12
#include "qemu/osdep.h"
13
#include "qapi/error.h"
14
#include "qemu/error-report.h"
17
#include <glib/gstdio.h>
18
#include <sys/statvfs.h>
22
#include "qemu/module.h"
23
#include "qemu/filemonitor.h"
25
#include "hw/qdev-properties.h"
27
#include "migration/vmstate.h"
29
#include "qemu/units.h"
30
#include "qom/object.h"
34
enum mtp_container_type {42
enum mtp_write_status {50
CMD_GET_DEVICE_INFO = 0x1001,
51
CMD_OPEN_SESSION = 0x1002,
52
CMD_CLOSE_SESSION = 0x1003,
53
CMD_GET_STORAGE_IDS = 0x1004,
54
CMD_GET_STORAGE_INFO = 0x1005,
55
CMD_GET_NUM_OBJECTS = 0x1006,
56
CMD_GET_OBJECT_HANDLES = 0x1007,
57
CMD_GET_OBJECT_INFO = 0x1008,
58
CMD_GET_OBJECT = 0x1009,
59
CMD_DELETE_OBJECT = 0x100b,
60
CMD_SEND_OBJECT_INFO = 0x100c,
61
CMD_SEND_OBJECT = 0x100d,
62
CMD_GET_PARTIAL_OBJECT = 0x101b,
63
CMD_GET_OBJECT_PROPS_SUPPORTED = 0x9801,
64
CMD_GET_OBJECT_PROP_DESC = 0x9802,
65
CMD_GET_OBJECT_PROP_VALUE = 0x9803,
69
RES_GENERAL_ERROR = 0x2002,
70
RES_SESSION_NOT_OPEN = 0x2003,
71
RES_INVALID_TRANSACTION_ID = 0x2004,
72
RES_OPERATION_NOT_SUPPORTED = 0x2005,
73
RES_PARAMETER_NOT_SUPPORTED = 0x2006,
74
RES_INCOMPLETE_TRANSFER = 0x2007,
75
RES_INVALID_STORAGE_ID = 0x2008,
76
RES_INVALID_OBJECT_HANDLE = 0x2009,
77
RES_INVALID_OBJECT_FORMAT_CODE = 0x200b,
78
RES_STORE_FULL = 0x200c,
79
RES_STORE_READ_ONLY = 0x200e,
80
RES_PARTIAL_DELETE = 0x2012,
81
RES_STORE_NOT_AVAILABLE = 0x2013,
82
RES_SPEC_BY_FORMAT_UNSUPPORTED = 0x2014,
83
RES_INVALID_OBJECTINFO = 0x2015,
84
RES_DESTINATION_UNSUPPORTED = 0x2020,
85
RES_INVALID_PARENT_OBJECT = 0x201a,
86
RES_INVALID_PARAMETER = 0x201d,
87
RES_SESSION_ALREADY_OPEN = 0x201e,
88
RES_INVALID_OBJECT_PROP_CODE = 0xA801,
91
FMT_UNDEFINED_OBJECT = 0x3000,
92
FMT_ASSOCIATION = 0x3001,
95
EVT_CANCEL_TRANSACTION = 0x4001,
96
EVT_OBJ_ADDED = 0x4002,
97
EVT_OBJ_REMOVED = 0x4003,
98
EVT_OBJ_INFO_CHANGED = 0x4007,
101
PROP_STORAGE_ID = 0xDC01,
102
PROP_OBJECT_FORMAT = 0xDC02,
103
PROP_OBJECT_COMPRESSED_SIZE = 0xDC04,
104
PROP_PARENT_OBJECT = 0xDC0B,
105
PROP_PERSISTENT_UNIQUE_OBJECT_IDENTIFIER = 0xDC41,
110
DATA_TYPE_UINT16 = 0x0004,
111
DATA_TYPE_UINT32 = 0x0006,
112
DATA_TYPE_UINT64 = 0x0008,
113
DATA_TYPE_UINT128 = 0x000a,
114
DATA_TYPE_STRING = 0xffff,
122
} QEMU_PACKED mtp_container;
126
typedef struct MTPState MTPState;
127
typedef struct MTPControl MTPControl;
128
typedef struct MTPData MTPData;
129
typedef struct MTPObject MTPObject;
137
typedef struct MTPMonEntry MTPMonEntry;
143
QTAILQ_ENTRY(MTPMonEntry) next;
164
uint8_t write_status;
166
uint64_t data_offset;
179
QLIST_HEAD(, MTPObject) children;
180
QLIST_ENTRY(MTPObject) list;
182
QTAILQ_ENTRY(MTPObject) next;
195
uint32_t next_handle;
198
QTAILQ_HEAD(, MTPObject) objects;
199
QFileMonitor *file_monitor;
200
QTAILQ_HEAD(, MTPMonEntry) events;
204
uint32_t parent_handle;
218
uint16_t protection_status;
220
uint16_t thumb_format;
221
uint32_t thumb_comp_sz;
222
uint32_t thumb_pix_width;
223
uint32_t thumb_pix_height;
224
uint32_t image_pix_width;
225
uint32_t image_pix_height;
226
uint32_t image_bit_depth;
233
char date_created[0];
234
char date_modified[0];
237
} QEMU_PACKED ObjectInfo;
239
#define TYPE_USB_MTP "usb-mtp"
240
OBJECT_DECLARE_SIMPLE_TYPE(MTPState, USB_MTP)
242
#define QEMU_STORAGE_ID 0x00010001
244
#define MTP_FLAG_WRITABLE 0
246
#define FLAG_SET(_mtp, _flag) ((_mtp)->flags & (1 << (_flag)))
250
#define MTP_MANUFACTURER "QEMU"
251
#define MTP_PRODUCT "QEMU filesharing"
252
#define MTP_WRITE_BUF_SZ (512 * KiB)
255
STR_MANUFACTURER = 1,
264
static const USBDescStrings desc_strings = {265
[STR_MANUFACTURER] = MTP_MANUFACTURER,
266
[STR_PRODUCT] = MTP_PRODUCT,
267
[STR_SERIALNUMBER] = "34617",
269
[STR_CONFIG_FULL] = "Full speed config (usb 1.1)",
270
[STR_CONFIG_HIGH] = "High speed config (usb 2.0)",
271
[STR_CONFIG_SUPER] = "Super speed config (usb 3.0)",
274
static const USBDescIface desc_iface_full = {275
.bInterfaceNumber = 0,
277
.bInterfaceClass = USB_CLASS_STILL_IMAGE,
278
.bInterfaceSubClass = 0x01,
279
.bInterfaceProtocol = 0x01,
280
.iInterface = STR_MTP,
281
.eps = (USBDescEndpoint[]) {283
.bEndpointAddress = USB_DIR_IN | EP_DATA_IN,
284
.bmAttributes = USB_ENDPOINT_XFER_BULK,
285
.wMaxPacketSize = 64,
287
.bEndpointAddress = USB_DIR_OUT | EP_DATA_OUT,
288
.bmAttributes = USB_ENDPOINT_XFER_BULK,
289
.wMaxPacketSize = 64,
291
.bEndpointAddress = USB_DIR_IN | EP_EVENT,
292
.bmAttributes = USB_ENDPOINT_XFER_INT,
293
.wMaxPacketSize = 64,
299
static const USBDescDevice desc_device_full = {301
.bMaxPacketSize0 = 8,
302
.bNumConfigurations = 1,
303
.confs = (USBDescConfig[]) {306
.bConfigurationValue = 1,
307
.iConfiguration = STR_CONFIG_FULL,
308
.bmAttributes = USB_CFG_ATT_ONE | USB_CFG_ATT_WAKEUP,
311
.ifs = &desc_iface_full,
316
static const USBDescIface desc_iface_high = {317
.bInterfaceNumber = 0,
319
.bInterfaceClass = USB_CLASS_STILL_IMAGE,
320
.bInterfaceSubClass = 0x01,
321
.bInterfaceProtocol = 0x01,
322
.iInterface = STR_MTP,
323
.eps = (USBDescEndpoint[]) {325
.bEndpointAddress = USB_DIR_IN | EP_DATA_IN,
326
.bmAttributes = USB_ENDPOINT_XFER_BULK,
327
.wMaxPacketSize = 512,
329
.bEndpointAddress = USB_DIR_OUT | EP_DATA_OUT,
330
.bmAttributes = USB_ENDPOINT_XFER_BULK,
331
.wMaxPacketSize = 512,
333
.bEndpointAddress = USB_DIR_IN | EP_EVENT,
334
.bmAttributes = USB_ENDPOINT_XFER_INT,
335
.wMaxPacketSize = 64,
341
static const USBDescDevice desc_device_high = {343
.bMaxPacketSize0 = 64,
344
.bNumConfigurations = 1,
345
.confs = (USBDescConfig[]) {348
.bConfigurationValue = 1,
349
.iConfiguration = STR_CONFIG_HIGH,
350
.bmAttributes = USB_CFG_ATT_ONE | USB_CFG_ATT_WAKEUP,
353
.ifs = &desc_iface_high,
358
static const USBDescMSOS desc_msos = {359
.CompatibleID = "MTP",
360
.SelectiveSuspendEnabled = true,
363
static const USBDesc desc = {368
.iManufacturer = STR_MANUFACTURER,
369
.iProduct = STR_PRODUCT,
370
.iSerialNumber = STR_SERIALNUMBER,
372
.full = &desc_device_full,
373
.high = &desc_device_high,
380
static MTPObject *usb_mtp_object_alloc(MTPState *s, uint32_t handle,
381
MTPObject *parent, const char *name)
383
MTPObject *o = g_new0(MTPObject, 1);
385
if (name[0] == '.') {392
o->name = g_strdup(name);
393
if (parent == NULL) {394
o->path = g_strdup(name);
396
o->path = g_strdup_printf("%s/%s", parent->path, name);399
if (lstat(o->path, &o->stat) != 0) {402
if (S_ISREG(o->stat.st_mode)) {403
o->format = FMT_UNDEFINED_OBJECT;
404
} else if (S_ISDIR(o->stat.st_mode)) {405
o->format = FMT_ASSOCIATION;
410
if (access(o->path, R_OK) != 0) {414
trace_usb_mtp_object_alloc(s->dev.addr, o->handle, o->path);
416
QTAILQ_INSERT_TAIL(&s->objects, o, next);
426
static void usb_mtp_object_free(MTPState *s, MTPObject *o)
434
trace_usb_mtp_object_free(s->dev.addr, o->handle, o->path);
436
if (o->watchid != -1 && s->file_monitor) {437
qemu_file_monitor_remove_watch(s->file_monitor, o->path, o->watchid);
440
QTAILQ_REMOVE(&s->objects, o, next);
442
QLIST_REMOVE(o, list);
443
o->parent->nchildren--;
446
while (!QLIST_EMPTY(&o->children)) {447
iter = QLIST_FIRST(&o->children);
448
usb_mtp_object_free(s, iter);
455
static MTPObject *usb_mtp_object_lookup(MTPState *s, uint32_t handle)
459
QTAILQ_FOREACH(o, &s->objects, next) {460
if (o->handle == handle) {467
static MTPObject *usb_mtp_add_child(MTPState *s, MTPObject *o,
471
usb_mtp_object_alloc(s, s->next_handle++, o, name);
474
trace_usb_mtp_add_child(s->dev.addr, child->handle, child->path);
475
QLIST_INSERT_HEAD(&o->children, child, list);
478
if (child->format == FMT_ASSOCIATION) {479
QLIST_INIT(&child->children);
486
static MTPObject *usb_mtp_object_lookup_name(MTPObject *parent,
487
const char *name, int len)
495
QLIST_FOREACH(iter, &parent->children, list) {496
if (strncmp(iter->name, name, len) == 0) {504
static MTPObject *usb_mtp_object_lookup_id(MTPState *s, int64_t id)
508
QTAILQ_FOREACH(iter, &s->objects, next) {509
if (iter->watchid == id) {517
static void file_monitor_event(int64_t id,
518
QFileMonitorEvent ev,
522
MTPState *s = opaque;
523
MTPObject *parent = usb_mtp_object_lookup_id(s, id);
524
MTPMonEntry *entry = NULL;
532
case QFILE_MONITOR_EVENT_CREATED:
533
if (usb_mtp_object_lookup_name(parent, name, -1)) {537
entry = g_new0(MTPMonEntry, 1);
538
entry->handle = s->next_handle;
539
entry->event = EVT_OBJ_ADDED;
540
o = usb_mtp_add_child(s, parent, name);
545
trace_usb_mtp_file_monitor_event(s->dev.addr, name, "Obj Added");
548
case QFILE_MONITOR_EVENT_DELETED:
555
o = usb_mtp_object_lookup_name(parent, name, -1);
559
entry = g_new0(MTPMonEntry, 1);
560
entry->handle = o->handle;
561
entry->event = EVT_OBJ_REMOVED;
562
trace_usb_mtp_file_monitor_event(s->dev.addr, o->path, "Obj Deleted");
563
usb_mtp_object_free(s, o);
566
case QFILE_MONITOR_EVENT_MODIFIED:
567
o = usb_mtp_object_lookup_name(parent, name, -1);
571
entry = g_new0(MTPMonEntry, 1);
572
entry->handle = o->handle;
573
entry->event = EVT_OBJ_INFO_CHANGED;
574
trace_usb_mtp_file_monitor_event(s->dev.addr, o->path, "Obj Modified");
577
case QFILE_MONITOR_EVENT_IGNORED:
578
trace_usb_mtp_file_monitor_event(s->dev.addr, parent->path,
579
"Obj parent dir ignored");
582
case QFILE_MONITOR_EVENT_ATTRIBUTES:
586
g_assert_not_reached();
590
QTAILQ_INSERT_HEAD(&s->events, entry, next);
594
static void usb_mtp_file_monitor_cleanup(MTPState *s)
598
QTAILQ_FOREACH_SAFE(e, &s->events, next, p) {599
QTAILQ_REMOVE(&s->events, e, next);
603
qemu_file_monitor_free(s->file_monitor);
604
s->file_monitor = NULL;
608
static void usb_mtp_object_readdir(MTPState *s, MTPObject *o)
610
struct dirent *entry;
615
if (o->have_children) {618
o->have_children = true;
620
fd = open(o->path, O_DIRECTORY | O_CLOEXEC | O_NOFOLLOW);
630
if (s->file_monitor) {631
int64_t id = qemu_file_monitor_add_watch(s->file_monitor, o->path, NULL,
632
file_monitor_event, s, &err);
634
error_reportf_err(err,
635
"usb-mtp: failed to add watch for %s: ",
638
trace_usb_mtp_file_monitor_event(s->dev.addr, o->path,
644
while ((entry = readdir(dir)) != NULL) {645
usb_mtp_add_child(s, o, entry->d_name);
652
static MTPData *usb_mtp_data_alloc(MTPControl *c)
654
MTPData *data = g_new0(MTPData, 1);
656
data->code = c->code;
657
data->trans = c->trans;
663
static void usb_mtp_data_free(MTPData *data)
668
if (data->fd != -1) {675
static void usb_mtp_realloc(MTPData *data, uint32_t bytes)
677
if (data->length + bytes <= data->alloc) {680
data->alloc = (data->length + bytes + 0xff) & ~0xff;
681
data->data = g_realloc(data->data, data->alloc);
684
static void usb_mtp_add_u8(MTPData *data, uint8_t val)
686
usb_mtp_realloc(data, 1);
687
data->data[data->length++] = val;
690
static void usb_mtp_add_u16(MTPData *data, uint16_t val)
692
usb_mtp_realloc(data, 2);
693
data->data[data->length++] = (val >> 0) & 0xff;
694
data->data[data->length++] = (val >> 8) & 0xff;
697
static void usb_mtp_add_u32(MTPData *data, uint32_t val)
699
usb_mtp_realloc(data, 4);
700
data->data[data->length++] = (val >> 0) & 0xff;
701
data->data[data->length++] = (val >> 8) & 0xff;
702
data->data[data->length++] = (val >> 16) & 0xff;
703
data->data[data->length++] = (val >> 24) & 0xff;
706
static void usb_mtp_add_u64(MTPData *data, uint64_t val)
708
usb_mtp_realloc(data, 8);
709
data->data[data->length++] = (val >> 0) & 0xff;
710
data->data[data->length++] = (val >> 8) & 0xff;
711
data->data[data->length++] = (val >> 16) & 0xff;
712
data->data[data->length++] = (val >> 24) & 0xff;
713
data->data[data->length++] = (val >> 32) & 0xff;
714
data->data[data->length++] = (val >> 40) & 0xff;
715
data->data[data->length++] = (val >> 48) & 0xff;
716
data->data[data->length++] = (val >> 56) & 0xff;
719
static void usb_mtp_add_u16_array(MTPData *data, uint32_t len,
720
const uint16_t *vals)
724
usb_mtp_add_u32(data, len);
725
for (i = 0; i < len; i++) {726
usb_mtp_add_u16(data, vals[i]);
730
static void usb_mtp_add_u32_array(MTPData *data, uint32_t len,
731
const uint32_t *vals)
735
usb_mtp_add_u32(data, len);
736
for (i = 0; i < len; i++) {737
usb_mtp_add_u32(data, vals[i]);
741
static void usb_mtp_add_wstr(MTPData *data, const wchar_t *str)
743
uint32_t len = wcslen(str);
750
usb_mtp_add_u8(data, len);
751
for (i = 0; i < len; i++) {752
usb_mtp_add_u16(data, str[i]);
756
static void usb_mtp_add_str(MTPData *data, const char *str)
758
uint32_t len = strlen(str)+1;
759
wchar_t *wstr = g_new(wchar_t, len);
762
ret = mbstowcs(wstr, str, len);
764
usb_mtp_add_wstr(data, L"Oops");
766
usb_mtp_add_wstr(data, wstr);
772
static void usb_mtp_add_time(MTPData *data, time_t time)
774
g_autoptr(GDateTime) then = g_date_time_new_from_unix_utc(time);
775
g_autofree char *thenstr = g_date_time_format(then, "%Y%m%dT%H%M%S");
776
usb_mtp_add_str(data, thenstr);
781
static void usb_mtp_queue_result(MTPState *s, uint16_t code, uint32_t trans,
782
int argc, uint32_t arg0, uint32_t arg1,
785
MTPControl *c = g_new0(MTPControl, 1);
800
assert(s->result == NULL);
806
static MTPData *usb_mtp_get_device_info(MTPState *s, MTPControl *c)
808
static const uint16_t ops[] = {813
CMD_GET_STORAGE_INFO,
815
CMD_GET_OBJECT_HANDLES,
818
CMD_SEND_OBJECT_INFO,
821
CMD_GET_PARTIAL_OBJECT,
822
CMD_GET_OBJECT_PROPS_SUPPORTED,
823
CMD_GET_OBJECT_PROP_DESC,
824
CMD_GET_OBJECT_PROP_VALUE,
826
static const uint16_t fmt[] = {827
FMT_UNDEFINED_OBJECT,
830
MTPData *d = usb_mtp_data_alloc(c);
832
trace_usb_mtp_op_get_device_info(s->dev.addr);
834
usb_mtp_add_u16(d, 100);
835
usb_mtp_add_u32(d, 0x00000006);
836
usb_mtp_add_u16(d, 0x0064);
837
usb_mtp_add_wstr(d, L"");
838
usb_mtp_add_u16(d, 0x0000);
840
usb_mtp_add_u16_array(d, ARRAY_SIZE(ops), ops);
841
usb_mtp_add_u16_array(d, 0, NULL);
842
usb_mtp_add_u16_array(d, 0, NULL);
843
usb_mtp_add_u16_array(d, 0, NULL);
844
usb_mtp_add_u16_array(d, ARRAY_SIZE(fmt), fmt);
846
usb_mtp_add_wstr(d, L"" MTP_MANUFACTURER);
847
usb_mtp_add_wstr(d, L"" MTP_PRODUCT);
848
usb_mtp_add_wstr(d, L"0.1");
849
usb_mtp_add_wstr(d, L"0123456789abcdef0123456789abcdef");
854
static MTPData *usb_mtp_get_storage_ids(MTPState *s, MTPControl *c)
856
static const uint32_t ids[] = {859
MTPData *d = usb_mtp_data_alloc(c);
861
trace_usb_mtp_op_get_storage_ids(s->dev.addr);
863
usb_mtp_add_u32_array(d, ARRAY_SIZE(ids), ids);
868
static MTPData *usb_mtp_get_storage_info(MTPState *s, MTPControl *c)
870
MTPData *d = usb_mtp_data_alloc(c);
874
trace_usb_mtp_op_get_storage_info(s->dev.addr);
876
if (FLAG_SET(s, MTP_FLAG_WRITABLE)) {877
usb_mtp_add_u16(d, 0x0003);
878
usb_mtp_add_u16(d, 0x0002);
879
usb_mtp_add_u16(d, 0x0000);
881
usb_mtp_add_u16(d, 0x0001);
882
usb_mtp_add_u16(d, 0x0002);
883
usb_mtp_add_u16(d, 0x0001);
886
rc = statvfs(s->root, &buf);
888
usb_mtp_add_u64(d, (uint64_t)buf.f_frsize * buf.f_blocks);
889
usb_mtp_add_u64(d, (uint64_t)buf.f_frsize * buf.f_bavail);
890
usb_mtp_add_u32(d, buf.f_ffree);
892
usb_mtp_add_u64(d, 0xffffffff);
893
usb_mtp_add_u64(d, 0xffffffff);
894
usb_mtp_add_u32(d, 0xffffffff);
897
usb_mtp_add_str(d, s->desc);
898
usb_mtp_add_wstr(d, L"123456789abcdef");
902
static MTPData *usb_mtp_get_object_handles(MTPState *s, MTPControl *c,
905
MTPData *d = usb_mtp_data_alloc(c);
907
g_autofree uint32_t *handles = g_new(uint32_t, o->nchildren);
910
trace_usb_mtp_op_get_object_handles(s->dev.addr, o->handle, o->path);
912
QLIST_FOREACH(iter, &o->children, list) {913
handles[i++] = iter->handle;
915
assert(i == o->nchildren);
916
usb_mtp_add_u32_array(d, o->nchildren, handles);
921
static MTPData *usb_mtp_get_object_info(MTPState *s, MTPControl *c,
924
MTPData *d = usb_mtp_data_alloc(c);
926
trace_usb_mtp_op_get_object_info(s->dev.addr, o->handle, o->path);
928
usb_mtp_add_u32(d, QEMU_STORAGE_ID);
929
usb_mtp_add_u16(d, o->format);
930
usb_mtp_add_u16(d, 0);
932
if (o->stat.st_size > 0xFFFFFFFF) {933
usb_mtp_add_u32(d, 0xFFFFFFFF);
935
usb_mtp_add_u32(d, o->stat.st_size);
938
usb_mtp_add_u16(d, 0);
939
usb_mtp_add_u32(d, 0);
940
usb_mtp_add_u32(d, 0);
941
usb_mtp_add_u32(d, 0);
942
usb_mtp_add_u32(d, 0);
943
usb_mtp_add_u32(d, 0);
944
usb_mtp_add_u32(d, 0);
947
usb_mtp_add_u32(d, o->parent->handle);
949
usb_mtp_add_u32(d, 0);
951
if (o->format == FMT_ASSOCIATION) {952
usb_mtp_add_u16(d, 0x0001);
953
usb_mtp_add_u32(d, 0x00000001);
954
usb_mtp_add_u32(d, 0);
956
usb_mtp_add_u16(d, 0);
957
usb_mtp_add_u32(d, 0);
958
usb_mtp_add_u32(d, 0);
961
usb_mtp_add_str(d, o->name);
962
usb_mtp_add_time(d, o->stat.st_ctime);
963
usb_mtp_add_time(d, o->stat.st_mtime);
964
usb_mtp_add_wstr(d, L"");
969
static MTPData *usb_mtp_get_object(MTPState *s, MTPControl *c,
972
MTPData *d = usb_mtp_data_alloc(c);
974
trace_usb_mtp_op_get_object(s->dev.addr, o->handle, o->path);
976
d->fd = open(o->path, O_RDONLY | O_CLOEXEC | O_NOFOLLOW);
978
usb_mtp_data_free(d);
981
d->length = o->stat.st_size;
983
d->data = g_malloc(d->alloc);
987
static MTPData *usb_mtp_get_partial_object(MTPState *s, MTPControl *c,
996
trace_usb_mtp_op_get_partial_object(s->dev.addr, o->handle, o->path,
997
c->argv[1], c->argv[2]);
999
d = usb_mtp_data_alloc(c);
1000
d->fd = open(o->path, O_RDONLY | O_CLOEXEC | O_NOFOLLOW);
1002
usb_mtp_data_free(d);
1006
offset = c->argv[1];
1007
if (offset > o->stat.st_size) {1008
offset = o->stat.st_size;
1010
if (lseek(d->fd, offset, SEEK_SET) < 0) {1011
usb_mtp_data_free(d);
1015
d->length = c->argv[2];
1016
if (d->length > o->stat.st_size - offset) {1017
d->length = o->stat.st_size - offset;
1023
static MTPData *usb_mtp_get_object_props_supported(MTPState *s, MTPControl *c)
1025
static const uint16_t props[] = {1028
PROP_OBJECT_COMPRESSED_SIZE,
1030
PROP_PERSISTENT_UNIQUE_OBJECT_IDENTIFIER,
1033
MTPData *d = usb_mtp_data_alloc(c);
1034
usb_mtp_add_u16_array(d, ARRAY_SIZE(props), props);
1039
static MTPData *usb_mtp_get_object_prop_desc(MTPState *s, MTPControl *c)
1041
MTPData *d = usb_mtp_data_alloc(c);
1042
switch (c->argv[0]) {1043
case PROP_STORAGE_ID:
1044
usb_mtp_add_u16(d, PROP_STORAGE_ID);
1045
usb_mtp_add_u16(d, DATA_TYPE_UINT32);
1046
usb_mtp_add_u8(d, 0x00);
1047
usb_mtp_add_u32(d, 0x00000000);
1048
usb_mtp_add_u32(d, 0x00000000);
1049
usb_mtp_add_u8(d, 0x00);
1051
case PROP_OBJECT_FORMAT:
1052
usb_mtp_add_u16(d, PROP_OBJECT_FORMAT);
1053
usb_mtp_add_u16(d, DATA_TYPE_UINT16);
1054
usb_mtp_add_u8(d, 0x00);
1055
usb_mtp_add_u16(d, 0x0000);
1056
usb_mtp_add_u32(d, 0x00000000);
1057
usb_mtp_add_u8(d, 0x00);
1059
case PROP_OBJECT_COMPRESSED_SIZE:
1060
usb_mtp_add_u16(d, PROP_OBJECT_COMPRESSED_SIZE);
1061
usb_mtp_add_u16(d, DATA_TYPE_UINT64);
1062
usb_mtp_add_u8(d, 0x00);
1063
usb_mtp_add_u64(d, 0x0000000000000000);
1064
usb_mtp_add_u32(d, 0x00000000);
1065
usb_mtp_add_u8(d, 0x00);
1067
case PROP_PARENT_OBJECT:
1068
usb_mtp_add_u16(d, PROP_PARENT_OBJECT);
1069
usb_mtp_add_u16(d, DATA_TYPE_UINT32);
1070
usb_mtp_add_u8(d, 0x00);
1071
usb_mtp_add_u32(d, 0x00000000);
1072
usb_mtp_add_u32(d, 0x00000000);
1073
usb_mtp_add_u8(d, 0x00);
1075
case PROP_PERSISTENT_UNIQUE_OBJECT_IDENTIFIER:
1076
usb_mtp_add_u16(d, PROP_PERSISTENT_UNIQUE_OBJECT_IDENTIFIER);
1077
usb_mtp_add_u16(d, DATA_TYPE_UINT128);
1078
usb_mtp_add_u8(d, 0x00);
1079
usb_mtp_add_u64(d, 0x0000000000000000);
1080
usb_mtp_add_u64(d, 0x0000000000000000);
1081
usb_mtp_add_u32(d, 0x00000000);
1082
usb_mtp_add_u8(d, 0x00);
1085
usb_mtp_add_u16(d, PROP_NAME);
1086
usb_mtp_add_u16(d, DATA_TYPE_STRING);
1087
usb_mtp_add_u8(d, 0x00);
1088
usb_mtp_add_u8(d, 0x00);
1089
usb_mtp_add_u32(d, 0x00000000);
1090
usb_mtp_add_u8(d, 0x00);
1093
usb_mtp_data_free(d);
1100
static MTPData *usb_mtp_get_object_prop_value(MTPState *s, MTPControl *c,
1103
MTPData *d = usb_mtp_data_alloc(c);
1104
switch (c->argv[1]) {1105
case PROP_STORAGE_ID:
1106
usb_mtp_add_u32(d, QEMU_STORAGE_ID);
1108
case PROP_OBJECT_FORMAT:
1109
usb_mtp_add_u16(d, o->format);
1111
case PROP_OBJECT_COMPRESSED_SIZE:
1112
usb_mtp_add_u64(d, o->stat.st_size);
1114
case PROP_PARENT_OBJECT:
1115
if (o->parent == NULL) {1116
usb_mtp_add_u32(d, 0x00000000);
1118
usb_mtp_add_u32(d, o->parent->handle);
1121
case PROP_PERSISTENT_UNIQUE_OBJECT_IDENTIFIER:
1125
usb_mtp_add_u64(d, 0x0000000000000000);
1126
usb_mtp_add_u64(d, o->handle);
1129
usb_mtp_add_str(d, o->name);
1132
usb_mtp_data_free(d);
1149
DELETE_SUCCESS = (1 << 0),
1150
DELETE_FAILURE = (1 << 1),
1151
DELETE_PARTIAL = (DELETE_FAILURE | DELETE_SUCCESS),
1154
static int usb_mtp_deletefn(MTPState *s, MTPObject *o, uint32_t trans)
1156
MTPObject *iter, *iter2;
1163
QLIST_FOREACH(iter, &o->children, list) {1164
if (iter->format == FMT_ASSOCIATION) {1165
QLIST_FOREACH(iter2, &iter->children, list) {1166
ret |= usb_mtp_deletefn(s, iter2, trans);
1171
if (o->format == FMT_UNDEFINED_OBJECT) {1172
if (remove(o->path)) {1173
ret |= DELETE_FAILURE;
1175
usb_mtp_object_free(s, o);
1176
ret |= DELETE_SUCCESS;
1178
} else if (o->format == FMT_ASSOCIATION) {1179
if (rmdir(o->path)) {1180
ret |= DELETE_FAILURE;
1182
usb_mtp_object_free(s, o);
1183
ret |= DELETE_SUCCESS;
1190
static void usb_mtp_object_delete(MTPState *s, uint32_t handle,
1191
uint32_t format_code, uint32_t trans)
1197
if (!FLAG_SET(s, MTP_FLAG_WRITABLE)) {1198
usb_mtp_queue_result(s, RES_STORE_READ_ONLY,
1203
if (format_code != 0) {1204
usb_mtp_queue_result(s, RES_SPEC_BY_FORMAT_UNSUPPORTED,
1209
if (handle == 0xFFFFFFF) {1210
o = QTAILQ_FIRST(&s->objects);
1212
o = usb_mtp_object_lookup(s, handle);
1215
usb_mtp_queue_result(s, RES_INVALID_OBJECT_HANDLE,
1220
ret = usb_mtp_deletefn(s, o, trans);
1222
case DELETE_SUCCESS:
1223
usb_mtp_queue_result(s, RES_OK, trans,
1226
case DELETE_FAILURE:
1227
usb_mtp_queue_result(s, RES_PARTIAL_DELETE,
1230
case DELETE_PARTIAL:
1231
usb_mtp_queue_result(s, RES_PARTIAL_DELETE,
1235
g_assert_not_reached();
1241
static void usb_mtp_command(MTPState *s, MTPControl *c)
1243
MTPData *data_in = NULL;
1244
MTPObject *o = NULL;
1245
uint32_t nres = 0, res0 = 0;
1249
if (c->code >= CMD_CLOSE_SESSION && s->session == 0) {1250
usb_mtp_queue_result(s, RES_SESSION_NOT_OPEN,
1251
c->trans, 0, 0, 0, 0);
1257
case CMD_GET_DEVICE_INFO:
1258
data_in = usb_mtp_get_device_info(s, c);
1260
case CMD_OPEN_SESSION:
1262
usb_mtp_queue_result(s, RES_SESSION_ALREADY_OPEN,
1263
c->trans, 1, s->session, 0, 0);
1266
if (c->argv[0] == 0) {1267
usb_mtp_queue_result(s, RES_INVALID_PARAMETER,
1268
c->trans, 0, 0, 0, 0);
1271
trace_usb_mtp_op_open_session(s->dev.addr);
1272
s->session = c->argv[0];
1273
usb_mtp_object_alloc(s, s->next_handle++, NULL, s->root);
1275
s->file_monitor = qemu_file_monitor_new(&err);
1277
error_reportf_err(err,
1278
"usb-mtp: file monitoring init failed: ");
1280
QTAILQ_INIT(&s->events);
1283
case CMD_CLOSE_SESSION:
1284
trace_usb_mtp_op_close_session(s->dev.addr);
1287
usb_mtp_file_monitor_cleanup(s);
1288
usb_mtp_object_free(s, QTAILQ_FIRST(&s->objects));
1289
assert(QTAILQ_EMPTY(&s->objects));
1291
case CMD_GET_STORAGE_IDS:
1292
data_in = usb_mtp_get_storage_ids(s, c);
1294
case CMD_GET_STORAGE_INFO:
1295
if (c->argv[0] != QEMU_STORAGE_ID &&
1296
c->argv[0] != 0xffffffff) {1297
usb_mtp_queue_result(s, RES_INVALID_STORAGE_ID,
1298
c->trans, 0, 0, 0, 0);
1301
data_in = usb_mtp_get_storage_info(s, c);
1303
case CMD_GET_NUM_OBJECTS:
1304
case CMD_GET_OBJECT_HANDLES:
1305
if (c->argv[0] != QEMU_STORAGE_ID &&
1306
c->argv[0] != 0xffffffff) {1307
usb_mtp_queue_result(s, RES_INVALID_STORAGE_ID,
1308
c->trans, 0, 0, 0, 0);
1311
if (c->argv[1] != 0x00000000) {1312
usb_mtp_queue_result(s, RES_SPEC_BY_FORMAT_UNSUPPORTED,
1313
c->trans, 0, 0, 0, 0);
1316
if (c->argv[2] == 0x00000000 ||
1317
c->argv[2] == 0xffffffff) {1318
o = QTAILQ_FIRST(&s->objects);
1320
o = usb_mtp_object_lookup(s, c->argv[2]);
1323
usb_mtp_queue_result(s, RES_INVALID_OBJECT_HANDLE,
1324
c->trans, 0, 0, 0, 0);
1327
if (o->format != FMT_ASSOCIATION) {1328
usb_mtp_queue_result(s, RES_INVALID_PARENT_OBJECT,
1329
c->trans, 0, 0, 0, 0);
1332
usb_mtp_object_readdir(s, o);
1333
if (c->code == CMD_GET_NUM_OBJECTS) {1334
trace_usb_mtp_op_get_num_objects(s->dev.addr, o->handle, o->path);
1336
res0 = o->nchildren;
1338
data_in = usb_mtp_get_object_handles(s, c, o);
1341
case CMD_GET_OBJECT_INFO:
1342
o = usb_mtp_object_lookup(s, c->argv[0]);
1344
usb_mtp_queue_result(s, RES_INVALID_OBJECT_HANDLE,
1345
c->trans, 0, 0, 0, 0);
1348
data_in = usb_mtp_get_object_info(s, c, o);
1350
case CMD_GET_OBJECT:
1351
o = usb_mtp_object_lookup(s, c->argv[0]);
1353
usb_mtp_queue_result(s, RES_INVALID_OBJECT_HANDLE,
1354
c->trans, 0, 0, 0, 0);
1357
if (o->format == FMT_ASSOCIATION) {1358
usb_mtp_queue_result(s, RES_INVALID_OBJECT_HANDLE,
1359
c->trans, 0, 0, 0, 0);
1362
data_in = usb_mtp_get_object(s, c, o);
1363
if (data_in == NULL) {1364
usb_mtp_queue_result(s, RES_GENERAL_ERROR,
1365
c->trans, 0, 0, 0, 0);
1369
case CMD_DELETE_OBJECT:
1370
usb_mtp_object_delete(s, c->argv[0], c->argv[1], c->trans);
1372
case CMD_GET_PARTIAL_OBJECT:
1373
o = usb_mtp_object_lookup(s, c->argv[0]);
1375
usb_mtp_queue_result(s, RES_INVALID_OBJECT_HANDLE,
1376
c->trans, 0, 0, 0, 0);
1379
if (o->format == FMT_ASSOCIATION) {1380
usb_mtp_queue_result(s, RES_INVALID_OBJECT_HANDLE,
1381
c->trans, 0, 0, 0, 0);
1384
data_in = usb_mtp_get_partial_object(s, c, o);
1385
if (data_in == NULL) {1386
usb_mtp_queue_result(s, RES_GENERAL_ERROR,
1387
c->trans, 0, 0, 0, 0);
1391
res0 = data_in->length;
1393
case CMD_SEND_OBJECT_INFO:
1395
if (!FLAG_SET(s, MTP_FLAG_WRITABLE)) {1396
usb_mtp_queue_result(s, RES_STORE_READ_ONLY,
1397
c->trans, 0, 0, 0, 0);
1398
} else if (c->argv[0] && (c->argv[0] != QEMU_STORAGE_ID)) {1400
usb_mtp_queue_result(s, RES_STORE_NOT_AVAILABLE, c->trans,
1402
} else if (c->argv[1] && !c->argv[0]) {1404
usb_mtp_queue_result(s, RES_DESTINATION_UNSUPPORTED, c->trans,
1407
uint32_t handle = c->argv[1];
1408
if (handle == 0xFFFFFFFF || handle == 0) {1410
o = QTAILQ_FIRST(&s->objects);
1412
o = usb_mtp_object_lookup(s, handle);
1415
usb_mtp_queue_result(s, RES_INVALID_OBJECT_HANDLE, c->trans,
1417
} else if (o->format != FMT_ASSOCIATION) {1418
usb_mtp_queue_result(s, RES_INVALID_PARENT_OBJECT, c->trans,
1423
s->dataset.parent_handle = o->handle;
1425
s->data_out = usb_mtp_data_alloc(c);
1427
case CMD_SEND_OBJECT:
1428
if (!FLAG_SET(s, MTP_FLAG_WRITABLE)) {1429
usb_mtp_queue_result(s, RES_STORE_READ_ONLY,
1430
c->trans, 0, 0, 0, 0);
1433
if (!s->write_pending) {1434
usb_mtp_queue_result(s, RES_INVALID_OBJECTINFO,
1435
c->trans, 0, 0, 0, 0);
1438
s->data_out = usb_mtp_data_alloc(c);
1440
case CMD_GET_OBJECT_PROPS_SUPPORTED:
1441
if (c->argv[0] != FMT_UNDEFINED_OBJECT &&
1442
c->argv[0] != FMT_ASSOCIATION) {1443
usb_mtp_queue_result(s, RES_INVALID_OBJECT_FORMAT_CODE,
1444
c->trans, 0, 0, 0, 0);
1447
data_in = usb_mtp_get_object_props_supported(s, c);
1449
case CMD_GET_OBJECT_PROP_DESC:
1450
if (c->argv[1] != FMT_UNDEFINED_OBJECT &&
1451
c->argv[1] != FMT_ASSOCIATION) {1452
usb_mtp_queue_result(s, RES_INVALID_OBJECT_FORMAT_CODE,
1453
c->trans, 0, 0, 0, 0);
1456
data_in = usb_mtp_get_object_prop_desc(s, c);
1457
if (data_in == NULL) {1458
usb_mtp_queue_result(s, RES_INVALID_OBJECT_PROP_CODE,
1459
c->trans, 0, 0, 0, 0);
1463
case CMD_GET_OBJECT_PROP_VALUE:
1464
o = usb_mtp_object_lookup(s, c->argv[0]);
1466
usb_mtp_queue_result(s, RES_INVALID_OBJECT_HANDLE,
1467
c->trans, 0, 0, 0, 0);
1470
data_in = usb_mtp_get_object_prop_value(s, c, o);
1471
if (data_in == NULL) {1472
usb_mtp_queue_result(s, RES_INVALID_OBJECT_PROP_CODE,
1473
c->trans, 0, 0, 0, 0);
1478
trace_usb_mtp_op_unknown(s->dev.addr, c->code);
1479
usb_mtp_queue_result(s, RES_OPERATION_NOT_SUPPORTED,
1480
c->trans, 0, 0, 0, 0);
1486
assert(s->data_in == NULL);
1487
s->data_in = data_in;
1489
usb_mtp_queue_result(s, RES_OK, c->trans, nres, res0, 0, 0);
1494
static void usb_mtp_handle_reset(USBDevice *dev)
1496
MTPState *s = USB_MTP(dev);
1498
trace_usb_mtp_reset(s->dev.addr);
1500
usb_mtp_file_monitor_cleanup(s);
1501
usb_mtp_object_free(s, QTAILQ_FIRST(&s->objects));
1503
usb_mtp_data_free(s->data_in);
1505
usb_mtp_data_free(s->data_out);
1511
static void usb_mtp_handle_control(USBDevice *dev, USBPacket *p,
1512
int request, int value, int index,
1513
int length, uint8_t *data)
1516
MTPState *s = USB_MTP(dev);
1517
uint16_t *event = (uint16_t *)data;
1520
case ClassInterfaceOutRequest | 0x64:
1521
if (*event == EVT_CANCEL_TRANSACTION) {1524
usb_mtp_data_free(s->data_in);
1526
if (s->write_pending) {1527
g_free(s->dataset.filename);
1528
s->write_pending = false;
1529
s->dataset.size = 0;
1531
usb_mtp_data_free(s->data_out);
1534
p->status = USB_RET_STALL;
1538
ret = usb_desc_handle_control(dev, p, request,
1539
value, index, length, data);
1545
trace_usb_mtp_stall(dev->addr, "unknown control request");
1548
static void usb_mtp_cancel_packet(USBDevice *dev, USBPacket *p)
1551
fprintf(stderr, "%s\n", __func__);
1554
static char *utf16_to_str(uint8_t len, uint8_t *str16)
1556
wchar_t *wstr = g_new0(wchar_t, len + 1);
1560
for (count = 0; count < len; count++) {1562
wstr[count] = lduw_le_p(str16 + (count * 2));
1566
dlen = wcstombs(NULL, wstr, 0) + 1;
1567
dest = g_malloc(dlen);
1568
wcstombs(dest, wstr, dlen);
1574
static uint64_t write_retry(int fd, void *buf, uint64_t size, off_t offset)
1578
if (lseek(fd, offset, SEEK_SET) < 0) {1582
ret = qemu_write_full(fd, buf, size);
1588
static int usb_mtp_update_object(MTPObject *parent, char *name)
1593
usb_mtp_object_lookup_name(parent, name, strlen(name));
1596
ret = lstat(o->path, &o->stat);
1602
static void usb_mtp_write_data(MTPState *s, uint32_t handle)
1604
MTPData *d = s->data_out;
1606
usb_mtp_object_lookup(s, s->dataset.parent_handle);
1614
switch (d->write_status) {1616
if (!parent || !s->write_pending) {1617
usb_mtp_queue_result(s, RES_INVALID_OBJECTINFO, d->trans,
1622
if (s->dataset.filename) {1623
path = g_strdup_printf("%s/%s", parent->path, s->dataset.filename);1624
if (s->dataset.format == FMT_ASSOCIATION) {1625
ret = g_mkdir(path, mask);
1627
usb_mtp_queue_result(s, RES_OK, d->trans, 3,
1629
s->dataset.parent_handle,
1636
d->fd = open(path, O_CREAT | O_WRONLY |
1637
O_CLOEXEC | O_NOFOLLOW, mask & 0666);
1644
if (!s->dataset.size) {1647
if (d->length != MTP_WRITE_BUF_SZ && !d->pending) {1648
d->write_status = WRITE_END;
1652
case WRITE_CONTINUE:
1654
rc = write_retry(d->fd, d->data, d->data_offset,
1655
d->offset - d->data_offset);
1656
if (rc != d->data_offset) {1660
if (d->write_status != WRITE_END) {1669
if ((s->dataset.size != 0xFFFFFFFF &&
1670
d->offset != s->dataset.size) ||
1671
usb_mtp_update_object(parent, s->dataset.filename)) {1672
usb_mtp_queue_result(s, RES_INCOMPLETE_TRANSFER, d->trans,
1681
usb_mtp_queue_result(s, RES_STORE_FULL, d->trans,
1684
usb_mtp_queue_result(s, RES_OK, d->trans,
1696
g_free(s->dataset.filename);
1697
s->dataset.size = 0;
1699
s->write_pending = false;
1702
static void usb_mtp_write_metadata(MTPState *s, uint64_t dlen)
1704
MTPData *d = s->data_out;
1705
ObjectInfo *dataset = (ObjectInfo *)d->data;
1708
MTPObject *p = usb_mtp_object_lookup(s, s->dataset.parent_handle);
1709
uint32_t next_handle = s->next_handle;
1710
size_t filename_chars = dlen - offsetof(ObjectInfo, filename);
1717
filename_chars /= 2;
1719
assert(!s->write_pending);
1722
filename = utf16_to_str(MIN(dataset->length, filename_chars),
1725
if (strchr(filename, '/')) {1726
usb_mtp_queue_result(s, RES_PARAMETER_NOT_SUPPORTED, d->trans,
1732
o = usb_mtp_object_lookup_name(p, filename, -1);
1734
next_handle = o->handle;
1737
s->dataset.filename = filename;
1738
s->dataset.format = dataset->format;
1739
s->dataset.size = dataset->size;
1740
s->write_pending = true;
1742
if (s->dataset.format == FMT_ASSOCIATION) {1743
usb_mtp_write_data(s, next_handle);
1745
usb_mtp_queue_result(s, RES_OK, d->trans, 3, QEMU_STORAGE_ID,
1746
s->dataset.parent_handle, next_handle);
1750
static void usb_mtp_get_data(MTPState *s, mtp_container *container,
1753
MTPData *d = s->data_out;
1755
uint32_t data_len = p->iov.size;
1759
usb_mtp_queue_result(s, RES_INVALID_OBJECTINFO, 0,
1765
total_len = cpu_to_le32(container->length) - sizeof(mtp_container);
1767
data_len -= sizeof(mtp_container);
1768
if (total_len < MTP_WRITE_BUF_SZ) {1769
usb_mtp_realloc(d, total_len);
1770
d->length += total_len;
1772
usb_mtp_realloc(d, MTP_WRITE_BUF_SZ - sizeof(mtp_container));
1773
d->length += MTP_WRITE_BUF_SZ - sizeof(mtp_container);
1779
d->write_status = WRITE_START;
1783
memset(d->data, 0, d->length);
1784
if (d->length != MTP_WRITE_BUF_SZ) {1785
usb_mtp_realloc(d, MTP_WRITE_BUF_SZ - d->length);
1786
d->length += (MTP_WRITE_BUF_SZ - d->length);
1789
d->write_status = WRITE_CONTINUE;
1793
if (d->length - d->data_offset > data_len) {1796
dlen = d->length - d->data_offset;
1800
case CMD_SEND_OBJECT_INFO:
1801
usb_packet_copy(p, d->data + d->data_offset, dlen);
1803
d->data_offset += dlen;
1804
if (d->data_offset == d->length) {1807
usb_mtp_write_metadata(s, dlen);
1809
usb_mtp_data_free(s->data_out);
1814
case CMD_SEND_OBJECT:
1815
usb_packet_copy(p, d->data + d->data_offset, dlen);
1817
d->data_offset += dlen;
1818
if ((p->iov.size % 64) || !p->iov.size) {1819
assert((s->dataset.size == 0xFFFFFFFF) ||
1820
(s->dataset.size == d->offset));
1822
if (d->length == MTP_WRITE_BUF_SZ) {1823
d->write_status = WRITE_END;
1825
d->write_status = WRITE_START;
1827
usb_mtp_write_data(s, 0);
1828
usb_mtp_data_free(s->data_out);
1832
if (d->data_offset == d->length) {1834
usb_mtp_write_data(s, 0);
1838
p->status = USB_RET_STALL;
1843
static void usb_mtp_handle_data(USBDevice *dev, USBPacket *p)
1845
MTPState *s = USB_MTP(dev);
1847
mtp_container container;
1849
uint16_t container_type;
1852
switch (p->ep->nr) {1854
if (s->data_out != NULL) {1856
trace_usb_mtp_stall(s->dev.addr, "awaiting data-out");
1857
p->status = USB_RET_STALL;
1860
if (p->iov.size < sizeof(container)) {1861
trace_usb_mtp_stall(s->dev.addr, "packet too small");
1862
p->status = USB_RET_STALL;
1865
if (s->data_in != NULL) {1866
MTPData *d = s->data_in;
1867
uint64_t dlen = d->length - d->offset;
1869
trace_usb_mtp_data_in(s->dev.addr, d->trans, d->length);
1870
if (d->length + sizeof(container) > 0xFFFFFFFF) {1871
container.length = cpu_to_le32(0xFFFFFFFF);
1874
cpu_to_le32(d->length + sizeof(container));
1876
container.type = cpu_to_le16(TYPE_DATA);
1877
container.code = cpu_to_le16(d->code);
1878
container.trans = cpu_to_le32(d->trans);
1879
usb_packet_copy(p, &container, sizeof(container));
1881
if (dlen > p->iov.size - sizeof(container)) {1882
dlen = p->iov.size - sizeof(container);
1885
if (dlen > p->iov.size) {1890
usb_packet_copy(p, d->data + d->offset, dlen);
1892
if (d->alloc < p->iov.size) {1893
d->alloc = p->iov.size;
1894
d->data = g_realloc(d->data, d->alloc);
1896
rc = read(d->fd, d->data, dlen);
1898
memset(d->data, 0, dlen);
1899
s->result->code = RES_INCOMPLETE_TRANSFER;
1901
usb_packet_copy(p, d->data, dlen);
1904
if (d->offset == d->length) {1905
usb_mtp_data_free(s->data_in);
1908
} else if (s->result != NULL) {1909
MTPControl *r = s->result;
1910
int length = sizeof(container) + r->argc * sizeof(uint32_t);
1911
if (r->code == RES_OK) {1912
trace_usb_mtp_success(s->dev.addr, r->trans,
1913
(r->argc > 0) ? r->argv[0] : 0,
1914
(r->argc > 1) ? r->argv[1] : 0);
1916
trace_usb_mtp_error(s->dev.addr, r->code, r->trans,
1917
(r->argc > 0) ? r->argv[0] : 0,
1918
(r->argc > 1) ? r->argv[1] : 0);
1920
container.length = cpu_to_le32(length);
1921
container.type = cpu_to_le16(TYPE_RESPONSE);
1922
container.code = cpu_to_le16(r->code);
1923
container.trans = cpu_to_le32(r->trans);
1924
for (i = 0; i < r->argc; i++) {1925
params[i] = cpu_to_le32(r->argv[i]);
1927
usb_packet_copy(p, &container, sizeof(container));
1928
usb_packet_copy(p, ¶ms, length - sizeof(container));
1934
if (p->iov.size < sizeof(container)) {1935
trace_usb_mtp_stall(s->dev.addr, "packet too small");
1936
p->status = USB_RET_STALL;
1939
if ((s->data_out != NULL) && !s->data_out->first) {1940
container_type = TYPE_DATA;
1942
usb_packet_copy(p, &container, sizeof(container));
1943
container_type = le16_to_cpu(container.type);
1945
switch (container_type) {1947
if (s->data_in || s->data_out || s->result) {1948
trace_usb_mtp_stall(s->dev.addr, "transaction inflight");
1949
p->status = USB_RET_STALL;
1952
cmd.code = le16_to_cpu(container.code);
1953
cmd.argc = (le32_to_cpu(container.length) - sizeof(container))
1955
cmd.trans = le32_to_cpu(container.trans);
1956
if (cmd.argc > ARRAY_SIZE(cmd.argv)) {1957
cmd.argc = ARRAY_SIZE(cmd.argv);
1959
if (p->iov.size < sizeof(container) + cmd.argc * sizeof(uint32_t)) {1960
trace_usb_mtp_stall(s->dev.addr, "packet too small");
1961
p->status = USB_RET_STALL;
1964
usb_packet_copy(p, ¶ms, cmd.argc * sizeof(uint32_t));
1965
for (i = 0; i < cmd.argc; i++) {1966
cmd.argv[i] = le32_to_cpu(params[i]);
1968
trace_usb_mtp_command(s->dev.addr, cmd.code, cmd.trans,
1969
(cmd.argc > 0) ? cmd.argv[0] : 0,
1970
(cmd.argc > 1) ? cmd.argv[1] : 0,
1971
(cmd.argc > 2) ? cmd.argv[2] : 0,
1972
(cmd.argc > 3) ? cmd.argv[3] : 0,
1973
(cmd.argc > 4) ? cmd.argv[4] : 0);
1974
usb_mtp_command(s, &cmd);
1980
if (s->result != NULL) {1983
usb_mtp_get_data(s, &container, p);
1987
p->status = USB_RET_STALL;
1992
if (!QTAILQ_EMPTY(&s->events)) {1993
struct MTPMonEntry *e = QTAILQ_LAST(&s->events);
1995
int len = sizeof(container) + sizeof(uint32_t);
1997
if (p->iov.size < len) {1998
trace_usb_mtp_stall(s->dev.addr,
1999
"packet too small to send event");
2000
p->status = USB_RET_STALL;
2004
QTAILQ_REMOVE(&s->events, e, next);
2005
container.length = cpu_to_le32(len);
2006
container.type = cpu_to_le32(TYPE_EVENT);
2007
container.code = cpu_to_le16(e->event);
2008
container.trans = 0;
2009
handle = cpu_to_le32(e->handle);
2010
usb_packet_copy(p, &container, sizeof(container));
2011
usb_packet_copy(p, &handle, sizeof(uint32_t));
2015
p->status = USB_RET_NAK;
2018
trace_usb_mtp_stall(s->dev.addr, "invalid endpoint");
2019
p->status = USB_RET_STALL;
2023
if (p->actual_length == 0) {2024
trace_usb_mtp_nak(s->dev.addr, p->ep->nr);
2025
p->status = USB_RET_NAK;
2028
trace_usb_mtp_xfer(s->dev.addr, p->ep->nr, p->actual_length,
2034
static void usb_mtp_realize(USBDevice *dev, Error **errp)
2036
MTPState *s = USB_MTP(dev);
2038
if ((s->root == NULL) || !g_path_is_absolute(s->root)) {2039
error_setg(errp, "usb-mtp: rootdir must be configured and be an absolute path");
2043
if (access(s->root, R_OK) != 0) {2044
error_setg(errp, "usb-mtp: rootdir does not exist/not readable");
2046
} else if (!s->readonly && access(s->root, W_OK) != 0) {2047
error_setg(errp, "usb-mtp: rootdir does not have write permissions");
2053
s->flags |= (1 << MTP_FLAG_WRITABLE);
2056
if (s->desc == NULL) {2061
s->desc = g_path_get_basename(s->root);
2064
usb_desc_create_serial(dev);
2066
QTAILQ_INIT(&s->objects);
2070
static const VMStateDescription vmstate_usb_mtp = {2074
.minimum_version_id = 1,
2075
.fields = (const VMStateField[]) {2076
VMSTATE_USB_DEVICE(dev, MTPState),
2077
VMSTATE_END_OF_LIST()
2081
static Property mtp_properties[] = {2082
DEFINE_PROP_STRING("rootdir", MTPState, root),2083
DEFINE_PROP_STRING("desc", MTPState, desc),2084
DEFINE_PROP_BOOL("readonly", MTPState, readonly, true),2085
DEFINE_PROP_END_OF_LIST(),
2088
static void usb_mtp_class_initfn(ObjectClass *klass, void *data)
2090
DeviceClass *dc = DEVICE_CLASS(klass);
2091
USBDeviceClass *uc = USB_DEVICE_CLASS(klass);
2093
uc->realize = usb_mtp_realize;
2094
uc->product_desc = "QEMU USB MTP";
2095
uc->usb_desc = &desc;
2096
uc->cancel_packet = usb_mtp_cancel_packet;
2097
uc->handle_attach = usb_desc_attach;
2098
uc->handle_reset = usb_mtp_handle_reset;
2099
uc->handle_control = usb_mtp_handle_control;
2100
uc->handle_data = usb_mtp_handle_data;
2101
set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
2102
dc->desc = "USB Media Transfer Protocol device";
2103
dc->fw_name = "mtp";
2104
dc->vmsd = &vmstate_usb_mtp;
2105
device_class_set_props(dc, mtp_properties);
2108
static const TypeInfo mtp_info = {2109
.name = TYPE_USB_MTP,
2110
.parent = TYPE_USB_DEVICE,
2111
.instance_size = sizeof(MTPState),
2112
.class_init = usb_mtp_class_initfn,
2115
static void usb_mtp_register_types(void)
2117
type_register_static(&mtp_info);
2120
type_init(usb_mtp_register_types)