1 /* 2 * Copyright (C) 2007 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #define TRACE_TAG USB 18 19 #include "sysdeps.h" 20 21 #include <CoreFoundation/CoreFoundation.h> 22 23 #include <IOKit/IOKitLib.h> 24 #include <IOKit/IOCFPlugIn.h> 25 #include <IOKit/usb/IOUSBLib.h> 26 #include <IOKit/IOMessage.h> 27 #include <mach/mach_port.h> 28 29 #include <inttypes.h> 30 #include <stdio.h> 31 32 #include <atomic> 33 #include <chrono> 34 #include <memory> 35 #include <mutex> 36 #include <thread> 37 #include <vector> 38 39 #include <android-base/logging.h> 40 #include <android-base/stringprintf.h> 41 #include <android-base/thread_annotations.h> 42 43 #include "adb.h" 44 #include "transport.h" 45 46 using namespace std::chrono_literals; 47 48 namespace native { 49 struct usb_handle 50 { 51 UInt8 bulkIn; 52 UInt8 bulkOut; 53 IOUSBInterfaceInterface550** interface; 54 unsigned int zero_mask; 55 size_t max_packet_size; 56 57 // For garbage collecting disconnected devices. 58 bool mark; 59 std::string devpath; 60 std::atomic<bool> dead; 61 62 usb_handle() 63 : bulkIn(0), 64 bulkOut(0), 65 interface(nullptr), 66 zero_mask(0), 67 max_packet_size(0), 68 mark(false), 69 dead(false) {} 70 }; 71 72 static std::atomic<bool> usb_inited_flag; 73 74 static auto& g_usb_handles_mutex = *new std::mutex(); 75 static auto& g_usb_handles = *new std::vector<std::unique_ptr<usb_handle>>(); 76 77 static bool IsKnownDevice(const std::string& devpath) { 78 std::lock_guard<std::mutex> lock_guard(g_usb_handles_mutex); 79 for (auto& usb : g_usb_handles) { 80 if (usb->devpath == devpath) { 81 // Set mark flag to indicate this device is still alive. 82 usb->mark = true; 83 return true; 84 } 85 } 86 return false; 87 } 88 89 static void usb_kick_locked(usb_handle* handle); 90 91 static void KickDisconnectedDevices() { 92 std::lock_guard<std::mutex> lock_guard(g_usb_handles_mutex); 93 for (auto& usb : g_usb_handles) { 94 if (!usb->mark) { 95 usb_kick_locked(usb.get()); 96 } else { 97 usb->mark = false; 98 } 99 } 100 } 101 102 static void AddDevice(std::unique_ptr<usb_handle> handle) { 103 handle->mark = true; 104 std::lock_guard<std::mutex> lock(g_usb_handles_mutex); 105 g_usb_handles.push_back(std::move(handle)); 106 } 107 108 static void AndroidInterfaceAdded(io_iterator_t iterator); 109 static std::unique_ptr<usb_handle> CheckInterface(IOUSBInterfaceInterface550** iface, UInt16 vendor, 110 UInt16 product); 111 112 static bool FindUSBDevices() { 113 // Create the matching dictionary to find the Android device's adb interface. 114 CFMutableDictionaryRef matchingDict = IOServiceMatching(kIOUSBInterfaceClassName); 115 if (!matchingDict) { 116 LOG(ERROR) << "couldn't create USB matching dictionary"; 117 return false; 118 } 119 // Create an iterator for all I/O Registry objects that match the dictionary. 120 io_iterator_t iter = 0; 121 kern_return_t kr = IOServiceGetMatchingServices(kIOMasterPortDefault, matchingDict, &iter); 122 if (kr != KERN_SUCCESS) { 123 LOG(ERROR) << "failed to get matching services"; 124 return false; 125 } 126 // Iterate over all matching objects. 127 AndroidInterfaceAdded(iter); 128 IOObjectRelease(iter); 129 return true; 130 } 131 132 static void 133 AndroidInterfaceAdded(io_iterator_t iterator) 134 { 135 kern_return_t kr; 136 io_service_t usbDevice; 137 io_service_t usbInterface; 138 IOCFPlugInInterface **plugInInterface = NULL; 139 IOUSBInterfaceInterface220 **iface = NULL; 140 IOUSBDeviceInterface197 **dev = NULL; 141 HRESULT result; 142 SInt32 score; 143 uint32_t locationId; 144 UInt8 if_class, subclass, protocol; 145 UInt16 vendor; 146 UInt16 product; 147 UInt8 serialIndex; 148 char serial[256]; 149 std::string devpath; 150 151 while ((usbInterface = IOIteratorNext(iterator))) { 152 //* Create an intermediate interface plugin 153 kr = IOCreatePlugInInterfaceForService(usbInterface, 154 kIOUSBInterfaceUserClientTypeID, 155 kIOCFPlugInInterfaceID, 156 &plugInInterface, &score); 157 IOObjectRelease(usbInterface); 158 if ((kIOReturnSuccess != kr) || (!plugInInterface)) { 159 LOG(ERROR) << "Unable to create an interface plug-in (" << std::hex << kr << ")"; 160 continue; 161 } 162 163 //* This gets us the interface object 164 result = (*plugInInterface)->QueryInterface( 165 plugInInterface, 166 CFUUIDGetUUIDBytes(kIOUSBInterfaceInterfaceID), (LPVOID*)&iface); 167 //* We only needed the plugin to get the interface, so discard it 168 (*plugInInterface)->Release(plugInInterface); 169 if (result || !iface) { 170 LOG(ERROR) << "Couldn't query the interface (" << std::hex << result << ")"; 171 continue; 172 } 173 174 kr = (*iface)->GetInterfaceClass(iface, &if_class); 175 kr = (*iface)->GetInterfaceSubClass(iface, &subclass); 176 kr = (*iface)->GetInterfaceProtocol(iface, &protocol); 177 if (!is_adb_interface(if_class, subclass, protocol)) { 178 // Ignore non-ADB devices. 179 LOG(DEBUG) << "Ignoring interface with incorrect class/subclass/protocol - " << if_class 180 << ", " << subclass << ", " << protocol; 181 (*iface)->Release(iface); 182 continue; 183 } 184 185 //* this gets us an ioservice, with which we will find the actual 186 //* device; after getting a plugin, and querying the interface, of 187 //* course. 188 //* Gotta love OS X 189 kr = (*iface)->GetDevice(iface, &usbDevice); 190 if (kIOReturnSuccess != kr || !usbDevice) { 191 LOG(ERROR) << "Couldn't grab device from interface (" << std::hex << kr << ")"; 192 (*iface)->Release(iface); 193 continue; 194 } 195 196 plugInInterface = NULL; 197 score = 0; 198 //* create an intermediate device plugin 199 kr = IOCreatePlugInInterfaceForService(usbDevice, 200 kIOUSBDeviceUserClientTypeID, 201 kIOCFPlugInInterfaceID, 202 &plugInInterface, &score); 203 //* only needed this to find the plugin 204 (void)IOObjectRelease(usbDevice); 205 if ((kIOReturnSuccess != kr) || (!plugInInterface)) { 206 LOG(ERROR) << "Unable to create a device plug-in (" << std::hex << kr << ")"; 207 (*iface)->Release(iface); 208 continue; 209 } 210 211 result = (*plugInInterface)->QueryInterface(plugInInterface, 212 CFUUIDGetUUIDBytes(kIOUSBDeviceInterfaceID), (LPVOID*)&dev); 213 //* only needed this to query the plugin 214 (*plugInInterface)->Release(plugInInterface); 215 if (result || !dev) { 216 LOG(ERROR) << "Couldn't create a device interface (" << std::hex << result << ")"; 217 (*iface)->Release(iface); 218 continue; 219 } 220 221 //* Now after all that, we actually have a ref to the device and 222 //* the interface that matched our criteria 223 kr = (*dev)->GetDeviceVendor(dev, &vendor); 224 kr = (*dev)->GetDeviceProduct(dev, &product); 225 kr = (*dev)->GetLocationID(dev, &locationId); 226 if (kr == KERN_SUCCESS) { 227 devpath = android::base::StringPrintf("usb:%" PRIu32 "X", locationId); 228 if (IsKnownDevice(devpath)) { 229 (*dev)->Release(dev); 230 (*iface)->Release(iface); 231 continue; 232 } 233 } 234 kr = (*dev)->USBGetSerialNumberStringIndex(dev, &serialIndex); 235 236 if (serialIndex > 0) { 237 IOUSBDevRequest req; 238 UInt16 buffer[256]; 239 UInt16 languages[128]; 240 241 memset(languages, 0, sizeof(languages)); 242 243 req.bmRequestType = 244 USBmakebmRequestType(kUSBIn, kUSBStandard, kUSBDevice); 245 req.bRequest = kUSBRqGetDescriptor; 246 req.wValue = (kUSBStringDesc << 8) | 0; 247 req.wIndex = 0; 248 req.pData = languages; 249 req.wLength = sizeof(languages); 250 kr = (*dev)->DeviceRequest(dev, &req); 251 252 if (kr == kIOReturnSuccess && req.wLenDone > 0) { 253 254 int langCount = (req.wLenDone - 2) / 2, lang; 255 256 for (lang = 1; lang <= langCount; lang++) { 257 258 memset(buffer, 0, sizeof(buffer)); 259 memset(&req, 0, sizeof(req)); 260 261 req.bmRequestType = 262 USBmakebmRequestType(kUSBIn, kUSBStandard, kUSBDevice); 263 req.bRequest = kUSBRqGetDescriptor; 264 req.wValue = (kUSBStringDesc << 8) | serialIndex; 265 req.wIndex = languages[lang]; 266 req.pData = buffer; 267 req.wLength = sizeof(buffer); 268 kr = (*dev)->DeviceRequest(dev, &req); 269 270 if (kr == kIOReturnSuccess && req.wLenDone > 0) { 271 int i, count; 272 273 // skip first word, and copy the rest to the serial string, 274 // changing shorts to bytes. 275 count = (req.wLenDone - 1) / 2; 276 for (i = 0; i < count; i++) 277 serial[i] = buffer[i + 1]; 278 serial[i] = 0; 279 break; 280 } 281 } 282 } 283 } 284 285 (*dev)->Release(dev); 286 287 VLOG(USB) << android::base::StringPrintf("Found vid=%04x pid=%04x serial=%s\n", 288 vendor, product, serial); 289 if (devpath.empty()) { 290 devpath = serial; 291 } 292 if (IsKnownDevice(devpath)) { 293 (*iface)->USBInterfaceClose(iface); 294 (*iface)->Release(iface); 295 continue; 296 } 297 298 std::unique_ptr<usb_handle> handle = 299 CheckInterface((IOUSBInterfaceInterface550**)iface, vendor, product); 300 if (handle == nullptr) { 301 LOG(ERROR) << "Could not find device interface"; 302 (*iface)->Release(iface); 303 continue; 304 } 305 handle->devpath = devpath; 306 usb_handle* handle_p = handle.get(); 307 VLOG(USB) << "Add usb device " << serial; 308 LOG(INFO) << "reported max packet size for " << serial << " is " << handle->max_packet_size; 309 AddDevice(std::move(handle)); 310 register_usb_transport(reinterpret_cast<::usb_handle*>(handle_p), serial, devpath.c_str(), 311 1); 312 } 313 } 314 315 // Used to clear both the endpoints before starting. 316 // When adb quits, we might clear the host endpoint but not the device. 317 // So we make sure both sides are clear before starting up. 318 static bool ClearPipeStallBothEnds(IOUSBInterfaceInterface550** interface, UInt8 bulkEp) { 319 IOReturn rc = (*interface)->ClearPipeStallBothEnds(interface, bulkEp); 320 if (rc != kIOReturnSuccess) { 321 LOG(ERROR) << "Could not clear pipe stall both ends: " << std::hex << rc; 322 return false; 323 } 324 return true; 325 } 326 327 //* TODO: simplify this further since we only register to get ADB interface 328 //* subclass+protocol events 329 static std::unique_ptr<usb_handle> CheckInterface(IOUSBInterfaceInterface550** interface, 330 UInt16 vendor, UInt16 product) { 331 std::unique_ptr<usb_handle> handle; 332 IOReturn kr; 333 UInt8 interfaceNumEndpoints, interfaceClass, interfaceSubClass, interfaceProtocol; 334 UInt8 endpoint; 335 336 //* Now open the interface. This will cause the pipes associated with 337 //* the endpoints in the interface descriptor to be instantiated 338 kr = (*interface)->USBInterfaceOpen(interface); 339 if (kr != kIOReturnSuccess) { 340 LOG(ERROR) << "Could not open interface: " << std::hex << kr; 341 return NULL; 342 } 343 344 //* Get the number of endpoints associated with this interface 345 kr = (*interface)->GetNumEndpoints(interface, &interfaceNumEndpoints); 346 if (kr != kIOReturnSuccess) { 347 LOG(ERROR) << "Unable to get number of endpoints: " << std::hex << kr; 348 goto err_get_num_ep; 349 } 350 351 //* Get interface class, subclass and protocol 352 if ((*interface)->GetInterfaceClass(interface, &interfaceClass) != kIOReturnSuccess || 353 (*interface)->GetInterfaceSubClass(interface, &interfaceSubClass) != kIOReturnSuccess || 354 (*interface)->GetInterfaceProtocol(interface, &interfaceProtocol) != kIOReturnSuccess) { 355 LOG(ERROR) << "Unable to get interface class, subclass and protocol"; 356 goto err_get_interface_class; 357 } 358 359 //* check to make sure interface class, subclass and protocol match ADB 360 //* avoid opening mass storage endpoints 361 if (!is_adb_interface(interfaceClass, interfaceSubClass, interfaceProtocol)) { 362 goto err_bad_adb_interface; 363 } 364 365 handle.reset(new usb_handle); 366 if (handle == nullptr) { 367 goto err_bad_adb_interface; 368 } 369 370 //* Iterate over the endpoints for this interface and find the first 371 //* bulk in/out pipes available. These will be our read/write pipes. 372 for (endpoint = 1; endpoint <= interfaceNumEndpoints; endpoint++) { 373 UInt8 transferType; 374 UInt16 maxPacketSize; 375 UInt8 interval; 376 UInt8 number; 377 UInt8 direction; 378 UInt8 maxBurst; 379 UInt8 mult; 380 UInt16 bytesPerInterval; 381 382 kr = (*interface) 383 ->GetPipePropertiesV2(interface, endpoint, &direction, &number, &transferType, 384 &maxPacketSize, &interval, &maxBurst, &mult, 385 &bytesPerInterval); 386 if (kr != kIOReturnSuccess) { 387 LOG(ERROR) << "FindDeviceInterface - could not get pipe properties: " 388 << std::hex << kr; 389 goto err_get_pipe_props; 390 } 391 392 if (kUSBBulk != transferType) continue; 393 394 if (kUSBIn == direction) { 395 handle->bulkIn = endpoint; 396 if (!ClearPipeStallBothEnds(interface, handle->bulkIn)) goto err_get_pipe_props; 397 } 398 399 if (kUSBOut == direction) { 400 handle->bulkOut = endpoint; 401 if (!ClearPipeStallBothEnds(interface, handle->bulkOut)) goto err_get_pipe_props; 402 } 403 404 if (maxBurst != 0) 405 // bMaxBurst is the number of additional packets in the burst. 406 maxPacketSize /= (maxBurst + 1); 407 408 // mult is only relevant for isochronous endpoints. 409 CHECK_EQ(0, mult); 410 411 handle->zero_mask = maxPacketSize - 1; 412 handle->max_packet_size = maxPacketSize; 413 } 414 415 handle->interface = interface; 416 return handle; 417 418 err_get_pipe_props: 419 err_bad_adb_interface: 420 err_get_interface_class: 421 err_get_num_ep: 422 (*interface)->USBInterfaceClose(interface); 423 return nullptr; 424 } 425 426 std::mutex& operate_device_lock = *new std::mutex(); 427 428 static void RunLoopThread() { 429 adb_thread_setname("RunLoop"); 430 431 VLOG(USB) << "RunLoopThread started"; 432 while (true) { 433 { 434 std::lock_guard<std::mutex> lock_guard(operate_device_lock); 435 FindUSBDevices(); 436 KickDisconnectedDevices(); 437 } 438 // Signal the parent that we are running 439 usb_inited_flag = true; 440 std::this_thread::sleep_for(1s); 441 } 442 VLOG(USB) << "RunLoopThread done"; 443 } 444 445 void usb_cleanup() NO_THREAD_SAFETY_ANALYSIS { 446 VLOG(USB) << "usb_cleanup"; 447 // Wait until usb operations in RunLoopThread finish, and prevent further operations. 448 operate_device_lock.lock(); 449 close_usb_devices(); 450 } 451 452 void usb_init() { 453 static bool initialized = false; 454 if (!initialized) { 455 usb_inited_flag = false; 456 457 std::thread(RunLoopThread).detach(); 458 459 // Wait for initialization to finish 460 while (!usb_inited_flag) { 461 std::this_thread::sleep_for(100ms); 462 } 463 464 initialized = true; 465 } 466 } 467 468 int usb_write(usb_handle *handle, const void *buf, int len) 469 { 470 IOReturn result; 471 472 if (!len) 473 return 0; 474 475 if (!handle || handle->dead) 476 return -1; 477 478 if (NULL == handle->interface) { 479 LOG(ERROR) << "usb_write interface was null"; 480 return -1; 481 } 482 483 if (0 == handle->bulkOut) { 484 LOG(ERROR) << "bulkOut endpoint not assigned"; 485 return -1; 486 } 487 488 result = 489 (*handle->interface)->WritePipe(handle->interface, handle->bulkOut, (void *)buf, len); 490 491 if ((result == 0) && (handle->zero_mask)) { 492 /* we need 0-markers and our transfer */ 493 if(!(len & handle->zero_mask)) { 494 result = 495 (*handle->interface)->WritePipe( 496 handle->interface, handle->bulkOut, (void *)buf, 0); 497 } 498 } 499 500 if (0 == result) 501 return 0; 502 503 LOG(ERROR) << "usb_write failed with status: " << std::hex << result; 504 return -1; 505 } 506 507 int usb_read(usb_handle *handle, void *buf, int len) 508 { 509 IOReturn result; 510 UInt32 numBytes = len; 511 512 if (!len) { 513 return 0; 514 } 515 516 if (!handle || handle->dead) { 517 return -1; 518 } 519 520 if (NULL == handle->interface) { 521 LOG(ERROR) << "usb_read interface was null"; 522 return -1; 523 } 524 525 if (0 == handle->bulkIn) { 526 LOG(ERROR) << "bulkIn endpoint not assigned"; 527 return -1; 528 } 529 530 result = (*handle->interface)->ReadPipe(handle->interface, handle->bulkIn, buf, &numBytes); 531 532 if (kIOUSBPipeStalled == result) { 533 LOG(ERROR) << "Pipe stalled, clearing stall.\n"; 534 (*handle->interface)->ClearPipeStall(handle->interface, handle->bulkIn); 535 result = (*handle->interface)->ReadPipe(handle->interface, handle->bulkIn, buf, &numBytes); 536 } 537 538 if (kIOReturnSuccess == result) 539 return numBytes; 540 else { 541 LOG(ERROR) << "usb_read failed with status: " << std::hex << result; 542 } 543 544 return -1; 545 } 546 547 int usb_close(usb_handle *handle) 548 { 549 std::lock_guard<std::mutex> lock(g_usb_handles_mutex); 550 for (auto it = g_usb_handles.begin(); it != g_usb_handles.end(); ++it) { 551 if ((*it).get() == handle) { 552 g_usb_handles.erase(it); 553 break; 554 } 555 } 556 return 0; 557 } 558 559 static void usb_kick_locked(usb_handle *handle) 560 { 561 LOG(INFO) << "Kicking handle"; 562 /* release the interface */ 563 if (!handle) 564 return; 565 566 if (!handle->dead) 567 { 568 handle->dead = true; 569 (*handle->interface)->USBInterfaceClose(handle->interface); 570 (*handle->interface)->Release(handle->interface); 571 } 572 } 573 574 void usb_kick(usb_handle *handle) { 575 // Use the lock to avoid multiple thread kicking the device at the same time. 576 std::lock_guard<std::mutex> lock_guard(g_usb_handles_mutex); 577 usb_kick_locked(handle); 578 } 579 580 size_t usb_get_max_packet_size(usb_handle* handle) { 581 return handle->max_packet_size; 582 } 583 584 } // namespace native 585