1/* $FreeBSD$ */ 2/*- 3 * Copyright (c) 2008,2011 Hans Petter Selasky. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 */ 26 27/* 28 * The following file contains code that will detect USB autoinstall 29 * disks. 30 * 31 * TODO: Potentially we could add code to automatically detect USB 32 * mass storage quirks for not supported SCSI commands! 33 */ 34 35#ifdef USB_GLOBAL_INCLUDE_FILE 36#include USB_GLOBAL_INCLUDE_FILE 37#else 38#include <sys/stdint.h> 39#include <sys/stddef.h> 40#include <sys/param.h> 41#include <sys/queue.h> 42#include <sys/types.h> 43#include <sys/systm.h> 44#include <sys/kernel.h> 45#include <sys/bus.h> 46#include <sys/module.h> 47#include <sys/lock.h> 48#include <sys/mutex.h> 49#include <sys/condvar.h> 50#include <sys/sysctl.h> 51#include <sys/sx.h> 52#include <sys/unistd.h> 53#include <sys/callout.h> 54#include <sys/malloc.h> 55#include <sys/priv.h> 56 57#include <dev/usb/usb.h> 58#include <dev/usb/usbdi.h> 59#include <dev/usb/usbdi_util.h> 60 61#define USB_DEBUG_VAR usb_debug 62 63#include <dev/usb/usb_busdma.h> 64#include <dev/usb/usb_process.h> 65#include <dev/usb/usb_transfer.h> 66#include <dev/usb/usb_msctest.h> 67#include <dev/usb/usb_debug.h> 68#include <dev/usb/usb_device.h> 69#include <dev/usb/usb_request.h> 70#include <dev/usb/usb_util.h> 71#include <dev/usb/quirk/usb_quirk.h> 72#endif /* USB_GLOBAL_INCLUDE_FILE */ 73 74enum { 75 ST_COMMAND, 76 ST_DATA_RD, 77 ST_DATA_RD_CS, 78 ST_DATA_WR, 79 ST_DATA_WR_CS, 80 ST_STATUS, 81 ST_MAX, 82}; 83 84enum { 85 DIR_IN, 86 DIR_OUT, 87 DIR_NONE, 88}; 89 90#define SCSI_MAX_LEN MAX(0x100, BULK_SIZE) 91#define SCSI_INQ_LEN 0x24 92#define SCSI_SENSE_LEN 0xFF 93 94static uint8_t scsi_test_unit_ready[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; 95static uint8_t scsi_inquiry[] = { 0x12, 0x00, 0x00, 0x00, SCSI_INQ_LEN, 0x00 }; 96static uint8_t scsi_rezero_init[] = { 0x01, 0x00, 0x00, 0x00, 0x00, 0x00 }; 97static uint8_t scsi_start_stop_unit[] = { 0x1b, 0x00, 0x00, 0x00, 0x02, 0x00 }; 98static uint8_t scsi_ztestor_eject[] = { 0x85, 0x01, 0x01, 0x01, 0x18, 0x01, 99 0x01, 0x01, 0x01, 0x01, 0x00, 0x00 }; 100static uint8_t scsi_cmotech_eject[] = { 0xff, 0x52, 0x44, 0x45, 0x56, 0x43, 101 0x48, 0x47 }; 102static uint8_t scsi_huawei_eject[] = { 0x11, 0x06, 0x00, 0x00, 0x00, 0x00, 103 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 104 0x00, 0x00, 0x00, 0x00 }; 105static uint8_t scsi_huawei_eject2[] = { 0x11, 0x06, 0x20, 0x00, 0x00, 0x01, 106 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 107 0x00, 0x00, 0x00, 0x00 }; 108static uint8_t scsi_tct_eject[] = { 0x06, 0xf5, 0x04, 0x02, 0x52, 0x70 }; 109static uint8_t scsi_sync_cache[] = { 0x35, 0x00, 0x00, 0x00, 0x00, 0x00, 110 0x00, 0x00, 0x00, 0x00 }; 111static uint8_t scsi_request_sense[] = { 0x03, 0x00, 0x00, 0x00, 0x12, 0x00, 112 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; 113static uint8_t scsi_read_capacity[] = { 0x25, 0x00, 0x00, 0x00, 0x00, 0x00, 114 0x00, 0x00, 0x00, 0x00 }; 115static uint8_t scsi_prevent_removal[] = { 0x1e, 0, 0, 0, 1, 0 }; 116static uint8_t scsi_allow_removal[] = { 0x1e, 0, 0, 0, 0, 0 }; 117 118#define BULK_SIZE 64 /* dummy */ 119#define ERR_CSW_FAILED -1 120 121/* Command Block Wrapper */ 122struct bbb_cbw { 123 uDWord dCBWSignature; 124#define CBWSIGNATURE 0x43425355 125 uDWord dCBWTag; 126 uDWord dCBWDataTransferLength; 127 uByte bCBWFlags; 128#define CBWFLAGS_OUT 0x00 129#define CBWFLAGS_IN 0x80 130 uByte bCBWLUN; 131 uByte bCDBLength; 132#define CBWCDBLENGTH 16 133 uByte CBWCDB[CBWCDBLENGTH]; 134} __packed; 135 136/* Command Status Wrapper */ 137struct bbb_csw { 138 uDWord dCSWSignature; 139#define CSWSIGNATURE 0x53425355 140 uDWord dCSWTag; 141 uDWord dCSWDataResidue; 142 uByte bCSWStatus; 143#define CSWSTATUS_GOOD 0x0 144#define CSWSTATUS_FAILED 0x1 145#define CSWSTATUS_PHASE 0x2 146} __packed; 147 148struct bbb_transfer { 149 struct mtx mtx; 150 struct cv cv; 151 struct bbb_cbw *cbw; 152 struct bbb_csw *csw; 153 154 struct usb_xfer *xfer[ST_MAX]; 155 156 uint8_t *data_ptr; 157 158 usb_size_t data_len; /* bytes */ 159 usb_size_t data_rem; /* bytes */ 160 usb_timeout_t data_timeout; /* ms */ 161 usb_frlength_t actlen; /* bytes */ 162 usb_frlength_t buffer_size; /* bytes */ 163 164 uint8_t cmd_len; /* bytes */ 165 uint8_t dir; 166 uint8_t lun; 167 uint8_t state; 168 uint8_t status_try; 169 int error; 170 171 uint8_t *buffer; 172}; 173 174static usb_callback_t bbb_command_callback; 175static usb_callback_t bbb_data_read_callback; 176static usb_callback_t bbb_data_rd_cs_callback; 177static usb_callback_t bbb_data_write_callback; 178static usb_callback_t bbb_data_wr_cs_callback; 179static usb_callback_t bbb_status_callback; 180static usb_callback_t bbb_raw_write_callback; 181 182static void bbb_done(struct bbb_transfer *, int); 183static void bbb_transfer_start(struct bbb_transfer *, uint8_t); 184static void bbb_data_clear_stall_callback(struct usb_xfer *, uint8_t, 185 uint8_t); 186static int bbb_command_start(struct bbb_transfer *, uint8_t, uint8_t, 187 void *, size_t, void *, size_t, usb_timeout_t); 188static struct bbb_transfer *bbb_attach(struct usb_device *, uint8_t, uint8_t); 189static void bbb_detach(struct bbb_transfer *); 190 191static const struct usb_config bbb_config[ST_MAX] = { 192 193 [ST_COMMAND] = { 194 .type = UE_BULK, 195 .endpoint = UE_ADDR_ANY, 196 .direction = UE_DIR_OUT, 197 .bufsize = sizeof(struct bbb_cbw), 198 .callback = &bbb_command_callback, 199 .timeout = 4 * USB_MS_HZ, /* 4 seconds */ 200 }, 201 202 [ST_DATA_RD] = { 203 .type = UE_BULK, 204 .endpoint = UE_ADDR_ANY, 205 .direction = UE_DIR_IN, 206 .bufsize = SCSI_MAX_LEN, 207 .flags = {.proxy_buffer = 1,.short_xfer_ok = 1,}, 208 .callback = &bbb_data_read_callback, 209 .timeout = 4 * USB_MS_HZ, /* 4 seconds */ 210 }, 211 212 [ST_DATA_RD_CS] = { 213 .type = UE_CONTROL, 214 .endpoint = 0x00, /* Control pipe */ 215 .direction = UE_DIR_ANY, 216 .bufsize = sizeof(struct usb_device_request), 217 .callback = &bbb_data_rd_cs_callback, 218 .timeout = 1 * USB_MS_HZ, /* 1 second */ 219 }, 220 221 [ST_DATA_WR] = { 222 .type = UE_BULK, 223 .endpoint = UE_ADDR_ANY, 224 .direction = UE_DIR_OUT, 225 .bufsize = SCSI_MAX_LEN, 226 .flags = {.ext_buffer = 1,.proxy_buffer = 1,}, 227 .callback = &bbb_data_write_callback, 228 .timeout = 4 * USB_MS_HZ, /* 4 seconds */ 229 }, 230 231 [ST_DATA_WR_CS] = { 232 .type = UE_CONTROL, 233 .endpoint = 0x00, /* Control pipe */ 234 .direction = UE_DIR_ANY, 235 .bufsize = sizeof(struct usb_device_request), 236 .callback = &bbb_data_wr_cs_callback, 237 .timeout = 1 * USB_MS_HZ, /* 1 second */ 238 }, 239 240 [ST_STATUS] = { 241 .type = UE_BULK, 242 .endpoint = UE_ADDR_ANY, 243 .direction = UE_DIR_IN, 244 .bufsize = sizeof(struct bbb_csw), 245 .flags = {.short_xfer_ok = 1,}, 246 .callback = &bbb_status_callback, 247 .timeout = 1 * USB_MS_HZ, /* 1 second */ 248 }, 249}; 250 251static const struct usb_config bbb_raw_config[1] = { 252 253 [0] = { 254 .type = UE_BULK_INTR, 255 .endpoint = UE_ADDR_ANY, 256 .direction = UE_DIR_OUT, 257 .bufsize = SCSI_MAX_LEN, 258 .flags = {.ext_buffer = 1,.proxy_buffer = 1,}, 259 .callback = &bbb_raw_write_callback, 260 .timeout = 1 * USB_MS_HZ, /* 1 second */ 261 }, 262}; 263 264static void 265bbb_done(struct bbb_transfer *sc, int error) 266{ 267 sc->error = error; 268 sc->state = ST_COMMAND; 269 sc->status_try = 1; 270 cv_signal(&sc->cv); 271} 272 273static void 274bbb_transfer_start(struct bbb_transfer *sc, uint8_t xfer_index) 275{ 276 sc->state = xfer_index; 277 usbd_transfer_start(sc->xfer[xfer_index]); 278} 279 280static void 281bbb_data_clear_stall_callback(struct usb_xfer *xfer, 282 uint8_t next_xfer, uint8_t stall_xfer) 283{ 284 struct bbb_transfer *sc = usbd_xfer_softc(xfer); 285 286 if (usbd_clear_stall_callback(xfer, sc->xfer[stall_xfer])) { 287 switch (USB_GET_STATE(xfer)) { 288 case USB_ST_SETUP: 289 case USB_ST_TRANSFERRED: 290 bbb_transfer_start(sc, next_xfer); 291 break; 292 default: 293 bbb_done(sc, USB_ERR_STALLED); 294 break; 295 } 296 } 297} 298 299static void 300bbb_command_callback(struct usb_xfer *xfer, usb_error_t error) 301{ 302 struct bbb_transfer *sc = usbd_xfer_softc(xfer); 303 uint32_t tag; 304 305 switch (USB_GET_STATE(xfer)) { 306 case USB_ST_TRANSFERRED: 307 bbb_transfer_start 308 (sc, ((sc->dir == DIR_IN) ? ST_DATA_RD : 309 (sc->dir == DIR_OUT) ? ST_DATA_WR : 310 ST_STATUS)); 311 break; 312 313 case USB_ST_SETUP: 314 sc->status_try = 0; 315 tag = UGETDW(sc->cbw->dCBWTag) + 1; 316 USETDW(sc->cbw->dCBWSignature, CBWSIGNATURE); 317 USETDW(sc->cbw->dCBWTag, tag); 318 USETDW(sc->cbw->dCBWDataTransferLength, (uint32_t)sc->data_len); 319 sc->cbw->bCBWFlags = ((sc->dir == DIR_IN) ? CBWFLAGS_IN : CBWFLAGS_OUT); 320 sc->cbw->bCBWLUN = sc->lun; 321 sc->cbw->bCDBLength = sc->cmd_len; 322 if (sc->cbw->bCDBLength > sizeof(sc->cbw->CBWCDB)) { 323 sc->cbw->bCDBLength = sizeof(sc->cbw->CBWCDB); 324 DPRINTFN(0, "Truncating long command\n"); 325 } 326 usbd_xfer_set_frame_len(xfer, 0, 327 sizeof(struct bbb_cbw)); 328 usbd_transfer_submit(xfer); 329 break; 330 331 default: /* Error */ 332 bbb_done(sc, error); 333 break; 334 } 335} 336 337static void 338bbb_data_read_callback(struct usb_xfer *xfer, usb_error_t error) 339{ 340 struct bbb_transfer *sc = usbd_xfer_softc(xfer); 341 usb_frlength_t max_bulk = usbd_xfer_max_len(xfer); 342 int actlen, sumlen; 343 344 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL); 345 346 switch (USB_GET_STATE(xfer)) { 347 case USB_ST_TRANSFERRED: 348 sc->data_rem -= actlen; 349 sc->data_ptr += actlen; 350 sc->actlen += actlen; 351 352 if (actlen < sumlen) { 353 /* short transfer */ 354 sc->data_rem = 0; 355 } 356 case USB_ST_SETUP: 357 DPRINTF("max_bulk=%d, data_rem=%d\n", 358 max_bulk, sc->data_rem); 359 360 if (sc->data_rem == 0) { 361 bbb_transfer_start(sc, ST_STATUS); 362 break; 363 } 364 if (max_bulk > sc->data_rem) { 365 max_bulk = sc->data_rem; 366 } 367 usbd_xfer_set_timeout(xfer, sc->data_timeout); 368 usbd_xfer_set_frame_data(xfer, 0, sc->data_ptr, max_bulk); 369 usbd_transfer_submit(xfer); 370 break; 371 372 default: /* Error */ 373 if (error == USB_ERR_CANCELLED) { 374 bbb_done(sc, error); 375 } else { 376 bbb_transfer_start(sc, ST_DATA_RD_CS); 377 } 378 break; 379 } 380} 381 382static void 383bbb_data_rd_cs_callback(struct usb_xfer *xfer, usb_error_t error) 384{ 385 bbb_data_clear_stall_callback(xfer, ST_STATUS, 386 ST_DATA_RD); 387} 388 389static void 390bbb_data_write_callback(struct usb_xfer *xfer, usb_error_t error) 391{ 392 struct bbb_transfer *sc = usbd_xfer_softc(xfer); 393 usb_frlength_t max_bulk = usbd_xfer_max_len(xfer); 394 int actlen, sumlen; 395 396 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL); 397 398 switch (USB_GET_STATE(xfer)) { 399 case USB_ST_TRANSFERRED: 400 sc->data_rem -= actlen; 401 sc->data_ptr += actlen; 402 sc->actlen += actlen; 403 404 if (actlen < sumlen) { 405 /* short transfer */ 406 sc->data_rem = 0; 407 } 408 case USB_ST_SETUP: 409 DPRINTF("max_bulk=%d, data_rem=%d\n", 410 max_bulk, sc->data_rem); 411 412 if (sc->data_rem == 0) { 413 bbb_transfer_start(sc, ST_STATUS); 414 break; 415 } 416 if (max_bulk > sc->data_rem) { 417 max_bulk = sc->data_rem; 418 } 419 usbd_xfer_set_timeout(xfer, sc->data_timeout); 420 usbd_xfer_set_frame_data(xfer, 0, sc->data_ptr, max_bulk); 421 usbd_transfer_submit(xfer); 422 break; 423 424 default: /* Error */ 425 if (error == USB_ERR_CANCELLED) { 426 bbb_done(sc, error); 427 } else { 428 bbb_transfer_start(sc, ST_DATA_WR_CS); 429 } 430 break; 431 } 432} 433 434static void 435bbb_data_wr_cs_callback(struct usb_xfer *xfer, usb_error_t error) 436{ 437 bbb_data_clear_stall_callback(xfer, ST_STATUS, 438 ST_DATA_WR); 439} 440 441static void 442bbb_status_callback(struct usb_xfer *xfer, usb_error_t error) 443{ 444 struct bbb_transfer *sc = usbd_xfer_softc(xfer); 445 int actlen; 446 int sumlen; 447 448 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL); 449 450 switch (USB_GET_STATE(xfer)) { 451 case USB_ST_TRANSFERRED: 452 453 /* very simple status check */ 454 455 if (actlen < (int)sizeof(struct bbb_csw)) { 456 bbb_done(sc, USB_ERR_SHORT_XFER); 457 } else if (sc->csw->bCSWStatus == CSWSTATUS_GOOD) { 458 bbb_done(sc, 0); /* success */ 459 } else { 460 bbb_done(sc, ERR_CSW_FAILED); /* error */ 461 } 462 break; 463 464 case USB_ST_SETUP: 465 usbd_xfer_set_frame_len(xfer, 0, 466 sizeof(struct bbb_csw)); 467 usbd_transfer_submit(xfer); 468 break; 469 470 default: 471 DPRINTF("Failed to read CSW: %s, try %d\n", 472 usbd_errstr(error), sc->status_try); 473 474 if (error == USB_ERR_CANCELLED || sc->status_try) { 475 bbb_done(sc, error); 476 } else { 477 sc->status_try = 1; 478 bbb_transfer_start(sc, ST_DATA_RD_CS); 479 } 480 break; 481 } 482} 483 484static void 485bbb_raw_write_callback(struct usb_xfer *xfer, usb_error_t error) 486{ 487 struct bbb_transfer *sc = usbd_xfer_softc(xfer); 488 usb_frlength_t max_bulk = usbd_xfer_max_len(xfer); 489 int actlen, sumlen; 490 491 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL); 492 493 switch (USB_GET_STATE(xfer)) { 494 case USB_ST_TRANSFERRED: 495 sc->data_rem -= actlen; 496 sc->data_ptr += actlen; 497 sc->actlen += actlen; 498 499 if (actlen < sumlen) { 500 /* short transfer */ 501 sc->data_rem = 0; 502 } 503 case USB_ST_SETUP: 504 DPRINTF("max_bulk=%d, data_rem=%d\n", 505 max_bulk, sc->data_rem); 506 507 if (sc->data_rem == 0) { 508 bbb_done(sc, 0); 509 break; 510 } 511 if (max_bulk > sc->data_rem) { 512 max_bulk = sc->data_rem; 513 } 514 usbd_xfer_set_timeout(xfer, sc->data_timeout); 515 usbd_xfer_set_frame_data(xfer, 0, sc->data_ptr, max_bulk); 516 usbd_transfer_submit(xfer); 517 break; 518 519 default: /* Error */ 520 bbb_done(sc, error); 521 break; 522 } 523} 524 525/*------------------------------------------------------------------------* 526 * bbb_command_start - execute a SCSI command synchronously 527 * 528 * Return values 529 * 0: Success 530 * Else: Failure 531 *------------------------------------------------------------------------*/ 532static int 533bbb_command_start(struct bbb_transfer *sc, uint8_t dir, uint8_t lun, 534 void *data_ptr, size_t data_len, void *cmd_ptr, size_t cmd_len, 535 usb_timeout_t data_timeout) 536{ 537 sc->lun = lun; 538 sc->dir = data_len ? dir : DIR_NONE; 539 sc->data_ptr = data_ptr; 540 sc->data_len = data_len; 541 sc->data_rem = data_len; 542 sc->data_timeout = (data_timeout + USB_MS_HZ); 543 sc->actlen = 0; 544 sc->error = 0; 545 sc->cmd_len = cmd_len; 546 memset(&sc->cbw->CBWCDB, 0, sizeof(sc->cbw->CBWCDB)); 547 memcpy(&sc->cbw->CBWCDB, cmd_ptr, cmd_len); 548 DPRINTFN(1, "SCSI cmd = %*D\n", (int)cmd_len, (char *)sc->cbw->CBWCDB, ":"); 549 550 mtx_lock(&sc->mtx); 551 usbd_transfer_start(sc->xfer[sc->state]); 552 553 while (usbd_transfer_pending(sc->xfer[sc->state])) { 554 cv_wait(&sc->cv, &sc->mtx); 555 } 556 mtx_unlock(&sc->mtx); 557 return (sc->error); 558} 559 560/*------------------------------------------------------------------------* 561 * bbb_raw_write - write a raw BULK message synchronously 562 * 563 * Return values 564 * 0: Success 565 * Else: Failure 566 *------------------------------------------------------------------------*/ 567static int 568bbb_raw_write(struct bbb_transfer *sc, const void *data_ptr, size_t data_len, 569 usb_timeout_t data_timeout) 570{ 571 sc->data_ptr = __DECONST(void *, data_ptr); 572 sc->data_len = data_len; 573 sc->data_rem = data_len; 574 sc->data_timeout = (data_timeout + USB_MS_HZ); 575 sc->actlen = 0; 576 sc->error = 0; 577 578 DPRINTFN(1, "BULK DATA = %*D\n", (int)data_len, 579 (const char *)data_ptr, ":"); 580 581 mtx_lock(&sc->mtx); 582 usbd_transfer_start(sc->xfer[0]); 583 while (usbd_transfer_pending(sc->xfer[0])) 584 cv_wait(&sc->cv, &sc->mtx); 585 mtx_unlock(&sc->mtx); 586 return (sc->error); 587} 588 589static struct bbb_transfer * 590bbb_attach(struct usb_device *udev, uint8_t iface_index, 591 uint8_t bInterfaceClass) 592{ 593 struct usb_interface *iface; 594 struct usb_interface_descriptor *id; 595 const struct usb_config *pconfig; 596 struct bbb_transfer *sc; 597 usb_error_t err; 598 int nconfig; 599 uint8_t do_unlock; 600 601 /* Prevent re-enumeration */ 602 do_unlock = usbd_enum_lock(udev); 603 604 /* 605 * Make sure any driver which is hooked up to this interface, 606 * like umass is gone: 607 */ 608 usb_detach_device(udev, iface_index, 0); 609 610 if (do_unlock) 611 usbd_enum_unlock(udev); 612 613 iface = usbd_get_iface(udev, iface_index); 614 if (iface == NULL) 615 return (NULL); 616 617 id = iface->idesc; 618 if (id == NULL || id->bInterfaceClass != bInterfaceClass) 619 return (NULL); 620 621 switch (id->bInterfaceClass) { 622 case UICLASS_MASS: 623 switch (id->bInterfaceSubClass) { 624 case UISUBCLASS_SCSI: 625 case UISUBCLASS_UFI: 626 case UISUBCLASS_SFF8020I: 627 case UISUBCLASS_SFF8070I: 628 break; 629 default: 630 return (NULL); 631 } 632 switch (id->bInterfaceProtocol) { 633 case UIPROTO_MASS_BBB_OLD: 634 case UIPROTO_MASS_BBB: 635 break; 636 default: 637 return (NULL); 638 } 639 pconfig = bbb_config; 640 nconfig = ST_MAX; 641 break; 642 case UICLASS_HID: 643 switch (id->bInterfaceSubClass) { 644 case 0: 645 break; 646 default: 647 return (NULL); 648 } 649 pconfig = bbb_raw_config; 650 nconfig = 1; 651 break; 652 default: 653 return (NULL); 654 } 655 656 sc = malloc(sizeof(*sc), M_USB, M_WAITOK | M_ZERO); 657 mtx_init(&sc->mtx, "USB autoinstall", NULL, MTX_DEF); 658 cv_init(&sc->cv, "WBBB"); 659 660 err = usbd_transfer_setup(udev, &iface_index, sc->xfer, pconfig, 661 nconfig, sc, &sc->mtx); 662 if (err) { 663 bbb_detach(sc); 664 return (NULL); 665 } 666 switch (id->bInterfaceClass) { 667 case UICLASS_MASS: 668 /* store pointer to DMA buffers */ 669 sc->buffer = usbd_xfer_get_frame_buffer( 670 sc->xfer[ST_DATA_RD], 0); 671 sc->buffer_size = 672 usbd_xfer_max_len(sc->xfer[ST_DATA_RD]); 673 sc->cbw = usbd_xfer_get_frame_buffer( 674 sc->xfer[ST_COMMAND], 0); 675 sc->csw = usbd_xfer_get_frame_buffer( 676 sc->xfer[ST_STATUS], 0); 677 break; 678 default: 679 break; 680 } 681 return (sc); 682} 683 684static void 685bbb_detach(struct bbb_transfer *sc) 686{ 687 usbd_transfer_unsetup(sc->xfer, ST_MAX); 688 mtx_destroy(&sc->mtx); 689 cv_destroy(&sc->cv); 690 free(sc, M_USB); 691} 692 693/*------------------------------------------------------------------------* 694 * usb_iface_is_cdrom 695 * 696 * Return values: 697 * 1: This interface is an auto install disk (CD-ROM) 698 * 0: Not an auto install disk. 699 *------------------------------------------------------------------------*/ 700int 701usb_iface_is_cdrom(struct usb_device *udev, uint8_t iface_index) 702{ 703 struct bbb_transfer *sc; 704 uint8_t timeout; 705 uint8_t is_cdrom; 706 uint8_t sid_type; 707 int err; 708 709 sc = bbb_attach(udev, iface_index, UICLASS_MASS); 710 if (sc == NULL) 711 return (0); 712 713 is_cdrom = 0; 714 timeout = 4; /* tries */ 715 while (--timeout) { 716 err = bbb_command_start(sc, DIR_IN, 0, sc->buffer, 717 SCSI_INQ_LEN, &scsi_inquiry, sizeof(scsi_inquiry), 718 USB_MS_HZ); 719 720 if (err == 0 && sc->actlen > 0) { 721 sid_type = sc->buffer[0] & 0x1F; 722 if (sid_type == 0x05) 723 is_cdrom = 1; 724 break; 725 } else if (err != ERR_CSW_FAILED) 726 break; /* non retryable error */ 727 usb_pause_mtx(NULL, hz); 728 } 729 bbb_detach(sc); 730 return (is_cdrom); 731} 732 733static uint8_t 734usb_msc_get_max_lun(struct usb_device *udev, uint8_t iface_index) 735{ 736 struct usb_device_request req; 737 usb_error_t err; 738 uint8_t buf = 0; 739 740 741 /* The Get Max Lun command is a class-specific request. */ 742 req.bmRequestType = UT_READ_CLASS_INTERFACE; 743 req.bRequest = 0xFE; /* GET_MAX_LUN */ 744 USETW(req.wValue, 0); 745 req.wIndex[0] = iface_index; 746 req.wIndex[1] = 0; 747 USETW(req.wLength, 1); 748 749 err = usbd_do_request(udev, NULL, &req, &buf); 750 if (err) 751 buf = 0; 752 753 return (buf); 754} 755 756usb_error_t 757usb_msc_auto_quirk(struct usb_device *udev, uint8_t iface_index) 758{ 759 struct bbb_transfer *sc; 760 uint8_t timeout; 761 uint8_t is_no_direct; 762 uint8_t sid_type; 763 int err; 764 765 sc = bbb_attach(udev, iface_index, UICLASS_MASS); 766 if (sc == NULL) 767 return (0); 768 769 /* 770 * Some devices need a delay after that the configuration 771 * value is set to function properly: 772 */ 773 usb_pause_mtx(NULL, hz); 774 775 if (usb_msc_get_max_lun(udev, iface_index) == 0) { 776 DPRINTF("Device has only got one LUN.\n"); 777 usbd_add_dynamic_quirk(udev, UQ_MSC_NO_GETMAXLUN); 778 } 779 780 is_no_direct = 1; 781 for (timeout = 4; timeout != 0; timeout--) { 782 err = bbb_command_start(sc, DIR_IN, 0, sc->buffer, 783 SCSI_INQ_LEN, &scsi_inquiry, sizeof(scsi_inquiry), 784 USB_MS_HZ); 785 786 if (err == 0 && sc->actlen > 0) { 787 sid_type = sc->buffer[0] & 0x1F; 788 if (sid_type == 0x00) 789 is_no_direct = 0; 790 break; 791 } else if (err != ERR_CSW_FAILED) { 792 DPRINTF("Device is not responding " 793 "properly to SCSI INQUIRY command.\n"); 794 goto error; /* non retryable error */ 795 } 796 usb_pause_mtx(NULL, hz); 797 } 798 799 if (is_no_direct) { 800 DPRINTF("Device is not direct access.\n"); 801 goto done; 802 } 803 804 err = bbb_command_start(sc, DIR_IN, 0, NULL, 0, 805 &scsi_test_unit_ready, sizeof(scsi_test_unit_ready), 806 USB_MS_HZ); 807 808 if (err != 0) { 809 if (err != ERR_CSW_FAILED) 810 goto error; 811 DPRINTF("Test unit ready failed\n"); 812 } 813 814 err = bbb_command_start(sc, DIR_OUT, 0, NULL, 0, 815 &scsi_prevent_removal, sizeof(scsi_prevent_removal), 816 USB_MS_HZ); 817 818 if (err == 0) { 819 err = bbb_command_start(sc, DIR_OUT, 0, NULL, 0, 820 &scsi_allow_removal, sizeof(scsi_allow_removal), 821 USB_MS_HZ); 822 } 823 824 if (err != 0) { 825 if (err != ERR_CSW_FAILED) 826 goto error; 827 DPRINTF("Device doesn't handle prevent and allow removal\n"); 828 usbd_add_dynamic_quirk(udev, UQ_MSC_NO_PREVENT_ALLOW); 829 } 830 831 timeout = 1; 832 833retry_sync_cache: 834 err = bbb_command_start(sc, DIR_IN, 0, NULL, 0, 835 &scsi_sync_cache, sizeof(scsi_sync_cache), 836 USB_MS_HZ); 837 838 if (err != 0) { 839 840 if (err != ERR_CSW_FAILED) 841 goto error; 842 843 DPRINTF("Device doesn't handle synchronize cache\n"); 844 845 usbd_add_dynamic_quirk(udev, UQ_MSC_NO_SYNC_CACHE); 846 } else { 847 848 /* 849 * Certain Kingston memory sticks fail the first 850 * read capacity after a synchronize cache command 851 * has been issued. Disable the synchronize cache 852 * command for such devices. 853 */ 854 855 err = bbb_command_start(sc, DIR_IN, 0, sc->buffer, 8, 856 &scsi_read_capacity, sizeof(scsi_read_capacity), 857 USB_MS_HZ); 858 859 if (err != 0) { 860 if (err != ERR_CSW_FAILED) 861 goto error; 862 863 err = bbb_command_start(sc, DIR_IN, 0, sc->buffer, 8, 864 &scsi_read_capacity, sizeof(scsi_read_capacity), 865 USB_MS_HZ); 866 867 if (err == 0) { 868 if (timeout--) 869 goto retry_sync_cache; 870 871 DPRINTF("Device most likely doesn't " 872 "handle synchronize cache\n"); 873 874 usbd_add_dynamic_quirk(udev, 875 UQ_MSC_NO_SYNC_CACHE); 876 } else { 877 if (err != ERR_CSW_FAILED) 878 goto error; 879 } 880 } 881 } 882 883 /* clear sense status of any failed commands on the device */ 884 885 err = bbb_command_start(sc, DIR_IN, 0, sc->buffer, 886 SCSI_INQ_LEN, &scsi_inquiry, sizeof(scsi_inquiry), 887 USB_MS_HZ); 888 889 DPRINTF("Inquiry = %d\n", err); 890 891 if (err != 0) { 892 893 if (err != ERR_CSW_FAILED) 894 goto error; 895 } 896 897 err = bbb_command_start(sc, DIR_IN, 0, sc->buffer, 898 SCSI_SENSE_LEN, &scsi_request_sense, 899 sizeof(scsi_request_sense), USB_MS_HZ); 900 901 DPRINTF("Request sense = %d\n", err); 902 903 if (err != 0) { 904 905 if (err != ERR_CSW_FAILED) 906 goto error; 907 } 908 909done: 910 bbb_detach(sc); 911 return (0); 912 913error: 914 bbb_detach(sc); 915 916 DPRINTF("Device did not respond, enabling all quirks\n"); 917 918 usbd_add_dynamic_quirk(udev, UQ_MSC_NO_SYNC_CACHE); 919 usbd_add_dynamic_quirk(udev, UQ_MSC_NO_PREVENT_ALLOW); 920 usbd_add_dynamic_quirk(udev, UQ_MSC_NO_TEST_UNIT_READY); 921 922 /* Need to re-enumerate the device */ 923 usbd_req_re_enumerate(udev, NULL); 924 925 return (USB_ERR_STALLED); 926} 927 928usb_error_t 929usb_msc_eject(struct usb_device *udev, uint8_t iface_index, int method) 930{ 931 struct bbb_transfer *sc; 932 usb_error_t err; 933 934 sc = bbb_attach(udev, iface_index, UICLASS_MASS); 935 if (sc == NULL) 936 return (USB_ERR_INVAL); 937 938 switch (method) { 939 case MSC_EJECT_STOPUNIT: 940 err = bbb_command_start(sc, DIR_IN, 0, NULL, 0, 941 &scsi_test_unit_ready, sizeof(scsi_test_unit_ready), 942 USB_MS_HZ); 943 DPRINTF("Test unit ready status: %s\n", usbd_errstr(err)); 944 err = bbb_command_start(sc, DIR_IN, 0, NULL, 0, 945 &scsi_start_stop_unit, sizeof(scsi_start_stop_unit), 946 USB_MS_HZ); 947 break; 948 case MSC_EJECT_REZERO: 949 err = bbb_command_start(sc, DIR_IN, 0, NULL, 0, 950 &scsi_rezero_init, sizeof(scsi_rezero_init), 951 USB_MS_HZ); 952 break; 953 case MSC_EJECT_ZTESTOR: 954 err = bbb_command_start(sc, DIR_IN, 0, NULL, 0, 955 &scsi_ztestor_eject, sizeof(scsi_ztestor_eject), 956 USB_MS_HZ); 957 break; 958 case MSC_EJECT_CMOTECH: 959 err = bbb_command_start(sc, DIR_IN, 0, NULL, 0, 960 &scsi_cmotech_eject, sizeof(scsi_cmotech_eject), 961 USB_MS_HZ); 962 break; 963 case MSC_EJECT_HUAWEI: 964 err = bbb_command_start(sc, DIR_IN, 0, NULL, 0, 965 &scsi_huawei_eject, sizeof(scsi_huawei_eject), 966 USB_MS_HZ); 967 break; 968 case MSC_EJECT_HUAWEI2: 969 err = bbb_command_start(sc, DIR_IN, 0, NULL, 0, 970 &scsi_huawei_eject2, sizeof(scsi_huawei_eject2), 971 USB_MS_HZ); 972 break; 973 case MSC_EJECT_TCT: 974 /* 975 * TCTMobile needs DIR_IN flag. To get it, we 976 * supply a dummy data with the command. 977 */ 978 err = bbb_command_start(sc, DIR_IN, 0, sc->buffer, 979 sc->buffer_size, &scsi_tct_eject, 980 sizeof(scsi_tct_eject), USB_MS_HZ); 981 break; 982 default: 983 DPRINTF("Unknown eject method (%d)\n", method); 984 bbb_detach(sc); 985 return (USB_ERR_INVAL); 986 } 987 988 DPRINTF("Eject CD command status: %s\n", usbd_errstr(err)); 989 990 bbb_detach(sc); 991 return (0); 992} 993 994usb_error_t 995usb_dymo_eject(struct usb_device *udev, uint8_t iface_index) 996{ 997 static const uint8_t data[3] = { 0x1b, 0x5a, 0x01 }; 998 struct bbb_transfer *sc; 999 usb_error_t err; 1000 1001 sc = bbb_attach(udev, iface_index, UICLASS_HID); 1002 if (sc == NULL) 1003 return (USB_ERR_INVAL); 1004 err = bbb_raw_write(sc, data, sizeof(data), USB_MS_HZ); 1005 bbb_detach(sc); 1006 return (err); 1007} 1008 1009