root / hw / usb-msd.c @ 806b6024
History | View | Annotate | Download (16.4 kB)
1 | 5fafdf24 | ths | /*
|
---|---|---|---|
2 | 2e5d83bb | pbrook | * USB Mass Storage Device emulation
|
3 | 2e5d83bb | pbrook | *
|
4 | 2e5d83bb | pbrook | * Copyright (c) 2006 CodeSourcery.
|
5 | 2e5d83bb | pbrook | * Written by Paul Brook
|
6 | 2e5d83bb | pbrook | *
|
7 | 2e5d83bb | pbrook | * This code is licenced under the LGPL.
|
8 | 2e5d83bb | pbrook | */
|
9 | 2e5d83bb | pbrook | |
10 | 87ecb68b | pbrook | #include "qemu-common.h" |
11 | 87ecb68b | pbrook | #include "usb.h" |
12 | 87ecb68b | pbrook | #include "block.h" |
13 | 87ecb68b | pbrook | #include "scsi-disk.h" |
14 | c0f4ce77 | aliguori | #include "console.h" |
15 | 2e5d83bb | pbrook | |
16 | 2e5d83bb | pbrook | //#define DEBUG_MSD
|
17 | 2e5d83bb | pbrook | |
18 | 2e5d83bb | pbrook | #ifdef DEBUG_MSD
|
19 | 001faf32 | Blue Swirl | #define DPRINTF(fmt, ...) \
|
20 | 001faf32 | Blue Swirl | do { printf("usb-msd: " fmt , ## __VA_ARGS__); } while (0) |
21 | 2e5d83bb | pbrook | #else
|
22 | 001faf32 | Blue Swirl | #define DPRINTF(fmt, ...) do {} while(0) |
23 | 2e5d83bb | pbrook | #endif
|
24 | 2e5d83bb | pbrook | |
25 | 2e5d83bb | pbrook | /* USB requests. */
|
26 | 2e5d83bb | pbrook | #define MassStorageReset 0xff |
27 | 2e5d83bb | pbrook | #define GetMaxLun 0xfe |
28 | 2e5d83bb | pbrook | |
29 | 2e5d83bb | pbrook | enum USBMSDMode {
|
30 | 2e5d83bb | pbrook | USB_MSDM_CBW, /* Command Block. */
|
31 | 2e5d83bb | pbrook | USB_MSDM_DATAOUT, /* Tranfer data to device. */
|
32 | 2e5d83bb | pbrook | USB_MSDM_DATAIN, /* Transfer data from device. */
|
33 | 2e5d83bb | pbrook | USB_MSDM_CSW /* Command Status. */
|
34 | 2e5d83bb | pbrook | }; |
35 | 2e5d83bb | pbrook | |
36 | 2e5d83bb | pbrook | typedef struct { |
37 | 2e5d83bb | pbrook | USBDevice dev; |
38 | 2e5d83bb | pbrook | enum USBMSDMode mode;
|
39 | a917d384 | pbrook | uint32_t scsi_len; |
40 | a917d384 | pbrook | uint8_t *scsi_buf; |
41 | a917d384 | pbrook | uint32_t usb_len; |
42 | a917d384 | pbrook | uint8_t *usb_buf; |
43 | 2e5d83bb | pbrook | uint32_t data_len; |
44 | a917d384 | pbrook | uint32_t residue; |
45 | 2e5d83bb | pbrook | uint32_t tag; |
46 | b56bdb32 | bellard | BlockDriverState *bs; |
47 | 2e5d83bb | pbrook | SCSIDevice *scsi_dev; |
48 | 2e5d83bb | pbrook | int result;
|
49 | 4d611c9a | pbrook | /* For async completion. */
|
50 | 4d611c9a | pbrook | USBPacket *packet; |
51 | 2e5d83bb | pbrook | } MSDState; |
52 | 2e5d83bb | pbrook | |
53 | a917d384 | pbrook | struct usb_msd_cbw {
|
54 | a917d384 | pbrook | uint32_t sig; |
55 | a917d384 | pbrook | uint32_t tag; |
56 | a917d384 | pbrook | uint32_t data_len; |
57 | a917d384 | pbrook | uint8_t flags; |
58 | a917d384 | pbrook | uint8_t lun; |
59 | a917d384 | pbrook | uint8_t cmd_len; |
60 | a917d384 | pbrook | uint8_t cmd[16];
|
61 | a917d384 | pbrook | }; |
62 | a917d384 | pbrook | |
63 | a917d384 | pbrook | struct usb_msd_csw {
|
64 | a917d384 | pbrook | uint32_t sig; |
65 | a917d384 | pbrook | uint32_t tag; |
66 | a917d384 | pbrook | uint32_t residue; |
67 | a917d384 | pbrook | uint8_t status; |
68 | a917d384 | pbrook | }; |
69 | a917d384 | pbrook | |
70 | 2e5d83bb | pbrook | static const uint8_t qemu_msd_dev_descriptor[] = { |
71 | 2e5d83bb | pbrook | 0x12, /* u8 bLength; */ |
72 | 2e5d83bb | pbrook | 0x01, /* u8 bDescriptorType; Device */ |
73 | e126cf13 | ths | 0x00, 0x01, /* u16 bcdUSB; v1.0 */ |
74 | 2e5d83bb | pbrook | |
75 | 2e5d83bb | pbrook | 0x00, /* u8 bDeviceClass; */ |
76 | 2e5d83bb | pbrook | 0x00, /* u8 bDeviceSubClass; */ |
77 | 2e5d83bb | pbrook | 0x00, /* u8 bDeviceProtocol; [ low/full speeds only ] */ |
78 | 2e5d83bb | pbrook | 0x08, /* u8 bMaxPacketSize0; 8 Bytes */ |
79 | 2e5d83bb | pbrook | |
80 | 2e5d83bb | pbrook | /* Vendor and product id are arbitrary. */
|
81 | 2e5d83bb | pbrook | 0x00, 0x00, /* u16 idVendor; */ |
82 | 2e5d83bb | pbrook | 0x00, 0x00, /* u16 idProduct; */ |
83 | 2e5d83bb | pbrook | 0x00, 0x00, /* u16 bcdDevice */ |
84 | 2e5d83bb | pbrook | |
85 | 2e5d83bb | pbrook | 0x01, /* u8 iManufacturer; */ |
86 | 2e5d83bb | pbrook | 0x02, /* u8 iProduct; */ |
87 | 2e5d83bb | pbrook | 0x03, /* u8 iSerialNumber; */ |
88 | 2e5d83bb | pbrook | 0x01 /* u8 bNumConfigurations; */ |
89 | 2e5d83bb | pbrook | }; |
90 | 2e5d83bb | pbrook | |
91 | 2e5d83bb | pbrook | static const uint8_t qemu_msd_config_descriptor[] = { |
92 | 2e5d83bb | pbrook | |
93 | 2e5d83bb | pbrook | /* one configuration */
|
94 | 2e5d83bb | pbrook | 0x09, /* u8 bLength; */ |
95 | 2e5d83bb | pbrook | 0x02, /* u8 bDescriptorType; Configuration */ |
96 | 2e5d83bb | pbrook | 0x20, 0x00, /* u16 wTotalLength; */ |
97 | 2e5d83bb | pbrook | 0x01, /* u8 bNumInterfaces; (1) */ |
98 | 2e5d83bb | pbrook | 0x01, /* u8 bConfigurationValue; */ |
99 | 2e5d83bb | pbrook | 0x00, /* u8 iConfiguration; */ |
100 | 5fafdf24 | ths | 0xc0, /* u8 bmAttributes; |
101 | 2e5d83bb | pbrook | Bit 7: must be set,
|
102 | 2e5d83bb | pbrook | 6: Self-powered,
|
103 | 2e5d83bb | pbrook | 5: Remote wakeup,
|
104 | 2e5d83bb | pbrook | 4..0: resvd */
|
105 | 2e5d83bb | pbrook | 0x00, /* u8 MaxPower; */ |
106 | 3b46e624 | ths | |
107 | 2e5d83bb | pbrook | /* one interface */
|
108 | 2e5d83bb | pbrook | 0x09, /* u8 if_bLength; */ |
109 | 2e5d83bb | pbrook | 0x04, /* u8 if_bDescriptorType; Interface */ |
110 | 2e5d83bb | pbrook | 0x00, /* u8 if_bInterfaceNumber; */ |
111 | 2e5d83bb | pbrook | 0x00, /* u8 if_bAlternateSetting; */ |
112 | 2e5d83bb | pbrook | 0x02, /* u8 if_bNumEndpoints; */ |
113 | 2e5d83bb | pbrook | 0x08, /* u8 if_bInterfaceClass; MASS STORAGE */ |
114 | 2e5d83bb | pbrook | 0x06, /* u8 if_bInterfaceSubClass; SCSI */ |
115 | 2e5d83bb | pbrook | 0x50, /* u8 if_bInterfaceProtocol; Bulk Only */ |
116 | 2e5d83bb | pbrook | 0x00, /* u8 if_iInterface; */ |
117 | 3b46e624 | ths | |
118 | 2e5d83bb | pbrook | /* Bulk-In endpoint */
|
119 | 2e5d83bb | pbrook | 0x07, /* u8 ep_bLength; */ |
120 | 2e5d83bb | pbrook | 0x05, /* u8 ep_bDescriptorType; Endpoint */ |
121 | 2e5d83bb | pbrook | 0x81, /* u8 ep_bEndpointAddress; IN Endpoint 1 */ |
122 | 2e5d83bb | pbrook | 0x02, /* u8 ep_bmAttributes; Bulk */ |
123 | 2e5d83bb | pbrook | 0x40, 0x00, /* u16 ep_wMaxPacketSize; */ |
124 | 2e5d83bb | pbrook | 0x00, /* u8 ep_bInterval; */ |
125 | 2e5d83bb | pbrook | |
126 | 2e5d83bb | pbrook | /* Bulk-Out endpoint */
|
127 | 2e5d83bb | pbrook | 0x07, /* u8 ep_bLength; */ |
128 | 2e5d83bb | pbrook | 0x05, /* u8 ep_bDescriptorType; Endpoint */ |
129 | 2e5d83bb | pbrook | 0x02, /* u8 ep_bEndpointAddress; OUT Endpoint 2 */ |
130 | 2e5d83bb | pbrook | 0x02, /* u8 ep_bmAttributes; Bulk */ |
131 | 2e5d83bb | pbrook | 0x40, 0x00, /* u16 ep_wMaxPacketSize; */ |
132 | 2e5d83bb | pbrook | 0x00 /* u8 ep_bInterval; */ |
133 | 2e5d83bb | pbrook | }; |
134 | 2e5d83bb | pbrook | |
135 | a917d384 | pbrook | static void usb_msd_copy_data(MSDState *s) |
136 | a917d384 | pbrook | { |
137 | a917d384 | pbrook | uint32_t len; |
138 | a917d384 | pbrook | len = s->usb_len; |
139 | a917d384 | pbrook | if (len > s->scsi_len)
|
140 | a917d384 | pbrook | len = s->scsi_len; |
141 | a917d384 | pbrook | if (s->mode == USB_MSDM_DATAIN) {
|
142 | a917d384 | pbrook | memcpy(s->usb_buf, s->scsi_buf, len); |
143 | a917d384 | pbrook | } else {
|
144 | a917d384 | pbrook | memcpy(s->scsi_buf, s->usb_buf, len); |
145 | a917d384 | pbrook | } |
146 | a917d384 | pbrook | s->usb_len -= len; |
147 | a917d384 | pbrook | s->scsi_len -= len; |
148 | a917d384 | pbrook | s->usb_buf += len; |
149 | a917d384 | pbrook | s->scsi_buf += len; |
150 | a917d384 | pbrook | s->data_len -= len; |
151 | a917d384 | pbrook | if (s->scsi_len == 0) { |
152 | a917d384 | pbrook | if (s->mode == USB_MSDM_DATAIN) {
|
153 | 8ccc2ace | ths | s->scsi_dev->read_data(s->scsi_dev, s->tag); |
154 | a917d384 | pbrook | } else if (s->mode == USB_MSDM_DATAOUT) { |
155 | 8ccc2ace | ths | s->scsi_dev->write_data(s->scsi_dev, s->tag); |
156 | a917d384 | pbrook | } |
157 | a917d384 | pbrook | } |
158 | a917d384 | pbrook | } |
159 | a917d384 | pbrook | |
160 | a917d384 | pbrook | static void usb_msd_send_status(MSDState *s) |
161 | a917d384 | pbrook | { |
162 | a917d384 | pbrook | struct usb_msd_csw csw;
|
163 | a917d384 | pbrook | |
164 | a917d384 | pbrook | csw.sig = cpu_to_le32(0x53425355);
|
165 | a917d384 | pbrook | csw.tag = cpu_to_le32(s->tag); |
166 | a917d384 | pbrook | csw.residue = s->residue; |
167 | a917d384 | pbrook | csw.status = s->result; |
168 | a917d384 | pbrook | memcpy(s->usb_buf, &csw, 13);
|
169 | a917d384 | pbrook | } |
170 | a917d384 | pbrook | |
171 | a917d384 | pbrook | static void usb_msd_command_complete(void *opaque, int reason, uint32_t tag, |
172 | a917d384 | pbrook | uint32_t arg) |
173 | 2e5d83bb | pbrook | { |
174 | 2e5d83bb | pbrook | MSDState *s = (MSDState *)opaque; |
175 | a917d384 | pbrook | USBPacket *p = s->packet; |
176 | 4d611c9a | pbrook | |
177 | a917d384 | pbrook | if (tag != s->tag) {
|
178 | a917d384 | pbrook | fprintf(stderr, "usb-msd: Unexpected SCSI Tag 0x%x\n", tag);
|
179 | a917d384 | pbrook | } |
180 | 4d611c9a | pbrook | if (reason == SCSI_REASON_DONE) {
|
181 | a917d384 | pbrook | DPRINTF("Command complete %d\n", arg);
|
182 | a917d384 | pbrook | s->residue = s->data_len; |
183 | a917d384 | pbrook | s->result = arg != 0;
|
184 | a917d384 | pbrook | if (s->packet) {
|
185 | a917d384 | pbrook | if (s->data_len == 0 && s->mode == USB_MSDM_DATAOUT) { |
186 | a917d384 | pbrook | /* A deferred packet with no write data remaining must be
|
187 | a917d384 | pbrook | the status read packet. */
|
188 | a917d384 | pbrook | usb_msd_send_status(s); |
189 | a917d384 | pbrook | s->mode = USB_MSDM_CBW; |
190 | a917d384 | pbrook | } else {
|
191 | a917d384 | pbrook | if (s->data_len) {
|
192 | a917d384 | pbrook | s->data_len -= s->usb_len; |
193 | a917d384 | pbrook | if (s->mode == USB_MSDM_DATAIN)
|
194 | a917d384 | pbrook | memset(s->usb_buf, 0, s->usb_len);
|
195 | a917d384 | pbrook | s->usb_len = 0;
|
196 | a917d384 | pbrook | } |
197 | a917d384 | pbrook | if (s->data_len == 0) |
198 | a917d384 | pbrook | s->mode = USB_MSDM_CSW; |
199 | a917d384 | pbrook | } |
200 | a917d384 | pbrook | s->packet = NULL;
|
201 | a917d384 | pbrook | usb_packet_complete(p); |
202 | a917d384 | pbrook | } else if (s->data_len == 0) { |
203 | a917d384 | pbrook | s->mode = USB_MSDM_CSW; |
204 | a917d384 | pbrook | } |
205 | a917d384 | pbrook | return;
|
206 | 4d611c9a | pbrook | } |
207 | a917d384 | pbrook | s->scsi_len = arg; |
208 | 8ccc2ace | ths | s->scsi_buf = s->scsi_dev->get_buf(s->scsi_dev, tag); |
209 | a917d384 | pbrook | if (p) {
|
210 | a917d384 | pbrook | usb_msd_copy_data(s); |
211 | a917d384 | pbrook | if (s->usb_len == 0) { |
212 | a917d384 | pbrook | /* Set s->packet to NULL before calling usb_packet_complete
|
213 | a917d384 | pbrook | because annother request may be issued before
|
214 | a917d384 | pbrook | usb_packet_complete returns. */
|
215 | a917d384 | pbrook | DPRINTF("Packet complete %p\n", p);
|
216 | a917d384 | pbrook | s->packet = NULL;
|
217 | a917d384 | pbrook | usb_packet_complete(p); |
218 | a917d384 | pbrook | } |
219 | 4d611c9a | pbrook | } |
220 | 2e5d83bb | pbrook | } |
221 | 2e5d83bb | pbrook | |
222 | 059809e4 | bellard | static void usb_msd_handle_reset(USBDevice *dev) |
223 | 2e5d83bb | pbrook | { |
224 | 2e5d83bb | pbrook | MSDState *s = (MSDState *)dev; |
225 | 2e5d83bb | pbrook | |
226 | 2e5d83bb | pbrook | DPRINTF("Reset\n");
|
227 | 2e5d83bb | pbrook | s->mode = USB_MSDM_CBW; |
228 | 2e5d83bb | pbrook | } |
229 | 2e5d83bb | pbrook | |
230 | 2e5d83bb | pbrook | static int usb_msd_handle_control(USBDevice *dev, int request, int value, |
231 | 2e5d83bb | pbrook | int index, int length, uint8_t *data) |
232 | 2e5d83bb | pbrook | { |
233 | 2e5d83bb | pbrook | MSDState *s = (MSDState *)dev; |
234 | 2e5d83bb | pbrook | int ret = 0; |
235 | 2e5d83bb | pbrook | |
236 | 2e5d83bb | pbrook | switch (request) {
|
237 | 2e5d83bb | pbrook | case DeviceRequest | USB_REQ_GET_STATUS:
|
238 | 2e5d83bb | pbrook | data[0] = (1 << USB_DEVICE_SELF_POWERED) | |
239 | 2e5d83bb | pbrook | (dev->remote_wakeup << USB_DEVICE_REMOTE_WAKEUP); |
240 | 2e5d83bb | pbrook | data[1] = 0x00; |
241 | 2e5d83bb | pbrook | ret = 2;
|
242 | 2e5d83bb | pbrook | break;
|
243 | 2e5d83bb | pbrook | case DeviceOutRequest | USB_REQ_CLEAR_FEATURE:
|
244 | 2e5d83bb | pbrook | if (value == USB_DEVICE_REMOTE_WAKEUP) {
|
245 | 2e5d83bb | pbrook | dev->remote_wakeup = 0;
|
246 | 2e5d83bb | pbrook | } else {
|
247 | 2e5d83bb | pbrook | goto fail;
|
248 | 2e5d83bb | pbrook | } |
249 | 2e5d83bb | pbrook | ret = 0;
|
250 | 2e5d83bb | pbrook | break;
|
251 | 2e5d83bb | pbrook | case DeviceOutRequest | USB_REQ_SET_FEATURE:
|
252 | 2e5d83bb | pbrook | if (value == USB_DEVICE_REMOTE_WAKEUP) {
|
253 | 2e5d83bb | pbrook | dev->remote_wakeup = 1;
|
254 | 2e5d83bb | pbrook | } else {
|
255 | 2e5d83bb | pbrook | goto fail;
|
256 | 2e5d83bb | pbrook | } |
257 | 2e5d83bb | pbrook | ret = 0;
|
258 | 2e5d83bb | pbrook | break;
|
259 | 2e5d83bb | pbrook | case DeviceOutRequest | USB_REQ_SET_ADDRESS:
|
260 | 2e5d83bb | pbrook | dev->addr = value; |
261 | 2e5d83bb | pbrook | ret = 0;
|
262 | 2e5d83bb | pbrook | break;
|
263 | 2e5d83bb | pbrook | case DeviceRequest | USB_REQ_GET_DESCRIPTOR:
|
264 | 2e5d83bb | pbrook | switch(value >> 8) { |
265 | 2e5d83bb | pbrook | case USB_DT_DEVICE:
|
266 | 5fafdf24 | ths | memcpy(data, qemu_msd_dev_descriptor, |
267 | 2e5d83bb | pbrook | sizeof(qemu_msd_dev_descriptor));
|
268 | 2e5d83bb | pbrook | ret = sizeof(qemu_msd_dev_descriptor);
|
269 | 2e5d83bb | pbrook | break;
|
270 | 2e5d83bb | pbrook | case USB_DT_CONFIG:
|
271 | 5fafdf24 | ths | memcpy(data, qemu_msd_config_descriptor, |
272 | 2e5d83bb | pbrook | sizeof(qemu_msd_config_descriptor));
|
273 | 2e5d83bb | pbrook | ret = sizeof(qemu_msd_config_descriptor);
|
274 | 2e5d83bb | pbrook | break;
|
275 | 2e5d83bb | pbrook | case USB_DT_STRING:
|
276 | 2e5d83bb | pbrook | switch(value & 0xff) { |
277 | 2e5d83bb | pbrook | case 0: |
278 | 2e5d83bb | pbrook | /* language ids */
|
279 | 2e5d83bb | pbrook | data[0] = 4; |
280 | 2e5d83bb | pbrook | data[1] = 3; |
281 | 2e5d83bb | pbrook | data[2] = 0x09; |
282 | 2e5d83bb | pbrook | data[3] = 0x04; |
283 | 2e5d83bb | pbrook | ret = 4;
|
284 | 2e5d83bb | pbrook | break;
|
285 | 2e5d83bb | pbrook | case 1: |
286 | 2e5d83bb | pbrook | /* vendor description */
|
287 | 2e5d83bb | pbrook | ret = set_usb_string(data, "QEMU " QEMU_VERSION);
|
288 | 2e5d83bb | pbrook | break;
|
289 | 2e5d83bb | pbrook | case 2: |
290 | 2e5d83bb | pbrook | /* product description */
|
291 | 2e5d83bb | pbrook | ret = set_usb_string(data, "QEMU USB HARDDRIVE");
|
292 | 2e5d83bb | pbrook | break;
|
293 | 2e5d83bb | pbrook | case 3: |
294 | 2e5d83bb | pbrook | /* serial number */
|
295 | 2e5d83bb | pbrook | ret = set_usb_string(data, "1");
|
296 | 2e5d83bb | pbrook | break;
|
297 | 2e5d83bb | pbrook | default:
|
298 | 2e5d83bb | pbrook | goto fail;
|
299 | 2e5d83bb | pbrook | } |
300 | 2e5d83bb | pbrook | break;
|
301 | 2e5d83bb | pbrook | default:
|
302 | 2e5d83bb | pbrook | goto fail;
|
303 | 2e5d83bb | pbrook | } |
304 | 2e5d83bb | pbrook | break;
|
305 | 2e5d83bb | pbrook | case DeviceRequest | USB_REQ_GET_CONFIGURATION:
|
306 | 2e5d83bb | pbrook | data[0] = 1; |
307 | 2e5d83bb | pbrook | ret = 1;
|
308 | 2e5d83bb | pbrook | break;
|
309 | 2e5d83bb | pbrook | case DeviceOutRequest | USB_REQ_SET_CONFIGURATION:
|
310 | 2e5d83bb | pbrook | ret = 0;
|
311 | 2e5d83bb | pbrook | break;
|
312 | 2e5d83bb | pbrook | case DeviceRequest | USB_REQ_GET_INTERFACE:
|
313 | 2e5d83bb | pbrook | data[0] = 0; |
314 | 2e5d83bb | pbrook | ret = 1;
|
315 | 2e5d83bb | pbrook | break;
|
316 | 2e5d83bb | pbrook | case DeviceOutRequest | USB_REQ_SET_INTERFACE:
|
317 | 2e5d83bb | pbrook | ret = 0;
|
318 | 2e5d83bb | pbrook | break;
|
319 | 2e5d83bb | pbrook | case EndpointOutRequest | USB_REQ_CLEAR_FEATURE:
|
320 | 2e5d83bb | pbrook | if (value == 0 && index != 0x81) { /* clear ep halt */ |
321 | 2e5d83bb | pbrook | goto fail;
|
322 | 2e5d83bb | pbrook | } |
323 | 2e5d83bb | pbrook | ret = 0;
|
324 | 2e5d83bb | pbrook | break;
|
325 | 2e5d83bb | pbrook | /* Class specific requests. */
|
326 | 2e5d83bb | pbrook | case MassStorageReset:
|
327 | 2e5d83bb | pbrook | /* Reset state ready for the next CBW. */
|
328 | 2e5d83bb | pbrook | s->mode = USB_MSDM_CBW; |
329 | 2e5d83bb | pbrook | ret = 0;
|
330 | 2e5d83bb | pbrook | break;
|
331 | 2e5d83bb | pbrook | case GetMaxLun:
|
332 | 2e5d83bb | pbrook | data[0] = 0; |
333 | 2e5d83bb | pbrook | ret = 1;
|
334 | 2e5d83bb | pbrook | break;
|
335 | 2e5d83bb | pbrook | default:
|
336 | 2e5d83bb | pbrook | fail:
|
337 | 2e5d83bb | pbrook | ret = USB_RET_STALL; |
338 | 2e5d83bb | pbrook | break;
|
339 | 2e5d83bb | pbrook | } |
340 | 2e5d83bb | pbrook | return ret;
|
341 | 2e5d83bb | pbrook | } |
342 | 2e5d83bb | pbrook | |
343 | 4d611c9a | pbrook | static void usb_msd_cancel_io(USBPacket *p, void *opaque) |
344 | 4d611c9a | pbrook | { |
345 | 4d611c9a | pbrook | MSDState *s = opaque; |
346 | 8ccc2ace | ths | s->scsi_dev->cancel_io(s->scsi_dev, s->tag); |
347 | 4d611c9a | pbrook | s->packet = NULL;
|
348 | a917d384 | pbrook | s->scsi_len = 0;
|
349 | 4d611c9a | pbrook | } |
350 | 4d611c9a | pbrook | |
351 | 4d611c9a | pbrook | static int usb_msd_handle_data(USBDevice *dev, USBPacket *p) |
352 | 2e5d83bb | pbrook | { |
353 | 2e5d83bb | pbrook | MSDState *s = (MSDState *)dev; |
354 | 2e5d83bb | pbrook | int ret = 0; |
355 | 2e5d83bb | pbrook | struct usb_msd_cbw cbw;
|
356 | 4d611c9a | pbrook | uint8_t devep = p->devep; |
357 | 4d611c9a | pbrook | uint8_t *data = p->data; |
358 | 4d611c9a | pbrook | int len = p->len;
|
359 | 2e5d83bb | pbrook | |
360 | 4d611c9a | pbrook | switch (p->pid) {
|
361 | 2e5d83bb | pbrook | case USB_TOKEN_OUT:
|
362 | 2e5d83bb | pbrook | if (devep != 2) |
363 | 2e5d83bb | pbrook | goto fail;
|
364 | 2e5d83bb | pbrook | |
365 | 2e5d83bb | pbrook | switch (s->mode) {
|
366 | 2e5d83bb | pbrook | case USB_MSDM_CBW:
|
367 | 2e5d83bb | pbrook | if (len != 31) { |
368 | 2e5d83bb | pbrook | fprintf(stderr, "usb-msd: Bad CBW size");
|
369 | 2e5d83bb | pbrook | goto fail;
|
370 | 2e5d83bb | pbrook | } |
371 | 2e5d83bb | pbrook | memcpy(&cbw, data, 31);
|
372 | 2e5d83bb | pbrook | if (le32_to_cpu(cbw.sig) != 0x43425355) { |
373 | 2e5d83bb | pbrook | fprintf(stderr, "usb-msd: Bad signature %08x\n",
|
374 | 2e5d83bb | pbrook | le32_to_cpu(cbw.sig)); |
375 | 2e5d83bb | pbrook | goto fail;
|
376 | 2e5d83bb | pbrook | } |
377 | 2e5d83bb | pbrook | DPRINTF("Command on LUN %d\n", cbw.lun);
|
378 | 2e5d83bb | pbrook | if (cbw.lun != 0) { |
379 | 2e5d83bb | pbrook | fprintf(stderr, "usb-msd: Bad LUN %d\n", cbw.lun);
|
380 | 2e5d83bb | pbrook | goto fail;
|
381 | 2e5d83bb | pbrook | } |
382 | 2e5d83bb | pbrook | s->tag = le32_to_cpu(cbw.tag); |
383 | 2e5d83bb | pbrook | s->data_len = le32_to_cpu(cbw.data_len); |
384 | 2e5d83bb | pbrook | if (s->data_len == 0) { |
385 | 2e5d83bb | pbrook | s->mode = USB_MSDM_CSW; |
386 | 2e5d83bb | pbrook | } else if (cbw.flags & 0x80) { |
387 | 2e5d83bb | pbrook | s->mode = USB_MSDM_DATAIN; |
388 | 2e5d83bb | pbrook | } else {
|
389 | 2e5d83bb | pbrook | s->mode = USB_MSDM_DATAOUT; |
390 | 2e5d83bb | pbrook | } |
391 | 2e5d83bb | pbrook | DPRINTF("Command tag 0x%x flags %08x len %d data %d\n",
|
392 | 2e5d83bb | pbrook | s->tag, cbw.flags, cbw.cmd_len, s->data_len); |
393 | a917d384 | pbrook | s->residue = 0;
|
394 | 8ccc2ace | ths | s->scsi_dev->send_command(s->scsi_dev, s->tag, cbw.cmd, 0);
|
395 | a917d384 | pbrook | /* ??? Should check that USB and SCSI data transfer
|
396 | a917d384 | pbrook | directions match. */
|
397 | a917d384 | pbrook | if (s->residue == 0) { |
398 | a917d384 | pbrook | if (s->mode == USB_MSDM_DATAIN) {
|
399 | 8ccc2ace | ths | s->scsi_dev->read_data(s->scsi_dev, s->tag); |
400 | a917d384 | pbrook | } else if (s->mode == USB_MSDM_DATAOUT) { |
401 | 8ccc2ace | ths | s->scsi_dev->write_data(s->scsi_dev, s->tag); |
402 | a917d384 | pbrook | } |
403 | a917d384 | pbrook | } |
404 | 2e5d83bb | pbrook | ret = len; |
405 | 2e5d83bb | pbrook | break;
|
406 | 2e5d83bb | pbrook | |
407 | 2e5d83bb | pbrook | case USB_MSDM_DATAOUT:
|
408 | 2e5d83bb | pbrook | DPRINTF("Data out %d/%d\n", len, s->data_len);
|
409 | 2e5d83bb | pbrook | if (len > s->data_len)
|
410 | 2e5d83bb | pbrook | goto fail;
|
411 | 2e5d83bb | pbrook | |
412 | a917d384 | pbrook | s->usb_buf = data; |
413 | a917d384 | pbrook | s->usb_len = len; |
414 | a917d384 | pbrook | if (s->scsi_len) {
|
415 | a917d384 | pbrook | usb_msd_copy_data(s); |
416 | a917d384 | pbrook | } |
417 | a917d384 | pbrook | if (s->residue && s->usb_len) {
|
418 | a917d384 | pbrook | s->data_len -= s->usb_len; |
419 | a917d384 | pbrook | if (s->data_len == 0) |
420 | a917d384 | pbrook | s->mode = USB_MSDM_CSW; |
421 | a917d384 | pbrook | s->usb_len = 0;
|
422 | a917d384 | pbrook | } |
423 | a917d384 | pbrook | if (s->usb_len) {
|
424 | 4d611c9a | pbrook | DPRINTF("Deferring packet %p\n", p);
|
425 | 4d611c9a | pbrook | usb_defer_packet(p, usb_msd_cancel_io, s); |
426 | 4d611c9a | pbrook | s->packet = p; |
427 | 4d611c9a | pbrook | ret = USB_RET_ASYNC; |
428 | a917d384 | pbrook | } else {
|
429 | a917d384 | pbrook | ret = len; |
430 | 4d611c9a | pbrook | } |
431 | 2e5d83bb | pbrook | break;
|
432 | 2e5d83bb | pbrook | |
433 | 2e5d83bb | pbrook | default:
|
434 | 2e5d83bb | pbrook | DPRINTF("Unexpected write (len %d)\n", len);
|
435 | 2e5d83bb | pbrook | goto fail;
|
436 | 2e5d83bb | pbrook | } |
437 | 2e5d83bb | pbrook | break;
|
438 | 2e5d83bb | pbrook | |
439 | 2e5d83bb | pbrook | case USB_TOKEN_IN:
|
440 | 2e5d83bb | pbrook | if (devep != 1) |
441 | 2e5d83bb | pbrook | goto fail;
|
442 | 2e5d83bb | pbrook | |
443 | 2e5d83bb | pbrook | switch (s->mode) {
|
444 | a917d384 | pbrook | case USB_MSDM_DATAOUT:
|
445 | a917d384 | pbrook | if (s->data_len != 0 || len < 13) |
446 | a917d384 | pbrook | goto fail;
|
447 | a917d384 | pbrook | /* Waiting for SCSI write to complete. */
|
448 | a917d384 | pbrook | usb_defer_packet(p, usb_msd_cancel_io, s); |
449 | a917d384 | pbrook | s->packet = p; |
450 | a917d384 | pbrook | ret = USB_RET_ASYNC; |
451 | a917d384 | pbrook | break;
|
452 | a917d384 | pbrook | |
453 | 2e5d83bb | pbrook | case USB_MSDM_CSW:
|
454 | 2e5d83bb | pbrook | DPRINTF("Command status %d tag 0x%x, len %d\n",
|
455 | 2e5d83bb | pbrook | s->result, s->tag, len); |
456 | 2e5d83bb | pbrook | if (len < 13) |
457 | 2e5d83bb | pbrook | goto fail;
|
458 | 2e5d83bb | pbrook | |
459 | a917d384 | pbrook | s->usb_len = len; |
460 | a917d384 | pbrook | s->usb_buf = data; |
461 | a917d384 | pbrook | usb_msd_send_status(s); |
462 | 2e5d83bb | pbrook | s->mode = USB_MSDM_CBW; |
463 | a917d384 | pbrook | ret = 13;
|
464 | 2e5d83bb | pbrook | break;
|
465 | 2e5d83bb | pbrook | |
466 | 2e5d83bb | pbrook | case USB_MSDM_DATAIN:
|
467 | 2e5d83bb | pbrook | DPRINTF("Data in %d/%d\n", len, s->data_len);
|
468 | 2e5d83bb | pbrook | if (len > s->data_len)
|
469 | 2e5d83bb | pbrook | len = s->data_len; |
470 | a917d384 | pbrook | s->usb_buf = data; |
471 | a917d384 | pbrook | s->usb_len = len; |
472 | a917d384 | pbrook | if (s->scsi_len) {
|
473 | a917d384 | pbrook | usb_msd_copy_data(s); |
474 | a917d384 | pbrook | } |
475 | a917d384 | pbrook | if (s->residue && s->usb_len) {
|
476 | a917d384 | pbrook | s->data_len -= s->usb_len; |
477 | a917d384 | pbrook | memset(s->usb_buf, 0, s->usb_len);
|
478 | a917d384 | pbrook | if (s->data_len == 0) |
479 | a917d384 | pbrook | s->mode = USB_MSDM_CSW; |
480 | a917d384 | pbrook | s->usb_len = 0;
|
481 | a917d384 | pbrook | } |
482 | a917d384 | pbrook | if (s->usb_len) {
|
483 | 4d611c9a | pbrook | DPRINTF("Deferring packet %p\n", p);
|
484 | 4d611c9a | pbrook | usb_defer_packet(p, usb_msd_cancel_io, s); |
485 | 4d611c9a | pbrook | s->packet = p; |
486 | 4d611c9a | pbrook | ret = USB_RET_ASYNC; |
487 | a917d384 | pbrook | } else {
|
488 | a917d384 | pbrook | ret = len; |
489 | 4d611c9a | pbrook | } |
490 | 2e5d83bb | pbrook | break;
|
491 | 2e5d83bb | pbrook | |
492 | 2e5d83bb | pbrook | default:
|
493 | 2e5d83bb | pbrook | DPRINTF("Unexpected read (len %d)\n", len);
|
494 | 2e5d83bb | pbrook | goto fail;
|
495 | 2e5d83bb | pbrook | } |
496 | 2e5d83bb | pbrook | break;
|
497 | 2e5d83bb | pbrook | |
498 | 2e5d83bb | pbrook | default:
|
499 | 2e5d83bb | pbrook | DPRINTF("Bad token\n");
|
500 | 2e5d83bb | pbrook | fail:
|
501 | 2e5d83bb | pbrook | ret = USB_RET_STALL; |
502 | 2e5d83bb | pbrook | break;
|
503 | 2e5d83bb | pbrook | } |
504 | 2e5d83bb | pbrook | |
505 | 2e5d83bb | pbrook | return ret;
|
506 | 2e5d83bb | pbrook | } |
507 | 2e5d83bb | pbrook | |
508 | 059809e4 | bellard | static void usb_msd_handle_destroy(USBDevice *dev) |
509 | 059809e4 | bellard | { |
510 | 059809e4 | bellard | MSDState *s = (MSDState *)dev; |
511 | 059809e4 | bellard | |
512 | 8ccc2ace | ths | s->scsi_dev->destroy(s->scsi_dev); |
513 | b56bdb32 | bellard | bdrv_delete(s->bs); |
514 | 059809e4 | bellard | qemu_free(s); |
515 | 059809e4 | bellard | } |
516 | 2e5d83bb | pbrook | |
517 | 806b6024 | Gerd Hoffmann | static int usb_msd_initfn(USBDevice *dev) |
518 | 806b6024 | Gerd Hoffmann | { |
519 | 806b6024 | Gerd Hoffmann | MSDState *s = DO_UPCAST(MSDState, dev, dev); |
520 | 806b6024 | Gerd Hoffmann | |
521 | 806b6024 | Gerd Hoffmann | s->dev.speed = USB_SPEED_FULL; |
522 | 806b6024 | Gerd Hoffmann | return 0; |
523 | 806b6024 | Gerd Hoffmann | } |
524 | 806b6024 | Gerd Hoffmann | |
525 | bb5fc20f | aliguori | USBDevice *usb_msd_init(const char *filename) |
526 | 2e5d83bb | pbrook | { |
527 | 806b6024 | Gerd Hoffmann | USBDevice *dev; |
528 | 2e5d83bb | pbrook | MSDState *s; |
529 | 2e5d83bb | pbrook | BlockDriverState *bdrv; |
530 | 334c0241 | aurel32 | BlockDriver *drv = NULL;
|
531 | 334c0241 | aurel32 | const char *p1; |
532 | 334c0241 | aurel32 | char fmt[32]; |
533 | 334c0241 | aurel32 | |
534 | 334c0241 | aurel32 | p1 = strchr(filename, ':');
|
535 | 334c0241 | aurel32 | if (p1++) {
|
536 | 334c0241 | aurel32 | const char *p2; |
537 | 334c0241 | aurel32 | |
538 | 334c0241 | aurel32 | if (strstart(filename, "format=", &p2)) { |
539 | 334c0241 | aurel32 | int len = MIN(p1 - p2, sizeof(fmt)); |
540 | 334c0241 | aurel32 | pstrcpy(fmt, len, p2); |
541 | 334c0241 | aurel32 | |
542 | 334c0241 | aurel32 | drv = bdrv_find_format(fmt); |
543 | 334c0241 | aurel32 | if (!drv) {
|
544 | 334c0241 | aurel32 | printf("invalid format %s\n", fmt);
|
545 | 334c0241 | aurel32 | return NULL; |
546 | 334c0241 | aurel32 | } |
547 | 334c0241 | aurel32 | } else if (*filename != ':') { |
548 | 334c0241 | aurel32 | printf("unrecognized USB mass-storage option %s\n", filename);
|
549 | 334c0241 | aurel32 | return NULL; |
550 | 334c0241 | aurel32 | } |
551 | 334c0241 | aurel32 | |
552 | 334c0241 | aurel32 | filename = p1; |
553 | 334c0241 | aurel32 | } |
554 | 334c0241 | aurel32 | |
555 | 334c0241 | aurel32 | if (!*filename) {
|
556 | 334c0241 | aurel32 | printf("block device specification needed\n");
|
557 | 334c0241 | aurel32 | return NULL; |
558 | 334c0241 | aurel32 | } |
559 | 2e5d83bb | pbrook | |
560 | 2e5d83bb | pbrook | bdrv = bdrv_new("usb");
|
561 | 334c0241 | aurel32 | if (bdrv_open2(bdrv, filename, 0, drv) < 0) |
562 | 806b6024 | Gerd Hoffmann | return NULL; |
563 | 2e5d83bb | pbrook | |
564 | 806b6024 | Gerd Hoffmann | dev = usb_create_simple(NULL /* FIXME */, "QEMU USB MSD"); |
565 | 806b6024 | Gerd Hoffmann | s = DO_UPCAST(MSDState, dev, dev); |
566 | 806b6024 | Gerd Hoffmann | s->bs = bdrv; |
567 | 1f6e24e7 | bellard | snprintf(s->dev.devname, sizeof(s->dev.devname), "QEMU USB MSD(%.16s)", |
568 | 1f6e24e7 | bellard | filename); |
569 | 1f6e24e7 | bellard | |
570 | a917d384 | pbrook | s->scsi_dev = scsi_disk_init(bdrv, 0, usb_msd_command_complete, s);
|
571 | 059809e4 | bellard | usb_msd_handle_reset((USBDevice *)s); |
572 | 2e5d83bb | pbrook | return (USBDevice *)s;
|
573 | 2e5d83bb | pbrook | } |
574 | bb5fc20f | aliguori | |
575 | bb5fc20f | aliguori | BlockDriverState *usb_msd_get_bdrv(USBDevice *dev) |
576 | bb5fc20f | aliguori | { |
577 | bb5fc20f | aliguori | MSDState *s = (MSDState *)dev; |
578 | bb5fc20f | aliguori | |
579 | bb5fc20f | aliguori | return s->bs;
|
580 | bb5fc20f | aliguori | } |
581 | 806b6024 | Gerd Hoffmann | |
582 | 806b6024 | Gerd Hoffmann | static struct USBDeviceInfo msd_info = { |
583 | 806b6024 | Gerd Hoffmann | .qdev.name = "QEMU USB MSD",
|
584 | 806b6024 | Gerd Hoffmann | .qdev.size = sizeof(MSDState),
|
585 | 806b6024 | Gerd Hoffmann | .init = usb_msd_initfn, |
586 | 806b6024 | Gerd Hoffmann | .handle_packet = usb_generic_handle_packet, |
587 | 806b6024 | Gerd Hoffmann | .handle_reset = usb_msd_handle_reset, |
588 | 806b6024 | Gerd Hoffmann | .handle_control = usb_msd_handle_control, |
589 | 806b6024 | Gerd Hoffmann | .handle_data = usb_msd_handle_data, |
590 | 806b6024 | Gerd Hoffmann | .handle_destroy = usb_msd_handle_destroy, |
591 | 806b6024 | Gerd Hoffmann | }; |
592 | 806b6024 | Gerd Hoffmann | |
593 | 806b6024 | Gerd Hoffmann | static void usb_msd_register_devices(void) |
594 | 806b6024 | Gerd Hoffmann | { |
595 | 806b6024 | Gerd Hoffmann | usb_qdev_register(&msd_info); |
596 | 806b6024 | Gerd Hoffmann | } |
597 | 806b6024 | Gerd Hoffmann | device_init(usb_msd_register_devices) |