1 /* 2 * Copyright (C) 2007 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #define TRACE_TAG USB 18 19 #include "sysdeps.h" 20 21 #include <CoreFoundation/CoreFoundation.h> 22 23 #include <IOKit/IOKitLib.h> 24 #include <IOKit/IOCFPlugIn.h> 25 #include <IOKit/usb/IOUSBLib.h> 26 #include <IOKit/IOMessage.h> 27 #include <mach/mach_port.h> 28 29 #include <inttypes.h> 30 #include <stdio.h> 31 32 #include <atomic> 33 #include <chrono> 34 #include <memory> 35 #include <mutex> 36 #include <thread> 37 #include <vector> 38 39 #include <android-base/logging.h> 40 #include <android-base/stringprintf.h> 41 #include <android-base/thread_annotations.h> 42 43 #include "adb.h" 44 #include "transport.h" 45 46 using namespace std::chrono_literals; 47 48 namespace native { 49 struct usb_handle 50 { 51 UInt8 bulkIn; 52 UInt8 bulkOut; 53 IOUSBInterfaceInterface190** interface; 54 unsigned int zero_mask; 55 size_t max_packet_size; 56 57 // For garbage collecting disconnected devices. 58 bool mark; 59 std::string devpath; 60 std::atomic<bool> dead; 61 62 usb_handle() 63 : bulkIn(0), 64 bulkOut(0), 65 interface(nullptr), 66 zero_mask(0), 67 max_packet_size(0), 68 mark(false), 69 dead(false) {} 70 }; 71 72 static std::atomic<bool> usb_inited_flag; 73 74 static auto& g_usb_handles_mutex = *new std::mutex(); 75 static auto& g_usb_handles = *new std::vector<std::unique_ptr<usb_handle>>(); 76 77 static bool IsKnownDevice(const std::string& devpath) { 78 std::lock_guard<std::mutex> lock_guard(g_usb_handles_mutex); 79 for (auto& usb : g_usb_handles) { 80 if (usb->devpath == devpath) { 81 // Set mark flag to indicate this device is still alive. 82 usb->mark = true; 83 return true; 84 } 85 } 86 return false; 87 } 88 89 static void usb_kick_locked(usb_handle* handle); 90 91 static void KickDisconnectedDevices() { 92 std::lock_guard<std::mutex> lock_guard(g_usb_handles_mutex); 93 for (auto& usb : g_usb_handles) { 94 if (!usb->mark) { 95 usb_kick_locked(usb.get()); 96 } else { 97 usb->mark = false; 98 } 99 } 100 } 101 102 static void AddDevice(std::unique_ptr<usb_handle> handle) { 103 handle->mark = true; 104 std::lock_guard<std::mutex> lock(g_usb_handles_mutex); 105 g_usb_handles.push_back(std::move(handle)); 106 } 107 108 static void AndroidInterfaceAdded(io_iterator_t iterator); 109 static std::unique_ptr<usb_handle> CheckInterface(IOUSBInterfaceInterface190 **iface, 110 UInt16 vendor, UInt16 product); 111 112 static bool FindUSBDevices() { 113 // Create the matching dictionary to find the Android device's adb interface. 114 CFMutableDictionaryRef matchingDict = IOServiceMatching(kIOUSBInterfaceClassName); 115 if (!matchingDict) { 116 LOG(ERROR) << "couldn't create USB matching dictionary"; 117 return false; 118 } 119 // Create an iterator for all I/O Registry objects that match the dictionary. 120 io_iterator_t iter = 0; 121 kern_return_t kr = IOServiceGetMatchingServices(kIOMasterPortDefault, matchingDict, &iter); 122 if (kr != KERN_SUCCESS) { 123 LOG(ERROR) << "failed to get matching services"; 124 return false; 125 } 126 // Iterate over all matching objects. 127 AndroidInterfaceAdded(iter); 128 IOObjectRelease(iter); 129 return true; 130 } 131 132 static void 133 AndroidInterfaceAdded(io_iterator_t iterator) 134 { 135 kern_return_t kr; 136 io_service_t usbDevice; 137 io_service_t usbInterface; 138 IOCFPlugInInterface **plugInInterface = NULL; 139 IOUSBInterfaceInterface220 **iface = NULL; 140 IOUSBDeviceInterface197 **dev = NULL; 141 HRESULT result; 142 SInt32 score; 143 uint32_t locationId; 144 UInt8 if_class, subclass, protocol; 145 UInt16 vendor; 146 UInt16 product; 147 UInt8 serialIndex; 148 char serial[256]; 149 std::string devpath; 150 151 while ((usbInterface = IOIteratorNext(iterator))) { 152 //* Create an intermediate interface plugin 153 kr = IOCreatePlugInInterfaceForService(usbInterface, 154 kIOUSBInterfaceUserClientTypeID, 155 kIOCFPlugInInterfaceID, 156 &plugInInterface, &score); 157 IOObjectRelease(usbInterface); 158 if ((kIOReturnSuccess != kr) || (!plugInInterface)) { 159 LOG(ERROR) << "Unable to create an interface plug-in (" << std::hex << kr << ")"; 160 continue; 161 } 162 163 //* This gets us the interface object 164 result = (*plugInInterface)->QueryInterface( 165 plugInInterface, 166 CFUUIDGetUUIDBytes(kIOUSBInterfaceInterfaceID), (LPVOID*)&iface); 167 //* We only needed the plugin to get the interface, so discard it 168 (*plugInInterface)->Release(plugInInterface); 169 if (result || !iface) { 170 LOG(ERROR) << "Couldn't query the interface (" << std::hex << result << ")"; 171 continue; 172 } 173 174 kr = (*iface)->GetInterfaceClass(iface, &if_class); 175 kr = (*iface)->GetInterfaceSubClass(iface, &subclass); 176 kr = (*iface)->GetInterfaceProtocol(iface, &protocol); 177 if(if_class != ADB_CLASS || subclass != ADB_SUBCLASS || protocol != ADB_PROTOCOL) { 178 // Ignore non-ADB devices. 179 LOG(DEBUG) << "Ignoring interface with incorrect class/subclass/protocol - " << if_class 180 << ", " << subclass << ", " << protocol; 181 (*iface)->Release(iface); 182 continue; 183 } 184 185 //* this gets us an ioservice, with which we will find the actual 186 //* device; after getting a plugin, and querying the interface, of 187 //* course. 188 //* Gotta love OS X 189 kr = (*iface)->GetDevice(iface, &usbDevice); 190 if (kIOReturnSuccess != kr || !usbDevice) { 191 LOG(ERROR) << "Couldn't grab device from interface (" << std::hex << kr << ")"; 192 (*iface)->Release(iface); 193 continue; 194 } 195 196 plugInInterface = NULL; 197 score = 0; 198 //* create an intermediate device plugin 199 kr = IOCreatePlugInInterfaceForService(usbDevice, 200 kIOUSBDeviceUserClientTypeID, 201 kIOCFPlugInInterfaceID, 202 &plugInInterface, &score); 203 //* only needed this to find the plugin 204 (void)IOObjectRelease(usbDevice); 205 if ((kIOReturnSuccess != kr) || (!plugInInterface)) { 206 LOG(ERROR) << "Unable to create a device plug-in (" << std::hex << kr << ")"; 207 (*iface)->Release(iface); 208 continue; 209 } 210 211 result = (*plugInInterface)->QueryInterface(plugInInterface, 212 CFUUIDGetUUIDBytes(kIOUSBDeviceInterfaceID), (LPVOID*)&dev); 213 //* only needed this to query the plugin 214 (*plugInInterface)->Release(plugInInterface); 215 if (result || !dev) { 216 LOG(ERROR) << "Couldn't create a device interface (" << std::hex << result << ")"; 217 (*iface)->Release(iface); 218 continue; 219 } 220 221 //* Now after all that, we actually have a ref to the device and 222 //* the interface that matched our criteria 223 kr = (*dev)->GetDeviceVendor(dev, &vendor); 224 kr = (*dev)->GetDeviceProduct(dev, &product); 225 kr = (*dev)->GetLocationID(dev, &locationId); 226 if (kr == KERN_SUCCESS) { 227 devpath = android::base::StringPrintf("usb:%" PRIu32 "X", locationId); 228 if (IsKnownDevice(devpath)) { 229 (*dev)->Release(dev); 230 (*iface)->Release(iface); 231 continue; 232 } 233 } 234 kr = (*dev)->USBGetSerialNumberStringIndex(dev, &serialIndex); 235 236 if (serialIndex > 0) { 237 IOUSBDevRequest req; 238 UInt16 buffer[256]; 239 UInt16 languages[128]; 240 241 memset(languages, 0, sizeof(languages)); 242 243 req.bmRequestType = 244 USBmakebmRequestType(kUSBIn, kUSBStandard, kUSBDevice); 245 req.bRequest = kUSBRqGetDescriptor; 246 req.wValue = (kUSBStringDesc << 8) | 0; 247 req.wIndex = 0; 248 req.pData = languages; 249 req.wLength = sizeof(languages); 250 kr = (*dev)->DeviceRequest(dev, &req); 251 252 if (kr == kIOReturnSuccess && req.wLenDone > 0) { 253 254 int langCount = (req.wLenDone - 2) / 2, lang; 255 256 for (lang = 1; lang <= langCount; lang++) { 257 258 memset(buffer, 0, sizeof(buffer)); 259 memset(&req, 0, sizeof(req)); 260 261 req.bmRequestType = 262 USBmakebmRequestType(kUSBIn, kUSBStandard, kUSBDevice); 263 req.bRequest = kUSBRqGetDescriptor; 264 req.wValue = (kUSBStringDesc << 8) | serialIndex; 265 req.wIndex = languages[lang]; 266 req.pData = buffer; 267 req.wLength = sizeof(buffer); 268 kr = (*dev)->DeviceRequest(dev, &req); 269 270 if (kr == kIOReturnSuccess && req.wLenDone > 0) { 271 int i, count; 272 273 // skip first word, and copy the rest to the serial string, 274 // changing shorts to bytes. 275 count = (req.wLenDone - 1) / 2; 276 for (i = 0; i < count; i++) 277 serial[i] = buffer[i + 1]; 278 serial[i] = 0; 279 break; 280 } 281 } 282 } 283 } 284 285 (*dev)->Release(dev); 286 287 VLOG(USB) << android::base::StringPrintf("Found vid=%04x pid=%04x serial=%s\n", 288 vendor, product, serial); 289 if (devpath.empty()) { 290 devpath = serial; 291 } 292 if (IsKnownDevice(devpath)) { 293 (*iface)->USBInterfaceClose(iface); 294 (*iface)->Release(iface); 295 continue; 296 } 297 298 std::unique_ptr<usb_handle> handle = CheckInterface((IOUSBInterfaceInterface190**)iface, 299 vendor, product); 300 if (handle == nullptr) { 301 LOG(ERROR) << "Could not find device interface"; 302 (*iface)->Release(iface); 303 continue; 304 } 305 handle->devpath = devpath; 306 usb_handle* handle_p = handle.get(); 307 VLOG(USB) << "Add usb device " << serial; 308 AddDevice(std::move(handle)); 309 register_usb_transport(reinterpret_cast<::usb_handle*>(handle_p), serial, devpath.c_str(), 310 1); 311 } 312 } 313 314 // Used to clear both the endpoints before starting. 315 // When adb quits, we might clear the host endpoint but not the device. 316 // So we make sure both sides are clear before starting up. 317 static bool ClearPipeStallBothEnds(IOUSBInterfaceInterface190** interface, UInt8 bulkEp) { 318 IOReturn rc = (*interface)->ClearPipeStallBothEnds(interface, bulkEp); 319 if (rc != kIOReturnSuccess) { 320 LOG(ERROR) << "Could not clear pipe stall both ends: " << std::hex << rc; 321 return false; 322 } 323 return true; 324 } 325 326 //* TODO: simplify this further since we only register to get ADB interface 327 //* subclass+protocol events 328 static std::unique_ptr<usb_handle> 329 CheckInterface(IOUSBInterfaceInterface190 **interface, UInt16 vendor, UInt16 product) 330 { 331 std::unique_ptr<usb_handle> handle; 332 IOReturn kr; 333 UInt8 interfaceNumEndpoints, interfaceClass, interfaceSubClass, interfaceProtocol; 334 UInt8 endpoint; 335 336 //* Now open the interface. This will cause the pipes associated with 337 //* the endpoints in the interface descriptor to be instantiated 338 kr = (*interface)->USBInterfaceOpen(interface); 339 if (kr != kIOReturnSuccess) { 340 LOG(ERROR) << "Could not open interface: " << std::hex << kr; 341 return NULL; 342 } 343 344 //* Get the number of endpoints associated with this interface 345 kr = (*interface)->GetNumEndpoints(interface, &interfaceNumEndpoints); 346 if (kr != kIOReturnSuccess) { 347 LOG(ERROR) << "Unable to get number of endpoints: " << std::hex << kr; 348 goto err_get_num_ep; 349 } 350 351 //* Get interface class, subclass and protocol 352 if ((*interface)->GetInterfaceClass(interface, &interfaceClass) != kIOReturnSuccess || 353 (*interface)->GetInterfaceSubClass(interface, &interfaceSubClass) != kIOReturnSuccess || 354 (*interface)->GetInterfaceProtocol(interface, &interfaceProtocol) != kIOReturnSuccess) { 355 LOG(ERROR) << "Unable to get interface class, subclass and protocol"; 356 goto err_get_interface_class; 357 } 358 359 //* check to make sure interface class, subclass and protocol match ADB 360 //* avoid opening mass storage endpoints 361 if (!is_adb_interface(interfaceClass, interfaceSubClass, interfaceProtocol)) { 362 goto err_bad_adb_interface; 363 } 364 365 handle.reset(new usb_handle); 366 if (handle == nullptr) { 367 goto err_bad_adb_interface; 368 } 369 370 //* Iterate over the endpoints for this interface and find the first 371 //* bulk in/out pipes available. These will be our read/write pipes. 372 for (endpoint = 1; endpoint <= interfaceNumEndpoints; endpoint++) { 373 UInt8 transferType; 374 UInt16 maxPacketSize; 375 UInt8 interval; 376 UInt8 number; 377 UInt8 direction; 378 379 kr = (*interface)->GetPipeProperties(interface, endpoint, &direction, 380 &number, &transferType, &maxPacketSize, &interval); 381 if (kr != kIOReturnSuccess) { 382 LOG(ERROR) << "FindDeviceInterface - could not get pipe properties: " 383 << std::hex << kr; 384 goto err_get_pipe_props; 385 } 386 387 if (kUSBBulk != transferType) continue; 388 389 if (kUSBIn == direction) { 390 handle->bulkIn = endpoint; 391 if (!ClearPipeStallBothEnds(interface, handle->bulkIn)) goto err_get_pipe_props; 392 } 393 394 if (kUSBOut == direction) { 395 handle->bulkOut = endpoint; 396 if (!ClearPipeStallBothEnds(interface, handle->bulkOut)) goto err_get_pipe_props; 397 } 398 399 handle->zero_mask = maxPacketSize - 1; 400 handle->max_packet_size = maxPacketSize; 401 } 402 403 handle->interface = interface; 404 return handle; 405 406 err_get_pipe_props: 407 err_bad_adb_interface: 408 err_get_interface_class: 409 err_get_num_ep: 410 (*interface)->USBInterfaceClose(interface); 411 return nullptr; 412 } 413 414 std::mutex& operate_device_lock = *new std::mutex(); 415 416 static void RunLoopThread() { 417 adb_thread_setname("RunLoop"); 418 419 VLOG(USB) << "RunLoopThread started"; 420 while (true) { 421 { 422 std::lock_guard<std::mutex> lock_guard(operate_device_lock); 423 FindUSBDevices(); 424 KickDisconnectedDevices(); 425 } 426 // Signal the parent that we are running 427 usb_inited_flag = true; 428 std::this_thread::sleep_for(1s); 429 } 430 VLOG(USB) << "RunLoopThread done"; 431 } 432 433 void usb_cleanup() NO_THREAD_SAFETY_ANALYSIS { 434 VLOG(USB) << "usb_cleanup"; 435 // Wait until usb operations in RunLoopThread finish, and prevent further operations. 436 operate_device_lock.lock(); 437 close_usb_devices(); 438 } 439 440 void usb_init() { 441 static bool initialized = false; 442 if (!initialized) { 443 usb_inited_flag = false; 444 445 std::thread(RunLoopThread).detach(); 446 447 // Wait for initialization to finish 448 while (!usb_inited_flag) { 449 std::this_thread::sleep_for(100ms); 450 } 451 452 initialized = true; 453 } 454 } 455 456 int usb_write(usb_handle *handle, const void *buf, int len) 457 { 458 IOReturn result; 459 460 if (!len) 461 return 0; 462 463 if (!handle || handle->dead) 464 return -1; 465 466 if (NULL == handle->interface) { 467 LOG(ERROR) << "usb_write interface was null"; 468 return -1; 469 } 470 471 if (0 == handle->bulkOut) { 472 LOG(ERROR) << "bulkOut endpoint not assigned"; 473 return -1; 474 } 475 476 result = 477 (*handle->interface)->WritePipe(handle->interface, handle->bulkOut, (void *)buf, len); 478 479 if ((result == 0) && (handle->zero_mask)) { 480 /* we need 0-markers and our transfer */ 481 if(!(len & handle->zero_mask)) { 482 result = 483 (*handle->interface)->WritePipe( 484 handle->interface, handle->bulkOut, (void *)buf, 0); 485 } 486 } 487 488 if (0 == result) 489 return 0; 490 491 LOG(ERROR) << "usb_write failed with status: " << std::hex << result; 492 return -1; 493 } 494 495 int usb_read(usb_handle *handle, void *buf, int len) 496 { 497 IOReturn result; 498 UInt32 numBytes = len; 499 500 if (!len) { 501 return 0; 502 } 503 504 if (!handle || handle->dead) { 505 return -1; 506 } 507 508 if (NULL == handle->interface) { 509 LOG(ERROR) << "usb_read interface was null"; 510 return -1; 511 } 512 513 if (0 == handle->bulkIn) { 514 LOG(ERROR) << "bulkIn endpoint not assigned"; 515 return -1; 516 } 517 518 result = (*handle->interface)->ReadPipe(handle->interface, handle->bulkIn, buf, &numBytes); 519 520 if (kIOUSBPipeStalled == result) { 521 LOG(ERROR) << "Pipe stalled, clearing stall.\n"; 522 (*handle->interface)->ClearPipeStall(handle->interface, handle->bulkIn); 523 result = (*handle->interface)->ReadPipe(handle->interface, handle->bulkIn, buf, &numBytes); 524 } 525 526 if (kIOReturnSuccess == result) 527 return numBytes; 528 else { 529 LOG(ERROR) << "usb_read failed with status: " << std::hex << result; 530 } 531 532 return -1; 533 } 534 535 int usb_close(usb_handle *handle) 536 { 537 std::lock_guard<std::mutex> lock(g_usb_handles_mutex); 538 for (auto it = g_usb_handles.begin(); it != g_usb_handles.end(); ++it) { 539 if ((*it).get() == handle) { 540 g_usb_handles.erase(it); 541 break; 542 } 543 } 544 return 0; 545 } 546 547 static void usb_kick_locked(usb_handle *handle) 548 { 549 LOG(INFO) << "Kicking handle"; 550 /* release the interface */ 551 if (!handle) 552 return; 553 554 if (!handle->dead) 555 { 556 handle->dead = true; 557 (*handle->interface)->USBInterfaceClose(handle->interface); 558 (*handle->interface)->Release(handle->interface); 559 } 560 } 561 562 void usb_kick(usb_handle *handle) { 563 // Use the lock to avoid multiple thread kicking the device at the same time. 564 std::lock_guard<std::mutex> lock_guard(g_usb_handles_mutex); 565 usb_kick_locked(handle); 566 } 567 568 size_t usb_get_max_packet_size(usb_handle* handle) { 569 return handle->max_packet_size; 570 } 571 572 } // namespace native 573