1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22#include "qemu/osdep.h"
23#include <libusb.h>
24#include <sys/user.h>
25
26#include "qemu/config-file.h"
27#include "qemu/main-loop.h"
28#include "qemu/option.h"
29#include "hw/sysbus.h"
30#include "hw/usb.h"
31#include "hw/xen/xen-legacy-backend.h"
32#include "monitor/qdev.h"
33#include "qapi/error.h"
34#include "qapi/qmp/qdict.h"
35#include "qapi/qmp/qstring.h"
36
37#include "hw/xen/interface/io/usbif.h"
38
39
40
41
42
43#ifdef USBIF_SHORT_NOT_OK
44
45#define TR(xendev, lvl, fmt, args...) \
46 { \
47 struct timeval tv; \
48 \
49 gettimeofday(&tv, NULL); \
50 xen_pv_printf(xendev, lvl, "%8ld.%06ld xen-usb(%s):" fmt, \
51 tv.tv_sec, tv.tv_usec, __func__, ##args); \
52 }
53#define TR_BUS(xendev, fmt, args...) TR(xendev, 2, fmt, ##args)
54#define TR_REQ(xendev, fmt, args...) TR(xendev, 3, fmt, ##args)
55
56#define USBBACK_MAXPORTS USBIF_PIPE_PORT_MASK
57#define USB_DEV_ADDR_SIZE (USBIF_PIPE_DEV_MASK + 1)
58
59
60struct usbif_ctrlrequest {
61 uint8_t bRequestType;
62 uint8_t bRequest;
63 uint16_t wValue;
64 uint16_t wIndex;
65 uint16_t wLength;
66};
67
68struct usbback_info;
69struct usbback_req;
70
71struct usbback_stub {
72 USBDevice *dev;
73 USBPort port;
74 unsigned int speed;
75 bool attached;
76 QTAILQ_HEAD(, usbback_req) submit_q;
77};
78
79struct usbback_req {
80 struct usbback_info *usbif;
81 struct usbback_stub *stub;
82 struct usbif_urb_request req;
83 USBPacket packet;
84
85 unsigned int nr_buffer_segs;
86 unsigned int nr_extra_segs;
87
88 QTAILQ_ENTRY(usbback_req) q;
89
90 void *buffer;
91 void *isoc_buffer;
92 struct libusb_transfer *xfer;
93
94 bool cancelled;
95};
96
97struct usbback_hotplug {
98 QSIMPLEQ_ENTRY(usbback_hotplug) q;
99 unsigned port;
100};
101
102struct usbback_info {
103 struct XenLegacyDevice xendev;
104 USBBus bus;
105 void *urb_sring;
106 void *conn_sring;
107 struct usbif_urb_back_ring urb_ring;
108 struct usbif_conn_back_ring conn_ring;
109 int num_ports;
110 int usb_ver;
111 bool ring_error;
112 QTAILQ_HEAD(, usbback_req) req_free_q;
113 QSIMPLEQ_HEAD(, usbback_hotplug) hotplug_q;
114 struct usbback_stub ports[USBBACK_MAXPORTS];
115 struct usbback_stub *addr_table[USB_DEV_ADDR_SIZE];
116 QEMUBH *bh;
117};
118
119static struct usbback_req *usbback_get_req(struct usbback_info *usbif)
120{
121 struct usbback_req *usbback_req;
122
123 if (QTAILQ_EMPTY(&usbif->req_free_q)) {
124 usbback_req = g_new0(struct usbback_req, 1);
125 } else {
126 usbback_req = QTAILQ_FIRST(&usbif->req_free_q);
127 QTAILQ_REMOVE(&usbif->req_free_q, usbback_req, q);
128 }
129 return usbback_req;
130}
131
132static void usbback_put_req(struct usbback_req *usbback_req)
133{
134 struct usbback_info *usbif;
135
136 usbif = usbback_req->usbif;
137 memset(usbback_req, 0, sizeof(*usbback_req));
138 QTAILQ_INSERT_HEAD(&usbif->req_free_q, usbback_req, q);
139}
140
141static int usbback_gnttab_map(struct usbback_req *usbback_req)
142{
143 unsigned int nr_segs, i, prot;
144 uint32_t ref[USBIF_MAX_SEGMENTS_PER_REQUEST];
145 struct usbback_info *usbif = usbback_req->usbif;
146 struct XenLegacyDevice *xendev = &usbif->xendev;
147 struct usbif_request_segment *seg;
148 void *addr;
149
150 nr_segs = usbback_req->nr_buffer_segs + usbback_req->nr_extra_segs;
151 if (!nr_segs) {
152 return 0;
153 }
154
155 if (nr_segs > USBIF_MAX_SEGMENTS_PER_REQUEST) {
156 xen_pv_printf(xendev, 0, "bad number of segments in request (%d)\n",
157 nr_segs);
158 return -EINVAL;
159 }
160
161 for (i = 0; i < nr_segs; i++) {
162 if ((unsigned)usbback_req->req.seg[i].offset +
163 (unsigned)usbback_req->req.seg[i].length > XC_PAGE_SIZE) {
164 xen_pv_printf(xendev, 0, "segment crosses page boundary\n");
165 return -EINVAL;
166 }
167 }
168
169 if (usbback_req->nr_buffer_segs) {
170 prot = PROT_READ;
171 if (usbif_pipein(usbback_req->req.pipe)) {
172 prot |= PROT_WRITE;
173 }
174 for (i = 0; i < usbback_req->nr_buffer_segs; i++) {
175 ref[i] = usbback_req->req.seg[i].gref;
176 }
177 usbback_req->buffer =
178 xen_be_map_grant_refs(xendev, ref, usbback_req->nr_buffer_segs,
179 prot);
180
181 if (!usbback_req->buffer) {
182 return -ENOMEM;
183 }
184
185 for (i = 0; i < usbback_req->nr_buffer_segs; i++) {
186 seg = usbback_req->req.seg + i;
187 addr = usbback_req->buffer + i * XC_PAGE_SIZE + seg->offset;
188 qemu_iovec_add(&usbback_req->packet.iov, addr, seg->length);
189 }
190 }
191
192 if (!usbif_pipeisoc(usbback_req->req.pipe)) {
193 return 0;
194 }
195
196
197
198
199
200
201
202 if (!usbback_req->nr_extra_segs) {
203 xen_pv_printf(xendev, 0, "iso request without descriptor segments\n");
204 return -EINVAL;
205 }
206
207 prot = PROT_READ | PROT_WRITE;
208 for (i = 0; i < usbback_req->nr_extra_segs; i++) {
209 ref[i] = usbback_req->req.seg[i + usbback_req->req.nr_buffer_segs].gref;
210 }
211 usbback_req->isoc_buffer =
212 xen_be_map_grant_refs(xendev, ref, usbback_req->nr_extra_segs,
213 prot);
214
215 if (!usbback_req->isoc_buffer) {
216 return -ENOMEM;
217 }
218
219 return 0;
220}
221
222static int usbback_init_packet(struct usbback_req *usbback_req)
223{
224 struct XenLegacyDevice *xendev = &usbback_req->usbif->xendev;
225 USBPacket *packet = &usbback_req->packet;
226 USBDevice *dev = usbback_req->stub->dev;
227 USBEndpoint *ep;
228 unsigned int pid, ep_nr;
229 bool sok;
230 int ret = 0;
231
232 qemu_iovec_init(&packet->iov, USBIF_MAX_SEGMENTS_PER_REQUEST);
233 pid = usbif_pipein(usbback_req->req.pipe) ? USB_TOKEN_IN : USB_TOKEN_OUT;
234 ep_nr = usbif_pipeendpoint(usbback_req->req.pipe);
235 sok = !!(usbback_req->req.transfer_flags & USBIF_SHORT_NOT_OK);
236 if (usbif_pipectrl(usbback_req->req.pipe)) {
237 ep_nr = 0;
238 sok = false;
239 }
240 ep = usb_ep_get(dev, pid, ep_nr);
241 usb_packet_setup(packet, pid, ep, 0, 1, sok, true);
242
243 switch (usbif_pipetype(usbback_req->req.pipe)) {
244 case USBIF_PIPE_TYPE_ISOC:
245 TR_REQ(xendev, "iso transfer %s: buflen: %x, %d frames\n",
246 (pid == USB_TOKEN_IN) ? "in" : "out",
247 usbback_req->req.buffer_length,
248 usbback_req->req.u.isoc.nr_frame_desc_segs);
249 ret = -EINVAL;
250 break;
251
252 case USBIF_PIPE_TYPE_INT:
253 TR_REQ(xendev, "int transfer %s: buflen: %x\n",
254 (pid == USB_TOKEN_IN) ? "in" : "out",
255 usbback_req->req.buffer_length);
256 break;
257
258 case USBIF_PIPE_TYPE_CTRL:
259 packet->parameter = *(uint64_t *)usbback_req->req.u.ctrl;
260 TR_REQ(xendev, "ctrl parameter: %"PRIx64", buflen: %x\n",
261 packet->parameter,
262 usbback_req->req.buffer_length);
263 break;
264
265 case USBIF_PIPE_TYPE_BULK:
266 TR_REQ(xendev, "bulk transfer %s: buflen: %x\n",
267 (pid == USB_TOKEN_IN) ? "in" : "out",
268 usbback_req->req.buffer_length);
269 break;
270 default:
271 ret = -EINVAL;
272 break;
273 }
274
275 return ret;
276}
277
278static void usbback_do_response(struct usbback_req *usbback_req, int32_t status,
279 int32_t actual_length, int32_t error_count)
280{
281 struct usbback_info *usbif;
282 struct usbif_urb_response *res;
283 struct XenLegacyDevice *xendev;
284 unsigned int notify;
285
286 usbif = usbback_req->usbif;
287 xendev = &usbif->xendev;
288
289 TR_REQ(xendev, "id %d, status %d, length %d, errcnt %d\n",
290 usbback_req->req.id, status, actual_length, error_count);
291
292 if (usbback_req->packet.iov.iov) {
293 qemu_iovec_destroy(&usbback_req->packet.iov);
294 }
295
296 if (usbback_req->buffer) {
297 xen_be_unmap_grant_refs(xendev, usbback_req->buffer,
298 usbback_req->nr_buffer_segs);
299 usbback_req->buffer = NULL;
300 }
301
302 if (usbback_req->isoc_buffer) {
303 xen_be_unmap_grant_refs(xendev, usbback_req->isoc_buffer,
304 usbback_req->nr_extra_segs);
305 usbback_req->isoc_buffer = NULL;
306 }
307
308 if (usbif->urb_sring) {
309 res = RING_GET_RESPONSE(&usbif->urb_ring, usbif->urb_ring.rsp_prod_pvt);
310 res->id = usbback_req->req.id;
311 res->status = status;
312 res->actual_length = actual_length;
313 res->error_count = error_count;
314 res->start_frame = 0;
315 usbif->urb_ring.rsp_prod_pvt++;
316 RING_PUSH_RESPONSES_AND_CHECK_NOTIFY(&usbif->urb_ring, notify);
317
318 if (notify) {
319 xen_pv_send_notify(xendev);
320 }
321 }
322
323 if (!usbback_req->cancelled)
324 usbback_put_req(usbback_req);
325}
326
327static void usbback_do_response_ret(struct usbback_req *usbback_req,
328 int32_t status)
329{
330 usbback_do_response(usbback_req, status, 0, 0);
331}
332
333static int32_t usbback_xlat_status(int status)
334{
335 switch (status) {
336 case USB_RET_SUCCESS:
337 return 0;
338 case USB_RET_NODEV:
339 return -ENODEV;
340 case USB_RET_STALL:
341 return -EPIPE;
342 case USB_RET_BABBLE:
343 return -EOVERFLOW;
344 case USB_RET_IOERROR:
345 return -EPROTO;
346 }
347
348 return -ESHUTDOWN;
349}
350
351static void usbback_packet_complete(struct usbback_req *usbback_req)
352{
353 USBPacket *packet = &usbback_req->packet;
354 int32_t status;
355
356 QTAILQ_REMOVE(&usbback_req->stub->submit_q, usbback_req, q);
357
358 status = usbback_xlat_status(packet->status);
359 usbback_do_response(usbback_req, status, packet->actual_length, 0);
360}
361
362static void usbback_set_address(struct usbback_info *usbif,
363 struct usbback_stub *stub,
364 unsigned int cur_addr, unsigned int new_addr)
365{
366 if (cur_addr) {
367 usbif->addr_table[cur_addr] = NULL;
368 }
369 if (new_addr) {
370 usbif->addr_table[new_addr] = stub;
371 }
372}
373
374static void usbback_cancel_req(struct usbback_req *usbback_req)
375{
376 if (usb_packet_is_inflight(&usbback_req->packet)) {
377 usb_cancel_packet(&usbback_req->packet);
378 QTAILQ_REMOVE(&usbback_req->stub->submit_q, usbback_req, q);
379 usbback_req->cancelled = true;
380 usbback_do_response_ret(usbback_req, -EPROTO);
381 }
382}
383
384static void usbback_process_unlink_req(struct usbback_req *usbback_req)
385{
386 struct usbback_info *usbif;
387 struct usbback_req *unlink_req;
388 unsigned int id, devnum;
389 int ret;
390
391 usbif = usbback_req->usbif;
392 ret = 0;
393 id = usbback_req->req.u.unlink.unlink_id;
394 TR_REQ(&usbif->xendev, "unlink id %d\n", id);
395 devnum = usbif_pipedevice(usbback_req->req.pipe);
396 if (unlikely(devnum == 0)) {
397 usbback_req->stub = usbif->ports +
398 usbif_pipeportnum(usbback_req->req.pipe) - 1;
399 if (unlikely(!usbback_req->stub)) {
400 ret = -ENODEV;
401 goto fail_response;
402 }
403 } else {
404 if (unlikely(!usbif->addr_table[devnum])) {
405 ret = -ENODEV;
406 goto fail_response;
407 }
408 usbback_req->stub = usbif->addr_table[devnum];
409 }
410
411 QTAILQ_FOREACH(unlink_req, &usbback_req->stub->submit_q, q) {
412 if (unlink_req->req.id == id) {
413 usbback_cancel_req(unlink_req);
414 break;
415 }
416 }
417
418fail_response:
419 usbback_do_response_ret(usbback_req, ret);
420}
421
422
423
424
425
426
427
428
429
430static int usbback_check_and_submit(struct usbback_req *usbback_req)
431{
432 struct usbback_info *usbif;
433 unsigned int devnum;
434 struct usbback_stub *stub;
435 struct usbif_ctrlrequest *ctrl;
436 int ret;
437 uint16_t wValue;
438
439 usbif = usbback_req->usbif;
440 stub = NULL;
441 devnum = usbif_pipedevice(usbback_req->req.pipe);
442 ctrl = (struct usbif_ctrlrequest *)usbback_req->req.u.ctrl;
443 wValue = le16_to_cpu(ctrl->wValue);
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458 if (unlikely(devnum == 0)) {
459 stub = usbif->ports + usbif_pipeportnum(usbback_req->req.pipe) - 1;
460 if (!stub->dev || !stub->attached) {
461 ret = -ENODEV;
462 goto do_response;
463 }
464
465 switch (ctrl->bRequest) {
466 case USB_REQ_GET_DESCRIPTOR:
467
468
469
470
471 TR_REQ(&usbif->xendev, "devnum 0 GET_DESCRIPTOR\n");
472 usbback_req->stub = stub;
473 return 0;
474 case USB_REQ_SET_ADDRESS:
475
476
477
478
479 TR_REQ(&usbif->xendev, "devnum 0 SET_ADDRESS\n");
480 usbback_set_address(usbif, stub, 0, wValue);
481 ret = 0;
482 break;
483 default:
484 ret = -EINVAL;
485 break;
486 }
487 goto do_response;
488 }
489
490 if (unlikely(!usbif->addr_table[devnum])) {
491 ret = -ENODEV;
492 goto do_response;
493 }
494 usbback_req->stub = usbif->addr_table[devnum];
495
496
497
498
499 if (ctrl->bRequest != USB_REQ_SET_ADDRESS) {
500 return 0;
501 }
502
503
504
505
506
507 usbback_set_address(usbif, usbback_req->stub, devnum, wValue);
508 ret = 0;
509
510do_response:
511 usbback_do_response_ret(usbback_req, ret);
512 return 1;
513}
514
515static void usbback_dispatch(struct usbback_req *usbback_req)
516{
517 int ret;
518 unsigned int devnum;
519 struct usbback_info *usbif;
520
521 usbif = usbback_req->usbif;
522
523 TR_REQ(&usbif->xendev, "start req_id %d pipe %08x\n", usbback_req->req.id,
524 usbback_req->req.pipe);
525
526
527 if (unlikely(usbif_pipeunlink(usbback_req->req.pipe))) {
528 usbback_process_unlink_req(usbback_req);
529 return;
530 }
531
532 if (usbif_pipectrl(usbback_req->req.pipe)) {
533 if (usbback_check_and_submit(usbback_req)) {
534 return;
535 }
536 } else {
537 devnum = usbif_pipedevice(usbback_req->req.pipe);
538 usbback_req->stub = usbif->addr_table[devnum];
539
540 if (!usbback_req->stub || !usbback_req->stub->attached) {
541 ret = -ENODEV;
542 goto fail_response;
543 }
544 }
545
546 QTAILQ_INSERT_TAIL(&usbback_req->stub->submit_q, usbback_req, q);
547
548 usbback_req->nr_buffer_segs = usbback_req->req.nr_buffer_segs;
549 usbback_req->nr_extra_segs = usbif_pipeisoc(usbback_req->req.pipe) ?
550 usbback_req->req.u.isoc.nr_frame_desc_segs : 0;
551
552 ret = usbback_init_packet(usbback_req);
553 if (ret) {
554 xen_pv_printf(&usbif->xendev, 0, "invalid request\n");
555 ret = -ESHUTDOWN;
556 goto fail_free_urb;
557 }
558
559 ret = usbback_gnttab_map(usbback_req);
560 if (ret) {
561 xen_pv_printf(&usbif->xendev, 0, "invalid buffer, ret=%d\n", ret);
562 ret = -ESHUTDOWN;
563 goto fail_free_urb;
564 }
565
566 usb_handle_packet(usbback_req->stub->dev, &usbback_req->packet);
567 if (usbback_req->packet.status != USB_RET_ASYNC) {
568 usbback_packet_complete(usbback_req);
569 }
570 return;
571
572fail_free_urb:
573 QTAILQ_REMOVE(&usbback_req->stub->submit_q, usbback_req, q);
574
575fail_response:
576 usbback_do_response_ret(usbback_req, ret);
577}
578
579static void usbback_hotplug_notify(struct usbback_info *usbif)
580{
581 struct usbif_conn_back_ring *ring = &usbif->conn_ring;
582 struct usbif_conn_request req;
583 struct usbif_conn_response *res;
584 struct usbback_hotplug *usb_hp;
585 unsigned int notify;
586
587 if (!usbif->conn_sring) {
588 return;
589 }
590
591
592 if ((RING_SIZE(ring) - ring->rsp_prod_pvt - ring->req_cons) == 0) {
593 xen_pv_send_notify(&usbif->xendev);
594 return;
595 }
596
597 usb_hp = QSIMPLEQ_FIRST(&usbif->hotplug_q);
598 QSIMPLEQ_REMOVE_HEAD(&usbif->hotplug_q, q);
599
600 RING_COPY_REQUEST(ring, ring->req_cons, &req);
601 ring->req_cons++;
602 ring->sring->req_event = ring->req_cons + 1;
603
604 res = RING_GET_RESPONSE(ring, ring->rsp_prod_pvt);
605 res->id = req.id;
606 res->portnum = usb_hp->port;
607 res->speed = usbif->ports[usb_hp->port - 1].speed;
608 ring->rsp_prod_pvt++;
609 RING_PUSH_RESPONSES_AND_CHECK_NOTIFY(ring, notify);
610
611 if (notify) {
612 xen_pv_send_notify(&usbif->xendev);
613 }
614
615 TR_BUS(&usbif->xendev, "hotplug port %d speed %d\n", usb_hp->port,
616 res->speed);
617
618 g_free(usb_hp);
619
620 if (!QSIMPLEQ_EMPTY(&usbif->hotplug_q)) {
621 qemu_bh_schedule(usbif->bh);
622 }
623}
624
625static void usbback_bh(void *opaque)
626{
627 struct usbback_info *usbif;
628 struct usbif_urb_back_ring *urb_ring;
629 struct usbback_req *usbback_req;
630 RING_IDX rc, rp;
631 unsigned int more_to_do;
632
633 usbif = opaque;
634 if (usbif->ring_error) {
635 return;
636 }
637
638 if (!QSIMPLEQ_EMPTY(&usbif->hotplug_q)) {
639 usbback_hotplug_notify(usbif);
640 }
641
642 urb_ring = &usbif->urb_ring;
643 rc = urb_ring->req_cons;
644 rp = urb_ring->sring->req_prod;
645 xen_rmb();
646
647 if (RING_REQUEST_PROD_OVERFLOW(urb_ring, rp)) {
648 rc = urb_ring->rsp_prod_pvt;
649 xen_pv_printf(&usbif->xendev, 0, "domU provided bogus ring requests "
650 "(%#x - %#x = %u). Halting ring processing.\n",
651 rp, rc, rp - rc);
652 usbif->ring_error = true;
653 return;
654 }
655
656 while (rc != rp) {
657 if (RING_REQUEST_CONS_OVERFLOW(urb_ring, rc)) {
658 break;
659 }
660 usbback_req = usbback_get_req(usbif);
661
662 RING_COPY_REQUEST(urb_ring, rc, &usbback_req->req);
663 usbback_req->usbif = usbif;
664
665 usbback_dispatch(usbback_req);
666
667 urb_ring->req_cons = ++rc;
668 }
669
670 RING_FINAL_CHECK_FOR_REQUESTS(urb_ring, more_to_do);
671 if (more_to_do) {
672 qemu_bh_schedule(usbif->bh);
673 }
674}
675
676static void usbback_hotplug_enq(struct usbback_info *usbif, unsigned port)
677{
678 struct usbback_hotplug *usb_hp;
679
680 usb_hp = g_new0(struct usbback_hotplug, 1);
681 usb_hp->port = port;
682 QSIMPLEQ_INSERT_TAIL(&usbif->hotplug_q, usb_hp, q);
683 usbback_hotplug_notify(usbif);
684}
685
686static void usbback_portid_drain(struct usbback_info *usbif, unsigned port)
687{
688 struct usbback_req *req, *tmp;
689 bool sched = false;
690
691 QTAILQ_FOREACH_SAFE(req, &usbif->ports[port - 1].submit_q, q, tmp) {
692 usbback_cancel_req(req);
693 sched = true;
694 }
695
696 if (sched) {
697 qemu_bh_schedule(usbif->bh);
698 }
699}
700
701static void usbback_portid_detach(struct usbback_info *usbif, unsigned port)
702{
703 if (!usbif->ports[port - 1].attached) {
704 return;
705 }
706
707 usbif->ports[port - 1].speed = USBIF_SPEED_NONE;
708 usbif->ports[port - 1].attached = false;
709 usbback_portid_drain(usbif, port);
710 usbback_hotplug_enq(usbif, port);
711}
712
713static void usbback_portid_remove(struct usbback_info *usbif, unsigned port)
714{
715 if (!usbif->ports[port - 1].dev) {
716 return;
717 }
718
719 object_unparent(OBJECT(usbif->ports[port - 1].dev));
720 usbif->ports[port - 1].dev = NULL;
721 usbback_portid_detach(usbif, port);
722
723 TR_BUS(&usbif->xendev, "port %d removed\n", port);
724}
725
726static void usbback_portid_add(struct usbback_info *usbif, unsigned port,
727 char *busid)
728{
729 unsigned speed;
730 char *portname;
731 Error *local_err = NULL;
732 QDict *qdict;
733 QemuOpts *opts;
734 char *tmp;
735
736 if (usbif->ports[port - 1].dev) {
737 return;
738 }
739
740 portname = strchr(busid, '-');
741 if (!portname) {
742 xen_pv_printf(&usbif->xendev, 0, "device %s illegal specification\n",
743 busid);
744 return;
745 }
746 portname++;
747
748 qdict = qdict_new();
749 qdict_put_str(qdict, "driver", "usb-host");
750 tmp = g_strdup_printf("%s.0", usbif->xendev.qdev.id);
751 qdict_put_str(qdict, "bus", tmp);
752 g_free(tmp);
753 tmp = g_strdup_printf("%s-%u", usbif->xendev.qdev.id, port);
754 qdict_put_str(qdict, "id", tmp);
755 g_free(tmp);
756 qdict_put_int(qdict, "port", port);
757 qdict_put_int(qdict, "hostbus", atoi(busid));
758 qdict_put_str(qdict, "hostport", portname);
759 opts = qemu_opts_from_qdict(qemu_find_opts("device"), qdict,
760 &error_abort);
761 usbif->ports[port - 1].dev = USB_DEVICE(qdev_device_add(opts, &local_err));
762 if (!usbif->ports[port - 1].dev) {
763 qobject_unref(qdict);
764 xen_pv_printf(&usbif->xendev, 0,
765 "device %s could not be opened: %s\n",
766 busid, error_get_pretty(local_err));
767 error_free(local_err);
768 return;
769 }
770 qobject_unref(qdict);
771 speed = usbif->ports[port - 1].dev->speed;
772 switch (speed) {
773 case USB_SPEED_LOW:
774 speed = USBIF_SPEED_LOW;
775 break;
776 case USB_SPEED_FULL:
777 speed = USBIF_SPEED_FULL;
778 break;
779 case USB_SPEED_HIGH:
780 speed = (usbif->usb_ver < USB_VER_USB20) ?
781 USBIF_SPEED_NONE : USBIF_SPEED_HIGH;
782 break;
783 default:
784 speed = USBIF_SPEED_NONE;
785 break;
786 }
787 if (speed == USBIF_SPEED_NONE) {
788 xen_pv_printf(&usbif->xendev, 0, "device %s wrong speed\n", busid);
789 object_unparent(OBJECT(usbif->ports[port - 1].dev));
790 usbif->ports[port - 1].dev = NULL;
791 return;
792 }
793 usb_device_reset(usbif->ports[port - 1].dev);
794 usbif->ports[port - 1].speed = speed;
795 usbif->ports[port - 1].attached = true;
796 QTAILQ_INIT(&usbif->ports[port - 1].submit_q);
797 usbback_hotplug_enq(usbif, port);
798
799 TR_BUS(&usbif->xendev, "port %d attached\n", port);
800}
801
802static void usbback_process_port(struct usbback_info *usbif, unsigned port)
803{
804 char node[8];
805 char *busid;
806
807 snprintf(node, sizeof(node), "port/%d", port);
808 busid = xenstore_read_be_str(&usbif->xendev, node);
809 if (busid == NULL) {
810 xen_pv_printf(&usbif->xendev, 0, "xenstore_read %s failed\n", node);
811 return;
812 }
813
814
815 if (strlen(busid) == 0) {
816 usbback_portid_remove(usbif, port);
817 } else {
818 usbback_portid_add(usbif, port, busid);
819 }
820
821 g_free(busid);
822}
823
824static void usbback_disconnect(struct XenLegacyDevice *xendev)
825{
826 struct usbback_info *usbif;
827 unsigned int i;
828
829 TR_BUS(xendev, "start\n");
830
831 usbif = container_of(xendev, struct usbback_info, xendev);
832
833 xen_pv_unbind_evtchn(xendev);
834
835 if (usbif->urb_sring) {
836 xen_be_unmap_grant_ref(xendev, usbif->urb_sring);
837 usbif->urb_sring = NULL;
838 }
839 if (usbif->conn_sring) {
840 xen_be_unmap_grant_ref(xendev, usbif->conn_sring);
841 usbif->conn_sring = NULL;
842 }
843
844 for (i = 0; i < usbif->num_ports; i++) {
845 if (usbif->ports[i].dev) {
846 usbback_portid_drain(usbif, i + 1);
847 }
848 }
849
850 TR_BUS(xendev, "finished\n");
851}
852
853static int usbback_connect(struct XenLegacyDevice *xendev)
854{
855 struct usbback_info *usbif;
856 struct usbif_urb_sring *urb_sring;
857 struct usbif_conn_sring *conn_sring;
858 int urb_ring_ref;
859 int conn_ring_ref;
860 unsigned int i, max_grants;
861
862 TR_BUS(xendev, "start\n");
863
864
865 max_grants = USBIF_MAX_SEGMENTS_PER_REQUEST * USB_URB_RING_SIZE + 2;
866 xen_be_set_max_grant_refs(xendev, max_grants);
867
868 usbif = container_of(xendev, struct usbback_info, xendev);
869
870 if (xenstore_read_fe_int(xendev, "urb-ring-ref", &urb_ring_ref)) {
871 xen_pv_printf(xendev, 0, "error reading urb-ring-ref\n");
872 return -1;
873 }
874 if (xenstore_read_fe_int(xendev, "conn-ring-ref", &conn_ring_ref)) {
875 xen_pv_printf(xendev, 0, "error reading conn-ring-ref\n");
876 return -1;
877 }
878 if (xenstore_read_fe_int(xendev, "event-channel", &xendev->remote_port)) {
879 xen_pv_printf(xendev, 0, "error reading event-channel\n");
880 return -1;
881 }
882
883 usbif->urb_sring = xen_be_map_grant_ref(xendev, urb_ring_ref,
884 PROT_READ | PROT_WRITE);
885 usbif->conn_sring = xen_be_map_grant_ref(xendev, conn_ring_ref,
886 PROT_READ | PROT_WRITE);
887 if (!usbif->urb_sring || !usbif->conn_sring) {
888 xen_pv_printf(xendev, 0, "error mapping rings\n");
889 usbback_disconnect(xendev);
890 return -1;
891 }
892
893 urb_sring = usbif->urb_sring;
894 conn_sring = usbif->conn_sring;
895 BACK_RING_INIT(&usbif->urb_ring, urb_sring, XC_PAGE_SIZE);
896 BACK_RING_INIT(&usbif->conn_ring, conn_sring, XC_PAGE_SIZE);
897
898 xen_be_bind_evtchn(xendev);
899
900 xen_pv_printf(xendev, 1, "urb-ring-ref %d, conn-ring-ref %d, "
901 "remote port %d, local port %d\n", urb_ring_ref,
902 conn_ring_ref, xendev->remote_port, xendev->local_port);
903
904 for (i = 1; i <= usbif->num_ports; i++) {
905 if (usbif->ports[i - 1].dev) {
906 usbback_hotplug_enq(usbif, i);
907 }
908 }
909
910 return 0;
911}
912
913static void usbback_backend_changed(struct XenLegacyDevice *xendev,
914 const char *node)
915{
916 struct usbback_info *usbif;
917 unsigned int i;
918
919 TR_BUS(xendev, "path %s\n", node);
920
921 usbif = container_of(xendev, struct usbback_info, xendev);
922 for (i = 1; i <= usbif->num_ports; i++) {
923 usbback_process_port(usbif, i);
924 }
925}
926
927static int usbback_init(struct XenLegacyDevice *xendev)
928{
929 struct usbback_info *usbif;
930
931 TR_BUS(xendev, "start\n");
932
933 usbif = container_of(xendev, struct usbback_info, xendev);
934
935 if (xenstore_read_be_int(xendev, "num-ports", &usbif->num_ports) ||
936 usbif->num_ports < 1 || usbif->num_ports > USBBACK_MAXPORTS) {
937 xen_pv_printf(xendev, 0, "num-ports not readable or out of bounds\n");
938 return -1;
939 }
940 if (xenstore_read_be_int(xendev, "usb-ver", &usbif->usb_ver) ||
941 (usbif->usb_ver != USB_VER_USB11 && usbif->usb_ver != USB_VER_USB20)) {
942 xen_pv_printf(xendev, 0, "usb-ver not readable or out of bounds\n");
943 return -1;
944 }
945
946 usbback_backend_changed(xendev, "port");
947
948 TR_BUS(xendev, "finished\n");
949
950 return 0;
951}
952
953static void xen_bus_attach(USBPort *port)
954{
955 struct usbback_info *usbif;
956
957 usbif = port->opaque;
958 TR_BUS(&usbif->xendev, "\n");
959 usbif->ports[port->index].attached = true;
960 usbback_hotplug_enq(usbif, port->index + 1);
961}
962
963static void xen_bus_detach(USBPort *port)
964{
965 struct usbback_info *usbif;
966
967 usbif = port->opaque;
968 TR_BUS(&usbif->xendev, "\n");
969 usbback_portid_detach(usbif, port->index + 1);
970}
971
972static void xen_bus_child_detach(USBPort *port, USBDevice *child)
973{
974 struct usbback_info *usbif;
975
976 usbif = port->opaque;
977 TR_BUS(&usbif->xendev, "\n");
978}
979
980static void xen_bus_complete(USBPort *port, USBPacket *packet)
981{
982 struct usbback_req *usbback_req;
983 struct usbback_info *usbif;
984
985 usbback_req = container_of(packet, struct usbback_req, packet);
986 if (usbback_req->cancelled) {
987 g_free(usbback_req);
988 return;
989 }
990
991 usbif = usbback_req->usbif;
992 TR_REQ(&usbif->xendev, "\n");
993 usbback_packet_complete(usbback_req);
994}
995
996static USBPortOps xen_usb_port_ops = {
997 .attach = xen_bus_attach,
998 .detach = xen_bus_detach,
999 .child_detach = xen_bus_child_detach,
1000 .complete = xen_bus_complete,
1001};
1002
1003static USBBusOps xen_usb_bus_ops = {
1004};
1005
1006static void usbback_alloc(struct XenLegacyDevice *xendev)
1007{
1008 struct usbback_info *usbif;
1009 USBPort *p;
1010 unsigned int i;
1011
1012 usbif = container_of(xendev, struct usbback_info, xendev);
1013
1014 usb_bus_new(&usbif->bus, sizeof(usbif->bus), &xen_usb_bus_ops,
1015 DEVICE(&xendev->qdev));
1016 for (i = 0; i < USBBACK_MAXPORTS; i++) {
1017 p = &(usbif->ports[i].port);
1018 usb_register_port(&usbif->bus, p, usbif, i, &xen_usb_port_ops,
1019 USB_SPEED_MASK_LOW | USB_SPEED_MASK_FULL |
1020 USB_SPEED_MASK_HIGH);
1021 }
1022
1023 QTAILQ_INIT(&usbif->req_free_q);
1024 QSIMPLEQ_INIT(&usbif->hotplug_q);
1025 usbif->bh = qemu_bh_new(usbback_bh, usbif);
1026}
1027
1028static int usbback_free(struct XenLegacyDevice *xendev)
1029{
1030 struct usbback_info *usbif;
1031 struct usbback_req *usbback_req;
1032 struct usbback_hotplug *usb_hp;
1033 unsigned int i;
1034
1035 TR_BUS(xendev, "start\n");
1036
1037 usbback_disconnect(xendev);
1038 usbif = container_of(xendev, struct usbback_info, xendev);
1039 for (i = 1; i <= usbif->num_ports; i++) {
1040 usbback_portid_remove(usbif, i);
1041 }
1042
1043 while (!QTAILQ_EMPTY(&usbif->req_free_q)) {
1044 usbback_req = QTAILQ_FIRST(&usbif->req_free_q);
1045 QTAILQ_REMOVE(&usbif->req_free_q, usbback_req, q);
1046 g_free(usbback_req);
1047 }
1048 while (!QSIMPLEQ_EMPTY(&usbif->hotplug_q)) {
1049 usb_hp = QSIMPLEQ_FIRST(&usbif->hotplug_q);
1050 QSIMPLEQ_REMOVE_HEAD(&usbif->hotplug_q, q);
1051 g_free(usb_hp);
1052 }
1053
1054 qemu_bh_delete(usbif->bh);
1055
1056 for (i = 0; i < USBBACK_MAXPORTS; i++) {
1057 usb_unregister_port(&usbif->bus, &(usbif->ports[i].port));
1058 }
1059
1060 usb_bus_release(&usbif->bus);
1061
1062 TR_BUS(xendev, "finished\n");
1063
1064 return 0;
1065}
1066
1067static void usbback_event(struct XenLegacyDevice *xendev)
1068{
1069 struct usbback_info *usbif;
1070
1071 usbif = container_of(xendev, struct usbback_info, xendev);
1072 qemu_bh_schedule(usbif->bh);
1073}
1074
1075struct XenDevOps xen_usb_ops = {
1076 .size = sizeof(struct usbback_info),
1077 .flags = DEVOPS_FLAG_NEED_GNTDEV,
1078 .init = usbback_init,
1079 .alloc = usbback_alloc,
1080 .free = usbback_free,
1081 .backend_changed = usbback_backend_changed,
1082 .initialise = usbback_connect,
1083 .disconnect = usbback_disconnect,
1084 .event = usbback_event,
1085};
1086
1087#else
1088
1089static int usbback_not_supported(void)
1090{
1091 return -EINVAL;
1092}
1093
1094struct XenDevOps xen_usb_ops = {
1095 .backend_register = usbback_not_supported,
1096};
1097
1098#endif
1099