(dev->parser, version, caps, USB_REDIR_CAPS_SIZE, 0); 834 usbredirparser_do_write(dev->parser); 835 } 836 } 837 838 static void usbredir_do_attach(void *opaque) 839 { 840 USBRedirDevice *dev = opaque; 841 842 if (usb_device_attach(&dev->dev) != 0) { 843 usbredir_device_disconnect(dev); 844 if (usbredirparser_peer_has_cap(dev->parser, usb_redir_cap_filter)) { 845 usbredirparser_send_filter_reject(dev->parser); 846 usbredirparser_do_write(dev->parser); 847 } 848 } 849 } 850 851 /* 852 * chardev callbacks 853 */ 854 855 static int usbredir_chardev_can_read(void *opaque) 856 { 857 USBRedirDevice *dev = opaque; 858 859 if (dev->parser) { 860 /* usbredir_parser_do_read will consume *all* data we give it */ 861 return 1024 * 1024; 862 } else { 863 /* usbredir_open_close_bh hasn't handled the open event yet */ 864 return 0; 865 } 866 } 867 868 static void usbredir_chardev_read(void *opaque, const uint8_t *buf, int size) 869 { 870 USBRedirDevice *dev = opaque; 871 872 /* No recursion allowed! */ 873 assert(dev->read_buf == NULL); 874 875 dev->read_buf = buf; 876 dev->read_buf_size = size; 877 878 usbredirparser_do_read(dev->parser); 879 /* Send any acks, etc. which may be queued now */ 880 usbredirparser_do_write(dev->parser); 881 } 882 883 static void usbredir_chardev_event(void *opaque, int event) 884 { 885 USBRedirDevice *dev = opaque; 886 887 switch (event) { 888 case CHR_EVENT_OPENED: 889 case CHR_EVENT_CLOSED: 890 qemu_bh_schedule(dev->open_close_bh); 891 break; 892 } 893 } 894 895 /* 896 * init + destroy 897 */ 898 899 static int usbredir_initfn(USBDevice *udev) 900 { 901 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 902 int i; 903 904 if (dev->cs == NULL) { 905 qerror_report(QERR_MISSING_PARAMETER, "chardev"); 906 return -1; 907 } 908 909 if (dev->filter_str) { 910 i = usbredirfilter_string_to_rules(dev->filter_str, ":", "|", 911 &dev->filter_rules, 912 &dev->filter_rules_count); 913 if (i) { 914 qerror_report(QERR_INVALID_PARAMETER_VALUE, "filter", 915 "a usb device filter string"); 916 return -1; 917 } 918 } 919 920 dev->open_close_bh = qemu_bh_new(usbredir_open_close_bh, dev); 921 dev->attach_timer = qemu_new_timer_ms(vm_clock, usbredir_do_attach, dev); 922 923 QTAILQ_INIT(&dev->asyncq); 924 for (i = 0; i < MAX_ENDPOINTS; i++) { 925 QTAILQ_INIT(&dev->endpoint[i].bufpq); 926 } 927 928 /* We'll do the attach once we receive the speed from the usb-host */ 929 udev->auto_attach = 0; 930 931 /* Let the backend know we are ready */ 932 qemu_chr_fe_open(dev->cs); 933 qemu_chr_add_handlers(dev->cs, usbredir_chardev_can_read, 934 usbredir_chardev_read, usbredir_chardev_event, dev); 935 936 add_boot_device_path(dev->bootindex, &udev->qdev, NULL); 937 return 0; 938 } 939 940 static void usbredir_cleanup_device_queues(USBRedirDevice *dev) 941 { 942 AsyncURB *aurb, *next_aurb; 943 int i; 944 945 QTAILQ_FOREACH_SAFE(aurb, &dev->asyncq, next, next_aurb) { 946 async_free(dev, aurb); 947 } 948 for (i = 0; i < MAX_ENDPOINTS; i++) { 949 usbredir_free_bufpq(dev, I2EP(i)); 950 } 951 } 952 953 static void usbredir_handle_destroy(USBDevice *udev) 954 { 955 USBRedirDevice *dev = DO_UPCAST(USBRedirDevice, dev, udev); 956 957 qemu_chr_fe_close(dev->cs); 958 qemu_chr_delete(dev->cs); 959 /* Note must be done after qemu_chr_close, as that causes a close event */ 960 qemu_bh_delete(dev->open_close_bh); 961 962 qemu_del_timer(dev->attach_timer); 963 qemu_free_timer(dev->attach_timer); 964 965 usbredir_cleanup_device_queues(dev); 966 967 if (dev->parser) { 968 usbredirparser_destroy(dev->parser); 969 } 970 971 free(dev->filter_rules); 972 } 973 974 static int usbredir_check_filter(USBRedirDevice *dev) 975 { 976 if (dev->interface_info.interface_count == NO_INTERFACE_INFO) { 977 ERROR("No interface info for device\n"); 978 goto error; 979 } 980 981 if (dev->filter_rules) { 982 if (!usbredirparser_peer_has_cap(dev->parser, 983 usb_redir_cap_connect_device_version)) { 984 ERROR("Device filter specified and peer does not have the " 985 "connect_device_version capability\n"); 986 goto error; 987 } 988 989 if (usbredirfilter_check( 990 dev->filter_rules, 991 dev->filter_rules_count, 992 dev->device_info.device_class, 993 dev->device_info.device_subclass, 994 dev->device_info.device_protocol, 995 dev->interface_info.interface_class, 996 dev->interface_info.interface_subclass, 997 dev->interface_info.interface_protocol, 998 dev->interface_info.interface_count, 999 dev->device_info.vendor_id, 1000 dev->device_info.product_id, 1001 dev->device_info.device_version_bcd, 1002 0) != 0) { 1003 goto error; 1004 } 1005 } 1006 1007 return 0; 1008 1009 error: 1010 usbredir_device_disconnect(dev); 1011 if (usbredirparser_peer_has_cap(dev->parser, usb_redir_cap_filter)) { 1012 usbredirparser_send_filter_reject(dev->parser); 1013 usbredirparser_do_write(dev->parser); 1014 } 1015 return -1; 1016 } 1017 1018 /* 1019 * usbredirparser packet complete callbacks 1020 */ 1021 1022 static int usbredir_handle_status(USBRedirDevice *dev, 1023 int status, int actual_len) 1024 { 1025 switch (status) { 1026 case usb_redir_success: 1027 return actual_len; 1028 case usb_redir_stall: 1029 return USB_RET_STALL; 1030 case usb_redir_cancelled: 1031 WARNING("returning cancelled packet to HC?\n"); 1032 return USB_RET_NAK; 1033 case usb_redir_inval: 1034 WARNING("got invalid param error from usb-host?\n"); 1035 return USB_RET_NAK; 1036 case usb_redir_babble: 1037 return USB_RET_BABBLE; 1038 case usb_redir_ioerror: 1039 case usb_redir_timeout: 1040 default: 1041 return USB_RET_IOERROR; 1042 } 1043 } 1044 1045 static void usbredir_hello(void *priv, struct usb_redir_hello_header *h) 1046 { 1047 USBRedirDevice *dev = priv; 1048 1049 /* Try to send the filter info now that we've the usb-host's caps */ 1050 if (usbredirparser_peer_has_cap(dev->parser, usb_redir_cap_filter) && 1051 dev->filter_rules) { 1052 usbredirparser_send_filter_filter(dev->parser, dev->filter_rules, 1053 dev->filter_rules_count); 1054 usbredirparser_do_write(dev->parser); 1055 } 1056 } 1057 1058 static void usbredir_device_connect(void *priv, 1059 struct usb_redir_device_connect_header *device_connect) 1060 { 1061 USBRedirDevice *dev = priv; 1062 const char *speed; 1063 1064 if (qemu_timer_pending(dev->attach_timer) || dev->dev.attached) { 1065 ERROR("Received device connect while already connected\n"); 1066 return; 1067 } 1068 1069 switch (device_connect->speed) { 1070 case usb_redir_speed_low: 1071 speed = "low speed"; 1072 dev->dev.speed = USB_SPEED_LOW; 1073 break; 1074 case usb_redir_speed_full: 1075 speed = "full speed"; 1076 dev->dev.speed = USB_SPEED_FULL; 1077 break; 1078 case usb_redir_speed_high: 1079 speed = "high speed"; 1080 dev->dev.speed = USB_SPEED_HIGH; 1081 break; 1082 case usb_redir_speed_super: 1083 speed = "super speed"; 1084 dev->dev.speed = USB_SPEED_SUPER; 1085 break; 1086 default: 1087 speed = "unknown speed"; 1088 dev->dev.speed = USB_SPEED_FULL; 1089 } 1090 1091 if (usbredirparser_peer_has_cap(dev->parser, 1092 usb_redir_cap_connect_device_version)) { 1093 INFO("attaching %s device %04x:%04x version %d.%d class %02x\n", 1094 speed, device_connect->vendor_id, device_connect->product_id, 1095 ((device_connect->device_version_bcd & 0xf000) >> 12) * 10 + 1096 ((device_connect->device_version_bcd & 0x0f00) >> 8), 1097 ((device_connect->device_version_bcd & 0x00f0) >> 4) * 10 + 1098 ((device_connect->device_version_bcd & 0x000f) >> 0), 1099 device_connect->device_class); 1100 } else { 1101 INFO("attaching %s device %04x:%04x class %02x\n", speed, 1102 device_connect->vendor_id, device_connect->product_id, 1103 device_connect->device_class); 1104 } 1105 1106 dev->dev.speedmask = (1 << dev->dev.speed); 1107 dev->device_info = *device_connect; 1108 1109 if (usbredir_check_filter(dev)) { 1110 WARNING("Device %04x:%04x rejected by device filter, not attaching\n", 1111 device_connect->vendor_id, device_connect->product_id); 1112 return; 1113 } 1114 1115 qemu_mod_timer(dev->attach_timer, dev->next_attach_time); 1116 } 1117 1118 static void usbredir_device_disconnect(void *priv) 1119 { 1120 USBRedirDevice *dev = priv; 1121 int i; 1122 1123 /* Stop any pending attaches */ 1124 qemu_del_timer(dev->attach_timer); 1125 1126 if (dev->dev.attached) { 1127 usb_device_detach(&dev->dev); 1128 /* 1129 * Delay next usb device attach to give the guest a chance to see 1130 * see the detach / attach in case of quick close / open succession 1131 */ 1132 dev->next_attach_time = qemu_get_clock_ms(vm_clock) + 200; 1133 } 1134 1135 /* Reset state so that the next dev connected starts with a clean slate */ 1136 usbredir_cleanup_device_queues(dev); 1137 memset(dev->endpoint, 0, sizeof(dev->endpoint)); 1138 for (i = 0; i < MAX_ENDPOINTS; i++) { 1139 QTAILQ_INIT(&dev->endpoint[i].bufpq); 1140 } 1141 usb_ep_init(&dev->dev); 1142 dev->interface_info.interface_count = NO_INTERFACE_INFO; 1143 dev->dev.addr = 0; 1144 dev->dev.speed = 0; 1145 } 1146 1147 static void usbredir_interface_info(void *priv, 1148 struct usb_redir_interface_info_header *interface_info) 1149 { 1150 USBRedirDevice *dev = priv; 1151 1152 dev->interface_info = *interface_info; 1153 1154 /* 1155 * If we receive interface info after the device has already been 1156 * connected (ie on a set_config), re-check the filter. 1157 */ 1158 if (qemu_timer_pending(dev->attach_timer) || dev->dev.attached) { 1159 if (usbredir_check_filter(dev)) { 1160 ERROR("Device no longer matches filter after interface info " 1161 "change, disconnecting!\n"); 1162 } 1163 } 1164 } 1165 1166 static void usbredir_ep_info(void *priv, 1167 struct usb_redir_ep_info_header *ep_info) 1168 { 1169 USBRedirDevice *dev = priv; 1170 struct USBEndpoint *usb_ep; 1171 int i; 1172 1173 for (i = 0; i < MAX_ENDPOINTS; i++) { 1174 dev->endpoint[i].type = ep_info->type[i]; 1175 dev->endpoint[i].interval = ep_info->interval[i]; 1176 dev->endpoint[i].interface = ep_info->interface[i]; 1177 switch (dev->endpoint[i].type) { 1178 case usb_redir_type_invalid: 1179 break; 1180 case usb_redir_type_iso: 1181 case usb_redir_type_interrupt: 1182 if (dev->endpoint[i].interval == 0) { 1183 ERROR("Received 0 interval for isoc or irq endpoint\n"); 1184 usbredir_device_disconnect(dev); 1185 } 1186 /* Fall through */ 1187 case usb_redir_type_control: 1188 case usb_redir_type_bulk: 1189 DPRINTF("ep: %02X type: %d interface: %d\n", I2EP(i), 1190 dev->endpoint[i].type, dev->endpoint[i].interface); 1191 break; 1192 default: 1193 ERROR("Received invalid endpoint type\n"); 1194 usbredir_device_disconnect(dev); 1195 return; 1196 } 1197 usb_ep = usb_ep_get(&dev->dev, 1198 (i & 0x10) ? USB_TOKEN_IN : USB_TOKEN_OUT, 1199 i & 0x0f); 1200 usb_ep->type = dev->endpoint[i].type; 1201 usb_ep->ifnum = dev->endpoint[i].interface; 1202 } 1203 } 1204 1205 static void usbredir_configuration_status(void *priv, uint32_t id, 1206 struct usb_redir_configuration_status_header *config_status) 1207 { 1208 USBRedirDevice *dev = priv; 1209 AsyncURB *aurb; 1210 int len = 0; 1211 1212 DPRINTF("set config status %d config %d id %u\n", config_status->status, 1213 config_status->configuration, id); 1214 1215 aurb = async_find(dev, id); 1216 if (!aurb) { 1217 return; 1218 } 1219 if (aurb->packet) { 1220 if (aurb->get) { 1221 dev->dev.data_buf[0] = config_status->configuration; 1222 len = 1; 1223 } 1224 aurb->packet->result = 1225 usbredir_handle_status(dev, config_status->status, len); 1226 usb_generic_async_ctrl_complete(&dev->dev, aurb->packet); 1227 } 1228 async_free(dev, aurb); 1229 } 1230 1231 static void usbredir_alt_setting_status(void *priv, uint32_t id, 1232 struct usb_redir_alt_setting_status_header *alt_setting_status) 1233 { 1234 USBRedirDevice *dev = priv; 1235 AsyncURB *aurb; 1236 int len = 0; 1237 1238 DPRINTF("alt status %d intf %d alt %d id: %u\n", 1239 alt_setting_status->status, 1240 alt_setting_status->interface, 1241 alt_setting_status->alt, id); 1242 1243 aurb = async_find(dev, id); 1244 if (!aurb) { 1245 return; 1246 } 1247 if (aurb->packet) { 1248 if (aurb->get) { 1249 dev->dev.data_buf[0] = alt_setting_status->alt; 1250 len = 1; 1251 } 1252 aurb->packet->result = 1253 usbredir_handle_status(dev, alt_setting_status->status, len); 1254 usb_generic_async_ctrl_complete(&dev->dev, aurb->packet); 1255 } 1256 async_free(dev, aurb); 1257 } 1258 1259 static void usbredir_iso_stream_status(void *priv, uint32_t id, 1260 struct usb_redir_iso_stream_status_header *iso_stream_status) 1261 { 1262 USBRedirDevice *dev = priv; 1263 uint8_t ep = iso_stream_status->endpoint; 1264 1265 DPRINTF("iso status %d ep %02X id %u\n", iso_stream_status->status, 1266 ep, id); 1267 1268 if (!dev->dev.attached || !dev->endpoint[EP2I(ep)].iso_started) { 1269 return; 1270 } 1271 1272 dev->endpoint[EP2I(ep)].iso_error = iso_stream_status->status; 1273 if (iso_stream_status->status == usb_redir_stall) { 1274 DPRINTF("iso stream stopped by peer ep %02X\n", ep); 1275 dev->endpoint[EP2I(ep)].iso_started = 0; 1276 } 1277 } 1278 1279 static void usbredir_interrupt_receiving_status(void *priv, uint32_t id, 1280 struct usb_redir_interrupt_receiving_status_header 1281 *interrupt_receiving_status) 1282 { 1283 USBRedirDevice *dev = priv; 1284 uint8_t ep = interrupt_receiving_status->endpoint; 1285 1286 DPRINTF("interrupt recv status %d ep %02X id %u\n", 1287 interrupt_receiving_status->status, ep, id); 1288 1289 if (!dev->dev.attached || !dev->endpoint[EP2I(ep)].interrupt_started) { 1290 return; 1291 } 1292 1293 dev->endpoint[EP2I(ep)].interrupt_error = 1294 interrupt_receiving_status->status; 1295 if (interrupt_receiving_status->status == usb_redir_stall) { 1296 DPRINTF("interrupt receiving stopped by peer ep %02X\n", ep); 1297 dev->endpoint[EP2I(ep)].interrupt_started = 0; 1298 } 1299 } 1300 1301 static void usbredir_bulk_streams_status(void *priv, uint32_t id, 1302 struct usb_redir_bulk_streams_status_header *bulk_streams_status) 1303 { 1304 } 1305 1306 static void usbredir_control_packet(void *priv, uint32_t id, 1307 struct usb_redir_control_packet_header *control_packet, 1308 uint8_t *data, int data_len) 1309 { 1310 USBRedirDevice *dev = priv; 1311 int len = control_packet->length; 1312 AsyncURB *aurb; 1313 1314 DPRINTF("ctrl-in status %d len %d id %u\n", control_packet->status, 1315 len, id); 1316 1317 aurb = async_find(dev, id); 1318 if (!aurb) { 1319 free(data); 1320 return; 1321 } 1322 1323 aurb->control_packet.status = control_packet->status; 1324 aurb->control_packet.length = control_packet->length; 1325 if (memcmp(&aurb->control_packet, control_packet, 1326 sizeof(*control_packet))) { 1327 ERROR("return control packet mismatch, please report this!\n"); 1328 len = USB_RET_NAK; 1329 } 1330 1331 if (aurb->packet) { 1332 len = usbredir_handle_status(dev, control_packet->status, len); 1333 if (len > 0) { 1334 usbredir_log_data(dev, "ctrl data in:", data, data_len); 1335 if (data_len <= sizeof(dev->dev.data_buf)) { 1336 memcpy(dev->dev.data_buf, data, data_len); 1337 } else { 1338 ERROR("ctrl buffer too small (%d > %zu)\n", 1339 data_len, sizeof(dev->dev.data_buf)); 1340 len = USB_RET_STALL; 1341 } 1342 } 1343 aurb->packet->result = len; 1344 usb_generic_async_ctrl_complete(&dev->dev, aurb->packet); 1345 } 1346 async_free(dev, aurb); 1347 free(data); 1348 } 1349 1350 static void usbredir_bulk_packet(void *priv, uint32_t id, 1351 struct usb_redir_bulk_packet_header *bulk_packet, 1352 uint8_t *data, int data_len) 1353 { 1354 USBRedirDevice *dev = priv; 1355 uint8_t ep = bulk_packet->endpoint; 1356 int len = bulk_packet->length; 1357 AsyncURB *aurb; 1358 1359 DPRINTF("bulk-in status %d ep %02X len %d id %u\n", bulk_packet->status, 1360 ep, len, id); 1361 1362 aurb = async_find(dev, id); 1363 if (!aurb) { 1364 free(data); 1365 return; 1366 } 1367 1368 if (aurb->bulk_packet.endpoint != bulk_packet->endpoint || 1369 aurb->bulk_packet.stream_id != bulk_packet->stream_id) { 1370 ERROR("return bulk packet mismatch, please report this!\n"); 1371 len = USB_RET_NAK; 1372 } 1373 1374 if (aurb->packet) { 1375 len = usbredir_handle_status(dev, bulk_packet->status, len); 1376 if (len > 0) { 1377 usbredir_log_data(dev, "bulk data in:", data, data_len); 1378 if (data_len <= aurb->packet->iov.size) { 1379 usb_packet_copy(aurb->packet, data, data_len); 1380 } else { 1381 ERROR("bulk buffer too small (%d > %zd)\n", data_len, 1382 aurb->packet->iov.size); 1383 len = USB_RET_STALL; 1384 } 1385 } 1386 aurb->packet->result = len; 1387 usb_packet_complete(&dev->dev, aurb->packet); 1388 } 1389 async_free(dev, aurb); 1390 free(data); 1391 } 1392 1393 static void usbredir_iso_packet(void *priv, uint32_t id, 1394 struct usb_redir_iso_packet_header *iso_packet, 1395 uint8_t *data, int data_len) 1396 { 1397 USBRedirDevice *dev = priv; 1398 uint8_t ep = iso_packet->endpoint; 1399 1400 DPRINTF2("iso-in status %d ep %02X len %d id %u\n", iso_packet->status, ep, 1401 data_len, id); 1402 1403 if (dev->endpoint[EP2I(ep)].type != USB_ENDPOINT_XFER_ISOC) { 1404 ERROR("received iso packet for non iso endpoint %02X\n", ep); 1405 free(data); 1406 return; 1407 } 1408 1409 if (dev->endpoint[EP2I(ep)].iso_started == 0) { 1410 DPRINTF("received iso packet for non started stream ep %02X\n", ep); 1411 free(data); 1412 return; 1413 } 1414 1415 /* bufp_alloc also adds the packet to the ep queue */ 1416 bufp_alloc(dev, data, data_len, iso_packet->status, ep); 1417 } 1418 1419 static void usbredir_interrupt_packet(void *priv, uint32_t id, 1420 struct usb_redir_interrupt_packet_header *interrupt_packet, 1421 uint8_t *data, int data_len) 1422 { 1423 USBRedirDevice *dev = priv; 1424 uint8_t ep = interrupt_packet->endpoint; 1425 1426 DPRINTF("interrupt-in status %d ep %02X len %d id %u\n", 1427 interrupt_packet->status, ep, data_len, id); 1428 1429 if (dev->endpoint[EP2I(ep)].type != USB_ENDPOINT_XFER_INT) { 1430 ERROR("received int packet for non interrupt endpoint %02X\n", ep); 1431 free(data); 1432 return; 1433 } 1434 1435 if (ep & USB_DIR_IN) { 1436 if (dev->endpoint[EP2I(ep)].interrupt_started == 0) { 1437 DPRINTF("received int packet while not started ep %02X\n", ep); 1438 free(data); 1439 return; 1440 } 1441 1442 /* bufp_alloc also adds the packet to the ep queue */ 1443 bufp_alloc(dev, data, data_len, interrupt_packet->status, ep); 1444 } else { 1445 int len = interrupt_packet->length; 1446 1447 AsyncURB *aurb = async_find(dev, id); 1448 if (!aurb) { 1449 return; 1450 } 1451 1452 if (aurb->interrupt_packet.endpoint != interrupt_packet->endpoint) { 1453 ERROR("return int packet mismatch, please report this!\n"); 1454 len = USB_RET_NAK; 1455 } 1456 1457 if (aurb->packet) { 1458 aurb->packet->result = usbredir_handle_status(dev, 1459 interrupt_packet->status, len); 1460 usb_packet_complete(&dev->dev, aurb->packet); 1461 } 1462 async_free(dev, aurb); 1463 } 1464 } 1465 1466 static Property usbredir_properties[] = { 1467 DEFINE_PROP_CHR("chardev", USBRedirDevice, cs), 1468 DEFINE_PROP_UINT8("debug", USBRedirDevice, debug, 0), 1469 DEFINE_PROP_STRING("filter", USBRedirDevice, filter_str), 1470 DEFINE_PROP_INT32("bootindex", USBRedirDevice, bootindex, -1), 1471 DEFINE_PROP_END_OF_LIST(), 1472 }; 1473 1474 static void usbredir_class_initfn(ObjectClass *klass, void *data) 1475 { 1476 USBDeviceClass *uc = USB_DEVICE_CLASS(klass); 1477 DeviceClass *dc = DEVICE_CLASS(klass); 1478 1479 uc->init = usbredir_initfn; 1480 uc->product_desc = "USB Redirection Device"; 1481 uc->handle_destroy = usbredir_handle_destroy; 1482 uc->cancel_packet = usbredir_cancel_packet; 1483 uc->handle_reset = usbredir_handle_reset; 1484 uc->handle_data = usbredir_handle_data; 1485 uc->handle_control = usbredir_handle_control; 1486 dc->props = usbredir_properties; 1487 } 1488 1489 static TypeInfo usbredir_dev_info = { 1490 .name = "usb-redir", 1491 .parent = TYPE_USB_DEVICE, 1492 .instance_size = sizeof(USBRedirDevice), 1493 .class_init = usbredir_class_initfn, 1494 }; 1495 1496 static void usbredir_register_types(void) 1497 { 1498 type_register_static(&usbredir_dev_info); 1499 } 1500 1501 type_init(usbredir_register_types) 1502