Revision f237ddbb hw/usb/dev-network.c

b/hw/usb/dev-network.c
1250 1250 
static ssize_t usbnet_receive(NetClientState *nc, const uint8_t *buf, size_t size)
1251 1251 
{
1252 1252 
    USBNetState *s = DO_UPCAST(NICState, nc, nc)->opaque;
1253 
    struct rndis_packet_msg_type *msg;
1253 
    uint8_t *in_buf = s->in_buf;
1254 
    size_t total_size = size;
1254 1255 

  		





  1255
  1256
  
    
    if (is_rndis(s)) {


  		





  1256
  
  
    
        msg = (struct rndis_packet_msg_type *) s->in_buf;


  		





  1257
  1257
  
    
        if (s->rndis_state != RNDIS_DATA_INITIALIZED) {


  		





  1258
  1258
  
    
            return -1;


  		





  1259
  1259
  
    
        }


  		





  1260
  
  
    
        if (size + sizeof(struct rndis_packet_msg_type) > sizeof(s->in_buf))


  		





  1261
  
  
    
            return -1;


  		





  
  1260
  
    
        total_size += sizeof(struct rndis_packet_msg_type);


  		





  
  1261
  
    
    }


  		





  
  1262
  
    
    if (total_size > sizeof(s->in_buf)) {


  		





  
  1263
  
    
        return -1;


  		





  
  1264
  
    
    }


  		





  1262
  1265
  
    

  		





  
  1266
  
    
    if (is_rndis(s)) {


  		





  
  1267
  
    
        struct rndis_packet_msg_type *msg;


  		





  
  1268
  
    

  		





  
  1269
  
    
        msg = (struct rndis_packet_msg_type *)in_buf;


  		





  1263
  1270
  
    
        memset(msg, 0, sizeof(struct rndis_packet_msg_type));


  		





  1264
  1271
  
    
        msg->MessageType = cpu_to_le32(RNDIS_PACKET_MSG);


  		





  1265
  
  
    
        msg->MessageLength = cpu_to_le32(size + sizeof(struct rndis_packet_msg_type));


  		





  1266
  
  
    
        msg->DataOffset = cpu_to_le32(sizeof(struct rndis_packet_msg_type) - 8);


  		





  
  1272
  
    
        msg->MessageLength = cpu_to_le32(size + sizeof(*msg));


  		





  
  1273
  
    
        msg->DataOffset = cpu_to_le32(sizeof(*msg) - 8);


  		





  1267
  1274
  
    
        msg->DataLength = cpu_to_le32(size);


  		





  1268
  1275
  
    
        /* msg->OOBDataOffset;


  		





  1269
  1276
  
    
         * msg->OOBDataLength;


  		





  ......




  1273
  1280
  
    
         * msg->VcHandle;


  		





  1274
  1281
  
    
         * msg->Reserved;


  		





  1275
  1282
  
    
         */


  		





  1276
  
  
    
        memcpy(msg + 1, buf, size);


  		





  1277
  
  
    
        s->in_len = size + sizeof(struct rndis_packet_msg_type);


  		





  1278
  
  
    
    } else {


  		





  1279
  
  
    
        if (size > sizeof(s->in_buf))


  		





  1280
  
  
    
            return -1;


  		





  1281
  
  
    
        memcpy(s->in_buf, buf, size);


  		





  1282
  
  
    
        s->in_len = size;


  		





  
  1283
  
    
        in_buf += sizeof(*msg);


  		





  1283
  1284
  
    
    }


  		





  
  1285
  
    

  		





  
  1286
  
    
    memcpy(in_buf, buf, size);


  		





  
  1287
  
    
    s->in_len = total_size;


  		





  1284
  1288
  
    
    s->in_ptr = 0;


  		





  1285
  1289
  
    
    return size;


  		





  1286
  1290
  
    
}


  		












Also available in:
  Unified diff