usb: sanity check setup_index+setup_len in post_load
[qemu.git] / hw / usb / bus.c
1 #include "hw/hw.h"
2 #include "hw/usb.h"
3 #include "hw/qdev.h"
4 #include "sysemu/sysemu.h"
5 #include "monitor/monitor.h"
6 #include "trace.h"
7
8 static void usb_bus_dev_print(Monitor *mon, DeviceState *qdev, int indent);
9
10 static char *usb_get_dev_path(DeviceState *dev);
11 static char *usb_get_fw_dev_path(DeviceState *qdev);
12 static int usb_qdev_exit(DeviceState *qdev);
13
14 static Property usb_props[] = {
15 DEFINE_PROP_STRING("port", USBDevice, port_path),
16 DEFINE_PROP_STRING("serial", USBDevice, serial),
17 DEFINE_PROP_BIT("full-path", USBDevice, flags,
18 USB_DEV_FLAG_FULL_PATH, true),
19 DEFINE_PROP_BIT("msos-desc", USBDevice, flags,
20 USB_DEV_FLAG_MSOS_DESC_ENABLE, true),
21 DEFINE_PROP_END_OF_LIST()
22 };
23
24 static void usb_bus_class_init(ObjectClass *klass, void *data)
25 {
26 BusClass *k = BUS_CLASS(klass);
27
28 k->print_dev = usb_bus_dev_print;
29 k->get_dev_path = usb_get_dev_path;
30 k->get_fw_dev_path = usb_get_fw_dev_path;
31 }
32
33 static const TypeInfo usb_bus_info = {
34 .name = TYPE_USB_BUS,
35 .parent = TYPE_BUS,
36 .instance_size = sizeof(USBBus),
37 .class_init = usb_bus_class_init,
38 };
39
40 static int next_usb_bus = 0;
41 static QTAILQ_HEAD(, USBBus) busses = QTAILQ_HEAD_INITIALIZER(busses);
42
43 static int usb_device_post_load(void *opaque, int version_id)
44 {
45 USBDevice *dev = opaque;
46
47 if (dev->state == USB_STATE_NOTATTACHED) {
48 dev->attached = 0;
49 } else {
50 dev->attached = 1;
51 }
52 if (dev->setup_index < 0 ||
53 dev->setup_len < 0 ||
54 dev->setup_index >= sizeof(dev->data_buf) ||
55 dev->setup_len >= sizeof(dev->data_buf)) {
56 return -EINVAL;
57 }
58 return 0;
59 }
60
61 const VMStateDescription vmstate_usb_device = {
62 .name = "USBDevice",
63 .version_id = 1,
64 .minimum_version_id = 1,
65 .post_load = usb_device_post_load,
66 .fields = (VMStateField []) {
67 VMSTATE_UINT8(addr, USBDevice),
68 VMSTATE_INT32(state, USBDevice),
69 VMSTATE_INT32(remote_wakeup, USBDevice),
70 VMSTATE_INT32(setup_state, USBDevice),
71 VMSTATE_INT32(setup_len, USBDevice),
72 VMSTATE_INT32(setup_index, USBDevice),
73 VMSTATE_UINT8_ARRAY(setup_buf, USBDevice, 8),
74 VMSTATE_END_OF_LIST(),
75 }
76 };
77
78 void usb_bus_new(USBBus *bus, size_t bus_size,
79 USBBusOps *ops, DeviceState *host)
80 {
81 qbus_create_inplace(bus, bus_size, TYPE_USB_BUS, host, NULL);
82 bus->ops = ops;
83 bus->busnr = next_usb_bus++;
84 bus->qbus.allow_hotplug = 1; /* Yes, we can */
85 QTAILQ_INIT(&bus->free);
86 QTAILQ_INIT(&bus->used);
87 QTAILQ_INSERT_TAIL(&busses, bus, next);
88 }
89
90 USBBus *usb_bus_find(int busnr)
91 {
92 USBBus *bus;
93
94 if (-1 == busnr)
95 return QTAILQ_FIRST(&busses);
96 QTAILQ_FOREACH(bus, &busses, next) {
97 if (bus->busnr == busnr)
98 return bus;
99 }
100 return NULL;
101 }
102
103 static int usb_device_init(USBDevice *dev)
104 {
105 USBDeviceClass *klass = USB_DEVICE_GET_CLASS(dev);
106 if (klass->init) {
107 return klass->init(dev);
108 }
109 return 0;
110 }
111
112 USBDevice *usb_device_find_device(USBDevice *dev, uint8_t addr)
113 {
114 USBDeviceClass *klass = USB_DEVICE_GET_CLASS(dev);
115 if (klass->find_device) {
116 return klass->find_device(dev, addr);
117 }
118 return NULL;
119 }
120
121 static void usb_device_handle_destroy(USBDevice *dev)
122 {
123 USBDeviceClass *klass = USB_DEVICE_GET_CLASS(dev);
124 if (klass->handle_destroy) {
125 klass->handle_destroy(dev);
126 }
127 }
128
129 void usb_device_cancel_packet(USBDevice *dev, USBPacket *p)
130 {
131 USBDeviceClass *klass = USB_DEVICE_GET_CLASS(dev);
132 if (klass->cancel_packet) {
133 klass->cancel_packet(dev, p);
134 }
135 }
136
137 void usb_device_handle_attach(USBDevice *dev)
138 {
139 USBDeviceClass *klass = USB_DEVICE_GET_CLASS(dev);
140 if (klass->handle_attach) {
141 klass->handle_attach(dev);
142 }
143 }
144
145 void usb_device_handle_reset(USBDevice *dev)
146 {
147 USBDeviceClass *klass = USB_DEVICE_GET_CLASS(dev);
148 if (klass->handle_reset) {
149 klass->handle_reset(dev);
150 }
151 }
152
153 void usb_device_handle_control(USBDevice *dev, USBPacket *p, int request,
154 int value, int index, int length, uint8_t *data)
155 {
156 USBDeviceClass *klass = USB_DEVICE_GET_CLASS(dev);
157 if (klass->handle_control) {
158 klass->handle_control(dev, p, request, value, index, length, data);
159 }
160 }
161
162 void usb_device_handle_data(USBDevice *dev, USBPacket *p)
163 {
164 USBDeviceClass *klass = USB_DEVICE_GET_CLASS(dev);
165 if (klass->handle_data) {
166 klass->handle_data(dev, p);
167 }
168 }
169
170 const char *usb_device_get_product_desc(USBDevice *dev)
171 {
172 USBDeviceClass *klass = USB_DEVICE_GET_CLASS(dev);
173 return klass->product_desc;
174 }
175
176 const USBDesc *usb_device_get_usb_desc(USBDevice *dev)
177 {
178 USBDeviceClass *klass = USB_DEVICE_GET_CLASS(dev);
179 if (dev->usb_desc) {
180 return dev->usb_desc;
181 }
182 return klass->usb_desc;
183 }
184
185 void usb_device_set_interface(USBDevice *dev, int interface,
186 int alt_old, int alt_new)
187 {
188 USBDeviceClass *klass = USB_DEVICE_GET_CLASS(dev);
189 if (klass->set_interface) {
190 klass->set_interface(dev, interface, alt_old, alt_new);
191 }
192 }
193
194 void usb_device_flush_ep_queue(USBDevice *dev, USBEndpoint *ep)
195 {
196 USBDeviceClass *klass = USB_DEVICE_GET_CLASS(dev);
197 if (klass->flush_ep_queue) {
198 klass->flush_ep_queue(dev, ep);
199 }
200 }
201
202 void usb_device_ep_stopped(USBDevice *dev, USBEndpoint *ep)
203 {
204 USBDeviceClass *klass = USB_DEVICE_GET_CLASS(dev);
205 if (klass->ep_stopped) {
206 klass->ep_stopped(dev, ep);
207 }
208 }
209
210 int usb_device_alloc_streams(USBDevice *dev, USBEndpoint **eps, int nr_eps,
211 int streams)
212 {
213 USBDeviceClass *klass = USB_DEVICE_GET_CLASS(dev);
214 if (klass->alloc_streams) {
215 return klass->alloc_streams(dev, eps, nr_eps, streams);
216 }
217 return 0;
218 }
219
220 void usb_device_free_streams(USBDevice *dev, USBEndpoint **eps, int nr_eps)
221 {
222 USBDeviceClass *klass = USB_DEVICE_GET_CLASS(dev);
223 if (klass->free_streams) {
224 klass->free_streams(dev, eps, nr_eps);
225 }
226 }
227
228 static int usb_qdev_init(DeviceState *qdev)
229 {
230 USBDevice *dev = USB_DEVICE(qdev);
231 int rc;
232
233 pstrcpy(dev->product_desc, sizeof(dev->product_desc),
234 usb_device_get_product_desc(dev));
235 dev->auto_attach = 1;
236 QLIST_INIT(&dev->strings);
237 usb_ep_init(dev);
238 rc = usb_claim_port(dev);
239 if (rc != 0) {
240 return rc;
241 }
242 rc = usb_device_init(dev);
243 if (rc != 0) {
244 usb_release_port(dev);
245 return rc;
246 }
247 if (dev->auto_attach) {
248 rc = usb_device_attach(dev);
249 if (rc != 0) {
250 usb_qdev_exit(qdev);
251 return rc;
252 }
253 }
254 return 0;
255 }
256
257 static int usb_qdev_exit(DeviceState *qdev)
258 {
259 USBDevice *dev = USB_DEVICE(qdev);
260
261 if (dev->attached) {
262 usb_device_detach(dev);
263 }
264 usb_device_handle_destroy(dev);
265 if (dev->port) {
266 usb_release_port(dev);
267 }
268 return 0;
269 }
270
271 typedef struct LegacyUSBFactory
272 {
273 const char *name;
274 const char *usbdevice_name;
275 USBDevice *(*usbdevice_init)(USBBus *bus, const char *params);
276 } LegacyUSBFactory;
277
278 static GSList *legacy_usb_factory;
279
280 void usb_legacy_register(const char *typename, const char *usbdevice_name,
281 USBDevice *(*usbdevice_init)(USBBus *bus,
282 const char *params))
283 {
284 if (usbdevice_name) {
285 LegacyUSBFactory *f = g_malloc0(sizeof(*f));
286 f->name = typename;
287 f->usbdevice_name = usbdevice_name;
288 f->usbdevice_init = usbdevice_init;
289 legacy_usb_factory = g_slist_append(legacy_usb_factory, f);
290 }
291 }
292
293 USBDevice *usb_create(USBBus *bus, const char *name)
294 {
295 DeviceState *dev;
296
297 dev = qdev_create(&bus->qbus, name);
298 return USB_DEVICE(dev);
299 }
300
301 USBDevice *usb_create_simple(USBBus *bus, const char *name)
302 {
303 USBDevice *dev = usb_create(bus, name);
304 int rc;
305
306 if (!dev) {
307 error_report("Failed to create USB device '%s'", name);
308 return NULL;
309 }
310 rc = qdev_init(&dev->qdev);
311 if (rc < 0) {
312 error_report("Failed to initialize USB device '%s'", name);
313 return NULL;
314 }
315 return dev;
316 }
317
318 static void usb_fill_port(USBPort *port, void *opaque, int index,
319 USBPortOps *ops, int speedmask)
320 {
321 port->opaque = opaque;
322 port->index = index;
323 port->ops = ops;
324 port->speedmask = speedmask;
325 usb_port_location(port, NULL, index + 1);
326 }
327
328 void usb_register_port(USBBus *bus, USBPort *port, void *opaque, int index,
329 USBPortOps *ops, int speedmask)
330 {
331 usb_fill_port(port, opaque, index, ops, speedmask);
332 QTAILQ_INSERT_TAIL(&bus->free, port, next);
333 bus->nfree++;
334 }
335
336 int usb_register_companion(const char *masterbus, USBPort *ports[],
337 uint32_t portcount, uint32_t firstport,
338 void *opaque, USBPortOps *ops, int speedmask)
339 {
340 USBBus *bus;
341 int i;
342
343 QTAILQ_FOREACH(bus, &busses, next) {
344 if (strcmp(bus->qbus.name, masterbus) == 0) {
345 break;
346 }
347 }
348
349 if (!bus || !bus->ops->register_companion) {
350 qerror_report(QERR_INVALID_PARAMETER_VALUE, "masterbus",
351 "an USB masterbus");
352 if (bus) {
353 error_printf_unless_qmp(
354 "USB bus '%s' does not allow companion controllers\n",
355 masterbus);
356 }
357 return -1;
358 }
359
360 for (i = 0; i < portcount; i++) {
361 usb_fill_port(ports[i], opaque, i, ops, speedmask);
362 }
363
364 return bus->ops->register_companion(bus, ports, portcount, firstport);
365 }
366
367 void usb_port_location(USBPort *downstream, USBPort *upstream, int portnr)
368 {
369 if (upstream) {
370 snprintf(downstream->path, sizeof(downstream->path), "%s.%d",
371 upstream->path, portnr);
372 downstream->hubcount = upstream->hubcount + 1;
373 } else {
374 snprintf(downstream->path, sizeof(downstream->path), "%d", portnr);
375 downstream->hubcount = 0;
376 }
377 }
378
379 void usb_unregister_port(USBBus *bus, USBPort *port)
380 {
381 if (port->dev) {
382 object_unparent(OBJECT(port->dev));
383 }
384 QTAILQ_REMOVE(&bus->free, port, next);
385 bus->nfree--;
386 }
387
388 int usb_claim_port(USBDevice *dev)
389 {
390 USBBus *bus = usb_bus_from_device(dev);
391 USBPort *port;
392
393 assert(dev->port == NULL);
394
395 if (dev->port_path) {
396 QTAILQ_FOREACH(port, &bus->free, next) {
397 if (strcmp(port->path, dev->port_path) == 0) {
398 break;
399 }
400 }
401 if (port == NULL) {
402 error_report("Error: usb port %s (bus %s) not found (in use?)",
403 dev->port_path, bus->qbus.name);
404 return -1;
405 }
406 } else {
407 if (bus->nfree == 1 && strcmp(object_get_typename(OBJECT(dev)), "usb-hub") != 0) {
408 /* Create a new hub and chain it on */
409 usb_create_simple(bus, "usb-hub");
410 }
411 if (bus->nfree == 0) {
412 error_report("Error: tried to attach usb device %s to a bus "
413 "with no free ports", dev->product_desc);
414 return -1;
415 }
416 port = QTAILQ_FIRST(&bus->free);
417 }
418 trace_usb_port_claim(bus->busnr, port->path);
419
420 QTAILQ_REMOVE(&bus->free, port, next);
421 bus->nfree--;
422
423 dev->port = port;
424 port->dev = dev;
425
426 QTAILQ_INSERT_TAIL(&bus->used, port, next);
427 bus->nused++;
428 return 0;
429 }
430
431 void usb_release_port(USBDevice *dev)
432 {
433 USBBus *bus = usb_bus_from_device(dev);
434 USBPort *port = dev->port;
435
436 assert(port != NULL);
437 trace_usb_port_release(bus->busnr, port->path);
438
439 QTAILQ_REMOVE(&bus->used, port, next);
440 bus->nused--;
441
442 dev->port = NULL;
443 port->dev = NULL;
444
445 QTAILQ_INSERT_TAIL(&bus->free, port, next);
446 bus->nfree++;
447 }
448
449 static void usb_mask_to_str(char *dest, size_t size,
450 unsigned int speedmask)
451 {
452 static const struct {
453 unsigned int mask;
454 const char *name;
455 } speeds[] = {
456 { .mask = USB_SPEED_MASK_FULL, .name = "full" },
457 { .mask = USB_SPEED_MASK_HIGH, .name = "high" },
458 { .mask = USB_SPEED_MASK_SUPER, .name = "super" },
459 };
460 int i, pos = 0;
461
462 for (i = 0; i < ARRAY_SIZE(speeds); i++) {
463 if (speeds[i].mask & speedmask) {
464 pos += snprintf(dest + pos, size - pos, "%s%s",
465 pos ? "+" : "",
466 speeds[i].name);
467 }
468 }
469 }
470
471 int usb_device_attach(USBDevice *dev)
472 {
473 USBBus *bus = usb_bus_from_device(dev);
474 USBPort *port = dev->port;
475 char devspeed[32], portspeed[32];
476
477 assert(port != NULL);
478 assert(!dev->attached);
479 usb_mask_to_str(devspeed, sizeof(devspeed), dev->speedmask);
480 usb_mask_to_str(portspeed, sizeof(portspeed), port->speedmask);
481 trace_usb_port_attach(bus->busnr, port->path,
482 devspeed, portspeed);
483
484 if (!(port->speedmask & dev->speedmask)) {
485 error_report("Warning: speed mismatch trying to attach"
486 " usb device \"%s\" (%s speed)"
487 " to bus \"%s\", port \"%s\" (%s speed)",
488 dev->product_desc, devspeed,
489 bus->qbus.name, port->path, portspeed);
490 return -1;
491 }
492
493 dev->attached++;
494 usb_attach(port);
495
496 return 0;
497 }
498
499 int usb_device_detach(USBDevice *dev)
500 {
501 USBBus *bus = usb_bus_from_device(dev);
502 USBPort *port = dev->port;
503
504 assert(port != NULL);
505 assert(dev->attached);
506 trace_usb_port_detach(bus->busnr, port->path);
507
508 usb_detach(port);
509 dev->attached--;
510 return 0;
511 }
512
513 int usb_device_delete_addr(int busnr, int addr)
514 {
515 USBBus *bus;
516 USBPort *port;
517 USBDevice *dev;
518
519 bus = usb_bus_find(busnr);
520 if (!bus)
521 return -1;
522
523 QTAILQ_FOREACH(port, &bus->used, next) {
524 if (port->dev->addr == addr)
525 break;
526 }
527 if (!port)
528 return -1;
529 dev = port->dev;
530
531 object_unparent(OBJECT(dev));
532 return 0;
533 }
534
535 static const char *usb_speed(unsigned int speed)
536 {
537 static const char *txt[] = {
538 [ USB_SPEED_LOW ] = "1.5",
539 [ USB_SPEED_FULL ] = "12",
540 [ USB_SPEED_HIGH ] = "480",
541 [ USB_SPEED_SUPER ] = "5000",
542 };
543 if (speed >= ARRAY_SIZE(txt))
544 return "?";
545 return txt[speed];
546 }
547
548 static void usb_bus_dev_print(Monitor *mon, DeviceState *qdev, int indent)
549 {
550 USBDevice *dev = USB_DEVICE(qdev);
551 USBBus *bus = usb_bus_from_device(dev);
552
553 monitor_printf(mon, "%*saddr %d.%d, port %s, speed %s, name %s%s\n",
554 indent, "", bus->busnr, dev->addr,
555 dev->port ? dev->port->path : "-",
556 usb_speed(dev->speed), dev->product_desc,
557 dev->attached ? ", attached" : "");
558 }
559
560 static char *usb_get_dev_path(DeviceState *qdev)
561 {
562 USBDevice *dev = USB_DEVICE(qdev);
563 DeviceState *hcd = qdev->parent_bus->parent;
564 char *id = NULL;
565
566 if (dev->flags & (1 << USB_DEV_FLAG_FULL_PATH)) {
567 id = qdev_get_dev_path(hcd);
568 }
569 if (id) {
570 char *ret = g_strdup_printf("%s/%s", id, dev->port->path);
571 g_free(id);
572 return ret;
573 } else {
574 return g_strdup(dev->port->path);
575 }
576 }
577
578 static char *usb_get_fw_dev_path(DeviceState *qdev)
579 {
580 USBDevice *dev = USB_DEVICE(qdev);
581 char *fw_path, *in;
582 ssize_t pos = 0, fw_len;
583 long nr;
584
585 fw_len = 32 + strlen(dev->port->path) * 6;
586 fw_path = g_malloc(fw_len);
587 in = dev->port->path;
588 while (fw_len - pos > 0) {
589 nr = strtol(in, &in, 10);
590 if (in[0] == '.') {
591 /* some hub between root port and device */
592 pos += snprintf(fw_path + pos, fw_len - pos, "hub@%ld/", nr);
593 in++;
594 } else {
595 /* the device itself */
596 pos += snprintf(fw_path + pos, fw_len - pos, "%s@%ld",
597 qdev_fw_name(qdev), nr);
598 break;
599 }
600 }
601 return fw_path;
602 }
603
604 void usb_info(Monitor *mon, const QDict *qdict)
605 {
606 USBBus *bus;
607 USBDevice *dev;
608 USBPort *port;
609
610 if (QTAILQ_EMPTY(&busses)) {
611 monitor_printf(mon, "USB support not enabled\n");
612 return;
613 }
614
615 QTAILQ_FOREACH(bus, &busses, next) {
616 QTAILQ_FOREACH(port, &bus->used, next) {
617 dev = port->dev;
618 if (!dev)
619 continue;
620 monitor_printf(mon, " Device %d.%d, Port %s, Speed %s Mb/s, Product %s\n",
621 bus->busnr, dev->addr, port->path, usb_speed(dev->speed),
622 dev->product_desc);
623 }
624 }
625 }
626
627 /* handle legacy -usbdevice cmd line option */
628 USBDevice *usbdevice_create(const char *cmdline)
629 {
630 USBBus *bus = usb_bus_find(-1 /* any */);
631 LegacyUSBFactory *f = NULL;
632 GSList *i;
633 char driver[32];
634 const char *params;
635 int len;
636
637 params = strchr(cmdline,':');
638 if (params) {
639 params++;
640 len = params - cmdline;
641 if (len > sizeof(driver))
642 len = sizeof(driver);
643 pstrcpy(driver, len, cmdline);
644 } else {
645 params = "";
646 pstrcpy(driver, sizeof(driver), cmdline);
647 }
648
649 for (i = legacy_usb_factory; i; i = i->next) {
650 f = i->data;
651 if (strcmp(f->usbdevice_name, driver) == 0) {
652 break;
653 }
654 }
655 if (i == NULL) {
656 #if 0
657 /* no error because some drivers are not converted (yet) */
658 error_report("usbdevice %s not found", driver);
659 #endif
660 return NULL;
661 }
662
663 if (!bus) {
664 error_report("Error: no usb bus to attach usbdevice %s, "
665 "please try -machine usb=on and check that "
666 "the machine model supports USB", driver);
667 return NULL;
668 }
669
670 if (!f->usbdevice_init) {
671 if (*params) {
672 error_report("usbdevice %s accepts no params", driver);
673 return NULL;
674 }
675 return usb_create_simple(bus, f->name);
676 }
677 return f->usbdevice_init(bus, params);
678 }
679
680 static void usb_device_class_init(ObjectClass *klass, void *data)
681 {
682 DeviceClass *k = DEVICE_CLASS(klass);
683 k->bus_type = TYPE_USB_BUS;
684 k->init = usb_qdev_init;
685 k->unplug = qdev_simple_unplug_cb;
686 k->exit = usb_qdev_exit;
687 k->props = usb_props;
688 }
689
690 static const TypeInfo usb_device_type_info = {
691 .name = TYPE_USB_DEVICE,
692 .parent = TYPE_DEVICE,
693 .instance_size = sizeof(USBDevice),
694 .abstract = true,
695 .class_size = sizeof(USBDeviceClass),
696 .class_init = usb_device_class_init,
697 };
698
699 static void usb_register_types(void)
700 {
701 type_register_static(&usb_bus_info);
702 type_register_static(&usb_device_type_info);
703 }
704
705 type_init(usb_register_types)