Merge tag 'pull-request-2022-09-28' of https://gitlab.com/thuth/qemu into staging
[qemu.git] / hw / input / hid.c
1 /*
2 * QEMU HID devices
3 *
4 * Copyright (c) 2005 Fabrice Bellard
5 * Copyright (c) 2007 OpenMoko, Inc. (andrew@openedhand.com)
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25
26 #include "qemu/osdep.h"
27 #include "ui/console.h"
28 #include "qemu/timer.h"
29 #include "hw/input/hid.h"
30 #include "migration/vmstate.h"
31 #include "trace.h"
32
33 #define HID_USAGE_ERROR_ROLLOVER 0x01
34 #define HID_USAGE_POSTFAIL 0x02
35 #define HID_USAGE_ERROR_UNDEFINED 0x03
36
37 /* Indices are QEMU keycodes, values are from HID Usage Table. Indices
38 * above 0x80 are for keys that come after 0xe0 or 0xe1+0x1d or 0xe1+0x9d. */
39 static const uint8_t hid_usage_keys[0x100] = {
40 0x00, 0x29, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23,
41 0x24, 0x25, 0x26, 0x27, 0x2d, 0x2e, 0x2a, 0x2b,
42 0x14, 0x1a, 0x08, 0x15, 0x17, 0x1c, 0x18, 0x0c,
43 0x12, 0x13, 0x2f, 0x30, 0x28, 0xe0, 0x04, 0x16,
44 0x07, 0x09, 0x0a, 0x0b, 0x0d, 0x0e, 0x0f, 0x33,
45 0x34, 0x35, 0xe1, 0x31, 0x1d, 0x1b, 0x06, 0x19,
46 0x05, 0x11, 0x10, 0x36, 0x37, 0x38, 0xe5, 0x55,
47 0xe2, 0x2c, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e,
48 0x3f, 0x40, 0x41, 0x42, 0x43, 0x53, 0x47, 0x5f,
49 0x60, 0x61, 0x56, 0x5c, 0x5d, 0x5e, 0x57, 0x59,
50 0x5a, 0x5b, 0x62, 0x63, 0x46, 0x00, 0x64, 0x44,
51 0x45, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e,
52 0xe8, 0xe9, 0x71, 0x72, 0x73, 0x00, 0x00, 0x00,
53 0x00, 0x00, 0x00, 0x85, 0x00, 0x00, 0x00, 0x00,
54 0x88, 0x00, 0x00, 0x87, 0x00, 0x00, 0x00, 0x00,
55 0x00, 0x8a, 0x00, 0x8b, 0x00, 0x89, 0xe7, 0x65,
56
57 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
58 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
59 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
60 0x00, 0x00, 0x00, 0x00, 0x58, 0xe4, 0x00, 0x00,
61 0x7f, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
62 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x81, 0x00,
63 0x80, 0x00, 0x00, 0x00, 0x00, 0x54, 0x00, 0x46,
64 0xe6, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
65 0x00, 0x00, 0x00, 0x00, 0x00, 0x48, 0x48, 0x4a,
66 0x52, 0x4b, 0x00, 0x50, 0x00, 0x4f, 0x00, 0x4d,
67 0x51, 0x4e, 0x49, 0x4c, 0x00, 0x00, 0x00, 0x00,
68 0x00, 0x00, 0x00, 0xe3, 0xe7, 0x65, 0x66, 0x00,
69 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
70 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
71 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
72 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
73 };
74
75 bool hid_has_events(HIDState *hs)
76 {
77 return hs->n > 0 || hs->idle_pending;
78 }
79
80 static void hid_idle_timer(void *opaque)
81 {
82 HIDState *hs = opaque;
83
84 hs->idle_pending = true;
85 hs->event(hs);
86 }
87
88 static void hid_del_idle_timer(HIDState *hs)
89 {
90 if (hs->idle_timer) {
91 timer_free(hs->idle_timer);
92 hs->idle_timer = NULL;
93 }
94 }
95
96 void hid_set_next_idle(HIDState *hs)
97 {
98 if (hs->idle) {
99 uint64_t expire_time = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) +
100 NANOSECONDS_PER_SECOND * hs->idle * 4 / 1000;
101 if (!hs->idle_timer) {
102 hs->idle_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, hid_idle_timer, hs);
103 }
104 timer_mod_ns(hs->idle_timer, expire_time);
105 } else {
106 hid_del_idle_timer(hs);
107 }
108 }
109
110 static void hid_pointer_event(DeviceState *dev, QemuConsole *src,
111 InputEvent *evt)
112 {
113 static const int bmap[INPUT_BUTTON__MAX] = {
114 [INPUT_BUTTON_LEFT] = 0x01,
115 [INPUT_BUTTON_RIGHT] = 0x02,
116 [INPUT_BUTTON_MIDDLE] = 0x04,
117 [INPUT_BUTTON_SIDE] = 0x08,
118 [INPUT_BUTTON_EXTRA] = 0x10,
119 };
120 HIDState *hs = (HIDState *)dev;
121 HIDPointerEvent *e;
122 InputMoveEvent *move;
123 InputBtnEvent *btn;
124
125 assert(hs->n < QUEUE_LENGTH);
126 e = &hs->ptr.queue[(hs->head + hs->n) & QUEUE_MASK];
127
128 switch (evt->type) {
129 case INPUT_EVENT_KIND_REL:
130 move = evt->u.rel.data;
131 if (move->axis == INPUT_AXIS_X) {
132 e->xdx += move->value;
133 } else if (move->axis == INPUT_AXIS_Y) {
134 e->ydy += move->value;
135 }
136 break;
137
138 case INPUT_EVENT_KIND_ABS:
139 move = evt->u.abs.data;
140 if (move->axis == INPUT_AXIS_X) {
141 e->xdx = move->value;
142 } else if (move->axis == INPUT_AXIS_Y) {
143 e->ydy = move->value;
144 }
145 break;
146
147 case INPUT_EVENT_KIND_BTN:
148 btn = evt->u.btn.data;
149 if (btn->down) {
150 e->buttons_state |= bmap[btn->button];
151 if (btn->button == INPUT_BUTTON_WHEEL_UP) {
152 e->dz--;
153 } else if (btn->button == INPUT_BUTTON_WHEEL_DOWN) {
154 e->dz++;
155 }
156 } else {
157 e->buttons_state &= ~bmap[btn->button];
158 }
159 break;
160
161 default:
162 /* keep gcc happy */
163 break;
164 }
165
166 }
167
168 static void hid_pointer_sync(DeviceState *dev)
169 {
170 HIDState *hs = (HIDState *)dev;
171 HIDPointerEvent *prev, *curr, *next;
172 bool event_compression = false;
173
174 if (hs->n == QUEUE_LENGTH-1) {
175 /*
176 * Queue full. We are losing information, but we at least
177 * keep track of most recent button state.
178 */
179 return;
180 }
181
182 prev = &hs->ptr.queue[(hs->head + hs->n - 1) & QUEUE_MASK];
183 curr = &hs->ptr.queue[(hs->head + hs->n) & QUEUE_MASK];
184 next = &hs->ptr.queue[(hs->head + hs->n + 1) & QUEUE_MASK];
185
186 if (hs->n > 0) {
187 /*
188 * No button state change between previous and current event
189 * (and previous wasn't seen by the guest yet), so there is
190 * motion information only and we can combine the two event
191 * into one.
192 */
193 if (curr->buttons_state == prev->buttons_state) {
194 event_compression = true;
195 }
196 }
197
198 if (event_compression) {
199 /* add current motion to previous, clear current */
200 if (hs->kind == HID_MOUSE) {
201 prev->xdx += curr->xdx;
202 curr->xdx = 0;
203 prev->ydy += curr->ydy;
204 curr->ydy = 0;
205 } else {
206 prev->xdx = curr->xdx;
207 prev->ydy = curr->ydy;
208 }
209 prev->dz += curr->dz;
210 curr->dz = 0;
211 } else {
212 /* prepate next (clear rel, copy abs + btns) */
213 if (hs->kind == HID_MOUSE) {
214 next->xdx = 0;
215 next->ydy = 0;
216 } else {
217 next->xdx = curr->xdx;
218 next->ydy = curr->ydy;
219 }
220 next->dz = 0;
221 next->buttons_state = curr->buttons_state;
222 /* make current guest visible, notify guest */
223 hs->n++;
224 hs->event(hs);
225 }
226 }
227
228 static void hid_keyboard_event(DeviceState *dev, QemuConsole *src,
229 InputEvent *evt)
230 {
231 HIDState *hs = (HIDState *)dev;
232 int scancodes[3], i, count;
233 int slot;
234 InputKeyEvent *key = evt->u.key.data;
235
236 count = qemu_input_key_value_to_scancode(key->key,
237 key->down,
238 scancodes);
239 if (hs->n + count > QUEUE_LENGTH) {
240 trace_hid_kbd_queue_full();
241 return;
242 }
243 for (i = 0; i < count; i++) {
244 slot = (hs->head + hs->n) & QUEUE_MASK; hs->n++;
245 hs->kbd.keycodes[slot] = scancodes[i];
246 }
247 hs->event(hs);
248 }
249
250 static void hid_keyboard_process_keycode(HIDState *hs)
251 {
252 uint8_t hid_code, index, key;
253 int i, keycode, slot;
254
255 if (hs->n == 0) {
256 return;
257 }
258 slot = hs->head & QUEUE_MASK; QUEUE_INCR(hs->head); hs->n--;
259 keycode = hs->kbd.keycodes[slot];
260
261 if (!hs->n) {
262 trace_hid_kbd_queue_empty();
263 }
264
265 key = keycode & 0x7f;
266 index = key | ((hs->kbd.modifiers & (1 << 8)) >> 1);
267 hid_code = hid_usage_keys[index];
268 hs->kbd.modifiers &= ~(1 << 8);
269
270 switch (hid_code) {
271 case 0x00:
272 return;
273
274 case 0xe0:
275 assert(key == 0x1d);
276 if (hs->kbd.modifiers & (1 << 9)) {
277 /* The hid_codes for the 0xe1/0x1d scancode sequence are 0xe9/0xe0.
278 * Here we're processing the second hid_code. By dropping bit 9
279 * and setting bit 8, the scancode after 0x1d will access the
280 * second half of the table.
281 */
282 hs->kbd.modifiers ^= (1 << 8) | (1 << 9);
283 return;
284 }
285 /* fall through to process Ctrl_L */
286 case 0xe1 ... 0xe7:
287 /* Ctrl_L/Ctrl_R, Shift_L/Shift_R, Alt_L/Alt_R, Win_L/Win_R.
288 * Handle releases here, or fall through to process presses.
289 */
290 if (keycode & (1 << 7)) {
291 hs->kbd.modifiers &= ~(1 << (hid_code & 0x0f));
292 return;
293 }
294 /* fall through */
295 case 0xe8 ... 0xe9:
296 /* USB modifiers are just 1 byte long. Bits 8 and 9 of
297 * hs->kbd.modifiers implement a state machine that detects the
298 * 0xe0 and 0xe1/0x1d sequences. These bits do not follow the
299 * usual rules where bit 7 marks released keys; they are cleared
300 * elsewhere in the function as the state machine dictates.
301 */
302 hs->kbd.modifiers |= 1 << (hid_code & 0x0f);
303 return;
304
305 case 0xea ... 0xef:
306 abort();
307
308 default:
309 break;
310 }
311
312 if (keycode & (1 << 7)) {
313 for (i = hs->kbd.keys - 1; i >= 0; i--) {
314 if (hs->kbd.key[i] == hid_code) {
315 hs->kbd.key[i] = hs->kbd.key[-- hs->kbd.keys];
316 hs->kbd.key[hs->kbd.keys] = 0x00;
317 break;
318 }
319 }
320 if (i < 0) {
321 return;
322 }
323 } else {
324 for (i = hs->kbd.keys - 1; i >= 0; i--) {
325 if (hs->kbd.key[i] == hid_code) {
326 break;
327 }
328 }
329 if (i < 0) {
330 if (hs->kbd.keys < sizeof(hs->kbd.key)) {
331 hs->kbd.key[hs->kbd.keys++] = hid_code;
332 }
333 } else {
334 return;
335 }
336 }
337 }
338
339 static inline int int_clamp(int val, int vmin, int vmax)
340 {
341 if (val < vmin) {
342 return vmin;
343 } else if (val > vmax) {
344 return vmax;
345 } else {
346 return val;
347 }
348 }
349
350 void hid_pointer_activate(HIDState *hs)
351 {
352 if (!hs->ptr.mouse_grabbed) {
353 qemu_input_handler_activate(hs->s);
354 hs->ptr.mouse_grabbed = 1;
355 }
356 }
357
358 int hid_pointer_poll(HIDState *hs, uint8_t *buf, int len)
359 {
360 int dx, dy, dz, l;
361 int index;
362 HIDPointerEvent *e;
363
364 hs->idle_pending = false;
365
366 hid_pointer_activate(hs);
367
368 /* When the buffer is empty, return the last event. Relative
369 movements will all be zero. */
370 index = (hs->n ? hs->head : hs->head - 1);
371 e = &hs->ptr.queue[index & QUEUE_MASK];
372
373 if (hs->kind == HID_MOUSE) {
374 dx = int_clamp(e->xdx, -127, 127);
375 dy = int_clamp(e->ydy, -127, 127);
376 e->xdx -= dx;
377 e->ydy -= dy;
378 } else {
379 dx = e->xdx;
380 dy = e->ydy;
381 }
382 dz = int_clamp(e->dz, -127, 127);
383 e->dz -= dz;
384
385 if (hs->n &&
386 !e->dz &&
387 (hs->kind == HID_TABLET || (!e->xdx && !e->ydy))) {
388 /* that deals with this event */
389 QUEUE_INCR(hs->head);
390 hs->n--;
391 }
392
393 /* Appears we have to invert the wheel direction */
394 dz = 0 - dz;
395 l = 0;
396 switch (hs->kind) {
397 case HID_MOUSE:
398 if (len > l) {
399 buf[l++] = e->buttons_state;
400 }
401 if (len > l) {
402 buf[l++] = dx;
403 }
404 if (len > l) {
405 buf[l++] = dy;
406 }
407 if (len > l) {
408 buf[l++] = dz;
409 }
410 break;
411
412 case HID_TABLET:
413 if (len > l) {
414 buf[l++] = e->buttons_state;
415 }
416 if (len > l) {
417 buf[l++] = dx & 0xff;
418 }
419 if (len > l) {
420 buf[l++] = dx >> 8;
421 }
422 if (len > l) {
423 buf[l++] = dy & 0xff;
424 }
425 if (len > l) {
426 buf[l++] = dy >> 8;
427 }
428 if (len > l) {
429 buf[l++] = dz;
430 }
431 break;
432
433 default:
434 abort();
435 }
436
437 return l;
438 }
439
440 int hid_keyboard_poll(HIDState *hs, uint8_t *buf, int len)
441 {
442 hs->idle_pending = false;
443
444 if (len < 2) {
445 return 0;
446 }
447
448 hid_keyboard_process_keycode(hs);
449
450 buf[0] = hs->kbd.modifiers & 0xff;
451 buf[1] = 0;
452 if (hs->kbd.keys > 6) {
453 memset(buf + 2, HID_USAGE_ERROR_ROLLOVER, MIN(8, len) - 2);
454 } else {
455 memcpy(buf + 2, hs->kbd.key, MIN(8, len) - 2);
456 }
457
458 return MIN(8, len);
459 }
460
461 int hid_keyboard_write(HIDState *hs, uint8_t *buf, int len)
462 {
463 if (len > 0) {
464 int ledstate = 0;
465 /* 0x01: Num Lock LED
466 * 0x02: Caps Lock LED
467 * 0x04: Scroll Lock LED
468 * 0x08: Compose LED
469 * 0x10: Kana LED */
470 hs->kbd.leds = buf[0];
471 if (hs->kbd.leds & 0x04) {
472 ledstate |= QEMU_SCROLL_LOCK_LED;
473 }
474 if (hs->kbd.leds & 0x01) {
475 ledstate |= QEMU_NUM_LOCK_LED;
476 }
477 if (hs->kbd.leds & 0x02) {
478 ledstate |= QEMU_CAPS_LOCK_LED;
479 }
480 kbd_put_ledstate(ledstate);
481 }
482 return 0;
483 }
484
485 void hid_reset(HIDState *hs)
486 {
487 switch (hs->kind) {
488 case HID_KEYBOARD:
489 memset(hs->kbd.keycodes, 0, sizeof(hs->kbd.keycodes));
490 memset(hs->kbd.key, 0, sizeof(hs->kbd.key));
491 hs->kbd.keys = 0;
492 hs->kbd.modifiers = 0;
493 break;
494 case HID_MOUSE:
495 case HID_TABLET:
496 memset(hs->ptr.queue, 0, sizeof(hs->ptr.queue));
497 break;
498 }
499 hs->head = 0;
500 hs->n = 0;
501 hs->protocol = 1;
502 hs->idle = 0;
503 hs->idle_pending = false;
504 hid_del_idle_timer(hs);
505 }
506
507 void hid_free(HIDState *hs)
508 {
509 qemu_input_handler_unregister(hs->s);
510 hid_del_idle_timer(hs);
511 }
512
513 static QemuInputHandler hid_keyboard_handler = {
514 .name = "QEMU HID Keyboard",
515 .mask = INPUT_EVENT_MASK_KEY,
516 .event = hid_keyboard_event,
517 };
518
519 static QemuInputHandler hid_mouse_handler = {
520 .name = "QEMU HID Mouse",
521 .mask = INPUT_EVENT_MASK_BTN | INPUT_EVENT_MASK_REL,
522 .event = hid_pointer_event,
523 .sync = hid_pointer_sync,
524 };
525
526 static QemuInputHandler hid_tablet_handler = {
527 .name = "QEMU HID Tablet",
528 .mask = INPUT_EVENT_MASK_BTN | INPUT_EVENT_MASK_ABS,
529 .event = hid_pointer_event,
530 .sync = hid_pointer_sync,
531 };
532
533 void hid_init(HIDState *hs, int kind, HIDEventFunc event)
534 {
535 hs->kind = kind;
536 hs->event = event;
537
538 if (hs->kind == HID_KEYBOARD) {
539 hs->s = qemu_input_handler_register((DeviceState *)hs,
540 &hid_keyboard_handler);
541 qemu_input_handler_activate(hs->s);
542 } else if (hs->kind == HID_MOUSE) {
543 hs->s = qemu_input_handler_register((DeviceState *)hs,
544 &hid_mouse_handler);
545 } else if (hs->kind == HID_TABLET) {
546 hs->s = qemu_input_handler_register((DeviceState *)hs,
547 &hid_tablet_handler);
548 }
549 }
550
551 static int hid_post_load(void *opaque, int version_id)
552 {
553 HIDState *s = opaque;
554
555 hid_set_next_idle(s);
556
557 if (s->n == QUEUE_LENGTH && (s->kind == HID_TABLET ||
558 s->kind == HID_MOUSE)) {
559 /*
560 * Handle ptr device migration from old qemu with full queue.
561 *
562 * Throw away everything but the last event, so we propagate
563 * at least the current button state to the guest. Also keep
564 * current position for the tablet, signal "no motion" for the
565 * mouse.
566 */
567 HIDPointerEvent evt;
568 evt = s->ptr.queue[(s->head+s->n) & QUEUE_MASK];
569 if (s->kind == HID_MOUSE) {
570 evt.xdx = 0;
571 evt.ydy = 0;
572 }
573 s->ptr.queue[0] = evt;
574 s->head = 0;
575 s->n = 1;
576 }
577 return 0;
578 }
579
580 static const VMStateDescription vmstate_hid_ptr_queue = {
581 .name = "HIDPointerEventQueue",
582 .version_id = 1,
583 .minimum_version_id = 1,
584 .fields = (VMStateField[]) {
585 VMSTATE_INT32(xdx, HIDPointerEvent),
586 VMSTATE_INT32(ydy, HIDPointerEvent),
587 VMSTATE_INT32(dz, HIDPointerEvent),
588 VMSTATE_INT32(buttons_state, HIDPointerEvent),
589 VMSTATE_END_OF_LIST()
590 }
591 };
592
593 const VMStateDescription vmstate_hid_ptr_device = {
594 .name = "HIDPointerDevice",
595 .version_id = 1,
596 .minimum_version_id = 1,
597 .post_load = hid_post_load,
598 .fields = (VMStateField[]) {
599 VMSTATE_STRUCT_ARRAY(ptr.queue, HIDState, QUEUE_LENGTH, 0,
600 vmstate_hid_ptr_queue, HIDPointerEvent),
601 VMSTATE_UINT32(head, HIDState),
602 VMSTATE_UINT32(n, HIDState),
603 VMSTATE_INT32(protocol, HIDState),
604 VMSTATE_UINT8(idle, HIDState),
605 VMSTATE_END_OF_LIST(),
606 }
607 };
608
609 const VMStateDescription vmstate_hid_keyboard_device = {
610 .name = "HIDKeyboardDevice",
611 .version_id = 1,
612 .minimum_version_id = 1,
613 .post_load = hid_post_load,
614 .fields = (VMStateField[]) {
615 VMSTATE_UINT32_ARRAY(kbd.keycodes, HIDState, QUEUE_LENGTH),
616 VMSTATE_UINT32(head, HIDState),
617 VMSTATE_UINT32(n, HIDState),
618 VMSTATE_UINT16(kbd.modifiers, HIDState),
619 VMSTATE_UINT8(kbd.leds, HIDState),
620 VMSTATE_UINT8_ARRAY(kbd.key, HIDState, 16),
621 VMSTATE_INT32(kbd.keys, HIDState),
622 VMSTATE_INT32(protocol, HIDState),
623 VMSTATE_UINT8(idle, HIDState),
624 VMSTATE_END_OF_LIST(),
625 }
626 };