1 /*-
2 * SPDX-License-Identifier: BSD-2-Clause
3 *
4 * Copyright (c) 1999 MAEKAWA Masahide <bishop@rr.iij4u.or.jp>,
5 * Nick Hibma <n_hibma@FreeBSD.org>
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 * $NetBSD: umass.c,v 1.28 2000/04/02 23:46:53 augustss Exp $
29 */
30
31 /* Also already merged from NetBSD:
32 * $NetBSD: umass.c,v 1.67 2001/11/25 19:05:22 augustss Exp $
33 * $NetBSD: umass.c,v 1.90 2002/11/04 19:17:33 pooka Exp $
34 * $NetBSD: umass.c,v 1.108 2003/11/07 17:03:25 wiz Exp $
35 * $NetBSD: umass.c,v 1.109 2003/12/04 13:57:31 keihan Exp $
36 */
37
38 /*
39 * Universal Serial Bus Mass Storage Class specs:
40 * http://www.usb.org/developers/devclass_docs/usb_msc_overview_1.2.pdf
41 * http://www.usb.org/developers/devclass_docs/usbmassbulk_10.pdf
42 * http://www.usb.org/developers/devclass_docs/usb_msc_cbi_1.1.pdf
43 * http://www.usb.org/developers/devclass_docs/usbmass-ufi10.pdf
44 */
45
46 /*
47 * Ported to NetBSD by Lennart Augustsson <augustss@NetBSD.org>.
48 * Parts of the code written by Jason R. Thorpe <thorpej@shagadelic.org>.
49 */
50
51 /*
52 * The driver handles 3 Wire Protocols
53 * - Command/Bulk/Interrupt (CBI)
54 * - Command/Bulk/Interrupt with Command Completion Interrupt (CBI with CCI)
55 * - Mass Storage Bulk-Only (BBB)
56 * (BBB refers Bulk/Bulk/Bulk for Command/Data/Status phases)
57 *
58 * Over these wire protocols it handles the following command protocols
59 * - SCSI
60 * - UFI (floppy command set)
61 * - 8070i (ATAPI)
62 *
63 * UFI and 8070i (ATAPI) are transformed versions of the SCSI command set. The
64 * sc->sc_transform method is used to convert the commands into the appropriate
65 * format (if at all necessary). For example, UFI requires all commands to be
66 * 12 bytes in length amongst other things.
67 *
68 * The source code below is marked and can be split into a number of pieces
69 * (in this order):
70 *
71 * - probe/attach/detach
72 * - generic transfer routines
73 * - BBB
74 * - CBI
75 * - CBI_I (in addition to functions from CBI)
76 * - CAM (Common Access Method)
77 * - SCSI
78 * - UFI
79 * - 8070i (ATAPI)
80 *
81 * The protocols are implemented using a state machine, for the transfers as
82 * well as for the resets. The state machine is contained in umass_t_*_callback.
83 * The state machine is started through either umass_command_start() or
84 * umass_reset().
85 *
86 * The reason for doing this is a) CAM performs a lot better this way and b) it
87 * avoids using tsleep from interrupt context (for example after a failed
88 * transfer).
89 */
90
91 /*
92 * The SCSI related part of this driver has been derived from the
93 * dev/ppbus/vpo.c driver, by Nicolas Souchu (nsouch@FreeBSD.org).
94 *
95 * The CAM layer uses so called actions which are messages sent to the host
96 * adapter for completion. The actions come in through umass_cam_action. The
97 * appropriate block of routines is called depending on the transport protocol
98 * in use. When the transfer has finished, these routines call
99 * umass_cam_cb again to complete the CAM command.
100 */
101
102 #include <sys/stdint.h>
103 #include <sys/stddef.h>
104 #include <sys/param.h>
105 #include <sys/queue.h>
106 #include <sys/types.h>
107 #include <sys/systm.h>
108 #include <sys/kernel.h>
109 #include <sys/bus.h>
110 #include <sys/module.h>
111 #include <sys/lock.h>
112 #include <sys/mutex.h>
113 #include <sys/condvar.h>
114 #include <sys/sysctl.h>
115 #include <sys/sx.h>
116 #include <sys/unistd.h>
117 #include <sys/callout.h>
118 #include <sys/malloc.h>
119 #include <sys/priv.h>
120
121 #include <dev/usb/usb.h>
122 #include <dev/usb/usbdi.h>
123 #include <dev/usb/usbdi_util.h>
124 #include "usbdevs.h"
125
126 #include <dev/usb/quirk/usb_quirk.h>
127
128 #include <cam/cam.h>
129 #include <cam/cam_ccb.h>
130 #include <cam/cam_sim.h>
131 #include <cam/cam_xpt_sim.h>
132 #include <cam/scsi/scsi_all.h>
133 #include <cam/scsi/scsi_da.h>
134
135 #include <cam/cam_periph.h>
136
137 #ifdef USB_DEBUG
138 #define DIF(m, x) \
139 do { \
140 if (umass_debug & (m)) { x ; } \
141 } while (0)
142
143 #define DPRINTF(sc, m, fmt, ...) \
144 do { \
145 if (umass_debug & (m)) { \
146 printf("%s:%s: " fmt, \
147 (sc) ? (const char *)(sc)->sc_name : \
148 (const char *)"umassX", \
149 __FUNCTION__ ,## __VA_ARGS__); \
150 } \
151 } while (0)
152
153 #define UDMASS_GEN 0x00010000 /* general */
154 #define UDMASS_SCSI 0x00020000 /* scsi */
155 #define UDMASS_UFI 0x00040000 /* ufi command set */
156 #define UDMASS_ATAPI 0x00080000 /* 8070i command set */
157 #define UDMASS_CMD (UDMASS_SCSI|UDMASS_UFI|UDMASS_ATAPI)
158 #define UDMASS_USB 0x00100000 /* USB general */
159 #define UDMASS_BBB 0x00200000 /* Bulk-Only transfers */
160 #define UDMASS_CBI 0x00400000 /* CBI transfers */
161 #define UDMASS_WIRE (UDMASS_BBB|UDMASS_CBI)
162 #define UDMASS_ALL 0xffff0000 /* all of the above */
163 static int umass_debug;
164 static int umass_throttle;
165
166 static SYSCTL_NODE(_hw_usb, OID_AUTO, umass, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
167 "USB umass");
168 SYSCTL_INT(_hw_usb_umass, OID_AUTO, debug, CTLFLAG_RWTUN,
169 &umass_debug, 0, "umass debug level");
170 SYSCTL_INT(_hw_usb_umass, OID_AUTO, throttle, CTLFLAG_RWTUN,
171 &umass_throttle, 0, "Forced delay between commands in milliseconds");
172 #else
173 #define DIF(...) do { } while (0)
174 #define DPRINTF(...) do { } while (0)
175 #endif
176
177 #define UMASS_BULK_SIZE (1 << 17)
178 #define UMASS_CBI_DIAGNOSTIC_CMDLEN 12 /* bytes */
179 #define UMASS_MAX_CMDLEN MAX(12, CAM_MAX_CDBLEN) /* bytes */
180
181 /* USB transfer definitions */
182
183 #define UMASS_T_BBB_RESET1 0 /* Bulk-Only */
184 #define UMASS_T_BBB_RESET2 1
185 #define UMASS_T_BBB_RESET3 2
186 #define UMASS_T_BBB_COMMAND 3
187 #define UMASS_T_BBB_DATA_READ 4
188 #define UMASS_T_BBB_DATA_RD_CS 5
189 #define UMASS_T_BBB_DATA_WRITE 6
190 #define UMASS_T_BBB_DATA_WR_CS 7
191 #define UMASS_T_BBB_STATUS 8
192 #define UMASS_T_BBB_MAX 9
193
194 #define UMASS_T_CBI_RESET1 0 /* CBI */
195 #define UMASS_T_CBI_RESET2 1
196 #define UMASS_T_CBI_RESET3 2
197 #define UMASS_T_CBI_COMMAND 3
198 #define UMASS_T_CBI_DATA_READ 4
199 #define UMASS_T_CBI_DATA_RD_CS 5
200 #define UMASS_T_CBI_DATA_WRITE 6
201 #define UMASS_T_CBI_DATA_WR_CS 7
202 #define UMASS_T_CBI_STATUS 8
203 #define UMASS_T_CBI_RESET4 9
204 #define UMASS_T_CBI_MAX 10
205
206 #define UMASS_T_MAX MAX(UMASS_T_CBI_MAX, UMASS_T_BBB_MAX)
207
208 /* Generic definitions */
209
210 /* Direction for transfer */
211 #define DIR_NONE 0
212 #define DIR_IN 1
213 #define DIR_OUT 2
214
215 /* device name */
216 #define DEVNAME "umass"
217 #define DEVNAME_SIM "umass-sim"
218
219 /* Approximate maximum transfer speeds (assumes 33% overhead). */
220 #define UMASS_FULL_TRANSFER_SPEED 1000
221 #define UMASS_HIGH_TRANSFER_SPEED 40000
222 #define UMASS_SUPER_TRANSFER_SPEED 400000
223 #define UMASS_FLOPPY_TRANSFER_SPEED 20
224
225 #define UMASS_TIMEOUT 5000 /* ms */
226
227 /* CAM specific definitions */
228
229 #define UMASS_SCSIID_MAX 1 /* maximum number of drives expected */
230 #define UMASS_SCSIID_HOST UMASS_SCSIID_MAX
231
232 /* Bulk-Only features */
233
234 #define UR_BBB_RESET 0xff /* Bulk-Only reset */
235 #define UR_BBB_GET_MAX_LUN 0xfe /* Get maximum lun */
236
237 /* Command Block Wrapper */
238 typedef struct {
239 uDWord dCBWSignature;
240 #define CBWSIGNATURE 0x43425355
241 uDWord dCBWTag;
242 uDWord dCBWDataTransferLength;
243 uByte bCBWFlags;
244 #define CBWFLAGS_OUT 0x00
245 #define CBWFLAGS_IN 0x80
246 uByte bCBWLUN;
247 uByte bCDBLength;
248 #define CBWCDBLENGTH 16
249 uByte CBWCDB[CBWCDBLENGTH];
250 } __packed umass_bbb_cbw_t;
251
252 #define UMASS_BBB_CBW_SIZE 31
253
254 /* Command Status Wrapper */
255 typedef struct {
256 uDWord dCSWSignature;
257 #define CSWSIGNATURE 0x53425355
258 #define CSWSIGNATURE_IMAGINATION_DBX1 0x43425355
259 #define CSWSIGNATURE_OLYMPUS_C1 0x55425355
260 uDWord dCSWTag;
261 uDWord dCSWDataResidue;
262 uByte bCSWStatus;
263 #define CSWSTATUS_GOOD 0x0
264 #define CSWSTATUS_FAILED 0x1
265 #define CSWSTATUS_PHASE 0x2
266 } __packed umass_bbb_csw_t;
267
268 #define UMASS_BBB_CSW_SIZE 13
269
270 /* CBI features */
271
272 #define UR_CBI_ADSC 0x00
273
274 typedef union {
275 struct {
276 uint8_t type;
277 #define IDB_TYPE_CCI 0x00
278 uint8_t value;
279 #define IDB_VALUE_PASS 0x00
280 #define IDB_VALUE_FAIL 0x01
281 #define IDB_VALUE_PHASE 0x02
282 #define IDB_VALUE_PERSISTENT 0x03
283 #define IDB_VALUE_STATUS_MASK 0x03
284 } __packed common;
285
286 struct {
287 uint8_t asc;
288 uint8_t ascq;
289 } __packed ufi;
290 } __packed umass_cbi_sbl_t;
291
292 struct umass_softc; /* see below */
293
294 typedef void (umass_callback_t)(struct umass_softc *sc, union ccb *ccb,
295 uint32_t residue, uint8_t status);
296
297 #define STATUS_CMD_OK 0 /* everything ok */
298 #define STATUS_CMD_UNKNOWN 1 /* will have to fetch sense */
299 #define STATUS_CMD_FAILED 2 /* transfer was ok, command failed */
300 #define STATUS_WIRE_FAILED 3 /* couldn't even get command across */
301
302 typedef uint8_t (umass_transform_t)(struct umass_softc *sc, uint8_t *cmd_ptr,
303 uint8_t cmd_len);
304
305 /* Wire and command protocol */
306 #define UMASS_PROTO_BBB 0x0001 /* USB wire protocol */
307 #define UMASS_PROTO_CBI 0x0002
308 #define UMASS_PROTO_CBI_I 0x0004
309 #define UMASS_PROTO_WIRE 0x00ff /* USB wire protocol mask */
310 #define UMASS_PROTO_SCSI 0x0100 /* command protocol */
311 #define UMASS_PROTO_ATAPI 0x0200
312 #define UMASS_PROTO_UFI 0x0400
313 #define UMASS_PROTO_RBC 0x0800
314 #define UMASS_PROTO_COMMAND 0xff00 /* command protocol mask */
315
316 /* Device specific quirks */
317 #define NO_QUIRKS 0x0000
318 /*
319 * The drive does not support Test Unit Ready. Convert to Start Unit
320 */
321 #define NO_TEST_UNIT_READY 0x0001
322 /*
323 * The drive does not reset the Unit Attention state after REQUEST
324 * SENSE has been sent. The INQUIRY command does not reset the UA
325 * either, and so CAM runs in circles trying to retrieve the initial
326 * INQUIRY data.
327 */
328 #define RS_NO_CLEAR_UA 0x0002
329 /* The drive does not support START STOP. */
330 #define NO_START_STOP 0x0004
331 /* Don't ask for full inquiry data (255b). */
332 #define FORCE_SHORT_INQUIRY 0x0008
333 /* Needs to be initialised the Shuttle way */
334 #define SHUTTLE_INIT 0x0010
335 /* Drive needs to be switched to alternate iface 1 */
336 #define ALT_IFACE_1 0x0020
337 /* Drive does not do 1Mb/s, but just floppy speeds (20kb/s) */
338 #define FLOPPY_SPEED 0x0040
339 /* The device can't count and gets the residue of transfers wrong */
340 #define IGNORE_RESIDUE 0x0080
341 /* No GetMaxLun call */
342 #define NO_GETMAXLUN 0x0100
343 /* The device uses a weird CSWSIGNATURE. */
344 #define WRONG_CSWSIG 0x0200
345 /* Device cannot handle INQUIRY so fake a generic response */
346 #define NO_INQUIRY 0x0400
347 /* Device cannot handle INQUIRY EVPD, return CHECK CONDITION */
348 #define NO_INQUIRY_EVPD 0x0800
349 /* Pad all RBC requests to 12 bytes. */
350 #define RBC_PAD_TO_12 0x1000
351 /*
352 * Device reports number of sectors from READ_CAPACITY, not max
353 * sector number.
354 */
355 #define READ_CAPACITY_OFFBY1 0x2000
356 /*
357 * Device cannot handle a SCSI synchronize cache command. Normally
358 * this quirk would be handled in the cam layer, but for IDE bridges
359 * we need to associate the quirk with the bridge and not the
360 * underlying disk device. This is handled by faking a success
361 * result.
362 */
363 #define NO_SYNCHRONIZE_CACHE 0x4000
364 /* Device does not support 'PREVENT/ALLOW MEDIUM REMOVAL'. */
365 #define NO_PREVENT_ALLOW 0x8000
366
367 #define UMASS_QUIRKS_STRING \
368 "\020" \
369 "\001NO_TEST_UNIT_READY" \
370 "\002RS_NO_CLEAR_UA" \
371 "\003NO_START_STOP" \
372 "\004FORCE_SHORT_INQUIRY" \
373 "\005SHUTTLE_INIT" \
374 "\006ALT_IFACE_1" \
375 "\007FLOPPY_SPEED" \
376 "\010IGNORE_RESIDUE" \
377 "\011NO_GETMAXLUN" \
378 "\012WRONG_CSWSIG" \
379 "\013NO_INQUIRY" \
380 "\014NO_INQUIRY_EVPD" \
381 "\015RBC_PAD_TO_12" \
382 "\016READ_CAPACITY_OFFBY1" \
383 "\017NO_SYNCHRONIZE_CACHE" \
384 "\020NO_PREVENT_ALLOW" \
385
386
387 struct umass_softc {
388 struct scsi_sense cam_scsi_sense;
389 struct scsi_test_unit_ready cam_scsi_test_unit_ready;
390 struct mtx sc_mtx;
391 struct {
392 uint8_t *data_ptr;
393 union ccb *ccb;
394 umass_callback_t *callback;
395
396 uint32_t data_len; /* bytes */
397 uint32_t data_rem; /* bytes */
398 uint32_t data_timeout; /* ms */
399 uint32_t actlen; /* bytes */
400
401 uint8_t cmd_data[UMASS_MAX_CMDLEN];
402 uint8_t cmd_len; /* bytes */
403 uint8_t dir;
404 uint8_t lun;
405 } sc_transfer;
406
407 /* Bulk specific variables for transfers in progress */
408 umass_bbb_cbw_t cbw; /* command block wrapper */
409 umass_bbb_csw_t csw; /* command status wrapper */
410
411 /* CBI specific variables for transfers in progress */
412 umass_cbi_sbl_t sbl; /* status block */
413
414 device_t sc_dev;
415 struct usb_device *sc_udev;
416 struct cam_sim *sc_sim; /* SCSI Interface Module */
417 struct usb_xfer *sc_xfer[UMASS_T_MAX];
418
419 /*
420 * The command transform function is used to convert the SCSI
421 * commands into their derivatives, like UFI, ATAPI, and friends.
422 */
423 umass_transform_t *sc_transform;
424
425 uint32_t sc_unit;
426 uint32_t sc_quirks; /* they got it almost right */
427 uint32_t sc_proto; /* wire and cmd protocol */
428
429 uint8_t sc_name[16];
430 uint8_t sc_iface_no; /* interface number */
431 uint8_t sc_maxlun; /* maximum LUN number, inclusive */
432 uint8_t sc_last_xfer_index;
433 uint8_t sc_status_try;
434 };
435
436 struct umass_probe_proto {
437 uint32_t quirks;
438 uint32_t proto;
439
440 int error;
441 };
442
443 /* prototypes */
444
445 static device_probe_t umass_probe;
446 static device_attach_t umass_attach;
447 static device_detach_t umass_detach;
448
449 static usb_callback_t umass_tr_error;
450 static usb_callback_t umass_t_bbb_reset1_callback;
451 static usb_callback_t umass_t_bbb_reset2_callback;
452 static usb_callback_t umass_t_bbb_reset3_callback;
453 static usb_callback_t umass_t_bbb_command_callback;
454 static usb_callback_t umass_t_bbb_data_read_callback;
455 static usb_callback_t umass_t_bbb_data_rd_cs_callback;
456 static usb_callback_t umass_t_bbb_data_write_callback;
457 static usb_callback_t umass_t_bbb_data_wr_cs_callback;
458 static usb_callback_t umass_t_bbb_status_callback;
459 static usb_callback_t umass_t_cbi_reset1_callback;
460 static usb_callback_t umass_t_cbi_reset2_callback;
461 static usb_callback_t umass_t_cbi_reset3_callback;
462 static usb_callback_t umass_t_cbi_reset4_callback;
463 static usb_callback_t umass_t_cbi_command_callback;
464 static usb_callback_t umass_t_cbi_data_read_callback;
465 static usb_callback_t umass_t_cbi_data_rd_cs_callback;
466 static usb_callback_t umass_t_cbi_data_write_callback;
467 static usb_callback_t umass_t_cbi_data_wr_cs_callback;
468 static usb_callback_t umass_t_cbi_status_callback;
469
470 static void umass_cancel_ccb(struct umass_softc *);
471 static void umass_init_shuttle(struct umass_softc *);
472 static void umass_reset(struct umass_softc *);
473 static void umass_t_bbb_data_clear_stall_callback(struct usb_xfer *,
474 uint8_t, uint8_t, usb_error_t);
475 static void umass_command_start(struct umass_softc *, uint8_t, void *,
476 uint32_t, uint32_t, umass_callback_t *, union ccb *);
477 static uint8_t umass_bbb_get_max_lun(struct umass_softc *);
478 static void umass_cbi_start_status(struct umass_softc *);
479 static void umass_t_cbi_data_clear_stall_callback(struct usb_xfer *,
480 uint8_t, uint8_t, usb_error_t);
481 static int umass_cam_attach_sim(struct umass_softc *);
482 static void umass_cam_attach(struct umass_softc *);
483 static void umass_cam_detach_sim(struct umass_softc *);
484 static void umass_cam_action(struct cam_sim *, union ccb *);
485 static void umass_cam_poll(struct cam_sim *);
486 static void umass_cam_cb(struct umass_softc *, union ccb *, uint32_t,
487 uint8_t);
488 static void umass_cam_sense_cb(struct umass_softc *, union ccb *, uint32_t,
489 uint8_t);
490 static void umass_cam_quirk_cb(struct umass_softc *, union ccb *, uint32_t,
491 uint8_t);
492 static uint8_t umass_scsi_transform(struct umass_softc *, uint8_t *, uint8_t);
493 static uint8_t umass_rbc_transform(struct umass_softc *, uint8_t *, uint8_t);
494 static uint8_t umass_ufi_transform(struct umass_softc *, uint8_t *, uint8_t);
495 static uint8_t umass_atapi_transform(struct umass_softc *, uint8_t *,
496 uint8_t);
497 static uint8_t umass_no_transform(struct umass_softc *, uint8_t *, uint8_t);
498 static uint8_t umass_std_transform(struct umass_softc *, union ccb *, uint8_t
499 *, uint8_t);
500
501 #ifdef USB_DEBUG
502 static void umass_bbb_dump_cbw(struct umass_softc *, umass_bbb_cbw_t *);
503 static void umass_bbb_dump_csw(struct umass_softc *, umass_bbb_csw_t *);
504 static void umass_cbi_dump_cmd(struct umass_softc *, void *, uint8_t);
505 static void umass_dump_buffer(struct umass_softc *, uint8_t *, uint32_t,
506 uint32_t);
507 #endif
508
509 static struct usb_config umass_bbb_config[UMASS_T_BBB_MAX] = {
510 [UMASS_T_BBB_RESET1] = {
511 .type = UE_CONTROL,
512 .endpoint = 0x00, /* Control pipe */
513 .direction = UE_DIR_ANY,
514 .bufsize = sizeof(struct usb_device_request),
515 .callback = &umass_t_bbb_reset1_callback,
516 .timeout = 5000, /* 5 seconds */
517 .interval = 500, /* 500 milliseconds */
518 },
519
520 [UMASS_T_BBB_RESET2] = {
521 .type = UE_CONTROL,
522 .endpoint = 0x00, /* Control pipe */
523 .direction = UE_DIR_ANY,
524 .bufsize = sizeof(struct usb_device_request),
525 .callback = &umass_t_bbb_reset2_callback,
526 .timeout = 5000, /* 5 seconds */
527 .interval = 50, /* 50 milliseconds */
528 },
529
530 [UMASS_T_BBB_RESET3] = {
531 .type = UE_CONTROL,
532 .endpoint = 0x00, /* Control pipe */
533 .direction = UE_DIR_ANY,
534 .bufsize = sizeof(struct usb_device_request),
535 .callback = &umass_t_bbb_reset3_callback,
536 .timeout = 5000, /* 5 seconds */
537 .interval = 50, /* 50 milliseconds */
538 },
539
540 [UMASS_T_BBB_COMMAND] = {
541 .type = UE_BULK,
542 .endpoint = UE_ADDR_ANY,
543 .direction = UE_DIR_OUT,
544 .bufsize = sizeof(umass_bbb_cbw_t),
545 .callback = &umass_t_bbb_command_callback,
546 .timeout = 5000, /* 5 seconds */
547 },
548
549 [UMASS_T_BBB_DATA_READ] = {
550 .type = UE_BULK,
551 .endpoint = UE_ADDR_ANY,
552 .direction = UE_DIR_IN,
553 .bufsize = UMASS_BULK_SIZE,
554 .flags = {.proxy_buffer = 1,.short_xfer_ok = 1,.ext_buffer=1,},
555 .callback = &umass_t_bbb_data_read_callback,
556 .timeout = 0, /* overwritten later */
557 },
558
559 [UMASS_T_BBB_DATA_RD_CS] = {
560 .type = UE_CONTROL,
561 .endpoint = 0x00, /* Control pipe */
562 .direction = UE_DIR_ANY,
563 .bufsize = sizeof(struct usb_device_request),
564 .callback = &umass_t_bbb_data_rd_cs_callback,
565 .timeout = 5000, /* 5 seconds */
566 },
567
568 [UMASS_T_BBB_DATA_WRITE] = {
569 .type = UE_BULK,
570 .endpoint = UE_ADDR_ANY,
571 .direction = UE_DIR_OUT,
572 .bufsize = UMASS_BULK_SIZE,
573 .flags = {.proxy_buffer = 1,.short_xfer_ok = 1,.ext_buffer=1,},
574 .callback = &umass_t_bbb_data_write_callback,
575 .timeout = 0, /* overwritten later */
576 },
577
578 [UMASS_T_BBB_DATA_WR_CS] = {
579 .type = UE_CONTROL,
580 .endpoint = 0x00, /* Control pipe */
581 .direction = UE_DIR_ANY,
582 .bufsize = sizeof(struct usb_device_request),
583 .callback = &umass_t_bbb_data_wr_cs_callback,
584 .timeout = 5000, /* 5 seconds */
585 },
586
587 [UMASS_T_BBB_STATUS] = {
588 .type = UE_BULK,
589 .endpoint = UE_ADDR_ANY,
590 .direction = UE_DIR_IN,
591 .bufsize = sizeof(umass_bbb_csw_t),
592 .flags = {.short_xfer_ok = 1,},
593 .callback = &umass_t_bbb_status_callback,
594 .timeout = 5000, /* ms */
595 },
596 };
597
598 static struct usb_config umass_cbi_config[UMASS_T_CBI_MAX] = {
599 [UMASS_T_CBI_RESET1] = {
600 .type = UE_CONTROL,
601 .endpoint = 0x00, /* Control pipe */
602 .direction = UE_DIR_ANY,
603 .bufsize = (sizeof(struct usb_device_request) +
604 UMASS_CBI_DIAGNOSTIC_CMDLEN),
605 .callback = &umass_t_cbi_reset1_callback,
606 .timeout = 5000, /* 5 seconds */
607 .interval = 500, /* 500 milliseconds */
608 },
609
610 [UMASS_T_CBI_RESET2] = {
611 .type = UE_CONTROL,
612 .endpoint = 0x00, /* Control pipe */
613 .direction = UE_DIR_ANY,
614 .bufsize = sizeof(struct usb_device_request),
615 .callback = &umass_t_cbi_reset2_callback,
616 .timeout = 5000, /* 5 seconds */
617 .interval = 50, /* 50 milliseconds */
618 },
619
620 [UMASS_T_CBI_RESET3] = {
621 .type = UE_CONTROL,
622 .endpoint = 0x00, /* Control pipe */
623 .direction = UE_DIR_ANY,
624 .bufsize = sizeof(struct usb_device_request),
625 .callback = &umass_t_cbi_reset3_callback,
626 .timeout = 5000, /* 5 seconds */
627 .interval = 50, /* 50 milliseconds */
628 },
629
630 [UMASS_T_CBI_COMMAND] = {
631 .type = UE_CONTROL,
632 .endpoint = 0x00, /* Control pipe */
633 .direction = UE_DIR_ANY,
634 .bufsize = (sizeof(struct usb_device_request) +
635 UMASS_MAX_CMDLEN),
636 .callback = &umass_t_cbi_command_callback,
637 .timeout = 5000, /* 5 seconds */
638 },
639
640 [UMASS_T_CBI_DATA_READ] = {
641 .type = UE_BULK,
642 .endpoint = UE_ADDR_ANY,
643 .direction = UE_DIR_IN,
644 .bufsize = UMASS_BULK_SIZE,
645 .flags = {.proxy_buffer = 1,.short_xfer_ok = 1,.ext_buffer=1,},
646 .callback = &umass_t_cbi_data_read_callback,
647 .timeout = 0, /* overwritten later */
648 },
649
650 [UMASS_T_CBI_DATA_RD_CS] = {
651 .type = UE_CONTROL,
652 .endpoint = 0x00, /* Control pipe */
653 .direction = UE_DIR_ANY,
654 .bufsize = sizeof(struct usb_device_request),
655 .callback = &umass_t_cbi_data_rd_cs_callback,
656 .timeout = 5000, /* 5 seconds */
657 },
658
659 [UMASS_T_CBI_DATA_WRITE] = {
660 .type = UE_BULK,
661 .endpoint = UE_ADDR_ANY,
662 .direction = UE_DIR_OUT,
663 .bufsize = UMASS_BULK_SIZE,
664 .flags = {.proxy_buffer = 1,.short_xfer_ok = 1,.ext_buffer=1,},
665 .callback = &umass_t_cbi_data_write_callback,
666 .timeout = 0, /* overwritten later */
667 },
668
669 [UMASS_T_CBI_DATA_WR_CS] = {
670 .type = UE_CONTROL,
671 .endpoint = 0x00, /* Control pipe */
672 .direction = UE_DIR_ANY,
673 .bufsize = sizeof(struct usb_device_request),
674 .callback = &umass_t_cbi_data_wr_cs_callback,
675 .timeout = 5000, /* 5 seconds */
676 },
677
678 [UMASS_T_CBI_STATUS] = {
679 .type = UE_INTERRUPT,
680 .endpoint = UE_ADDR_ANY,
681 .direction = UE_DIR_IN,
682 .flags = {.short_xfer_ok = 1,.no_pipe_ok = 1,},
683 .bufsize = sizeof(umass_cbi_sbl_t),
684 .callback = &umass_t_cbi_status_callback,
685 .timeout = 5000, /* ms */
686 },
687
688 [UMASS_T_CBI_RESET4] = {
689 .type = UE_CONTROL,
690 .endpoint = 0x00, /* Control pipe */
691 .direction = UE_DIR_ANY,
692 .bufsize = sizeof(struct usb_device_request),
693 .callback = &umass_t_cbi_reset4_callback,
694 .timeout = 5000, /* ms */
695 },
696 };
697
698 /* If device cannot return valid inquiry data, fake it */
699 static const uint8_t fake_inq_data[SHORT_INQUIRY_LENGTH] = {
700 0, /* removable */ 0x80, SCSI_REV_2, SCSI_REV_2,
701 /* additional_length */ 31, 0, 0, 0
702 };
703
704 #define UFI_COMMAND_LENGTH 12 /* UFI commands are always 12 bytes */
705 #define ATAPI_COMMAND_LENGTH 12 /* ATAPI commands are always 12 bytes */
706
707 static device_method_t umass_methods[] = {
708 /* Device interface */
709 DEVMETHOD(device_probe, umass_probe),
710 DEVMETHOD(device_attach, umass_attach),
711 DEVMETHOD(device_detach, umass_detach),
712
713 DEVMETHOD_END
714 };
715
716 static driver_t umass_driver = {
717 .name = "umass",
718 .methods = umass_methods,
719 .size = sizeof(struct umass_softc),
720 };
721
722 static const STRUCT_USB_HOST_ID __used umass_devs[] = {
723 /* generic mass storage class */
724 {USB_IFACE_CLASS(UICLASS_MASS),},
725 };
726
727 DRIVER_MODULE(umass, uhub, umass_driver, NULL, NULL);
728 MODULE_DEPEND(umass, usb, 1, 1, 1);
729 MODULE_DEPEND(umass, cam, 1, 1, 1);
730 MODULE_VERSION(umass, 1);
731 USB_PNP_HOST_INFO(umass_devs);
732
733 /*
734 * USB device probe/attach/detach
735 */
736
737 static uint16_t
umass_get_proto(struct usb_interface * iface)738 umass_get_proto(struct usb_interface *iface)
739 {
740 struct usb_interface_descriptor *id;
741 uint16_t retval;
742
743 retval = 0;
744
745 /* Check for a standards compliant device */
746 id = usbd_get_interface_descriptor(iface);
747 if ((id == NULL) ||
748 (id->bInterfaceClass != UICLASS_MASS)) {
749 goto done;
750 }
751 switch (id->bInterfaceSubClass) {
752 case UISUBCLASS_SCSI:
753 retval |= UMASS_PROTO_SCSI;
754 break;
755 case UISUBCLASS_UFI:
756 retval |= UMASS_PROTO_UFI;
757 break;
758 case UISUBCLASS_RBC:
759 retval |= UMASS_PROTO_RBC;
760 break;
761 case UISUBCLASS_SFF8020I:
762 case UISUBCLASS_SFF8070I:
763 retval |= UMASS_PROTO_ATAPI;
764 break;
765 default:
766 goto done;
767 }
768
769 switch (id->bInterfaceProtocol) {
770 case UIPROTO_MASS_CBI:
771 retval |= UMASS_PROTO_CBI;
772 break;
773 case UIPROTO_MASS_CBI_I:
774 retval |= UMASS_PROTO_CBI_I;
775 break;
776 case UIPROTO_MASS_BBB_OLD:
777 case UIPROTO_MASS_BBB:
778 retval |= UMASS_PROTO_BBB;
779 break;
780 default:
781 goto done;
782 }
783 done:
784 return (retval);
785 }
786
787 /*
788 * Match the device we are seeing with the devices supported.
789 */
790 static struct umass_probe_proto
umass_probe_proto(device_t dev,struct usb_attach_arg * uaa)791 umass_probe_proto(device_t dev, struct usb_attach_arg *uaa)
792 {
793 struct umass_probe_proto ret;
794 uint32_t quirks = NO_QUIRKS;
795 uint32_t proto = umass_get_proto(uaa->iface);
796
797 memset(&ret, 0, sizeof(ret));
798 ret.error = BUS_PROBE_GENERIC;
799
800 /* Check if we should deny probing. */
801 if (usb_test_quirk(uaa, UQ_MSC_IGNORE)) {
802 ret.error = ENXIO;
803 goto done;
804 }
805
806 /* Search for protocol enforcement */
807
808 if (usb_test_quirk(uaa, UQ_MSC_FORCE_WIRE_BBB)) {
809 proto &= ~UMASS_PROTO_WIRE;
810 proto |= UMASS_PROTO_BBB;
811 } else if (usb_test_quirk(uaa, UQ_MSC_FORCE_WIRE_CBI)) {
812 proto &= ~UMASS_PROTO_WIRE;
813 proto |= UMASS_PROTO_CBI;
814 } else if (usb_test_quirk(uaa, UQ_MSC_FORCE_WIRE_CBI_I)) {
815 proto &= ~UMASS_PROTO_WIRE;
816 proto |= UMASS_PROTO_CBI_I;
817 }
818
819 if (usb_test_quirk(uaa, UQ_MSC_FORCE_PROTO_SCSI)) {
820 proto &= ~UMASS_PROTO_COMMAND;
821 proto |= UMASS_PROTO_SCSI;
822 } else if (usb_test_quirk(uaa, UQ_MSC_FORCE_PROTO_ATAPI)) {
823 proto &= ~UMASS_PROTO_COMMAND;
824 proto |= UMASS_PROTO_ATAPI;
825 } else if (usb_test_quirk(uaa, UQ_MSC_FORCE_PROTO_UFI)) {
826 proto &= ~UMASS_PROTO_COMMAND;
827 proto |= UMASS_PROTO_UFI;
828 } else if (usb_test_quirk(uaa, UQ_MSC_FORCE_PROTO_RBC)) {
829 proto &= ~UMASS_PROTO_COMMAND;
830 proto |= UMASS_PROTO_RBC;
831 }
832
833 /* Check if the protocol is invalid */
834
835 if ((proto & UMASS_PROTO_COMMAND) == 0) {
836 ret.error = ENXIO;
837 goto done;
838 }
839
840 if ((proto & UMASS_PROTO_WIRE) == 0) {
841 ret.error = ENXIO;
842 goto done;
843 }
844
845 /* Search for quirks */
846
847 if (usb_test_quirk(uaa, UQ_MSC_NO_TEST_UNIT_READY))
848 quirks |= NO_TEST_UNIT_READY;
849 if (usb_test_quirk(uaa, UQ_MSC_NO_RS_CLEAR_UA))
850 quirks |= RS_NO_CLEAR_UA;
851 if (usb_test_quirk(uaa, UQ_MSC_NO_START_STOP))
852 quirks |= NO_START_STOP;
853 if (usb_test_quirk(uaa, UQ_MSC_NO_GETMAXLUN))
854 quirks |= NO_GETMAXLUN;
855 if (usb_test_quirk(uaa, UQ_MSC_NO_INQUIRY))
856 quirks |= NO_INQUIRY;
857 if (usb_test_quirk(uaa, UQ_MSC_NO_INQUIRY_EVPD))
858 quirks |= NO_INQUIRY_EVPD;
859 if (usb_test_quirk(uaa, UQ_MSC_NO_PREVENT_ALLOW))
860 quirks |= NO_PREVENT_ALLOW;
861 if (usb_test_quirk(uaa, UQ_MSC_NO_SYNC_CACHE))
862 quirks |= NO_SYNCHRONIZE_CACHE;
863 if (usb_test_quirk(uaa, UQ_MSC_SHUTTLE_INIT))
864 quirks |= SHUTTLE_INIT;
865 if (usb_test_quirk(uaa, UQ_MSC_ALT_IFACE_1))
866 quirks |= ALT_IFACE_1;
867 if (usb_test_quirk(uaa, UQ_MSC_FLOPPY_SPEED))
868 quirks |= FLOPPY_SPEED;
869 if (usb_test_quirk(uaa, UQ_MSC_IGNORE_RESIDUE))
870 quirks |= IGNORE_RESIDUE;
871 if (usb_test_quirk(uaa, UQ_MSC_WRONG_CSWSIG))
872 quirks |= WRONG_CSWSIG;
873 if (usb_test_quirk(uaa, UQ_MSC_RBC_PAD_TO_12))
874 quirks |= RBC_PAD_TO_12;
875 if (usb_test_quirk(uaa, UQ_MSC_READ_CAP_OFFBY1))
876 quirks |= READ_CAPACITY_OFFBY1;
877 if (usb_test_quirk(uaa, UQ_MSC_FORCE_SHORT_INQ))
878 quirks |= FORCE_SHORT_INQUIRY;
879
880 done:
881 ret.quirks = quirks;
882 ret.proto = proto;
883 return (ret);
884 }
885
886 static int
umass_probe(device_t dev)887 umass_probe(device_t dev)
888 {
889 struct usb_attach_arg *uaa = device_get_ivars(dev);
890 struct umass_probe_proto temp;
891
892 if (uaa->usb_mode != USB_MODE_HOST) {
893 return (ENXIO);
894 }
895 temp = umass_probe_proto(dev, uaa);
896
897 return (temp.error);
898 }
899
900 static int
umass_attach(device_t dev)901 umass_attach(device_t dev)
902 {
903 struct umass_softc *sc = device_get_softc(dev);
904 struct usb_attach_arg *uaa = device_get_ivars(dev);
905 struct umass_probe_proto temp = umass_probe_proto(dev, uaa);
906 struct usb_interface_descriptor *id;
907 int err;
908
909 /*
910 * NOTE: the softc struct is cleared in device_set_driver.
911 * We can safely call umass_detach without specifically
912 * initializing the struct.
913 */
914
915 sc->sc_dev = dev;
916 sc->sc_udev = uaa->device;
917 sc->sc_proto = temp.proto;
918 sc->sc_quirks = temp.quirks;
919 sc->sc_unit = device_get_unit(dev);
920
921 snprintf(sc->sc_name, sizeof(sc->sc_name),
922 "%s", device_get_nameunit(dev));
923
924 device_set_usb_desc(dev);
925
926 mtx_init(&sc->sc_mtx, device_get_nameunit(dev),
927 NULL, MTX_DEF | MTX_RECURSE);
928
929 /* get interface index */
930
931 id = usbd_get_interface_descriptor(uaa->iface);
932 if (id == NULL) {
933 device_printf(dev, "failed to get "
934 "interface number\n");
935 goto detach;
936 }
937 sc->sc_iface_no = id->bInterfaceNumber;
938
939 #ifdef USB_DEBUG
940 device_printf(dev, " ");
941
942 switch (sc->sc_proto & UMASS_PROTO_COMMAND) {
943 case UMASS_PROTO_SCSI:
944 printf("SCSI");
945 break;
946 case UMASS_PROTO_ATAPI:
947 printf("8070i (ATAPI)");
948 break;
949 case UMASS_PROTO_UFI:
950 printf("UFI");
951 break;
952 case UMASS_PROTO_RBC:
953 printf("RBC");
954 break;
955 default:
956 printf("(unknown 0x%02x)",
957 sc->sc_proto & UMASS_PROTO_COMMAND);
958 break;
959 }
960
961 printf(" over ");
962
963 switch (sc->sc_proto & UMASS_PROTO_WIRE) {
964 case UMASS_PROTO_BBB:
965 printf("Bulk-Only");
966 break;
967 case UMASS_PROTO_CBI: /* uses Comand/Bulk pipes */
968 printf("CBI");
969 break;
970 case UMASS_PROTO_CBI_I: /* uses Comand/Bulk/Interrupt pipes */
971 printf("CBI with CCI");
972 break;
973 default:
974 printf("(unknown 0x%02x)",
975 sc->sc_proto & UMASS_PROTO_WIRE);
976 }
977
978 printf("; quirks = 0x%b\n", sc->sc_quirks, UMASS_QUIRKS_STRING);
979 #endif
980
981 if (sc->sc_quirks & ALT_IFACE_1) {
982 err = usbd_set_alt_interface_index
983 (uaa->device, uaa->info.bIfaceIndex, 1);
984
985 if (err) {
986 DPRINTF(sc, UDMASS_USB, "could not switch to "
987 "Alt Interface 1\n");
988 goto detach;
989 }
990 }
991 /* allocate all required USB transfers */
992
993 if (sc->sc_proto & UMASS_PROTO_BBB) {
994 err = usbd_transfer_setup(uaa->device,
995 &uaa->info.bIfaceIndex, sc->sc_xfer, umass_bbb_config,
996 UMASS_T_BBB_MAX, sc, &sc->sc_mtx);
997
998 /* skip reset first time */
999 sc->sc_last_xfer_index = UMASS_T_BBB_COMMAND;
1000
1001 } else if (sc->sc_proto & (UMASS_PROTO_CBI | UMASS_PROTO_CBI_I)) {
1002 err = usbd_transfer_setup(uaa->device,
1003 &uaa->info.bIfaceIndex, sc->sc_xfer, umass_cbi_config,
1004 UMASS_T_CBI_MAX, sc, &sc->sc_mtx);
1005
1006 /* skip reset first time */
1007 sc->sc_last_xfer_index = UMASS_T_CBI_COMMAND;
1008
1009 } else {
1010 err = USB_ERR_INVAL;
1011 }
1012
1013 if (err) {
1014 device_printf(dev, "could not setup required "
1015 "transfers, %s\n", usbd_errstr(err));
1016 goto detach;
1017 }
1018 #ifdef USB_DEBUG
1019 if (umass_throttle > 0) {
1020 uint8_t x;
1021 int iv;
1022
1023 iv = umass_throttle;
1024
1025 if (iv < 1)
1026 iv = 1;
1027 else if (iv > 8000)
1028 iv = 8000;
1029
1030 for (x = 0; x != UMASS_T_MAX; x++) {
1031 if (sc->sc_xfer[x] != NULL)
1032 usbd_xfer_set_interval(sc->sc_xfer[x], iv);
1033 }
1034 }
1035 #endif
1036 sc->sc_transform =
1037 (sc->sc_proto & UMASS_PROTO_SCSI) ? &umass_scsi_transform :
1038 (sc->sc_proto & UMASS_PROTO_UFI) ? &umass_ufi_transform :
1039 (sc->sc_proto & UMASS_PROTO_ATAPI) ? &umass_atapi_transform :
1040 (sc->sc_proto & UMASS_PROTO_RBC) ? &umass_rbc_transform :
1041 &umass_no_transform;
1042
1043 /* from here onwards the device can be used. */
1044
1045 if (sc->sc_quirks & SHUTTLE_INIT) {
1046 umass_init_shuttle(sc);
1047 }
1048 /* get the maximum LUN supported by the device */
1049
1050 if (((sc->sc_proto & UMASS_PROTO_WIRE) == UMASS_PROTO_BBB) &&
1051 !(sc->sc_quirks & NO_GETMAXLUN))
1052 sc->sc_maxlun = umass_bbb_get_max_lun(sc);
1053 else
1054 sc->sc_maxlun = 0;
1055
1056 /* Prepare the SCSI command block */
1057 sc->cam_scsi_sense.opcode = REQUEST_SENSE;
1058 sc->cam_scsi_test_unit_ready.opcode = TEST_UNIT_READY;
1059
1060 /* register the SIM */
1061 err = umass_cam_attach_sim(sc);
1062 if (err) {
1063 goto detach;
1064 }
1065 /* scan the SIM */
1066 umass_cam_attach(sc);
1067
1068 DPRINTF(sc, UDMASS_GEN, "Attach finished\n");
1069
1070 return (0); /* success */
1071
1072 detach:
1073 umass_detach(dev);
1074 return (ENXIO); /* failure */
1075 }
1076
1077 static int
umass_detach(device_t dev)1078 umass_detach(device_t dev)
1079 {
1080 struct umass_softc *sc = device_get_softc(dev);
1081
1082 DPRINTF(sc, UDMASS_USB, "\n");
1083
1084 /* teardown our statemachine */
1085
1086 usbd_transfer_unsetup(sc->sc_xfer, UMASS_T_MAX);
1087
1088 mtx_lock(&sc->sc_mtx);
1089
1090 /* cancel any leftover CCB's */
1091
1092 umass_cancel_ccb(sc);
1093
1094 umass_cam_detach_sim(sc);
1095
1096 mtx_unlock(&sc->sc_mtx);
1097
1098 mtx_destroy(&sc->sc_mtx);
1099
1100 return (0); /* success */
1101 }
1102
1103 static void
umass_init_shuttle(struct umass_softc * sc)1104 umass_init_shuttle(struct umass_softc *sc)
1105 {
1106 struct usb_device_request req;
1107 uint8_t status[2] = {0, 0};
1108
1109 /*
1110 * The Linux driver does this, but no one can tell us what the
1111 * command does.
1112 */
1113 req.bmRequestType = UT_READ_VENDOR_DEVICE;
1114 req.bRequest = 1; /* XXX unknown command */
1115 USETW(req.wValue, 0);
1116 req.wIndex[0] = sc->sc_iface_no;
1117 req.wIndex[1] = 0;
1118 USETW(req.wLength, sizeof(status));
1119 usbd_do_request(sc->sc_udev, NULL, &req, &status);
1120
1121 DPRINTF(sc, UDMASS_GEN, "Shuttle init returned 0x%02x%02x\n",
1122 status[0], status[1]);
1123 }
1124
1125 /*
1126 * Generic functions to handle transfers
1127 */
1128
1129 static void
umass_transfer_start(struct umass_softc * sc,uint8_t xfer_index)1130 umass_transfer_start(struct umass_softc *sc, uint8_t xfer_index)
1131 {
1132 DPRINTF(sc, UDMASS_GEN, "transfer index = "
1133 "%d\n", xfer_index);
1134
1135 if (sc->sc_xfer[xfer_index]) {
1136 sc->sc_last_xfer_index = xfer_index;
1137 usbd_transfer_start(sc->sc_xfer[xfer_index]);
1138 } else {
1139 umass_cancel_ccb(sc);
1140 }
1141 }
1142
1143 static void
umass_reset(struct umass_softc * sc)1144 umass_reset(struct umass_softc *sc)
1145 {
1146 DPRINTF(sc, UDMASS_GEN, "resetting device\n");
1147
1148 /*
1149 * stop the last transfer, if not already stopped:
1150 */
1151 usbd_transfer_stop(sc->sc_xfer[sc->sc_last_xfer_index]);
1152 umass_transfer_start(sc, 0);
1153 }
1154
1155 static void
umass_cancel_ccb(struct umass_softc * sc)1156 umass_cancel_ccb(struct umass_softc *sc)
1157 {
1158 union ccb *ccb;
1159
1160 USB_MTX_ASSERT(&sc->sc_mtx, MA_OWNED);
1161
1162 ccb = sc->sc_transfer.ccb;
1163 sc->sc_transfer.ccb = NULL;
1164 sc->sc_last_xfer_index = 0;
1165
1166 if (ccb) {
1167 (sc->sc_transfer.callback)
1168 (sc, ccb, (sc->sc_transfer.data_len -
1169 sc->sc_transfer.actlen), STATUS_WIRE_FAILED);
1170 }
1171 }
1172
1173 static void
umass_tr_error(struct usb_xfer * xfer,usb_error_t error)1174 umass_tr_error(struct usb_xfer *xfer, usb_error_t error)
1175 {
1176 struct umass_softc *sc = usbd_xfer_softc(xfer);
1177
1178 if (error != USB_ERR_CANCELLED) {
1179 DPRINTF(sc, UDMASS_GEN, "transfer error, %s -> "
1180 "reset\n", usbd_errstr(error));
1181 }
1182 umass_cancel_ccb(sc);
1183 }
1184
1185 /*
1186 * BBB protocol specific functions
1187 */
1188
1189 static void
umass_t_bbb_reset1_callback(struct usb_xfer * xfer,usb_error_t error)1190 umass_t_bbb_reset1_callback(struct usb_xfer *xfer, usb_error_t error)
1191 {
1192 struct umass_softc *sc = usbd_xfer_softc(xfer);
1193 struct usb_device_request req;
1194 struct usb_page_cache *pc;
1195
1196 switch (USB_GET_STATE(xfer)) {
1197 case USB_ST_TRANSFERRED:
1198 umass_transfer_start(sc, UMASS_T_BBB_RESET2);
1199 return;
1200
1201 case USB_ST_SETUP:
1202 /*
1203 * Reset recovery (5.3.4 in Universal Serial Bus Mass Storage Class)
1204 *
1205 * For Reset Recovery the host shall issue in the following order:
1206 * a) a Bulk-Only Mass Storage Reset
1207 * b) a Clear Feature HALT to the Bulk-In endpoint
1208 * c) a Clear Feature HALT to the Bulk-Out endpoint
1209 *
1210 * This is done in 3 steps, using 3 transfers:
1211 * UMASS_T_BBB_RESET1
1212 * UMASS_T_BBB_RESET2
1213 * UMASS_T_BBB_RESET3
1214 */
1215
1216 DPRINTF(sc, UDMASS_BBB, "BBB reset!\n");
1217
1218 req.bmRequestType = UT_WRITE_CLASS_INTERFACE;
1219 req.bRequest = UR_BBB_RESET; /* bulk only reset */
1220 USETW(req.wValue, 0);
1221 req.wIndex[0] = sc->sc_iface_no;
1222 req.wIndex[1] = 0;
1223 USETW(req.wLength, 0);
1224
1225 pc = usbd_xfer_get_frame(xfer, 0);
1226 usbd_copy_in(pc, 0, &req, sizeof(req));
1227
1228 usbd_xfer_set_frame_len(xfer, 0, sizeof(req));
1229 usbd_xfer_set_frames(xfer, 1);
1230 usbd_transfer_submit(xfer);
1231 return;
1232
1233 default: /* Error */
1234 umass_tr_error(xfer, error);
1235 return;
1236 }
1237 }
1238
1239 static void
umass_t_bbb_reset2_callback(struct usb_xfer * xfer,usb_error_t error)1240 umass_t_bbb_reset2_callback(struct usb_xfer *xfer, usb_error_t error)
1241 {
1242 umass_t_bbb_data_clear_stall_callback(xfer, UMASS_T_BBB_RESET3,
1243 UMASS_T_BBB_DATA_READ, error);
1244 }
1245
1246 static void
umass_t_bbb_reset3_callback(struct usb_xfer * xfer,usb_error_t error)1247 umass_t_bbb_reset3_callback(struct usb_xfer *xfer, usb_error_t error)
1248 {
1249 umass_t_bbb_data_clear_stall_callback(xfer, UMASS_T_BBB_COMMAND,
1250 UMASS_T_BBB_DATA_WRITE, error);
1251 }
1252
1253 static void
umass_t_bbb_data_clear_stall_callback(struct usb_xfer * xfer,uint8_t next_xfer,uint8_t stall_xfer,usb_error_t error)1254 umass_t_bbb_data_clear_stall_callback(struct usb_xfer *xfer,
1255 uint8_t next_xfer, uint8_t stall_xfer, usb_error_t error)
1256 {
1257 struct umass_softc *sc = usbd_xfer_softc(xfer);
1258
1259 switch (USB_GET_STATE(xfer)) {
1260 case USB_ST_TRANSFERRED:
1261 tr_transferred:
1262 umass_transfer_start(sc, next_xfer);
1263 return;
1264
1265 case USB_ST_SETUP:
1266 if (usbd_clear_stall_callback(xfer, sc->sc_xfer[stall_xfer])) {
1267 goto tr_transferred;
1268 }
1269 return;
1270
1271 default: /* Error */
1272 umass_tr_error(xfer, error);
1273 return;
1274 }
1275 }
1276
1277 static void
umass_t_bbb_command_callback(struct usb_xfer * xfer,usb_error_t error)1278 umass_t_bbb_command_callback(struct usb_xfer *xfer, usb_error_t error)
1279 {
1280 struct umass_softc *sc = usbd_xfer_softc(xfer);
1281 union ccb *ccb = sc->sc_transfer.ccb;
1282 struct usb_page_cache *pc;
1283 uint32_t tag;
1284
1285 switch (USB_GET_STATE(xfer)) {
1286 case USB_ST_TRANSFERRED:
1287 umass_transfer_start
1288 (sc, ((sc->sc_transfer.dir == DIR_IN) ? UMASS_T_BBB_DATA_READ :
1289 (sc->sc_transfer.dir == DIR_OUT) ? UMASS_T_BBB_DATA_WRITE :
1290 UMASS_T_BBB_STATUS));
1291 return;
1292
1293 case USB_ST_SETUP:
1294
1295 sc->sc_status_try = 0;
1296
1297 if (ccb) {
1298 /*
1299 * the initial value is not important,
1300 * as long as the values are unique:
1301 */
1302 tag = UGETDW(sc->cbw.dCBWTag) + 1;
1303
1304 USETDW(sc->cbw.dCBWSignature, CBWSIGNATURE);
1305 USETDW(sc->cbw.dCBWTag, tag);
1306
1307 /*
1308 * dCBWDataTransferLength:
1309 * This field indicates the number of bytes of data that the host
1310 * intends to transfer on the IN or OUT Bulk endpoint(as indicated by
1311 * the Direction bit) during the execution of this command. If this
1312 * field is set to 0, the device will expect that no data will be
1313 * transferred IN or OUT during this command, regardless of the value
1314 * of the Direction bit defined in dCBWFlags.
1315 */
1316 USETDW(sc->cbw.dCBWDataTransferLength, sc->sc_transfer.data_len);
1317
1318 /*
1319 * dCBWFlags:
1320 * The bits of the Flags field are defined as follows:
1321 * Bits 0-6 reserved
1322 * Bit 7 Direction - this bit shall be ignored if the
1323 * dCBWDataTransferLength field is zero.
1324 * 0 = data Out from host to device
1325 * 1 = data In from device to host
1326 */
1327 sc->cbw.bCBWFlags = ((sc->sc_transfer.dir == DIR_IN) ?
1328 CBWFLAGS_IN : CBWFLAGS_OUT);
1329 sc->cbw.bCBWLUN = sc->sc_transfer.lun;
1330
1331 if (sc->sc_transfer.cmd_len > sizeof(sc->cbw.CBWCDB)) {
1332 sc->sc_transfer.cmd_len = sizeof(sc->cbw.CBWCDB);
1333 DPRINTF(sc, UDMASS_BBB, "Truncating long command!\n");
1334 }
1335 sc->cbw.bCDBLength = sc->sc_transfer.cmd_len;
1336
1337 /* copy SCSI command data */
1338 memcpy(sc->cbw.CBWCDB, sc->sc_transfer.cmd_data,
1339 sc->sc_transfer.cmd_len);
1340
1341 /* clear remaining command area */
1342 memset(sc->cbw.CBWCDB +
1343 sc->sc_transfer.cmd_len, 0,
1344 sizeof(sc->cbw.CBWCDB) -
1345 sc->sc_transfer.cmd_len);
1346
1347 DIF(UDMASS_BBB, umass_bbb_dump_cbw(sc, &sc->cbw));
1348
1349 pc = usbd_xfer_get_frame(xfer, 0);
1350 usbd_copy_in(pc, 0, &sc->cbw, sizeof(sc->cbw));
1351 usbd_xfer_set_frame_len(xfer, 0, sizeof(sc->cbw));
1352
1353 usbd_transfer_submit(xfer);
1354 }
1355 return;
1356
1357 default: /* Error */
1358 umass_tr_error(xfer, error);
1359 return;
1360 }
1361 }
1362
1363 static void
umass_t_bbb_data_read_callback(struct usb_xfer * xfer,usb_error_t error)1364 umass_t_bbb_data_read_callback(struct usb_xfer *xfer, usb_error_t error)
1365 {
1366 struct umass_softc *sc = usbd_xfer_softc(xfer);
1367 uint32_t max_bulk = usbd_xfer_max_len(xfer);
1368 int actlen, sumlen;
1369
1370 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL);
1371
1372 switch (USB_GET_STATE(xfer)) {
1373 case USB_ST_TRANSFERRED:
1374 sc->sc_transfer.data_rem -= actlen;
1375 sc->sc_transfer.data_ptr += actlen;
1376 sc->sc_transfer.actlen += actlen;
1377
1378 if (actlen < sumlen) {
1379 /* short transfer */
1380 sc->sc_transfer.data_rem = 0;
1381 }
1382 case USB_ST_SETUP:
1383 DPRINTF(sc, UDMASS_BBB, "max_bulk=%d, data_rem=%d\n",
1384 max_bulk, sc->sc_transfer.data_rem);
1385
1386 if (sc->sc_transfer.data_rem == 0) {
1387 umass_transfer_start(sc, UMASS_T_BBB_STATUS);
1388 return;
1389 }
1390 if (max_bulk > sc->sc_transfer.data_rem) {
1391 max_bulk = sc->sc_transfer.data_rem;
1392 }
1393 usbd_xfer_set_timeout(xfer, sc->sc_transfer.data_timeout);
1394
1395 usbd_xfer_set_frame_data(xfer, 0, sc->sc_transfer.data_ptr,
1396 max_bulk);
1397
1398 usbd_transfer_submit(xfer);
1399 return;
1400
1401 default: /* Error */
1402 if (error == USB_ERR_CANCELLED) {
1403 umass_tr_error(xfer, error);
1404 } else {
1405 umass_transfer_start(sc, UMASS_T_BBB_DATA_RD_CS);
1406 }
1407 return;
1408 }
1409 }
1410
1411 static void
umass_t_bbb_data_rd_cs_callback(struct usb_xfer * xfer,usb_error_t error)1412 umass_t_bbb_data_rd_cs_callback(struct usb_xfer *xfer, usb_error_t error)
1413 {
1414 umass_t_bbb_data_clear_stall_callback(xfer, UMASS_T_BBB_STATUS,
1415 UMASS_T_BBB_DATA_READ, error);
1416 }
1417
1418 static void
umass_t_bbb_data_write_callback(struct usb_xfer * xfer,usb_error_t error)1419 umass_t_bbb_data_write_callback(struct usb_xfer *xfer, usb_error_t error)
1420 {
1421 struct umass_softc *sc = usbd_xfer_softc(xfer);
1422 uint32_t max_bulk = usbd_xfer_max_len(xfer);
1423 int actlen, sumlen;
1424
1425 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL);
1426
1427 switch (USB_GET_STATE(xfer)) {
1428 case USB_ST_TRANSFERRED:
1429 sc->sc_transfer.data_rem -= actlen;
1430 sc->sc_transfer.data_ptr += actlen;
1431 sc->sc_transfer.actlen += actlen;
1432
1433 if (actlen < sumlen) {
1434 /* short transfer */
1435 sc->sc_transfer.data_rem = 0;
1436 }
1437 case USB_ST_SETUP:
1438 DPRINTF(sc, UDMASS_BBB, "max_bulk=%d, data_rem=%d\n",
1439 max_bulk, sc->sc_transfer.data_rem);
1440
1441 if (sc->sc_transfer.data_rem == 0) {
1442 umass_transfer_start(sc, UMASS_T_BBB_STATUS);
1443 return;
1444 }
1445 if (max_bulk > sc->sc_transfer.data_rem) {
1446 max_bulk = sc->sc_transfer.data_rem;
1447 }
1448 usbd_xfer_set_timeout(xfer, sc->sc_transfer.data_timeout);
1449
1450 usbd_xfer_set_frame_data(xfer, 0, sc->sc_transfer.data_ptr,
1451 max_bulk);
1452
1453 usbd_transfer_submit(xfer);
1454 return;
1455
1456 default: /* Error */
1457 if (error == USB_ERR_CANCELLED) {
1458 umass_tr_error(xfer, error);
1459 } else {
1460 umass_transfer_start(sc, UMASS_T_BBB_DATA_WR_CS);
1461 }
1462 return;
1463 }
1464 }
1465
1466 static void
umass_t_bbb_data_wr_cs_callback(struct usb_xfer * xfer,usb_error_t error)1467 umass_t_bbb_data_wr_cs_callback(struct usb_xfer *xfer, usb_error_t error)
1468 {
1469 umass_t_bbb_data_clear_stall_callback(xfer, UMASS_T_BBB_STATUS,
1470 UMASS_T_BBB_DATA_WRITE, error);
1471 }
1472
1473 static void
umass_t_bbb_status_callback(struct usb_xfer * xfer,usb_error_t error)1474 umass_t_bbb_status_callback(struct usb_xfer *xfer, usb_error_t error)
1475 {
1476 struct umass_softc *sc = usbd_xfer_softc(xfer);
1477 union ccb *ccb = sc->sc_transfer.ccb;
1478 struct usb_page_cache *pc;
1479 uint32_t residue;
1480 int actlen;
1481
1482 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL);
1483
1484 switch (USB_GET_STATE(xfer)) {
1485 case USB_ST_TRANSFERRED:
1486
1487 /*
1488 * Do a full reset if there is something wrong with the CSW:
1489 */
1490 sc->sc_status_try = 1;
1491
1492 /* Zero missing parts of the CSW: */
1493
1494 if (actlen < (int)sizeof(sc->csw))
1495 memset(&sc->csw, 0, sizeof(sc->csw));
1496
1497 pc = usbd_xfer_get_frame(xfer, 0);
1498 usbd_copy_out(pc, 0, &sc->csw, actlen);
1499
1500 DIF(UDMASS_BBB, umass_bbb_dump_csw(sc, &sc->csw));
1501
1502 residue = UGETDW(sc->csw.dCSWDataResidue);
1503
1504 if ((!residue) || (sc->sc_quirks & IGNORE_RESIDUE)) {
1505 residue = (sc->sc_transfer.data_len -
1506 sc->sc_transfer.actlen);
1507 }
1508 if (residue > sc->sc_transfer.data_len) {
1509 DPRINTF(sc, UDMASS_BBB, "truncating residue from %d "
1510 "to %d bytes\n", residue, sc->sc_transfer.data_len);
1511 residue = sc->sc_transfer.data_len;
1512 }
1513 /* translate weird command-status signatures: */
1514 if (sc->sc_quirks & WRONG_CSWSIG) {
1515 uint32_t temp = UGETDW(sc->csw.dCSWSignature);
1516
1517 if ((temp == CSWSIGNATURE_OLYMPUS_C1) ||
1518 (temp == CSWSIGNATURE_IMAGINATION_DBX1)) {
1519 USETDW(sc->csw.dCSWSignature, CSWSIGNATURE);
1520 }
1521 }
1522 /* check CSW and handle eventual error */
1523 if (UGETDW(sc->csw.dCSWSignature) != CSWSIGNATURE) {
1524 DPRINTF(sc, UDMASS_BBB, "bad CSW signature 0x%08x != 0x%08x\n",
1525 UGETDW(sc->csw.dCSWSignature), CSWSIGNATURE);
1526 /*
1527 * Invalid CSW: Wrong signature or wrong tag might
1528 * indicate that we lost synchronization. Reset the
1529 * device.
1530 */
1531 goto tr_error;
1532 } else if (UGETDW(sc->csw.dCSWTag) != UGETDW(sc->cbw.dCBWTag)) {
1533 DPRINTF(sc, UDMASS_BBB, "Invalid CSW: tag 0x%08x should be "
1534 "0x%08x\n", UGETDW(sc->csw.dCSWTag),
1535 UGETDW(sc->cbw.dCBWTag));
1536 goto tr_error;
1537 } else if (sc->csw.bCSWStatus > CSWSTATUS_PHASE) {
1538 DPRINTF(sc, UDMASS_BBB, "Invalid CSW: status %d > %d\n",
1539 sc->csw.bCSWStatus, CSWSTATUS_PHASE);
1540 goto tr_error;
1541 } else if (sc->csw.bCSWStatus == CSWSTATUS_PHASE) {
1542 DPRINTF(sc, UDMASS_BBB, "Phase error, residue = "
1543 "%d\n", residue);
1544 goto tr_error;
1545 } else if (sc->sc_transfer.actlen > sc->sc_transfer.data_len) {
1546 DPRINTF(sc, UDMASS_BBB, "Buffer overrun %d > %d\n",
1547 sc->sc_transfer.actlen, sc->sc_transfer.data_len);
1548 goto tr_error;
1549 } else if (sc->csw.bCSWStatus == CSWSTATUS_FAILED) {
1550 DPRINTF(sc, UDMASS_BBB, "Command failed, residue = "
1551 "%d\n", residue);
1552
1553 sc->sc_transfer.ccb = NULL;
1554
1555 sc->sc_last_xfer_index = UMASS_T_BBB_COMMAND;
1556
1557 (sc->sc_transfer.callback)
1558 (sc, ccb, residue, STATUS_CMD_FAILED);
1559 } else {
1560 sc->sc_transfer.ccb = NULL;
1561
1562 sc->sc_last_xfer_index = UMASS_T_BBB_COMMAND;
1563
1564 (sc->sc_transfer.callback)
1565 (sc, ccb, residue, STATUS_CMD_OK);
1566 }
1567 return;
1568
1569 case USB_ST_SETUP:
1570 usbd_xfer_set_frame_len(xfer, 0, usbd_xfer_max_len(xfer));
1571 usbd_transfer_submit(xfer);
1572 return;
1573
1574 default:
1575 tr_error:
1576 DPRINTF(sc, UDMASS_BBB, "Failed to read CSW: %s, try %d\n",
1577 usbd_errstr(error), sc->sc_status_try);
1578
1579 if ((error == USB_ERR_CANCELLED) ||
1580 (sc->sc_status_try)) {
1581 umass_tr_error(xfer, error);
1582 } else {
1583 sc->sc_status_try = 1;
1584 umass_transfer_start(sc, UMASS_T_BBB_DATA_RD_CS);
1585 }
1586 return;
1587 }
1588 }
1589
1590 static void
umass_command_start(struct umass_softc * sc,uint8_t dir,void * data_ptr,uint32_t data_len,uint32_t data_timeout,umass_callback_t * callback,union ccb * ccb)1591 umass_command_start(struct umass_softc *sc, uint8_t dir,
1592 void *data_ptr, uint32_t data_len,
1593 uint32_t data_timeout, umass_callback_t *callback,
1594 union ccb *ccb)
1595 {
1596 sc->sc_transfer.lun = ccb->ccb_h.target_lun;
1597
1598 /*
1599 * NOTE: assumes that "sc->sc_transfer.cmd_data" and
1600 * "sc->sc_transfer.cmd_len" has been properly
1601 * initialized.
1602 */
1603
1604 sc->sc_transfer.dir = data_len ? dir : DIR_NONE;
1605 sc->sc_transfer.data_ptr = data_ptr;
1606 sc->sc_transfer.data_len = data_len;
1607 sc->sc_transfer.data_rem = data_len;
1608 sc->sc_transfer.data_timeout = (data_timeout + UMASS_TIMEOUT);
1609
1610 sc->sc_transfer.actlen = 0;
1611 sc->sc_transfer.callback = callback;
1612 sc->sc_transfer.ccb = ccb;
1613
1614 if (sc->sc_xfer[sc->sc_last_xfer_index]) {
1615 usbd_transfer_start(sc->sc_xfer[sc->sc_last_xfer_index]);
1616 } else {
1617 umass_cancel_ccb(sc);
1618 }
1619 }
1620
1621 static uint8_t
umass_bbb_get_max_lun(struct umass_softc * sc)1622 umass_bbb_get_max_lun(struct umass_softc *sc)
1623 {
1624 struct usb_device_request req;
1625 usb_error_t err;
1626 uint8_t buf = 0;
1627
1628 /* The Get Max Lun command is a class-specific request. */
1629 req.bmRequestType = UT_READ_CLASS_INTERFACE;
1630 req.bRequest = UR_BBB_GET_MAX_LUN;
1631 USETW(req.wValue, 0);
1632 req.wIndex[0] = sc->sc_iface_no;
1633 req.wIndex[1] = 0;
1634 USETW(req.wLength, 1);
1635
1636 err = usbd_do_request(sc->sc_udev, NULL, &req, &buf);
1637 if (err) {
1638 buf = 0;
1639
1640 /* Device doesn't support Get Max Lun request. */
1641 printf("%s: Get Max Lun not supported (%s)\n",
1642 sc->sc_name, usbd_errstr(err));
1643 }
1644 return (buf);
1645 }
1646
1647 /*
1648 * Command/Bulk/Interrupt (CBI) specific functions
1649 */
1650
1651 static void
umass_cbi_start_status(struct umass_softc * sc)1652 umass_cbi_start_status(struct umass_softc *sc)
1653 {
1654 if (sc->sc_xfer[UMASS_T_CBI_STATUS]) {
1655 umass_transfer_start(sc, UMASS_T_CBI_STATUS);
1656 } else {
1657 union ccb *ccb = sc->sc_transfer.ccb;
1658
1659 sc->sc_transfer.ccb = NULL;
1660
1661 sc->sc_last_xfer_index = UMASS_T_CBI_COMMAND;
1662
1663 (sc->sc_transfer.callback)
1664 (sc, ccb, (sc->sc_transfer.data_len -
1665 sc->sc_transfer.actlen), STATUS_CMD_UNKNOWN);
1666 }
1667 }
1668
1669 static void
umass_t_cbi_reset1_callback(struct usb_xfer * xfer,usb_error_t error)1670 umass_t_cbi_reset1_callback(struct usb_xfer *xfer, usb_error_t error)
1671 {
1672 struct umass_softc *sc = usbd_xfer_softc(xfer);
1673 struct usb_device_request req;
1674 struct usb_page_cache *pc;
1675 uint8_t buf[UMASS_CBI_DIAGNOSTIC_CMDLEN];
1676
1677 uint8_t i;
1678
1679 switch (USB_GET_STATE(xfer)) {
1680 case USB_ST_TRANSFERRED:
1681 umass_transfer_start(sc, UMASS_T_CBI_RESET2);
1682 break;
1683
1684 case USB_ST_SETUP:
1685 /*
1686 * Command Block Reset Protocol
1687 *
1688 * First send a reset request to the device. Then clear
1689 * any possibly stalled bulk endpoints.
1690 *
1691 * This is done in 3 steps, using 3 transfers:
1692 * UMASS_T_CBI_RESET1
1693 * UMASS_T_CBI_RESET2
1694 * UMASS_T_CBI_RESET3
1695 * UMASS_T_CBI_RESET4 (only if there is an interrupt endpoint)
1696 */
1697
1698 DPRINTF(sc, UDMASS_CBI, "CBI reset!\n");
1699
1700 req.bmRequestType = UT_WRITE_CLASS_INTERFACE;
1701 req.bRequest = UR_CBI_ADSC;
1702 USETW(req.wValue, 0);
1703 req.wIndex[0] = sc->sc_iface_no;
1704 req.wIndex[1] = 0;
1705 USETW(req.wLength, UMASS_CBI_DIAGNOSTIC_CMDLEN);
1706
1707 /*
1708 * The 0x1d code is the SEND DIAGNOSTIC command. To
1709 * distinguish between the two, the last 10 bytes of the CBL
1710 * is filled with 0xff (section 2.2 of the CBI
1711 * specification)
1712 */
1713 buf[0] = 0x1d; /* Command Block Reset */
1714 buf[1] = 0x04;
1715
1716 for (i = 2; i < UMASS_CBI_DIAGNOSTIC_CMDLEN; i++) {
1717 buf[i] = 0xff;
1718 }
1719
1720 pc = usbd_xfer_get_frame(xfer, 0);
1721 usbd_copy_in(pc, 0, &req, sizeof(req));
1722 pc = usbd_xfer_get_frame(xfer, 1);
1723 usbd_copy_in(pc, 0, buf, sizeof(buf));
1724
1725 usbd_xfer_set_frame_len(xfer, 0, sizeof(req));
1726 usbd_xfer_set_frame_len(xfer, 1, sizeof(buf));
1727 usbd_xfer_set_frames(xfer, 2);
1728 usbd_transfer_submit(xfer);
1729 break;
1730
1731 default: /* Error */
1732 if (error == USB_ERR_CANCELLED)
1733 umass_tr_error(xfer, error);
1734 else
1735 umass_transfer_start(sc, UMASS_T_CBI_RESET2);
1736 break;
1737 }
1738 }
1739
1740 static void
umass_t_cbi_reset2_callback(struct usb_xfer * xfer,usb_error_t error)1741 umass_t_cbi_reset2_callback(struct usb_xfer *xfer, usb_error_t error)
1742 {
1743 umass_t_cbi_data_clear_stall_callback(xfer, UMASS_T_CBI_RESET3,
1744 UMASS_T_CBI_DATA_READ, error);
1745 }
1746
1747 static void
umass_t_cbi_reset3_callback(struct usb_xfer * xfer,usb_error_t error)1748 umass_t_cbi_reset3_callback(struct usb_xfer *xfer, usb_error_t error)
1749 {
1750 struct umass_softc *sc = usbd_xfer_softc(xfer);
1751
1752 umass_t_cbi_data_clear_stall_callback
1753 (xfer, (sc->sc_xfer[UMASS_T_CBI_RESET4] &&
1754 sc->sc_xfer[UMASS_T_CBI_STATUS]) ?
1755 UMASS_T_CBI_RESET4 : UMASS_T_CBI_COMMAND,
1756 UMASS_T_CBI_DATA_WRITE, error);
1757 }
1758
1759 static void
umass_t_cbi_reset4_callback(struct usb_xfer * xfer,usb_error_t error)1760 umass_t_cbi_reset4_callback(struct usb_xfer *xfer, usb_error_t error)
1761 {
1762 umass_t_cbi_data_clear_stall_callback(xfer, UMASS_T_CBI_COMMAND,
1763 UMASS_T_CBI_STATUS, error);
1764 }
1765
1766 static void
umass_t_cbi_data_clear_stall_callback(struct usb_xfer * xfer,uint8_t next_xfer,uint8_t stall_xfer,usb_error_t error)1767 umass_t_cbi_data_clear_stall_callback(struct usb_xfer *xfer,
1768 uint8_t next_xfer, uint8_t stall_xfer, usb_error_t error)
1769 {
1770 struct umass_softc *sc = usbd_xfer_softc(xfer);
1771
1772 switch (USB_GET_STATE(xfer)) {
1773 case USB_ST_TRANSFERRED:
1774 tr_transferred:
1775 if (next_xfer == UMASS_T_CBI_STATUS) {
1776 umass_cbi_start_status(sc);
1777 } else {
1778 umass_transfer_start(sc, next_xfer);
1779 }
1780 break;
1781
1782 case USB_ST_SETUP:
1783 if (usbd_clear_stall_callback(xfer, sc->sc_xfer[stall_xfer])) {
1784 goto tr_transferred; /* should not happen */
1785 }
1786 break;
1787
1788 default: /* Error */
1789 umass_tr_error(xfer, error);
1790 break;
1791 }
1792 }
1793
1794 static void
umass_t_cbi_command_callback(struct usb_xfer * xfer,usb_error_t error)1795 umass_t_cbi_command_callback(struct usb_xfer *xfer, usb_error_t error)
1796 {
1797 struct umass_softc *sc = usbd_xfer_softc(xfer);
1798 union ccb *ccb = sc->sc_transfer.ccb;
1799 struct usb_device_request req;
1800 struct usb_page_cache *pc;
1801
1802 switch (USB_GET_STATE(xfer)) {
1803 case USB_ST_TRANSFERRED:
1804
1805 if (sc->sc_transfer.dir == DIR_NONE) {
1806 umass_cbi_start_status(sc);
1807 } else {
1808 umass_transfer_start
1809 (sc, (sc->sc_transfer.dir == DIR_IN) ?
1810 UMASS_T_CBI_DATA_READ : UMASS_T_CBI_DATA_WRITE);
1811 }
1812 break;
1813
1814 case USB_ST_SETUP:
1815
1816 if (ccb) {
1817 /*
1818 * do a CBI transfer with cmd_len bytes from
1819 * cmd_data, possibly a data phase of data_len
1820 * bytes from/to the device and finally a status
1821 * read phase.
1822 */
1823
1824 req.bmRequestType = UT_WRITE_CLASS_INTERFACE;
1825 req.bRequest = UR_CBI_ADSC;
1826 USETW(req.wValue, 0);
1827 req.wIndex[0] = sc->sc_iface_no;
1828 req.wIndex[1] = 0;
1829 req.wLength[0] = sc->sc_transfer.cmd_len;
1830 req.wLength[1] = 0;
1831
1832 pc = usbd_xfer_get_frame(xfer, 0);
1833 usbd_copy_in(pc, 0, &req, sizeof(req));
1834 pc = usbd_xfer_get_frame(xfer, 1);
1835 usbd_copy_in(pc, 0, sc->sc_transfer.cmd_data,
1836 sc->sc_transfer.cmd_len);
1837
1838 usbd_xfer_set_frame_len(xfer, 0, sizeof(req));
1839 usbd_xfer_set_frame_len(xfer, 1, sc->sc_transfer.cmd_len);
1840 usbd_xfer_set_frames(xfer,
1841 sc->sc_transfer.cmd_len ? 2 : 1);
1842
1843 DIF(UDMASS_CBI,
1844 umass_cbi_dump_cmd(sc,
1845 sc->sc_transfer.cmd_data,
1846 sc->sc_transfer.cmd_len));
1847
1848 usbd_transfer_submit(xfer);
1849 }
1850 break;
1851
1852 default: /* Error */
1853 /*
1854 * STALL on the control pipe can be result of the command error.
1855 * Attempt to clear this STALL same as for bulk pipe also
1856 * results in command completion interrupt, but ASC/ASCQ there
1857 * look like not always valid, so don't bother about it.
1858 */
1859 if ((error == USB_ERR_STALLED) ||
1860 (sc->sc_transfer.callback == &umass_cam_cb)) {
1861 sc->sc_transfer.ccb = NULL;
1862 (sc->sc_transfer.callback)
1863 (sc, ccb, sc->sc_transfer.data_len,
1864 STATUS_CMD_UNKNOWN);
1865 } else {
1866 umass_tr_error(xfer, error);
1867 /* skip reset */
1868 sc->sc_last_xfer_index = UMASS_T_CBI_COMMAND;
1869 }
1870 break;
1871 }
1872 }
1873
1874 static void
umass_t_cbi_data_read_callback(struct usb_xfer * xfer,usb_error_t error)1875 umass_t_cbi_data_read_callback(struct usb_xfer *xfer, usb_error_t error)
1876 {
1877 struct umass_softc *sc = usbd_xfer_softc(xfer);
1878 uint32_t max_bulk = usbd_xfer_max_len(xfer);
1879 int actlen, sumlen;
1880
1881 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL);
1882
1883 switch (USB_GET_STATE(xfer)) {
1884 case USB_ST_TRANSFERRED:
1885 sc->sc_transfer.data_rem -= actlen;
1886 sc->sc_transfer.data_ptr += actlen;
1887 sc->sc_transfer.actlen += actlen;
1888
1889 if (actlen < sumlen) {
1890 /* short transfer */
1891 sc->sc_transfer.data_rem = 0;
1892 }
1893 case USB_ST_SETUP:
1894 DPRINTF(sc, UDMASS_CBI, "max_bulk=%d, data_rem=%d\n",
1895 max_bulk, sc->sc_transfer.data_rem);
1896
1897 if (sc->sc_transfer.data_rem == 0) {
1898 umass_cbi_start_status(sc);
1899 break;
1900 }
1901 if (max_bulk > sc->sc_transfer.data_rem) {
1902 max_bulk = sc->sc_transfer.data_rem;
1903 }
1904 usbd_xfer_set_timeout(xfer, sc->sc_transfer.data_timeout);
1905
1906 usbd_xfer_set_frame_data(xfer, 0, sc->sc_transfer.data_ptr,
1907 max_bulk);
1908
1909 usbd_transfer_submit(xfer);
1910 break;
1911
1912 default: /* Error */
1913 if ((error == USB_ERR_CANCELLED) ||
1914 (sc->sc_transfer.callback != &umass_cam_cb)) {
1915 umass_tr_error(xfer, error);
1916 } else {
1917 umass_transfer_start(sc, UMASS_T_CBI_DATA_RD_CS);
1918 }
1919 break;
1920 }
1921 }
1922
1923 static void
umass_t_cbi_data_rd_cs_callback(struct usb_xfer * xfer,usb_error_t error)1924 umass_t_cbi_data_rd_cs_callback(struct usb_xfer *xfer, usb_error_t error)
1925 {
1926 umass_t_cbi_data_clear_stall_callback(xfer, UMASS_T_CBI_STATUS,
1927 UMASS_T_CBI_DATA_READ, error);
1928 }
1929
1930 static void
umass_t_cbi_data_write_callback(struct usb_xfer * xfer,usb_error_t error)1931 umass_t_cbi_data_write_callback(struct usb_xfer *xfer, usb_error_t error)
1932 {
1933 struct umass_softc *sc = usbd_xfer_softc(xfer);
1934 uint32_t max_bulk = usbd_xfer_max_len(xfer);
1935 int actlen, sumlen;
1936
1937 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL);
1938
1939 switch (USB_GET_STATE(xfer)) {
1940 case USB_ST_TRANSFERRED:
1941 sc->sc_transfer.data_rem -= actlen;
1942 sc->sc_transfer.data_ptr += actlen;
1943 sc->sc_transfer.actlen += actlen;
1944
1945 if (actlen < sumlen) {
1946 /* short transfer */
1947 sc->sc_transfer.data_rem = 0;
1948 }
1949 case USB_ST_SETUP:
1950 DPRINTF(sc, UDMASS_CBI, "max_bulk=%d, data_rem=%d\n",
1951 max_bulk, sc->sc_transfer.data_rem);
1952
1953 if (sc->sc_transfer.data_rem == 0) {
1954 umass_cbi_start_status(sc);
1955 break;
1956 }
1957 if (max_bulk > sc->sc_transfer.data_rem) {
1958 max_bulk = sc->sc_transfer.data_rem;
1959 }
1960 usbd_xfer_set_timeout(xfer, sc->sc_transfer.data_timeout);
1961
1962 usbd_xfer_set_frame_data(xfer, 0, sc->sc_transfer.data_ptr,
1963 max_bulk);
1964
1965 usbd_transfer_submit(xfer);
1966 break;
1967
1968 default: /* Error */
1969 if ((error == USB_ERR_CANCELLED) ||
1970 (sc->sc_transfer.callback != &umass_cam_cb)) {
1971 umass_tr_error(xfer, error);
1972 } else {
1973 umass_transfer_start(sc, UMASS_T_CBI_DATA_WR_CS);
1974 }
1975 break;
1976 }
1977 }
1978
1979 static void
umass_t_cbi_data_wr_cs_callback(struct usb_xfer * xfer,usb_error_t error)1980 umass_t_cbi_data_wr_cs_callback(struct usb_xfer *xfer, usb_error_t error)
1981 {
1982 umass_t_cbi_data_clear_stall_callback(xfer, UMASS_T_CBI_STATUS,
1983 UMASS_T_CBI_DATA_WRITE, error);
1984 }
1985
1986 static void
umass_t_cbi_status_callback(struct usb_xfer * xfer,usb_error_t error)1987 umass_t_cbi_status_callback(struct usb_xfer *xfer, usb_error_t error)
1988 {
1989 struct umass_softc *sc = usbd_xfer_softc(xfer);
1990 union ccb *ccb = sc->sc_transfer.ccb;
1991 struct usb_page_cache *pc;
1992 uint32_t residue;
1993 uint8_t status;
1994 int actlen;
1995
1996 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL);
1997
1998 switch (USB_GET_STATE(xfer)) {
1999 case USB_ST_TRANSFERRED:
2000
2001 if (actlen < (int)sizeof(sc->sbl)) {
2002 goto tr_setup;
2003 }
2004 pc = usbd_xfer_get_frame(xfer, 0);
2005 usbd_copy_out(pc, 0, &sc->sbl, sizeof(sc->sbl));
2006
2007 residue = (sc->sc_transfer.data_len -
2008 sc->sc_transfer.actlen);
2009
2010 /* dissect the information in the buffer */
2011
2012 if (sc->sc_proto & UMASS_PROTO_UFI) {
2013 /*
2014 * Section 3.4.3.1.3 specifies that the UFI command
2015 * protocol returns an ASC and ASCQ in the interrupt
2016 * data block.
2017 */
2018
2019 DPRINTF(sc, UDMASS_CBI, "UFI CCI, ASC = 0x%02x, "
2020 "ASCQ = 0x%02x\n", sc->sbl.ufi.asc,
2021 sc->sbl.ufi.ascq);
2022
2023 status = (((sc->sbl.ufi.asc == 0) &&
2024 (sc->sbl.ufi.ascq == 0)) ?
2025 STATUS_CMD_OK : STATUS_CMD_FAILED);
2026
2027 sc->sc_transfer.ccb = NULL;
2028
2029 sc->sc_last_xfer_index = UMASS_T_CBI_COMMAND;
2030
2031 (sc->sc_transfer.callback)
2032 (sc, ccb, residue, status);
2033
2034 break;
2035
2036 } else {
2037 /* Command Interrupt Data Block */
2038
2039 DPRINTF(sc, UDMASS_CBI, "type=0x%02x, value=0x%02x\n",
2040 sc->sbl.common.type, sc->sbl.common.value);
2041
2042 if (sc->sbl.common.type == IDB_TYPE_CCI) {
2043 status = (sc->sbl.common.value & IDB_VALUE_STATUS_MASK);
2044
2045 status = ((status == IDB_VALUE_PASS) ? STATUS_CMD_OK :
2046 (status == IDB_VALUE_FAIL) ? STATUS_CMD_FAILED :
2047 (status == IDB_VALUE_PERSISTENT) ? STATUS_CMD_FAILED :
2048 STATUS_WIRE_FAILED);
2049
2050 sc->sc_transfer.ccb = NULL;
2051
2052 sc->sc_last_xfer_index = UMASS_T_CBI_COMMAND;
2053
2054 (sc->sc_transfer.callback)
2055 (sc, ccb, residue, status);
2056
2057 break;
2058 }
2059 }
2060
2061 /* fallthrough */
2062
2063 case USB_ST_SETUP:
2064 tr_setup:
2065 usbd_xfer_set_frame_len(xfer, 0, usbd_xfer_max_len(xfer));
2066 usbd_transfer_submit(xfer);
2067 break;
2068
2069 default: /* Error */
2070 DPRINTF(sc, UDMASS_CBI, "Failed to read CSW: %s\n",
2071 usbd_errstr(error));
2072 umass_tr_error(xfer, error);
2073 break;
2074 }
2075 }
2076
2077 /*
2078 * CAM specific functions (used by SCSI, UFI, 8070i (ATAPI))
2079 */
2080
2081 static int
umass_cam_attach_sim(struct umass_softc * sc)2082 umass_cam_attach_sim(struct umass_softc *sc)
2083 {
2084 struct cam_devq *devq; /* Per device Queue */
2085 cam_status status;
2086
2087 /*
2088 * A HBA is attached to the CAM layer.
2089 *
2090 * The CAM layer will then after a while start probing for devices on
2091 * the bus. The number of SIMs is limited to one.
2092 */
2093
2094 devq = cam_simq_alloc(1 /* maximum openings */ );
2095 if (devq == NULL) {
2096 return (ENOMEM);
2097 }
2098 sc->sc_sim = cam_sim_alloc
2099 (&umass_cam_action, &umass_cam_poll,
2100 DEVNAME_SIM,
2101 sc /* priv */ ,
2102 sc->sc_unit /* unit number */ ,
2103 &sc->sc_mtx /* mutex */ ,
2104 1 /* maximum device openings */ ,
2105 0 /* maximum tagged device openings */ ,
2106 devq);
2107
2108 if (sc->sc_sim == NULL) {
2109 cam_simq_free(devq);
2110 return (ENOMEM);
2111 }
2112
2113 mtx_lock(&sc->sc_mtx);
2114 status = xpt_bus_register(sc->sc_sim, sc->sc_dev, sc->sc_unit);
2115 if (status != CAM_SUCCESS) {
2116 cam_sim_free(sc->sc_sim, /* free_devq */ TRUE);
2117 mtx_unlock(&sc->sc_mtx);
2118 printf("%s: xpt_bus_register failed with status %#x\n",
2119 __func__, status);
2120 return (ENOMEM);
2121 }
2122 mtx_unlock(&sc->sc_mtx);
2123
2124 return (0);
2125 }
2126
2127 static void
umass_cam_attach(struct umass_softc * sc)2128 umass_cam_attach(struct umass_softc *sc)
2129 {
2130 #ifndef USB_DEBUG
2131 if (bootverbose)
2132 #endif
2133 printf("%s:%d:%d: Attached to scbus%d\n",
2134 sc->sc_name, cam_sim_path(sc->sc_sim),
2135 sc->sc_unit, cam_sim_path(sc->sc_sim));
2136 }
2137
2138 /* umass_cam_detach
2139 * detach from the CAM layer
2140 */
2141
2142 static void
umass_cam_detach_sim(struct umass_softc * sc)2143 umass_cam_detach_sim(struct umass_softc *sc)
2144 {
2145 int error;
2146
2147 if (sc->sc_sim != NULL) {
2148 error = xpt_bus_deregister(cam_sim_path(sc->sc_sim));
2149 if (error == 0) {
2150 /* accessing the softc is not possible after this */
2151 sc->sc_sim->softc = NULL;
2152 DPRINTF(sc, UDMASS_SCSI, "%s: %s:%d:%d caling "
2153 "cam_sim_free sim %p refc %u mtx %p\n",
2154 __func__, sc->sc_name, cam_sim_path(sc->sc_sim),
2155 sc->sc_unit, sc->sc_sim,
2156 sc->sc_sim->refcount, sc->sc_sim->mtx);
2157 cam_sim_free(sc->sc_sim, /* free_devq */ TRUE);
2158 } else {
2159 panic("%s: %s: CAM layer is busy: errno %d\n",
2160 __func__, sc->sc_name, error);
2161 }
2162 sc->sc_sim = NULL;
2163 }
2164 }
2165
2166 /* umass_cam_action
2167 * CAM requests for action come through here
2168 */
2169
2170 static void
umass_cam_action(struct cam_sim * sim,union ccb * ccb)2171 umass_cam_action(struct cam_sim *sim, union ccb *ccb)
2172 {
2173 struct umass_softc *sc = cam_sim_softc(sim);
2174
2175 if (sc == NULL) {
2176 ccb->ccb_h.status = CAM_SEL_TIMEOUT;
2177 xpt_done(ccb);
2178 return;
2179 }
2180
2181 /* Perform the requested action */
2182 switch (ccb->ccb_h.func_code) {
2183 case XPT_SCSI_IO:
2184 {
2185 uint8_t *cmd;
2186 uint8_t dir;
2187
2188 if (ccb->csio.ccb_h.flags & CAM_CDB_POINTER) {
2189 cmd = (uint8_t *)(ccb->csio.cdb_io.cdb_ptr);
2190 } else {
2191 cmd = (uint8_t *)(ccb->csio.cdb_io.cdb_bytes);
2192 }
2193
2194 DPRINTF(sc, UDMASS_SCSI, "%d:%d:%jx:XPT_SCSI_IO: "
2195 "cmd: 0x%02x, flags: 0x%02x, "
2196 "%db cmd/%db data/%db sense\n",
2197 cam_sim_path(sc->sc_sim), ccb->ccb_h.target_id,
2198 (uintmax_t)ccb->ccb_h.target_lun, cmd[0],
2199 ccb->ccb_h.flags & CAM_DIR_MASK, ccb->csio.cdb_len,
2200 ccb->csio.dxfer_len, ccb->csio.sense_len);
2201
2202 if (sc->sc_transfer.ccb) {
2203 DPRINTF(sc, UDMASS_SCSI, "%d:%d:%jx:XPT_SCSI_IO: "
2204 "I/O in progress, deferring\n",
2205 cam_sim_path(sc->sc_sim), ccb->ccb_h.target_id,
2206 (uintmax_t)ccb->ccb_h.target_lun);
2207 ccb->ccb_h.status = CAM_SCSI_BUSY;
2208 xpt_done(ccb);
2209 goto done;
2210 }
2211 switch (ccb->ccb_h.flags & CAM_DIR_MASK) {
2212 case CAM_DIR_IN:
2213 dir = DIR_IN;
2214 break;
2215 case CAM_DIR_OUT:
2216 dir = DIR_OUT;
2217 DIF(UDMASS_SCSI,
2218 umass_dump_buffer(sc, ccb->csio.data_ptr,
2219 ccb->csio.dxfer_len, 48));
2220 break;
2221 default:
2222 dir = DIR_NONE;
2223 }
2224
2225 ccb->ccb_h.status = CAM_REQ_INPROG | CAM_SIM_QUEUED;
2226
2227 /*
2228 * sc->sc_transform will convert the command to the
2229 * command format needed by the specific command set
2230 * and return the converted command in
2231 * "sc->sc_transfer.cmd_data"
2232 */
2233 if (umass_std_transform(sc, ccb, cmd, ccb->csio.cdb_len)) {
2234 if (sc->sc_transfer.cmd_data[0] == INQUIRY) {
2235 const char *pserial;
2236
2237 pserial = usb_get_serial(sc->sc_udev);
2238
2239 /*
2240 * Umass devices don't generally report their serial numbers
2241 * in the usual SCSI way. Emulate it here.
2242 */
2243 if ((sc->sc_transfer.cmd_data[1] & SI_EVPD) &&
2244 (sc->sc_transfer.cmd_data[2] == SVPD_UNIT_SERIAL_NUMBER) &&
2245 (pserial[0] != '\0')) {
2246 struct scsi_vpd_unit_serial_number *vpd_serial;
2247
2248 vpd_serial = (struct scsi_vpd_unit_serial_number *)ccb->csio.data_ptr;
2249 vpd_serial->length = strlen(pserial);
2250 if (vpd_serial->length > sizeof(vpd_serial->serial_num))
2251 vpd_serial->length = sizeof(vpd_serial->serial_num);
2252 memcpy(vpd_serial->serial_num, pserial, vpd_serial->length);
2253 ccb->csio.scsi_status = SCSI_STATUS_OK;
2254 ccb->ccb_h.status = CAM_REQ_CMP;
2255 xpt_done(ccb);
2256 goto done;
2257 }
2258
2259 /*
2260 * Handle EVPD inquiry for broken devices first
2261 * NO_INQUIRY also implies NO_INQUIRY_EVPD
2262 */
2263 if ((sc->sc_quirks & (NO_INQUIRY_EVPD | NO_INQUIRY)) &&
2264 (sc->sc_transfer.cmd_data[1] & SI_EVPD)) {
2265 scsi_set_sense_data(&ccb->csio.sense_data,
2266 /*sense_format*/ SSD_TYPE_NONE,
2267 /*current_error*/ 1,
2268 /*sense_key*/ SSD_KEY_ILLEGAL_REQUEST,
2269 /*asc*/ 0x24, /* 24h/00h INVALID FIELD IN CDB */
2270 /*ascq*/ 0x00,
2271 /*extra args*/ SSD_ELEM_NONE);
2272 ccb->csio.scsi_status = SCSI_STATUS_CHECK_COND;
2273 ccb->ccb_h.status =
2274 CAM_SCSI_STATUS_ERROR |
2275 CAM_AUTOSNS_VALID |
2276 CAM_DEV_QFRZN;
2277 xpt_freeze_devq(ccb->ccb_h.path, 1);
2278 xpt_done(ccb);
2279 goto done;
2280 }
2281 /*
2282 * Return fake inquiry data for
2283 * broken devices
2284 */
2285 if (sc->sc_quirks & NO_INQUIRY) {
2286 memcpy(ccb->csio.data_ptr, &fake_inq_data,
2287 sizeof(fake_inq_data));
2288 ccb->csio.scsi_status = SCSI_STATUS_OK;
2289 ccb->ccb_h.status = CAM_REQ_CMP;
2290 xpt_done(ccb);
2291 goto done;
2292 }
2293 if (sc->sc_quirks & FORCE_SHORT_INQUIRY) {
2294 ccb->csio.dxfer_len = SHORT_INQUIRY_LENGTH;
2295 }
2296 } else if (sc->sc_transfer.cmd_data[0] == PREVENT_ALLOW) {
2297 if (sc->sc_quirks & NO_PREVENT_ALLOW) {
2298 ccb->csio.scsi_status = SCSI_STATUS_OK;
2299 ccb->ccb_h.status = CAM_REQ_CMP;
2300 xpt_done(ccb);
2301 goto done;
2302 }
2303 } else if (sc->sc_transfer.cmd_data[0] == SYNCHRONIZE_CACHE) {
2304 if (sc->sc_quirks & NO_SYNCHRONIZE_CACHE) {
2305 ccb->csio.scsi_status = SCSI_STATUS_OK;
2306 ccb->ccb_h.status = CAM_REQ_CMP;
2307 xpt_done(ccb);
2308 goto done;
2309 }
2310 } else if (sc->sc_transfer.cmd_data[0] == START_STOP_UNIT) {
2311 if (sc->sc_quirks & NO_START_STOP) {
2312 ccb->csio.scsi_status = SCSI_STATUS_OK;
2313 ccb->ccb_h.status = CAM_REQ_CMP;
2314 xpt_done(ccb);
2315 goto done;
2316 }
2317 }
2318 umass_command_start(sc, dir, ccb->csio.data_ptr,
2319 ccb->csio.dxfer_len,
2320 ccb->ccb_h.timeout,
2321 &umass_cam_cb, ccb);
2322 }
2323 break;
2324 }
2325 case XPT_PATH_INQ:
2326 {
2327 struct ccb_pathinq *cpi = &ccb->cpi;
2328
2329 DPRINTF(sc, UDMASS_SCSI, "%d:%d:%jx:XPT_PATH_INQ:.\n",
2330 sc ? cam_sim_path(sc->sc_sim) : -1, ccb->ccb_h.target_id,
2331 (uintmax_t)ccb->ccb_h.target_lun);
2332
2333 /* host specific information */
2334 cpi->version_num = 1;
2335 cpi->hba_inquiry = 0;
2336 cpi->target_sprt = 0;
2337 cpi->hba_misc = PIM_NO_6_BYTE;
2338 cpi->hba_eng_cnt = 0;
2339 cpi->max_target = UMASS_SCSIID_MAX; /* one target */
2340 cpi->initiator_id = UMASS_SCSIID_HOST;
2341 strlcpy(cpi->sim_vid, "FreeBSD", SIM_IDLEN);
2342 strlcpy(cpi->hba_vid, "USB SCSI", HBA_IDLEN);
2343 strlcpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN);
2344 cpi->unit_number = cam_sim_unit(sim);
2345 cpi->bus_id = sc->sc_unit;
2346 cpi->protocol = PROTO_SCSI;
2347 cpi->protocol_version = SCSI_REV_2;
2348 cpi->transport = XPORT_USB;
2349 cpi->transport_version = 0;
2350
2351 if (sc == NULL) {
2352 cpi->base_transfer_speed = 0;
2353 cpi->max_lun = 0;
2354 } else {
2355 if (sc->sc_quirks & FLOPPY_SPEED) {
2356 cpi->base_transfer_speed =
2357 UMASS_FLOPPY_TRANSFER_SPEED;
2358 } else {
2359 switch (usbd_get_speed(sc->sc_udev)) {
2360 case USB_SPEED_SUPER:
2361 cpi->base_transfer_speed =
2362 UMASS_SUPER_TRANSFER_SPEED;
2363 cpi->maxio = maxphys;
2364 break;
2365 case USB_SPEED_HIGH:
2366 cpi->base_transfer_speed =
2367 UMASS_HIGH_TRANSFER_SPEED;
2368 break;
2369 default:
2370 cpi->base_transfer_speed =
2371 UMASS_FULL_TRANSFER_SPEED;
2372 break;
2373 }
2374 }
2375 cpi->max_lun = sc->sc_maxlun;
2376 }
2377
2378 cpi->ccb_h.status = CAM_REQ_CMP;
2379 xpt_done(ccb);
2380 break;
2381 }
2382 case XPT_RESET_DEV:
2383 {
2384 DPRINTF(sc, UDMASS_SCSI, "%d:%d:%jx:XPT_RESET_DEV:.\n",
2385 cam_sim_path(sc->sc_sim), ccb->ccb_h.target_id,
2386 (uintmax_t)ccb->ccb_h.target_lun);
2387
2388 umass_reset(sc);
2389
2390 ccb->ccb_h.status = CAM_REQ_CMP;
2391 xpt_done(ccb);
2392 break;
2393 }
2394 case XPT_GET_TRAN_SETTINGS:
2395 {
2396 struct ccb_trans_settings *cts = &ccb->cts;
2397
2398 DPRINTF(sc, UDMASS_SCSI, "%d:%d:%jx:XPT_GET_TRAN_SETTINGS:.\n",
2399 cam_sim_path(sc->sc_sim), ccb->ccb_h.target_id,
2400 (uintmax_t)ccb->ccb_h.target_lun);
2401
2402 cts->protocol = PROTO_SCSI;
2403 cts->protocol_version = SCSI_REV_2;
2404 cts->transport = XPORT_USB;
2405 cts->transport_version = 0;
2406 cts->xport_specific.valid = 0;
2407
2408 ccb->ccb_h.status = CAM_REQ_CMP;
2409 xpt_done(ccb);
2410 break;
2411 }
2412 case XPT_SET_TRAN_SETTINGS:
2413 {
2414 DPRINTF(sc, UDMASS_SCSI, "%d:%d:%jx:XPT_SET_TRAN_SETTINGS:.\n",
2415 cam_sim_path(sc->sc_sim), ccb->ccb_h.target_id,
2416 (uintmax_t)ccb->ccb_h.target_lun);
2417
2418 ccb->ccb_h.status = CAM_FUNC_NOTAVAIL;
2419 xpt_done(ccb);
2420 break;
2421 }
2422 case XPT_CALC_GEOMETRY:
2423 {
2424 cam_calc_geometry(&ccb->ccg, /* extended */ 1);
2425 xpt_done(ccb);
2426 break;
2427 }
2428 case XPT_NOOP:
2429 {
2430 DPRINTF(sc, UDMASS_SCSI, "%d:%d:%jx:XPT_NOOP:.\n",
2431 sc ? cam_sim_path(sc->sc_sim) : -1, ccb->ccb_h.target_id,
2432 (uintmax_t)ccb->ccb_h.target_lun);
2433
2434 ccb->ccb_h.status = CAM_REQ_CMP;
2435 xpt_done(ccb);
2436 break;
2437 }
2438 default:
2439 DPRINTF(sc, UDMASS_SCSI, "%d:%d:%jx:func_code 0x%04x: "
2440 "Not implemented\n",
2441 sc ? cam_sim_path(sc->sc_sim) : -1, ccb->ccb_h.target_id,
2442 (uintmax_t)ccb->ccb_h.target_lun, ccb->ccb_h.func_code);
2443
2444 ccb->ccb_h.status = CAM_FUNC_NOTAVAIL;
2445 xpt_done(ccb);
2446 break;
2447 }
2448
2449 done:
2450 return;
2451 }
2452
2453 static void
umass_cam_poll(struct cam_sim * sim)2454 umass_cam_poll(struct cam_sim *sim)
2455 {
2456 struct umass_softc *sc = cam_sim_softc(sim);
2457
2458 if (sc == NULL)
2459 return;
2460
2461 DPRINTF(sc, UDMASS_SCSI, "CAM poll\n");
2462
2463 usbd_transfer_poll(sc->sc_xfer, UMASS_T_MAX);
2464 }
2465
2466 /* umass_cam_cb
2467 * finalise a completed CAM command
2468 */
2469
2470 static void
umass_cam_cb(struct umass_softc * sc,union ccb * ccb,uint32_t residue,uint8_t status)2471 umass_cam_cb(struct umass_softc *sc, union ccb *ccb, uint32_t residue,
2472 uint8_t status)
2473 {
2474 ccb->csio.resid = residue;
2475
2476 switch (status) {
2477 case STATUS_CMD_OK:
2478 ccb->ccb_h.status = CAM_REQ_CMP;
2479 if ((sc->sc_quirks & READ_CAPACITY_OFFBY1) &&
2480 (ccb->ccb_h.func_code == XPT_SCSI_IO) &&
2481 (ccb->csio.cdb_io.cdb_bytes[0] == READ_CAPACITY)) {
2482 struct scsi_read_capacity_data *rcap;
2483 uint32_t maxsector;
2484
2485 rcap = (void *)(ccb->csio.data_ptr);
2486 maxsector = scsi_4btoul(rcap->addr) - 1;
2487 scsi_ulto4b(maxsector, rcap->addr);
2488 }
2489 /*
2490 * We have to add SVPD_UNIT_SERIAL_NUMBER to the list
2491 * of pages supported by the device - otherwise, CAM
2492 * will never ask us for the serial number if the
2493 * device cannot handle that by itself.
2494 */
2495 if (ccb->ccb_h.func_code == XPT_SCSI_IO &&
2496 sc->sc_transfer.cmd_data[0] == INQUIRY &&
2497 (sc->sc_transfer.cmd_data[1] & SI_EVPD) &&
2498 sc->sc_transfer.cmd_data[2] == SVPD_SUPPORTED_PAGE_LIST &&
2499 (usb_get_serial(sc->sc_udev)[0] != '\0')) {
2500 struct ccb_scsiio *csio;
2501 struct scsi_vpd_supported_page_list *page_list;
2502
2503 csio = &ccb->csio;
2504 page_list = (struct scsi_vpd_supported_page_list *)csio->data_ptr;
2505 if (page_list->length + 1 < SVPD_SUPPORTED_PAGES_SIZE) {
2506 page_list->list[page_list->length] = SVPD_UNIT_SERIAL_NUMBER;
2507 page_list->length++;
2508 }
2509 }
2510 xpt_done(ccb);
2511 break;
2512
2513 case STATUS_CMD_UNKNOWN:
2514 case STATUS_CMD_FAILED:
2515
2516 /* fetch sense data */
2517
2518 /* the rest of the command was filled in at attach */
2519 sc->cam_scsi_sense.length = ccb->csio.sense_len;
2520
2521 DPRINTF(sc, UDMASS_SCSI, "Fetching %d bytes of "
2522 "sense data\n", ccb->csio.sense_len);
2523
2524 if (umass_std_transform(sc, ccb, &sc->cam_scsi_sense.opcode,
2525 sizeof(sc->cam_scsi_sense))) {
2526 umass_command_start(sc, DIR_IN, &ccb->csio.sense_data.error_code,
2527 ccb->csio.sense_len, ccb->ccb_h.timeout,
2528 &umass_cam_sense_cb, ccb);
2529 }
2530 break;
2531
2532 default:
2533 /*
2534 * The wire protocol failed and will hopefully have
2535 * recovered. We return an error to CAM and let CAM
2536 * retry the command if necessary.
2537 */
2538 xpt_freeze_devq(ccb->ccb_h.path, 1);
2539 ccb->ccb_h.status = CAM_REQ_CMP_ERR | CAM_DEV_QFRZN;
2540 xpt_done(ccb);
2541 break;
2542 }
2543 }
2544
2545 /*
2546 * Finalise a completed autosense operation
2547 */
2548 static void
umass_cam_sense_cb(struct umass_softc * sc,union ccb * ccb,uint32_t residue,uint8_t status)2549 umass_cam_sense_cb(struct umass_softc *sc, union ccb *ccb, uint32_t residue,
2550 uint8_t status)
2551 {
2552 uint8_t *cmd;
2553
2554 switch (status) {
2555 case STATUS_CMD_OK:
2556 case STATUS_CMD_UNKNOWN:
2557 case STATUS_CMD_FAILED: {
2558 int key, sense_len;
2559
2560 ccb->csio.sense_resid = residue;
2561 sense_len = ccb->csio.sense_len - ccb->csio.sense_resid;
2562 key = scsi_get_sense_key(&ccb->csio.sense_data, sense_len,
2563 /*show_errors*/ 1);
2564
2565 if (ccb->csio.ccb_h.flags & CAM_CDB_POINTER) {
2566 cmd = (uint8_t *)(ccb->csio.cdb_io.cdb_ptr);
2567 } else {
2568 cmd = (uint8_t *)(ccb->csio.cdb_io.cdb_bytes);
2569 }
2570
2571 /*
2572 * Getting sense data always succeeds (apart from wire
2573 * failures):
2574 */
2575 if ((sc->sc_quirks & RS_NO_CLEAR_UA) &&
2576 (cmd[0] == INQUIRY) &&
2577 (key == SSD_KEY_UNIT_ATTENTION)) {
2578 /*
2579 * Ignore unit attention errors in the case where
2580 * the Unit Attention state is not cleared on
2581 * REQUEST SENSE. They will appear again at the next
2582 * command.
2583 */
2584 ccb->ccb_h.status = CAM_REQ_CMP;
2585 } else if (key == SSD_KEY_NO_SENSE) {
2586 /*
2587 * No problem after all (in the case of CBI without
2588 * CCI)
2589 */
2590 ccb->ccb_h.status = CAM_REQ_CMP;
2591 } else if ((sc->sc_quirks & RS_NO_CLEAR_UA) &&
2592 (cmd[0] == READ_CAPACITY) &&
2593 (key == SSD_KEY_UNIT_ATTENTION)) {
2594 /*
2595 * Some devices do not clear the unit attention error
2596 * on request sense. We insert a test unit ready
2597 * command to make sure we clear the unit attention
2598 * condition, then allow the retry to proceed as
2599 * usual.
2600 */
2601
2602 xpt_freeze_devq(ccb->ccb_h.path, 1);
2603 ccb->ccb_h.status = CAM_SCSI_STATUS_ERROR
2604 | CAM_AUTOSNS_VALID | CAM_DEV_QFRZN;
2605 ccb->csio.scsi_status = SCSI_STATUS_CHECK_COND;
2606
2607 #if 0
2608 DELAY(300000);
2609 #endif
2610 DPRINTF(sc, UDMASS_SCSI, "Doing a sneaky"
2611 "TEST_UNIT_READY\n");
2612
2613 /* the rest of the command was filled in at attach */
2614
2615 if ((sc->sc_transform)(sc,
2616 &sc->cam_scsi_test_unit_ready.opcode,
2617 sizeof(sc->cam_scsi_test_unit_ready)) == 1) {
2618 umass_command_start(sc, DIR_NONE, NULL, 0,
2619 ccb->ccb_h.timeout,
2620 &umass_cam_quirk_cb, ccb);
2621 break;
2622 }
2623 } else {
2624 xpt_freeze_devq(ccb->ccb_h.path, 1);
2625 if (key >= 0) {
2626 ccb->ccb_h.status = CAM_SCSI_STATUS_ERROR
2627 | CAM_AUTOSNS_VALID | CAM_DEV_QFRZN;
2628 ccb->csio.scsi_status = SCSI_STATUS_CHECK_COND;
2629 } else
2630 ccb->ccb_h.status = CAM_AUTOSENSE_FAIL
2631 | CAM_DEV_QFRZN;
2632 }
2633 xpt_done(ccb);
2634 break;
2635 }
2636 default:
2637 DPRINTF(sc, UDMASS_SCSI, "Autosense failed, "
2638 "status %d\n", status);
2639 xpt_freeze_devq(ccb->ccb_h.path, 1);
2640 ccb->ccb_h.status = CAM_AUTOSENSE_FAIL | CAM_DEV_QFRZN;
2641 xpt_done(ccb);
2642 }
2643 }
2644
2645 /*
2646 * This completion code just handles the fact that we sent a test-unit-ready
2647 * after having previously failed a READ CAPACITY with CHECK_COND. The CCB
2648 * status for CAM is already set earlier.
2649 */
2650 static void
umass_cam_quirk_cb(struct umass_softc * sc,union ccb * ccb,uint32_t residue,uint8_t status)2651 umass_cam_quirk_cb(struct umass_softc *sc, union ccb *ccb, uint32_t residue,
2652 uint8_t status)
2653 {
2654 DPRINTF(sc, UDMASS_SCSI, "Test unit ready "
2655 "returned status %d\n", status);
2656
2657 xpt_done(ccb);
2658 }
2659
2660 /*
2661 * SCSI specific functions
2662 */
2663
2664 static uint8_t
umass_scsi_transform(struct umass_softc * sc,uint8_t * cmd_ptr,uint8_t cmd_len)2665 umass_scsi_transform(struct umass_softc *sc, uint8_t *cmd_ptr,
2666 uint8_t cmd_len)
2667 {
2668 if ((cmd_len == 0) ||
2669 (cmd_len > sizeof(sc->sc_transfer.cmd_data))) {
2670 DPRINTF(sc, UDMASS_SCSI, "Invalid command "
2671 "length: %d bytes\n", cmd_len);
2672 return (0); /* failure */
2673 }
2674 sc->sc_transfer.cmd_len = cmd_len;
2675
2676 switch (cmd_ptr[0]) {
2677 case TEST_UNIT_READY:
2678 if (sc->sc_quirks & NO_TEST_UNIT_READY) {
2679 DPRINTF(sc, UDMASS_SCSI, "Converted TEST_UNIT_READY "
2680 "to START_UNIT\n");
2681 memset(sc->sc_transfer.cmd_data, 0, cmd_len);
2682 sc->sc_transfer.cmd_data[0] = START_STOP_UNIT;
2683 sc->sc_transfer.cmd_data[4] = SSS_START;
2684 return (1);
2685 }
2686 break;
2687
2688 case INQUIRY:
2689 /*
2690 * some drives wedge when asked for full inquiry
2691 * information.
2692 */
2693 if (sc->sc_quirks & FORCE_SHORT_INQUIRY) {
2694 memcpy(sc->sc_transfer.cmd_data, cmd_ptr, cmd_len);
2695 sc->sc_transfer.cmd_data[4] = SHORT_INQUIRY_LENGTH;
2696 return (1);
2697 }
2698 break;
2699 }
2700
2701 memcpy(sc->sc_transfer.cmd_data, cmd_ptr, cmd_len);
2702 return (1);
2703 }
2704
2705 static uint8_t
umass_rbc_transform(struct umass_softc * sc,uint8_t * cmd_ptr,uint8_t cmd_len)2706 umass_rbc_transform(struct umass_softc *sc, uint8_t *cmd_ptr, uint8_t cmd_len)
2707 {
2708 if ((cmd_len == 0) ||
2709 (cmd_len > sizeof(sc->sc_transfer.cmd_data))) {
2710 DPRINTF(sc, UDMASS_SCSI, "Invalid command "
2711 "length: %d bytes\n", cmd_len);
2712 return (0); /* failure */
2713 }
2714 switch (cmd_ptr[0]) {
2715 /* these commands are defined in RBC: */
2716 case READ_10:
2717 case READ_CAPACITY:
2718 case START_STOP_UNIT:
2719 case SYNCHRONIZE_CACHE:
2720 case WRITE_10:
2721 case VERIFY_10:
2722 case INQUIRY:
2723 case MODE_SELECT_10:
2724 case MODE_SENSE_10:
2725 case TEST_UNIT_READY:
2726 case WRITE_BUFFER:
2727 /*
2728 * The following commands are not listed in my copy of the
2729 * RBC specs. CAM however seems to want those, and at least
2730 * the Sony DSC device appears to support those as well
2731 */
2732 case REQUEST_SENSE:
2733 case PREVENT_ALLOW:
2734
2735 memcpy(sc->sc_transfer.cmd_data, cmd_ptr, cmd_len);
2736
2737 if ((sc->sc_quirks & RBC_PAD_TO_12) && (cmd_len < 12)) {
2738 memset(sc->sc_transfer.cmd_data + cmd_len,
2739 0, 12 - cmd_len);
2740 cmd_len = 12;
2741 }
2742 sc->sc_transfer.cmd_len = cmd_len;
2743 return (1); /* success */
2744
2745 /* All other commands are not legal in RBC */
2746 default:
2747 DPRINTF(sc, UDMASS_SCSI, "Unsupported RBC "
2748 "command 0x%02x\n", cmd_ptr[0]);
2749 return (0); /* failure */
2750 }
2751 }
2752
2753 static uint8_t
umass_ufi_transform(struct umass_softc * sc,uint8_t * cmd_ptr,uint8_t cmd_len)2754 umass_ufi_transform(struct umass_softc *sc, uint8_t *cmd_ptr,
2755 uint8_t cmd_len)
2756 {
2757 if ((cmd_len == 0) ||
2758 (cmd_len > sizeof(sc->sc_transfer.cmd_data))) {
2759 DPRINTF(sc, UDMASS_SCSI, "Invalid command "
2760 "length: %d bytes\n", cmd_len);
2761 return (0); /* failure */
2762 }
2763 /* An UFI command is always 12 bytes in length */
2764 sc->sc_transfer.cmd_len = UFI_COMMAND_LENGTH;
2765
2766 /* Zero the command data */
2767 memset(sc->sc_transfer.cmd_data, 0, UFI_COMMAND_LENGTH);
2768
2769 switch (cmd_ptr[0]) {
2770 /*
2771 * Commands of which the format has been verified. They
2772 * should work. Copy the command into the (zeroed out)
2773 * destination buffer.
2774 */
2775 case TEST_UNIT_READY:
2776 if (sc->sc_quirks & NO_TEST_UNIT_READY) {
2777 /*
2778 * Some devices do not support this command. Start
2779 * Stop Unit should give the same results
2780 */
2781 DPRINTF(sc, UDMASS_UFI, "Converted TEST_UNIT_READY "
2782 "to START_UNIT\n");
2783
2784 sc->sc_transfer.cmd_data[0] = START_STOP_UNIT;
2785 sc->sc_transfer.cmd_data[4] = SSS_START;
2786 return (1);
2787 }
2788 break;
2789
2790 case REZERO_UNIT:
2791 case REQUEST_SENSE:
2792 case FORMAT_UNIT:
2793 case INQUIRY:
2794 case START_STOP_UNIT:
2795 case SEND_DIAGNOSTIC:
2796 case PREVENT_ALLOW:
2797 case READ_CAPACITY:
2798 case READ_10:
2799 case WRITE_10:
2800 case POSITION_TO_ELEMENT: /* SEEK_10 */
2801 case WRITE_AND_VERIFY:
2802 case VERIFY:
2803 case MODE_SELECT_10:
2804 case MODE_SENSE_10:
2805 case READ_12:
2806 case WRITE_12:
2807 case READ_FORMAT_CAPACITIES:
2808 break;
2809
2810 /*
2811 * SYNCHRONIZE_CACHE isn't supported by UFI, nor should it be
2812 * required for UFI devices, so it is appropriate to fake
2813 * success.
2814 */
2815 case SYNCHRONIZE_CACHE:
2816 return (2);
2817
2818 default:
2819 DPRINTF(sc, UDMASS_SCSI, "Unsupported UFI "
2820 "command 0x%02x\n", cmd_ptr[0]);
2821 return (0); /* failure */
2822 }
2823
2824 memcpy(sc->sc_transfer.cmd_data, cmd_ptr, cmd_len);
2825 return (1); /* success */
2826 }
2827
2828 /*
2829 * 8070i (ATAPI) specific functions
2830 */
2831 static uint8_t
umass_atapi_transform(struct umass_softc * sc,uint8_t * cmd_ptr,uint8_t cmd_len)2832 umass_atapi_transform(struct umass_softc *sc, uint8_t *cmd_ptr,
2833 uint8_t cmd_len)
2834 {
2835 if ((cmd_len == 0) ||
2836 (cmd_len > sizeof(sc->sc_transfer.cmd_data))) {
2837 DPRINTF(sc, UDMASS_SCSI, "Invalid command "
2838 "length: %d bytes\n", cmd_len);
2839 return (0); /* failure */
2840 }
2841 /* An ATAPI command is always 12 bytes in length. */
2842 sc->sc_transfer.cmd_len = ATAPI_COMMAND_LENGTH;
2843
2844 /* Zero the command data */
2845 memset(sc->sc_transfer.cmd_data, 0, ATAPI_COMMAND_LENGTH);
2846
2847 switch (cmd_ptr[0]) {
2848 /*
2849 * Commands of which the format has been verified. They
2850 * should work. Copy the command into the destination
2851 * buffer.
2852 */
2853 case INQUIRY:
2854 /*
2855 * some drives wedge when asked for full inquiry
2856 * information.
2857 */
2858 if (sc->sc_quirks & FORCE_SHORT_INQUIRY) {
2859 memcpy(sc->sc_transfer.cmd_data, cmd_ptr, cmd_len);
2860
2861 sc->sc_transfer.cmd_data[4] = SHORT_INQUIRY_LENGTH;
2862 return (1);
2863 }
2864 break;
2865
2866 case TEST_UNIT_READY:
2867 if (sc->sc_quirks & NO_TEST_UNIT_READY) {
2868 DPRINTF(sc, UDMASS_SCSI, "Converted TEST_UNIT_READY "
2869 "to START_UNIT\n");
2870 sc->sc_transfer.cmd_data[0] = START_STOP_UNIT;
2871 sc->sc_transfer.cmd_data[4] = SSS_START;
2872 return (1);
2873 }
2874 break;
2875
2876 case REZERO_UNIT:
2877 case REQUEST_SENSE:
2878 case START_STOP_UNIT:
2879 case SEND_DIAGNOSTIC:
2880 case PREVENT_ALLOW:
2881 case READ_CAPACITY:
2882 case READ_10:
2883 case WRITE_10:
2884 case POSITION_TO_ELEMENT: /* SEEK_10 */
2885 case SYNCHRONIZE_CACHE:
2886 case MODE_SELECT_10:
2887 case MODE_SENSE_10:
2888 case READ_BUFFER:
2889 case 0x42: /* READ_SUBCHANNEL */
2890 case 0x43: /* READ_TOC */
2891 case 0x44: /* READ_HEADER */
2892 case 0x47: /* PLAY_MSF (Play Minute/Second/Frame) */
2893 case 0x48: /* PLAY_TRACK */
2894 case 0x49: /* PLAY_TRACK_REL */
2895 case 0x4b: /* PAUSE */
2896 case 0x51: /* READ_DISK_INFO */
2897 case 0x52: /* READ_TRACK_INFO */
2898 case 0x54: /* SEND_OPC */
2899 case 0x59: /* READ_MASTER_CUE */
2900 case 0x5b: /* CLOSE_TR_SESSION */
2901 case 0x5c: /* READ_BUFFER_CAP */
2902 case 0x5d: /* SEND_CUE_SHEET */
2903 case 0xa1: /* BLANK */
2904 case 0xa5: /* PLAY_12 */
2905 case 0xa6: /* EXCHANGE_MEDIUM */
2906 case 0xad: /* READ_DVD_STRUCTURE */
2907 case 0xbb: /* SET_CD_SPEED */
2908 case 0xe5: /* READ_TRACK_INFO_PHILIPS */
2909 break;
2910
2911 case READ_12:
2912 case WRITE_12:
2913 default:
2914 DPRINTF(sc, UDMASS_SCSI, "Unsupported ATAPI "
2915 "command 0x%02x - trying anyway\n",
2916 cmd_ptr[0]);
2917 break;
2918 }
2919
2920 memcpy(sc->sc_transfer.cmd_data, cmd_ptr, cmd_len);
2921 return (1); /* success */
2922 }
2923
2924 static uint8_t
umass_no_transform(struct umass_softc * sc,uint8_t * cmd,uint8_t cmdlen)2925 umass_no_transform(struct umass_softc *sc, uint8_t *cmd,
2926 uint8_t cmdlen)
2927 {
2928 return (0); /* failure */
2929 }
2930
2931 static uint8_t
umass_std_transform(struct umass_softc * sc,union ccb * ccb,uint8_t * cmd,uint8_t cmdlen)2932 umass_std_transform(struct umass_softc *sc, union ccb *ccb,
2933 uint8_t *cmd, uint8_t cmdlen)
2934 {
2935 uint8_t retval;
2936
2937 retval = (sc->sc_transform) (sc, cmd, cmdlen);
2938
2939 if (retval == 2) {
2940 ccb->ccb_h.status = CAM_REQ_CMP;
2941 xpt_done(ccb);
2942 return (0);
2943 } else if (retval == 0) {
2944 xpt_freeze_devq(ccb->ccb_h.path, 1);
2945 ccb->ccb_h.status = CAM_REQ_INVALID | CAM_DEV_QFRZN;
2946 xpt_done(ccb);
2947 return (0);
2948 }
2949 /* Command should be executed */
2950 return (1);
2951 }
2952
2953 #ifdef USB_DEBUG
2954 static void
umass_bbb_dump_cbw(struct umass_softc * sc,umass_bbb_cbw_t * cbw)2955 umass_bbb_dump_cbw(struct umass_softc *sc, umass_bbb_cbw_t *cbw)
2956 {
2957 uint8_t *c = cbw->CBWCDB;
2958
2959 uint32_t dlen = UGETDW(cbw->dCBWDataTransferLength);
2960 uint32_t tag = UGETDW(cbw->dCBWTag);
2961
2962 uint8_t clen = cbw->bCDBLength;
2963 uint8_t flags = cbw->bCBWFlags;
2964 uint8_t lun = cbw->bCBWLUN;
2965
2966 DPRINTF(sc, UDMASS_BBB, "CBW %d: cmd = %db "
2967 "(0x%02x%02x%02x%02x%02x%02x%s), "
2968 "data = %db, lun = %d, dir = %s\n",
2969 tag, clen,
2970 c[0], c[1], c[2], c[3], c[4], c[5], (clen > 6 ? "..." : ""),
2971 dlen, lun, (flags == CBWFLAGS_IN ? "in" :
2972 (flags == CBWFLAGS_OUT ? "out" : "<invalid>")));
2973 }
2974
2975 static void
umass_bbb_dump_csw(struct umass_softc * sc,umass_bbb_csw_t * csw)2976 umass_bbb_dump_csw(struct umass_softc *sc, umass_bbb_csw_t *csw)
2977 {
2978 uint32_t sig = UGETDW(csw->dCSWSignature);
2979 uint32_t tag = UGETDW(csw->dCSWTag);
2980 uint32_t res = UGETDW(csw->dCSWDataResidue);
2981 uint8_t status = csw->bCSWStatus;
2982
2983 DPRINTF(sc, UDMASS_BBB, "CSW %d: sig = 0x%08x (%s), tag = 0x%08x, "
2984 "res = %d, status = 0x%02x (%s)\n",
2985 tag, sig, (sig == CSWSIGNATURE ? "valid" : "invalid"),
2986 tag, res,
2987 status, (status == CSWSTATUS_GOOD ? "good" :
2988 (status == CSWSTATUS_FAILED ? "failed" :
2989 (status == CSWSTATUS_PHASE ? "phase" : "<invalid>"))));
2990 }
2991
2992 static void
umass_cbi_dump_cmd(struct umass_softc * sc,void * cmd,uint8_t cmdlen)2993 umass_cbi_dump_cmd(struct umass_softc *sc, void *cmd, uint8_t cmdlen)
2994 {
2995 uint8_t *c = cmd;
2996 uint8_t dir = sc->sc_transfer.dir;
2997
2998 DPRINTF(sc, UDMASS_BBB, "cmd = %db "
2999 "(0x%02x%02x%02x%02x%02x%02x%s), "
3000 "data = %db, dir = %s\n",
3001 cmdlen,
3002 c[0], c[1], c[2], c[3], c[4], c[5], (cmdlen > 6 ? "..." : ""),
3003 sc->sc_transfer.data_len,
3004 (dir == DIR_IN ? "in" :
3005 (dir == DIR_OUT ? "out" :
3006 (dir == DIR_NONE ? "no data phase" : "<invalid>"))));
3007 }
3008
3009 static void
umass_dump_buffer(struct umass_softc * sc,uint8_t * buffer,uint32_t buflen,uint32_t printlen)3010 umass_dump_buffer(struct umass_softc *sc, uint8_t *buffer, uint32_t buflen,
3011 uint32_t printlen)
3012 {
3013 uint32_t i, j;
3014 char s1[40];
3015 char s2[40];
3016 char s3[5];
3017
3018 s1[0] = '\0';
3019 s3[0] = '\0';
3020
3021 sprintf(s2, " buffer=%p, buflen=%d", buffer, buflen);
3022 for (i = 0; (i < buflen) && (i < printlen); i++) {
3023 j = i % 16;
3024 if (j == 0 && i != 0) {
3025 DPRINTF(sc, UDMASS_GEN, "0x %s%s\n",
3026 s1, s2);
3027 s2[0] = '\0';
3028 }
3029 sprintf(&s1[j * 2], "%02x", buffer[i] & 0xff);
3030 }
3031 if (buflen > printlen)
3032 sprintf(s3, " ...");
3033 DPRINTF(sc, UDMASS_GEN, "0x %s%s%s\n",
3034 s1, s2, s3);
3035 }
3036
3037 #endif
3038