1 /* $FreeBSD$ */
2 /*-
3 * Copyright (c) 2008,2011 Hans Petter Selasky. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24 * SUCH DAMAGE.
25 */
26
27 /*
28 * The following file contains code that will detect USB autoinstall
29 * disks.
30 *
31 * TODO: Potentially we could add code to automatically detect USB
32 * mass storage quirks for not supported SCSI commands!
33 */
34
35 #ifdef USB_GLOBAL_INCLUDE_FILE
36 #include USB_GLOBAL_INCLUDE_FILE
37 #else
38 #include <sys/stdint.h>
39 #include <sys/stddef.h>
40 #include <sys/param.h>
41 #include <sys/queue.h>
42 #include <sys/types.h>
43 #include <sys/systm.h>
44 #include <sys/kernel.h>
45 #include <sys/bus.h>
46 #include <sys/module.h>
47 #include <sys/lock.h>
48 #include <sys/mutex.h>
49 #include <sys/condvar.h>
50 #include <sys/sysctl.h>
51 #include <sys/sx.h>
52 #include <sys/unistd.h>
53 #include <sys/callout.h>
54 #include <sys/malloc.h>
55 #include <sys/priv.h>
56
57 #include <dev/usb/usb.h>
58 #include <dev/usb/usbdi.h>
59 #include <dev/usb/usbdi_util.h>
60
61 #define USB_DEBUG_VAR usb_debug
62
63 #include <dev/usb/usb_busdma.h>
64 #include <dev/usb/usb_process.h>
65 #include <dev/usb/usb_transfer.h>
66 #include <dev/usb/usb_msctest.h>
67 #include <dev/usb/usb_debug.h>
68 #include <dev/usb/usb_device.h>
69 #include <dev/usb/usb_request.h>
70 #include <dev/usb/usb_util.h>
71 #include <dev/usb/quirk/usb_quirk.h>
72 #endif /* USB_GLOBAL_INCLUDE_FILE */
73
74 enum {
75 ST_COMMAND,
76 ST_DATA_RD,
77 ST_DATA_RD_CS,
78 ST_DATA_WR,
79 ST_DATA_WR_CS,
80 ST_STATUS,
81 ST_MAX,
82 };
83
84 enum {
85 DIR_IN,
86 DIR_OUT,
87 DIR_NONE,
88 };
89
90 #define SCSI_MAX_LEN MAX(0x100, BULK_SIZE)
91 #define SCSI_INQ_LEN 0x24
92 #define SCSI_SENSE_LEN 0xFF
93
94 static uint8_t scsi_test_unit_ready[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
95 static uint8_t scsi_inquiry[] = { 0x12, 0x00, 0x00, 0x00, SCSI_INQ_LEN, 0x00 };
96 static uint8_t scsi_rezero_init[] = { 0x01, 0x00, 0x00, 0x00, 0x00, 0x00 };
97 static uint8_t scsi_start_stop_unit[] = { 0x1b, 0x00, 0x00, 0x00, 0x02, 0x00 };
98 static uint8_t scsi_ztestor_eject[] = { 0x85, 0x01, 0x01, 0x01, 0x18, 0x01,
99 0x01, 0x01, 0x01, 0x01, 0x00, 0x00 };
100 static uint8_t scsi_cmotech_eject[] = { 0xff, 0x52, 0x44, 0x45, 0x56, 0x43,
101 0x48, 0x47 };
102 static uint8_t scsi_huawei_eject[] = { 0x11, 0x06, 0x00, 0x00, 0x00, 0x00,
103 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
104 0x00, 0x00, 0x00, 0x00 };
105 static uint8_t scsi_huawei_eject2[] = { 0x11, 0x06, 0x20, 0x00, 0x00, 0x01,
106 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
107 0x00, 0x00, 0x00, 0x00 };
108 static uint8_t scsi_tct_eject[] = { 0x06, 0xf5, 0x04, 0x02, 0x52, 0x70 };
109 static uint8_t scsi_sync_cache[] = { 0x35, 0x00, 0x00, 0x00, 0x00, 0x00,
110 0x00, 0x00, 0x00, 0x00 };
111 static uint8_t scsi_request_sense[] = { 0x03, 0x00, 0x00, 0x00, 0x12, 0x00,
112 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
113 static uint8_t scsi_read_capacity[] = { 0x25, 0x00, 0x00, 0x00, 0x00, 0x00,
114 0x00, 0x00, 0x00, 0x00 };
115 static uint8_t scsi_prevent_removal[] = { 0x1e, 0, 0, 0, 1, 0 };
116 static uint8_t scsi_allow_removal[] = { 0x1e, 0, 0, 0, 0, 0 };
117
118 #define BULK_SIZE 64 /* dummy */
119 #define ERR_CSW_FAILED -1
120
121 /* Command Block Wrapper */
122 struct bbb_cbw {
123 uDWord dCBWSignature;
124 #define CBWSIGNATURE 0x43425355
125 uDWord dCBWTag;
126 uDWord dCBWDataTransferLength;
127 uByte bCBWFlags;
128 #define CBWFLAGS_OUT 0x00
129 #define CBWFLAGS_IN 0x80
130 uByte bCBWLUN;
131 uByte bCDBLength;
132 #define CBWCDBLENGTH 16
133 uByte CBWCDB[CBWCDBLENGTH];
134 } __packed;
135
136 /* Command Status Wrapper */
137 struct bbb_csw {
138 uDWord dCSWSignature;
139 #define CSWSIGNATURE 0x53425355
140 uDWord dCSWTag;
141 uDWord dCSWDataResidue;
142 uByte bCSWStatus;
143 #define CSWSTATUS_GOOD 0x0
144 #define CSWSTATUS_FAILED 0x1
145 #define CSWSTATUS_PHASE 0x2
146 } __packed;
147
148 struct bbb_transfer {
149 struct mtx mtx;
150 struct cv cv;
151 struct bbb_cbw *cbw;
152 struct bbb_csw *csw;
153
154 struct usb_xfer *xfer[ST_MAX];
155
156 uint8_t *data_ptr;
157
158 usb_size_t data_len; /* bytes */
159 usb_size_t data_rem; /* bytes */
160 usb_timeout_t data_timeout; /* ms */
161 usb_frlength_t actlen; /* bytes */
162 usb_frlength_t buffer_size; /* bytes */
163
164 uint8_t cmd_len; /* bytes */
165 uint8_t dir;
166 uint8_t lun;
167 uint8_t state;
168 uint8_t status_try;
169 int error;
170
171 uint8_t *buffer;
172 };
173
174 static usb_callback_t bbb_command_callback;
175 static usb_callback_t bbb_data_read_callback;
176 static usb_callback_t bbb_data_rd_cs_callback;
177 static usb_callback_t bbb_data_write_callback;
178 static usb_callback_t bbb_data_wr_cs_callback;
179 static usb_callback_t bbb_status_callback;
180 static usb_callback_t bbb_raw_write_callback;
181
182 static void bbb_done(struct bbb_transfer *, int);
183 static void bbb_transfer_start(struct bbb_transfer *, uint8_t);
184 static void bbb_data_clear_stall_callback(struct usb_xfer *, uint8_t,
185 uint8_t);
186 static int bbb_command_start(struct bbb_transfer *, uint8_t, uint8_t,
187 void *, size_t, void *, size_t, usb_timeout_t);
188 static struct bbb_transfer *bbb_attach(struct usb_device *, uint8_t, uint8_t);
189 static void bbb_detach(struct bbb_transfer *);
190
191 static const struct usb_config bbb_config[ST_MAX] = {
192
193 [ST_COMMAND] = {
194 .type = UE_BULK,
195 .endpoint = UE_ADDR_ANY,
196 .direction = UE_DIR_OUT,
197 .bufsize = sizeof(struct bbb_cbw),
198 .callback = &bbb_command_callback,
199 .timeout = 4 * USB_MS_HZ, /* 4 seconds */
200 },
201
202 [ST_DATA_RD] = {
203 .type = UE_BULK,
204 .endpoint = UE_ADDR_ANY,
205 .direction = UE_DIR_IN,
206 .bufsize = SCSI_MAX_LEN,
207 .flags = {.proxy_buffer = 1,.short_xfer_ok = 1,},
208 .callback = &bbb_data_read_callback,
209 .timeout = 4 * USB_MS_HZ, /* 4 seconds */
210 },
211
212 [ST_DATA_RD_CS] = {
213 .type = UE_CONTROL,
214 .endpoint = 0x00, /* Control pipe */
215 .direction = UE_DIR_ANY,
216 .bufsize = sizeof(struct usb_device_request),
217 .callback = &bbb_data_rd_cs_callback,
218 .timeout = 1 * USB_MS_HZ, /* 1 second */
219 },
220
221 [ST_DATA_WR] = {
222 .type = UE_BULK,
223 .endpoint = UE_ADDR_ANY,
224 .direction = UE_DIR_OUT,
225 .bufsize = SCSI_MAX_LEN,
226 .flags = {.ext_buffer = 1,.proxy_buffer = 1,},
227 .callback = &bbb_data_write_callback,
228 .timeout = 4 * USB_MS_HZ, /* 4 seconds */
229 },
230
231 [ST_DATA_WR_CS] = {
232 .type = UE_CONTROL,
233 .endpoint = 0x00, /* Control pipe */
234 .direction = UE_DIR_ANY,
235 .bufsize = sizeof(struct usb_device_request),
236 .callback = &bbb_data_wr_cs_callback,
237 .timeout = 1 * USB_MS_HZ, /* 1 second */
238 },
239
240 [ST_STATUS] = {
241 .type = UE_BULK,
242 .endpoint = UE_ADDR_ANY,
243 .direction = UE_DIR_IN,
244 .bufsize = sizeof(struct bbb_csw),
245 .flags = {.short_xfer_ok = 1,},
246 .callback = &bbb_status_callback,
247 .timeout = 1 * USB_MS_HZ, /* 1 second */
248 },
249 };
250
251 static const struct usb_config bbb_raw_config[1] = {
252
253 [0] = {
254 .type = UE_BULK_INTR,
255 .endpoint = UE_ADDR_ANY,
256 .direction = UE_DIR_OUT,
257 .bufsize = SCSI_MAX_LEN,
258 .flags = {.ext_buffer = 1,.proxy_buffer = 1,},
259 .callback = &bbb_raw_write_callback,
260 .timeout = 1 * USB_MS_HZ, /* 1 second */
261 },
262 };
263
264 static void
bbb_done(struct bbb_transfer * sc,int error)265 bbb_done(struct bbb_transfer *sc, int error)
266 {
267 sc->error = error;
268 sc->state = ST_COMMAND;
269 sc->status_try = 1;
270 cv_signal(&sc->cv);
271 }
272
273 static void
bbb_transfer_start(struct bbb_transfer * sc,uint8_t xfer_index)274 bbb_transfer_start(struct bbb_transfer *sc, uint8_t xfer_index)
275 {
276 sc->state = xfer_index;
277 usbd_transfer_start(sc->xfer[xfer_index]);
278 }
279
280 static void
bbb_data_clear_stall_callback(struct usb_xfer * xfer,uint8_t next_xfer,uint8_t stall_xfer)281 bbb_data_clear_stall_callback(struct usb_xfer *xfer,
282 uint8_t next_xfer, uint8_t stall_xfer)
283 {
284 struct bbb_transfer *sc = usbd_xfer_softc(xfer);
285
286 if (usbd_clear_stall_callback(xfer, sc->xfer[stall_xfer])) {
287 switch (USB_GET_STATE(xfer)) {
288 case USB_ST_SETUP:
289 case USB_ST_TRANSFERRED:
290 bbb_transfer_start(sc, next_xfer);
291 break;
292 default:
293 bbb_done(sc, USB_ERR_STALLED);
294 break;
295 }
296 }
297 }
298
299 static void
bbb_command_callback(struct usb_xfer * xfer,usb_error_t error)300 bbb_command_callback(struct usb_xfer *xfer, usb_error_t error)
301 {
302 struct bbb_transfer *sc = usbd_xfer_softc(xfer);
303 uint32_t tag;
304
305 switch (USB_GET_STATE(xfer)) {
306 case USB_ST_TRANSFERRED:
307 bbb_transfer_start
308 (sc, ((sc->dir == DIR_IN) ? ST_DATA_RD :
309 (sc->dir == DIR_OUT) ? ST_DATA_WR :
310 ST_STATUS));
311 break;
312
313 case USB_ST_SETUP:
314 sc->status_try = 0;
315 tag = UGETDW(sc->cbw->dCBWTag) + 1;
316 USETDW(sc->cbw->dCBWSignature, CBWSIGNATURE);
317 USETDW(sc->cbw->dCBWTag, tag);
318 USETDW(sc->cbw->dCBWDataTransferLength, (uint32_t)sc->data_len);
319 sc->cbw->bCBWFlags = ((sc->dir == DIR_IN) ? CBWFLAGS_IN : CBWFLAGS_OUT);
320 sc->cbw->bCBWLUN = sc->lun;
321 sc->cbw->bCDBLength = sc->cmd_len;
322 if (sc->cbw->bCDBLength > sizeof(sc->cbw->CBWCDB)) {
323 sc->cbw->bCDBLength = sizeof(sc->cbw->CBWCDB);
324 DPRINTFN(0, "Truncating long command\n");
325 }
326 usbd_xfer_set_frame_len(xfer, 0,
327 sizeof(struct bbb_cbw));
328 usbd_transfer_submit(xfer);
329 break;
330
331 default: /* Error */
332 bbb_done(sc, error);
333 break;
334 }
335 }
336
337 static void
bbb_data_read_callback(struct usb_xfer * xfer,usb_error_t error)338 bbb_data_read_callback(struct usb_xfer *xfer, usb_error_t error)
339 {
340 struct bbb_transfer *sc = usbd_xfer_softc(xfer);
341 usb_frlength_t max_bulk = usbd_xfer_max_len(xfer);
342 int actlen, sumlen;
343
344 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL);
345
346 switch (USB_GET_STATE(xfer)) {
347 case USB_ST_TRANSFERRED:
348 sc->data_rem -= actlen;
349 sc->data_ptr += actlen;
350 sc->actlen += actlen;
351
352 if (actlen < sumlen) {
353 /* short transfer */
354 sc->data_rem = 0;
355 }
356 case USB_ST_SETUP:
357 DPRINTF("max_bulk=%d, data_rem=%d\n",
358 max_bulk, sc->data_rem);
359
360 if (sc->data_rem == 0) {
361 bbb_transfer_start(sc, ST_STATUS);
362 break;
363 }
364 if (max_bulk > sc->data_rem) {
365 max_bulk = sc->data_rem;
366 }
367 usbd_xfer_set_timeout(xfer, sc->data_timeout);
368 usbd_xfer_set_frame_data(xfer, 0, sc->data_ptr, max_bulk);
369 usbd_transfer_submit(xfer);
370 break;
371
372 default: /* Error */
373 if (error == USB_ERR_CANCELLED) {
374 bbb_done(sc, error);
375 } else {
376 bbb_transfer_start(sc, ST_DATA_RD_CS);
377 }
378 break;
379 }
380 }
381
382 static void
bbb_data_rd_cs_callback(struct usb_xfer * xfer,usb_error_t error)383 bbb_data_rd_cs_callback(struct usb_xfer *xfer, usb_error_t error)
384 {
385 bbb_data_clear_stall_callback(xfer, ST_STATUS,
386 ST_DATA_RD);
387 }
388
389 static void
bbb_data_write_callback(struct usb_xfer * xfer,usb_error_t error)390 bbb_data_write_callback(struct usb_xfer *xfer, usb_error_t error)
391 {
392 struct bbb_transfer *sc = usbd_xfer_softc(xfer);
393 usb_frlength_t max_bulk = usbd_xfer_max_len(xfer);
394 int actlen, sumlen;
395
396 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL);
397
398 switch (USB_GET_STATE(xfer)) {
399 case USB_ST_TRANSFERRED:
400 sc->data_rem -= actlen;
401 sc->data_ptr += actlen;
402 sc->actlen += actlen;
403
404 if (actlen < sumlen) {
405 /* short transfer */
406 sc->data_rem = 0;
407 }
408 case USB_ST_SETUP:
409 DPRINTF("max_bulk=%d, data_rem=%d\n",
410 max_bulk, sc->data_rem);
411
412 if (sc->data_rem == 0) {
413 bbb_transfer_start(sc, ST_STATUS);
414 break;
415 }
416 if (max_bulk > sc->data_rem) {
417 max_bulk = sc->data_rem;
418 }
419 usbd_xfer_set_timeout(xfer, sc->data_timeout);
420 usbd_xfer_set_frame_data(xfer, 0, sc->data_ptr, max_bulk);
421 usbd_transfer_submit(xfer);
422 break;
423
424 default: /* Error */
425 if (error == USB_ERR_CANCELLED) {
426 bbb_done(sc, error);
427 } else {
428 bbb_transfer_start(sc, ST_DATA_WR_CS);
429 }
430 break;
431 }
432 }
433
434 static void
bbb_data_wr_cs_callback(struct usb_xfer * xfer,usb_error_t error)435 bbb_data_wr_cs_callback(struct usb_xfer *xfer, usb_error_t error)
436 {
437 bbb_data_clear_stall_callback(xfer, ST_STATUS,
438 ST_DATA_WR);
439 }
440
441 static void
bbb_status_callback(struct usb_xfer * xfer,usb_error_t error)442 bbb_status_callback(struct usb_xfer *xfer, usb_error_t error)
443 {
444 struct bbb_transfer *sc = usbd_xfer_softc(xfer);
445 int actlen;
446 int sumlen;
447
448 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL);
449
450 switch (USB_GET_STATE(xfer)) {
451 case USB_ST_TRANSFERRED:
452
453 /* very simple status check */
454
455 if (actlen < (int)sizeof(struct bbb_csw)) {
456 bbb_done(sc, USB_ERR_SHORT_XFER);
457 } else if (sc->csw->bCSWStatus == CSWSTATUS_GOOD) {
458 bbb_done(sc, 0); /* success */
459 } else {
460 bbb_done(sc, ERR_CSW_FAILED); /* error */
461 }
462 break;
463
464 case USB_ST_SETUP:
465 usbd_xfer_set_frame_len(xfer, 0,
466 sizeof(struct bbb_csw));
467 usbd_transfer_submit(xfer);
468 break;
469
470 default:
471 DPRINTF("Failed to read CSW: %s, try %d\n",
472 usbd_errstr(error), sc->status_try);
473
474 if (error == USB_ERR_CANCELLED || sc->status_try) {
475 bbb_done(sc, error);
476 } else {
477 sc->status_try = 1;
478 bbb_transfer_start(sc, ST_DATA_RD_CS);
479 }
480 break;
481 }
482 }
483
484 static void
bbb_raw_write_callback(struct usb_xfer * xfer,usb_error_t error)485 bbb_raw_write_callback(struct usb_xfer *xfer, usb_error_t error)
486 {
487 struct bbb_transfer *sc = usbd_xfer_softc(xfer);
488 usb_frlength_t max_bulk = usbd_xfer_max_len(xfer);
489 int actlen, sumlen;
490
491 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL);
492
493 switch (USB_GET_STATE(xfer)) {
494 case USB_ST_TRANSFERRED:
495 sc->data_rem -= actlen;
496 sc->data_ptr += actlen;
497 sc->actlen += actlen;
498
499 if (actlen < sumlen) {
500 /* short transfer */
501 sc->data_rem = 0;
502 }
503 case USB_ST_SETUP:
504 DPRINTF("max_bulk=%d, data_rem=%d\n",
505 max_bulk, sc->data_rem);
506
507 if (sc->data_rem == 0) {
508 bbb_done(sc, 0);
509 break;
510 }
511 if (max_bulk > sc->data_rem) {
512 max_bulk = sc->data_rem;
513 }
514 usbd_xfer_set_timeout(xfer, sc->data_timeout);
515 usbd_xfer_set_frame_data(xfer, 0, sc->data_ptr, max_bulk);
516 usbd_transfer_submit(xfer);
517 break;
518
519 default: /* Error */
520 bbb_done(sc, error);
521 break;
522 }
523 }
524
525 /*------------------------------------------------------------------------*
526 * bbb_command_start - execute a SCSI command synchronously
527 *
528 * Return values
529 * 0: Success
530 * Else: Failure
531 *------------------------------------------------------------------------*/
532 static int
bbb_command_start(struct bbb_transfer * sc,uint8_t dir,uint8_t lun,void * data_ptr,size_t data_len,void * cmd_ptr,size_t cmd_len,usb_timeout_t data_timeout)533 bbb_command_start(struct bbb_transfer *sc, uint8_t dir, uint8_t lun,
534 void *data_ptr, size_t data_len, void *cmd_ptr, size_t cmd_len,
535 usb_timeout_t data_timeout)
536 {
537 sc->lun = lun;
538 sc->dir = data_len ? dir : DIR_NONE;
539 sc->data_ptr = data_ptr;
540 sc->data_len = data_len;
541 sc->data_rem = data_len;
542 sc->data_timeout = (data_timeout + USB_MS_HZ);
543 sc->actlen = 0;
544 sc->error = 0;
545 sc->cmd_len = cmd_len;
546 memset(&sc->cbw->CBWCDB, 0, sizeof(sc->cbw->CBWCDB));
547 memcpy(&sc->cbw->CBWCDB, cmd_ptr, cmd_len);
548 DPRINTFN(1, "SCSI cmd = %*D\n", (int)cmd_len, (char *)sc->cbw->CBWCDB, ":");
549
550 mtx_lock(&sc->mtx);
551 usbd_transfer_start(sc->xfer[sc->state]);
552
553 while (usbd_transfer_pending(sc->xfer[sc->state])) {
554 cv_wait(&sc->cv, &sc->mtx);
555 }
556 mtx_unlock(&sc->mtx);
557 return (sc->error);
558 }
559
560 /*------------------------------------------------------------------------*
561 * bbb_raw_write - write a raw BULK message synchronously
562 *
563 * Return values
564 * 0: Success
565 * Else: Failure
566 *------------------------------------------------------------------------*/
567 static int
bbb_raw_write(struct bbb_transfer * sc,const void * data_ptr,size_t data_len,usb_timeout_t data_timeout)568 bbb_raw_write(struct bbb_transfer *sc, const void *data_ptr, size_t data_len,
569 usb_timeout_t data_timeout)
570 {
571 sc->data_ptr = __DECONST(void *, data_ptr);
572 sc->data_len = data_len;
573 sc->data_rem = data_len;
574 sc->data_timeout = (data_timeout + USB_MS_HZ);
575 sc->actlen = 0;
576 sc->error = 0;
577
578 DPRINTFN(1, "BULK DATA = %*D\n", (int)data_len,
579 (const char *)data_ptr, ":");
580
581 mtx_lock(&sc->mtx);
582 usbd_transfer_start(sc->xfer[0]);
583 while (usbd_transfer_pending(sc->xfer[0]))
584 cv_wait(&sc->cv, &sc->mtx);
585 mtx_unlock(&sc->mtx);
586 return (sc->error);
587 }
588
589 static struct bbb_transfer *
bbb_attach(struct usb_device * udev,uint8_t iface_index,uint8_t bInterfaceClass)590 bbb_attach(struct usb_device *udev, uint8_t iface_index,
591 uint8_t bInterfaceClass)
592 {
593 struct usb_interface *iface;
594 struct usb_interface_descriptor *id;
595 const struct usb_config *pconfig;
596 struct bbb_transfer *sc;
597 usb_error_t err;
598 int nconfig;
599 uint8_t do_unlock;
600
601 /* Prevent re-enumeration */
602 do_unlock = usbd_enum_lock(udev);
603
604 /*
605 * Make sure any driver which is hooked up to this interface,
606 * like umass is gone:
607 */
608 usb_detach_device(udev, iface_index, 0);
609
610 if (do_unlock)
611 usbd_enum_unlock(udev);
612
613 iface = usbd_get_iface(udev, iface_index);
614 if (iface == NULL)
615 return (NULL);
616
617 id = iface->idesc;
618 if (id == NULL || id->bInterfaceClass != bInterfaceClass)
619 return (NULL);
620
621 switch (id->bInterfaceClass) {
622 case UICLASS_MASS:
623 switch (id->bInterfaceSubClass) {
624 case UISUBCLASS_SCSI:
625 case UISUBCLASS_UFI:
626 case UISUBCLASS_SFF8020I:
627 case UISUBCLASS_SFF8070I:
628 break;
629 default:
630 return (NULL);
631 }
632 switch (id->bInterfaceProtocol) {
633 case UIPROTO_MASS_BBB_OLD:
634 case UIPROTO_MASS_BBB:
635 break;
636 default:
637 return (NULL);
638 }
639 pconfig = bbb_config;
640 nconfig = ST_MAX;
641 break;
642 case UICLASS_HID:
643 switch (id->bInterfaceSubClass) {
644 case 0:
645 break;
646 default:
647 return (NULL);
648 }
649 pconfig = bbb_raw_config;
650 nconfig = 1;
651 break;
652 default:
653 return (NULL);
654 }
655
656 sc = malloc(sizeof(*sc), M_USB, M_WAITOK | M_ZERO);
657 mtx_init(&sc->mtx, "USB autoinstall", NULL, MTX_DEF);
658 cv_init(&sc->cv, "WBBB");
659
660 err = usbd_transfer_setup(udev, &iface_index, sc->xfer, pconfig,
661 nconfig, sc, &sc->mtx);
662 if (err) {
663 bbb_detach(sc);
664 return (NULL);
665 }
666 switch (id->bInterfaceClass) {
667 case UICLASS_MASS:
668 /* store pointer to DMA buffers */
669 sc->buffer = usbd_xfer_get_frame_buffer(
670 sc->xfer[ST_DATA_RD], 0);
671 sc->buffer_size =
672 usbd_xfer_max_len(sc->xfer[ST_DATA_RD]);
673 sc->cbw = usbd_xfer_get_frame_buffer(
674 sc->xfer[ST_COMMAND], 0);
675 sc->csw = usbd_xfer_get_frame_buffer(
676 sc->xfer[ST_STATUS], 0);
677 break;
678 default:
679 break;
680 }
681 return (sc);
682 }
683
684 static void
bbb_detach(struct bbb_transfer * sc)685 bbb_detach(struct bbb_transfer *sc)
686 {
687 usbd_transfer_unsetup(sc->xfer, ST_MAX);
688 mtx_destroy(&sc->mtx);
689 cv_destroy(&sc->cv);
690 free(sc, M_USB);
691 }
692
693 /*------------------------------------------------------------------------*
694 * usb_iface_is_cdrom
695 *
696 * Return values:
697 * 1: This interface is an auto install disk (CD-ROM)
698 * 0: Not an auto install disk.
699 *------------------------------------------------------------------------*/
700 int
usb_iface_is_cdrom(struct usb_device * udev,uint8_t iface_index)701 usb_iface_is_cdrom(struct usb_device *udev, uint8_t iface_index)
702 {
703 struct bbb_transfer *sc;
704 uint8_t timeout;
705 uint8_t is_cdrom;
706 uint8_t sid_type;
707 int err;
708
709 sc = bbb_attach(udev, iface_index, UICLASS_MASS);
710 if (sc == NULL)
711 return (0);
712
713 is_cdrom = 0;
714 timeout = 4; /* tries */
715 while (--timeout) {
716 err = bbb_command_start(sc, DIR_IN, 0, sc->buffer,
717 SCSI_INQ_LEN, &scsi_inquiry, sizeof(scsi_inquiry),
718 USB_MS_HZ);
719
720 if (err == 0 && sc->actlen > 0) {
721 sid_type = sc->buffer[0] & 0x1F;
722 if (sid_type == 0x05)
723 is_cdrom = 1;
724 break;
725 } else if (err != ERR_CSW_FAILED)
726 break; /* non retryable error */
727 usb_pause_mtx(NULL, hz);
728 }
729 bbb_detach(sc);
730 return (is_cdrom);
731 }
732
733 static uint8_t
usb_msc_get_max_lun(struct usb_device * udev,uint8_t iface_index)734 usb_msc_get_max_lun(struct usb_device *udev, uint8_t iface_index)
735 {
736 struct usb_device_request req;
737 usb_error_t err;
738 uint8_t buf = 0;
739
740
741 /* The Get Max Lun command is a class-specific request. */
742 req.bmRequestType = UT_READ_CLASS_INTERFACE;
743 req.bRequest = 0xFE; /* GET_MAX_LUN */
744 USETW(req.wValue, 0);
745 req.wIndex[0] = iface_index;
746 req.wIndex[1] = 0;
747 USETW(req.wLength, 1);
748
749 err = usbd_do_request(udev, NULL, &req, &buf);
750 if (err)
751 buf = 0;
752
753 return (buf);
754 }
755
756 usb_error_t
usb_msc_auto_quirk(struct usb_device * udev,uint8_t iface_index)757 usb_msc_auto_quirk(struct usb_device *udev, uint8_t iface_index)
758 {
759 struct bbb_transfer *sc;
760 uint8_t timeout;
761 uint8_t is_no_direct;
762 uint8_t sid_type;
763 int err;
764
765 sc = bbb_attach(udev, iface_index, UICLASS_MASS);
766 if (sc == NULL)
767 return (0);
768
769 /*
770 * Some devices need a delay after that the configuration
771 * value is set to function properly:
772 */
773 usb_pause_mtx(NULL, hz);
774
775 if (usb_msc_get_max_lun(udev, iface_index) == 0) {
776 DPRINTF("Device has only got one LUN.\n");
777 usbd_add_dynamic_quirk(udev, UQ_MSC_NO_GETMAXLUN);
778 }
779
780 is_no_direct = 1;
781 for (timeout = 4; timeout != 0; timeout--) {
782 err = bbb_command_start(sc, DIR_IN, 0, sc->buffer,
783 SCSI_INQ_LEN, &scsi_inquiry, sizeof(scsi_inquiry),
784 USB_MS_HZ);
785
786 if (err == 0 && sc->actlen > 0) {
787 sid_type = sc->buffer[0] & 0x1F;
788 if (sid_type == 0x00)
789 is_no_direct = 0;
790 break;
791 } else if (err != ERR_CSW_FAILED) {
792 DPRINTF("Device is not responding "
793 "properly to SCSI INQUIRY command.\n");
794 goto error; /* non retryable error */
795 }
796 usb_pause_mtx(NULL, hz);
797 }
798
799 if (is_no_direct) {
800 DPRINTF("Device is not direct access.\n");
801 goto done;
802 }
803
804 err = bbb_command_start(sc, DIR_IN, 0, NULL, 0,
805 &scsi_test_unit_ready, sizeof(scsi_test_unit_ready),
806 USB_MS_HZ);
807
808 if (err != 0) {
809 if (err != ERR_CSW_FAILED)
810 goto error;
811 DPRINTF("Test unit ready failed\n");
812 }
813
814 err = bbb_command_start(sc, DIR_OUT, 0, NULL, 0,
815 &scsi_prevent_removal, sizeof(scsi_prevent_removal),
816 USB_MS_HZ);
817
818 if (err == 0) {
819 err = bbb_command_start(sc, DIR_OUT, 0, NULL, 0,
820 &scsi_allow_removal, sizeof(scsi_allow_removal),
821 USB_MS_HZ);
822 }
823
824 if (err != 0) {
825 if (err != ERR_CSW_FAILED)
826 goto error;
827 DPRINTF("Device doesn't handle prevent and allow removal\n");
828 usbd_add_dynamic_quirk(udev, UQ_MSC_NO_PREVENT_ALLOW);
829 }
830
831 timeout = 1;
832
833 retry_sync_cache:
834 err = bbb_command_start(sc, DIR_IN, 0, NULL, 0,
835 &scsi_sync_cache, sizeof(scsi_sync_cache),
836 USB_MS_HZ);
837
838 if (err != 0) {
839
840 if (err != ERR_CSW_FAILED)
841 goto error;
842
843 DPRINTF("Device doesn't handle synchronize cache\n");
844
845 usbd_add_dynamic_quirk(udev, UQ_MSC_NO_SYNC_CACHE);
846 } else {
847
848 /*
849 * Certain Kingston memory sticks fail the first
850 * read capacity after a synchronize cache command
851 * has been issued. Disable the synchronize cache
852 * command for such devices.
853 */
854
855 err = bbb_command_start(sc, DIR_IN, 0, sc->buffer, 8,
856 &scsi_read_capacity, sizeof(scsi_read_capacity),
857 USB_MS_HZ);
858
859 if (err != 0) {
860 if (err != ERR_CSW_FAILED)
861 goto error;
862
863 err = bbb_command_start(sc, DIR_IN, 0, sc->buffer, 8,
864 &scsi_read_capacity, sizeof(scsi_read_capacity),
865 USB_MS_HZ);
866
867 if (err == 0) {
868 if (timeout--)
869 goto retry_sync_cache;
870
871 DPRINTF("Device most likely doesn't "
872 "handle synchronize cache\n");
873
874 usbd_add_dynamic_quirk(udev,
875 UQ_MSC_NO_SYNC_CACHE);
876 } else {
877 if (err != ERR_CSW_FAILED)
878 goto error;
879 }
880 }
881 }
882
883 /* clear sense status of any failed commands on the device */
884
885 err = bbb_command_start(sc, DIR_IN, 0, sc->buffer,
886 SCSI_INQ_LEN, &scsi_inquiry, sizeof(scsi_inquiry),
887 USB_MS_HZ);
888
889 DPRINTF("Inquiry = %d\n", err);
890
891 if (err != 0) {
892
893 if (err != ERR_CSW_FAILED)
894 goto error;
895 }
896
897 err = bbb_command_start(sc, DIR_IN, 0, sc->buffer,
898 SCSI_SENSE_LEN, &scsi_request_sense,
899 sizeof(scsi_request_sense), USB_MS_HZ);
900
901 DPRINTF("Request sense = %d\n", err);
902
903 if (err != 0) {
904
905 if (err != ERR_CSW_FAILED)
906 goto error;
907 }
908
909 done:
910 bbb_detach(sc);
911 return (0);
912
913 error:
914 bbb_detach(sc);
915
916 DPRINTF("Device did not respond, enabling all quirks\n");
917
918 usbd_add_dynamic_quirk(udev, UQ_MSC_NO_SYNC_CACHE);
919 usbd_add_dynamic_quirk(udev, UQ_MSC_NO_PREVENT_ALLOW);
920 usbd_add_dynamic_quirk(udev, UQ_MSC_NO_TEST_UNIT_READY);
921
922 /* Need to re-enumerate the device */
923 usbd_req_re_enumerate(udev, NULL);
924
925 return (USB_ERR_STALLED);
926 }
927
928 usb_error_t
usb_msc_eject(struct usb_device * udev,uint8_t iface_index,int method)929 usb_msc_eject(struct usb_device *udev, uint8_t iface_index, int method)
930 {
931 struct bbb_transfer *sc;
932 usb_error_t err;
933
934 sc = bbb_attach(udev, iface_index, UICLASS_MASS);
935 if (sc == NULL)
936 return (USB_ERR_INVAL);
937
938 switch (method) {
939 case MSC_EJECT_STOPUNIT:
940 err = bbb_command_start(sc, DIR_IN, 0, NULL, 0,
941 &scsi_test_unit_ready, sizeof(scsi_test_unit_ready),
942 USB_MS_HZ);
943 DPRINTF("Test unit ready status: %s\n", usbd_errstr(err));
944 err = bbb_command_start(sc, DIR_IN, 0, NULL, 0,
945 &scsi_start_stop_unit, sizeof(scsi_start_stop_unit),
946 USB_MS_HZ);
947 break;
948 case MSC_EJECT_REZERO:
949 err = bbb_command_start(sc, DIR_IN, 0, NULL, 0,
950 &scsi_rezero_init, sizeof(scsi_rezero_init),
951 USB_MS_HZ);
952 break;
953 case MSC_EJECT_ZTESTOR:
954 err = bbb_command_start(sc, DIR_IN, 0, NULL, 0,
955 &scsi_ztestor_eject, sizeof(scsi_ztestor_eject),
956 USB_MS_HZ);
957 break;
958 case MSC_EJECT_CMOTECH:
959 err = bbb_command_start(sc, DIR_IN, 0, NULL, 0,
960 &scsi_cmotech_eject, sizeof(scsi_cmotech_eject),
961 USB_MS_HZ);
962 break;
963 case MSC_EJECT_HUAWEI:
964 err = bbb_command_start(sc, DIR_IN, 0, NULL, 0,
965 &scsi_huawei_eject, sizeof(scsi_huawei_eject),
966 USB_MS_HZ);
967 break;
968 case MSC_EJECT_HUAWEI2:
969 err = bbb_command_start(sc, DIR_IN, 0, NULL, 0,
970 &scsi_huawei_eject2, sizeof(scsi_huawei_eject2),
971 USB_MS_HZ);
972 break;
973 case MSC_EJECT_TCT:
974 /*
975 * TCTMobile needs DIR_IN flag. To get it, we
976 * supply a dummy data with the command.
977 */
978 err = bbb_command_start(sc, DIR_IN, 0, sc->buffer,
979 sc->buffer_size, &scsi_tct_eject,
980 sizeof(scsi_tct_eject), USB_MS_HZ);
981 break;
982 default:
983 DPRINTF("Unknown eject method (%d)\n", method);
984 bbb_detach(sc);
985 return (USB_ERR_INVAL);
986 }
987
988 DPRINTF("Eject CD command status: %s\n", usbd_errstr(err));
989
990 bbb_detach(sc);
991 return (0);
992 }
993
994 usb_error_t
usb_dymo_eject(struct usb_device * udev,uint8_t iface_index)995 usb_dymo_eject(struct usb_device *udev, uint8_t iface_index)
996 {
997 static const uint8_t data[3] = { 0x1b, 0x5a, 0x01 };
998 struct bbb_transfer *sc;
999 usb_error_t err;
1000
1001 sc = bbb_attach(udev, iface_index, UICLASS_HID);
1002 if (sc == NULL)
1003 return (USB_ERR_INVAL);
1004 err = bbb_raw_write(sc, data, sizeof(data), USB_MS_HZ);
1005 bbb_detach(sc);
1006 return (err);
1007 }
1008
1009