2 * USB Mass Storage Device emulation
4 * Copyright (c) 2006 CodeSourcery.
5 * Written by Paul Brook
7 * This code is licenced under the LGPL.
10 #include "qemu-common.h"
11 #include "qemu-option.h"
12 #include "qemu-config.h"
24 #define DPRINTF(fmt, ...) \
25 do { printf("usb-msd: " fmt , ## __VA_ARGS__); } while (0)
27 #define DPRINTF(fmt, ...) do {} while(0)
31 #define MassStorageReset 0xff
32 #define GetMaxLun 0xfe
35 USB_MSDM_CBW, /* Command Block. */
36 USB_MSDM_DATAOUT, /* Tranfer data to device. */
37 USB_MSDM_DATAIN, /* Transfer data from device. */
38 USB_MSDM_CSW /* Command Status. */
55 /* For async completion. */
82 static const USBDescStrings desc_strings = {
83 [STR_MANUFACTURER] = "QEMU " QEMU_VERSION,
84 [STR_PRODUCT] = "QEMU USB HARDDRIVE",
85 [STR_SERIALNUMBER] = "1",
88 static const USBDescIface desc_iface0 = {
89 .bInterfaceNumber = 0,
91 .bInterfaceClass = USB_CLASS_MASS_STORAGE,
92 .bInterfaceSubClass = 0x06, /* SCSI */
93 .bInterfaceProtocol = 0x50, /* Bulk */
94 .eps = (USBDescEndpoint[]) {
96 .bEndpointAddress = USB_DIR_IN | 0x01,
97 .bmAttributes = USB_ENDPOINT_XFER_BULK,
100 .bEndpointAddress = USB_DIR_OUT | 0x02,
101 .bmAttributes = USB_ENDPOINT_XFER_BULK,
102 .wMaxPacketSize = 64,
107 static const USBDescDevice desc_device = {
109 .bMaxPacketSize0 = 8,
110 .bNumConfigurations = 1,
111 .confs = (USBDescConfig[]) {
114 .bConfigurationValue = 1,
115 .bmAttributes = 0xc0,
121 static const USBDesc desc = {
126 .iManufacturer = STR_MANUFACTURER,
127 .iProduct = STR_PRODUCT,
128 .iSerialNumber = STR_SERIALNUMBER,
130 .full = &desc_device,
134 static void usb_msd_copy_data(MSDState *s)
138 if (len > s->scsi_len)
140 if (s->mode == USB_MSDM_DATAIN) {
141 memcpy(s->usb_buf, s->scsi_buf, len);
143 memcpy(s->scsi_buf, s->usb_buf, len);
150 if (s->scsi_len == 0) {
151 if (s->mode == USB_MSDM_DATAIN) {
152 s->scsi_dev->info->read_data(s->scsi_dev, s->tag);
153 } else if (s->mode == USB_MSDM_DATAOUT) {
154 s->scsi_dev->info->write_data(s->scsi_dev, s->tag);
159 static void usb_msd_send_status(MSDState *s)
161 struct usb_msd_csw csw;
163 csw.sig = cpu_to_le32(0x53425355);
164 csw.tag = cpu_to_le32(s->tag);
165 csw.residue = s->residue;
166 csw.status = s->result;
167 memcpy(s->usb_buf, &csw, 13);
170 static void usb_msd_command_complete(SCSIBus *bus, int reason, uint32_t tag,
173 MSDState *s = DO_UPCAST(MSDState, dev.qdev, bus->qbus.parent);
174 USBPacket *p = s->packet;
177 fprintf(stderr, "usb-msd: Unexpected SCSI Tag 0x%x\n", tag);
179 if (reason == SCSI_REASON_DONE) {
180 DPRINTF("Command complete %d\n", arg);
181 s->residue = s->data_len;
182 s->result = arg != 0;
184 if (s->data_len == 0 && s->mode == USB_MSDM_DATAOUT) {
185 /* A deferred packet with no write data remaining must be
186 the status read packet. */
187 usb_msd_send_status(s);
188 s->mode = USB_MSDM_CBW;
191 s->data_len -= s->usb_len;
192 if (s->mode == USB_MSDM_DATAIN)
193 memset(s->usb_buf, 0, s->usb_len);
196 if (s->data_len == 0)
197 s->mode = USB_MSDM_CSW;
200 usb_packet_complete(p);
201 } else if (s->data_len == 0) {
202 s->mode = USB_MSDM_CSW;
207 s->scsi_buf = s->scsi_dev->info->get_buf(s->scsi_dev, tag);
209 usb_msd_copy_data(s);
210 if (s->usb_len == 0) {
211 /* Set s->packet to NULL before calling usb_packet_complete
212 because annother request may be issued before
213 usb_packet_complete returns. */
214 DPRINTF("Packet complete %p\n", p);
216 usb_packet_complete(p);
221 static void usb_msd_handle_reset(USBDevice *dev)
223 MSDState *s = (MSDState *)dev;
226 s->mode = USB_MSDM_CBW;
229 static int usb_msd_handle_control(USBDevice *dev, int request, int value,
230 int index, int length, uint8_t *data)
232 MSDState *s = (MSDState *)dev;
235 ret = usb_desc_handle_control(dev, request, value, index, length, data);
242 case DeviceRequest | USB_REQ_GET_STATUS:
243 data[0] = (1 << USB_DEVICE_SELF_POWERED) |
244 (dev->remote_wakeup << USB_DEVICE_REMOTE_WAKEUP);
248 case DeviceOutRequest | USB_REQ_CLEAR_FEATURE:
249 if (value == USB_DEVICE_REMOTE_WAKEUP) {
250 dev->remote_wakeup = 0;
256 case DeviceOutRequest | USB_REQ_SET_FEATURE:
257 if (value == USB_DEVICE_REMOTE_WAKEUP) {
258 dev->remote_wakeup = 1;
264 case DeviceRequest | USB_REQ_GET_CONFIGURATION:
268 case DeviceOutRequest | USB_REQ_SET_CONFIGURATION:
271 case DeviceRequest | USB_REQ_GET_INTERFACE:
275 case DeviceOutRequest | USB_REQ_SET_INTERFACE:
278 case EndpointOutRequest | USB_REQ_CLEAR_FEATURE:
281 case InterfaceOutRequest | USB_REQ_SET_INTERFACE:
284 /* Class specific requests. */
285 case ClassInterfaceOutRequest | MassStorageReset:
286 /* Reset state ready for the next CBW. */
287 s->mode = USB_MSDM_CBW;
290 case ClassInterfaceRequest | GetMaxLun:
302 static void usb_msd_cancel_io(USBPacket *p, void *opaque)
304 MSDState *s = opaque;
305 s->scsi_dev->info->cancel_io(s->scsi_dev, s->tag);
310 static int usb_msd_handle_data(USBDevice *dev, USBPacket *p)
312 MSDState *s = (MSDState *)dev;
314 struct usb_msd_cbw cbw;
315 uint8_t devep = p->devep;
316 uint8_t *data = p->data;
327 fprintf(stderr, "usb-msd: Bad CBW size");
330 memcpy(&cbw, data, 31);
331 if (le32_to_cpu(cbw.sig) != 0x43425355) {
332 fprintf(stderr, "usb-msd: Bad signature %08x\n",
333 le32_to_cpu(cbw.sig));
336 DPRINTF("Command on LUN %d\n", cbw.lun);
338 fprintf(stderr, "usb-msd: Bad LUN %d\n", cbw.lun);
341 s->tag = le32_to_cpu(cbw.tag);
342 s->data_len = le32_to_cpu(cbw.data_len);
343 if (s->data_len == 0) {
344 s->mode = USB_MSDM_CSW;
345 } else if (cbw.flags & 0x80) {
346 s->mode = USB_MSDM_DATAIN;
348 s->mode = USB_MSDM_DATAOUT;
350 DPRINTF("Command tag 0x%x flags %08x len %d data %d\n",
351 s->tag, cbw.flags, cbw.cmd_len, s->data_len);
353 s->scsi_dev->info->send_command(s->scsi_dev, s->tag, cbw.cmd, 0);
354 /* ??? Should check that USB and SCSI data transfer
356 if (s->residue == 0) {
357 if (s->mode == USB_MSDM_DATAIN) {
358 s->scsi_dev->info->read_data(s->scsi_dev, s->tag);
359 } else if (s->mode == USB_MSDM_DATAOUT) {
360 s->scsi_dev->info->write_data(s->scsi_dev, s->tag);
366 case USB_MSDM_DATAOUT:
367 DPRINTF("Data out %d/%d\n", len, s->data_len);
368 if (len > s->data_len)
374 usb_msd_copy_data(s);
376 if (s->residue && s->usb_len) {
377 s->data_len -= s->usb_len;
378 if (s->data_len == 0)
379 s->mode = USB_MSDM_CSW;
383 DPRINTF("Deferring packet %p\n", p);
384 usb_defer_packet(p, usb_msd_cancel_io, s);
393 DPRINTF("Unexpected write (len %d)\n", len);
403 case USB_MSDM_DATAOUT:
404 if (s->data_len != 0 || len < 13)
406 /* Waiting for SCSI write to complete. */
407 usb_defer_packet(p, usb_msd_cancel_io, s);
413 DPRINTF("Command status %d tag 0x%x, len %d\n",
414 s->result, s->tag, len);
420 usb_msd_send_status(s);
421 s->mode = USB_MSDM_CBW;
425 case USB_MSDM_DATAIN:
426 DPRINTF("Data in %d/%d\n", len, s->data_len);
427 if (len > s->data_len)
432 usb_msd_copy_data(s);
434 if (s->residue && s->usb_len) {
435 s->data_len -= s->usb_len;
436 memset(s->usb_buf, 0, s->usb_len);
437 if (s->data_len == 0)
438 s->mode = USB_MSDM_CSW;
442 DPRINTF("Deferring packet %p\n", p);
443 usb_defer_packet(p, usb_msd_cancel_io, s);
452 DPRINTF("Unexpected read (len %d)\n", len);
458 DPRINTF("Bad token\n");
467 static void usb_msd_password_cb(void *opaque, int err)
469 MSDState *s = opaque;
472 usb_device_attach(&s->dev);
474 qdev_unplug(&s->dev.qdev);
477 static int usb_msd_initfn(USBDevice *dev)
479 MSDState *s = DO_UPCAST(MSDState, dev, dev);
480 BlockDriverState *bs = s->conf.bs;
484 error_report("usb-msd: drive property not set");
489 * Hack alert: this pretends to be a block device, but it's really
490 * a SCSI bus that can serve only a single device, which it
491 * creates automatically. But first it needs to detach from its
492 * blockdev, or else scsi_bus_legacy_add_drive() dies when it
495 * The hack is probably a bad idea.
497 bdrv_detach(bs, &s->dev.qdev);
500 dinfo = drive_get_by_blockdev(bs);
501 if (dinfo && dinfo->serial) {
502 usb_desc_set_string(dev, STR_SERIALNUMBER, dinfo->serial);
505 s->dev.speed = USB_SPEED_FULL;
506 scsi_bus_new(&s->bus, &s->dev.qdev, 0, 1, usb_msd_command_complete);
507 s->scsi_dev = scsi_bus_legacy_add_drive(&s->bus, bs, 0);
511 s->bus.qbus.allow_hotplug = 0;
512 usb_msd_handle_reset(dev);
514 if (bdrv_key_required(bs)) {
516 monitor_read_bdrv_key_start(cur_mon, bs, usb_msd_password_cb, s);
517 s->dev.auto_attach = 0;
526 static USBDevice *usb_msd_init(const char *filename)
537 /* parse -usbdevice disk: syntax into drive opts */
538 snprintf(id, sizeof(id), "usb%d", nr++);
539 opts = qemu_opts_create(qemu_find_opts("drive"), id, 0);
541 p1 = strchr(filename, ':');
545 if (strstart(filename, "format=", &p2)) {
546 int len = MIN(p1 - p2, sizeof(fmt));
547 pstrcpy(fmt, len, p2);
548 qemu_opt_set(opts, "format", fmt);
549 } else if (*filename != ':') {
550 printf("unrecognized USB mass-storage option %s\n", filename);
556 printf("block device specification needed\n");
559 qemu_opt_set(opts, "file", filename);
560 qemu_opt_set(opts, "if", "none");
562 /* create host drive */
563 dinfo = drive_init(opts, 0, &fatal_error);
569 /* create guest device */
570 dev = usb_create(NULL /* FIXME */, "usb-storage");
574 if (qdev_prop_set_drive(&dev->qdev, "drive", dinfo->bdrv) < 0) {
575 qdev_free(&dev->qdev);
578 if (qdev_init(&dev->qdev) < 0)
584 static struct USBDeviceInfo msd_info = {
585 .product_desc = "QEMU USB MSD",
586 .qdev.name = "usb-storage",
587 .qdev.size = sizeof(MSDState),
589 .init = usb_msd_initfn,
590 .handle_packet = usb_generic_handle_packet,
591 .handle_reset = usb_msd_handle_reset,
592 .handle_control = usb_msd_handle_control,
593 .handle_data = usb_msd_handle_data,
594 .usbdevice_name = "disk",
595 .usbdevice_init = usb_msd_init,
596 .qdev.props = (Property[]) {
597 DEFINE_BLOCK_PROPERTIES(MSDState, conf),
598 DEFINE_PROP_END_OF_LIST(),
602 static void usb_msd_register_devices(void)
604 usb_qdev_register(&msd_info);
606 device_init(usb_msd_register_devices)
projects / qemu.git / blob