1 /*-
2 * Copyright (c) 1999 MAEKAWA Masahide <bishop@rr.iij4u.or.jp>,
3 * Nick Hibma <n_hibma@FreeBSD.org>
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25 * SUCH DAMAGE.
26 *
27 * $FreeBSD$
28 * $NetBSD: umass.c,v 1.28 2000/04/02 23:46:53 augustss Exp $
29 */
30
31 /* Also already merged from NetBSD:
32 * $NetBSD: umass.c,v 1.67 2001/11/25 19:05:22 augustss Exp $
33 * $NetBSD: umass.c,v 1.90 2002/11/04 19:17:33 pooka Exp $
34 * $NetBSD: umass.c,v 1.108 2003/11/07 17:03:25 wiz Exp $
35 * $NetBSD: umass.c,v 1.109 2003/12/04 13:57:31 keihan Exp $
36 */
37
38 /*
39 * Universal Serial Bus Mass Storage Class specs:
40 * http://www.usb.org/developers/devclass_docs/usb_msc_overview_1.2.pdf
41 * http://www.usb.org/developers/devclass_docs/usbmassbulk_10.pdf
42 * http://www.usb.org/developers/devclass_docs/usb_msc_cbi_1.1.pdf
43 * http://www.usb.org/developers/devclass_docs/usbmass-ufi10.pdf
44 */
45
46 /*
47 * Ported to NetBSD by Lennart Augustsson <augustss@NetBSD.org>.
48 * Parts of the code written by Jason R. Thorpe <thorpej@shagadelic.org>.
49 */
50
51 /*
52 * The driver handles 3 Wire Protocols
53 * - Command/Bulk/Interrupt (CBI)
54 * - Command/Bulk/Interrupt with Command Completion Interrupt (CBI with CCI)
55 * - Mass Storage Bulk-Only (BBB)
56 * (BBB refers Bulk/Bulk/Bulk for Command/Data/Status phases)
57 *
58 * Over these wire protocols it handles the following command protocols
59 * - SCSI
60 * - UFI (floppy command set)
61 * - 8070i (ATAPI)
62 *
63 * UFI and 8070i (ATAPI) are transformed versions of the SCSI command set. The
64 * sc->sc_transform method is used to convert the commands into the appropriate
65 * format (if at all necessary). For example, UFI requires all commands to be
66 * 12 bytes in length amongst other things.
67 *
68 * The source code below is marked and can be split into a number of pieces
69 * (in this order):
70 *
71 * - probe/attach/detach
72 * - generic transfer routines
73 * - BBB
74 * - CBI
75 * - CBI_I (in addition to functions from CBI)
76 * - CAM (Common Access Method)
77 * - SCSI
78 * - UFI
79 * - 8070i (ATAPI)
80 *
81 * The protocols are implemented using a state machine, for the transfers as
82 * well as for the resets. The state machine is contained in umass_t_*_callback.
83 * The state machine is started through either umass_command_start() or
84 * umass_reset().
85 *
86 * The reason for doing this is a) CAM performs a lot better this way and b) it
87 * avoids using tsleep from interrupt context (for example after a failed
88 * transfer).
89 */
90
91 /*
92 * The SCSI related part of this driver has been derived from the
93 * dev/ppbus/vpo.c driver, by Nicolas Souchu (nsouch@FreeBSD.org).
94 *
95 * The CAM layer uses so called actions which are messages sent to the host
96 * adapter for completion. The actions come in through umass_cam_action. The
97 * appropriate block of routines is called depending on the transport protocol
98 * in use. When the transfer has finished, these routines call
99 * umass_cam_cb again to complete the CAM command.
100 */
101
102 #include <sys/stdint.h>
103 #include <sys/param.h>
104 #include <sys/queue.h>
105 #include <sys/types.h>
106 #include <sys/systm.h>
107 #include <sys/kernel.h>
108 #include <sys/bus.h>
109 #include <sys/module.h>
110 #include <sys/lock.h>
111 #include <sys/condvar.h>
112 #include <sys/sysctl.h>
113 #include <sys/unistd.h>
114 #include <sys/callout.h>
115 #include <sys/malloc.h>
116 #include <sys/caps.h>
117
118 #include <bus/u4b/usb.h>
119 #include <bus/u4b/usbdi.h>
120 #include <bus/u4b/usbdi_util.h>
121 #include "usbdevs.h"
122
123 #include <bus/u4b/quirk/usb_quirk.h>
124
125 #include <bus/cam/cam.h>
126 #include <bus/cam/cam_ccb.h>
127 #include <bus/cam/cam_sim.h>
128 #include <bus/cam/cam_xpt.h>
129 #include <bus/cam/cam_xpt_sim.h>
130 #include <bus/cam/cam_xpt_periph.h>
131 #include <bus/cam/cam_periph.h>
132 #include <bus/cam/scsi/scsi_all.h>
133 #include <bus/cam/scsi/scsi_da.h>
134
135 #if 0
136 #define UMASS_EXT_BUFFER
137 #ifdef UMASS_EXT_BUFFER
138 /* this enables loading of virtual buffers into DMA */
139 #define UMASS_USB_FLAGS .ext_buffer=1,
140 #else
141 #define UMASS_USB_FLAGS
142 #endif
143 #endif
144
145 #ifdef USB_DEBUG
146 #define DIF(m, x) \
147 do { \
148 if (umass_debug & (m)) { x ; } \
149 } while (0)
150
151 #define DPRINTF(sc, m, fmt, ...) \
152 do { \
153 if (umass_debug & (m)) { \
154 kprintf("%s:%s: " fmt, \
155 (sc) ? (const char *)(sc)->sc_name : \
156 (const char *)"umassX", \
157 __func__ ,## __VA_ARGS__); \
158 } \
159 } while (0)
160
161 #define UDMASS_GEN 0x00010000 /* general */
162 #define UDMASS_SCSI 0x00020000 /* scsi */
163 #define UDMASS_UFI 0x00040000 /* ufi command set */
164 #define UDMASS_ATAPI 0x00080000 /* 8070i command set */
165 #define UDMASS_CMD (UDMASS_SCSI|UDMASS_UFI|UDMASS_ATAPI)
166 #define UDMASS_USB 0x00100000 /* USB general */
167 #define UDMASS_BBB 0x00200000 /* Bulk-Only transfers */
168 #define UDMASS_CBI 0x00400000 /* CBI transfers */
169 #define UDMASS_WIRE (UDMASS_BBB|UDMASS_CBI)
170 #define UDMASS_ALL 0xffff0000 /* all of the above */
171 static int umass_debug = 0;
172 static int umass_throttle = 0;
173
174 static SYSCTL_NODE(_hw_usb, OID_AUTO, umass, CTLFLAG_RW, 0, "USB umass");
175 SYSCTL_INT(_hw_usb_umass, OID_AUTO, debug, CTLFLAG_RW,
176 &umass_debug, 0, "umass debug level");
177
178 TUNABLE_INT("hw.usb.umass.debug", &umass_debug);
179 SYSCTL_INT(_hw_usb_umass, OID_AUTO, throttle, CTLFLAG_RW,
180 &umass_throttle, 0, "Forced delay between commands in milliseconds");
181 TUNABLE_INT("hw.usb.umass.throttle", &umass_throttle);
182 #else
183 #define DIF(...) do { } while (0)
184 #define DPRINTF(...) do { } while (0)
185 #endif
186
187 #define UMASS_BULK_SIZE (1 << 17)
188 #define UMASS_CBI_DIAGNOSTIC_CMDLEN 12 /* bytes */
189 #define UMASS_MAX_CMDLEN MAX(12, CAM_MAX_CDBLEN) /* bytes */
190
191 /* USB transfer definitions */
192
193 #define UMASS_T_BBB_RESET1 0 /* Bulk-Only */
194 #define UMASS_T_BBB_RESET2 1
195 #define UMASS_T_BBB_RESET3 2
196 #define UMASS_T_BBB_COMMAND 3
197 #define UMASS_T_BBB_DATA_READ 4
198 #define UMASS_T_BBB_DATA_RD_CS 5
199 #define UMASS_T_BBB_DATA_WRITE 6
200 #define UMASS_T_BBB_DATA_WR_CS 7
201 #define UMASS_T_BBB_STATUS 8
202 #define UMASS_T_BBB_MAX 9
203
204 #define UMASS_T_CBI_RESET1 0 /* CBI */
205 #define UMASS_T_CBI_RESET2 1
206 #define UMASS_T_CBI_RESET3 2
207 #define UMASS_T_CBI_COMMAND 3
208 #define UMASS_T_CBI_DATA_READ 4
209 #define UMASS_T_CBI_DATA_RD_CS 5
210 #define UMASS_T_CBI_DATA_WRITE 6
211 #define UMASS_T_CBI_DATA_WR_CS 7
212 #define UMASS_T_CBI_STATUS 8
213 #define UMASS_T_CBI_RESET4 9
214 #define UMASS_T_CBI_MAX 10
215
216 #define UMASS_T_MAX MAX(UMASS_T_CBI_MAX, UMASS_T_BBB_MAX)
217
218 /* Generic definitions */
219
220 /* Direction for transfer */
221 #define DIR_NONE 0
222 #define DIR_IN 1
223 #define DIR_OUT 2
224
225 /* device name */
226 #define DEVNAME "umass"
227 #define DEVNAME_SIM "umass-sim"
228
229 /* Approximate maximum transfer speeds (assumes 33% overhead). */
230 #define UMASS_FULL_TRANSFER_SPEED 1000
231 #define UMASS_HIGH_TRANSFER_SPEED 40000
232 #define UMASS_SUPER_TRANSFER_SPEED 400000
233 #define UMASS_FLOPPY_TRANSFER_SPEED 20
234
235 #define UMASS_TIMEOUT 5000 /* ms */
236
237 /* CAM specific definitions */
238
239 #define UMASS_SCSIID_MAX 1 /* maximum number of drives expected */
240 #define UMASS_SCSIID_HOST UMASS_SCSIID_MAX
241
242 /* Bulk-Only features */
243
244 #define UR_BBB_RESET 0xff /* Bulk-Only reset */
245 #define UR_BBB_GET_MAX_LUN 0xfe /* Get maximum lun */
246
247 /* Command Block Wrapper */
248 typedef struct {
249 uDWord dCBWSignature;
250 #define CBWSIGNATURE 0x43425355
251 uDWord dCBWTag;
252 uDWord dCBWDataTransferLength;
253 uByte bCBWFlags;
254 #define CBWFLAGS_OUT 0x00
255 #define CBWFLAGS_IN 0x80
256 uByte bCBWLUN;
257 uByte bCDBLength;
258 #define CBWCDBLENGTH 16
259 uByte CBWCDB[CBWCDBLENGTH];
260 } __packed umass_bbb_cbw_t;
261
262 #define UMASS_BBB_CBW_SIZE 31
263
264 /* Command Status Wrapper */
265 typedef struct {
266 uDWord dCSWSignature;
267 #define CSWSIGNATURE 0x53425355
268 #define CSWSIGNATURE_IMAGINATION_DBX1 0x43425355
269 #define CSWSIGNATURE_OLYMPUS_C1 0x55425355
270 uDWord dCSWTag;
271 uDWord dCSWDataResidue;
272 uByte bCSWStatus;
273 #define CSWSTATUS_GOOD 0x0
274 #define CSWSTATUS_FAILED 0x1
275 #define CSWSTATUS_PHASE 0x2
276 } __packed umass_bbb_csw_t;
277
278 #define UMASS_BBB_CSW_SIZE 13
279
280 /* CBI features */
281
282 #define UR_CBI_ADSC 0x00
283
284 typedef union {
285 struct {
286 uint8_t type;
287 #define IDB_TYPE_CCI 0x00
288 uint8_t value;
289 #define IDB_VALUE_PASS 0x00
290 #define IDB_VALUE_FAIL 0x01
291 #define IDB_VALUE_PHASE 0x02
292 #define IDB_VALUE_PERSISTENT 0x03
293 #define IDB_VALUE_STATUS_MASK 0x03
294 } __packed common;
295
296 struct {
297 uint8_t asc;
298 uint8_t ascq;
299 } __packed ufi;
300 } __packed umass_cbi_sbl_t;
301
302 struct umass_softc; /* see below */
303
304 typedef void (umass_callback_t)(struct umass_softc *sc, union ccb *ccb,
305 uint32_t residue, uint8_t status);
306
307 #define STATUS_CMD_OK 0 /* everything ok */
308 #define STATUS_CMD_UNKNOWN 1 /* will have to fetch sense */
309 #define STATUS_CMD_FAILED 2 /* transfer was ok, command failed */
310 #define STATUS_WIRE_FAILED 3 /* couldn't even get command across */
311
312 typedef uint8_t (umass_transform_t)(struct umass_softc *sc, uint8_t *cmd_ptr,
313 uint8_t cmd_len);
314
315 /* Wire and command protocol */
316 #define UMASS_PROTO_BBB 0x0001 /* USB wire protocol */
317 #define UMASS_PROTO_CBI 0x0002
318 #define UMASS_PROTO_CBI_I 0x0004
319 #define UMASS_PROTO_WIRE 0x00ff /* USB wire protocol mask */
320 #define UMASS_PROTO_SCSI 0x0100 /* command protocol */
321 #define UMASS_PROTO_ATAPI 0x0200
322 #define UMASS_PROTO_UFI 0x0400
323 #define UMASS_PROTO_RBC 0x0800
324 #define UMASS_PROTO_COMMAND 0xff00 /* command protocol mask */
325
326 /* Device specific quirks */
327 #define NO_QUIRKS 0x0000
328 /*
329 * The drive does not support Test Unit Ready. Convert to Start Unit
330 */
331 #define NO_TEST_UNIT_READY 0x0001
332 /*
333 * The drive does not reset the Unit Attention state after REQUEST
334 * SENSE has been sent. The INQUIRY command does not reset the UA
335 * either, and so CAM runs in circles trying to retrieve the initial
336 * INQUIRY data.
337 */
338 #define RS_NO_CLEAR_UA 0x0002
339 /* The drive does not support START STOP. */
340 #define NO_START_STOP 0x0004
341 /* Don't ask for full inquiry data (255b). */
342 #define FORCE_SHORT_INQUIRY 0x0008
343 /* Needs to be initialised the Shuttle way */
344 #define SHUTTLE_INIT 0x0010
345 /* Drive needs to be switched to alternate iface 1 */
346 #define ALT_IFACE_1 0x0020
347 /* Drive does not do 1Mb/s, but just floppy speeds (20kb/s) */
348 #define FLOPPY_SPEED 0x0040
349 /* The device can't count and gets the residue of transfers wrong */
350 #define IGNORE_RESIDUE 0x0080
351 /* No GetMaxLun call */
352 #define NO_GETMAXLUN 0x0100
353 /* The device uses a weird CSWSIGNATURE. */
354 #define WRONG_CSWSIG 0x0200
355 /* Device cannot handle INQUIRY so fake a generic response */
356 #define NO_INQUIRY 0x0400
357 /* Device cannot handle INQUIRY EVPD, return CHECK CONDITION */
358 #define NO_INQUIRY_EVPD 0x0800
359 /* Pad all RBC requests to 12 bytes. */
360 #define RBC_PAD_TO_12 0x1000
361 /*
362 * Device reports number of sectors from READ_CAPACITY, not max
363 * sector number.
364 */
365 #define READ_CAPACITY_OFFBY1 0x2000
366 /*
367 * Device cannot handle a SCSI synchronize cache command. Normally
368 * this quirk would be handled in the cam layer, but for IDE bridges
369 * we need to associate the quirk with the bridge and not the
370 * underlying disk device. This is handled by faking a success
371 * result.
372 */
373 #define NO_SYNCHRONIZE_CACHE 0x4000
374 /* Device does not support 'PREVENT/ALLOW MEDIUM REMOVAL'. */
375 #define NO_PREVENT_ALLOW 0x8000
376
377 struct umass_softc {
378
379 struct scsi_sense cam_scsi_sense;
380 struct scsi_test_unit_ready cam_scsi_test_unit_ready;
381 struct lock sc_lock;
382 struct {
383 uint8_t *data_ptr;
384 union ccb *ccb;
385 umass_callback_t *callback;
386
387 uint32_t data_len; /* bytes */
388 uint32_t data_rem; /* bytes */
389 uint32_t data_timeout; /* ms */
390 uint32_t actlen; /* bytes */
391
392 uint8_t cmd_data[UMASS_MAX_CMDLEN];
393 uint8_t cmd_len; /* bytes */
394 uint8_t dir;
395 uint8_t lun;
396 } sc_transfer;
397
398 /* Bulk specific variables for transfers in progress */
399 umass_bbb_cbw_t cbw; /* command block wrapper */
400 umass_bbb_csw_t csw; /* command status wrapper */
401
402 /* CBI specific variables for transfers in progress */
403 umass_cbi_sbl_t sbl; /* status block */
404
405 device_t sc_dev;
406 struct usb_device *sc_udev;
407 struct cam_sim *sc_sim; /* SCSI Interface Module */
408 struct usb_xfer *sc_xfer[UMASS_T_MAX];
409
410 /*
411 * The command transform function is used to convert the SCSI
412 * commands into their derivatives, like UFI, ATAPI, and friends.
413 */
414 umass_transform_t *sc_transform;
415
416 uint32_t sc_unit;
417 uint32_t sc_quirks; /* they got it almost right */
418 uint32_t sc_proto; /* wire and cmd protocol */
419
420 uint8_t sc_name[16];
421 uint8_t sc_iface_no; /* interface number */
422 uint8_t sc_maxlun; /* maximum LUN number, inclusive */
423 uint8_t sc_last_xfer_index;
424 uint8_t sc_status_try;
425
426 struct usb_callout sc_rescan_timeout;
427 };
428
429 struct umass_probe_proto {
430 uint32_t quirks;
431 uint32_t proto;
432
433 int error;
434 };
435
436 /* prototypes */
437
438 static device_probe_t umass_probe;
439 static device_attach_t umass_attach;
440 static device_detach_t umass_detach;
441
442 static usb_callback_t umass_tr_error;
443 static usb_callback_t umass_t_bbb_reset1_callback;
444 static usb_callback_t umass_t_bbb_reset2_callback;
445 static usb_callback_t umass_t_bbb_reset3_callback;
446 static usb_callback_t umass_t_bbb_command_callback;
447 static usb_callback_t umass_t_bbb_data_read_callback;
448 static usb_callback_t umass_t_bbb_data_rd_cs_callback;
449 static usb_callback_t umass_t_bbb_data_write_callback;
450 static usb_callback_t umass_t_bbb_data_wr_cs_callback;
451 static usb_callback_t umass_t_bbb_status_callback;
452 static usb_callback_t umass_t_cbi_reset1_callback;
453 static usb_callback_t umass_t_cbi_reset2_callback;
454 static usb_callback_t umass_t_cbi_reset3_callback;
455 static usb_callback_t umass_t_cbi_reset4_callback;
456 static usb_callback_t umass_t_cbi_command_callback;
457 static usb_callback_t umass_t_cbi_data_read_callback;
458 static usb_callback_t umass_t_cbi_data_rd_cs_callback;
459 static usb_callback_t umass_t_cbi_data_write_callback;
460 static usb_callback_t umass_t_cbi_data_wr_cs_callback;
461 static usb_callback_t umass_t_cbi_status_callback;
462
463 static void umass_cancel_ccb(struct umass_softc *);
464 static void umass_init_shuttle(struct umass_softc *);
465 static void umass_reset(struct umass_softc *);
466 static void umass_t_bbb_data_clear_stall_callback(struct usb_xfer *,
467 uint8_t, uint8_t, usb_error_t);
468 static void umass_command_start(struct umass_softc *, uint8_t, void *,
469 uint32_t, uint32_t, umass_callback_t *, union ccb *);
470 static uint8_t umass_bbb_get_max_lun(struct umass_softc *);
471 static void umass_cbi_start_status(struct umass_softc *);
472 static void umass_t_cbi_data_clear_stall_callback(struct usb_xfer *,
473 uint8_t, uint8_t, usb_error_t);
474 static int umass_cam_attach_sim(struct umass_softc *);
475 static void umass_cam_attach(struct umass_softc *);
476 static void umass_cam_detach_sim(struct umass_softc *);
477 static void umass_cam_action(struct cam_sim *, union ccb *);
478 static void umass_cam_poll(struct cam_sim *);
479 static void umass_cam_cb(struct umass_softc *, union ccb *, uint32_t,
480 uint8_t);
481 static void umass_cam_sense_cb(struct umass_softc *, union ccb *, uint32_t,
482 uint8_t);
483 static void umass_cam_quirk_cb(struct umass_softc *, union ccb *, uint32_t,
484 uint8_t);
485 static uint8_t umass_scsi_transform(struct umass_softc *, uint8_t *, uint8_t);
486 static uint8_t umass_rbc_transform(struct umass_softc *, uint8_t *, uint8_t);
487 static uint8_t umass_ufi_transform(struct umass_softc *, uint8_t *, uint8_t);
488 static uint8_t umass_atapi_transform(struct umass_softc *, uint8_t *,
489 uint8_t);
490 static uint8_t umass_no_transform(struct umass_softc *, uint8_t *, uint8_t);
491 static uint8_t umass_std_transform(struct umass_softc *, union ccb *, uint8_t
492 *, uint8_t);
493
494 #ifdef USB_DEBUG
495 static void umass_bbb_dump_cbw(struct umass_softc *, umass_bbb_cbw_t *);
496 static void umass_bbb_dump_csw(struct umass_softc *, umass_bbb_csw_t *);
497 static void umass_cbi_dump_cmd(struct umass_softc *, void *, uint8_t);
498 static void umass_dump_buffer(struct umass_softc *, uint8_t *, uint32_t,
499 uint32_t);
500 #endif
501
502 static struct usb_config umass_bbb_config[UMASS_T_BBB_MAX] = {
503
504 [UMASS_T_BBB_RESET1] = {
505 .type = UE_CONTROL,
506 .endpoint = 0x00, /* Control pipe */
507 .direction = UE_DIR_ANY,
508 .bufsize = sizeof(struct usb_device_request),
509 .callback = &umass_t_bbb_reset1_callback,
510 .timeout = 5000, /* 5 seconds */
511 .interval = 500, /* 500 milliseconds */
512 },
513
514 [UMASS_T_BBB_RESET2] = {
515 .type = UE_CONTROL,
516 .endpoint = 0x00, /* Control pipe */
517 .direction = UE_DIR_ANY,
518 .bufsize = sizeof(struct usb_device_request),
519 .callback = &umass_t_bbb_reset2_callback,
520 .timeout = 5000, /* 5 seconds */
521 .interval = 50, /* 50 milliseconds */
522 },
523
524 [UMASS_T_BBB_RESET3] = {
525 .type = UE_CONTROL,
526 .endpoint = 0x00, /* Control pipe */
527 .direction = UE_DIR_ANY,
528 .bufsize = sizeof(struct usb_device_request),
529 .callback = &umass_t_bbb_reset3_callback,
530 .timeout = 5000, /* 5 seconds */
531 .interval = 50, /* 50 milliseconds */
532 },
533
534 [UMASS_T_BBB_COMMAND] = {
535 .type = UE_BULK,
536 .endpoint = UE_ADDR_ANY,
537 .direction = UE_DIR_OUT,
538 .bufsize = sizeof(umass_bbb_cbw_t),
539 .callback = &umass_t_bbb_command_callback,
540 .timeout = 5000, /* 5 seconds */
541 },
542
543 [UMASS_T_BBB_DATA_READ] = {
544 .type = UE_BULK,
545 .endpoint = UE_ADDR_ANY,
546 .direction = UE_DIR_IN,
547 .bufsize = UMASS_BULK_SIZE,
548 .flags = {.proxy_buffer = 1,.short_xfer_ok = 1,.ext_buffer=1,},
549 .callback = &umass_t_bbb_data_read_callback,
550 .timeout = 0, /* overwritten later */
551 },
552
553 [UMASS_T_BBB_DATA_RD_CS] = {
554 .type = UE_CONTROL,
555 .endpoint = 0x00, /* Control pipe */
556 .direction = UE_DIR_ANY,
557 .bufsize = sizeof(struct usb_device_request),
558 .callback = &umass_t_bbb_data_rd_cs_callback,
559 .timeout = 5000, /* 5 seconds */
560 },
561
562 [UMASS_T_BBB_DATA_WRITE] = {
563 .type = UE_BULK,
564 .endpoint = UE_ADDR_ANY,
565 .direction = UE_DIR_OUT,
566 .bufsize = UMASS_BULK_SIZE,
567 .flags = {.proxy_buffer = 1,.short_xfer_ok = 1,.ext_buffer=1,},
568 .callback = &umass_t_bbb_data_write_callback,
569 .timeout = 0, /* overwritten later */
570 },
571
572 [UMASS_T_BBB_DATA_WR_CS] = {
573 .type = UE_CONTROL,
574 .endpoint = 0x00, /* Control pipe */
575 .direction = UE_DIR_ANY,
576 .bufsize = sizeof(struct usb_device_request),
577 .callback = &umass_t_bbb_data_wr_cs_callback,
578 .timeout = 5000, /* 5 seconds */
579 },
580
581 [UMASS_T_BBB_STATUS] = {
582 .type = UE_BULK,
583 .endpoint = UE_ADDR_ANY,
584 .direction = UE_DIR_IN,
585 .bufsize = sizeof(umass_bbb_csw_t),
586 .flags = {.short_xfer_ok = 1,},
587 .callback = &umass_t_bbb_status_callback,
588 .timeout = 5000, /* ms */
589 },
590 };
591
592 static struct usb_config umass_cbi_config[UMASS_T_CBI_MAX] = {
593
594 [UMASS_T_CBI_RESET1] = {
595 .type = UE_CONTROL,
596 .endpoint = 0x00, /* Control pipe */
597 .direction = UE_DIR_ANY,
598 .bufsize = (sizeof(struct usb_device_request) +
599 UMASS_CBI_DIAGNOSTIC_CMDLEN),
600 .callback = &umass_t_cbi_reset1_callback,
601 .timeout = 5000, /* 5 seconds */
602 .interval = 500, /* 500 milliseconds */
603 },
604
605 [UMASS_T_CBI_RESET2] = {
606 .type = UE_CONTROL,
607 .endpoint = 0x00, /* Control pipe */
608 .direction = UE_DIR_ANY,
609 .bufsize = sizeof(struct usb_device_request),
610 .callback = &umass_t_cbi_reset2_callback,
611 .timeout = 5000, /* 5 seconds */
612 .interval = 50, /* 50 milliseconds */
613 },
614
615 [UMASS_T_CBI_RESET3] = {
616 .type = UE_CONTROL,
617 .endpoint = 0x00, /* Control pipe */
618 .direction = UE_DIR_ANY,
619 .bufsize = sizeof(struct usb_device_request),
620 .callback = &umass_t_cbi_reset3_callback,
621 .timeout = 5000, /* 5 seconds */
622 .interval = 50, /* 50 milliseconds */
623 },
624
625 [UMASS_T_CBI_COMMAND] = {
626 .type = UE_CONTROL,
627 .endpoint = 0x00, /* Control pipe */
628 .direction = UE_DIR_ANY,
629 .bufsize = (sizeof(struct usb_device_request) +
630 UMASS_MAX_CMDLEN),
631 .callback = &umass_t_cbi_command_callback,
632 .timeout = 5000, /* 5 seconds */
633 },
634
635 [UMASS_T_CBI_DATA_READ] = {
636 .type = UE_BULK,
637 .endpoint = UE_ADDR_ANY,
638 .direction = UE_DIR_IN,
639 .bufsize = UMASS_BULK_SIZE,
640 .flags = {.proxy_buffer = 1,.short_xfer_ok = 1,.ext_buffer=1,},
641 .callback = &umass_t_cbi_data_read_callback,
642 .timeout = 0, /* overwritten later */
643 },
644
645 [UMASS_T_CBI_DATA_RD_CS] = {
646 .type = UE_CONTROL,
647 .endpoint = 0x00, /* Control pipe */
648 .direction = UE_DIR_ANY,
649 .bufsize = sizeof(struct usb_device_request),
650 .callback = &umass_t_cbi_data_rd_cs_callback,
651 .timeout = 5000, /* 5 seconds */
652 },
653
654 [UMASS_T_CBI_DATA_WRITE] = {
655 .type = UE_BULK,
656 .endpoint = UE_ADDR_ANY,
657 .direction = UE_DIR_OUT,
658 .bufsize = UMASS_BULK_SIZE,
659 .flags = {.proxy_buffer = 1,.short_xfer_ok = 1,.ext_buffer=1,},
660 .callback = &umass_t_cbi_data_write_callback,
661 .timeout = 0, /* overwritten later */
662 },
663
664 [UMASS_T_CBI_DATA_WR_CS] = {
665 .type = UE_CONTROL,
666 .endpoint = 0x00, /* Control pipe */
667 .direction = UE_DIR_ANY,
668 .bufsize = sizeof(struct usb_device_request),
669 .callback = &umass_t_cbi_data_wr_cs_callback,
670 .timeout = 5000, /* 5 seconds */
671 },
672
673 [UMASS_T_CBI_STATUS] = {
674 .type = UE_INTERRUPT,
675 .endpoint = UE_ADDR_ANY,
676 .direction = UE_DIR_IN,
677 .flags = {.short_xfer_ok = 1,.no_pipe_ok = 1,},
678 .bufsize = sizeof(umass_cbi_sbl_t),
679 .callback = &umass_t_cbi_status_callback,
680 .timeout = 5000, /* ms */
681 },
682
683 [UMASS_T_CBI_RESET4] = {
684 .type = UE_CONTROL,
685 .endpoint = 0x00, /* Control pipe */
686 .direction = UE_DIR_ANY,
687 .bufsize = sizeof(struct usb_device_request),
688 .callback = &umass_t_cbi_reset4_callback,
689 .timeout = 5000, /* ms */
690 },
691 };
692
693 /* If device cannot return valid inquiry data, fake it */
694 static const uint8_t fake_inq_data[SHORT_INQUIRY_LENGTH] = {
695 0, /* removable */ 0x80, SCSI_REV_2, SCSI_REV_2,
696 /* additional_length */ 31, 0, 0, 0
697 };
698
699 #define UFI_COMMAND_LENGTH 12 /* UFI commands are always 12 bytes */
700 #define ATAPI_COMMAND_LENGTH 12 /* ATAPI commands are always 12 bytes */
701
702 static devclass_t umass_devclass;
703
704 static device_method_t umass_methods[] = {
705 /* Device interface */
706 DEVMETHOD(device_probe, umass_probe),
707 DEVMETHOD(device_attach, umass_attach),
708 DEVMETHOD(device_detach, umass_detach),
709 DEVMETHOD_END
710 };
711
712 static driver_t umass_driver = {
713 .name = "umass",
714 .methods = umass_methods,
715 .size = sizeof(struct umass_softc),
716 };
717
718 static const STRUCT_USB_HOST_ID __used umass_devs[] = {
719 /* generic mass storage class */
720 {USB_IFACE_CLASS(UICLASS_MASS),},
721 };
722
723 DRIVER_MODULE(umass, uhub, umass_driver, umass_devclass, NULL, NULL);
724 MODULE_DEPEND(umass, usb, 1, 1, 1);
725 MODULE_DEPEND(umass, cam, 1, 1, 1);
726 MODULE_VERSION(umass, 1);
727
728 /*
729 * USB device probe/attach/detach
730 */
731
732 static uint16_t
umass_get_proto(struct usb_interface * iface)733 umass_get_proto(struct usb_interface *iface)
734 {
735 struct usb_interface_descriptor *id;
736 uint16_t retval;
737
738 retval = 0;
739
740 /* Check for a standards compliant device */
741 id = usbd_get_interface_descriptor(iface);
742 if ((id == NULL) ||
743 (id->bInterfaceClass != UICLASS_MASS)) {
744 goto done;
745 }
746 switch (id->bInterfaceSubClass) {
747 case UISUBCLASS_SCSI:
748 retval |= UMASS_PROTO_SCSI;
749 break;
750 case UISUBCLASS_UFI:
751 retval |= UMASS_PROTO_UFI;
752 break;
753 case UISUBCLASS_RBC:
754 retval |= UMASS_PROTO_RBC;
755 break;
756 case UISUBCLASS_SFF8020I:
757 case UISUBCLASS_SFF8070I:
758 retval |= UMASS_PROTO_ATAPI;
759 break;
760 default:
761 goto done;
762 }
763
764 switch (id->bInterfaceProtocol) {
765 case UIPROTO_MASS_CBI:
766 retval |= UMASS_PROTO_CBI;
767 break;
768 case UIPROTO_MASS_CBI_I:
769 retval |= UMASS_PROTO_CBI_I;
770 break;
771 case UIPROTO_MASS_BBB_OLD:
772 case UIPROTO_MASS_BBB:
773 retval |= UMASS_PROTO_BBB;
774 break;
775 default:
776 goto done;
777 }
778 done:
779 return (retval);
780 }
781
782 /*
783 * Match the device we are seeing with the devices supported.
784 */
785 static struct umass_probe_proto
umass_probe_proto(device_t dev,struct usb_attach_arg * uaa)786 umass_probe_proto(device_t dev, struct usb_attach_arg *uaa)
787 {
788 struct umass_probe_proto ret;
789 uint32_t quirks = NO_QUIRKS;
790 uint32_t proto = umass_get_proto(uaa->iface);
791
792 memset(&ret, 0, sizeof(ret));
793 ret.error = BUS_PROBE_GENERIC;
794
795 /* Search for protocol enforcement */
796
797 if (usb_test_quirk(uaa, UQ_MSC_FORCE_WIRE_BBB)) {
798 proto &= ~UMASS_PROTO_WIRE;
799 proto |= UMASS_PROTO_BBB;
800 } else if (usb_test_quirk(uaa, UQ_MSC_FORCE_WIRE_CBI)) {
801 proto &= ~UMASS_PROTO_WIRE;
802 proto |= UMASS_PROTO_CBI;
803 } else if (usb_test_quirk(uaa, UQ_MSC_FORCE_WIRE_CBI_I)) {
804 proto &= ~UMASS_PROTO_WIRE;
805 proto |= UMASS_PROTO_CBI_I;
806 }
807
808 if (usb_test_quirk(uaa, UQ_MSC_FORCE_PROTO_SCSI)) {
809 proto &= ~UMASS_PROTO_COMMAND;
810 proto |= UMASS_PROTO_SCSI;
811 } else if (usb_test_quirk(uaa, UQ_MSC_FORCE_PROTO_ATAPI)) {
812 proto &= ~UMASS_PROTO_COMMAND;
813 proto |= UMASS_PROTO_ATAPI;
814 } else if (usb_test_quirk(uaa, UQ_MSC_FORCE_PROTO_UFI)) {
815 proto &= ~UMASS_PROTO_COMMAND;
816 proto |= UMASS_PROTO_UFI;
817 } else if (usb_test_quirk(uaa, UQ_MSC_FORCE_PROTO_RBC)) {
818 proto &= ~UMASS_PROTO_COMMAND;
819 proto |= UMASS_PROTO_RBC;
820 }
821
822 /* Check if the protocol is invalid */
823
824 if ((proto & UMASS_PROTO_COMMAND) == 0) {
825 ret.error = ENXIO;
826 goto done;
827 }
828
829 if ((proto & UMASS_PROTO_WIRE) == 0) {
830 ret.error = ENXIO;
831 goto done;
832 }
833
834 /* Search for quirks */
835
836 if (usb_test_quirk(uaa, UQ_MSC_NO_TEST_UNIT_READY))
837 quirks |= NO_TEST_UNIT_READY;
838 if (usb_test_quirk(uaa, UQ_MSC_NO_RS_CLEAR_UA))
839 quirks |= RS_NO_CLEAR_UA;
840 if (usb_test_quirk(uaa, UQ_MSC_NO_START_STOP))
841 quirks |= NO_START_STOP;
842 if (usb_test_quirk(uaa, UQ_MSC_NO_GETMAXLUN))
843 quirks |= NO_GETMAXLUN;
844 if (usb_test_quirk(uaa, UQ_MSC_NO_INQUIRY))
845 quirks |= NO_INQUIRY;
846 if (usb_test_quirk(uaa, UQ_MSC_NO_INQUIRY_EVPD))
847 quirks |= NO_INQUIRY_EVPD;
848 if (usb_test_quirk(uaa, UQ_MSC_NO_PREVENT_ALLOW))
849 quirks |= NO_PREVENT_ALLOW;
850 if (usb_test_quirk(uaa, UQ_MSC_NO_SYNC_CACHE))
851 quirks |= NO_SYNCHRONIZE_CACHE;
852 if (usb_test_quirk(uaa, UQ_MSC_SHUTTLE_INIT))
853 quirks |= SHUTTLE_INIT;
854 if (usb_test_quirk(uaa, UQ_MSC_ALT_IFACE_1))
855 quirks |= ALT_IFACE_1;
856 if (usb_test_quirk(uaa, UQ_MSC_FLOPPY_SPEED))
857 quirks |= FLOPPY_SPEED;
858 if (usb_test_quirk(uaa, UQ_MSC_IGNORE_RESIDUE))
859 quirks |= IGNORE_RESIDUE;
860 if (usb_test_quirk(uaa, UQ_MSC_WRONG_CSWSIG))
861 quirks |= WRONG_CSWSIG;
862 if (usb_test_quirk(uaa, UQ_MSC_RBC_PAD_TO_12))
863 quirks |= RBC_PAD_TO_12;
864 if (usb_test_quirk(uaa, UQ_MSC_READ_CAP_OFFBY1))
865 quirks |= READ_CAPACITY_OFFBY1;
866 if (usb_test_quirk(uaa, UQ_MSC_FORCE_SHORT_INQ))
867 quirks |= FORCE_SHORT_INQUIRY;
868
869 done:
870 ret.quirks = quirks;
871 ret.proto = proto;
872 return (ret);
873 }
874
875 static int
umass_probe(device_t dev)876 umass_probe(device_t dev)
877 {
878 struct usb_attach_arg *uaa = device_get_ivars(dev);
879 struct umass_probe_proto temp;
880
881 if (uaa->usb_mode != USB_MODE_HOST) {
882 return (ENXIO);
883 }
884 temp = umass_probe_proto(dev, uaa);
885
886 return (temp.error);
887 }
888
889 static int
umass_attach(device_t dev)890 umass_attach(device_t dev)
891 {
892 struct umass_softc *sc = device_get_softc(dev);
893 struct usb_attach_arg *uaa = device_get_ivars(dev);
894 struct umass_probe_proto temp = umass_probe_proto(dev, uaa);
895 struct usb_interface_descriptor *id;
896 int err;
897
898 /*
899 * NOTE: the softc struct is cleared in device_set_driver.
900 * We can safely call umass_detach without specifically
901 * initializing the struct.
902 */
903
904 sc->sc_dev = dev;
905 sc->sc_udev = uaa->device;
906 sc->sc_proto = temp.proto;
907 sc->sc_quirks = temp.quirks;
908 sc->sc_unit = device_get_unit(dev);
909
910 ksnprintf(sc->sc_name, sizeof(sc->sc_name),
911 "%s", device_get_nameunit(dev));
912
913 device_set_usb_desc(dev);
914
915 lockinit(&sc->sc_lock, device_get_nameunit(dev), 0, LK_CANRECURSE);
916
917 /* get interface index */
918
919 id = usbd_get_interface_descriptor(uaa->iface);
920 if (id == NULL) {
921 device_printf(dev, "failed to get "
922 "interface number\n");
923 goto detach;
924 }
925 sc->sc_iface_no = id->bInterfaceNumber;
926
927 #ifdef USB_DEBUG
928 device_printf(dev, " ");
929
930 switch (sc->sc_proto & UMASS_PROTO_COMMAND) {
931 case UMASS_PROTO_SCSI:
932 kprintf("SCSI");
933 break;
934 case UMASS_PROTO_ATAPI:
935 kprintf("8070i (ATAPI)");
936 break;
937 case UMASS_PROTO_UFI:
938 kprintf("UFI");
939 break;
940 case UMASS_PROTO_RBC:
941 kprintf("RBC");
942 break;
943 default:
944 kprintf("(unknown 0x%02x)",
945 sc->sc_proto & UMASS_PROTO_COMMAND);
946 break;
947 }
948
949 kprintf(" over ");
950
951 switch (sc->sc_proto & UMASS_PROTO_WIRE) {
952 case UMASS_PROTO_BBB:
953 kprintf("Bulk-Only");
954 break;
955 case UMASS_PROTO_CBI: /* uses Comand/Bulk pipes */
956 kprintf("CBI");
957 break;
958 case UMASS_PROTO_CBI_I: /* uses Comand/Bulk/Interrupt pipes */
959 kprintf("CBI with CCI");
960 break;
961 default:
962 kprintf("(unknown 0x%02x)",
963 sc->sc_proto & UMASS_PROTO_WIRE);
964 }
965
966 kprintf("; quirks = 0x%04x\n", sc->sc_quirks);
967 #endif
968
969 if (sc->sc_quirks & ALT_IFACE_1) {
970 err = usbd_set_alt_interface_index
971 (uaa->device, uaa->info.bIfaceIndex, 1);
972
973 if (err) {
974 DPRINTF(sc, UDMASS_USB, "could not switch to "
975 "Alt Interface 1\n");
976 goto detach;
977 }
978 }
979 /* allocate all required USB transfers */
980
981 if (sc->sc_proto & UMASS_PROTO_BBB) {
982
983 err = usbd_transfer_setup(uaa->device,
984 &uaa->info.bIfaceIndex, sc->sc_xfer, umass_bbb_config,
985 UMASS_T_BBB_MAX, sc, &sc->sc_lock);
986
987 /* skip reset first time */
988 sc->sc_last_xfer_index = UMASS_T_BBB_COMMAND;
989
990 } else if (sc->sc_proto & (UMASS_PROTO_CBI | UMASS_PROTO_CBI_I)) {
991
992 err = usbd_transfer_setup(uaa->device,
993 &uaa->info.bIfaceIndex, sc->sc_xfer, umass_cbi_config,
994 UMASS_T_CBI_MAX, sc, &sc->sc_lock);
995
996 /* skip reset first time */
997 sc->sc_last_xfer_index = UMASS_T_CBI_COMMAND;
998
999 } else {
1000 err = USB_ERR_INVAL;
1001 }
1002
1003 if (err) {
1004 device_printf(dev, "could not setup required "
1005 "transfers, %s\n", usbd_errstr(err));
1006 goto detach;
1007 }
1008 #ifdef USB_DEBUG
1009 if (umass_throttle > 0) {
1010 uint8_t x;
1011 int iv;
1012
1013 iv = umass_throttle;
1014
1015 if (iv < 1)
1016 iv = 1;
1017 else if (iv > 8000)
1018 iv = 8000;
1019
1020 for (x = 0; x != UMASS_T_MAX; x++) {
1021 if (sc->sc_xfer[x] != NULL)
1022 usbd_xfer_set_interval(sc->sc_xfer[x], iv);
1023 }
1024 }
1025 #endif
1026 sc->sc_transform =
1027 (sc->sc_proto & UMASS_PROTO_SCSI) ? &umass_scsi_transform :
1028 (sc->sc_proto & UMASS_PROTO_UFI) ? &umass_ufi_transform :
1029 (sc->sc_proto & UMASS_PROTO_ATAPI) ? &umass_atapi_transform :
1030 (sc->sc_proto & UMASS_PROTO_RBC) ? &umass_rbc_transform :
1031 &umass_no_transform;
1032
1033 /* from here onwards the device can be used. */
1034
1035 if (sc->sc_quirks & SHUTTLE_INIT) {
1036 umass_init_shuttle(sc);
1037 }
1038 /* get the maximum LUN supported by the device */
1039
1040 if (((sc->sc_proto & UMASS_PROTO_WIRE) == UMASS_PROTO_BBB) &&
1041 !(sc->sc_quirks & NO_GETMAXLUN))
1042 sc->sc_maxlun = umass_bbb_get_max_lun(sc);
1043 else
1044 sc->sc_maxlun = 0;
1045
1046 /* Prepare the SCSI command block */
1047 sc->cam_scsi_sense.opcode = REQUEST_SENSE;
1048 sc->cam_scsi_test_unit_ready.opcode = TEST_UNIT_READY;
1049
1050 /* register the SIM */
1051 err = umass_cam_attach_sim(sc);
1052 if (err) {
1053 goto detach;
1054 }
1055 /* scan the SIM */
1056 umass_cam_attach(sc);
1057
1058 DPRINTF(sc, UDMASS_GEN, "Attach finished\n");
1059
1060 return (0); /* success */
1061
1062 detach:
1063 umass_detach(dev);
1064 return (ENXIO); /* failure */
1065 }
1066
1067 static int
umass_detach(device_t dev)1068 umass_detach(device_t dev)
1069 {
1070 struct umass_softc *sc = device_get_softc(dev);
1071
1072 DPRINTF(sc, UDMASS_USB, "\n");
1073
1074 /* teardown our statemachine */
1075
1076 usbd_transfer_unsetup(sc->sc_xfer, UMASS_T_MAX);
1077
1078 lockmgr(&sc->sc_lock, LK_EXCLUSIVE);
1079
1080 /* cancel any leftover CCBs */
1081 umass_cancel_ccb(sc);
1082
1083 umass_cam_detach_sim(sc);
1084
1085 lockmgr(&sc->sc_lock, LK_RELEASE);
1086 lockuninit(&sc->sc_lock);
1087
1088 return (0); /* success */
1089 }
1090
1091 static void
umass_init_shuttle(struct umass_softc * sc)1092 umass_init_shuttle(struct umass_softc *sc)
1093 {
1094 struct usb_device_request req;
1095 usb_error_t err;
1096 uint8_t status[2] = {0, 0};
1097
1098 /*
1099 * The Linux driver does this, but no one can tell us what the
1100 * command does.
1101 */
1102 req.bmRequestType = UT_READ_VENDOR_DEVICE;
1103 req.bRequest = 1; /* XXX unknown command */
1104 USETW(req.wValue, 0);
1105 req.wIndex[0] = sc->sc_iface_no;
1106 req.wIndex[1] = 0;
1107 USETW(req.wLength, sizeof(status));
1108 err = usbd_do_request(sc->sc_udev, NULL, &req, &status);
1109
1110 DPRINTF(sc, UDMASS_GEN, "Shuttle init returned 0x%02x%02x\n",
1111 status[0], status[1]);
1112 }
1113
1114 /*
1115 * Generic functions to handle transfers
1116 */
1117
1118 static void
umass_transfer_start(struct umass_softc * sc,uint8_t xfer_index)1119 umass_transfer_start(struct umass_softc *sc, uint8_t xfer_index)
1120 {
1121 DPRINTF(sc, UDMASS_GEN, "transfer index = "
1122 "%d\n", xfer_index);
1123
1124 if (sc->sc_xfer[xfer_index]) {
1125 sc->sc_last_xfer_index = xfer_index;
1126 usbd_transfer_start(sc->sc_xfer[xfer_index]);
1127 } else {
1128 umass_cancel_ccb(sc);
1129 }
1130 }
1131
1132 static void
umass_reset(struct umass_softc * sc)1133 umass_reset(struct umass_softc *sc)
1134 {
1135 DPRINTF(sc, UDMASS_GEN, "resetting device\n");
1136
1137 /*
1138 * stop the last transfer, if not already stopped:
1139 */
1140 usbd_transfer_stop(sc->sc_xfer[sc->sc_last_xfer_index]);
1141 umass_transfer_start(sc, 0);
1142 }
1143
1144 static void
umass_cancel_ccb(struct umass_softc * sc)1145 umass_cancel_ccb(struct umass_softc *sc)
1146 {
1147 union ccb *ccb;
1148
1149 #if 0
1150 KKASSERT(lockstatus(&sc->sc_lock, curthread) != 0);
1151 #endif
1152
1153 ccb = sc->sc_transfer.ccb;
1154 sc->sc_transfer.ccb = NULL;
1155 sc->sc_last_xfer_index = 0;
1156
1157 if (ccb) {
1158 (sc->sc_transfer.callback)
1159 (sc, ccb, (sc->sc_transfer.data_len -
1160 sc->sc_transfer.actlen), STATUS_WIRE_FAILED);
1161 }
1162 }
1163
1164 static void
umass_tr_error(struct usb_xfer * xfer,usb_error_t error)1165 umass_tr_error(struct usb_xfer *xfer, usb_error_t error)
1166 {
1167 struct umass_softc *sc = usbd_xfer_softc(xfer);
1168
1169 if (error != USB_ERR_CANCELLED) {
1170
1171 DPRINTF(sc, UDMASS_GEN, "transfer error, %s -> "
1172 "reset\n", usbd_errstr(error));
1173 }
1174 umass_cancel_ccb(sc);
1175 }
1176
1177 /*
1178 * BBB protocol specific functions
1179 */
1180
1181 static void
umass_t_bbb_reset1_callback(struct usb_xfer * xfer,usb_error_t error)1182 umass_t_bbb_reset1_callback(struct usb_xfer *xfer, usb_error_t error)
1183 {
1184 struct umass_softc *sc = usbd_xfer_softc(xfer);
1185 struct usb_device_request req;
1186 struct usb_page_cache *pc;
1187
1188 switch (USB_GET_STATE(xfer)) {
1189 case USB_ST_TRANSFERRED:
1190 umass_transfer_start(sc, UMASS_T_BBB_RESET2);
1191 return;
1192
1193 case USB_ST_SETUP:
1194 /*
1195 * Reset recovery (5.3.4 in Universal Serial Bus Mass Storage Class)
1196 *
1197 * For Reset Recovery the host shall issue in the following order:
1198 * a) a Bulk-Only Mass Storage Reset
1199 * b) a Clear Feature HALT to the Bulk-In endpoint
1200 * c) a Clear Feature HALT to the Bulk-Out endpoint
1201 *
1202 * This is done in 3 steps, using 3 transfers:
1203 * UMASS_T_BBB_RESET1
1204 * UMASS_T_BBB_RESET2
1205 * UMASS_T_BBB_RESET3
1206 */
1207
1208 DPRINTF(sc, UDMASS_BBB, "BBB reset!\n");
1209
1210 req.bmRequestType = UT_WRITE_CLASS_INTERFACE;
1211 req.bRequest = UR_BBB_RESET; /* bulk only reset */
1212 USETW(req.wValue, 0);
1213 req.wIndex[0] = sc->sc_iface_no;
1214 req.wIndex[1] = 0;
1215 USETW(req.wLength, 0);
1216
1217 pc = usbd_xfer_get_frame(xfer, 0);
1218 usbd_copy_in(pc, 0, &req, sizeof(req));
1219
1220 usbd_xfer_set_frame_len(xfer, 0, sizeof(req));
1221 usbd_xfer_set_frames(xfer, 1);
1222 usbd_transfer_submit(xfer);
1223 return;
1224
1225 default: /* Error */
1226 umass_tr_error(xfer, error);
1227 return;
1228 }
1229 }
1230
1231 static void
umass_t_bbb_reset2_callback(struct usb_xfer * xfer,usb_error_t error)1232 umass_t_bbb_reset2_callback(struct usb_xfer *xfer, usb_error_t error)
1233 {
1234 umass_t_bbb_data_clear_stall_callback(xfer, UMASS_T_BBB_RESET3,
1235 UMASS_T_BBB_DATA_READ, error);
1236 }
1237
1238 static void
umass_t_bbb_reset3_callback(struct usb_xfer * xfer,usb_error_t error)1239 umass_t_bbb_reset3_callback(struct usb_xfer *xfer, usb_error_t error)
1240 {
1241 umass_t_bbb_data_clear_stall_callback(xfer, UMASS_T_BBB_COMMAND,
1242 UMASS_T_BBB_DATA_WRITE, error);
1243 }
1244
1245 static void
umass_t_bbb_data_clear_stall_callback(struct usb_xfer * xfer,uint8_t next_xfer,uint8_t stall_xfer,usb_error_t error)1246 umass_t_bbb_data_clear_stall_callback(struct usb_xfer *xfer,
1247 uint8_t next_xfer, uint8_t stall_xfer, usb_error_t error)
1248 {
1249 struct umass_softc *sc = usbd_xfer_softc(xfer);
1250
1251 switch (USB_GET_STATE(xfer)) {
1252 case USB_ST_TRANSFERRED:
1253 tr_transferred:
1254 umass_transfer_start(sc, next_xfer);
1255 return;
1256
1257 case USB_ST_SETUP:
1258 if (usbd_clear_stall_callback(xfer, sc->sc_xfer[stall_xfer])) {
1259 goto tr_transferred;
1260 }
1261 return;
1262
1263 default: /* Error */
1264 umass_tr_error(xfer, error);
1265 return;
1266 }
1267 }
1268
1269 static void
umass_t_bbb_command_callback(struct usb_xfer * xfer,usb_error_t error)1270 umass_t_bbb_command_callback(struct usb_xfer *xfer, usb_error_t error)
1271 {
1272 struct umass_softc *sc = usbd_xfer_softc(xfer);
1273 union ccb *ccb = sc->sc_transfer.ccb;
1274 struct usb_page_cache *pc;
1275 uint32_t tag;
1276
1277 switch (USB_GET_STATE(xfer)) {
1278 case USB_ST_TRANSFERRED:
1279 umass_transfer_start
1280 (sc, ((sc->sc_transfer.dir == DIR_IN) ? UMASS_T_BBB_DATA_READ :
1281 (sc->sc_transfer.dir == DIR_OUT) ? UMASS_T_BBB_DATA_WRITE :
1282 UMASS_T_BBB_STATUS));
1283 return;
1284
1285 case USB_ST_SETUP:
1286
1287 sc->sc_status_try = 0;
1288
1289 if (ccb) {
1290
1291 /*
1292 * the initial value is not important,
1293 * as long as the values are unique:
1294 */
1295 tag = UGETDW(sc->cbw.dCBWTag) + 1;
1296
1297 USETDW(sc->cbw.dCBWSignature, CBWSIGNATURE);
1298 USETDW(sc->cbw.dCBWTag, tag);
1299
1300 /*
1301 * dCBWDataTransferLength:
1302 * This field indicates the number of bytes of data that the host
1303 * intends to transfer on the IN or OUT Bulk endpoint(as indicated by
1304 * the Direction bit) during the execution of this command. If this
1305 * field is set to 0, the device will expect that no data will be
1306 * transferred IN or OUT during this command, regardless of the value
1307 * of the Direction bit defined in dCBWFlags.
1308 */
1309 USETDW(sc->cbw.dCBWDataTransferLength, sc->sc_transfer.data_len);
1310
1311 /*
1312 * dCBWFlags:
1313 * The bits of the Flags field are defined as follows:
1314 * Bits 0-6 reserved
1315 * Bit 7 Direction - this bit shall be ignored if the
1316 * dCBWDataTransferLength field is zero.
1317 * 0 = data Out from host to device
1318 * 1 = data In from device to host
1319 */
1320 sc->cbw.bCBWFlags = ((sc->sc_transfer.dir == DIR_IN) ?
1321 CBWFLAGS_IN : CBWFLAGS_OUT);
1322 sc->cbw.bCBWLUN = sc->sc_transfer.lun;
1323
1324 if (sc->sc_transfer.cmd_len > sizeof(sc->cbw.CBWCDB)) {
1325 sc->sc_transfer.cmd_len = sizeof(sc->cbw.CBWCDB);
1326 DPRINTF(sc, UDMASS_BBB, "Truncating long command!\n");
1327 }
1328 sc->cbw.bCDBLength = sc->sc_transfer.cmd_len;
1329
1330 /* copy SCSI command data */
1331 memcpy(sc->cbw.CBWCDB, sc->sc_transfer.cmd_data,
1332 sc->sc_transfer.cmd_len);
1333
1334 /* clear remaining command area */
1335 memset(sc->cbw.CBWCDB +
1336 sc->sc_transfer.cmd_len, 0,
1337 sizeof(sc->cbw.CBWCDB) -
1338 sc->sc_transfer.cmd_len);
1339
1340 DIF(UDMASS_BBB, umass_bbb_dump_cbw(sc, &sc->cbw));
1341
1342 pc = usbd_xfer_get_frame(xfer, 0);
1343 usbd_copy_in(pc, 0, &sc->cbw, sizeof(sc->cbw));
1344 usbd_xfer_set_frame_len(xfer, 0, sizeof(sc->cbw));
1345
1346 usbd_transfer_submit(xfer);
1347 }
1348 return;
1349
1350 default: /* Error */
1351 umass_tr_error(xfer, error);
1352 return;
1353 }
1354 }
1355
1356 static void
umass_t_bbb_data_read_callback(struct usb_xfer * xfer,usb_error_t error)1357 umass_t_bbb_data_read_callback(struct usb_xfer *xfer, usb_error_t error)
1358 {
1359 struct umass_softc *sc = usbd_xfer_softc(xfer);
1360 uint32_t max_bulk = usbd_xfer_max_len(xfer);
1361 int actlen, sumlen;
1362
1363 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL);
1364
1365 switch (USB_GET_STATE(xfer)) {
1366 case USB_ST_TRANSFERRED:
1367 sc->sc_transfer.data_rem -= actlen;
1368 sc->sc_transfer.data_ptr += actlen;
1369 sc->sc_transfer.actlen += actlen;
1370
1371 if (actlen < sumlen) {
1372 /* short transfer */
1373 sc->sc_transfer.data_rem = 0;
1374 }
1375 case USB_ST_SETUP:
1376 DPRINTF(sc, UDMASS_BBB, "max_bulk=%d, data_rem=%d\n",
1377 max_bulk, sc->sc_transfer.data_rem);
1378
1379 if (sc->sc_transfer.data_rem == 0) {
1380 umass_transfer_start(sc, UMASS_T_BBB_STATUS);
1381 return;
1382 }
1383 if (max_bulk > sc->sc_transfer.data_rem) {
1384 max_bulk = sc->sc_transfer.data_rem;
1385 }
1386 usbd_xfer_set_timeout(xfer, sc->sc_transfer.data_timeout);
1387
1388 usbd_xfer_set_frame_data(xfer, 0, sc->sc_transfer.data_ptr,
1389 max_bulk);
1390
1391 usbd_transfer_submit(xfer);
1392 return;
1393
1394 default: /* Error */
1395 if (error == USB_ERR_CANCELLED) {
1396 umass_tr_error(xfer, error);
1397 } else {
1398 umass_transfer_start(sc, UMASS_T_BBB_DATA_RD_CS);
1399 }
1400 return;
1401 }
1402 }
1403
1404 static void
umass_t_bbb_data_rd_cs_callback(struct usb_xfer * xfer,usb_error_t error)1405 umass_t_bbb_data_rd_cs_callback(struct usb_xfer *xfer, usb_error_t error)
1406 {
1407 umass_t_bbb_data_clear_stall_callback(xfer, UMASS_T_BBB_STATUS,
1408 UMASS_T_BBB_DATA_READ, error);
1409 }
1410
1411 static void
umass_t_bbb_data_write_callback(struct usb_xfer * xfer,usb_error_t error)1412 umass_t_bbb_data_write_callback(struct usb_xfer *xfer, usb_error_t error)
1413 {
1414 struct umass_softc *sc = usbd_xfer_softc(xfer);
1415 uint32_t max_bulk = usbd_xfer_max_len(xfer);
1416 int actlen, sumlen;
1417
1418 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL);
1419
1420 switch (USB_GET_STATE(xfer)) {
1421 case USB_ST_TRANSFERRED:
1422 sc->sc_transfer.data_rem -= actlen;
1423 sc->sc_transfer.data_ptr += actlen;
1424 sc->sc_transfer.actlen += actlen;
1425
1426 if (actlen < sumlen) {
1427 /* short transfer */
1428 sc->sc_transfer.data_rem = 0;
1429 }
1430 case USB_ST_SETUP:
1431 DPRINTF(sc, UDMASS_BBB, "max_bulk=%d, data_rem=%d\n",
1432 max_bulk, sc->sc_transfer.data_rem);
1433
1434 if (sc->sc_transfer.data_rem == 0) {
1435 umass_transfer_start(sc, UMASS_T_BBB_STATUS);
1436 return;
1437 }
1438 if (max_bulk > sc->sc_transfer.data_rem) {
1439 max_bulk = sc->sc_transfer.data_rem;
1440 }
1441 usbd_xfer_set_timeout(xfer, sc->sc_transfer.data_timeout);
1442
1443 usbd_xfer_set_frame_data(xfer, 0, sc->sc_transfer.data_ptr,
1444 max_bulk);
1445
1446 usbd_transfer_submit(xfer);
1447 return;
1448
1449 default: /* Error */
1450 if (error == USB_ERR_CANCELLED) {
1451 umass_tr_error(xfer, error);
1452 } else {
1453 umass_transfer_start(sc, UMASS_T_BBB_DATA_WR_CS);
1454 }
1455 return;
1456 }
1457 }
1458
1459 static void
umass_t_bbb_data_wr_cs_callback(struct usb_xfer * xfer,usb_error_t error)1460 umass_t_bbb_data_wr_cs_callback(struct usb_xfer *xfer, usb_error_t error)
1461 {
1462 umass_t_bbb_data_clear_stall_callback(xfer, UMASS_T_BBB_STATUS,
1463 UMASS_T_BBB_DATA_WRITE, error);
1464 }
1465
1466 static void
umass_t_bbb_status_callback(struct usb_xfer * xfer,usb_error_t error)1467 umass_t_bbb_status_callback(struct usb_xfer *xfer, usb_error_t error)
1468 {
1469 struct umass_softc *sc = usbd_xfer_softc(xfer);
1470 union ccb *ccb = sc->sc_transfer.ccb;
1471 struct usb_page_cache *pc;
1472 uint32_t residue;
1473 int actlen;
1474
1475 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL);
1476
1477 switch (USB_GET_STATE(xfer)) {
1478 case USB_ST_TRANSFERRED:
1479
1480 /*
1481 * Do a full reset if there is something wrong with the CSW:
1482 */
1483 sc->sc_status_try = 1;
1484
1485 /* Zero missing parts of the CSW: */
1486
1487 if (actlen < (int)sizeof(sc->csw))
1488 memset(&sc->csw, 0, sizeof(sc->csw));
1489
1490 pc = usbd_xfer_get_frame(xfer, 0);
1491 usbd_copy_out(pc, 0, &sc->csw, actlen);
1492
1493 DIF(UDMASS_BBB, umass_bbb_dump_csw(sc, &sc->csw));
1494
1495 residue = UGETDW(sc->csw.dCSWDataResidue);
1496
1497 if ((!residue) || (sc->sc_quirks & IGNORE_RESIDUE)) {
1498 residue = (sc->sc_transfer.data_len -
1499 sc->sc_transfer.actlen);
1500 }
1501 if (residue > sc->sc_transfer.data_len) {
1502 DPRINTF(sc, UDMASS_BBB, "truncating residue from %d "
1503 "to %d bytes\n", residue, sc->sc_transfer.data_len);
1504 residue = sc->sc_transfer.data_len;
1505 }
1506 /* translate weird command-status signatures: */
1507 if (sc->sc_quirks & WRONG_CSWSIG) {
1508
1509 uint32_t temp = UGETDW(sc->csw.dCSWSignature);
1510
1511 if ((temp == CSWSIGNATURE_OLYMPUS_C1) ||
1512 (temp == CSWSIGNATURE_IMAGINATION_DBX1)) {
1513 USETDW(sc->csw.dCSWSignature, CSWSIGNATURE);
1514 }
1515 }
1516 /* check CSW and handle eventual error */
1517 if (UGETDW(sc->csw.dCSWSignature) != CSWSIGNATURE) {
1518 DPRINTF(sc, UDMASS_BBB, "bad CSW signature 0x%08x != 0x%08x\n",
1519 UGETDW(sc->csw.dCSWSignature), CSWSIGNATURE);
1520 /*
1521 * Invalid CSW: Wrong signature or wrong tag might
1522 * indicate that we lost synchronization. Reset the
1523 * device.
1524 */
1525 goto tr_error;
1526 } else if (UGETDW(sc->csw.dCSWTag) != UGETDW(sc->cbw.dCBWTag)) {
1527 DPRINTF(sc, UDMASS_BBB, "Invalid CSW: tag 0x%08x should be "
1528 "0x%08x\n", UGETDW(sc->csw.dCSWTag),
1529 UGETDW(sc->cbw.dCBWTag));
1530 goto tr_error;
1531 } else if (sc->csw.bCSWStatus > CSWSTATUS_PHASE) {
1532 DPRINTF(sc, UDMASS_BBB, "Invalid CSW: status %d > %d\n",
1533 sc->csw.bCSWStatus, CSWSTATUS_PHASE);
1534 goto tr_error;
1535 } else if (sc->csw.bCSWStatus == CSWSTATUS_PHASE) {
1536 DPRINTF(sc, UDMASS_BBB, "Phase error, residue = "
1537 "%d\n", residue);
1538 goto tr_error;
1539 } else if (sc->sc_transfer.actlen > sc->sc_transfer.data_len) {
1540 DPRINTF(sc, UDMASS_BBB, "Buffer overrun %d > %d\n",
1541 sc->sc_transfer.actlen, sc->sc_transfer.data_len);
1542 goto tr_error;
1543 } else if (sc->csw.bCSWStatus == CSWSTATUS_FAILED) {
1544 DPRINTF(sc, UDMASS_BBB, "Command failed, residue = "
1545 "%d\n", residue);
1546
1547 sc->sc_transfer.ccb = NULL;
1548
1549 sc->sc_last_xfer_index = UMASS_T_BBB_COMMAND;
1550
1551 (sc->sc_transfer.callback)
1552 (sc, ccb, residue, STATUS_CMD_FAILED);
1553 } else {
1554 sc->sc_transfer.ccb = NULL;
1555
1556 sc->sc_last_xfer_index = UMASS_T_BBB_COMMAND;
1557
1558 (sc->sc_transfer.callback)
1559 (sc, ccb, residue, STATUS_CMD_OK);
1560 }
1561 return;
1562
1563 case USB_ST_SETUP:
1564 usbd_xfer_set_frame_len(xfer, 0, usbd_xfer_max_len(xfer));
1565 usbd_transfer_submit(xfer);
1566 return;
1567
1568 default:
1569 tr_error:
1570 DPRINTF(sc, UDMASS_BBB, "Failed to read CSW: %s, try %d\n",
1571 usbd_errstr(error), sc->sc_status_try);
1572
1573 if ((error == USB_ERR_CANCELLED) ||
1574 (sc->sc_status_try)) {
1575 umass_tr_error(xfer, error);
1576 } else {
1577 sc->sc_status_try = 1;
1578 umass_transfer_start(sc, UMASS_T_BBB_DATA_RD_CS);
1579 }
1580 return;
1581 }
1582 }
1583
1584 static void
umass_command_start(struct umass_softc * sc,uint8_t dir,void * data_ptr,uint32_t data_len,uint32_t data_timeout,umass_callback_t * callback,union ccb * ccb)1585 umass_command_start(struct umass_softc *sc, uint8_t dir,
1586 void *data_ptr, uint32_t data_len,
1587 uint32_t data_timeout, umass_callback_t *callback,
1588 union ccb *ccb)
1589 {
1590 sc->sc_transfer.lun = ccb->ccb_h.target_lun;
1591
1592 /*
1593 * NOTE: assumes that "sc->sc_transfer.cmd_data" and
1594 * "sc->sc_transfer.cmd_len" has been properly
1595 * initialized.
1596 */
1597
1598 sc->sc_transfer.dir = data_len ? dir : DIR_NONE;
1599 sc->sc_transfer.data_ptr = data_ptr;
1600 sc->sc_transfer.data_len = data_len;
1601 sc->sc_transfer.data_rem = data_len;
1602 sc->sc_transfer.data_timeout = (data_timeout + UMASS_TIMEOUT);
1603
1604 sc->sc_transfer.actlen = 0;
1605 sc->sc_transfer.callback = callback;
1606 sc->sc_transfer.ccb = ccb;
1607
1608 if (sc->sc_xfer[sc->sc_last_xfer_index]) {
1609 usbd_transfer_start(sc->sc_xfer[sc->sc_last_xfer_index]);
1610 } else {
1611 umass_cancel_ccb(sc);
1612 }
1613 }
1614
1615 static uint8_t
umass_bbb_get_max_lun(struct umass_softc * sc)1616 umass_bbb_get_max_lun(struct umass_softc *sc)
1617 {
1618 struct usb_device_request req;
1619 usb_error_t err;
1620 uint8_t buf = 0;
1621
1622 /* The Get Max Lun command is a class-specific request. */
1623 req.bmRequestType = UT_READ_CLASS_INTERFACE;
1624 req.bRequest = UR_BBB_GET_MAX_LUN;
1625 USETW(req.wValue, 0);
1626 req.wIndex[0] = sc->sc_iface_no;
1627 req.wIndex[1] = 0;
1628 USETW(req.wLength, 1);
1629
1630 err = usbd_do_request(sc->sc_udev, NULL, &req, &buf);
1631 if (err) {
1632 buf = 0;
1633
1634 /* Device doesn't support Get Max Lun request. */
1635 kprintf("%s: Get Max Lun not supported (%s)\n",
1636 sc->sc_name, usbd_errstr(err));
1637 }
1638 return (buf);
1639 }
1640
1641 /*
1642 * Command/Bulk/Interrupt (CBI) specific functions
1643 */
1644
1645 static void
umass_cbi_start_status(struct umass_softc * sc)1646 umass_cbi_start_status(struct umass_softc *sc)
1647 {
1648 if (sc->sc_xfer[UMASS_T_CBI_STATUS]) {
1649 umass_transfer_start(sc, UMASS_T_CBI_STATUS);
1650 } else {
1651 union ccb *ccb = sc->sc_transfer.ccb;
1652
1653 sc->sc_transfer.ccb = NULL;
1654
1655 sc->sc_last_xfer_index = UMASS_T_CBI_COMMAND;
1656
1657 (sc->sc_transfer.callback)
1658 (sc, ccb, (sc->sc_transfer.data_len -
1659 sc->sc_transfer.actlen), STATUS_CMD_UNKNOWN);
1660 }
1661 }
1662
1663 static void
umass_t_cbi_reset1_callback(struct usb_xfer * xfer,usb_error_t error)1664 umass_t_cbi_reset1_callback(struct usb_xfer *xfer, usb_error_t error)
1665 {
1666 struct umass_softc *sc = usbd_xfer_softc(xfer);
1667 struct usb_device_request req;
1668 struct usb_page_cache *pc;
1669 uint8_t buf[UMASS_CBI_DIAGNOSTIC_CMDLEN];
1670
1671 uint8_t i;
1672
1673 switch (USB_GET_STATE(xfer)) {
1674 case USB_ST_TRANSFERRED:
1675 umass_transfer_start(sc, UMASS_T_CBI_RESET2);
1676 break;
1677
1678 case USB_ST_SETUP:
1679 /*
1680 * Command Block Reset Protocol
1681 *
1682 * First send a reset request to the device. Then clear
1683 * any possibly stalled bulk endpoints.
1684 *
1685 * This is done in 3 steps, using 3 transfers:
1686 * UMASS_T_CBI_RESET1
1687 * UMASS_T_CBI_RESET2
1688 * UMASS_T_CBI_RESET3
1689 * UMASS_T_CBI_RESET4 (only if there is an interrupt endpoint)
1690 */
1691
1692 DPRINTF(sc, UDMASS_CBI, "CBI reset!\n");
1693
1694 req.bmRequestType = UT_WRITE_CLASS_INTERFACE;
1695 req.bRequest = UR_CBI_ADSC;
1696 USETW(req.wValue, 0);
1697 req.wIndex[0] = sc->sc_iface_no;
1698 req.wIndex[1] = 0;
1699 USETW(req.wLength, UMASS_CBI_DIAGNOSTIC_CMDLEN);
1700
1701 /*
1702 * The 0x1d code is the SEND DIAGNOSTIC command. To
1703 * distinguish between the two, the last 10 bytes of the CBL
1704 * is filled with 0xff (section 2.2 of the CBI
1705 * specification)
1706 */
1707 buf[0] = 0x1d; /* Command Block Reset */
1708 buf[1] = 0x04;
1709
1710 for (i = 2; i < UMASS_CBI_DIAGNOSTIC_CMDLEN; i++) {
1711 buf[i] = 0xff;
1712 }
1713
1714 pc = usbd_xfer_get_frame(xfer, 0);
1715 usbd_copy_in(pc, 0, &req, sizeof(req));
1716 pc = usbd_xfer_get_frame(xfer, 1);
1717 usbd_copy_in(pc, 0, buf, sizeof(buf));
1718
1719 usbd_xfer_set_frame_len(xfer, 0, sizeof(req));
1720 usbd_xfer_set_frame_len(xfer, 1, sizeof(buf));
1721 usbd_xfer_set_frames(xfer, 2);
1722 usbd_transfer_submit(xfer);
1723 break;
1724
1725 default: /* Error */
1726 if (error == USB_ERR_CANCELLED)
1727 umass_tr_error(xfer, error);
1728 else
1729 umass_transfer_start(sc, UMASS_T_CBI_RESET2);
1730 break;
1731 }
1732 }
1733
1734 static void
umass_t_cbi_reset2_callback(struct usb_xfer * xfer,usb_error_t error)1735 umass_t_cbi_reset2_callback(struct usb_xfer *xfer, usb_error_t error)
1736 {
1737 umass_t_cbi_data_clear_stall_callback(xfer, UMASS_T_CBI_RESET3,
1738 UMASS_T_CBI_DATA_READ, error);
1739 }
1740
1741 static void
umass_t_cbi_reset3_callback(struct usb_xfer * xfer,usb_error_t error)1742 umass_t_cbi_reset3_callback(struct usb_xfer *xfer, usb_error_t error)
1743 {
1744 struct umass_softc *sc = usbd_xfer_softc(xfer);
1745
1746 umass_t_cbi_data_clear_stall_callback
1747 (xfer, (sc->sc_xfer[UMASS_T_CBI_RESET4] &&
1748 sc->sc_xfer[UMASS_T_CBI_STATUS]) ?
1749 UMASS_T_CBI_RESET4 : UMASS_T_CBI_COMMAND,
1750 UMASS_T_CBI_DATA_WRITE, error);
1751 }
1752
1753 static void
umass_t_cbi_reset4_callback(struct usb_xfer * xfer,usb_error_t error)1754 umass_t_cbi_reset4_callback(struct usb_xfer *xfer, usb_error_t error)
1755 {
1756 umass_t_cbi_data_clear_stall_callback(xfer, UMASS_T_CBI_COMMAND,
1757 UMASS_T_CBI_STATUS, error);
1758 }
1759
1760 static void
umass_t_cbi_data_clear_stall_callback(struct usb_xfer * xfer,uint8_t next_xfer,uint8_t stall_xfer,usb_error_t error)1761 umass_t_cbi_data_clear_stall_callback(struct usb_xfer *xfer,
1762 uint8_t next_xfer, uint8_t stall_xfer, usb_error_t error)
1763 {
1764 struct umass_softc *sc = usbd_xfer_softc(xfer);
1765
1766 switch (USB_GET_STATE(xfer)) {
1767 case USB_ST_TRANSFERRED:
1768 tr_transferred:
1769 if (next_xfer == UMASS_T_CBI_STATUS) {
1770 umass_cbi_start_status(sc);
1771 } else {
1772 umass_transfer_start(sc, next_xfer);
1773 }
1774 break;
1775
1776 case USB_ST_SETUP:
1777 if (usbd_clear_stall_callback(xfer, sc->sc_xfer[stall_xfer])) {
1778 goto tr_transferred; /* should not happen */
1779 }
1780 break;
1781
1782 default: /* Error */
1783 umass_tr_error(xfer, error);
1784 break;
1785 }
1786 }
1787
1788 static void
umass_t_cbi_command_callback(struct usb_xfer * xfer,usb_error_t error)1789 umass_t_cbi_command_callback(struct usb_xfer *xfer, usb_error_t error)
1790 {
1791 struct umass_softc *sc = usbd_xfer_softc(xfer);
1792 union ccb *ccb = sc->sc_transfer.ccb;
1793 struct usb_device_request req;
1794 struct usb_page_cache *pc;
1795
1796 switch (USB_GET_STATE(xfer)) {
1797 case USB_ST_TRANSFERRED:
1798
1799 if (sc->sc_transfer.dir == DIR_NONE) {
1800 umass_cbi_start_status(sc);
1801 } else {
1802 umass_transfer_start
1803 (sc, (sc->sc_transfer.dir == DIR_IN) ?
1804 UMASS_T_CBI_DATA_READ : UMASS_T_CBI_DATA_WRITE);
1805 }
1806 break;
1807
1808 case USB_ST_SETUP:
1809
1810 if (ccb) {
1811
1812 /*
1813 * do a CBI transfer with cmd_len bytes from
1814 * cmd_data, possibly a data phase of data_len
1815 * bytes from/to the device and finally a status
1816 * read phase.
1817 */
1818
1819 req.bmRequestType = UT_WRITE_CLASS_INTERFACE;
1820 req.bRequest = UR_CBI_ADSC;
1821 USETW(req.wValue, 0);
1822 req.wIndex[0] = sc->sc_iface_no;
1823 req.wIndex[1] = 0;
1824 req.wLength[0] = sc->sc_transfer.cmd_len;
1825 req.wLength[1] = 0;
1826
1827 pc = usbd_xfer_get_frame(xfer, 0);
1828 usbd_copy_in(pc, 0, &req, sizeof(req));
1829 pc = usbd_xfer_get_frame(xfer, 1);
1830 usbd_copy_in(pc, 0, sc->sc_transfer.cmd_data,
1831 sc->sc_transfer.cmd_len);
1832
1833 usbd_xfer_set_frame_len(xfer, 0, sizeof(req));
1834 usbd_xfer_set_frame_len(xfer, 1, sc->sc_transfer.cmd_len);
1835 usbd_xfer_set_frames(xfer,
1836 sc->sc_transfer.cmd_len ? 2 : 1);
1837
1838 DIF(UDMASS_CBI,
1839 umass_cbi_dump_cmd(sc,
1840 sc->sc_transfer.cmd_data,
1841 sc->sc_transfer.cmd_len));
1842
1843 usbd_transfer_submit(xfer);
1844 }
1845 break;
1846
1847 default: /* Error */
1848 /*
1849 * STALL on the control pipe can be result of the command error.
1850 * Attempt to clear this STALL same as for bulk pipe also
1851 * results in command completion interrupt, but ASC/ASCQ there
1852 * look like not always valid, so don't bother about it.
1853 */
1854 if ((error == USB_ERR_STALLED) ||
1855 (sc->sc_transfer.callback == &umass_cam_cb)) {
1856 sc->sc_transfer.ccb = NULL;
1857 (sc->sc_transfer.callback)
1858 (sc, ccb, sc->sc_transfer.data_len,
1859 STATUS_CMD_UNKNOWN);
1860 } else {
1861 umass_tr_error(xfer, error);
1862 /* skip reset */
1863 sc->sc_last_xfer_index = UMASS_T_CBI_COMMAND;
1864 }
1865 break;
1866 }
1867 }
1868
1869 static void
umass_t_cbi_data_read_callback(struct usb_xfer * xfer,usb_error_t error)1870 umass_t_cbi_data_read_callback(struct usb_xfer *xfer, usb_error_t error)
1871 {
1872 struct umass_softc *sc = usbd_xfer_softc(xfer);
1873 uint32_t max_bulk = usbd_xfer_max_len(xfer);
1874 int actlen, sumlen;
1875
1876 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL);
1877
1878 switch (USB_GET_STATE(xfer)) {
1879 case USB_ST_TRANSFERRED:
1880 sc->sc_transfer.data_rem -= actlen;
1881 sc->sc_transfer.data_ptr += actlen;
1882 sc->sc_transfer.actlen += actlen;
1883
1884 if (actlen < sumlen) {
1885 /* short transfer */
1886 sc->sc_transfer.data_rem = 0;
1887 }
1888 case USB_ST_SETUP:
1889 DPRINTF(sc, UDMASS_CBI, "max_bulk=%d, data_rem=%d\n",
1890 max_bulk, sc->sc_transfer.data_rem);
1891
1892 if (sc->sc_transfer.data_rem == 0) {
1893 umass_cbi_start_status(sc);
1894 break;
1895 }
1896 if (max_bulk > sc->sc_transfer.data_rem) {
1897 max_bulk = sc->sc_transfer.data_rem;
1898 }
1899 usbd_xfer_set_timeout(xfer, sc->sc_transfer.data_timeout);
1900
1901 usbd_xfer_set_frame_data(xfer, 0, sc->sc_transfer.data_ptr,
1902 max_bulk);
1903
1904 usbd_transfer_submit(xfer);
1905 break;
1906
1907 default: /* Error */
1908 if ((error == USB_ERR_CANCELLED) ||
1909 (sc->sc_transfer.callback != &umass_cam_cb)) {
1910 umass_tr_error(xfer, error);
1911 } else {
1912 umass_transfer_start(sc, UMASS_T_CBI_DATA_RD_CS);
1913 }
1914 break;
1915 }
1916 }
1917
1918 static void
umass_t_cbi_data_rd_cs_callback(struct usb_xfer * xfer,usb_error_t error)1919 umass_t_cbi_data_rd_cs_callback(struct usb_xfer *xfer, usb_error_t error)
1920 {
1921 umass_t_cbi_data_clear_stall_callback(xfer, UMASS_T_CBI_STATUS,
1922 UMASS_T_CBI_DATA_READ, error);
1923 }
1924
1925 static void
umass_t_cbi_data_write_callback(struct usb_xfer * xfer,usb_error_t error)1926 umass_t_cbi_data_write_callback(struct usb_xfer *xfer, usb_error_t error)
1927 {
1928 struct umass_softc *sc = usbd_xfer_softc(xfer);
1929 uint32_t max_bulk = usbd_xfer_max_len(xfer);
1930 int actlen, sumlen;
1931
1932 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL);
1933
1934 switch (USB_GET_STATE(xfer)) {
1935 case USB_ST_TRANSFERRED:
1936 sc->sc_transfer.data_rem -= actlen;
1937 sc->sc_transfer.data_ptr += actlen;
1938 sc->sc_transfer.actlen += actlen;
1939
1940 if (actlen < sumlen) {
1941 /* short transfer */
1942 sc->sc_transfer.data_rem = 0;
1943 }
1944 case USB_ST_SETUP:
1945 DPRINTF(sc, UDMASS_CBI, "max_bulk=%d, data_rem=%d\n",
1946 max_bulk, sc->sc_transfer.data_rem);
1947
1948 if (sc->sc_transfer.data_rem == 0) {
1949 umass_cbi_start_status(sc);
1950 break;
1951 }
1952 if (max_bulk > sc->sc_transfer.data_rem) {
1953 max_bulk = sc->sc_transfer.data_rem;
1954 }
1955 usbd_xfer_set_timeout(xfer, sc->sc_transfer.data_timeout);
1956
1957 usbd_xfer_set_frame_data(xfer, 0, sc->sc_transfer.data_ptr,
1958 max_bulk);
1959
1960 usbd_transfer_submit(xfer);
1961 break;
1962
1963 default: /* Error */
1964 if ((error == USB_ERR_CANCELLED) ||
1965 (sc->sc_transfer.callback != &umass_cam_cb)) {
1966 umass_tr_error(xfer, error);
1967 } else {
1968 umass_transfer_start(sc, UMASS_T_CBI_DATA_WR_CS);
1969 }
1970 break;
1971 }
1972 }
1973
1974 static void
umass_t_cbi_data_wr_cs_callback(struct usb_xfer * xfer,usb_error_t error)1975 umass_t_cbi_data_wr_cs_callback(struct usb_xfer *xfer, usb_error_t error)
1976 {
1977 umass_t_cbi_data_clear_stall_callback(xfer, UMASS_T_CBI_STATUS,
1978 UMASS_T_CBI_DATA_WRITE, error);
1979 }
1980
1981 static void
umass_t_cbi_status_callback(struct usb_xfer * xfer,usb_error_t error)1982 umass_t_cbi_status_callback(struct usb_xfer *xfer, usb_error_t error)
1983 {
1984 struct umass_softc *sc = usbd_xfer_softc(xfer);
1985 union ccb *ccb = sc->sc_transfer.ccb;
1986 struct usb_page_cache *pc;
1987 uint32_t residue;
1988 uint8_t status;
1989 int actlen;
1990
1991 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL);
1992
1993 switch (USB_GET_STATE(xfer)) {
1994 case USB_ST_TRANSFERRED:
1995
1996 if (actlen < (int)sizeof(sc->sbl)) {
1997 goto tr_setup;
1998 }
1999 pc = usbd_xfer_get_frame(xfer, 0);
2000 usbd_copy_out(pc, 0, &sc->sbl, sizeof(sc->sbl));
2001
2002 residue = (sc->sc_transfer.data_len -
2003 sc->sc_transfer.actlen);
2004
2005 /* dissect the information in the buffer */
2006
2007 if (sc->sc_proto & UMASS_PROTO_UFI) {
2008
2009 /*
2010 * Section 3.4.3.1.3 specifies that the UFI command
2011 * protocol returns an ASC and ASCQ in the interrupt
2012 * data block.
2013 */
2014
2015 DPRINTF(sc, UDMASS_CBI, "UFI CCI, ASC = 0x%02x, "
2016 "ASCQ = 0x%02x\n", sc->sbl.ufi.asc,
2017 sc->sbl.ufi.ascq);
2018
2019 status = (((sc->sbl.ufi.asc == 0) &&
2020 (sc->sbl.ufi.ascq == 0)) ?
2021 STATUS_CMD_OK : STATUS_CMD_FAILED);
2022
2023 sc->sc_transfer.ccb = NULL;
2024
2025 sc->sc_last_xfer_index = UMASS_T_CBI_COMMAND;
2026
2027 (sc->sc_transfer.callback)
2028 (sc, ccb, residue, status);
2029
2030 break;
2031
2032 } else {
2033
2034 /* Command Interrupt Data Block */
2035
2036 DPRINTF(sc, UDMASS_CBI, "type=0x%02x, value=0x%02x\n",
2037 sc->sbl.common.type, sc->sbl.common.value);
2038
2039 if (sc->sbl.common.type == IDB_TYPE_CCI) {
2040
2041 status = (sc->sbl.common.value & IDB_VALUE_STATUS_MASK);
2042
2043 status = ((status == IDB_VALUE_PASS) ? STATUS_CMD_OK :
2044 (status == IDB_VALUE_FAIL) ? STATUS_CMD_FAILED :
2045 (status == IDB_VALUE_PERSISTENT) ? STATUS_CMD_FAILED :
2046 STATUS_WIRE_FAILED);
2047
2048 sc->sc_transfer.ccb = NULL;
2049
2050 sc->sc_last_xfer_index = UMASS_T_CBI_COMMAND;
2051
2052 (sc->sc_transfer.callback)
2053 (sc, ccb, residue, status);
2054
2055 break;
2056 }
2057 }
2058
2059 /* fallthrough */
2060
2061 case USB_ST_SETUP:
2062 tr_setup:
2063 usbd_xfer_set_frame_len(xfer, 0, usbd_xfer_max_len(xfer));
2064 usbd_transfer_submit(xfer);
2065 break;
2066
2067 default: /* Error */
2068 DPRINTF(sc, UDMASS_CBI, "Failed to read CSW: %s\n",
2069 usbd_errstr(error));
2070 umass_tr_error(xfer, error);
2071 break;
2072 }
2073 }
2074
2075 /*
2076 * CAM specific functions (used by SCSI, UFI, 8070i (ATAPI))
2077 */
2078
2079 static int
umass_cam_attach_sim(struct umass_softc * sc)2080 umass_cam_attach_sim(struct umass_softc *sc)
2081 {
2082 struct cam_devq *devq; /* Per device Queue */
2083
2084 /*
2085 * A HBA is attached to the CAM layer.
2086 *
2087 * The CAM layer will then after a while start probing for devices on
2088 * the bus. The number of SIMs is limited to one.
2089 */
2090
2091 devq = cam_simq_alloc(1 /* maximum openings */ );
2092 if (devq == NULL) {
2093 return (ENOMEM);
2094 }
2095 sc->sc_sim = cam_sim_alloc
2096 (umass_cam_action, umass_cam_poll,
2097 DEVNAME_SIM,
2098 sc /* priv */ ,
2099 sc->sc_unit /* unit number */ ,
2100 &sc->sc_lock /* mutex */ ,
2101 1 /* maximum device openings */ ,
2102 0 /* maximum tagged device openings */ ,
2103 devq);
2104
2105 cam_simq_release(devq);
2106
2107 if (sc->sc_sim == NULL) {
2108 return (ENOMEM);
2109 }
2110 usb_callout_init_mtx(&sc->sc_rescan_timeout, &sc->sc_lock, 0);
2111
2112 lockmgr(&sc->sc_lock, LK_EXCLUSIVE);
2113
2114 if (xpt_bus_register(sc->sc_sim, sc->sc_unit) != CAM_SUCCESS) {
2115 lockmgr(&sc->sc_lock, LK_RELEASE);
2116 return (ENOMEM);
2117 }
2118
2119 lockmgr(&sc->sc_lock, LK_RELEASE);
2120 return (0);
2121 }
2122
2123 /*
2124 * (mp) We need this for DragonflyBSD to realise that there
2125 * is a new device present
2126 */
2127
2128 static void
umass_cam_rescan_callback(struct cam_periph * periph,union ccb * ccb)2129 umass_cam_rescan_callback(struct cam_periph *periph, union ccb *ccb)
2130 {
2131 #ifdef USB_DEBUG
2132 if (ccb->ccb_h.status != CAM_REQ_CMP) {
2133 kprintf("%s:%d Rescan failed, 0x%04x\n",
2134 periph->periph_name, periph->unit_number,
2135 ccb->ccb_h.status);
2136 } else {
2137 kprintf("%s%d: Rescan succeeded\n",
2138 periph->periph_name, periph->unit_number);
2139 }
2140 #endif
2141
2142 xpt_free_path(ccb->ccb_h.path);
2143 xpt_free_ccb(&ccb->ccb_h);
2144 }
2145
2146 /*
2147 * Rescan the SCSI bus to detect newly added devices. We use
2148 * an async rescan to avoid reentrancy issues.
2149 */
2150 static void
umass_cam_rescan(void * addr)2151 umass_cam_rescan(void *addr)
2152 {
2153 struct umass_softc *sc = (struct umass_softc *) addr;
2154 struct cam_path *path;
2155 union ccb *ccb;
2156
2157 ccb = xpt_alloc_ccb();
2158
2159 DPRINTF(sc, UDMASS_SCSI, "scbus%d: scanning for %s:%d:%d:%d\n",
2160 cam_sim_path(sc->sc_sim),
2161 device_get_nameunit(sc->sc_dev), cam_sim_path(sc->sc_sim),
2162 device_get_unit(sc->sc_dev), CAM_LUN_WILDCARD);
2163
2164 if (xpt_create_path(&path, xpt_periph, cam_sim_path(sc->sc_sim),
2165 CAM_TARGET_WILDCARD, CAM_LUN_WILDCARD) != CAM_REQ_CMP) {
2166 xpt_free_ccb(&ccb->ccb_h);
2167 return;
2168 }
2169
2170 xpt_setup_ccb(&ccb->ccb_h, path, 5/*priority (low)*/);
2171 ccb->ccb_h.func_code = XPT_SCAN_BUS;
2172 ccb->ccb_h.cbfcnp = umass_cam_rescan_callback;
2173 ccb->crcn.flags = CAM_FLAG_NONE;
2174 xpt_action_async(ccb);
2175
2176 /* The scan is in progress now. */
2177 }
2178
2179 static void
umass_cam_attach(struct umass_softc * sc)2180 umass_cam_attach(struct umass_softc *sc)
2181 {
2182 #ifndef USB_DEBUG
2183 if (bootverbose)
2184 #endif
2185 kprintf("%s:%d:%d:%d: Attached to scbus%d\n",
2186 sc->sc_name, cam_sim_path(sc->sc_sim),
2187 sc->sc_unit, CAM_LUN_WILDCARD,
2188 cam_sim_path(sc->sc_sim));
2189
2190 if(!cold) {
2191 usb_callout_reset(&sc->sc_rescan_timeout, USB_MS_TO_TICKS(200),
2192 umass_cam_rescan, sc);
2193 }
2194 }
2195
2196 /* umass_cam_detach
2197 * detach from the CAM layer
2198 */
2199
2200 static void
umass_cam_detach_sim(struct umass_softc * sc)2201 umass_cam_detach_sim(struct umass_softc *sc)
2202 {
2203 if (sc->sc_sim != NULL) {
2204 usb_callout_stop(&sc->sc_rescan_timeout);
2205 if (xpt_bus_deregister(cam_sim_path(sc->sc_sim))) {
2206 /* accessing the softc is not possible after this */
2207 sc->sc_sim->softc = NULL;
2208 cam_sim_free(sc->sc_sim);
2209 } else {
2210 panic("%s: CAM layer is busy\n",
2211 sc->sc_name);
2212 }
2213 sc->sc_sim = NULL;
2214 }
2215 }
2216
2217 /* umass_cam_action
2218 * CAM requests for action come through here
2219 */
2220
2221 static void
umass_cam_action(struct cam_sim * sim,union ccb * ccb)2222 umass_cam_action(struct cam_sim *sim, union ccb *ccb)
2223 {
2224 struct umass_softc *sc = (struct umass_softc *)sim->softc;
2225
2226 if (sc == NULL) {
2227 ccb->ccb_h.status = CAM_SEL_TIMEOUT;
2228 xpt_done(ccb);
2229 return;
2230 }
2231
2232 /* Perform the requested action */
2233 switch (ccb->ccb_h.func_code) {
2234 case XPT_SCSI_IO:
2235 {
2236 uint8_t *cmd;
2237 uint8_t dir;
2238
2239 if (ccb->csio.ccb_h.flags & CAM_CDB_POINTER) {
2240 cmd = (uint8_t *)(ccb->csio.cdb_io.cdb_ptr);
2241 } else {
2242 cmd = (uint8_t *)(ccb->csio.cdb_io.cdb_bytes);
2243 }
2244
2245 DPRINTF(sc, UDMASS_SCSI, "%d:%d:%jx:XPT_SCSI_IO: "
2246 "cmd: 0x%02x, flags: 0x%02x, "
2247 "%db cmd/%db data/%db sense\n",
2248 cam_sim_path(sc->sc_sim), ccb->ccb_h.target_id,
2249 (uintmax_t)ccb->ccb_h.target_lun, cmd[0],
2250 ccb->ccb_h.flags & CAM_DIR_MASK, ccb->csio.cdb_len,
2251 ccb->csio.dxfer_len, ccb->csio.sense_len);
2252
2253 if (sc->sc_transfer.ccb) {
2254 DPRINTF(sc, UDMASS_SCSI, "%d:%d:%jx:XPT_SCSI_IO: "
2255 "I/O in progress, deferring\n",
2256 cam_sim_path(sc->sc_sim), ccb->ccb_h.target_id,
2257 (uintmax_t)ccb->ccb_h.target_lun);
2258 ccb->ccb_h.status = CAM_SCSI_BUSY;
2259 xpt_done(ccb);
2260 goto done;
2261 }
2262 switch (ccb->ccb_h.flags & CAM_DIR_MASK) {
2263 case CAM_DIR_IN:
2264 dir = DIR_IN;
2265 break;
2266 case CAM_DIR_OUT:
2267 dir = DIR_OUT;
2268 DIF(UDMASS_SCSI,
2269 umass_dump_buffer(sc, ccb->csio.data_ptr,
2270 ccb->csio.dxfer_len, 48));
2271 break;
2272 default:
2273 dir = DIR_NONE;
2274 }
2275
2276 ccb->ccb_h.status = CAM_REQ_INPROG | CAM_SIM_QUEUED;
2277
2278 /*
2279 * sc->sc_transform will convert the command to the
2280 * command format needed by the specific command set
2281 * and return the converted command in
2282 * "sc->sc_transfer.cmd_data"
2283 */
2284 if (umass_std_transform(sc, ccb, cmd, ccb->csio.cdb_len)) {
2285
2286 if (sc->sc_transfer.cmd_data[0] == INQUIRY) {
2287 const char *pserial;
2288
2289 pserial = usb_get_serial(sc->sc_udev);
2290
2291 /*
2292 * Umass devices don't generally report their serial numbers
2293 * in the usual SCSI way. Emulate it here.
2294 */
2295 if ((sc->sc_transfer.cmd_data[1] & SI_EVPD) &&
2296 (sc->sc_transfer.cmd_data[2] == SVPD_UNIT_SERIAL_NUMBER) &&
2297 (pserial[0] != '\0')) {
2298 struct scsi_vpd_unit_serial_number *vpd_serial;
2299
2300 vpd_serial = (struct scsi_vpd_unit_serial_number *)ccb->csio.data_ptr;
2301 vpd_serial->length = strlen(pserial);
2302 if (vpd_serial->length > sizeof(vpd_serial->serial_num))
2303 vpd_serial->length = sizeof(vpd_serial->serial_num);
2304 memcpy(vpd_serial->serial_num, pserial, vpd_serial->length);
2305 ccb->csio.scsi_status = SCSI_STATUS_OK;
2306 ccb->ccb_h.status = CAM_REQ_CMP;
2307 xpt_done(ccb);
2308 goto done;
2309 }
2310
2311 /*
2312 * Handle EVPD inquiry for broken devices first
2313 * NO_INQUIRY also implies NO_INQUIRY_EVPD
2314 */
2315 if ((sc->sc_quirks & (NO_INQUIRY_EVPD | NO_INQUIRY)) &&
2316 (sc->sc_transfer.cmd_data[1] & SI_EVPD)) {
2317 struct scsi_sense_data *sense;
2318
2319 sense = &ccb->csio.sense_data;
2320 bzero(sense, sizeof(*sense));
2321 sense->error_code = SSD_CURRENT_ERROR;
2322 sense->flags = SSD_KEY_ILLEGAL_REQUEST;
2323 sense->add_sense_code = 0x24;
2324 sense->extra_len = 10;
2325
2326 ccb->csio.scsi_status = SCSI_STATUS_CHECK_COND;
2327 ccb->ccb_h.status =
2328 CAM_SCSI_STATUS_ERROR |
2329 CAM_AUTOSNS_VALID |
2330 CAM_DEV_QFRZN;
2331 xpt_freeze_devq(ccb->ccb_h.path, 1);
2332 xpt_done(ccb);
2333 goto done;
2334 }
2335 /*
2336 * Return fake inquiry data for
2337 * broken devices
2338 */
2339 if (sc->sc_quirks & NO_INQUIRY) {
2340 memcpy(ccb->csio.data_ptr, &fake_inq_data,
2341 sizeof(fake_inq_data));
2342 ccb->csio.scsi_status = SCSI_STATUS_OK;
2343 ccb->ccb_h.status = CAM_REQ_CMP;
2344 xpt_done(ccb);
2345 goto done;
2346 }
2347 if (sc->sc_quirks & FORCE_SHORT_INQUIRY) {
2348 ccb->csio.dxfer_len = SHORT_INQUIRY_LENGTH;
2349 }
2350 } else if (sc->sc_transfer.cmd_data[0] == PREVENT_ALLOW) {
2351 if (sc->sc_quirks & NO_PREVENT_ALLOW) {
2352 ccb->csio.scsi_status = SCSI_STATUS_OK;
2353 ccb->ccb_h.status = CAM_REQ_CMP;
2354 xpt_done(ccb);
2355 goto done;
2356 }
2357 } else if (sc->sc_transfer.cmd_data[0] == SYNCHRONIZE_CACHE) {
2358 if (sc->sc_quirks & NO_SYNCHRONIZE_CACHE) {
2359 ccb->csio.scsi_status = SCSI_STATUS_OK;
2360 ccb->ccb_h.status = CAM_REQ_CMP;
2361 xpt_done(ccb);
2362 goto done;
2363 }
2364 }
2365 umass_command_start(sc, dir, ccb->csio.data_ptr,
2366 ccb->csio.dxfer_len,
2367 ccb->ccb_h.timeout,
2368 &umass_cam_cb, ccb);
2369 }
2370 break;
2371 }
2372 case XPT_PATH_INQ:
2373 {
2374 struct ccb_pathinq *cpi = &ccb->cpi;
2375
2376 DPRINTF(sc, UDMASS_SCSI, "%d:%d:%jx:XPT_PATH_INQ:.\n",
2377 sc ? cam_sim_path(sc->sc_sim) : -1, ccb->ccb_h.target_id,
2378 (uintmax_t)ccb->ccb_h.target_lun);
2379
2380 /* host specific information */
2381 cpi->version_num = 1;
2382 cpi->hba_inquiry = 0;
2383 cpi->target_sprt = 0;
2384 cpi->hba_misc = PIM_NO_6_BYTE;
2385 cpi->hba_eng_cnt = 0;
2386 cpi->max_target = UMASS_SCSIID_MAX; /* one target */
2387 cpi->initiator_id = UMASS_SCSIID_HOST;
2388 strlcpy(cpi->sim_vid, "FreeBSD", SIM_IDLEN);
2389 strlcpy(cpi->hba_vid, "USB SCSI", HBA_IDLEN);
2390 strlcpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN);
2391 cpi->unit_number = cam_sim_unit(sim);
2392 cpi->bus_id = sc->sc_unit;
2393 cpi->protocol = PROTO_SCSI;
2394 cpi->protocol_version = SCSI_REV_2;
2395 cpi->transport = XPORT_USB;
2396 cpi->transport_version = 0;
2397
2398 if (sc == NULL) {
2399 cpi->base_transfer_speed = 0;
2400 cpi->max_lun = 0;
2401 } else {
2402 if (sc->sc_quirks & FLOPPY_SPEED) {
2403 cpi->base_transfer_speed =
2404 UMASS_FLOPPY_TRANSFER_SPEED;
2405 } else {
2406 switch (usbd_get_speed(sc->sc_udev)) {
2407 case USB_SPEED_SUPER:
2408 cpi->base_transfer_speed =
2409 UMASS_SUPER_TRANSFER_SPEED;
2410 #if 0 /* XXX */
2411 cpi->maxio = MAXPHYS;
2412 #endif
2413 break;
2414 case USB_SPEED_HIGH:
2415 cpi->base_transfer_speed =
2416 UMASS_HIGH_TRANSFER_SPEED;
2417 break;
2418 default:
2419 cpi->base_transfer_speed =
2420 UMASS_FULL_TRANSFER_SPEED;
2421 break;
2422 }
2423 }
2424 cpi->max_lun = sc->sc_maxlun;
2425 }
2426
2427 cpi->ccb_h.status = CAM_REQ_CMP;
2428 xpt_done(ccb);
2429 break;
2430 }
2431 case XPT_RESET_DEV:
2432 {
2433 DPRINTF(sc, UDMASS_SCSI, "%d:%d:%jx:XPT_RESET_DEV:.\n",
2434 cam_sim_path(sc->sc_sim), ccb->ccb_h.target_id,
2435 (uintmax_t)ccb->ccb_h.target_lun);
2436
2437 umass_reset(sc);
2438
2439 ccb->ccb_h.status = CAM_REQ_CMP;
2440 xpt_done(ccb);
2441 break;
2442 }
2443 case XPT_GET_TRAN_SETTINGS:
2444 {
2445 struct ccb_trans_settings *cts = &ccb->cts;
2446
2447 DPRINTF(sc, UDMASS_SCSI, "%d:%d:%jx:XPT_GET_TRAN_SETTINGS:.\n",
2448 cam_sim_path(sc->sc_sim), ccb->ccb_h.target_id,
2449 (uintmax_t)ccb->ccb_h.target_lun);
2450
2451 cts->protocol = PROTO_SCSI;
2452 cts->protocol_version = SCSI_REV_2;
2453 cts->transport = XPORT_USB;
2454 cts->transport_version = 0;
2455 cts->xport_specific.valid = 0;
2456
2457 ccb->ccb_h.status = CAM_REQ_CMP;
2458 xpt_done(ccb);
2459 break;
2460 }
2461 case XPT_SET_TRAN_SETTINGS:
2462 {
2463 DPRINTF(sc, UDMASS_SCSI, "%d:%d:%jx:XPT_SET_TRAN_SETTINGS:.\n",
2464 cam_sim_path(sc->sc_sim), ccb->ccb_h.target_id,
2465 (uintmax_t)ccb->ccb_h.target_lun);
2466
2467 ccb->ccb_h.status = CAM_FUNC_NOTAVAIL;
2468 xpt_done(ccb);
2469 break;
2470 }
2471 case XPT_CALC_GEOMETRY:
2472 {
2473 cam_calc_geometry(&ccb->ccg, /* extended */ 1);
2474 xpt_done(ccb);
2475 break;
2476 }
2477 case XPT_NOOP:
2478 {
2479 DPRINTF(sc, UDMASS_SCSI, "%d:%d:%jx:XPT_NOOP:.\n",
2480 sc ? cam_sim_path(sc->sc_sim) : -1, ccb->ccb_h.target_id,
2481 (uintmax_t)ccb->ccb_h.target_lun);
2482
2483 ccb->ccb_h.status = CAM_REQ_CMP;
2484 xpt_done(ccb);
2485 break;
2486 }
2487 default:
2488 DPRINTF(sc, UDMASS_SCSI, "%d:%d:%jx:func_code 0x%04x: "
2489 "Not implemented\n",
2490 sc ? cam_sim_path(sc->sc_sim) : -1, ccb->ccb_h.target_id,
2491 (uintmax_t)ccb->ccb_h.target_lun, ccb->ccb_h.func_code);
2492
2493 ccb->ccb_h.status = CAM_FUNC_NOTAVAIL;
2494 xpt_done(ccb);
2495 break;
2496 }
2497
2498 done:
2499 return;
2500 }
2501
2502 static void
umass_cam_poll(struct cam_sim * sim)2503 umass_cam_poll(struct cam_sim *sim)
2504 {
2505 struct umass_softc *sc = (struct umass_softc *)sim->softc;
2506
2507 if (sc == NULL)
2508 return;
2509
2510 DPRINTF(sc, UDMASS_SCSI, "CAM poll\n");
2511
2512 usbd_transfer_poll(sc->sc_xfer, UMASS_T_MAX);
2513 }
2514
2515
2516 /* umass_cam_cb
2517 * finalise a completed CAM command
2518 */
2519
2520 static void
umass_cam_cb(struct umass_softc * sc,union ccb * ccb,uint32_t residue,uint8_t status)2521 umass_cam_cb(struct umass_softc *sc, union ccb *ccb, uint32_t residue,
2522 uint8_t status)
2523 {
2524 ccb->csio.resid = residue;
2525
2526 switch (status) {
2527 case STATUS_CMD_OK:
2528 ccb->ccb_h.status = CAM_REQ_CMP;
2529 if ((sc->sc_quirks & READ_CAPACITY_OFFBY1) &&
2530 (ccb->ccb_h.func_code == XPT_SCSI_IO) &&
2531 (ccb->csio.cdb_io.cdb_bytes[0] == READ_CAPACITY)) {
2532 struct scsi_read_capacity_data *rcap;
2533 uint32_t maxsector;
2534
2535 rcap = (void *)(ccb->csio.data_ptr);
2536 maxsector = scsi_4btoul(rcap->addr) - 1;
2537 scsi_ulto4b(maxsector, rcap->addr);
2538 }
2539 /*
2540 * We have to add SVPD_UNIT_SERIAL_NUMBER to the list
2541 * of pages supported by the device - otherwise, CAM
2542 * will never ask us for the serial number if the
2543 * device cannot handle that by itself.
2544 */
2545 if (ccb->ccb_h.func_code == XPT_SCSI_IO &&
2546 sc->sc_transfer.cmd_data[0] == INQUIRY &&
2547 (sc->sc_transfer.cmd_data[1] & SI_EVPD) &&
2548 sc->sc_transfer.cmd_data[2] == SVPD_SUPPORTED_PAGE_LIST &&
2549 (usb_get_serial(sc->sc_udev)[0] != '\0')) {
2550 struct ccb_scsiio *csio;
2551 struct scsi_vpd_supported_page_list *page_list;
2552
2553 csio = &ccb->csio;
2554 page_list = (struct scsi_vpd_supported_page_list *)csio->data_ptr;
2555 if (page_list->length + 1 < SVPD_SUPPORTED_PAGES_SIZE) {
2556 page_list->list[page_list->length] = SVPD_UNIT_SERIAL_NUMBER;
2557 page_list->length++;
2558 }
2559 }
2560 xpt_done(ccb);
2561 break;
2562
2563 case STATUS_CMD_UNKNOWN:
2564 case STATUS_CMD_FAILED:
2565
2566 /* fetch sense data */
2567
2568 /* the rest of the command was filled in at attach */
2569 sc->cam_scsi_sense.length = ccb->csio.sense_len;
2570
2571 DPRINTF(sc, UDMASS_SCSI, "Fetching %d bytes of "
2572 "sense data\n", ccb->csio.sense_len);
2573
2574 if (umass_std_transform(sc, ccb, &sc->cam_scsi_sense.opcode,
2575 sizeof(sc->cam_scsi_sense))) {
2576
2577 if ((sc->sc_quirks & FORCE_SHORT_INQUIRY) &&
2578 (sc->sc_transfer.cmd_data[0] == INQUIRY)) {
2579 ccb->csio.sense_len = SHORT_INQUIRY_LENGTH;
2580 }
2581 umass_command_start(sc, DIR_IN, &ccb->csio.sense_data.error_code,
2582 ccb->csio.sense_len, ccb->ccb_h.timeout,
2583 &umass_cam_sense_cb, ccb);
2584 }
2585 break;
2586
2587 default:
2588 /*
2589 * The wire protocol failed and will hopefully have
2590 * recovered. We return an error to CAM and let CAM
2591 * retry the command if necessary.
2592 */
2593 xpt_freeze_devq(ccb->ccb_h.path, 1);
2594 ccb->ccb_h.status = CAM_REQ_CMP_ERR | CAM_DEV_QFRZN;
2595 xpt_done(ccb);
2596 break;
2597 }
2598 }
2599
2600 /*
2601 * Finalise a completed autosense operation
2602 */
2603 static void
umass_cam_sense_cb(struct umass_softc * sc,union ccb * ccb,uint32_t residue,uint8_t status)2604 umass_cam_sense_cb(struct umass_softc *sc, union ccb *ccb, uint32_t residue,
2605 uint8_t status)
2606 {
2607 uint8_t *cmd;
2608
2609 switch (status) {
2610 case STATUS_CMD_OK:
2611 case STATUS_CMD_UNKNOWN:
2612 case STATUS_CMD_FAILED: {
2613 int error, key, asc, ascq;
2614 uint8_t sense_len;
2615
2616 ccb->csio.sense_resid = residue;
2617 sense_len = ccb->csio.sense_len - ccb->csio.sense_resid;
2618 scsi_extract_sense(&ccb->csio.sense_data,
2619 &error, &key, &asc, &ascq);
2620 if (ccb->csio.ccb_h.flags & CAM_CDB_POINTER) {
2621 cmd = (uint8_t *)(ccb->csio.cdb_io.cdb_ptr);
2622 } else {
2623 cmd = (uint8_t *)(ccb->csio.cdb_io.cdb_bytes);
2624 }
2625
2626 /*
2627 * Getting sense data always succeeds (apart from wire
2628 * failures):
2629 */
2630 if ((sc->sc_quirks & RS_NO_CLEAR_UA) &&
2631 (cmd[0] == INQUIRY) &&
2632 (key == SSD_KEY_UNIT_ATTENTION)) {
2633 /*
2634 * Ignore unit attention errors in the case where
2635 * the Unit Attention state is not cleared on
2636 * REQUEST SENSE. They will appear again at the next
2637 * command.
2638 */
2639 ccb->ccb_h.status = CAM_REQ_CMP;
2640 } else if (key == SSD_KEY_NO_SENSE) {
2641 /*
2642 * No problem after all (in the case of CBI without
2643 * CCI)
2644 */
2645 ccb->ccb_h.status = CAM_REQ_CMP;
2646 } else if ((sc->sc_quirks & RS_NO_CLEAR_UA) &&
2647 (cmd[0] == READ_CAPACITY) &&
2648 (key == SSD_KEY_UNIT_ATTENTION)) {
2649 /*
2650 * Some devices do not clear the unit attention error
2651 * on request sense. We insert a test unit ready
2652 * command to make sure we clear the unit attention
2653 * condition, then allow the retry to proceed as
2654 * usual.
2655 */
2656
2657 xpt_freeze_devq(ccb->ccb_h.path, 1);
2658 ccb->ccb_h.status = CAM_SCSI_STATUS_ERROR
2659 | CAM_AUTOSNS_VALID | CAM_DEV_QFRZN;
2660 ccb->csio.scsi_status = SCSI_STATUS_CHECK_COND;
2661
2662 #if 0
2663 DELAY(300000);
2664 #endif
2665 DPRINTF(sc, UDMASS_SCSI, "Doing a sneaky"
2666 "TEST_UNIT_READY\n");
2667
2668 /* the rest of the command was filled in at attach */
2669
2670 if ((sc->sc_transform)(sc,
2671 &sc->cam_scsi_test_unit_ready.opcode,
2672 sizeof(sc->cam_scsi_test_unit_ready)) == 1) {
2673 umass_command_start(sc, DIR_NONE, NULL, 0,
2674 ccb->ccb_h.timeout,
2675 &umass_cam_quirk_cb, ccb);
2676 break;
2677 }
2678 } else {
2679 xpt_freeze_devq(ccb->ccb_h.path, 1);
2680 if (key >= 0) {
2681 ccb->ccb_h.status = CAM_SCSI_STATUS_ERROR
2682 | CAM_AUTOSNS_VALID | CAM_DEV_QFRZN;
2683 ccb->csio.scsi_status = SCSI_STATUS_CHECK_COND;
2684 } else
2685 ccb->ccb_h.status = CAM_AUTOSENSE_FAIL
2686 | CAM_DEV_QFRZN;
2687 }
2688 xpt_done(ccb);
2689 break;
2690 }
2691 default:
2692 DPRINTF(sc, UDMASS_SCSI, "Autosense failed, "
2693 "status %d\n", status);
2694 xpt_freeze_devq(ccb->ccb_h.path, 1);
2695 ccb->ccb_h.status = CAM_AUTOSENSE_FAIL | CAM_DEV_QFRZN;
2696 xpt_done(ccb);
2697 }
2698 }
2699
2700 /*
2701 * This completion code just handles the fact that we sent a test-unit-ready
2702 * after having previously failed a READ CAPACITY with CHECK_COND. The CCB
2703 * status for CAM is already set earlier.
2704 */
2705 static void
umass_cam_quirk_cb(struct umass_softc * sc,union ccb * ccb,uint32_t residue,uint8_t status)2706 umass_cam_quirk_cb(struct umass_softc *sc, union ccb *ccb, uint32_t residue,
2707 uint8_t status)
2708 {
2709 DPRINTF(sc, UDMASS_SCSI, "Test unit ready "
2710 "returned status %d\n", status);
2711
2712 xpt_done(ccb);
2713 }
2714
2715 /*
2716 * SCSI specific functions
2717 */
2718
2719 static uint8_t
umass_scsi_transform(struct umass_softc * sc,uint8_t * cmd_ptr,uint8_t cmd_len)2720 umass_scsi_transform(struct umass_softc *sc, uint8_t *cmd_ptr,
2721 uint8_t cmd_len)
2722 {
2723 if ((cmd_len == 0) ||
2724 (cmd_len > sizeof(sc->sc_transfer.cmd_data))) {
2725 DPRINTF(sc, UDMASS_SCSI, "Invalid command "
2726 "length: %d bytes\n", cmd_len);
2727 return (0); /* failure */
2728 }
2729 sc->sc_transfer.cmd_len = cmd_len;
2730
2731 switch (cmd_ptr[0]) {
2732 case TEST_UNIT_READY:
2733 if (sc->sc_quirks & NO_TEST_UNIT_READY) {
2734 DPRINTF(sc, UDMASS_SCSI, "Converted TEST_UNIT_READY "
2735 "to START_UNIT\n");
2736 memset(sc->sc_transfer.cmd_data, 0, cmd_len);
2737 sc->sc_transfer.cmd_data[0] = START_STOP_UNIT;
2738 sc->sc_transfer.cmd_data[4] = SSS_START;
2739 return (1);
2740 }
2741 break;
2742
2743 case INQUIRY:
2744 /*
2745 * some drives wedge when asked for full inquiry
2746 * information.
2747 */
2748 if (sc->sc_quirks & FORCE_SHORT_INQUIRY) {
2749 memcpy(sc->sc_transfer.cmd_data, cmd_ptr, cmd_len);
2750 sc->sc_transfer.cmd_data[4] = SHORT_INQUIRY_LENGTH;
2751 return (1);
2752 }
2753 break;
2754 }
2755
2756 memcpy(sc->sc_transfer.cmd_data, cmd_ptr, cmd_len);
2757 return (1);
2758 }
2759
2760 static uint8_t
umass_rbc_transform(struct umass_softc * sc,uint8_t * cmd_ptr,uint8_t cmd_len)2761 umass_rbc_transform(struct umass_softc *sc, uint8_t *cmd_ptr, uint8_t cmd_len)
2762 {
2763 if ((cmd_len == 0) ||
2764 (cmd_len > sizeof(sc->sc_transfer.cmd_data))) {
2765 DPRINTF(sc, UDMASS_SCSI, "Invalid command "
2766 "length: %d bytes\n", cmd_len);
2767 return (0); /* failure */
2768 }
2769 switch (cmd_ptr[0]) {
2770 /* these commands are defined in RBC: */
2771 case READ_10:
2772 case READ_CAPACITY:
2773 case START_STOP_UNIT:
2774 case SYNCHRONIZE_CACHE:
2775 case WRITE_10:
2776 case 0x2f: /* VERIFY_10 is absent from
2777 * scsi_all.h??? */
2778 case INQUIRY:
2779 case MODE_SELECT_10:
2780 case MODE_SENSE_10:
2781 case TEST_UNIT_READY:
2782 case WRITE_BUFFER:
2783 /*
2784 * The following commands are not listed in my copy of the
2785 * RBC specs. CAM however seems to want those, and at least
2786 * the Sony DSC device appears to support those as well
2787 */
2788 case REQUEST_SENSE:
2789 case PREVENT_ALLOW:
2790
2791 memcpy(sc->sc_transfer.cmd_data, cmd_ptr, cmd_len);
2792
2793 if ((sc->sc_quirks & RBC_PAD_TO_12) && (cmd_len < 12)) {
2794 memset(sc->sc_transfer.cmd_data + cmd_len,
2795 0, 12 - cmd_len);
2796 cmd_len = 12;
2797 }
2798 sc->sc_transfer.cmd_len = cmd_len;
2799 return (1); /* sucess */
2800
2801 /* All other commands are not legal in RBC */
2802 default:
2803 DPRINTF(sc, UDMASS_SCSI, "Unsupported RBC "
2804 "command 0x%02x\n", cmd_ptr[0]);
2805 return (0); /* failure */
2806 }
2807 }
2808
2809 static uint8_t
umass_ufi_transform(struct umass_softc * sc,uint8_t * cmd_ptr,uint8_t cmd_len)2810 umass_ufi_transform(struct umass_softc *sc, uint8_t *cmd_ptr,
2811 uint8_t cmd_len)
2812 {
2813 if ((cmd_len == 0) ||
2814 (cmd_len > sizeof(sc->sc_transfer.cmd_data))) {
2815 DPRINTF(sc, UDMASS_SCSI, "Invalid command "
2816 "length: %d bytes\n", cmd_len);
2817 return (0); /* failure */
2818 }
2819 /* An UFI command is always 12 bytes in length */
2820 sc->sc_transfer.cmd_len = UFI_COMMAND_LENGTH;
2821
2822 /* Zero the command data */
2823 memset(sc->sc_transfer.cmd_data, 0, UFI_COMMAND_LENGTH);
2824
2825 switch (cmd_ptr[0]) {
2826 /*
2827 * Commands of which the format has been verified. They
2828 * should work. Copy the command into the (zeroed out)
2829 * destination buffer.
2830 */
2831 case TEST_UNIT_READY:
2832 if (sc->sc_quirks & NO_TEST_UNIT_READY) {
2833 /*
2834 * Some devices do not support this command. Start
2835 * Stop Unit should give the same results
2836 */
2837 DPRINTF(sc, UDMASS_UFI, "Converted TEST_UNIT_READY "
2838 "to START_UNIT\n");
2839
2840 sc->sc_transfer.cmd_data[0] = START_STOP_UNIT;
2841 sc->sc_transfer.cmd_data[4] = SSS_START;
2842 return (1);
2843 }
2844 break;
2845
2846 case REZERO_UNIT:
2847 case REQUEST_SENSE:
2848 case FORMAT_UNIT:
2849 case INQUIRY:
2850 case START_STOP_UNIT:
2851 case SEND_DIAGNOSTIC:
2852 case PREVENT_ALLOW:
2853 case READ_CAPACITY:
2854 case READ_10:
2855 case WRITE_10:
2856 case POSITION_TO_ELEMENT: /* SEEK_10 */
2857 case WRITE_AND_VERIFY:
2858 case VERIFY:
2859 case MODE_SELECT_10:
2860 case MODE_SENSE_10:
2861 case READ_12:
2862 case WRITE_12:
2863 case READ_FORMAT_CAPACITIES:
2864 break;
2865
2866 /*
2867 * SYNCHRONIZE_CACHE isn't supported by UFI, nor should it be
2868 * required for UFI devices, so it is appropriate to fake
2869 * success.
2870 */
2871 case SYNCHRONIZE_CACHE:
2872 return (2);
2873
2874 default:
2875 DPRINTF(sc, UDMASS_SCSI, "Unsupported UFI "
2876 "command 0x%02x\n", cmd_ptr[0]);
2877 return (0); /* failure */
2878 }
2879
2880 memcpy(sc->sc_transfer.cmd_data, cmd_ptr, cmd_len);
2881 return (1); /* success */
2882 }
2883
2884 /*
2885 * 8070i (ATAPI) specific functions
2886 */
2887 static uint8_t
umass_atapi_transform(struct umass_softc * sc,uint8_t * cmd_ptr,uint8_t cmd_len)2888 umass_atapi_transform(struct umass_softc *sc, uint8_t *cmd_ptr,
2889 uint8_t cmd_len)
2890 {
2891 if ((cmd_len == 0) ||
2892 (cmd_len > sizeof(sc->sc_transfer.cmd_data))) {
2893 DPRINTF(sc, UDMASS_SCSI, "Invalid command "
2894 "length: %d bytes\n", cmd_len);
2895 return (0); /* failure */
2896 }
2897 /* An ATAPI command is always 12 bytes in length. */
2898 sc->sc_transfer.cmd_len = ATAPI_COMMAND_LENGTH;
2899
2900 /* Zero the command data */
2901 memset(sc->sc_transfer.cmd_data, 0, ATAPI_COMMAND_LENGTH);
2902
2903 switch (cmd_ptr[0]) {
2904 /*
2905 * Commands of which the format has been verified. They
2906 * should work. Copy the command into the destination
2907 * buffer.
2908 */
2909 case INQUIRY:
2910 /*
2911 * some drives wedge when asked for full inquiry
2912 * information.
2913 */
2914 if (sc->sc_quirks & FORCE_SHORT_INQUIRY) {
2915 memcpy(sc->sc_transfer.cmd_data, cmd_ptr, cmd_len);
2916
2917 sc->sc_transfer.cmd_data[4] = SHORT_INQUIRY_LENGTH;
2918 return (1);
2919 }
2920 break;
2921
2922 case TEST_UNIT_READY:
2923 if (sc->sc_quirks & NO_TEST_UNIT_READY) {
2924 DPRINTF(sc, UDMASS_SCSI, "Converted TEST_UNIT_READY "
2925 "to START_UNIT\n");
2926 sc->sc_transfer.cmd_data[0] = START_STOP_UNIT;
2927 sc->sc_transfer.cmd_data[4] = SSS_START;
2928 return (1);
2929 }
2930 break;
2931
2932 case REZERO_UNIT:
2933 case REQUEST_SENSE:
2934 case START_STOP_UNIT:
2935 case SEND_DIAGNOSTIC:
2936 case PREVENT_ALLOW:
2937 case READ_CAPACITY:
2938 case READ_10:
2939 case WRITE_10:
2940 case POSITION_TO_ELEMENT: /* SEEK_10 */
2941 case SYNCHRONIZE_CACHE:
2942 case MODE_SELECT_10:
2943 case MODE_SENSE_10:
2944 case READ_BUFFER:
2945 case 0x42: /* READ_SUBCHANNEL */
2946 case 0x43: /* READ_TOC */
2947 case 0x44: /* READ_HEADER */
2948 case 0x47: /* PLAY_MSF (Play Minute/Second/Frame) */
2949 case 0x48: /* PLAY_TRACK */
2950 case 0x49: /* PLAY_TRACK_REL */
2951 case 0x4b: /* PAUSE */
2952 case 0x51: /* READ_DISK_INFO */
2953 case 0x52: /* READ_TRACK_INFO */
2954 case 0x54: /* SEND_OPC */
2955 case 0x59: /* READ_MASTER_CUE */
2956 case 0x5b: /* CLOSE_TR_SESSION */
2957 case 0x5c: /* READ_BUFFER_CAP */
2958 case 0x5d: /* SEND_CUE_SHEET */
2959 case 0xa1: /* BLANK */
2960 case 0xa5: /* PLAY_12 */
2961 case 0xa6: /* EXCHANGE_MEDIUM */
2962 case 0xad: /* READ_DVD_STRUCTURE */
2963 case 0xbb: /* SET_CD_SPEED */
2964 case 0xe5: /* READ_TRACK_INFO_PHILIPS */
2965 break;
2966
2967 case READ_12:
2968 case WRITE_12:
2969 default:
2970 DPRINTF(sc, UDMASS_SCSI, "Unsupported ATAPI "
2971 "command 0x%02x - trying anyway\n",
2972 cmd_ptr[0]);
2973 break;
2974 }
2975
2976 memcpy(sc->sc_transfer.cmd_data, cmd_ptr, cmd_len);
2977 return (1); /* success */
2978 }
2979
2980 static uint8_t
umass_no_transform(struct umass_softc * sc,uint8_t * cmd,uint8_t cmdlen)2981 umass_no_transform(struct umass_softc *sc, uint8_t *cmd,
2982 uint8_t cmdlen)
2983 {
2984 return (0); /* failure */
2985 }
2986
2987 static uint8_t
umass_std_transform(struct umass_softc * sc,union ccb * ccb,uint8_t * cmd,uint8_t cmdlen)2988 umass_std_transform(struct umass_softc *sc, union ccb *ccb,
2989 uint8_t *cmd, uint8_t cmdlen)
2990 {
2991 uint8_t retval;
2992
2993 retval = (sc->sc_transform) (sc, cmd, cmdlen);
2994
2995 if (retval == 2) {
2996 ccb->ccb_h.status = CAM_REQ_CMP;
2997 xpt_done(ccb);
2998 return (0);
2999 } else if (retval == 0) {
3000 xpt_freeze_devq(ccb->ccb_h.path, 1);
3001 ccb->ccb_h.status = CAM_REQ_INVALID | CAM_DEV_QFRZN;
3002 xpt_done(ccb);
3003 return (0);
3004 }
3005 /* Command should be executed */
3006 return (1);
3007 }
3008
3009 #ifdef USB_DEBUG
3010 static void
umass_bbb_dump_cbw(struct umass_softc * sc,umass_bbb_cbw_t * cbw)3011 umass_bbb_dump_cbw(struct umass_softc *sc, umass_bbb_cbw_t *cbw)
3012 {
3013 uint8_t *c = cbw->CBWCDB;
3014
3015 uint32_t dlen = UGETDW(cbw->dCBWDataTransferLength);
3016 uint32_t tag = UGETDW(cbw->dCBWTag);
3017
3018 uint8_t clen = cbw->bCDBLength;
3019 uint8_t flags = cbw->bCBWFlags;
3020 uint8_t lun = cbw->bCBWLUN;
3021
3022 DPRINTF(sc, UDMASS_BBB, "CBW %d: cmd = %db "
3023 "(0x%02x%02x%02x%02x%02x%02x%s), "
3024 "data = %db, lun = %d, dir = %s\n",
3025 tag, clen,
3026 c[0], c[1], c[2], c[3], c[4], c[5], (clen > 6 ? "..." : ""),
3027 dlen, lun, (flags == CBWFLAGS_IN ? "in" :
3028 (flags == CBWFLAGS_OUT ? "out" : "<invalid>")));
3029 }
3030
3031 static void
umass_bbb_dump_csw(struct umass_softc * sc,umass_bbb_csw_t * csw)3032 umass_bbb_dump_csw(struct umass_softc *sc, umass_bbb_csw_t *csw)
3033 {
3034 uint32_t sig = UGETDW(csw->dCSWSignature);
3035 uint32_t tag = UGETDW(csw->dCSWTag);
3036 uint32_t res = UGETDW(csw->dCSWDataResidue);
3037 uint8_t status = csw->bCSWStatus;
3038
3039 DPRINTF(sc, UDMASS_BBB, "CSW %d: sig = 0x%08x (%s), tag = 0x%08x, "
3040 "res = %d, status = 0x%02x (%s)\n",
3041 tag, sig, (sig == CSWSIGNATURE ? "valid" : "invalid"),
3042 tag, res,
3043 status, (status == CSWSTATUS_GOOD ? "good" :
3044 (status == CSWSTATUS_FAILED ? "failed" :
3045 (status == CSWSTATUS_PHASE ? "phase" : "<invalid>"))));
3046 }
3047
3048 static void
umass_cbi_dump_cmd(struct umass_softc * sc,void * cmd,uint8_t cmdlen)3049 umass_cbi_dump_cmd(struct umass_softc *sc, void *cmd, uint8_t cmdlen)
3050 {
3051 uint8_t *c = cmd;
3052 uint8_t dir = sc->sc_transfer.dir;
3053
3054 DPRINTF(sc, UDMASS_BBB, "cmd = %db "
3055 "(0x%02x%02x%02x%02x%02x%02x%s), "
3056 "data = %db, dir = %s\n",
3057 cmdlen,
3058 c[0], c[1], c[2], c[3], c[4], c[5], (cmdlen > 6 ? "..." : ""),
3059 sc->sc_transfer.data_len,
3060 (dir == DIR_IN ? "in" :
3061 (dir == DIR_OUT ? "out" :
3062 (dir == DIR_NONE ? "no data phase" : "<invalid>"))));
3063 }
3064
3065 static void
umass_dump_buffer(struct umass_softc * sc,uint8_t * buffer,uint32_t buflen,uint32_t printlen)3066 umass_dump_buffer(struct umass_softc *sc, uint8_t *buffer, uint32_t buflen,
3067 uint32_t printlen)
3068 {
3069 uint32_t i, j;
3070 char s1[40];
3071 char s2[40];
3072 char s3[5];
3073
3074 s1[0] = '\0';
3075 s3[0] = '\0';
3076
3077 ksprintf(s2, " buffer=%p, buflen=%d", buffer, buflen);
3078 for (i = 0; (i < buflen) && (i < printlen); i++) {
3079 j = i % 16;
3080 if (j == 0 && i != 0) {
3081 DPRINTF(sc, UDMASS_GEN, "0x %s%s\n",
3082 s1, s2);
3083 s2[0] = '\0';
3084 }
3085 ksprintf(&s1[j * 2], "%02x", buffer[i] & 0xff);
3086 }
3087 if (buflen > printlen)
3088 ksprintf(s3, " ...");
3089 DPRINTF(sc, UDMASS_GEN, "0x %s%s%s\n",
3090 s1, s2, s3);
3091 }
3092
3093 #endif
3094