1 /* $FreeBSD$ */ 2 /*- 3 * SPDX-License-Identifier: BSD-3-Clause 4 * 5 * Copyright (C) 2003-2005 Alan Stern 6 * Copyright (C) 2008 Hans Petter Selasky 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions, and the following disclaimer, 14 * without modification. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. The names of the above-listed copyright holders may not be used 19 * to endorse or promote products derived from this software without 20 * specific prior written permission. 21 * 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS 24 * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, 25 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 26 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR 27 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 28 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 29 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 */ 35 36 /* 37 * NOTE: Much of the SCSI statemachine handling code derives from the 38 * Linux USB gadget stack. 39 */ 40 41 #ifdef USB_GLOBAL_INCLUDE_FILE 42 #include USB_GLOBAL_INCLUDE_FILE 43 #else 44 #include <sys/stdint.h> 45 #include <sys/stddef.h> 46 #include <sys/param.h> 47 #include <sys/queue.h> 48 #include <sys/types.h> 49 #include <sys/systm.h> 50 #include <sys/kernel.h> 51 #include <sys/bus.h> 52 #include <sys/module.h> 53 #include <sys/lock.h> 54 #include <sys/mutex.h> 55 #include <sys/condvar.h> 56 #include <sys/sysctl.h> 57 #include <sys/sx.h> 58 #include <sys/unistd.h> 59 #include <sys/callout.h> 60 #include <sys/malloc.h> 61 #include <sys/priv.h> 62 63 #include <dev/usb/usb.h> 64 #include <dev/usb/usbdi.h> 65 #include "usbdevs.h" 66 #include "usb_if.h" 67 68 #define USB_DEBUG_VAR ustorage_fs_debug 69 #include <dev/usb/usb_debug.h> 70 #endif /* USB_GLOBAL_INCLUDE_FILE */ 71 72 #ifdef USB_DEBUG 73 static int ustorage_fs_debug = 0; 74 75 SYSCTL_NODE(_hw_usb, OID_AUTO, ustorage_fs, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 76 "USB ustorage_fs"); 77 SYSCTL_INT(_hw_usb_ustorage_fs, OID_AUTO, debug, CTLFLAG_RWTUN, 78 &ustorage_fs_debug, 0, "ustorage_fs debug level"); 79 #endif 80 81 /* Define some limits */ 82 83 #ifndef USTORAGE_FS_BULK_SIZE 84 #define USTORAGE_FS_BULK_SIZE (1U << 17) /* bytes */ 85 #endif 86 87 #ifndef USTORAGE_FS_MAX_LUN 88 #define USTORAGE_FS_MAX_LUN 8 /* units */ 89 #endif 90 91 #ifndef USTORAGE_QDATA_MAX 92 #define USTORAGE_QDATA_MAX 40 /* bytes */ 93 #endif 94 95 /* 96 * The SCSI ID string must be exactly 28 characters long 97 * exluding the terminating zero. 98 */ 99 #ifndef USTORAGE_FS_ID_STRING 100 #define USTORAGE_FS_ID_STRING \ 101 "FreeBSD " /* 8 */ \ 102 "File-Stor Gadget" /* 16 */ \ 103 "0101" /* 4 */ 104 #endif 105 106 /* 107 * The following macro defines the number of 108 * sectors to be allocated for the RAM disk: 109 */ 110 #ifndef USTORAGE_FS_RAM_SECT 111 #define USTORAGE_FS_RAM_SECT (1UL << 13) 112 #endif 113 114 static uint8_t *ustorage_fs_ramdisk; 115 116 /* USB transfer definitions */ 117 118 #define USTORAGE_FS_T_BBB_COMMAND 0 119 #define USTORAGE_FS_T_BBB_DATA_DUMP 1 120 #define USTORAGE_FS_T_BBB_DATA_READ 2 121 #define USTORAGE_FS_T_BBB_DATA_WRITE 3 122 #define USTORAGE_FS_T_BBB_STATUS 4 123 #define USTORAGE_FS_T_BBB_MAX 5 124 125 /* USB data stage direction */ 126 127 #define DIR_NONE 0 128 #define DIR_READ 1 129 #define DIR_WRITE 2 130 131 /* USB interface specific control request */ 132 133 #define UR_BBB_RESET 0xff /* Bulk-Only reset */ 134 #define UR_BBB_GET_MAX_LUN 0xfe /* Get maximum lun */ 135 136 /* Command Block Wrapper */ 137 typedef struct { 138 uDWord dCBWSignature; 139 #define CBWSIGNATURE 0x43425355 140 uDWord dCBWTag; 141 uDWord dCBWDataTransferLength; 142 uByte bCBWFlags; 143 #define CBWFLAGS_OUT 0x00 144 #define CBWFLAGS_IN 0x80 145 uByte bCBWLUN; 146 uByte bCDBLength; 147 #define CBWCDBLENGTH 16 148 uByte CBWCDB[CBWCDBLENGTH]; 149 } __packed ustorage_fs_bbb_cbw_t; 150 151 #define USTORAGE_FS_BBB_CBW_SIZE 31 152 153 /* Command Status Wrapper */ 154 typedef struct { 155 uDWord dCSWSignature; 156 #define CSWSIGNATURE 0x53425355 157 uDWord dCSWTag; 158 uDWord dCSWDataResidue; 159 uByte bCSWStatus; 160 #define CSWSTATUS_GOOD 0x0 161 #define CSWSTATUS_FAILED 0x1 162 #define CSWSTATUS_PHASE 0x2 163 } __packed ustorage_fs_bbb_csw_t; 164 165 #define USTORAGE_FS_BBB_CSW_SIZE 13 166 167 struct ustorage_fs_lun { 168 169 uint8_t *memory_image; 170 171 uint32_t num_sectors; 172 uint32_t sense_data; 173 uint32_t sense_data_info; 174 uint32_t unit_attention_data; 175 176 uint8_t read_only:1; 177 uint8_t prevent_medium_removal:1; 178 uint8_t info_valid:1; 179 uint8_t removable:1; 180 }; 181 182 struct ustorage_fs_softc { 183 184 ustorage_fs_bbb_cbw_t *sc_cbw; /* Command Wrapper Block */ 185 ustorage_fs_bbb_csw_t *sc_csw; /* Command Status Block */ 186 void *sc_dma_ptr; /* Main data buffer */ 187 188 struct mtx sc_mtx; 189 190 struct ustorage_fs_lun sc_lun[USTORAGE_FS_MAX_LUN]; 191 192 struct { 193 uint8_t *data_ptr; 194 struct ustorage_fs_lun *currlun; 195 196 uint32_t data_rem; /* bytes, as reported by the command 197 * block wrapper */ 198 uint32_t offset; /* bytes */ 199 200 uint8_t cbw_dir; 201 uint8_t cmd_dir; 202 uint8_t lun; 203 uint8_t cmd_len; 204 uint8_t data_short:1; 205 uint8_t data_error:1; 206 } sc_transfer; 207 208 device_t sc_dev; 209 struct usb_device *sc_udev; 210 struct usb_xfer *sc_xfer[USTORAGE_FS_T_BBB_MAX]; 211 212 uint8_t sc_iface_no; /* interface number */ 213 uint8_t sc_last_lun; 214 uint8_t sc_last_xfer_index; 215 uint8_t sc_qdata[USTORAGE_QDATA_MAX]; 216 }; 217 218 /* prototypes */ 219 220 static device_probe_t ustorage_fs_probe; 221 static device_attach_t ustorage_fs_attach; 222 static device_detach_t ustorage_fs_detach; 223 static device_suspend_t ustorage_fs_suspend; 224 static device_resume_t ustorage_fs_resume; 225 static usb_handle_request_t ustorage_fs_handle_request; 226 227 static usb_callback_t ustorage_fs_t_bbb_command_callback; 228 static usb_callback_t ustorage_fs_t_bbb_data_dump_callback; 229 static usb_callback_t ustorage_fs_t_bbb_data_read_callback; 230 static usb_callback_t ustorage_fs_t_bbb_data_write_callback; 231 static usb_callback_t ustorage_fs_t_bbb_status_callback; 232 233 static void ustorage_fs_transfer_start(struct ustorage_fs_softc *sc, uint8_t xfer_index); 234 static void ustorage_fs_transfer_stop(struct ustorage_fs_softc *sc); 235 236 static uint8_t ustorage_fs_verify(struct ustorage_fs_softc *sc); 237 static uint8_t ustorage_fs_inquiry(struct ustorage_fs_softc *sc); 238 static uint8_t ustorage_fs_request_sense(struct ustorage_fs_softc *sc); 239 static uint8_t ustorage_fs_read_capacity(struct ustorage_fs_softc *sc); 240 static uint8_t ustorage_fs_mode_sense(struct ustorage_fs_softc *sc); 241 static uint8_t ustorage_fs_start_stop(struct ustorage_fs_softc *sc); 242 static uint8_t ustorage_fs_prevent_allow(struct ustorage_fs_softc *sc); 243 static uint8_t ustorage_fs_read_format_capacities(struct ustorage_fs_softc *sc); 244 static uint8_t ustorage_fs_mode_select(struct ustorage_fs_softc *sc); 245 static uint8_t ustorage_fs_min_len(struct ustorage_fs_softc *sc, uint32_t len, uint32_t mask); 246 static uint8_t ustorage_fs_read(struct ustorage_fs_softc *sc); 247 static uint8_t ustorage_fs_write(struct ustorage_fs_softc *sc); 248 static uint8_t ustorage_fs_check_cmd(struct ustorage_fs_softc *sc, uint8_t cmd_size, uint16_t mask, uint8_t needs_medium); 249 static uint8_t ustorage_fs_do_cmd(struct ustorage_fs_softc *sc); 250 251 static device_method_t ustorage_fs_methods[] = { 252 /* USB interface */ 253 DEVMETHOD(usb_handle_request, ustorage_fs_handle_request), 254 255 /* Device interface */ 256 DEVMETHOD(device_probe, ustorage_fs_probe), 257 DEVMETHOD(device_attach, ustorage_fs_attach), 258 DEVMETHOD(device_detach, ustorage_fs_detach), 259 DEVMETHOD(device_suspend, ustorage_fs_suspend), 260 DEVMETHOD(device_resume, ustorage_fs_resume), 261 262 DEVMETHOD_END 263 }; 264 265 static driver_t ustorage_fs_driver = { 266 .name = "ustorage_fs", 267 .methods = ustorage_fs_methods, 268 .size = sizeof(struct ustorage_fs_softc), 269 }; 270 271 static devclass_t ustorage_fs_devclass; 272 273 DRIVER_MODULE(ustorage_fs, uhub, ustorage_fs_driver, ustorage_fs_devclass, NULL, 0); 274 MODULE_VERSION(ustorage_fs, 0); 275 MODULE_DEPEND(ustorage_fs, usb, 1, 1, 1); 276 277 static struct usb_config ustorage_fs_bbb_config[USTORAGE_FS_T_BBB_MAX] = { 278 279 [USTORAGE_FS_T_BBB_COMMAND] = { 280 .type = UE_BULK, 281 .endpoint = UE_ADDR_ANY, 282 .direction = UE_DIR_OUT, 283 .bufsize = sizeof(ustorage_fs_bbb_cbw_t), 284 .callback = &ustorage_fs_t_bbb_command_callback, 285 .usb_mode = USB_MODE_DEVICE, 286 }, 287 288 [USTORAGE_FS_T_BBB_DATA_DUMP] = { 289 .type = UE_BULK, 290 .endpoint = UE_ADDR_ANY, 291 .direction = UE_DIR_OUT, 292 .bufsize = 0, /* use wMaxPacketSize */ 293 .flags = {.proxy_buffer = 1,.short_xfer_ok = 1,}, 294 .callback = &ustorage_fs_t_bbb_data_dump_callback, 295 .usb_mode = USB_MODE_DEVICE, 296 }, 297 298 [USTORAGE_FS_T_BBB_DATA_READ] = { 299 .type = UE_BULK, 300 .endpoint = UE_ADDR_ANY, 301 .direction = UE_DIR_OUT, 302 .bufsize = USTORAGE_FS_BULK_SIZE, 303 .flags = {.proxy_buffer = 1,.short_xfer_ok = 1}, 304 .callback = &ustorage_fs_t_bbb_data_read_callback, 305 .usb_mode = USB_MODE_DEVICE, 306 }, 307 308 [USTORAGE_FS_T_BBB_DATA_WRITE] = { 309 .type = UE_BULK, 310 .endpoint = UE_ADDR_ANY, 311 .direction = UE_DIR_IN, 312 .bufsize = USTORAGE_FS_BULK_SIZE, 313 .flags = {.proxy_buffer = 1,.short_xfer_ok = 1,.ext_buffer = 1}, 314 .callback = &ustorage_fs_t_bbb_data_write_callback, 315 .usb_mode = USB_MODE_DEVICE, 316 }, 317 318 [USTORAGE_FS_T_BBB_STATUS] = { 319 .type = UE_BULK, 320 .endpoint = UE_ADDR_ANY, 321 .direction = UE_DIR_IN, 322 .bufsize = sizeof(ustorage_fs_bbb_csw_t), 323 .flags = {.short_xfer_ok = 1}, 324 .callback = &ustorage_fs_t_bbb_status_callback, 325 .usb_mode = USB_MODE_DEVICE, 326 }, 327 }; 328 329 /* 330 * USB device probe/attach/detach 331 */ 332 333 static int 334 ustorage_fs_probe(device_t dev) 335 { 336 struct usb_attach_arg *uaa = device_get_ivars(dev); 337 struct usb_interface_descriptor *id; 338 339 if (uaa->usb_mode != USB_MODE_DEVICE) { 340 return (ENXIO); 341 } 342 /* Check for a standards compliant device */ 343 id = usbd_get_interface_descriptor(uaa->iface); 344 if ((id == NULL) || 345 (id->bInterfaceClass != UICLASS_MASS) || 346 (id->bInterfaceSubClass != UISUBCLASS_SCSI) || 347 (id->bInterfaceProtocol != UIPROTO_MASS_BBB)) { 348 return (ENXIO); 349 } 350 return (BUS_PROBE_GENERIC); 351 } 352 353 static int 354 ustorage_fs_attach(device_t dev) 355 { 356 struct ustorage_fs_softc *sc = device_get_softc(dev); 357 struct usb_attach_arg *uaa = device_get_ivars(dev); 358 struct usb_interface_descriptor *id; 359 int err; 360 int unit; 361 362 /* 363 * NOTE: the softc struct is cleared in device_set_driver. 364 * We can safely call ustorage_fs_detach without specifically 365 * initializing the struct. 366 */ 367 368 sc->sc_dev = dev; 369 sc->sc_udev = uaa->device; 370 unit = device_get_unit(dev); 371 372 /* enable power saving mode */ 373 usbd_set_power_mode(uaa->device, USB_POWER_MODE_SAVE); 374 375 if (unit == 0) { 376 if (ustorage_fs_ramdisk == NULL) { 377 /* 378 * allocate a memory image for our ramdisk until 379 * further 380 */ 381 ustorage_fs_ramdisk = 382 malloc(USTORAGE_FS_RAM_SECT << 9, M_USB, 383 M_ZERO | M_WAITOK); 384 385 if (ustorage_fs_ramdisk == NULL) { 386 return (ENOMEM); 387 } 388 } 389 sc->sc_lun[0].memory_image = ustorage_fs_ramdisk; 390 sc->sc_lun[0].num_sectors = USTORAGE_FS_RAM_SECT; 391 sc->sc_lun[0].removable = 1; 392 } 393 394 device_set_usb_desc(dev); 395 396 mtx_init(&sc->sc_mtx, "USTORAGE_FS lock", 397 NULL, (MTX_DEF | MTX_RECURSE)); 398 399 /* get interface index */ 400 401 id = usbd_get_interface_descriptor(uaa->iface); 402 if (id == NULL) { 403 device_printf(dev, "failed to get " 404 "interface number\n"); 405 goto detach; 406 } 407 sc->sc_iface_no = id->bInterfaceNumber; 408 409 err = usbd_transfer_setup(uaa->device, 410 &uaa->info.bIfaceIndex, sc->sc_xfer, ustorage_fs_bbb_config, 411 USTORAGE_FS_T_BBB_MAX, sc, &sc->sc_mtx); 412 if (err) { 413 device_printf(dev, "could not setup required " 414 "transfers, %s\n", usbd_errstr(err)); 415 goto detach; 416 } 417 418 sc->sc_cbw = usbd_xfer_get_frame_buffer(sc->sc_xfer[ 419 USTORAGE_FS_T_BBB_COMMAND], 0); 420 sc->sc_csw = usbd_xfer_get_frame_buffer(sc->sc_xfer[ 421 USTORAGE_FS_T_BBB_STATUS], 0); 422 sc->sc_dma_ptr = usbd_xfer_get_frame_buffer(sc->sc_xfer[ 423 USTORAGE_FS_T_BBB_DATA_READ], 0); 424 425 /* start Mass Storage State Machine */ 426 427 mtx_lock(&sc->sc_mtx); 428 ustorage_fs_transfer_start(sc, USTORAGE_FS_T_BBB_COMMAND); 429 mtx_unlock(&sc->sc_mtx); 430 431 return (0); /* success */ 432 433 detach: 434 ustorage_fs_detach(dev); 435 return (ENXIO); /* failure */ 436 } 437 438 static int 439 ustorage_fs_detach(device_t dev) 440 { 441 struct ustorage_fs_softc *sc = device_get_softc(dev); 442 443 /* teardown our statemachine */ 444 445 usbd_transfer_unsetup(sc->sc_xfer, USTORAGE_FS_T_BBB_MAX); 446 447 mtx_destroy(&sc->sc_mtx); 448 449 return (0); /* success */ 450 } 451 452 static int 453 ustorage_fs_suspend(device_t dev) 454 { 455 device_printf(dev, "suspending\n"); 456 return (0); /* success */ 457 } 458 459 static int 460 ustorage_fs_resume(device_t dev) 461 { 462 device_printf(dev, "resuming\n"); 463 return (0); /* success */ 464 } 465 466 /* 467 * Generic functions to handle transfers 468 */ 469 470 static void 471 ustorage_fs_transfer_start(struct ustorage_fs_softc *sc, uint8_t xfer_index) 472 { 473 if (sc->sc_xfer[xfer_index]) { 474 sc->sc_last_xfer_index = xfer_index; 475 usbd_transfer_start(sc->sc_xfer[xfer_index]); 476 } 477 } 478 479 static void 480 ustorage_fs_transfer_stop(struct ustorage_fs_softc *sc) 481 { 482 usbd_transfer_stop(sc->sc_xfer[sc->sc_last_xfer_index]); 483 mtx_unlock(&sc->sc_mtx); 484 usbd_transfer_drain(sc->sc_xfer[sc->sc_last_xfer_index]); 485 mtx_lock(&sc->sc_mtx); 486 } 487 488 static int 489 ustorage_fs_handle_request(device_t dev, 490 const void *preq, void **pptr, uint16_t *plen, 491 uint16_t offset, uint8_t *pstate) 492 { 493 struct ustorage_fs_softc *sc = device_get_softc(dev); 494 const struct usb_device_request *req = preq; 495 uint8_t is_complete = *pstate; 496 497 if (!is_complete) { 498 if ((req->bmRequestType == UT_WRITE_CLASS_INTERFACE) && 499 (req->bRequest == UR_BBB_RESET)) { 500 *plen = 0; 501 mtx_lock(&sc->sc_mtx); 502 ustorage_fs_transfer_stop(sc); 503 sc->sc_transfer.data_error = 1; 504 ustorage_fs_transfer_start(sc, 505 USTORAGE_FS_T_BBB_COMMAND); 506 mtx_unlock(&sc->sc_mtx); 507 return (0); 508 } else if ((req->bmRequestType == UT_READ_CLASS_INTERFACE) && 509 (req->bRequest == UR_BBB_GET_MAX_LUN)) { 510 if (offset == 0) { 511 *plen = 1; 512 *pptr = &sc->sc_last_lun; 513 } else { 514 *plen = 0; 515 } 516 return (0); 517 } 518 } 519 return (ENXIO); /* use builtin handler */ 520 } 521 522 static void 523 ustorage_fs_t_bbb_command_callback(struct usb_xfer *xfer, usb_error_t error) 524 { 525 struct ustorage_fs_softc *sc = usbd_xfer_softc(xfer); 526 uint32_t tag; 527 uint8_t err = 0; 528 529 DPRINTF("\n"); 530 531 switch (USB_GET_STATE(xfer)) { 532 case USB_ST_TRANSFERRED: 533 534 tag = UGETDW(sc->sc_cbw->dCBWSignature); 535 536 if (tag != CBWSIGNATURE) { 537 /* do nothing */ 538 DPRINTF("invalid signature 0x%08x\n", tag); 539 break; 540 } 541 tag = UGETDW(sc->sc_cbw->dCBWTag); 542 543 /* echo back tag */ 544 USETDW(sc->sc_csw->dCSWTag, tag); 545 546 /* reset status */ 547 sc->sc_csw->bCSWStatus = 0; 548 549 /* reset data offset, data length and data remainder */ 550 sc->sc_transfer.offset = 0; 551 sc->sc_transfer.data_rem = 552 UGETDW(sc->sc_cbw->dCBWDataTransferLength); 553 554 /* reset data flags */ 555 sc->sc_transfer.data_short = 0; 556 557 /* extract LUN */ 558 sc->sc_transfer.lun = sc->sc_cbw->bCBWLUN; 559 560 if (sc->sc_transfer.data_rem == 0) { 561 sc->sc_transfer.cbw_dir = DIR_NONE; 562 } else { 563 if (sc->sc_cbw->bCBWFlags & CBWFLAGS_IN) { 564 sc->sc_transfer.cbw_dir = DIR_WRITE; 565 } else { 566 sc->sc_transfer.cbw_dir = DIR_READ; 567 } 568 } 569 570 sc->sc_transfer.cmd_len = sc->sc_cbw->bCDBLength; 571 if ((sc->sc_transfer.cmd_len > sizeof(sc->sc_cbw->CBWCDB)) || 572 (sc->sc_transfer.cmd_len == 0)) { 573 /* just halt - this is invalid */ 574 DPRINTF("invalid command length %d bytes\n", 575 sc->sc_transfer.cmd_len); 576 break; 577 } 578 579 err = ustorage_fs_do_cmd(sc); 580 if (err) { 581 /* got an error */ 582 DPRINTF("command failed\n"); 583 break; 584 } 585 if ((sc->sc_transfer.data_rem > 0) && 586 (sc->sc_transfer.cbw_dir != sc->sc_transfer.cmd_dir)) { 587 /* contradicting data transfer direction */ 588 err = 1; 589 DPRINTF("data direction mismatch\n"); 590 break; 591 } 592 switch (sc->sc_transfer.cbw_dir) { 593 case DIR_READ: 594 ustorage_fs_transfer_start(sc, USTORAGE_FS_T_BBB_DATA_READ); 595 break; 596 case DIR_WRITE: 597 ustorage_fs_transfer_start(sc, USTORAGE_FS_T_BBB_DATA_WRITE); 598 break; 599 default: 600 ustorage_fs_transfer_start(sc, 601 USTORAGE_FS_T_BBB_STATUS); 602 break; 603 } 604 break; 605 606 case USB_ST_SETUP: 607 tr_setup: 608 if (sc->sc_transfer.data_error) { 609 sc->sc_transfer.data_error = 0; 610 usbd_xfer_set_stall(xfer); 611 DPRINTF("stall pipe\n"); 612 } 613 usbd_xfer_set_frame_len(xfer, 0, 614 sizeof(ustorage_fs_bbb_cbw_t)); 615 usbd_transfer_submit(xfer); 616 break; 617 618 default: /* Error */ 619 DPRINTF("error\n"); 620 if (error == USB_ERR_CANCELLED) { 621 break; 622 } 623 /* If the pipe is already stalled, don't do another stall */ 624 if (!usbd_xfer_is_stalled(xfer)) 625 sc->sc_transfer.data_error = 1; 626 627 /* try again */ 628 goto tr_setup; 629 } 630 if (err) { 631 if (sc->sc_csw->bCSWStatus == 0) { 632 /* set some default error code */ 633 sc->sc_csw->bCSWStatus = CSWSTATUS_FAILED; 634 } 635 if (sc->sc_transfer.cbw_dir == DIR_READ) { 636 /* dump all data */ 637 ustorage_fs_transfer_start(sc, 638 USTORAGE_FS_T_BBB_DATA_DUMP); 639 return; 640 } 641 if (sc->sc_transfer.cbw_dir == DIR_WRITE) { 642 /* need to stall before status */ 643 sc->sc_transfer.data_error = 1; 644 } 645 ustorage_fs_transfer_start(sc, USTORAGE_FS_T_BBB_STATUS); 646 } 647 } 648 649 static void 650 ustorage_fs_t_bbb_data_dump_callback(struct usb_xfer *xfer, usb_error_t error) 651 { 652 struct ustorage_fs_softc *sc = usbd_xfer_softc(xfer); 653 uint32_t max_bulk = usbd_xfer_max_len(xfer); 654 int actlen, sumlen; 655 656 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL); 657 658 DPRINTF("\n"); 659 660 switch (USB_GET_STATE(xfer)) { 661 case USB_ST_TRANSFERRED: 662 sc->sc_transfer.data_rem -= actlen; 663 sc->sc_transfer.offset += actlen; 664 665 if (actlen != sumlen || sc->sc_transfer.data_rem == 0) { 666 /* short transfer or end of data */ 667 ustorage_fs_transfer_start(sc, 668 USTORAGE_FS_T_BBB_STATUS); 669 break; 670 } 671 /* Fallthrough */ 672 673 case USB_ST_SETUP: 674 tr_setup: 675 if (max_bulk > sc->sc_transfer.data_rem) { 676 max_bulk = sc->sc_transfer.data_rem; 677 } 678 if (sc->sc_transfer.data_error) { 679 sc->sc_transfer.data_error = 0; 680 usbd_xfer_set_stall(xfer); 681 } 682 usbd_xfer_set_frame_len(xfer, 0, max_bulk); 683 usbd_transfer_submit(xfer); 684 break; 685 686 default: /* Error */ 687 if (error == USB_ERR_CANCELLED) { 688 break; 689 } 690 /* 691 * If the pipe is already stalled, don't do another stall: 692 */ 693 if (!usbd_xfer_is_stalled(xfer)) 694 sc->sc_transfer.data_error = 1; 695 696 /* try again */ 697 goto tr_setup; 698 } 699 } 700 701 static void 702 ustorage_fs_t_bbb_data_read_callback(struct usb_xfer *xfer, usb_error_t error) 703 { 704 struct ustorage_fs_softc *sc = usbd_xfer_softc(xfer); 705 uint32_t max_bulk = usbd_xfer_max_len(xfer); 706 int actlen, sumlen; 707 708 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL); 709 710 DPRINTF("\n"); 711 712 switch (USB_GET_STATE(xfer)) { 713 case USB_ST_TRANSFERRED: 714 /* XXX copy data from DMA buffer */ 715 memcpy(sc->sc_transfer.data_ptr, sc->sc_dma_ptr, actlen); 716 717 sc->sc_transfer.data_rem -= actlen; 718 sc->sc_transfer.data_ptr += actlen; 719 sc->sc_transfer.offset += actlen; 720 721 if (actlen != sumlen || sc->sc_transfer.data_rem == 0) { 722 /* short transfer or end of data */ 723 ustorage_fs_transfer_start(sc, 724 USTORAGE_FS_T_BBB_STATUS); 725 break; 726 } 727 /* Fallthrough */ 728 729 case USB_ST_SETUP: 730 tr_setup: 731 if (max_bulk > sc->sc_transfer.data_rem) { 732 max_bulk = sc->sc_transfer.data_rem; 733 } 734 if (sc->sc_transfer.data_error) { 735 sc->sc_transfer.data_error = 0; 736 usbd_xfer_set_stall(xfer); 737 } 738 739 usbd_xfer_set_frame_data(xfer, 0, sc->sc_dma_ptr, max_bulk); 740 usbd_transfer_submit(xfer); 741 break; 742 743 default: /* Error */ 744 if (error == USB_ERR_CANCELLED) { 745 break; 746 } 747 /* If the pipe is already stalled, don't do another stall */ 748 if (!usbd_xfer_is_stalled(xfer)) 749 sc->sc_transfer.data_error = 1; 750 751 /* try again */ 752 goto tr_setup; 753 } 754 } 755 756 static void 757 ustorage_fs_t_bbb_data_write_callback(struct usb_xfer *xfer, usb_error_t error) 758 { 759 struct ustorage_fs_softc *sc = usbd_xfer_softc(xfer); 760 uint32_t max_bulk = usbd_xfer_max_len(xfer); 761 int actlen, sumlen; 762 763 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL); 764 765 DPRINTF("\n"); 766 767 switch (USB_GET_STATE(xfer)) { 768 case USB_ST_TRANSFERRED: 769 sc->sc_transfer.data_rem -= actlen; 770 sc->sc_transfer.data_ptr += actlen; 771 sc->sc_transfer.offset += actlen; 772 773 if (actlen != sumlen || sc->sc_transfer.data_rem == 0) { 774 /* short transfer or end of data */ 775 ustorage_fs_transfer_start(sc, 776 USTORAGE_FS_T_BBB_STATUS); 777 break; 778 } 779 case USB_ST_SETUP: 780 tr_setup: 781 if (max_bulk >= sc->sc_transfer.data_rem) { 782 max_bulk = sc->sc_transfer.data_rem; 783 if (sc->sc_transfer.data_short) 784 usbd_xfer_set_flag(xfer, USB_FORCE_SHORT_XFER); 785 else 786 usbd_xfer_clr_flag(xfer, USB_FORCE_SHORT_XFER); 787 } else 788 usbd_xfer_clr_flag(xfer, USB_FORCE_SHORT_XFER); 789 790 if (sc->sc_transfer.data_error) { 791 sc->sc_transfer.data_error = 0; 792 usbd_xfer_set_stall(xfer); 793 } 794 795 /* XXX copy data to DMA buffer */ 796 memcpy(sc->sc_dma_ptr, sc->sc_transfer.data_ptr, max_bulk); 797 798 usbd_xfer_set_frame_data(xfer, 0, sc->sc_dma_ptr, max_bulk); 799 usbd_transfer_submit(xfer); 800 break; 801 802 default: /* Error */ 803 if (error == USB_ERR_CANCELLED) { 804 break; 805 } 806 /* 807 * If the pipe is already stalled, don't do another 808 * stall 809 */ 810 if (!usbd_xfer_is_stalled(xfer)) 811 sc->sc_transfer.data_error = 1; 812 813 /* try again */ 814 goto tr_setup; 815 } 816 } 817 818 static void 819 ustorage_fs_t_bbb_status_callback(struct usb_xfer *xfer, usb_error_t error) 820 { 821 struct ustorage_fs_softc *sc = usbd_xfer_softc(xfer); 822 823 DPRINTF("\n"); 824 825 switch (USB_GET_STATE(xfer)) { 826 case USB_ST_TRANSFERRED: 827 ustorage_fs_transfer_start(sc, USTORAGE_FS_T_BBB_COMMAND); 828 break; 829 830 case USB_ST_SETUP: 831 tr_setup: 832 USETDW(sc->sc_csw->dCSWSignature, CSWSIGNATURE); 833 USETDW(sc->sc_csw->dCSWDataResidue, sc->sc_transfer.data_rem); 834 835 if (sc->sc_transfer.data_error) { 836 sc->sc_transfer.data_error = 0; 837 usbd_xfer_set_stall(xfer); 838 } 839 usbd_xfer_set_frame_len(xfer, 0, 840 sizeof(ustorage_fs_bbb_csw_t)); 841 usbd_transfer_submit(xfer); 842 break; 843 844 default: 845 if (error == USB_ERR_CANCELLED) { 846 break; 847 } 848 /* If the pipe is already stalled, don't do another stall */ 849 if (!usbd_xfer_is_stalled(xfer)) 850 sc->sc_transfer.data_error = 1; 851 852 /* try again */ 853 goto tr_setup; 854 } 855 } 856 857 /* SCSI commands that we recognize */ 858 #define SC_FORMAT_UNIT 0x04 859 #define SC_INQUIRY 0x12 860 #define SC_MODE_SELECT_6 0x15 861 #define SC_MODE_SELECT_10 0x55 862 #define SC_MODE_SENSE_6 0x1a 863 #define SC_MODE_SENSE_10 0x5a 864 #define SC_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e 865 #define SC_READ_6 0x08 866 #define SC_READ_10 0x28 867 #define SC_READ_12 0xa8 868 #define SC_READ_CAPACITY 0x25 869 #define SC_READ_FORMAT_CAPACITIES 0x23 870 #define SC_RELEASE 0x17 871 #define SC_REQUEST_SENSE 0x03 872 #define SC_RESERVE 0x16 873 #define SC_SEND_DIAGNOSTIC 0x1d 874 #define SC_START_STOP_UNIT 0x1b 875 #define SC_SYNCHRONIZE_CACHE 0x35 876 #define SC_TEST_UNIT_READY 0x00 877 #define SC_VERIFY 0x2f 878 #define SC_WRITE_6 0x0a 879 #define SC_WRITE_10 0x2a 880 #define SC_WRITE_12 0xaa 881 882 /* SCSI Sense Key/Additional Sense Code/ASC Qualifier values */ 883 #define SS_NO_SENSE 0 884 #define SS_COMMUNICATION_FAILURE 0x040800 885 #define SS_INVALID_COMMAND 0x052000 886 #define SS_INVALID_FIELD_IN_CDB 0x052400 887 #define SS_LOGICAL_BLOCK_ADDRESS_OUT_OF_RANGE 0x052100 888 #define SS_LOGICAL_UNIT_NOT_SUPPORTED 0x052500 889 #define SS_MEDIUM_NOT_PRESENT 0x023a00 890 #define SS_MEDIUM_REMOVAL_PREVENTED 0x055302 891 #define SS_NOT_READY_TO_READY_TRANSITION 0x062800 892 #define SS_RESET_OCCURRED 0x062900 893 #define SS_SAVING_PARAMETERS_NOT_SUPPORTED 0x053900 894 #define SS_UNRECOVERED_READ_ERROR 0x031100 895 #define SS_WRITE_ERROR 0x030c02 896 #define SS_WRITE_PROTECTED 0x072700 897 898 #define SK(x) ((uint8_t) ((x) >> 16)) /* Sense Key byte, etc. */ 899 #define ASC(x) ((uint8_t) ((x) >> 8)) 900 #define ASCQ(x) ((uint8_t) (x)) 901 902 /* Routines for unaligned data access */ 903 904 static uint16_t 905 get_be16(uint8_t *buf) 906 { 907 return ((uint16_t)buf[0] << 8) | ((uint16_t)buf[1]); 908 } 909 910 static uint32_t 911 get_be32(uint8_t *buf) 912 { 913 return ((uint32_t)buf[0] << 24) | ((uint32_t)buf[1] << 16) | 914 ((uint32_t)buf[2] << 8) | ((uint32_t)buf[3]); 915 } 916 917 static void 918 put_be16(uint8_t *buf, uint16_t val) 919 { 920 buf[0] = val >> 8; 921 buf[1] = val; 922 } 923 924 static void 925 put_be32(uint8_t *buf, uint32_t val) 926 { 927 buf[0] = val >> 24; 928 buf[1] = val >> 16; 929 buf[2] = val >> 8; 930 buf[3] = val & 0xff; 931 } 932 933 /*------------------------------------------------------------------------* 934 * ustorage_fs_verify 935 * 936 * Returns: 937 * 0: Success 938 * Else: Failure 939 *------------------------------------------------------------------------*/ 940 static uint8_t 941 ustorage_fs_verify(struct ustorage_fs_softc *sc) 942 { 943 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 944 uint32_t lba; 945 uint32_t vlen; 946 uint64_t file_offset; 947 uint64_t amount_left; 948 949 /* 950 * Get the starting Logical Block Address 951 */ 952 lba = get_be32(&sc->sc_cbw->CBWCDB[2]); 953 954 /* 955 * We allow DPO (Disable Page Out = don't save data in the cache) 956 * but we don't implement it. 957 */ 958 if ((sc->sc_cbw->CBWCDB[1] & ~0x10) != 0) { 959 currlun->sense_data = SS_INVALID_FIELD_IN_CDB; 960 return (1); 961 } 962 vlen = get_be16(&sc->sc_cbw->CBWCDB[7]); 963 if (vlen == 0) { 964 goto done; 965 } 966 /* No default reply */ 967 968 /* Prepare to carry out the file verify */ 969 amount_left = vlen; 970 amount_left <<= 9; 971 file_offset = lba; 972 file_offset <<= 9; 973 974 /* Range check */ 975 vlen += lba; 976 977 if ((vlen < lba) || 978 (vlen > currlun->num_sectors) || 979 (lba >= currlun->num_sectors)) { 980 currlun->sense_data = SS_LOGICAL_BLOCK_ADDRESS_OUT_OF_RANGE; 981 return (1); 982 } 983 /* XXX TODO: verify that data is readable */ 984 done: 985 return (ustorage_fs_min_len(sc, 0, -1U)); 986 } 987 988 /*------------------------------------------------------------------------* 989 * ustorage_fs_inquiry 990 * 991 * Returns: 992 * 0: Success 993 * Else: Failure 994 *------------------------------------------------------------------------*/ 995 static uint8_t 996 ustorage_fs_inquiry(struct ustorage_fs_softc *sc) 997 { 998 uint8_t *buf = sc->sc_transfer.data_ptr; 999 1000 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 1001 1002 if (!sc->sc_transfer.currlun) { 1003 /* Unsupported LUNs are okay */ 1004 memset(buf, 0, 36); 1005 buf[0] = 0x7f; 1006 /* Unsupported, no device - type */ 1007 return (ustorage_fs_min_len(sc, 36, -1U)); 1008 } 1009 memset(buf, 0, 8); 1010 /* Non - removable, direct - access device */ 1011 if (currlun->removable) 1012 buf[1] = 0x80; 1013 buf[2] = 2; 1014 /* ANSI SCSI level 2 */ 1015 buf[3] = 2; 1016 /* SCSI - 2 INQUIRY data format */ 1017 buf[4] = 31; 1018 /* Additional length */ 1019 /* No special options */ 1020 /* Copy in ID string */ 1021 memcpy(buf + 8, USTORAGE_FS_ID_STRING, 28); 1022 1023 #if (USTORAGE_QDATA_MAX < 36) 1024 #error "(USTORAGE_QDATA_MAX < 36)" 1025 #endif 1026 return (ustorage_fs_min_len(sc, 36, -1U)); 1027 } 1028 1029 /*------------------------------------------------------------------------* 1030 * ustorage_fs_request_sense 1031 * 1032 * Returns: 1033 * 0: Success 1034 * Else: Failure 1035 *------------------------------------------------------------------------*/ 1036 static uint8_t 1037 ustorage_fs_request_sense(struct ustorage_fs_softc *sc) 1038 { 1039 uint8_t *buf = sc->sc_transfer.data_ptr; 1040 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 1041 uint32_t sd; 1042 uint32_t sdinfo; 1043 uint8_t valid; 1044 1045 /* 1046 * From the SCSI-2 spec., section 7.9 (Unit attention condition): 1047 * 1048 * If a REQUEST SENSE command is received from an initiator 1049 * with a pending unit attention condition (before the target 1050 * generates the contingent allegiance condition), then the 1051 * target shall either: 1052 * a) report any pending sense data and preserve the unit 1053 * attention condition on the logical unit, or, 1054 * b) report the unit attention condition, may discard any 1055 * pending sense data, and clear the unit attention 1056 * condition on the logical unit for that initiator. 1057 * 1058 * FSG normally uses option a); enable this code to use option b). 1059 */ 1060 #if 0 1061 if (currlun && currlun->unit_attention_data != SS_NO_SENSE) { 1062 currlun->sense_data = currlun->unit_attention_data; 1063 currlun->unit_attention_data = SS_NO_SENSE; 1064 } 1065 #endif 1066 1067 if (!currlun) { 1068 /* Unsupported LUNs are okay */ 1069 sd = SS_LOGICAL_UNIT_NOT_SUPPORTED; 1070 sdinfo = 0; 1071 valid = 0; 1072 } else { 1073 sd = currlun->sense_data; 1074 sdinfo = currlun->sense_data_info; 1075 valid = currlun->info_valid << 7; 1076 currlun->sense_data = SS_NO_SENSE; 1077 currlun->sense_data_info = 0; 1078 currlun->info_valid = 0; 1079 } 1080 1081 memset(buf, 0, 18); 1082 buf[0] = valid | 0x70; 1083 /* Valid, current error */ 1084 buf[2] = SK(sd); 1085 put_be32(&buf[3], sdinfo); 1086 /* Sense information */ 1087 buf[7] = 18 - 8; 1088 /* Additional sense length */ 1089 buf[12] = ASC(sd); 1090 buf[13] = ASCQ(sd); 1091 1092 #if (USTORAGE_QDATA_MAX < 18) 1093 #error "(USTORAGE_QDATA_MAX < 18)" 1094 #endif 1095 return (ustorage_fs_min_len(sc, 18, -1U)); 1096 } 1097 1098 /*------------------------------------------------------------------------* 1099 * ustorage_fs_read_capacity 1100 * 1101 * Returns: 1102 * 0: Success 1103 * Else: Failure 1104 *------------------------------------------------------------------------*/ 1105 static uint8_t 1106 ustorage_fs_read_capacity(struct ustorage_fs_softc *sc) 1107 { 1108 uint8_t *buf = sc->sc_transfer.data_ptr; 1109 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 1110 uint32_t lba = get_be32(&sc->sc_cbw->CBWCDB[2]); 1111 uint8_t pmi = sc->sc_cbw->CBWCDB[8]; 1112 1113 /* Check the PMI and LBA fields */ 1114 if ((pmi > 1) || ((pmi == 0) && (lba != 0))) { 1115 currlun->sense_data = SS_INVALID_FIELD_IN_CDB; 1116 return (1); 1117 } 1118 /* Max logical block */ 1119 put_be32(&buf[0], currlun->num_sectors - 1); 1120 /* Block length */ 1121 put_be32(&buf[4], 512); 1122 1123 #if (USTORAGE_QDATA_MAX < 8) 1124 #error "(USTORAGE_QDATA_MAX < 8)" 1125 #endif 1126 return (ustorage_fs_min_len(sc, 8, -1U)); 1127 } 1128 1129 /*------------------------------------------------------------------------* 1130 * ustorage_fs_mode_sense 1131 * 1132 * Returns: 1133 * 0: Success 1134 * Else: Failure 1135 *------------------------------------------------------------------------*/ 1136 static uint8_t 1137 ustorage_fs_mode_sense(struct ustorage_fs_softc *sc) 1138 { 1139 uint8_t *buf = sc->sc_transfer.data_ptr; 1140 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 1141 uint8_t *buf0; 1142 uint16_t len; 1143 uint16_t limit; 1144 uint8_t mscmnd = sc->sc_cbw->CBWCDB[0]; 1145 uint8_t pc; 1146 uint8_t page_code; 1147 uint8_t changeable_values; 1148 uint8_t all_pages; 1149 1150 buf0 = buf; 1151 1152 if ((sc->sc_cbw->CBWCDB[1] & ~0x08) != 0) { 1153 /* Mask away DBD */ 1154 currlun->sense_data = SS_INVALID_FIELD_IN_CDB; 1155 return (1); 1156 } 1157 pc = sc->sc_cbw->CBWCDB[2] >> 6; 1158 page_code = sc->sc_cbw->CBWCDB[2] & 0x3f; 1159 if (pc == 3) { 1160 currlun->sense_data = SS_SAVING_PARAMETERS_NOT_SUPPORTED; 1161 return (1); 1162 } 1163 changeable_values = (pc == 1); 1164 all_pages = (page_code == 0x3f); 1165 1166 /* 1167 * Write the mode parameter header. Fixed values are: default 1168 * medium type, no cache control (DPOFUA), and no block descriptors. 1169 * The only variable value is the WriteProtect bit. We will fill in 1170 * the mode data length later. 1171 */ 1172 memset(buf, 0, 8); 1173 if (mscmnd == SC_MODE_SENSE_6) { 1174 buf[2] = (currlun->read_only ? 0x80 : 0x00); 1175 /* WP, DPOFUA */ 1176 buf += 4; 1177 limit = 255; 1178 } else { 1179 /* SC_MODE_SENSE_10 */ 1180 buf[3] = (currlun->read_only ? 0x80 : 0x00); 1181 /* WP, DPOFUA */ 1182 buf += 8; 1183 limit = 65535; 1184 /* Should really be mod_data.buflen */ 1185 } 1186 1187 /* No block descriptors */ 1188 1189 /* 1190 * The mode pages, in numerical order. 1191 */ 1192 if ((page_code == 0x08) || all_pages) { 1193 buf[0] = 0x08; 1194 /* Page code */ 1195 buf[1] = 10; 1196 /* Page length */ 1197 memset(buf + 2, 0, 10); 1198 /* None of the fields are changeable */ 1199 1200 if (!changeable_values) { 1201 buf[2] = 0x04; 1202 /* Write cache enable, */ 1203 /* Read cache not disabled */ 1204 /* No cache retention priorities */ 1205 put_be16(&buf[4], 0xffff); 1206 /* Don 't disable prefetch */ 1207 /* Minimum prefetch = 0 */ 1208 put_be16(&buf[8], 0xffff); 1209 /* Maximum prefetch */ 1210 put_be16(&buf[10], 0xffff); 1211 /* Maximum prefetch ceiling */ 1212 } 1213 buf += 12; 1214 } 1215 /* 1216 * Check that a valid page was requested and the mode data length 1217 * isn't too long. 1218 */ 1219 len = buf - buf0; 1220 if (len > limit) { 1221 currlun->sense_data = SS_INVALID_FIELD_IN_CDB; 1222 return (1); 1223 } 1224 /* Store the mode data length */ 1225 if (mscmnd == SC_MODE_SENSE_6) 1226 buf0[0] = len - 1; 1227 else 1228 put_be16(buf0, len - 2); 1229 1230 #if (USTORAGE_QDATA_MAX < 24) 1231 #error "(USTORAGE_QDATA_MAX < 24)" 1232 #endif 1233 return (ustorage_fs_min_len(sc, len, -1U)); 1234 } 1235 1236 /*------------------------------------------------------------------------* 1237 * ustorage_fs_start_stop 1238 * 1239 * Returns: 1240 * 0: Success 1241 * Else: Failure 1242 *------------------------------------------------------------------------*/ 1243 static uint8_t 1244 ustorage_fs_start_stop(struct ustorage_fs_softc *sc) 1245 { 1246 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 1247 uint8_t loej; 1248 uint8_t start; 1249 uint8_t immed; 1250 1251 if (!currlun->removable) { 1252 currlun->sense_data = SS_INVALID_COMMAND; 1253 return (1); 1254 } 1255 immed = sc->sc_cbw->CBWCDB[1] & 0x01; 1256 loej = sc->sc_cbw->CBWCDB[4] & 0x02; 1257 start = sc->sc_cbw->CBWCDB[4] & 0x01; 1258 1259 if (immed || loej || start) { 1260 /* compile fix */ 1261 } 1262 return (0); 1263 } 1264 1265 /*------------------------------------------------------------------------* 1266 * ustorage_fs_prevent_allow 1267 * 1268 * Returns: 1269 * 0: Success 1270 * Else: Failure 1271 *------------------------------------------------------------------------*/ 1272 static uint8_t 1273 ustorage_fs_prevent_allow(struct ustorage_fs_softc *sc) 1274 { 1275 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 1276 uint8_t prevent; 1277 1278 if (!currlun->removable) { 1279 currlun->sense_data = SS_INVALID_COMMAND; 1280 return (1); 1281 } 1282 prevent = sc->sc_cbw->CBWCDB[4] & 0x01; 1283 if ((sc->sc_cbw->CBWCDB[4] & ~0x01) != 0) { 1284 /* Mask away Prevent */ 1285 currlun->sense_data = SS_INVALID_FIELD_IN_CDB; 1286 return (1); 1287 } 1288 if (currlun->prevent_medium_removal && !prevent) { 1289 //fsync_sub(currlun); 1290 } 1291 currlun->prevent_medium_removal = prevent; 1292 return (0); 1293 } 1294 1295 /*------------------------------------------------------------------------* 1296 * ustorage_fs_read_format_capacities 1297 * 1298 * Returns: 1299 * 0: Success 1300 * Else: Failure 1301 *------------------------------------------------------------------------*/ 1302 static uint8_t 1303 ustorage_fs_read_format_capacities(struct ustorage_fs_softc *sc) 1304 { 1305 uint8_t *buf = sc->sc_transfer.data_ptr; 1306 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 1307 1308 buf[0] = buf[1] = buf[2] = 0; 1309 buf[3] = 8; 1310 /* Only the Current / Maximum Capacity Descriptor */ 1311 buf += 4; 1312 1313 /* Number of blocks */ 1314 put_be32(&buf[0], currlun->num_sectors); 1315 /* Block length */ 1316 put_be32(&buf[4], 512); 1317 /* Current capacity */ 1318 buf[4] = 0x02; 1319 1320 #if (USTORAGE_QDATA_MAX < 12) 1321 #error "(USTORAGE_QDATA_MAX < 12)" 1322 #endif 1323 return (ustorage_fs_min_len(sc, 12, -1U)); 1324 } 1325 1326 /*------------------------------------------------------------------------* 1327 * ustorage_fs_mode_select 1328 * 1329 * Return values: 1330 * 0: Success 1331 * Else: Failure 1332 *------------------------------------------------------------------------*/ 1333 static uint8_t 1334 ustorage_fs_mode_select(struct ustorage_fs_softc *sc) 1335 { 1336 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 1337 1338 /* We don't support MODE SELECT */ 1339 currlun->sense_data = SS_INVALID_COMMAND; 1340 return (1); 1341 } 1342 1343 /*------------------------------------------------------------------------* 1344 * ustorage_fs_synchronize_cache 1345 * 1346 * Return values: 1347 * 0: Success 1348 * Else: Failure 1349 *------------------------------------------------------------------------*/ 1350 static uint8_t 1351 ustorage_fs_synchronize_cache(struct ustorage_fs_softc *sc) 1352 { 1353 #if 0 1354 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 1355 uint8_t rc; 1356 1357 /* 1358 * We ignore the requested LBA and write out all dirty data buffers. 1359 */ 1360 rc = 0; 1361 if (rc) { 1362 currlun->sense_data = SS_WRITE_ERROR; 1363 } 1364 #endif 1365 return (0); 1366 } 1367 1368 /*------------------------------------------------------------------------* 1369 * ustorage_fs_read - read data from disk 1370 * 1371 * Return values: 1372 * 0: Success 1373 * Else: Failure 1374 *------------------------------------------------------------------------*/ 1375 static uint8_t 1376 ustorage_fs_read(struct ustorage_fs_softc *sc) 1377 { 1378 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 1379 uint64_t file_offset; 1380 uint32_t lba; 1381 uint32_t len; 1382 1383 /* 1384 * Get the starting Logical Block Address and check that it's not 1385 * too big 1386 */ 1387 if (sc->sc_cbw->CBWCDB[0] == SC_READ_6) { 1388 lba = (((uint32_t)sc->sc_cbw->CBWCDB[1]) << 16) | 1389 get_be16(&sc->sc_cbw->CBWCDB[2]); 1390 } else { 1391 lba = get_be32(&sc->sc_cbw->CBWCDB[2]); 1392 1393 /* 1394 * We allow DPO (Disable Page Out = don't save data in the 1395 * cache) and FUA (Force Unit Access = don't read from the 1396 * cache), but we don't implement them. 1397 */ 1398 if ((sc->sc_cbw->CBWCDB[1] & ~0x18) != 0) { 1399 currlun->sense_data = SS_INVALID_FIELD_IN_CDB; 1400 return (1); 1401 } 1402 } 1403 len = sc->sc_transfer.data_rem >> 9; 1404 len += lba; 1405 1406 if ((len < lba) || 1407 (len > currlun->num_sectors) || 1408 (lba >= currlun->num_sectors)) { 1409 currlun->sense_data = SS_LOGICAL_BLOCK_ADDRESS_OUT_OF_RANGE; 1410 return (1); 1411 } 1412 file_offset = lba; 1413 file_offset <<= 9; 1414 1415 sc->sc_transfer.data_ptr = currlun->memory_image + file_offset; 1416 1417 return (0); 1418 } 1419 1420 /*------------------------------------------------------------------------* 1421 * ustorage_fs_write - write data to disk 1422 * 1423 * Return values: 1424 * 0: Success 1425 * Else: Failure 1426 *------------------------------------------------------------------------*/ 1427 static uint8_t 1428 ustorage_fs_write(struct ustorage_fs_softc *sc) 1429 { 1430 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 1431 uint64_t file_offset; 1432 uint32_t lba; 1433 uint32_t len; 1434 1435 if (currlun->read_only) { 1436 currlun->sense_data = SS_WRITE_PROTECTED; 1437 return (1); 1438 } 1439 /* XXX clear SYNC */ 1440 1441 /* 1442 * Get the starting Logical Block Address and check that it's not 1443 * too big. 1444 */ 1445 if (sc->sc_cbw->CBWCDB[0] == SC_WRITE_6) 1446 lba = (((uint32_t)sc->sc_cbw->CBWCDB[1]) << 16) | 1447 get_be16(&sc->sc_cbw->CBWCDB[2]); 1448 else { 1449 lba = get_be32(&sc->sc_cbw->CBWCDB[2]); 1450 1451 /* 1452 * We allow DPO (Disable Page Out = don't save data in the 1453 * cache) and FUA (Force Unit Access = write directly to the 1454 * medium). We don't implement DPO; we implement FUA by 1455 * performing synchronous output. 1456 */ 1457 if ((sc->sc_cbw->CBWCDB[1] & ~0x18) != 0) { 1458 currlun->sense_data = SS_INVALID_FIELD_IN_CDB; 1459 return (1); 1460 } 1461 if (sc->sc_cbw->CBWCDB[1] & 0x08) { 1462 /* FUA */ 1463 /* XXX set SYNC flag here */ 1464 } 1465 } 1466 1467 len = sc->sc_transfer.data_rem >> 9; 1468 len += lba; 1469 1470 if ((len < lba) || 1471 (len > currlun->num_sectors) || 1472 (lba >= currlun->num_sectors)) { 1473 currlun->sense_data = SS_LOGICAL_BLOCK_ADDRESS_OUT_OF_RANGE; 1474 return (1); 1475 } 1476 file_offset = lba; 1477 file_offset <<= 9; 1478 1479 sc->sc_transfer.data_ptr = currlun->memory_image + file_offset; 1480 1481 return (0); 1482 } 1483 1484 /*------------------------------------------------------------------------* 1485 * ustorage_fs_min_len 1486 * 1487 * Return values: 1488 * 0: Success 1489 * Else: Failure 1490 *------------------------------------------------------------------------*/ 1491 static uint8_t 1492 ustorage_fs_min_len(struct ustorage_fs_softc *sc, uint32_t len, uint32_t mask) 1493 { 1494 if (len != sc->sc_transfer.data_rem) { 1495 1496 if (sc->sc_transfer.cbw_dir == DIR_READ) { 1497 /* 1498 * there must be something wrong about this SCSI 1499 * command 1500 */ 1501 sc->sc_csw->bCSWStatus = CSWSTATUS_PHASE; 1502 return (1); 1503 } 1504 /* compute the minimum length */ 1505 1506 if (sc->sc_transfer.data_rem > len) { 1507 /* data ends prematurely */ 1508 sc->sc_transfer.data_rem = len; 1509 sc->sc_transfer.data_short = 1; 1510 } 1511 /* check length alignment */ 1512 1513 if (sc->sc_transfer.data_rem & ~mask) { 1514 /* data ends prematurely */ 1515 sc->sc_transfer.data_rem &= mask; 1516 sc->sc_transfer.data_short = 1; 1517 } 1518 } 1519 return (0); 1520 } 1521 1522 /*------------------------------------------------------------------------* 1523 * ustorage_fs_check_cmd - check command routine 1524 * 1525 * Check whether the command is properly formed and whether its data 1526 * size and direction agree with the values we already have. 1527 * 1528 * Return values: 1529 * 0: Success 1530 * Else: Failure 1531 *------------------------------------------------------------------------*/ 1532 static uint8_t 1533 ustorage_fs_check_cmd(struct ustorage_fs_softc *sc, uint8_t min_cmd_size, 1534 uint16_t mask, uint8_t needs_medium) 1535 { 1536 struct ustorage_fs_lun *currlun; 1537 uint8_t lun = (sc->sc_cbw->CBWCDB[1] >> 5); 1538 uint8_t i; 1539 1540 /* Verify the length of the command itself */ 1541 if (min_cmd_size > sc->sc_transfer.cmd_len) { 1542 DPRINTF("%u > %u\n", 1543 min_cmd_size, sc->sc_transfer.cmd_len); 1544 sc->sc_csw->bCSWStatus = CSWSTATUS_PHASE; 1545 return (1); 1546 } 1547 /* Mask away the LUN */ 1548 sc->sc_cbw->CBWCDB[1] &= 0x1f; 1549 1550 /* Check if LUN is correct */ 1551 if (lun != sc->sc_transfer.lun) { 1552 1553 } 1554 /* Check the LUN */ 1555 if (sc->sc_transfer.lun <= sc->sc_last_lun) { 1556 sc->sc_transfer.currlun = currlun = 1557 sc->sc_lun + sc->sc_transfer.lun; 1558 if (sc->sc_cbw->CBWCDB[0] != SC_REQUEST_SENSE) { 1559 currlun->sense_data = SS_NO_SENSE; 1560 currlun->sense_data_info = 0; 1561 currlun->info_valid = 0; 1562 } 1563 /* 1564 * If a unit attention condition exists, only INQUIRY 1565 * and REQUEST SENSE commands are allowed. Anything 1566 * else must fail! 1567 */ 1568 if ((currlun->unit_attention_data != SS_NO_SENSE) && 1569 (sc->sc_cbw->CBWCDB[0] != SC_INQUIRY) && 1570 (sc->sc_cbw->CBWCDB[0] != SC_REQUEST_SENSE)) { 1571 currlun->sense_data = currlun->unit_attention_data; 1572 currlun->unit_attention_data = SS_NO_SENSE; 1573 return (1); 1574 } 1575 } else { 1576 sc->sc_transfer.currlun = currlun = NULL; 1577 1578 /* 1579 * INQUIRY and REQUEST SENSE commands are explicitly allowed 1580 * to use unsupported LUNs; all others may not. 1581 */ 1582 if ((sc->sc_cbw->CBWCDB[0] != SC_INQUIRY) && 1583 (sc->sc_cbw->CBWCDB[0] != SC_REQUEST_SENSE)) { 1584 return (1); 1585 } 1586 } 1587 1588 /* 1589 * Check that only command bytes listed in the mask are 1590 * non-zero. 1591 */ 1592 for (i = 0; i != min_cmd_size; i++) { 1593 if (sc->sc_cbw->CBWCDB[i] && !(mask & (1UL << i))) { 1594 if (currlun) { 1595 currlun->sense_data = SS_INVALID_FIELD_IN_CDB; 1596 } 1597 return (1); 1598 } 1599 } 1600 1601 /* 1602 * If the medium isn't mounted and the command needs to access 1603 * it, return an error. 1604 */ 1605 if (currlun && (!currlun->memory_image) && needs_medium) { 1606 currlun->sense_data = SS_MEDIUM_NOT_PRESENT; 1607 return (1); 1608 } 1609 return (0); 1610 } 1611 1612 /*------------------------------------------------------------------------* 1613 * ustorage_fs_do_cmd - do command 1614 * 1615 * Return values: 1616 * 0: Success 1617 * Else: Failure 1618 *------------------------------------------------------------------------*/ 1619 static uint8_t 1620 ustorage_fs_do_cmd(struct ustorage_fs_softc *sc) 1621 { 1622 uint8_t error = 1; 1623 uint8_t i; 1624 uint32_t temp; 1625 const uint32_t mask9 = (0xFFFFFFFFUL >> 9) << 9; 1626 1627 /* set default data transfer pointer */ 1628 sc->sc_transfer.data_ptr = sc->sc_qdata; 1629 1630 DPRINTF("cmd_data[0]=0x%02x, data_rem=0x%08x\n", 1631 sc->sc_cbw->CBWCDB[0], sc->sc_transfer.data_rem); 1632 1633 switch (sc->sc_cbw->CBWCDB[0]) { 1634 case SC_INQUIRY: 1635 sc->sc_transfer.cmd_dir = DIR_WRITE; 1636 error = ustorage_fs_min_len(sc, sc->sc_cbw->CBWCDB[4], -1U); 1637 if (error) { 1638 break; 1639 } 1640 error = ustorage_fs_check_cmd(sc, 6, 1641 (1UL << 4) | 1, 0); 1642 if (error) { 1643 break; 1644 } 1645 error = ustorage_fs_inquiry(sc); 1646 1647 break; 1648 1649 case SC_MODE_SELECT_6: 1650 sc->sc_transfer.cmd_dir = DIR_READ; 1651 error = ustorage_fs_min_len(sc, sc->sc_cbw->CBWCDB[4], -1U); 1652 if (error) { 1653 break; 1654 } 1655 error = ustorage_fs_check_cmd(sc, 6, 1656 (1UL << 1) | (1UL << 4) | 1, 0); 1657 if (error) { 1658 break; 1659 } 1660 error = ustorage_fs_mode_select(sc); 1661 1662 break; 1663 1664 case SC_MODE_SELECT_10: 1665 sc->sc_transfer.cmd_dir = DIR_READ; 1666 error = ustorage_fs_min_len(sc, 1667 get_be16(&sc->sc_cbw->CBWCDB[7]), -1U); 1668 if (error) { 1669 break; 1670 } 1671 error = ustorage_fs_check_cmd(sc, 10, 1672 (1UL << 1) | (3UL << 7) | 1, 0); 1673 if (error) { 1674 break; 1675 } 1676 error = ustorage_fs_mode_select(sc); 1677 1678 break; 1679 1680 case SC_MODE_SENSE_6: 1681 sc->sc_transfer.cmd_dir = DIR_WRITE; 1682 error = ustorage_fs_min_len(sc, sc->sc_cbw->CBWCDB[4], -1U); 1683 if (error) { 1684 break; 1685 } 1686 error = ustorage_fs_check_cmd(sc, 6, 1687 (1UL << 1) | (1UL << 2) | (1UL << 4) | 1, 0); 1688 if (error) { 1689 break; 1690 } 1691 error = ustorage_fs_mode_sense(sc); 1692 1693 break; 1694 1695 case SC_MODE_SENSE_10: 1696 sc->sc_transfer.cmd_dir = DIR_WRITE; 1697 error = ustorage_fs_min_len(sc, 1698 get_be16(&sc->sc_cbw->CBWCDB[7]), -1U); 1699 if (error) { 1700 break; 1701 } 1702 error = ustorage_fs_check_cmd(sc, 10, 1703 (1UL << 1) | (1UL << 2) | (3UL << 7) | 1, 0); 1704 if (error) { 1705 break; 1706 } 1707 error = ustorage_fs_mode_sense(sc); 1708 1709 break; 1710 1711 case SC_PREVENT_ALLOW_MEDIUM_REMOVAL: 1712 error = ustorage_fs_min_len(sc, 0, -1U); 1713 if (error) { 1714 break; 1715 } 1716 error = ustorage_fs_check_cmd(sc, 6, 1717 (1UL << 4) | 1, 0); 1718 if (error) { 1719 break; 1720 } 1721 error = ustorage_fs_prevent_allow(sc); 1722 1723 break; 1724 1725 case SC_READ_6: 1726 i = sc->sc_cbw->CBWCDB[4]; 1727 sc->sc_transfer.cmd_dir = DIR_WRITE; 1728 temp = ((i == 0) ? 256UL : i); 1729 error = ustorage_fs_min_len(sc, temp << 9, mask9); 1730 if (error) { 1731 break; 1732 } 1733 error = ustorage_fs_check_cmd(sc, 6, 1734 (7UL << 1) | (1UL << 4) | 1, 1); 1735 if (error) { 1736 break; 1737 } 1738 error = ustorage_fs_read(sc); 1739 1740 break; 1741 1742 case SC_READ_10: 1743 sc->sc_transfer.cmd_dir = DIR_WRITE; 1744 temp = get_be16(&sc->sc_cbw->CBWCDB[7]); 1745 error = ustorage_fs_min_len(sc, temp << 9, mask9); 1746 if (error) { 1747 break; 1748 } 1749 error = ustorage_fs_check_cmd(sc, 10, 1750 (1UL << 1) | (0xfUL << 2) | (3UL << 7) | 1, 1); 1751 if (error) { 1752 break; 1753 } 1754 error = ustorage_fs_read(sc); 1755 1756 break; 1757 1758 case SC_READ_12: 1759 sc->sc_transfer.cmd_dir = DIR_WRITE; 1760 temp = get_be32(&sc->sc_cbw->CBWCDB[6]); 1761 if (temp >= (1UL << (32 - 9))) { 1762 /* numerical overflow */ 1763 sc->sc_csw->bCSWStatus = CSWSTATUS_FAILED; 1764 error = 1; 1765 break; 1766 } 1767 error = ustorage_fs_min_len(sc, temp << 9, mask9); 1768 if (error) { 1769 break; 1770 } 1771 error = ustorage_fs_check_cmd(sc, 12, 1772 (1UL << 1) | (0xfUL << 2) | (0xfUL << 6) | 1, 1); 1773 if (error) { 1774 break; 1775 } 1776 error = ustorage_fs_read(sc); 1777 1778 break; 1779 1780 case SC_READ_CAPACITY: 1781 sc->sc_transfer.cmd_dir = DIR_WRITE; 1782 error = ustorage_fs_check_cmd(sc, 10, 1783 (0xfUL << 2) | (1UL << 8) | 1, 1); 1784 if (error) { 1785 break; 1786 } 1787 error = ustorage_fs_read_capacity(sc); 1788 1789 break; 1790 1791 case SC_READ_FORMAT_CAPACITIES: 1792 sc->sc_transfer.cmd_dir = DIR_WRITE; 1793 error = ustorage_fs_min_len(sc, 1794 get_be16(&sc->sc_cbw->CBWCDB[7]), -1U); 1795 if (error) { 1796 break; 1797 } 1798 error = ustorage_fs_check_cmd(sc, 10, 1799 (3UL << 7) | 1, 1); 1800 if (error) { 1801 break; 1802 } 1803 error = ustorage_fs_read_format_capacities(sc); 1804 1805 break; 1806 1807 case SC_REQUEST_SENSE: 1808 sc->sc_transfer.cmd_dir = DIR_WRITE; 1809 error = ustorage_fs_min_len(sc, sc->sc_cbw->CBWCDB[4], -1U); 1810 if (error) { 1811 break; 1812 } 1813 error = ustorage_fs_check_cmd(sc, 6, 1814 (1UL << 4) | 1, 0); 1815 if (error) { 1816 break; 1817 } 1818 error = ustorage_fs_request_sense(sc); 1819 1820 break; 1821 1822 case SC_START_STOP_UNIT: 1823 error = ustorage_fs_min_len(sc, 0, -1U); 1824 if (error) { 1825 break; 1826 } 1827 error = ustorage_fs_check_cmd(sc, 6, 1828 (1UL << 1) | (1UL << 4) | 1, 0); 1829 if (error) { 1830 break; 1831 } 1832 error = ustorage_fs_start_stop(sc); 1833 1834 break; 1835 1836 case SC_SYNCHRONIZE_CACHE: 1837 error = ustorage_fs_min_len(sc, 0, -1U); 1838 if (error) { 1839 break; 1840 } 1841 error = ustorage_fs_check_cmd(sc, 10, 1842 (0xfUL << 2) | (3UL << 7) | 1, 1); 1843 if (error) { 1844 break; 1845 } 1846 error = ustorage_fs_synchronize_cache(sc); 1847 1848 break; 1849 1850 case SC_TEST_UNIT_READY: 1851 error = ustorage_fs_min_len(sc, 0, -1U); 1852 if (error) { 1853 break; 1854 } 1855 error = ustorage_fs_check_cmd(sc, 6, 1856 0 | 1, 1); 1857 break; 1858 1859 /* 1860 * Although optional, this command is used by MS-Windows. 1861 * We support a minimal version: BytChk must be 0. 1862 */ 1863 case SC_VERIFY: 1864 error = ustorage_fs_min_len(sc, 0, -1U); 1865 if (error) { 1866 break; 1867 } 1868 error = ustorage_fs_check_cmd(sc, 10, 1869 (1UL << 1) | (0xfUL << 2) | (3UL << 7) | 1, 1); 1870 if (error) { 1871 break; 1872 } 1873 error = ustorage_fs_verify(sc); 1874 1875 break; 1876 1877 case SC_WRITE_6: 1878 i = sc->sc_cbw->CBWCDB[4]; 1879 sc->sc_transfer.cmd_dir = DIR_READ; 1880 temp = ((i == 0) ? 256UL : i); 1881 error = ustorage_fs_min_len(sc, temp << 9, mask9); 1882 if (error) { 1883 break; 1884 } 1885 error = ustorage_fs_check_cmd(sc, 6, 1886 (7UL << 1) | (1UL << 4) | 1, 1); 1887 if (error) { 1888 break; 1889 } 1890 error = ustorage_fs_write(sc); 1891 1892 break; 1893 1894 case SC_WRITE_10: 1895 sc->sc_transfer.cmd_dir = DIR_READ; 1896 temp = get_be16(&sc->sc_cbw->CBWCDB[7]); 1897 error = ustorage_fs_min_len(sc, temp << 9, mask9); 1898 if (error) { 1899 break; 1900 } 1901 error = ustorage_fs_check_cmd(sc, 10, 1902 (1UL << 1) | (0xfUL << 2) | (3UL << 7) | 1, 1); 1903 if (error) { 1904 break; 1905 } 1906 error = ustorage_fs_write(sc); 1907 1908 break; 1909 1910 case SC_WRITE_12: 1911 sc->sc_transfer.cmd_dir = DIR_READ; 1912 temp = get_be32(&sc->sc_cbw->CBWCDB[6]); 1913 if (temp > (mask9 >> 9)) { 1914 /* numerical overflow */ 1915 sc->sc_csw->bCSWStatus = CSWSTATUS_FAILED; 1916 error = 1; 1917 break; 1918 } 1919 error = ustorage_fs_min_len(sc, temp << 9, mask9); 1920 if (error) { 1921 break; 1922 } 1923 error = ustorage_fs_check_cmd(sc, 12, 1924 (1UL << 1) | (0xfUL << 2) | (0xfUL << 6) | 1, 1); 1925 if (error) { 1926 break; 1927 } 1928 error = ustorage_fs_write(sc); 1929 1930 break; 1931 1932 /* 1933 * Some mandatory commands that we recognize but don't 1934 * implement. They don't mean much in this setting. 1935 * It's left as an exercise for anyone interested to 1936 * implement RESERVE and RELEASE in terms of Posix 1937 * locks. 1938 */ 1939 case SC_FORMAT_UNIT: 1940 case SC_RELEASE: 1941 case SC_RESERVE: 1942 case SC_SEND_DIAGNOSTIC: 1943 /* Fallthrough */ 1944 1945 default: 1946 error = ustorage_fs_min_len(sc, 0, -1U); 1947 if (error) { 1948 break; 1949 } 1950 error = ustorage_fs_check_cmd(sc, sc->sc_transfer.cmd_len, 1951 0xff, 0); 1952 if (error) { 1953 break; 1954 } 1955 sc->sc_transfer.currlun->sense_data = 1956 SS_INVALID_COMMAND; 1957 error = 1; 1958 1959 break; 1960 } 1961 return (error); 1962 } 1963