]> Git Repo - qemu.git/blame - hw/usb/dev-uas.c
projects / qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
ehci: Assert state machine is sane w.r.t. EHCIQueue
[qemu.git] / hw / usb / dev-uas.c
CommitLineData
0f58f68b
GH		 1/*
2 * UAS (USB Attached SCSI) emulation
3 *
4 * Copyright Red Hat, Inc. 2012
5 *
6 * Author: Gerd Hoffmann <[email protected]>
7 *
8 * This work is licensed under the terms of the GNU GPL, version 2 or later.
9 * See the COPYING file in the top-level directory.
10 */
11
12#include "qemu-common.h"
1de7afc9
PB		 13#include "qemu/option.h"
14#include "qemu/config-file.h"
0f58f68b
GH		 15#include "trace.h"
16
17#include "hw/usb.h"
18#include "hw/usb/desc.h"
19#include "hw/scsi.h"
20#include "hw/scsi-defs.h"
21
22/* --------------------------------------------------------------------- */
23
24#define UAS_UI_COMMAND 0x01
25#define UAS_UI_SENSE 0x03
26#define UAS_UI_RESPONSE 0x04
27#define UAS_UI_TASK_MGMT 0x05
28#define UAS_UI_READ_READY 0x06
29#define UAS_UI_WRITE_READY 0x07
30
31#define UAS_RC_TMF_COMPLETE 0x00
32#define UAS_RC_INVALID_INFO_UNIT 0x02
33#define UAS_RC_TMF_NOT_SUPPORTED 0x04
34#define UAS_RC_TMF_FAILED 0x05
35#define UAS_RC_TMF_SUCCEEDED 0x08
36#define UAS_RC_INCORRECT_LUN 0x09
37#define UAS_RC_OVERLAPPED_TAG 0x0a
38
39#define UAS_TMF_ABORT_TASK 0x01
40#define UAS_TMF_ABORT_TASK_SET 0x02
41#define UAS_TMF_CLEAR_TASK_SET 0x04
42#define UAS_TMF_LOGICAL_UNIT_RESET 0x08
43#define UAS_TMF_I_T_NEXUS_RESET 0x10
44#define UAS_TMF_CLEAR_ACA 0x40
45#define UAS_TMF_QUERY_TASK 0x80
46#define UAS_TMF_QUERY_TASK_SET 0x81
47#define UAS_TMF_QUERY_ASYNC_EVENT 0x82
48
49#define UAS_PIPE_ID_COMMAND 0x01
50#define UAS_PIPE_ID_STATUS 0x02
51#define UAS_PIPE_ID_DATA_IN 0x03
52#define UAS_PIPE_ID_DATA_OUT 0x04
53
54typedef struct {
55 uint8_t id;
56 uint8_t reserved;
57 uint16_t tag;
58} QEMU_PACKED uas_ui_header;
59
60typedef struct {
61 uint8_t prio_taskattr; /* 6:3 priority, 2:0 task attribute */
62 uint8_t reserved_1;
63 uint8_t add_cdb_length; /* 7:2 additional adb length (dwords) */
64 uint8_t reserved_2;
65 uint64_t lun;
66 uint8_t cdb[16];
67 uint8_t add_cdb[];
68} QEMU_PACKED uas_ui_command;
69
70typedef struct {
71 uint16_t status_qualifier;
72 uint8_t status;
73 uint8_t reserved[7];
74 uint16_t sense_length;
75 uint8_t sense_data[18];
76} QEMU_PACKED uas_ui_sense;
77
78typedef struct {
79 uint16_t add_response_info;
80 uint8_t response_code;
81} QEMU_PACKED uas_ui_response;
82
83typedef struct {
84 uint8_t function;
85 uint8_t reserved;
86 uint16_t task_tag;
87 uint64_t lun;
88} QEMU_PACKED uas_ui_task_mgmt;
89
90typedef struct {
91 uas_ui_header hdr;
92 union {
93 uas_ui_command command;
94 uas_ui_sense sense;
95 uas_ui_task_mgmt task;
96 uas_ui_response response;
97 };
98} QEMU_PACKED uas_ui;
99
100/* --------------------------------------------------------------------- */
101
102typedef struct UASDevice UASDevice;
103typedef struct UASRequest UASRequest;
104typedef struct UASStatus UASStatus;
105
106struct UASDevice {
107 USBDevice dev;
108 SCSIBus bus;
109 UASRequest *datain;
110 UASRequest *dataout;
111 USBPacket *status;
112 QEMUBH *status_bh;
113 QTAILQ_HEAD(, UASStatus) results;
114 QTAILQ_HEAD(, UASRequest) requests;
115};
116
117struct UASRequest {
118 uint16_t tag;
119 uint64_t lun;
120 UASDevice *uas;
121 SCSIDevice *dev;
122 SCSIRequest *req;
123 USBPacket *data;
124 bool data_async;
125 bool active;
126 bool complete;
127 uint32_t buf_off;
128 uint32_t buf_size;
129 uint32_t data_off;
130 uint32_t data_size;
131 QTAILQ_ENTRY(UASRequest) next;
132};
133
134struct UASStatus {
135 uas_ui status;
136 uint32_t length;
137 QTAILQ_ENTRY(UASStatus) next;
138};
139
140/* --------------------------------------------------------------------- */
141
142enum {
143 STR_MANUFACTURER = 1,
144 STR_PRODUCT,
145 STR_SERIALNUMBER,
146 STR_CONFIG_HIGH,
147};
148
149static const USBDescStrings desc_strings = {
150 [STR_MANUFACTURER] = "QEMU",
151 [STR_PRODUCT] = "USB Attached SCSI HBA",
152 [STR_SERIALNUMBER] = "27842",
153 [STR_CONFIG_HIGH] = "High speed config (usb 2.0)",
154};
155
156static const USBDescIface desc_iface_high = {
157 .bInterfaceNumber = 0,
158 .bNumEndpoints = 4,
159 .bInterfaceClass = USB_CLASS_MASS_STORAGE,
160 .bInterfaceSubClass = 0x06, /* SCSI */
161 .bInterfaceProtocol = 0x62, /* UAS */
162 .eps = (USBDescEndpoint[]) {
163 {
164 .bEndpointAddress = USB_DIR_OUT | UAS_PIPE_ID_COMMAND,
165 .bmAttributes = USB_ENDPOINT_XFER_BULK,
166 .wMaxPacketSize = 512,
167 .extra = (uint8_t[]) {
168 0x04, /* u8 bLength */
169 0x24, /* u8 bDescriptorType */
170 UAS_PIPE_ID_COMMAND,
171 0x00, /* u8 bReserved */
172 },
173 },{
174 .bEndpointAddress = USB_DIR_IN | UAS_PIPE_ID_STATUS,
175 .bmAttributes = USB_ENDPOINT_XFER_BULK,
176 .wMaxPacketSize = 512,
177 .extra = (uint8_t[]) {
178 0x04, /* u8 bLength */
179 0x24, /* u8 bDescriptorType */
180 UAS_PIPE_ID_STATUS,
181 0x00, /* u8 bReserved */
182 },
183 },{
184 .bEndpointAddress = USB_DIR_IN | UAS_PIPE_ID_DATA_IN,
185 .bmAttributes = USB_ENDPOINT_XFER_BULK,
186 .wMaxPacketSize = 512,
187 .extra = (uint8_t[]) {
188 0x04, /* u8 bLength */
189 0x24, /* u8 bDescriptorType */
190 UAS_PIPE_ID_DATA_IN,
191 0x00, /* u8 bReserved */
192 },
193 },{
194 .bEndpointAddress = USB_DIR_OUT | UAS_PIPE_ID_DATA_OUT,
195 .bmAttributes = USB_ENDPOINT_XFER_BULK,
196 .wMaxPacketSize = 512,
197 .extra = (uint8_t[]) {
198 0x04, /* u8 bLength */
199 0x24, /* u8 bDescriptorType */
200 UAS_PIPE_ID_DATA_OUT,
201 0x00, /* u8 bReserved */
202 },
203 },
204 }
205};
206
207static const USBDescDevice desc_device_high = {
208 .bcdUSB = 0x0200,
209 .bMaxPacketSize0 = 64,
210 .bNumConfigurations = 1,
211 .confs = (USBDescConfig[]) {
212 {
213 .bNumInterfaces = 1,
214 .bConfigurationValue = 1,
215 .iConfiguration = STR_CONFIG_HIGH,
216 .bmAttributes = 0xc0,
217 .nif = 1,
218 .ifs = &desc_iface_high,
219 },
220 },
221};
222
223static const USBDesc desc = {
224 .id = {
225 .idVendor = 0x46f4, /* CRC16() of "QEMU" */
0daf5304 226 .idProduct = 0x0003,
0f58f68b
GH		 227 .bcdDevice = 0,
228 .iManufacturer = STR_MANUFACTURER,
229 .iProduct = STR_PRODUCT,
230 .iSerialNumber = STR_SERIALNUMBER,
231 },
232 .high = &desc_device_high,
233 .str = desc_strings,
234};
235
236/* --------------------------------------------------------------------- */
237
238static UASStatus *usb_uas_alloc_status(uint8_t id, uint16_t tag)
239{
240 UASStatus *st = g_new0(UASStatus, 1);
241
242 st->status.hdr.id = id;
243 st->status.hdr.tag = cpu_to_be16(tag);
244 st->length = sizeof(uas_ui_header);
245 return st;
246}
247
248static void usb_uas_send_status_bh(void *opaque)
249{
250 UASDevice *uas = opaque;
251 UASStatus *st = QTAILQ_FIRST(&uas->results);
252 USBPacket *p = uas->status;
253
254 assert(p != NULL);
255 assert(st != NULL);
256
257 uas->status = NULL;
258 usb_packet_copy(p, &st->status, st->length);
0f58f68b
GH		 259 QTAILQ_REMOVE(&uas->results, st, next);
260 g_free(st);
261
9a77a0f5 262 p->status = USB_RET_SUCCESS; /* Clear previous ASYNC status */
0f58f68b
GH		 263 usb_packet_complete(&uas->dev, p);
264}
265
266static void usb_uas_queue_status(UASDevice *uas, UASStatus *st, int length)
267{
268 st->length += length;
269 QTAILQ_INSERT_TAIL(&uas->results, st, next);
270 if (uas->status) {
271 /*
272 * Just schedule bh make sure any in-flight data transaction
273 * is finished before completing (sending) the status packet.
274 */
275 qemu_bh_schedule(uas->status_bh);
276 } else {
277 USBEndpoint *ep = usb_ep_get(&uas->dev, USB_TOKEN_IN,
278 UAS_PIPE_ID_STATUS);
279 usb_wakeup(ep);
280 }
281}
282
283static void usb_uas_queue_response(UASDevice *uas, uint16_t tag,
284 uint8_t code, uint16_t add_info)
285{
286 UASStatus *st = usb_uas_alloc_status(UAS_UI_RESPONSE, tag);
287
288 trace_usb_uas_response(uas->dev.addr, tag, code);
289 st->status.response.response_code = code;
290 st->status.response.add_response_info = cpu_to_be16(add_info);
291 usb_uas_queue_status(uas, st, sizeof(uas_ui_response));
292}
293
294static void usb_uas_queue_sense(UASRequest *req, uint8_t status)
295{
296 UASStatus *st = usb_uas_alloc_status(UAS_UI_SENSE, req->tag);
297 int len, slen = 0;
298
299 trace_usb_uas_sense(req->uas->dev.addr, req->tag, status);
300 st->status.sense.status = status;
301 st->status.sense.status_qualifier = cpu_to_be16(0);
302 if (status != GOOD) {
303 slen = scsi_req_get_sense(req->req, st->status.sense.sense_data,
304 sizeof(st->status.sense.sense_data));
305 st->status.sense.sense_length = cpu_to_be16(slen);
306 }
307 len = sizeof(uas_ui_sense) - sizeof(st->status.sense.sense_data) + slen;
308 usb_uas_queue_status(req->uas, st, len);
309}
310
311static void usb_uas_queue_read_ready(UASRequest *req)
312{
313 UASStatus *st = usb_uas_alloc_status(UAS_UI_READ_READY, req->tag);
314
315 trace_usb_uas_read_ready(req->uas->dev.addr, req->tag);
316 usb_uas_queue_status(req->uas, st, 0);
317}
318
319static void usb_uas_queue_write_ready(UASRequest *req)
320{
321 UASStatus *st = usb_uas_alloc_status(UAS_UI_WRITE_READY, req->tag);
322
323 trace_usb_uas_write_ready(req->uas->dev.addr, req->tag);
324 usb_uas_queue_status(req->uas, st, 0);
325}
326
327/* --------------------------------------------------------------------- */
328
329static int usb_uas_get_lun(uint64_t lun64)
330{
331 return (lun64 >> 48) & 0xff;
332}
333
334static SCSIDevice *usb_uas_get_dev(UASDevice *uas, uint64_t lun64)
335{
336 if ((lun64 >> 56) != 0x00) {
337 return NULL;
338 }
339 return scsi_device_find(&uas->bus, 0, 0, usb_uas_get_lun(lun64));
340}
341
342static void usb_uas_complete_data_packet(UASRequest *req)
343{
344 USBPacket *p;
345
346 if (!req->data_async) {
347 return;
348 }
349 p = req->data;
350 req->data = NULL;
351 req->data_async = false;
9a77a0f5 352 p->status = USB_RET_SUCCESS; /* Clear previous ASYNC status */
0f58f68b
GH		 353 usb_packet_complete(&req->uas->dev, p);
354}
355
356static void usb_uas_copy_data(UASRequest *req)
357{
358 uint32_t length;
359
360 length = MIN(req->buf_size - req->buf_off,
9a77a0f5 361 req->data->iov.size - req->data->actual_length);
0f58f68b 362 trace_usb_uas_xfer_data(req->uas->dev.addr, req->tag, length,
9a77a0f5 363 req->data->actual_length, req->data->iov.size,
0f58f68b
GH		 364 req->buf_off, req->buf_size);
365 usb_packet_copy(req->data, scsi_req_get_buf(req->req) + req->buf_off,
366 length);
367 req->buf_off += length;
368 req->data_off += length;
369
9a77a0f5 370 if (req->data->actual_length == req->data->iov.size) {
0f58f68b
GH		 371 usb_uas_complete_data_packet(req);
372 }
373 if (req->buf_size && req->buf_off == req->buf_size) {
374 req->buf_off = 0;
375 req->buf_size = 0;
376 scsi_req_continue(req->req);
377 }
378}
379
380static void usb_uas_start_next_transfer(UASDevice *uas)
381{
382 UASRequest *req;
383
384 QTAILQ_FOREACH(req, &uas->requests, next) {
385 if (req->active || req->complete) {
386 continue;
387 }
388 if (req->req->cmd.mode == SCSI_XFER_FROM_DEV && uas->datain == NULL) {
389 uas->datain = req;
390 usb_uas_queue_read_ready(req);
391 req->active = true;
392 return;
393 }
394 if (req->req->cmd.mode == SCSI_XFER_TO_DEV && uas->dataout == NULL) {
395 uas->dataout = req;
396 usb_uas_queue_write_ready(req);
397 req->active = true;
398 return;
399 }
400 }
401}
402
403static UASRequest *usb_uas_alloc_request(UASDevice *uas, uas_ui *ui)
404{
405 UASRequest *req;
406
407 req = g_new0(UASRequest, 1);
408 req->uas = uas;
409 req->tag = be16_to_cpu(ui->hdr.tag);
410 req->lun = be64_to_cpu(ui->command.lun);
411 req->dev = usb_uas_get_dev(req->uas, req->lun);
412 return req;
413}
414
415static void usb_uas_scsi_free_request(SCSIBus *bus, void *priv)
416{
417 UASRequest *req = priv;
418 UASDevice *uas = req->uas;
419
420 if (req == uas->datain) {
421 uas->datain = NULL;
422 }
423 if (req == uas->dataout) {
424 uas->dataout = NULL;
425 }
426 QTAILQ_REMOVE(&uas->requests, req, next);
427 g_free(req);
347e40ff 428 usb_uas_start_next_transfer(uas);
0f58f68b
GH		 429}
430
431static UASRequest *usb_uas_find_request(UASDevice *uas, uint16_t tag)
432{
433 UASRequest *req;
434
435 QTAILQ_FOREACH(req, &uas->requests, next) {
436 if (req->tag == tag) {
437 return req;
438 }
439 }
440 return NULL;
441}
442
443static void usb_uas_scsi_transfer_data(SCSIRequest *r, uint32_t len)
444{
445 UASRequest *req = r->hba_private;
446
447 trace_usb_uas_scsi_data(req->uas->dev.addr, req->tag, len);
448 req->buf_off = 0;
449 req->buf_size = len;
450 if (req->data) {
451 usb_uas_copy_data(req);
452 } else {
453 usb_uas_start_next_transfer(req->uas);
454 }
455}
456
457static void usb_uas_scsi_command_complete(SCSIRequest *r,
458 uint32_t status, size_t resid)
459{
460 UASRequest *req = r->hba_private;
0f58f68b
GH		 461
462 trace_usb_uas_scsi_complete(req->uas->dev.addr, req->tag, status, resid);
463 req->complete = true;
464 if (req->data) {
465 usb_uas_complete_data_packet(req);
466 }
467 usb_uas_queue_sense(req, status);
468 scsi_req_unref(req->req);
0f58f68b
GH		 469}
470
471static void usb_uas_scsi_request_cancelled(SCSIRequest *r)
472{
473 UASRequest *req = r->hba_private;
474
475 /* FIXME: queue notification to status pipe? */
476 scsi_req_unref(req->req);
477}
478
479static const struct SCSIBusInfo usb_uas_scsi_info = {
480 .tcq = true,
481 .max_target = 0,
482 .max_lun = 255,
483
484 .transfer_data = usb_uas_scsi_transfer_data,
485 .complete = usb_uas_scsi_command_complete,
486 .cancel = usb_uas_scsi_request_cancelled,
487 .free_request = usb_uas_scsi_free_request,
488};
489
490/* --------------------------------------------------------------------- */
491
492static void usb_uas_handle_reset(USBDevice *dev)
493{
494 UASDevice *uas = DO_UPCAST(UASDevice, dev, dev);
495 UASRequest *req, *nreq;
496 UASStatus *st, *nst;
497
498 trace_usb_uas_reset(dev->addr);
499 QTAILQ_FOREACH_SAFE(req, &uas->requests, next, nreq) {
500 scsi_req_cancel(req->req);
501 }
502 QTAILQ_FOREACH_SAFE(st, &uas->results, next, nst) {
503 QTAILQ_REMOVE(&uas->results, st, next);
504 g_free(st);
505 }
506}
507
9a77a0f5 508static void usb_uas_handle_control(USBDevice *dev, USBPacket *p,
0f58f68b
GH		 509 int request, int value, int index, int length, uint8_t *data)
510{
511 int ret;
512
513 ret = usb_desc_handle_control(dev, p, request, value, index, length, data);
514 if (ret >= 0) {
9a77a0f5 515 return;
0f58f68b
GH		 516 }
517 fprintf(stderr, "%s: unhandled control request\n", __func__);
9a77a0f5 518 p->status = USB_RET_STALL;
0f58f68b
GH		 519}
520
521static void usb_uas_cancel_io(USBDevice *dev, USBPacket *p)
522{
523 UASDevice *uas = DO_UPCAST(UASDevice, dev, dev);
524 UASRequest *req, *nreq;
525
526 if (uas->status == p) {
527 uas->status = NULL;
528 qemu_bh_cancel(uas->status_bh);
529 return;
530 }
531 QTAILQ_FOREACH_SAFE(req, &uas->requests, next, nreq) {
532 if (req->data == p) {
533 req->data = NULL;
534 return;
535 }
536 }
537 assert(!"canceled usb packet not found");
538}
539
540static void usb_uas_command(UASDevice *uas, uas_ui *ui)
541{
542 UASRequest *req;
543 uint32_t len;
544
545 req = usb_uas_find_request(uas, be16_to_cpu(ui->hdr.tag));
546 if (req) {
547 goto overlapped_tag;
548 }
549 req = usb_uas_alloc_request(uas, ui);
550 if (req->dev == NULL) {
551 goto bad_target;
552 }
553
554 trace_usb_uas_command(uas->dev.addr, req->tag,
555 usb_uas_get_lun(req->lun),
556 req->lun >> 32, req->lun & 0xffffffff);
557 QTAILQ_INSERT_TAIL(&uas->requests, req, next);
558 req->req = scsi_req_new(req->dev, req->tag,
559 usb_uas_get_lun(req->lun),
560 ui->command.cdb, req);
561 len = scsi_req_enqueue(req->req);
562 if (len) {
563 req->data_size = len;
564 scsi_req_continue(req->req);
565 }
566 return;
567
568overlapped_tag:
569 usb_uas_queue_response(uas, req->tag, UAS_RC_OVERLAPPED_TAG, 0);
570 return;
571
572bad_target:
573 /*
574 * FIXME: Seems to upset linux, is this wrong?
575 * NOTE: Happens only with no scsi devices at the bus, not sure
576 * this is a valid UAS setup in the first place.
577 */
578 usb_uas_queue_response(uas, req->tag, UAS_RC_INVALID_INFO_UNIT, 0);
579 g_free(req);
0f58f68b
GH		 580}
581
582static void usb_uas_task(UASDevice *uas, uas_ui *ui)
583{
584 uint16_t tag = be16_to_cpu(ui->hdr.tag);
585 uint64_t lun64 = be64_to_cpu(ui->task.lun);
586 SCSIDevice *dev = usb_uas_get_dev(uas, lun64);
587 int lun = usb_uas_get_lun(lun64);
588 UASRequest *req;
589 uint16_t task_tag;
590
591 req = usb_uas_find_request(uas, be16_to_cpu(ui->hdr.tag));
592 if (req) {
593 goto overlapped_tag;
594 }
595
596 switch (ui->task.function) {
597 case UAS_TMF_ABORT_TASK:
598 task_tag = be16_to_cpu(ui->task.task_tag);
599 trace_usb_uas_tmf_abort_task(uas->dev.addr, tag, task_tag);
600 if (dev == NULL) {
601 goto bad_target;
602 }
603 if (dev->lun != lun) {
604 goto incorrect_lun;
605 }
606 req = usb_uas_find_request(uas, task_tag);
607 if (req && req->dev == dev) {
608 scsi_req_cancel(req->req);
609 }
610 usb_uas_queue_response(uas, tag, UAS_RC_TMF_COMPLETE, 0);
611 break;
612
613 case UAS_TMF_LOGICAL_UNIT_RESET:
614 trace_usb_uas_tmf_logical_unit_reset(uas->dev.addr, tag, lun);
615 if (dev == NULL) {
616 goto bad_target;
617 }
618 if (dev->lun != lun) {
619 goto incorrect_lun;
620 }
621 qdev_reset_all(&dev->qdev);
622 usb_uas_queue_response(uas, tag, UAS_RC_TMF_COMPLETE, 0);
623 break;
624
625 default:
626 trace_usb_uas_tmf_unsupported(uas->dev.addr, tag, ui->task.function);
627 usb_uas_queue_response(uas, tag, UAS_RC_TMF_NOT_SUPPORTED, 0);
628 break;
629 }
630 return;
631
632overlapped_tag:
633 usb_uas_queue_response(uas, req->tag, UAS_RC_OVERLAPPED_TAG, 0);
634 return;
635
636bad_target:
637 /* FIXME: correct? [see long comment in usb_uas_command()] */
638 usb_uas_queue_response(uas, tag, UAS_RC_INVALID_INFO_UNIT, 0);
639 return;
640
641incorrect_lun:
642 usb_uas_queue_response(uas, tag, UAS_RC_INCORRECT_LUN, 0);
0f58f68b
GH		 643}
644
9a77a0f5 645static void usb_uas_handle_data(USBDevice *dev, USBPacket *p)
0f58f68b
GH		 646{
647 UASDevice *uas = DO_UPCAST(UASDevice, dev, dev);
648 uas_ui ui;
649 UASStatus *st;
650 UASRequest *req;
9a77a0f5 651 int length;
0f58f68b
GH		 652
653 switch (p->ep->nr) {
654 case UAS_PIPE_ID_COMMAND:
655 length = MIN(sizeof(ui), p->iov.size);
656 usb_packet_copy(p, &ui, length);
657 switch (ui.hdr.id) {
658 case UAS_UI_COMMAND:
659 usb_uas_command(uas, &ui);
0f58f68b
GH		 660 break;
661 case UAS_UI_TASK_MGMT:
662 usb_uas_task(uas, &ui);
0f58f68b
GH		 663 break;
664 default:
665 fprintf(stderr, "%s: unknown command ui: id 0x%x\n",
666 __func__, ui.hdr.id);
9a77a0f5 667 p->status = USB_RET_STALL;
0f58f68b
GH		 668 break;
669 }
670 break;
671 case UAS_PIPE_ID_STATUS:
672 st = QTAILQ_FIRST(&uas->results);
673 if (st == NULL) {
674 assert(uas->status == NULL);
675 uas->status = p;
9a77a0f5 676 p->status = USB_RET_ASYNC;
0f58f68b
GH		 677 break;
678 }
679 usb_packet_copy(p, &st->status, st->length);
0f58f68b
GH		 680 QTAILQ_REMOVE(&uas->results, st, next);
681 g_free(st);
682 break;
683 case UAS_PIPE_ID_DATA_IN:
684 case UAS_PIPE_ID_DATA_OUT:
685 req = (p->ep->nr == UAS_PIPE_ID_DATA_IN) ? uas->datain : uas->dataout;
686 if (req == NULL) {
687 fprintf(stderr, "%s: no inflight request\n", __func__);
9a77a0f5 688 p->status = USB_RET_STALL;
0f58f68b
GH		 689 break;
690 }
691 scsi_req_ref(req->req);
692 req->data = p;
693 usb_uas_copy_data(req);
9a77a0f5 694 if (p->actual_length == p->iov.size || req->complete) {
0f58f68b 695 req->data = NULL;
0f58f68b
GH		 696 } else {
697 req->data_async = true;
9a77a0f5 698 p->status = USB_RET_ASYNC;
0f58f68b
GH		 699 }
700 scsi_req_unref(req->req);
701 usb_uas_start_next_transfer(uas);
702 break;
703 default:
704 fprintf(stderr, "%s: invalid endpoint %d\n", __func__, p->ep->nr);
9a77a0f5 705 p->status = USB_RET_STALL;
0f58f68b
GH		 706 break;
707 }
0f58f68b
GH		 708}
709
710static void usb_uas_handle_destroy(USBDevice *dev)
711{
712 UASDevice *uas = DO_UPCAST(UASDevice, dev, dev);
713
714 qemu_bh_delete(uas->status_bh);
715}
716
717static int usb_uas_init(USBDevice *dev)
718{
719 UASDevice *uas = DO_UPCAST(UASDevice, dev, dev);
720
721 usb_desc_create_serial(dev);
722 usb_desc_init(dev);
723
724 QTAILQ_INIT(&uas->results);
725 QTAILQ_INIT(&uas->requests);
726 uas->status_bh = qemu_bh_new(usb_uas_send_status_bh, uas);
727
728 scsi_bus_new(&uas->bus, &uas->dev.qdev, &usb_uas_scsi_info);
729
730 return 0;
731}
732
733static const VMStateDescription vmstate_usb_uas = {
734 .name = "usb-uas",
735 .unmigratable = 1,
736 .fields = (VMStateField[]) {
737 VMSTATE_USB_DEVICE(dev, UASDevice),
738 VMSTATE_END_OF_LIST()
739 }
740};
741
742static void usb_uas_class_initfn(ObjectClass *klass, void *data)
743{
744 DeviceClass *dc = DEVICE_CLASS(klass);
745 USBDeviceClass *uc = USB_DEVICE_CLASS(klass);
746
747 uc->init = usb_uas_init;
748 uc->product_desc = desc_strings[STR_PRODUCT];
749 uc->usb_desc = &desc;
750 uc->cancel_packet = usb_uas_cancel_io;
751 uc->handle_attach = usb_desc_attach;
752 uc->handle_reset = usb_uas_handle_reset;
753 uc->handle_control = usb_uas_handle_control;
754 uc->handle_data = usb_uas_handle_data;
755 uc->handle_destroy = usb_uas_handle_destroy;
756 dc->fw_name = "storage";
757 dc->vmsd = &vmstate_usb_uas;
758}
759
8c43a6f0 760static const TypeInfo uas_info = {
0f58f68b
GH		 761 .name = "usb-uas",
762 .parent = TYPE_USB_DEVICE,
763 .instance_size = sizeof(UASDevice),
764 .class_init = usb_uas_class_initfn,
765};
766
767static void usb_uas_register_types(void)
768{
769 type_register_static(&uas_info);
770}
771
772type_init(usb_uas_register_types)
Empty description
This page took 0.222017 seconds and 4 git commands to generate.