ths | 5fafdf2 | 2007-09-16 21:08:06 +0000 | [diff] [blame] | 1 | /* |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 2 | * USB Mass Storage Device emulation |
| 3 | * |
| 4 | * Copyright (c) 2006 CodeSourcery. |
| 5 | * Written by Paul Brook |
| 6 | * |
| 7 | * This code is licenced under the LGPL. |
| 8 | */ |
| 9 | |
pbrook | 87ecb68 | 2007-11-17 17:14:51 +0000 | [diff] [blame] | 10 | #include "qemu-common.h" |
| 11 | #include "usb.h" |
| 12 | #include "block.h" |
| 13 | #include "scsi-disk.h" |
aliguori | c0f4ce7 | 2009-03-05 23:01:01 +0000 | [diff] [blame] | 14 | #include "console.h" |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 15 | |
| 16 | //#define DEBUG_MSD |
| 17 | |
| 18 | #ifdef DEBUG_MSD |
Blue Swirl | 001faf3 | 2009-05-13 17:53:17 +0000 | [diff] [blame] | 19 | #define DPRINTF(fmt, ...) \ |
| 20 | do { printf("usb-msd: " fmt , ## __VA_ARGS__); } while (0) |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 21 | #else |
Blue Swirl | 001faf3 | 2009-05-13 17:53:17 +0000 | [diff] [blame] | 22 | #define DPRINTF(fmt, ...) do {} while(0) |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 23 | #endif |
| 24 | |
| 25 | /* USB requests. */ |
| 26 | #define MassStorageReset 0xff |
| 27 | #define GetMaxLun 0xfe |
| 28 | |
| 29 | enum USBMSDMode { |
| 30 | USB_MSDM_CBW, /* Command Block. */ |
| 31 | USB_MSDM_DATAOUT, /* Tranfer data to device. */ |
| 32 | USB_MSDM_DATAIN, /* Transfer data from device. */ |
| 33 | USB_MSDM_CSW /* Command Status. */ |
| 34 | }; |
| 35 | |
| 36 | typedef struct { |
| 37 | USBDevice dev; |
| 38 | enum USBMSDMode mode; |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 39 | uint32_t scsi_len; |
| 40 | uint8_t *scsi_buf; |
| 41 | uint32_t usb_len; |
| 42 | uint8_t *usb_buf; |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 43 | uint32_t data_len; |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 44 | uint32_t residue; |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 45 | uint32_t tag; |
bellard | b56bdb3 | 2006-08-19 11:58:59 +0000 | [diff] [blame] | 46 | BlockDriverState *bs; |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 47 | SCSIDevice *scsi_dev; |
| 48 | int result; |
pbrook | 4d611c9 | 2006-08-12 01:04:27 +0000 | [diff] [blame] | 49 | /* For async completion. */ |
| 50 | USBPacket *packet; |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 51 | } MSDState; |
| 52 | |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 53 | struct usb_msd_cbw { |
| 54 | uint32_t sig; |
| 55 | uint32_t tag; |
| 56 | uint32_t data_len; |
| 57 | uint8_t flags; |
| 58 | uint8_t lun; |
| 59 | uint8_t cmd_len; |
| 60 | uint8_t cmd[16]; |
| 61 | }; |
| 62 | |
| 63 | struct usb_msd_csw { |
| 64 | uint32_t sig; |
| 65 | uint32_t tag; |
| 66 | uint32_t residue; |
| 67 | uint8_t status; |
| 68 | }; |
| 69 | |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 70 | static const uint8_t qemu_msd_dev_descriptor[] = { |
| 71 | 0x12, /* u8 bLength; */ |
| 72 | 0x01, /* u8 bDescriptorType; Device */ |
ths | e126cf1 | 2007-03-31 18:23:26 +0000 | [diff] [blame] | 73 | 0x00, 0x01, /* u16 bcdUSB; v1.0 */ |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 74 | |
| 75 | 0x00, /* u8 bDeviceClass; */ |
| 76 | 0x00, /* u8 bDeviceSubClass; */ |
| 77 | 0x00, /* u8 bDeviceProtocol; [ low/full speeds only ] */ |
| 78 | 0x08, /* u8 bMaxPacketSize0; 8 Bytes */ |
| 79 | |
| 80 | /* Vendor and product id are arbitrary. */ |
| 81 | 0x00, 0x00, /* u16 idVendor; */ |
| 82 | 0x00, 0x00, /* u16 idProduct; */ |
| 83 | 0x00, 0x00, /* u16 bcdDevice */ |
| 84 | |
| 85 | 0x01, /* u8 iManufacturer; */ |
| 86 | 0x02, /* u8 iProduct; */ |
| 87 | 0x03, /* u8 iSerialNumber; */ |
| 88 | 0x01 /* u8 bNumConfigurations; */ |
| 89 | }; |
| 90 | |
| 91 | static const uint8_t qemu_msd_config_descriptor[] = { |
| 92 | |
| 93 | /* one configuration */ |
| 94 | 0x09, /* u8 bLength; */ |
| 95 | 0x02, /* u8 bDescriptorType; Configuration */ |
| 96 | 0x20, 0x00, /* u16 wTotalLength; */ |
| 97 | 0x01, /* u8 bNumInterfaces; (1) */ |
| 98 | 0x01, /* u8 bConfigurationValue; */ |
| 99 | 0x00, /* u8 iConfiguration; */ |
ths | 5fafdf2 | 2007-09-16 21:08:06 +0000 | [diff] [blame] | 100 | 0xc0, /* u8 bmAttributes; |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 101 | Bit 7: must be set, |
| 102 | 6: Self-powered, |
| 103 | 5: Remote wakeup, |
| 104 | 4..0: resvd */ |
| 105 | 0x00, /* u8 MaxPower; */ |
ths | 3b46e62 | 2007-09-17 08:09:54 +0000 | [diff] [blame] | 106 | |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 107 | /* one interface */ |
| 108 | 0x09, /* u8 if_bLength; */ |
| 109 | 0x04, /* u8 if_bDescriptorType; Interface */ |
| 110 | 0x00, /* u8 if_bInterfaceNumber; */ |
| 111 | 0x00, /* u8 if_bAlternateSetting; */ |
| 112 | 0x02, /* u8 if_bNumEndpoints; */ |
| 113 | 0x08, /* u8 if_bInterfaceClass; MASS STORAGE */ |
| 114 | 0x06, /* u8 if_bInterfaceSubClass; SCSI */ |
| 115 | 0x50, /* u8 if_bInterfaceProtocol; Bulk Only */ |
| 116 | 0x00, /* u8 if_iInterface; */ |
ths | 3b46e62 | 2007-09-17 08:09:54 +0000 | [diff] [blame] | 117 | |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 118 | /* Bulk-In endpoint */ |
| 119 | 0x07, /* u8 ep_bLength; */ |
| 120 | 0x05, /* u8 ep_bDescriptorType; Endpoint */ |
| 121 | 0x81, /* u8 ep_bEndpointAddress; IN Endpoint 1 */ |
| 122 | 0x02, /* u8 ep_bmAttributes; Bulk */ |
| 123 | 0x40, 0x00, /* u16 ep_wMaxPacketSize; */ |
| 124 | 0x00, /* u8 ep_bInterval; */ |
| 125 | |
| 126 | /* Bulk-Out endpoint */ |
| 127 | 0x07, /* u8 ep_bLength; */ |
| 128 | 0x05, /* u8 ep_bDescriptorType; Endpoint */ |
| 129 | 0x02, /* u8 ep_bEndpointAddress; OUT Endpoint 2 */ |
| 130 | 0x02, /* u8 ep_bmAttributes; Bulk */ |
| 131 | 0x40, 0x00, /* u16 ep_wMaxPacketSize; */ |
| 132 | 0x00 /* u8 ep_bInterval; */ |
| 133 | }; |
| 134 | |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 135 | static void usb_msd_copy_data(MSDState *s) |
| 136 | { |
| 137 | uint32_t len; |
| 138 | len = s->usb_len; |
| 139 | if (len > s->scsi_len) |
| 140 | len = s->scsi_len; |
| 141 | if (s->mode == USB_MSDM_DATAIN) { |
| 142 | memcpy(s->usb_buf, s->scsi_buf, len); |
| 143 | } else { |
| 144 | memcpy(s->scsi_buf, s->usb_buf, len); |
| 145 | } |
| 146 | s->usb_len -= len; |
| 147 | s->scsi_len -= len; |
| 148 | s->usb_buf += len; |
| 149 | s->scsi_buf += len; |
| 150 | s->data_len -= len; |
| 151 | if (s->scsi_len == 0) { |
| 152 | if (s->mode == USB_MSDM_DATAIN) { |
ths | 8ccc2ac | 2007-12-10 02:58:34 +0000 | [diff] [blame] | 153 | s->scsi_dev->read_data(s->scsi_dev, s->tag); |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 154 | } else if (s->mode == USB_MSDM_DATAOUT) { |
ths | 8ccc2ac | 2007-12-10 02:58:34 +0000 | [diff] [blame] | 155 | s->scsi_dev->write_data(s->scsi_dev, s->tag); |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 156 | } |
| 157 | } |
| 158 | } |
| 159 | |
| 160 | static void usb_msd_send_status(MSDState *s) |
| 161 | { |
| 162 | struct usb_msd_csw csw; |
| 163 | |
| 164 | csw.sig = cpu_to_le32(0x53425355); |
| 165 | csw.tag = cpu_to_le32(s->tag); |
| 166 | csw.residue = s->residue; |
| 167 | csw.status = s->result; |
| 168 | memcpy(s->usb_buf, &csw, 13); |
| 169 | } |
| 170 | |
| 171 | static void usb_msd_command_complete(void *opaque, int reason, uint32_t tag, |
| 172 | uint32_t arg) |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 173 | { |
| 174 | MSDState *s = (MSDState *)opaque; |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 175 | USBPacket *p = s->packet; |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 176 | |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 177 | if (tag != s->tag) { |
| 178 | fprintf(stderr, "usb-msd: Unexpected SCSI Tag 0x%x\n", tag); |
pbrook | 4d611c9 | 2006-08-12 01:04:27 +0000 | [diff] [blame] | 179 | } |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 180 | if (reason == SCSI_REASON_DONE) { |
| 181 | DPRINTF("Command complete %d\n", arg); |
| 182 | s->residue = s->data_len; |
| 183 | s->result = arg != 0; |
| 184 | if (s->packet) { |
| 185 | if (s->data_len == 0 && s->mode == USB_MSDM_DATAOUT) { |
| 186 | /* A deferred packet with no write data remaining must be |
| 187 | the status read packet. */ |
| 188 | usb_msd_send_status(s); |
| 189 | s->mode = USB_MSDM_CBW; |
| 190 | } else { |
| 191 | if (s->data_len) { |
| 192 | s->data_len -= s->usb_len; |
| 193 | if (s->mode == USB_MSDM_DATAIN) |
| 194 | memset(s->usb_buf, 0, s->usb_len); |
| 195 | s->usb_len = 0; |
| 196 | } |
| 197 | if (s->data_len == 0) |
| 198 | s->mode = USB_MSDM_CSW; |
| 199 | } |
| 200 | s->packet = NULL; |
| 201 | usb_packet_complete(p); |
| 202 | } else if (s->data_len == 0) { |
| 203 | s->mode = USB_MSDM_CSW; |
| 204 | } |
| 205 | return; |
| 206 | } |
| 207 | s->scsi_len = arg; |
ths | 8ccc2ac | 2007-12-10 02:58:34 +0000 | [diff] [blame] | 208 | s->scsi_buf = s->scsi_dev->get_buf(s->scsi_dev, tag); |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 209 | if (p) { |
| 210 | usb_msd_copy_data(s); |
| 211 | if (s->usb_len == 0) { |
| 212 | /* Set s->packet to NULL before calling usb_packet_complete |
| 213 | because annother request may be issued before |
| 214 | usb_packet_complete returns. */ |
| 215 | DPRINTF("Packet complete %p\n", p); |
| 216 | s->packet = NULL; |
| 217 | usb_packet_complete(p); |
| 218 | } |
pbrook | 4d611c9 | 2006-08-12 01:04:27 +0000 | [diff] [blame] | 219 | } |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 220 | } |
| 221 | |
bellard | 059809e | 2006-07-19 18:06:15 +0000 | [diff] [blame] | 222 | static void usb_msd_handle_reset(USBDevice *dev) |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 223 | { |
| 224 | MSDState *s = (MSDState *)dev; |
| 225 | |
| 226 | DPRINTF("Reset\n"); |
| 227 | s->mode = USB_MSDM_CBW; |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 228 | } |
| 229 | |
| 230 | static int usb_msd_handle_control(USBDevice *dev, int request, int value, |
| 231 | int index, int length, uint8_t *data) |
| 232 | { |
| 233 | MSDState *s = (MSDState *)dev; |
| 234 | int ret = 0; |
| 235 | |
| 236 | switch (request) { |
| 237 | case DeviceRequest | USB_REQ_GET_STATUS: |
| 238 | data[0] = (1 << USB_DEVICE_SELF_POWERED) | |
| 239 | (dev->remote_wakeup << USB_DEVICE_REMOTE_WAKEUP); |
| 240 | data[1] = 0x00; |
| 241 | ret = 2; |
| 242 | break; |
| 243 | case DeviceOutRequest | USB_REQ_CLEAR_FEATURE: |
| 244 | if (value == USB_DEVICE_REMOTE_WAKEUP) { |
| 245 | dev->remote_wakeup = 0; |
| 246 | } else { |
| 247 | goto fail; |
| 248 | } |
| 249 | ret = 0; |
| 250 | break; |
| 251 | case DeviceOutRequest | USB_REQ_SET_FEATURE: |
| 252 | if (value == USB_DEVICE_REMOTE_WAKEUP) { |
| 253 | dev->remote_wakeup = 1; |
| 254 | } else { |
| 255 | goto fail; |
| 256 | } |
| 257 | ret = 0; |
| 258 | break; |
| 259 | case DeviceOutRequest | USB_REQ_SET_ADDRESS: |
| 260 | dev->addr = value; |
| 261 | ret = 0; |
| 262 | break; |
| 263 | case DeviceRequest | USB_REQ_GET_DESCRIPTOR: |
| 264 | switch(value >> 8) { |
| 265 | case USB_DT_DEVICE: |
ths | 5fafdf2 | 2007-09-16 21:08:06 +0000 | [diff] [blame] | 266 | memcpy(data, qemu_msd_dev_descriptor, |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 267 | sizeof(qemu_msd_dev_descriptor)); |
| 268 | ret = sizeof(qemu_msd_dev_descriptor); |
| 269 | break; |
| 270 | case USB_DT_CONFIG: |
ths | 5fafdf2 | 2007-09-16 21:08:06 +0000 | [diff] [blame] | 271 | memcpy(data, qemu_msd_config_descriptor, |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 272 | sizeof(qemu_msd_config_descriptor)); |
| 273 | ret = sizeof(qemu_msd_config_descriptor); |
| 274 | break; |
| 275 | case USB_DT_STRING: |
| 276 | switch(value & 0xff) { |
| 277 | case 0: |
| 278 | /* language ids */ |
| 279 | data[0] = 4; |
| 280 | data[1] = 3; |
| 281 | data[2] = 0x09; |
| 282 | data[3] = 0x04; |
| 283 | ret = 4; |
| 284 | break; |
| 285 | case 1: |
| 286 | /* vendor description */ |
| 287 | ret = set_usb_string(data, "QEMU " QEMU_VERSION); |
| 288 | break; |
| 289 | case 2: |
| 290 | /* product description */ |
| 291 | ret = set_usb_string(data, "QEMU USB HARDDRIVE"); |
| 292 | break; |
| 293 | case 3: |
| 294 | /* serial number */ |
| 295 | ret = set_usb_string(data, "1"); |
| 296 | break; |
| 297 | default: |
| 298 | goto fail; |
| 299 | } |
| 300 | break; |
| 301 | default: |
| 302 | goto fail; |
| 303 | } |
| 304 | break; |
| 305 | case DeviceRequest | USB_REQ_GET_CONFIGURATION: |
| 306 | data[0] = 1; |
| 307 | ret = 1; |
| 308 | break; |
| 309 | case DeviceOutRequest | USB_REQ_SET_CONFIGURATION: |
| 310 | ret = 0; |
| 311 | break; |
| 312 | case DeviceRequest | USB_REQ_GET_INTERFACE: |
| 313 | data[0] = 0; |
| 314 | ret = 1; |
| 315 | break; |
| 316 | case DeviceOutRequest | USB_REQ_SET_INTERFACE: |
| 317 | ret = 0; |
| 318 | break; |
| 319 | case EndpointOutRequest | USB_REQ_CLEAR_FEATURE: |
| 320 | if (value == 0 && index != 0x81) { /* clear ep halt */ |
| 321 | goto fail; |
| 322 | } |
| 323 | ret = 0; |
| 324 | break; |
| 325 | /* Class specific requests. */ |
| 326 | case MassStorageReset: |
| 327 | /* Reset state ready for the next CBW. */ |
| 328 | s->mode = USB_MSDM_CBW; |
| 329 | ret = 0; |
| 330 | break; |
| 331 | case GetMaxLun: |
| 332 | data[0] = 0; |
| 333 | ret = 1; |
| 334 | break; |
| 335 | default: |
| 336 | fail: |
| 337 | ret = USB_RET_STALL; |
| 338 | break; |
| 339 | } |
| 340 | return ret; |
| 341 | } |
| 342 | |
pbrook | 4d611c9 | 2006-08-12 01:04:27 +0000 | [diff] [blame] | 343 | static void usb_msd_cancel_io(USBPacket *p, void *opaque) |
| 344 | { |
| 345 | MSDState *s = opaque; |
ths | 8ccc2ac | 2007-12-10 02:58:34 +0000 | [diff] [blame] | 346 | s->scsi_dev->cancel_io(s->scsi_dev, s->tag); |
pbrook | 4d611c9 | 2006-08-12 01:04:27 +0000 | [diff] [blame] | 347 | s->packet = NULL; |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 348 | s->scsi_len = 0; |
pbrook | 4d611c9 | 2006-08-12 01:04:27 +0000 | [diff] [blame] | 349 | } |
| 350 | |
| 351 | static int usb_msd_handle_data(USBDevice *dev, USBPacket *p) |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 352 | { |
| 353 | MSDState *s = (MSDState *)dev; |
| 354 | int ret = 0; |
| 355 | struct usb_msd_cbw cbw; |
pbrook | 4d611c9 | 2006-08-12 01:04:27 +0000 | [diff] [blame] | 356 | uint8_t devep = p->devep; |
| 357 | uint8_t *data = p->data; |
| 358 | int len = p->len; |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 359 | |
pbrook | 4d611c9 | 2006-08-12 01:04:27 +0000 | [diff] [blame] | 360 | switch (p->pid) { |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 361 | case USB_TOKEN_OUT: |
| 362 | if (devep != 2) |
| 363 | goto fail; |
| 364 | |
| 365 | switch (s->mode) { |
| 366 | case USB_MSDM_CBW: |
| 367 | if (len != 31) { |
| 368 | fprintf(stderr, "usb-msd: Bad CBW size"); |
| 369 | goto fail; |
| 370 | } |
| 371 | memcpy(&cbw, data, 31); |
| 372 | if (le32_to_cpu(cbw.sig) != 0x43425355) { |
| 373 | fprintf(stderr, "usb-msd: Bad signature %08x\n", |
| 374 | le32_to_cpu(cbw.sig)); |
| 375 | goto fail; |
| 376 | } |
| 377 | DPRINTF("Command on LUN %d\n", cbw.lun); |
| 378 | if (cbw.lun != 0) { |
| 379 | fprintf(stderr, "usb-msd: Bad LUN %d\n", cbw.lun); |
| 380 | goto fail; |
| 381 | } |
| 382 | s->tag = le32_to_cpu(cbw.tag); |
| 383 | s->data_len = le32_to_cpu(cbw.data_len); |
| 384 | if (s->data_len == 0) { |
| 385 | s->mode = USB_MSDM_CSW; |
| 386 | } else if (cbw.flags & 0x80) { |
| 387 | s->mode = USB_MSDM_DATAIN; |
| 388 | } else { |
| 389 | s->mode = USB_MSDM_DATAOUT; |
| 390 | } |
| 391 | DPRINTF("Command tag 0x%x flags %08x len %d data %d\n", |
| 392 | s->tag, cbw.flags, cbw.cmd_len, s->data_len); |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 393 | s->residue = 0; |
ths | 8ccc2ac | 2007-12-10 02:58:34 +0000 | [diff] [blame] | 394 | s->scsi_dev->send_command(s->scsi_dev, s->tag, cbw.cmd, 0); |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 395 | /* ??? Should check that USB and SCSI data transfer |
| 396 | directions match. */ |
| 397 | if (s->residue == 0) { |
| 398 | if (s->mode == USB_MSDM_DATAIN) { |
ths | 8ccc2ac | 2007-12-10 02:58:34 +0000 | [diff] [blame] | 399 | s->scsi_dev->read_data(s->scsi_dev, s->tag); |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 400 | } else if (s->mode == USB_MSDM_DATAOUT) { |
ths | 8ccc2ac | 2007-12-10 02:58:34 +0000 | [diff] [blame] | 401 | s->scsi_dev->write_data(s->scsi_dev, s->tag); |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 402 | } |
| 403 | } |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 404 | ret = len; |
| 405 | break; |
| 406 | |
| 407 | case USB_MSDM_DATAOUT: |
| 408 | DPRINTF("Data out %d/%d\n", len, s->data_len); |
| 409 | if (len > s->data_len) |
| 410 | goto fail; |
| 411 | |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 412 | s->usb_buf = data; |
| 413 | s->usb_len = len; |
| 414 | if (s->scsi_len) { |
| 415 | usb_msd_copy_data(s); |
| 416 | } |
| 417 | if (s->residue && s->usb_len) { |
| 418 | s->data_len -= s->usb_len; |
| 419 | if (s->data_len == 0) |
| 420 | s->mode = USB_MSDM_CSW; |
| 421 | s->usb_len = 0; |
| 422 | } |
| 423 | if (s->usb_len) { |
pbrook | 4d611c9 | 2006-08-12 01:04:27 +0000 | [diff] [blame] | 424 | DPRINTF("Deferring packet %p\n", p); |
| 425 | usb_defer_packet(p, usb_msd_cancel_io, s); |
| 426 | s->packet = p; |
| 427 | ret = USB_RET_ASYNC; |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 428 | } else { |
| 429 | ret = len; |
pbrook | 4d611c9 | 2006-08-12 01:04:27 +0000 | [diff] [blame] | 430 | } |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 431 | break; |
| 432 | |
| 433 | default: |
| 434 | DPRINTF("Unexpected write (len %d)\n", len); |
| 435 | goto fail; |
| 436 | } |
| 437 | break; |
| 438 | |
| 439 | case USB_TOKEN_IN: |
| 440 | if (devep != 1) |
| 441 | goto fail; |
| 442 | |
| 443 | switch (s->mode) { |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 444 | case USB_MSDM_DATAOUT: |
| 445 | if (s->data_len != 0 || len < 13) |
| 446 | goto fail; |
| 447 | /* Waiting for SCSI write to complete. */ |
| 448 | usb_defer_packet(p, usb_msd_cancel_io, s); |
| 449 | s->packet = p; |
| 450 | ret = USB_RET_ASYNC; |
| 451 | break; |
| 452 | |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 453 | case USB_MSDM_CSW: |
| 454 | DPRINTF("Command status %d tag 0x%x, len %d\n", |
| 455 | s->result, s->tag, len); |
| 456 | if (len < 13) |
| 457 | goto fail; |
| 458 | |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 459 | s->usb_len = len; |
| 460 | s->usb_buf = data; |
| 461 | usb_msd_send_status(s); |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 462 | s->mode = USB_MSDM_CBW; |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 463 | ret = 13; |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 464 | break; |
| 465 | |
| 466 | case USB_MSDM_DATAIN: |
| 467 | DPRINTF("Data in %d/%d\n", len, s->data_len); |
| 468 | if (len > s->data_len) |
| 469 | len = s->data_len; |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 470 | s->usb_buf = data; |
| 471 | s->usb_len = len; |
| 472 | if (s->scsi_len) { |
| 473 | usb_msd_copy_data(s); |
| 474 | } |
| 475 | if (s->residue && s->usb_len) { |
| 476 | s->data_len -= s->usb_len; |
| 477 | memset(s->usb_buf, 0, s->usb_len); |
| 478 | if (s->data_len == 0) |
| 479 | s->mode = USB_MSDM_CSW; |
| 480 | s->usb_len = 0; |
| 481 | } |
| 482 | if (s->usb_len) { |
pbrook | 4d611c9 | 2006-08-12 01:04:27 +0000 | [diff] [blame] | 483 | DPRINTF("Deferring packet %p\n", p); |
| 484 | usb_defer_packet(p, usb_msd_cancel_io, s); |
| 485 | s->packet = p; |
| 486 | ret = USB_RET_ASYNC; |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 487 | } else { |
| 488 | ret = len; |
pbrook | 4d611c9 | 2006-08-12 01:04:27 +0000 | [diff] [blame] | 489 | } |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 490 | break; |
| 491 | |
| 492 | default: |
| 493 | DPRINTF("Unexpected read (len %d)\n", len); |
| 494 | goto fail; |
| 495 | } |
| 496 | break; |
| 497 | |
| 498 | default: |
| 499 | DPRINTF("Bad token\n"); |
| 500 | fail: |
| 501 | ret = USB_RET_STALL; |
| 502 | break; |
| 503 | } |
| 504 | |
| 505 | return ret; |
| 506 | } |
| 507 | |
bellard | 059809e | 2006-07-19 18:06:15 +0000 | [diff] [blame] | 508 | static void usb_msd_handle_destroy(USBDevice *dev) |
| 509 | { |
| 510 | MSDState *s = (MSDState *)dev; |
| 511 | |
ths | 8ccc2ac | 2007-12-10 02:58:34 +0000 | [diff] [blame] | 512 | s->scsi_dev->destroy(s->scsi_dev); |
bellard | b56bdb3 | 2006-08-19 11:58:59 +0000 | [diff] [blame] | 513 | bdrv_delete(s->bs); |
bellard | 059809e | 2006-07-19 18:06:15 +0000 | [diff] [blame] | 514 | qemu_free(s); |
| 515 | } |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 516 | |
aliguori | bb5fc20 | 2009-03-05 23:01:15 +0000 | [diff] [blame] | 517 | USBDevice *usb_msd_init(const char *filename) |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 518 | { |
| 519 | MSDState *s; |
| 520 | BlockDriverState *bdrv; |
aurel32 | 334c024 | 2008-08-21 22:24:32 +0000 | [diff] [blame] | 521 | BlockDriver *drv = NULL; |
| 522 | const char *p1; |
| 523 | char fmt[32]; |
| 524 | |
| 525 | p1 = strchr(filename, ':'); |
| 526 | if (p1++) { |
| 527 | const char *p2; |
| 528 | |
| 529 | if (strstart(filename, "format=", &p2)) { |
| 530 | int len = MIN(p1 - p2, sizeof(fmt)); |
| 531 | pstrcpy(fmt, len, p2); |
| 532 | |
| 533 | drv = bdrv_find_format(fmt); |
| 534 | if (!drv) { |
| 535 | printf("invalid format %s\n", fmt); |
| 536 | return NULL; |
| 537 | } |
| 538 | } else if (*filename != ':') { |
| 539 | printf("unrecognized USB mass-storage option %s\n", filename); |
| 540 | return NULL; |
| 541 | } |
| 542 | |
| 543 | filename = p1; |
| 544 | } |
| 545 | |
| 546 | if (!*filename) { |
| 547 | printf("block device specification needed\n"); |
| 548 | return NULL; |
| 549 | } |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 550 | |
| 551 | s = qemu_mallocz(sizeof(MSDState)); |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 552 | |
| 553 | bdrv = bdrv_new("usb"); |
aurel32 | 334c024 | 2008-08-21 22:24:32 +0000 | [diff] [blame] | 554 | if (bdrv_open2(bdrv, filename, 0, drv) < 0) |
bellard | b56bdb3 | 2006-08-19 11:58:59 +0000 | [diff] [blame] | 555 | goto fail; |
| 556 | s->bs = bdrv; |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 557 | |
| 558 | s->dev.speed = USB_SPEED_FULL; |
| 559 | s->dev.handle_packet = usb_generic_handle_packet; |
| 560 | |
| 561 | s->dev.handle_reset = usb_msd_handle_reset; |
| 562 | s->dev.handle_control = usb_msd_handle_control; |
| 563 | s->dev.handle_data = usb_msd_handle_data; |
bellard | 059809e | 2006-07-19 18:06:15 +0000 | [diff] [blame] | 564 | s->dev.handle_destroy = usb_msd_handle_destroy; |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 565 | |
bellard | 1f6e24e | 2006-06-26 21:00:51 +0000 | [diff] [blame] | 566 | snprintf(s->dev.devname, sizeof(s->dev.devname), "QEMU USB MSD(%.16s)", |
| 567 | filename); |
| 568 | |
pbrook | a917d38 | 2006-08-29 04:52:16 +0000 | [diff] [blame] | 569 | s->scsi_dev = scsi_disk_init(bdrv, 0, usb_msd_command_complete, s); |
bellard | 059809e | 2006-07-19 18:06:15 +0000 | [diff] [blame] | 570 | usb_msd_handle_reset((USBDevice *)s); |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 571 | return (USBDevice *)s; |
bellard | b56bdb3 | 2006-08-19 11:58:59 +0000 | [diff] [blame] | 572 | fail: |
| 573 | qemu_free(s); |
| 574 | return NULL; |
pbrook | 2e5d83b | 2006-05-25 23:58:51 +0000 | [diff] [blame] | 575 | } |
aliguori | bb5fc20 | 2009-03-05 23:01:15 +0000 | [diff] [blame] | 576 | |
| 577 | BlockDriverState *usb_msd_get_bdrv(USBDevice *dev) |
| 578 | { |
| 579 | MSDState *s = (MSDState *)dev; |
| 580 | |
| 581 | return s->bs; |
| 582 | } |