Home | History | Annotate | Download | only in qemu
      1 /*
      2  * Linux host USB redirector
      3  *
      4  * Copyright (c) 2005 Fabrice Bellard
      5  *
      6  * Copyright (c) 2008 Max Krasnyansky
      7  *      Support for host device auto connect & disconnect
      8  *      Major rewrite to support fully async operation
      9  *
     10  * Copyright 2008 TJ <linux (at) tjworld.net>
     11  *      Added flexible support for /dev/bus/usb /sys/bus/usb/devices in addition
     12  *      to the legacy /proc/bus/usb USB device discovery and handling
     13  *
     14  * Permission is hereby granted, free of charge, to any person obtaining a copy
     15  * of this software and associated documentation files (the "Software"), to deal
     16  * in the Software without restriction, including without limitation the rights
     17  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
     18  * copies of the Software, and to permit persons to whom the Software is
     19  * furnished to do so, subject to the following conditions:
     20  *
     21  * The above copyright notice and this permission notice shall be included in
     22  * all copies or substantial portions of the Software.
     23  *
     24  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
     25  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
     26  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
     27  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
     28  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
     29  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
     30  * THE SOFTWARE.
     31  */
     32 
     33 #include "qemu-common.h"
     34 #include "qemu-timer.h"
     35 #include "monitor.h"
     36 
     37 #include <dirent.h>
     38 #include <sys/ioctl.h>
     39 #include <signal.h>
     40 
     41 #include <linux/usbdevice_fs.h>
     42 #include <linux/version.h>
     43 #include "hw/usb.h"
     44 
     45 /* We redefine it to avoid version problems */
     46 struct usb_ctrltransfer {
     47     uint8_t  bRequestType;
     48     uint8_t  bRequest;
     49     uint16_t wValue;
     50     uint16_t wIndex;
     51     uint16_t wLength;
     52     uint32_t timeout;
     53     void *data;
     54 };
     55 
     56 struct usb_ctrlrequest {
     57     uint8_t bRequestType;
     58     uint8_t bRequest;
     59     uint16_t wValue;
     60     uint16_t wIndex;
     61     uint16_t wLength;
     62 };
     63 
     64 typedef int USBScanFunc(void *opaque, int bus_num, int addr, int class_id,
     65                         int vendor_id, int product_id,
     66                         const char *product_name, int speed);
     67 static int usb_host_find_device(int *pbus_num, int *paddr,
     68                                 char *product_name, int product_name_size,
     69                                 const char *devname);
     70 //#define DEBUG
     71 
     72 #ifdef DEBUG
     73 #define dprintf printf
     74 #else
     75 #define dprintf(...)
     76 #endif
     77 
     78 #define USBDBG_DEVOPENED "husb: opened %s/devices\n"
     79 
     80 #define USBPROCBUS_PATH "/proc/bus/usb"
     81 #define PRODUCT_NAME_SZ 32
     82 #define MAX_ENDPOINTS 16
     83 #define USBDEVBUS_PATH "/dev/bus/usb"
     84 #define USBSYSBUS_PATH "/sys/bus/usb"
     85 
     86 static char *usb_host_device_path;
     87 
     88 #define USB_FS_NONE 0
     89 #define USB_FS_PROC 1
     90 #define USB_FS_DEV 2
     91 #define USB_FS_SYS 3
     92 
     93 static int usb_fs_type;
     94 
     95 /* endpoint association data */
     96 struct endp_data {
     97     uint8_t type;
     98     uint8_t halted;
     99 };
    100 
    101 enum {
    102     CTRL_STATE_IDLE = 0,
    103     CTRL_STATE_SETUP,
    104     CTRL_STATE_DATA,
    105     CTRL_STATE_ACK
    106 };
    107 
    108 /*
    109  * Control transfer state.
    110  * Note that 'buffer' _must_ follow 'req' field because
    111  * we need contigious buffer when we submit control URB.
    112  */
    113 struct ctrl_struct {
    114     uint16_t len;
    115     uint16_t offset;
    116     uint8_t  state;
    117     struct   usb_ctrlrequest req;
    118     uint8_t  buffer[1024];
    119 };
    120 
    121 typedef struct USBHostDevice {
    122     USBDevice dev;
    123     int       fd;
    124 
    125     uint8_t   descr[1024];
    126     int       descr_len;
    127     int       configuration;
    128     int       ninterfaces;
    129     int       closing;
    130 
    131     struct ctrl_struct ctrl;
    132     struct endp_data endp_table[MAX_ENDPOINTS];
    133 
    134     /* Host side address */
    135     int bus_num;
    136     int addr;
    137 
    138     struct USBHostDevice *next;
    139 } USBHostDevice;
    140 
    141 static int is_isoc(USBHostDevice *s, int ep)
    142 {
    143     return s->endp_table[ep - 1].type == USBDEVFS_URB_TYPE_ISO;
    144 }
    145 
    146 static int is_halted(USBHostDevice *s, int ep)
    147 {
    148     return s->endp_table[ep - 1].halted;
    149 }
    150 
    151 static void clear_halt(USBHostDevice *s, int ep)
    152 {
    153     s->endp_table[ep - 1].halted = 0;
    154 }
    155 
    156 static void set_halt(USBHostDevice *s, int ep)
    157 {
    158     s->endp_table[ep - 1].halted = 1;
    159 }
    160 
    161 static USBHostDevice *hostdev_list;
    162 
    163 static void hostdev_link(USBHostDevice *dev)
    164 {
    165     dev->next = hostdev_list;
    166     hostdev_list = dev;
    167 }
    168 
    169 static void hostdev_unlink(USBHostDevice *dev)
    170 {
    171     USBHostDevice *pdev = hostdev_list;
    172     USBHostDevice **prev = &hostdev_list;
    173 
    174     while (pdev) {
    175 	if (pdev == dev) {
    176             *prev = dev->next;
    177             return;
    178         }
    179 
    180         prev = &pdev->next;
    181         pdev = pdev->next;
    182     }
    183 }
    184 
    185 static USBHostDevice *hostdev_find(int bus_num, int addr)
    186 {
    187     USBHostDevice *s = hostdev_list;
    188     while (s) {
    189         if (s->bus_num == bus_num && s->addr == addr)
    190             return s;
    191         s = s->next;
    192     }
    193     return NULL;
    194 }
    195 
    196 /*
    197  * Async URB state.
    198  * We always allocate one isoc descriptor even for bulk transfers
    199  * to simplify allocation and casts.
    200  */
    201 typedef struct AsyncURB
    202 {
    203     struct usbdevfs_urb urb;
    204     struct usbdevfs_iso_packet_desc isocpd;
    205 
    206     USBPacket     *packet;
    207     USBHostDevice *hdev;
    208 } AsyncURB;
    209 
    210 static AsyncURB *async_alloc(void)
    211 {
    212     return (AsyncURB *) qemu_mallocz(sizeof(AsyncURB));
    213 }
    214 
    215 static void async_free(AsyncURB *aurb)
    216 {
    217     qemu_free(aurb);
    218 }
    219 
    220 static void async_complete_ctrl(USBHostDevice *s, USBPacket *p)
    221 {
    222     switch(s->ctrl.state) {
    223     case CTRL_STATE_SETUP:
    224         if (p->len < s->ctrl.len)
    225             s->ctrl.len = p->len;
    226         s->ctrl.state = CTRL_STATE_DATA;
    227         p->len = 8;
    228         break;
    229 
    230     case CTRL_STATE_ACK:
    231         s->ctrl.state = CTRL_STATE_IDLE;
    232         p->len = 0;
    233         break;
    234 
    235     default:
    236         break;
    237     }
    238 }
    239 
    240 static void async_complete(void *opaque)
    241 {
    242     USBHostDevice *s = opaque;
    243     AsyncURB *aurb;
    244 
    245     while (1) {
    246     	USBPacket *p;
    247 
    248 	int r = ioctl(s->fd, USBDEVFS_REAPURBNDELAY, &aurb);
    249         if (r < 0) {
    250             if (errno == EAGAIN)
    251                 return;
    252 
    253             if (errno == ENODEV && !s->closing) {
    254                 printf("husb: device %d.%d disconnected\n", s->bus_num, s->addr);
    255 	        usb_device_del_addr(0, s->dev.addr);
    256                 return;
    257             }
    258 
    259             dprintf("husb: async. reap urb failed errno %d\n", errno);
    260             return;
    261         }
    262 
    263         p = aurb->packet;
    264 
    265 	dprintf("husb: async completed. aurb %p status %d alen %d\n",
    266                 aurb, aurb->urb.status, aurb->urb.actual_length);
    267 
    268 	if (p) {
    269             switch (aurb->urb.status) {
    270             case 0:
    271                 p->len = aurb->urb.actual_length;
    272                 if (aurb->urb.type == USBDEVFS_URB_TYPE_CONTROL)
    273                     async_complete_ctrl(s, p);
    274                 break;
    275 
    276             case -EPIPE:
    277                 set_halt(s, p->devep);
    278                 /* fall through */
    279             default:
    280                 p->len = USB_RET_NAK;
    281                 break;
    282             }
    283 
    284             usb_packet_complete(p);
    285 	}
    286 
    287         async_free(aurb);
    288     }
    289 }
    290 
    291 static void async_cancel(USBPacket *unused, void *opaque)
    292 {
    293     AsyncURB *aurb = opaque;
    294     USBHostDevice *s = aurb->hdev;
    295 
    296     dprintf("husb: async cancel. aurb %p\n", aurb);
    297 
    298     /* Mark it as dead (see async_complete above) */
    299     aurb->packet = NULL;
    300 
    301     int r = ioctl(s->fd, USBDEVFS_DISCARDURB, aurb);
    302     if (r < 0) {
    303         dprintf("husb: async. discard urb failed errno %d\n", errno);
    304     }
    305 }
    306 
    307 static int usb_host_claim_interfaces(USBHostDevice *dev, int configuration)
    308 {
    309     int dev_descr_len, config_descr_len;
    310     int interface, nb_interfaces, nb_configurations;
    311     int ret, i;
    312 
    313     if (configuration == 0) /* address state - ignore */
    314         return 1;
    315 
    316     dprintf("husb: claiming interfaces. config %d\n", configuration);
    317 
    318     i = 0;
    319     dev_descr_len = dev->descr[0];
    320     if (dev_descr_len > dev->descr_len)
    321         goto fail;
    322     nb_configurations = dev->descr[17];
    323 
    324     i += dev_descr_len;
    325     while (i < dev->descr_len) {
    326         dprintf("husb: i is %d, descr_len is %d, dl %d, dt %d\n", i, dev->descr_len,
    327                dev->descr[i], dev->descr[i+1]);
    328 
    329         if (dev->descr[i+1] != USB_DT_CONFIG) {
    330             i += dev->descr[i];
    331             continue;
    332         }
    333         config_descr_len = dev->descr[i];
    334 
    335 	printf("husb: config #%d need %d\n", dev->descr[i + 5], configuration);
    336 
    337         if (configuration < 0 || configuration == dev->descr[i + 5]) {
    338             configuration = dev->descr[i + 5];
    339             break;
    340         }
    341 
    342         i += config_descr_len;
    343     }
    344 
    345     if (i >= dev->descr_len) {
    346         fprintf(stderr, "husb: update iface failed. no matching configuration\n");
    347         goto fail;
    348     }
    349     nb_interfaces = dev->descr[i + 4];
    350 
    351 #ifdef USBDEVFS_DISCONNECT
    352     /* earlier Linux 2.4 do not support that */
    353     {
    354         struct usbdevfs_ioctl ctrl;
    355         for (interface = 0; interface < nb_interfaces; interface++) {
    356             ctrl.ioctl_code = USBDEVFS_DISCONNECT;
    357             ctrl.ifno = interface;
    358             ret = ioctl(dev->fd, USBDEVFS_IOCTL, &ctrl);
    359             if (ret < 0 && errno != ENODATA) {
    360                 perror("USBDEVFS_DISCONNECT");
    361                 goto fail;
    362             }
    363         }
    364     }
    365 #endif
    366 
    367     /* XXX: only grab if all interfaces are free */
    368     for (interface = 0; interface < nb_interfaces; interface++) {
    369         ret = ioctl(dev->fd, USBDEVFS_CLAIMINTERFACE, &interface);
    370         if (ret < 0) {
    371             if (errno == EBUSY) {
    372                 printf("husb: update iface. device already grabbed\n");
    373             } else {
    374                 perror("husb: failed to claim interface");
    375             }
    376         fail:
    377             return 0;
    378         }
    379     }
    380 
    381     printf("husb: %d interfaces claimed for configuration %d\n",
    382            nb_interfaces, configuration);
    383 
    384     dev->ninterfaces   = nb_interfaces;
    385     dev->configuration = configuration;
    386     return 1;
    387 }
    388 
    389 static int usb_host_release_interfaces(USBHostDevice *s)
    390 {
    391     int ret, i;
    392 
    393     dprintf("husb: releasing interfaces\n");
    394 
    395     for (i = 0; i < s->ninterfaces; i++) {
    396         ret = ioctl(s->fd, USBDEVFS_RELEASEINTERFACE, &i);
    397         if (ret < 0) {
    398             perror("husb: failed to release interface");
    399             return 0;
    400         }
    401     }
    402 
    403     return 1;
    404 }
    405 
    406 static void usb_host_handle_reset(USBDevice *dev)
    407 {
    408     USBHostDevice *s = (USBHostDevice *) dev;
    409 
    410     dprintf("husb: reset device %u.%u\n", s->bus_num, s->addr);
    411 
    412     ioctl(s->fd, USBDEVFS_RESET);
    413 
    414     usb_host_claim_interfaces(s, s->configuration);
    415 }
    416 
    417 static void usb_host_handle_destroy(USBDevice *dev)
    418 {
    419     USBHostDevice *s = (USBHostDevice *)dev;
    420 
    421     s->closing = 1;
    422 
    423     qemu_set_fd_handler(s->fd, NULL, NULL, NULL);
    424 
    425     hostdev_unlink(s);
    426 
    427     async_complete(s);
    428 
    429     if (s->fd >= 0)
    430         close(s->fd);
    431 
    432     qemu_free(s);
    433 }
    434 
    435 static int usb_linux_update_endp_table(USBHostDevice *s);
    436 
    437 static int usb_host_handle_data(USBHostDevice *s, USBPacket *p)
    438 {
    439     struct usbdevfs_urb *urb;
    440     AsyncURB *aurb;
    441     int ret;
    442 
    443     aurb = async_alloc();
    444     aurb->hdev   = s;
    445     aurb->packet = p;
    446 
    447     urb = &aurb->urb;
    448 
    449     if (p->pid == USB_TOKEN_IN)
    450     	urb->endpoint = p->devep | 0x80;
    451     else
    452     	urb->endpoint = p->devep;
    453 
    454     if (is_halted(s, p->devep)) {
    455 	ret = ioctl(s->fd, USBDEVFS_CLEAR_HALT, &urb->endpoint);
    456         if (ret < 0) {
    457             dprintf("husb: failed to clear halt. ep 0x%x errno %d\n",
    458                    urb->endpoint, errno);
    459             return USB_RET_NAK;
    460         }
    461         clear_halt(s, p->devep);
    462     }
    463 
    464     urb->buffer        = p->data;
    465     urb->buffer_length = p->len;
    466 
    467     if (is_isoc(s, p->devep)) {
    468         /* Setup ISOC transfer */
    469         urb->type     = USBDEVFS_URB_TYPE_ISO;
    470         urb->flags    = USBDEVFS_URB_ISO_ASAP;
    471         urb->number_of_packets = 1;
    472         urb->iso_frame_desc[0].length = p->len;
    473     } else {
    474         /* Setup bulk transfer */
    475         urb->type     = USBDEVFS_URB_TYPE_BULK;
    476     }
    477 
    478     urb->usercontext = s;
    479 
    480     ret = ioctl(s->fd, USBDEVFS_SUBMITURB, urb);
    481 
    482     dprintf("husb: data submit. ep 0x%x len %u aurb %p\n", urb->endpoint, p->len, aurb);
    483 
    484     if (ret < 0) {
    485         dprintf("husb: submit failed. errno %d\n", errno);
    486         async_free(aurb);
    487 
    488         switch(errno) {
    489         case ETIMEDOUT:
    490             return USB_RET_NAK;
    491         case EPIPE:
    492         default:
    493             return USB_RET_STALL;
    494         }
    495     }
    496 
    497     usb_defer_packet(p, async_cancel, aurb);
    498     return USB_RET_ASYNC;
    499 }
    500 
    501 static int ctrl_error(void)
    502 {
    503     if (errno == ETIMEDOUT)
    504         return USB_RET_NAK;
    505     else
    506         return USB_RET_STALL;
    507 }
    508 
    509 static int usb_host_set_address(USBHostDevice *s, int addr)
    510 {
    511     dprintf("husb: ctrl set addr %u\n", addr);
    512     s->dev.addr = addr;
    513     return 0;
    514 }
    515 
    516 static int usb_host_set_config(USBHostDevice *s, int config)
    517 {
    518     usb_host_release_interfaces(s);
    519 
    520     int ret = ioctl(s->fd, USBDEVFS_SETCONFIGURATION, &config);
    521 
    522     dprintf("husb: ctrl set config %d ret %d errno %d\n", config, ret, errno);
    523 
    524     if (ret < 0)
    525         return ctrl_error();
    526 
    527     usb_host_claim_interfaces(s, config);
    528     return 0;
    529 }
    530 
    531 static int usb_host_set_interface(USBHostDevice *s, int iface, int alt)
    532 {
    533     struct usbdevfs_setinterface si;
    534     int ret;
    535 
    536     si.interface  = iface;
    537     si.altsetting = alt;
    538     ret = ioctl(s->fd, USBDEVFS_SETINTERFACE, &si);
    539 
    540     dprintf("husb: ctrl set iface %d altset %d ret %d errno %d\n",
    541     	iface, alt, ret, errno);
    542 
    543     if (ret < 0)
    544         return ctrl_error();
    545 
    546     usb_linux_update_endp_table(s);
    547     return 0;
    548 }
    549 
    550 static int usb_host_handle_control(USBHostDevice *s, USBPacket *p)
    551 {
    552     struct usbdevfs_urb *urb;
    553     AsyncURB *aurb;
    554     int ret, value, index;
    555 
    556     /*
    557      * Process certain standard device requests.
    558      * These are infrequent and are processed synchronously.
    559      */
    560     value = le16_to_cpu(s->ctrl.req.wValue);
    561     index = le16_to_cpu(s->ctrl.req.wIndex);
    562 
    563     dprintf("husb: ctrl type 0x%x req 0x%x val 0x%x index %u len %u\n",
    564         s->ctrl.req.bRequestType, s->ctrl.req.bRequest, value, index,
    565         s->ctrl.len);
    566 
    567     if (s->ctrl.req.bRequestType == 0) {
    568         switch (s->ctrl.req.bRequest) {
    569         case USB_REQ_SET_ADDRESS:
    570             return usb_host_set_address(s, value);
    571 
    572         case USB_REQ_SET_CONFIGURATION:
    573             return usb_host_set_config(s, value & 0xff);
    574         }
    575     }
    576 
    577     if (s->ctrl.req.bRequestType == 1 &&
    578                   s->ctrl.req.bRequest == USB_REQ_SET_INTERFACE)
    579         return usb_host_set_interface(s, index, value);
    580 
    581     /* The rest are asynchronous */
    582 
    583     aurb = async_alloc();
    584     aurb->hdev   = s;
    585     aurb->packet = p;
    586 
    587     /*
    588      * Setup ctrl transfer.
    589      *
    590      * s->ctrl is layed out such that data buffer immediately follows
    591      * 'req' struct which is exactly what usbdevfs expects.
    592      */
    593     urb = &aurb->urb;
    594 
    595     urb->type     = USBDEVFS_URB_TYPE_CONTROL;
    596     urb->endpoint = p->devep;
    597 
    598     urb->buffer        = &s->ctrl.req;
    599     urb->buffer_length = 8 + s->ctrl.len;
    600 
    601     urb->usercontext = s;
    602 
    603     ret = ioctl(s->fd, USBDEVFS_SUBMITURB, urb);
    604 
    605     dprintf("husb: submit ctrl. len %u aurb %p\n", urb->buffer_length, aurb);
    606 
    607     if (ret < 0) {
    608         dprintf("husb: submit failed. errno %d\n", errno);
    609         async_free(aurb);
    610 
    611         switch(errno) {
    612         case ETIMEDOUT:
    613             return USB_RET_NAK;
    614         case EPIPE:
    615         default:
    616             return USB_RET_STALL;
    617         }
    618     }
    619 
    620     usb_defer_packet(p, async_cancel, aurb);
    621     return USB_RET_ASYNC;
    622 }
    623 
    624 static int do_token_setup(USBDevice *dev, USBPacket *p)
    625 {
    626     USBHostDevice *s = (USBHostDevice *) dev;
    627     int ret = 0;
    628 
    629     if (p->len != 8)
    630         return USB_RET_STALL;
    631 
    632     memcpy(&s->ctrl.req, p->data, 8);
    633     s->ctrl.len    = le16_to_cpu(s->ctrl.req.wLength);
    634     s->ctrl.offset = 0;
    635     s->ctrl.state  = CTRL_STATE_SETUP;
    636 
    637     if (s->ctrl.req.bRequestType & USB_DIR_IN) {
    638         ret = usb_host_handle_control(s, p);
    639         if (ret < 0)
    640             return ret;
    641 
    642         if (ret < s->ctrl.len)
    643             s->ctrl.len = ret;
    644         s->ctrl.state = CTRL_STATE_DATA;
    645     } else {
    646         if (s->ctrl.len == 0)
    647             s->ctrl.state = CTRL_STATE_ACK;
    648         else
    649             s->ctrl.state = CTRL_STATE_DATA;
    650     }
    651 
    652     return ret;
    653 }
    654 
    655 static int do_token_in(USBDevice *dev, USBPacket *p)
    656 {
    657     USBHostDevice *s = (USBHostDevice *) dev;
    658     int ret = 0;
    659 
    660     if (p->devep != 0)
    661         return usb_host_handle_data(s, p);
    662 
    663     switch(s->ctrl.state) {
    664     case CTRL_STATE_ACK:
    665         if (!(s->ctrl.req.bRequestType & USB_DIR_IN)) {
    666             ret = usb_host_handle_control(s, p);
    667             if (ret == USB_RET_ASYNC)
    668                 return USB_RET_ASYNC;
    669 
    670             s->ctrl.state = CTRL_STATE_IDLE;
    671             return ret > 0 ? 0 : ret;
    672         }
    673 
    674         return 0;
    675 
    676     case CTRL_STATE_DATA:
    677         if (s->ctrl.req.bRequestType & USB_DIR_IN) {
    678             int len = s->ctrl.len - s->ctrl.offset;
    679             if (len > p->len)
    680                 len = p->len;
    681             memcpy(p->data, s->ctrl.buffer + s->ctrl.offset, len);
    682             s->ctrl.offset += len;
    683             if (s->ctrl.offset >= s->ctrl.len)
    684                 s->ctrl.state = CTRL_STATE_ACK;
    685             return len;
    686         }
    687 
    688         s->ctrl.state = CTRL_STATE_IDLE;
    689         return USB_RET_STALL;
    690 
    691     default:
    692         return USB_RET_STALL;
    693     }
    694 }
    695 
    696 static int do_token_out(USBDevice *dev, USBPacket *p)
    697 {
    698     USBHostDevice *s = (USBHostDevice *) dev;
    699 
    700     if (p->devep != 0)
    701         return usb_host_handle_data(s, p);
    702 
    703     switch(s->ctrl.state) {
    704     case CTRL_STATE_ACK:
    705         if (s->ctrl.req.bRequestType & USB_DIR_IN) {
    706             s->ctrl.state = CTRL_STATE_IDLE;
    707             /* transfer OK */
    708         } else {
    709             /* ignore additional output */
    710         }
    711         return 0;
    712 
    713     case CTRL_STATE_DATA:
    714         if (!(s->ctrl.req.bRequestType & USB_DIR_IN)) {
    715             int len = s->ctrl.len - s->ctrl.offset;
    716             if (len > p->len)
    717                 len = p->len;
    718             memcpy(s->ctrl.buffer + s->ctrl.offset, p->data, len);
    719             s->ctrl.offset += len;
    720             if (s->ctrl.offset >= s->ctrl.len)
    721                 s->ctrl.state = CTRL_STATE_ACK;
    722             return len;
    723         }
    724 
    725         s->ctrl.state = CTRL_STATE_IDLE;
    726         return USB_RET_STALL;
    727 
    728     default:
    729         return USB_RET_STALL;
    730     }
    731 }
    732 
    733 /*
    734  * Packet handler.
    735  * Called by the HC (host controller).
    736  *
    737  * Returns length of the transaction or one of the USB_RET_XXX codes.
    738  */
    739 static int usb_host_handle_packet(USBDevice *s, USBPacket *p)
    740 {
    741     switch(p->pid) {
    742     case USB_MSG_ATTACH:
    743         s->state = USB_STATE_ATTACHED;
    744         return 0;
    745 
    746     case USB_MSG_DETACH:
    747         s->state = USB_STATE_NOTATTACHED;
    748         return 0;
    749 
    750     case USB_MSG_RESET:
    751         s->remote_wakeup = 0;
    752         s->addr = 0;
    753         s->state = USB_STATE_DEFAULT;
    754         s->handle_reset(s);
    755         return 0;
    756     }
    757 
    758     /* Rest of the PIDs must match our address */
    759     if (s->state < USB_STATE_DEFAULT || p->devaddr != s->addr)
    760         return USB_RET_NODEV;
    761 
    762     switch (p->pid) {
    763     case USB_TOKEN_SETUP:
    764         return do_token_setup(s, p);
    765 
    766     case USB_TOKEN_IN:
    767         return do_token_in(s, p);
    768 
    769     case USB_TOKEN_OUT:
    770         return do_token_out(s, p);
    771 
    772     default:
    773         return USB_RET_STALL;
    774     }
    775 }
    776 
    777 /* returns 1 on problem encountered or 0 for success */
    778 static int usb_linux_update_endp_table(USBHostDevice *s)
    779 {
    780     uint8_t *descriptors;
    781     uint8_t devep, type, configuration, alt_interface;
    782     struct usb_ctrltransfer ct;
    783     int interface, ret, length, i;
    784 
    785     ct.bRequestType = USB_DIR_IN;
    786     ct.bRequest = USB_REQ_GET_CONFIGURATION;
    787     ct.wValue = 0;
    788     ct.wIndex = 0;
    789     ct.wLength = 1;
    790     ct.data = &configuration;
    791     ct.timeout = 50;
    792 
    793     ret = ioctl(s->fd, USBDEVFS_CONTROL, &ct);
    794     if (ret < 0) {
    795         perror("usb_linux_update_endp_table");
    796         return 1;
    797     }
    798 
    799     /* in address state */
    800     if (configuration == 0)
    801         return 1;
    802 
    803     /* get the desired configuration, interface, and endpoint descriptors
    804      * from device description */
    805     descriptors = &s->descr[18];
    806     length = s->descr_len - 18;
    807     i = 0;
    808 
    809     if (descriptors[i + 1] != USB_DT_CONFIG ||
    810         descriptors[i + 5] != configuration) {
    811         dprintf("invalid descriptor data - configuration\n");
    812         return 1;
    813     }
    814     i += descriptors[i];
    815 
    816     while (i < length) {
    817         if (descriptors[i + 1] != USB_DT_INTERFACE ||
    818             (descriptors[i + 1] == USB_DT_INTERFACE &&
    819              descriptors[i + 4] == 0)) {
    820             i += descriptors[i];
    821             continue;
    822         }
    823 
    824         interface = descriptors[i + 2];
    825 
    826         ct.bRequestType = USB_DIR_IN | USB_RECIP_INTERFACE;
    827         ct.bRequest = USB_REQ_GET_INTERFACE;
    828         ct.wValue = 0;
    829         ct.wIndex = interface;
    830         ct.wLength = 1;
    831         ct.data = &alt_interface;
    832         ct.timeout = 50;
    833 
    834         ret = ioctl(s->fd, USBDEVFS_CONTROL, &ct);
    835         if (ret < 0) {
    836             alt_interface = interface;
    837         }
    838 
    839         /* the current interface descriptor is the active interface
    840          * and has endpoints */
    841         if (descriptors[i + 3] != alt_interface) {
    842             i += descriptors[i];
    843             continue;
    844         }
    845 
    846         /* advance to the endpoints */
    847         while (i < length && descriptors[i +1] != USB_DT_ENDPOINT)
    848             i += descriptors[i];
    849 
    850         if (i >= length)
    851             break;
    852 
    853         while (i < length) {
    854             if (descriptors[i + 1] != USB_DT_ENDPOINT)
    855                 break;
    856 
    857             devep = descriptors[i + 2];
    858             switch (descriptors[i + 3] & 0x3) {
    859             case 0x00:
    860                 type = USBDEVFS_URB_TYPE_CONTROL;
    861                 break;
    862             case 0x01:
    863                 type = USBDEVFS_URB_TYPE_ISO;
    864                 break;
    865             case 0x02:
    866                 type = USBDEVFS_URB_TYPE_BULK;
    867                 break;
    868             case 0x03:
    869                 type = USBDEVFS_URB_TYPE_INTERRUPT;
    870                 break;
    871             default:
    872                 dprintf("usb_host: malformed endpoint type\n");
    873                 type = USBDEVFS_URB_TYPE_BULK;
    874             }
    875             s->endp_table[(devep & 0xf) - 1].type = type;
    876             s->endp_table[(devep & 0xf) - 1].halted = 0;
    877 
    878             i += descriptors[i];
    879         }
    880     }
    881     return 0;
    882 }
    883 
    884 static USBDevice *usb_host_device_open_addr(int bus_num, int addr, const char *prod_name)
    885 {
    886     int fd = -1, ret;
    887     USBHostDevice *dev = NULL;
    888     struct usbdevfs_connectinfo ci;
    889     char buf[1024];
    890 
    891     dev = qemu_mallocz(sizeof(USBHostDevice));
    892 
    893     dev->bus_num = bus_num;
    894     dev->addr = addr;
    895 
    896     printf("husb: open device %d.%d\n", bus_num, addr);
    897 
    898     if (!usb_host_device_path) {
    899         perror("husb: USB Host Device Path not set");
    900         goto fail;
    901     }
    902     snprintf(buf, sizeof(buf), "%s/%03d/%03d", usb_host_device_path,
    903              bus_num, addr);
    904     fd = open(buf, O_RDWR | O_NONBLOCK);
    905     if (fd < 0) {
    906         perror(buf);
    907         goto fail;
    908     }
    909     dprintf("husb: opened %s\n", buf);
    910 
    911     /* read the device description */
    912     dev->descr_len = read(fd, dev->descr, sizeof(dev->descr));
    913     if (dev->descr_len <= 0) {
    914         perror("husb: reading device data failed");
    915         goto fail;
    916     }
    917 
    918 #ifdef DEBUG
    919     {
    920         int x;
    921         printf("=== begin dumping device descriptor data ===\n");
    922         for (x = 0; x < dev->descr_len; x++)
    923             printf("%02x ", dev->descr[x]);
    924         printf("\n=== end dumping device descriptor data ===\n");
    925     }
    926 #endif
    927 
    928     dev->fd = fd;
    929 
    930     /*
    931      * Initial configuration is -1 which makes us claim first
    932      * available config. We used to start with 1, which does not
    933      * always work. I've seen devices where first config starts
    934      * with 2.
    935      */
    936     if (!usb_host_claim_interfaces(dev, -1))
    937         goto fail;
    938 
    939     ret = ioctl(fd, USBDEVFS_CONNECTINFO, &ci);
    940     if (ret < 0) {
    941         perror("usb_host_device_open: USBDEVFS_CONNECTINFO");
    942         goto fail;
    943     }
    944 
    945     printf("husb: grabbed usb device %d.%d\n", bus_num, addr);
    946 
    947     ret = usb_linux_update_endp_table(dev);
    948     if (ret)
    949         goto fail;
    950 
    951     if (ci.slow)
    952         dev->dev.speed = USB_SPEED_LOW;
    953     else
    954         dev->dev.speed = USB_SPEED_HIGH;
    955 
    956     dev->dev.handle_packet  = usb_host_handle_packet;
    957     dev->dev.handle_reset   = usb_host_handle_reset;
    958     dev->dev.handle_destroy = usb_host_handle_destroy;
    959 
    960     if (!prod_name || prod_name[0] == '\0')
    961         snprintf(dev->dev.devname, sizeof(dev->dev.devname),
    962                  "host:%d.%d", bus_num, addr);
    963     else
    964         pstrcpy(dev->dev.devname, sizeof(dev->dev.devname),
    965                 prod_name);
    966 
    967     /* USB devio uses 'write' flag to check for async completions */
    968     qemu_set_fd_handler(dev->fd, NULL, async_complete, dev);
    969 
    970     hostdev_link(dev);
    971 
    972     return (USBDevice *) dev;
    973 
    974 fail:
    975     if (dev)
    976         qemu_free(dev);
    977 
    978     close(fd);
    979     return NULL;
    980 }
    981 
    982 static int usb_host_auto_add(const char *spec);
    983 static int usb_host_auto_del(const char *spec);
    984 
    985 USBDevice *usb_host_device_open(const char *devname)
    986 {
    987     Monitor *mon = cur_mon;
    988     int bus_num, addr;
    989     char product_name[PRODUCT_NAME_SZ];
    990 
    991     if (strstr(devname, "auto:")) {
    992         usb_host_auto_add(devname);
    993         return NULL;
    994     }
    995 
    996     if (usb_host_find_device(&bus_num, &addr, product_name, sizeof(product_name),
    997                              devname) < 0)
    998         return NULL;
    999 
   1000     if (hostdev_find(bus_num, addr)) {
   1001        monitor_printf(mon, "husb: host usb device %d.%d is already open\n",
   1002                       bus_num, addr);
   1003        return NULL;
   1004     }
   1005 
   1006     return usb_host_device_open_addr(bus_num, addr, product_name);
   1007 }
   1008 
   1009 int usb_host_device_close(const char *devname)
   1010 {
   1011     char product_name[PRODUCT_NAME_SZ];
   1012     int bus_num, addr;
   1013     USBHostDevice *s;
   1014 
   1015     if (strstr(devname, "auto:"))
   1016         return usb_host_auto_del(devname);
   1017 
   1018     if (usb_host_find_device(&bus_num, &addr, product_name, sizeof(product_name),
   1019                              devname) < 0)
   1020         return -1;
   1021 
   1022     s = hostdev_find(bus_num, addr);
   1023     if (s) {
   1024         usb_device_del_addr(0, s->dev.addr);
   1025         return 0;
   1026     }
   1027 
   1028     return -1;
   1029 }
   1030 
   1031 static int get_tag_value(char *buf, int buf_size,
   1032                          const char *str, const char *tag,
   1033                          const char *stopchars)
   1034 {
   1035     const char *p;
   1036     char *q;
   1037     p = strstr(str, tag);
   1038     if (!p)
   1039         return -1;
   1040     p += strlen(tag);
   1041     while (qemu_isspace(*p))
   1042         p++;
   1043     q = buf;
   1044     while (*p != '\0' && !strchr(stopchars, *p)) {
   1045         if ((q - buf) < (buf_size - 1))
   1046             *q++ = *p;
   1047         p++;
   1048     }
   1049     *q = '\0';
   1050     return q - buf;
   1051 }
   1052 
   1053 /*
   1054  * Use /proc/bus/usb/devices or /dev/bus/usb/devices file to determine
   1055  * host's USB devices. This is legacy support since many distributions
   1056  * are moving to /sys/bus/usb
   1057  */
   1058 static int usb_host_scan_dev(void *opaque, USBScanFunc *func)
   1059 {
   1060     FILE *f = 0;
   1061     char line[1024];
   1062     char buf[1024];
   1063     int bus_num, addr, speed, device_count, class_id, product_id, vendor_id;
   1064     char product_name[512];
   1065     int ret = 0;
   1066 
   1067     if (!usb_host_device_path) {
   1068         perror("husb: USB Host Device Path not set");
   1069         goto the_end;
   1070     }
   1071     snprintf(line, sizeof(line), "%s/devices", usb_host_device_path);
   1072     f = fopen(line, "r");
   1073     if (!f) {
   1074         perror("husb: cannot open devices file");
   1075         goto the_end;
   1076     }
   1077 
   1078     device_count = 0;
   1079     bus_num = addr = speed = class_id = product_id = vendor_id = 0;
   1080     for(;;) {
   1081         if (fgets(line, sizeof(line), f) == NULL)
   1082             break;
   1083         if (strlen(line) > 0)
   1084             line[strlen(line) - 1] = '\0';
   1085         if (line[0] == 'T' && line[1] == ':') {
   1086             if (device_count && (vendor_id || product_id)) {
   1087                 /* New device.  Add the previously discovered device.  */
   1088                 ret = func(opaque, bus_num, addr, class_id, vendor_id,
   1089                            product_id, product_name, speed);
   1090                 if (ret)
   1091                     goto the_end;
   1092             }
   1093             if (get_tag_value(buf, sizeof(buf), line, "Bus=", " ") < 0)
   1094                 goto fail;
   1095             bus_num = atoi(buf);
   1096             if (get_tag_value(buf, sizeof(buf), line, "Dev#=", " ") < 0)
   1097                 goto fail;
   1098             addr = atoi(buf);
   1099             if (get_tag_value(buf, sizeof(buf), line, "Spd=", " ") < 0)
   1100                 goto fail;
   1101             if (!strcmp(buf, "480"))
   1102                 speed = USB_SPEED_HIGH;
   1103             else if (!strcmp(buf, "1.5"))
   1104                 speed = USB_SPEED_LOW;
   1105             else
   1106                 speed = USB_SPEED_FULL;
   1107             product_name[0] = '\0';
   1108             class_id = 0xff;
   1109             device_count++;
   1110             product_id = 0;
   1111             vendor_id = 0;
   1112         } else if (line[0] == 'P' && line[1] == ':') {
   1113             if (get_tag_value(buf, sizeof(buf), line, "Vendor=", " ") < 0)
   1114                 goto fail;
   1115             vendor_id = strtoul(buf, NULL, 16);
   1116             if (get_tag_value(buf, sizeof(buf), line, "ProdID=", " ") < 0)
   1117                 goto fail;
   1118             product_id = strtoul(buf, NULL, 16);
   1119         } else if (line[0] == 'S' && line[1] == ':') {
   1120             if (get_tag_value(buf, sizeof(buf), line, "Product=", "") < 0)
   1121                 goto fail;
   1122             pstrcpy(product_name, sizeof(product_name), buf);
   1123         } else if (line[0] == 'D' && line[1] == ':') {
   1124             if (get_tag_value(buf, sizeof(buf), line, "Cls=", " (") < 0)
   1125                 goto fail;
   1126             class_id = strtoul(buf, NULL, 16);
   1127         }
   1128     fail: ;
   1129     }
   1130     if (device_count && (vendor_id || product_id)) {
   1131         /* Add the last device.  */
   1132         ret = func(opaque, bus_num, addr, class_id, vendor_id,
   1133                    product_id, product_name, speed);
   1134     }
   1135  the_end:
   1136     if (f)
   1137         fclose(f);
   1138     return ret;
   1139 }
   1140 
   1141 /*
   1142  * Read sys file-system device file
   1143  *
   1144  * @line address of buffer to put file contents in
   1145  * @line_size size of line
   1146  * @device_file path to device file (printf format string)
   1147  * @device_name device being opened (inserted into device_file)
   1148  *
   1149  * @return 0 failed, 1 succeeded ('line' contains data)
   1150  */
   1151 static int usb_host_read_file(char *line, size_t line_size, const char *device_file, const char *device_name)
   1152 {
   1153     Monitor *mon = cur_mon;
   1154     FILE *f;
   1155     int ret = 0;
   1156     char filename[PATH_MAX];
   1157 
   1158     snprintf(filename, PATH_MAX, USBSYSBUS_PATH "/devices/%s/%s", device_name,
   1159              device_file);
   1160     f = fopen(filename, "r");
   1161     if (f) {
   1162         ret = (fgets(line, line_size, f) != NULL);
   1163         fclose(f);
   1164     } else {
   1165         monitor_printf(mon, "husb: could not open %s\n", filename);
   1166     }
   1167 
   1168     return ret;
   1169 }
   1170 
   1171 /*
   1172  * Use /sys/bus/usb/devices/ directory to determine host's USB
   1173  * devices.
   1174  *
   1175  * This code is based on Robert Schiele's original patches posted to
   1176  * the Novell bug-tracker https://bugzilla.novell.com/show_bug.cgi?id=241950
   1177  */
   1178 static int usb_host_scan_sys(void *opaque, USBScanFunc *func)
   1179 {
   1180     DIR *dir = 0;
   1181     char line[1024];
   1182     int bus_num, addr, speed, class_id, product_id, vendor_id;
   1183     int ret = 0;
   1184     char product_name[512];
   1185     struct dirent *de;
   1186 
   1187     dir = opendir(USBSYSBUS_PATH "/devices");
   1188     if (!dir) {
   1189         perror("husb: cannot open devices directory");
   1190         goto the_end;
   1191     }
   1192 
   1193     while ((de = readdir(dir))) {
   1194         if (de->d_name[0] != '.' && !strchr(de->d_name, ':')) {
   1195             char *tmpstr = de->d_name;
   1196             if (!strncmp(de->d_name, "usb", 3))
   1197                 tmpstr += 3;
   1198             bus_num = atoi(tmpstr);
   1199 
   1200             if (!usb_host_read_file(line, sizeof(line), "devnum", de->d_name))
   1201                 goto the_end;
   1202             if (sscanf(line, "%d", &addr) != 1)
   1203                 goto the_end;
   1204 
   1205             if (!usb_host_read_file(line, sizeof(line), "bDeviceClass",
   1206                                     de->d_name))
   1207                 goto the_end;
   1208             if (sscanf(line, "%x", &class_id) != 1)
   1209                 goto the_end;
   1210 
   1211             if (!usb_host_read_file(line, sizeof(line), "idVendor", de->d_name))
   1212                 goto the_end;
   1213             if (sscanf(line, "%x", &vendor_id) != 1)
   1214                 goto the_end;
   1215 
   1216             if (!usb_host_read_file(line, sizeof(line), "idProduct",
   1217                                     de->d_name))
   1218                 goto the_end;
   1219             if (sscanf(line, "%x", &product_id) != 1)
   1220                 goto the_end;
   1221 
   1222             if (!usb_host_read_file(line, sizeof(line), "product",
   1223                                     de->d_name)) {
   1224                 *product_name = 0;
   1225             } else {
   1226                 if (strlen(line) > 0)
   1227                     line[strlen(line) - 1] = '\0';
   1228                 pstrcpy(product_name, sizeof(product_name), line);
   1229             }
   1230 
   1231             if (!usb_host_read_file(line, sizeof(line), "speed", de->d_name))
   1232                 goto the_end;
   1233             if (!strcmp(line, "480\n"))
   1234                 speed = USB_SPEED_HIGH;
   1235             else if (!strcmp(line, "1.5\n"))
   1236                 speed = USB_SPEED_LOW;
   1237             else
   1238                 speed = USB_SPEED_FULL;
   1239 
   1240             ret = func(opaque, bus_num, addr, class_id, vendor_id,
   1241                        product_id, product_name, speed);
   1242             if (ret)
   1243                 goto the_end;
   1244         }
   1245     }
   1246  the_end:
   1247     if (dir)
   1248         closedir(dir);
   1249     return ret;
   1250 }
   1251 
   1252 /*
   1253  * Determine how to access the host's USB devices and call the
   1254  * specific support function.
   1255  */
   1256 static int usb_host_scan(void *opaque, USBScanFunc *func)
   1257 {
   1258     Monitor *mon = cur_mon;
   1259     FILE *f = 0;
   1260     DIR *dir = 0;
   1261     int ret = 0;
   1262     const char *fs_type[] = {"unknown", "proc", "dev", "sys"};
   1263     char devpath[PATH_MAX];
   1264 
   1265     /* only check the host once */
   1266     if (!usb_fs_type) {
   1267         f = fopen(USBPROCBUS_PATH "/devices", "r");
   1268         if (f) {
   1269             /* devices found in /proc/bus/usb/ */
   1270             strcpy(devpath, USBPROCBUS_PATH);
   1271             usb_fs_type = USB_FS_PROC;
   1272             fclose(f);
   1273             dprintf(USBDBG_DEVOPENED, USBPROCBUS_PATH);
   1274             goto found_devices;
   1275         }
   1276         /* try additional methods if an access method hasn't been found yet */
   1277         f = fopen(USBDEVBUS_PATH "/devices", "r");
   1278         if (f) {
   1279             /* devices found in /dev/bus/usb/ */
   1280             strcpy(devpath, USBDEVBUS_PATH);
   1281             usb_fs_type = USB_FS_DEV;
   1282             fclose(f);
   1283             dprintf(USBDBG_DEVOPENED, USBDEVBUS_PATH);
   1284             goto found_devices;
   1285         }
   1286         dir = opendir(USBSYSBUS_PATH "/devices");
   1287         if (dir) {
   1288             /* devices found in /dev/bus/usb/ (yes - not a mistake!) */
   1289             strcpy(devpath, USBDEVBUS_PATH);
   1290             usb_fs_type = USB_FS_SYS;
   1291             closedir(dir);
   1292             dprintf(USBDBG_DEVOPENED, USBSYSBUS_PATH);
   1293             goto found_devices;
   1294         }
   1295     found_devices:
   1296         if (!usb_fs_type) {
   1297             monitor_printf(mon, "husb: unable to access USB devices\n");
   1298             return -ENOENT;
   1299         }
   1300 
   1301         /* the module setting (used later for opening devices) */
   1302         usb_host_device_path = qemu_mallocz(strlen(devpath)+1);
   1303         strcpy(usb_host_device_path, devpath);
   1304         monitor_printf(mon, "husb: using %s file-system with %s\n",
   1305                        fs_type[usb_fs_type], usb_host_device_path);
   1306     }
   1307 
   1308     switch (usb_fs_type) {
   1309     case USB_FS_PROC:
   1310     case USB_FS_DEV:
   1311         ret = usb_host_scan_dev(opaque, func);
   1312         break;
   1313     case USB_FS_SYS:
   1314         ret = usb_host_scan_sys(opaque, func);
   1315         break;
   1316     default:
   1317         ret = -EINVAL;
   1318         break;
   1319     }
   1320     return ret;
   1321 }
   1322 
   1323 struct USBAutoFilter {
   1324     struct USBAutoFilter *next;
   1325     int bus_num;
   1326     int addr;
   1327     int vendor_id;
   1328     int product_id;
   1329 };
   1330 
   1331 static QEMUTimer *usb_auto_timer;
   1332 static struct USBAutoFilter *usb_auto_filter;
   1333 
   1334 static int usb_host_auto_scan(void *opaque, int bus_num, int addr,
   1335                      int class_id, int vendor_id, int product_id,
   1336                      const char *product_name, int speed)
   1337 {
   1338     struct USBAutoFilter *f;
   1339     struct USBDevice *dev;
   1340 
   1341     /* Ignore hubs */
   1342     if (class_id == 9)
   1343         return 0;
   1344 
   1345     for (f = usb_auto_filter; f; f = f->next) {
   1346 	if (f->bus_num >= 0 && f->bus_num != bus_num)
   1347             continue;
   1348 
   1349 	if (f->addr >= 0 && f->addr != addr)
   1350             continue;
   1351 
   1352 	if (f->vendor_id >= 0 && f->vendor_id != vendor_id)
   1353             continue;
   1354 
   1355 	if (f->product_id >= 0 && f->product_id != product_id)
   1356             continue;
   1357 
   1358         /* We got a match */
   1359 
   1360         /* Allredy attached ? */
   1361         if (hostdev_find(bus_num, addr))
   1362             return 0;
   1363 
   1364         dprintf("husb: auto open: bus_num %d addr %d\n", bus_num, addr);
   1365 
   1366 	dev = usb_host_device_open_addr(bus_num, addr, product_name);
   1367 	if (dev)
   1368 	    usb_device_add_dev(dev);
   1369     }
   1370 
   1371     return 0;
   1372 }
   1373 
   1374 static void usb_host_auto_timer(void *unused)
   1375 {
   1376     usb_host_scan(NULL, usb_host_auto_scan);
   1377     qemu_mod_timer(usb_auto_timer, qemu_get_clock_ms(rt_clock) + 2000);
   1378 }
   1379 
   1380 /*
   1381  * Autoconnect filter
   1382  * Format:
   1383  *    auto:bus:dev[:vid:pid]
   1384  *    auto:bus.dev[:vid:pid]
   1385  *
   1386  *    bus  - bus number    (dec, * means any)
   1387  *    dev  - device number (dec, * means any)
   1388  *    vid  - vendor id     (hex, * means any)
   1389  *    pid  - product id    (hex, * means any)
   1390  *
   1391  *    See 'lsusb' output.
   1392  */
   1393 static int parse_filter(const char *spec, struct USBAutoFilter *f)
   1394 {
   1395     enum { BUS, DEV, VID, PID, DONE };
   1396     const char *p = spec;
   1397     int i;
   1398 
   1399     f->bus_num    = -1;
   1400     f->addr       = -1;
   1401     f->vendor_id  = -1;
   1402     f->product_id = -1;
   1403 
   1404     for (i = BUS; i < DONE; i++) {
   1405     	p = strpbrk(p, ":.");
   1406     	if (!p) break;
   1407         p++;
   1408 
   1409     	if (*p == '*')
   1410             continue;
   1411 
   1412         switch(i) {
   1413         case BUS: f->bus_num = strtol(p, NULL, 10);    break;
   1414         case DEV: f->addr    = strtol(p, NULL, 10);    break;
   1415         case VID: f->vendor_id  = strtol(p, NULL, 16); break;
   1416         case PID: f->product_id = strtol(p, NULL, 16); break;
   1417         }
   1418     }
   1419 
   1420     if (i < DEV) {
   1421         fprintf(stderr, "husb: invalid auto filter spec %s\n", spec);
   1422         return -1;
   1423     }
   1424 
   1425     return 0;
   1426 }
   1427 
   1428 static int match_filter(const struct USBAutoFilter *f1,
   1429                         const struct USBAutoFilter *f2)
   1430 {
   1431     return f1->bus_num    == f2->bus_num &&
   1432            f1->addr       == f2->addr &&
   1433            f1->vendor_id  == f2->vendor_id &&
   1434            f1->product_id == f2->product_id;
   1435 }
   1436 
   1437 static int usb_host_auto_add(const char *spec)
   1438 {
   1439     struct USBAutoFilter filter, *f;
   1440 
   1441     if (parse_filter(spec, &filter) < 0)
   1442         return -1;
   1443 
   1444     f = qemu_mallocz(sizeof(*f));
   1445 
   1446     *f = filter;
   1447 
   1448     if (!usb_auto_filter) {
   1449         /*
   1450          * First entry. Init and start the monitor.
   1451          * Right now we're using timer to check for new devices.
   1452          * If this turns out to be too expensive we can move that into a
   1453          * separate thread.
   1454          */
   1455 	usb_auto_timer = qemu_new_timer_ms(rt_clock, usb_host_auto_timer, NULL);
   1456 	if (!usb_auto_timer) {
   1457             fprintf(stderr, "husb: failed to allocate auto scan timer\n");
   1458             qemu_free(f);
   1459             return -1;
   1460         }
   1461 
   1462         /* Check for new devices every two seconds */
   1463         qemu_mod_timer(usb_auto_timer, qemu_get_clock_ms(rt_clock) + 2000);
   1464     }
   1465 
   1466     dprintf("husb: added auto filter: bus_num %d addr %d vid %d pid %d\n",
   1467 	f->bus_num, f->addr, f->vendor_id, f->product_id);
   1468 
   1469     f->next = usb_auto_filter;
   1470     usb_auto_filter = f;
   1471 
   1472     return 0;
   1473 }
   1474 
   1475 static int usb_host_auto_del(const char *spec)
   1476 {
   1477     struct USBAutoFilter *pf = usb_auto_filter;
   1478     struct USBAutoFilter **prev = &usb_auto_filter;
   1479     struct USBAutoFilter filter;
   1480 
   1481     if (parse_filter(spec, &filter) < 0)
   1482         return -1;
   1483 
   1484     while (pf) {
   1485         if (match_filter(pf, &filter)) {
   1486             dprintf("husb: removed auto filter: bus_num %d addr %d vid %d pid %d\n",
   1487 	             pf->bus_num, pf->addr, pf->vendor_id, pf->product_id);
   1488 
   1489             *prev = pf->next;
   1490 
   1491 	    if (!usb_auto_filter) {
   1492                 /* No more filters. Stop scanning. */
   1493                 qemu_del_timer(usb_auto_timer);
   1494                 qemu_free_timer(usb_auto_timer);
   1495             }
   1496 
   1497             return 0;
   1498         }
   1499 
   1500         prev = &pf->next;
   1501         pf   = pf->next;
   1502     }
   1503 
   1504     return -1;
   1505 }
   1506 
   1507 typedef struct FindDeviceState {
   1508     int vendor_id;
   1509     int product_id;
   1510     int bus_num;
   1511     int addr;
   1512     char product_name[PRODUCT_NAME_SZ];
   1513 } FindDeviceState;
   1514 
   1515 static int usb_host_find_device_scan(void *opaque, int bus_num, int addr,
   1516                                      int class_id,
   1517                                      int vendor_id, int product_id,
   1518                                      const char *product_name, int speed)
   1519 {
   1520     FindDeviceState *s = opaque;
   1521     if ((vendor_id == s->vendor_id &&
   1522         product_id == s->product_id) ||
   1523         (bus_num == s->bus_num &&
   1524         addr == s->addr)) {
   1525         pstrcpy(s->product_name, PRODUCT_NAME_SZ, product_name);
   1526         s->bus_num = bus_num;
   1527         s->addr = addr;
   1528         return 1;
   1529     } else {
   1530         return 0;
   1531     }
   1532 }
   1533 
   1534 /* the syntax is :
   1535    'bus.addr' (decimal numbers) or
   1536    'vendor_id:product_id' (hexa numbers) */
   1537 static int usb_host_find_device(int *pbus_num, int *paddr,
   1538                                 char *product_name, int product_name_size,
   1539                                 const char *devname)
   1540 {
   1541     const char *p;
   1542     int ret;
   1543     FindDeviceState fs;
   1544 
   1545     p = strchr(devname, '.');
   1546     if (p) {
   1547         *pbus_num = strtoul(devname, NULL, 0);
   1548         *paddr = strtoul(p + 1, NULL, 0);
   1549         fs.bus_num = *pbus_num;
   1550         fs.addr = *paddr;
   1551         ret = usb_host_scan(&fs, usb_host_find_device_scan);
   1552         if (ret)
   1553             pstrcpy(product_name, product_name_size, fs.product_name);
   1554         return 0;
   1555     }
   1556 
   1557     p = strchr(devname, ':');
   1558     if (p) {
   1559         fs.vendor_id = strtoul(devname, NULL, 16);
   1560         fs.product_id = strtoul(p + 1, NULL, 16);
   1561         ret = usb_host_scan(&fs, usb_host_find_device_scan);
   1562         if (ret) {
   1563             *pbus_num = fs.bus_num;
   1564             *paddr = fs.addr;
   1565             pstrcpy(product_name, product_name_size, fs.product_name);
   1566             return 0;
   1567         }
   1568     }
   1569     return -1;
   1570 }
   1571 
   1572 /**********************/
   1573 /* USB host device info */
   1574 
   1575 struct usb_class_info {
   1576     int class;
   1577     const char *class_name;
   1578 };
   1579 
   1580 static const struct usb_class_info usb_class_info[] = {
   1581     { USB_CLASS_AUDIO, "Audio"},
   1582     { USB_CLASS_COMM, "Communication"},
   1583     { USB_CLASS_HID, "HID"},
   1584     { USB_CLASS_HUB, "Hub" },
   1585     { USB_CLASS_PHYSICAL, "Physical" },
   1586     { USB_CLASS_PRINTER, "Printer" },
   1587     { USB_CLASS_MASS_STORAGE, "Storage" },
   1588     { USB_CLASS_CDC_DATA, "Data" },
   1589     { USB_CLASS_APP_SPEC, "Application Specific" },
   1590     { USB_CLASS_VENDOR_SPEC, "Vendor Specific" },
   1591     { USB_CLASS_STILL_IMAGE, "Still Image" },
   1592     { USB_CLASS_CSCID, "Smart Card" },
   1593     { USB_CLASS_CONTENT_SEC, "Content Security" },
   1594     { -1, NULL }
   1595 };
   1596 
   1597 static const char *usb_class_str(uint8_t class)
   1598 {
   1599     const struct usb_class_info *p;
   1600     for(p = usb_class_info; p->class != -1; p++) {
   1601         if (p->class == class)
   1602             break;
   1603     }
   1604     return p->class_name;
   1605 }
   1606 
   1607 static void usb_info_device(int bus_num, int addr, int class_id,
   1608                             int vendor_id, int product_id,
   1609                             const char *product_name,
   1610                             int speed)
   1611 {
   1612     Monitor *mon = cur_mon;
   1613     const char *class_str, *speed_str;
   1614 
   1615     switch(speed) {
   1616     case USB_SPEED_LOW:
   1617         speed_str = "1.5";
   1618         break;
   1619     case USB_SPEED_FULL:
   1620         speed_str = "12";
   1621         break;
   1622     case USB_SPEED_HIGH:
   1623         speed_str = "480";
   1624         break;
   1625     default:
   1626         speed_str = "?";
   1627         break;
   1628     }
   1629 
   1630     monitor_printf(mon, "  Device %d.%d, speed %s Mb/s\n",
   1631                 bus_num, addr, speed_str);
   1632     class_str = usb_class_str(class_id);
   1633     if (class_str)
   1634         monitor_printf(mon, "    %s:", class_str);
   1635     else
   1636         monitor_printf(mon, "    Class %02x:", class_id);
   1637     monitor_printf(mon, " USB device %04x:%04x", vendor_id, product_id);
   1638     if (product_name[0] != '\0')
   1639         monitor_printf(mon, ", %s", product_name);
   1640     monitor_printf(mon, "\n");
   1641 }
   1642 
   1643 static int usb_host_info_device(void *opaque, int bus_num, int addr,
   1644                                 int class_id,
   1645                                 int vendor_id, int product_id,
   1646                                 const char *product_name,
   1647                                 int speed)
   1648 {
   1649     usb_info_device(bus_num, addr, class_id, vendor_id, product_id,
   1650                     product_name, speed);
   1651     return 0;
   1652 }
   1653 
   1654 static void dec2str(int val, char *str, size_t size)
   1655 {
   1656     if (val == -1)
   1657         snprintf(str, size, "*");
   1658     else
   1659         snprintf(str, size, "%d", val);
   1660 }
   1661 
   1662 static void hex2str(int val, char *str, size_t size)
   1663 {
   1664     if (val == -1)
   1665         snprintf(str, size, "*");
   1666     else
   1667         snprintf(str, size, "%x", val);
   1668 }
   1669 
   1670 void usb_host_info(Monitor *mon)
   1671 {
   1672     struct USBAutoFilter *f;
   1673 
   1674     usb_host_scan(NULL, usb_host_info_device);
   1675 
   1676     if (usb_auto_filter)
   1677         monitor_printf(mon, "  Auto filters:\n");
   1678     for (f = usb_auto_filter; f; f = f->next) {
   1679         char bus[10], addr[10], vid[10], pid[10];
   1680         dec2str(f->bus_num, bus, sizeof(bus));
   1681         dec2str(f->addr, addr, sizeof(addr));
   1682         hex2str(f->vendor_id, vid, sizeof(vid));
   1683         hex2str(f->product_id, pid, sizeof(pid));
   1684         monitor_printf(mon, "    Device %s.%s ID %s:%s\n",
   1685                        bus, addr, vid, pid);
   1686     }
   1687 }
   1688