1 /* $FreeBSD$ */ 2 /*- 3 * SPDX-License-Identifier: BSD-3-Clause 4 * 5 * Copyright (C) 2003-2005 Alan Stern 6 * Copyright (C) 2008 Hans Petter Selasky 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions, and the following disclaimer, 14 * without modification. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. The names of the above-listed copyright holders may not be used 19 * to endorse or promote products derived from this software without 20 * specific prior written permission. 21 * 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS 24 * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, 25 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 26 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR 27 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 28 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 29 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 */ 35 36 /* 37 * NOTE: Much of the SCSI statemachine handling code derives from the 38 * Linux USB gadget stack. 39 */ 40 41 #ifdef USB_GLOBAL_INCLUDE_FILE 42 #include USB_GLOBAL_INCLUDE_FILE 43 #else 44 #include <sys/stdint.h> 45 #include <sys/stddef.h> 46 #include <sys/param.h> 47 #include <sys/queue.h> 48 #include <sys/types.h> 49 #include <sys/systm.h> 50 #include <sys/kernel.h> 51 #include <sys/bus.h> 52 #include <sys/module.h> 53 #include <sys/lock.h> 54 #include <sys/mutex.h> 55 #include <sys/condvar.h> 56 #include <sys/sysctl.h> 57 #include <sys/sx.h> 58 #include <sys/unistd.h> 59 #include <sys/callout.h> 60 #include <sys/malloc.h> 61 #include <sys/priv.h> 62 63 #include <dev/usb/usb.h> 64 #include <dev/usb/usbdi.h> 65 #include "usbdevs.h" 66 #include "usb_if.h" 67 68 #define USB_DEBUG_VAR ustorage_fs_debug 69 #include <dev/usb/usb_debug.h> 70 #endif /* USB_GLOBAL_INCLUDE_FILE */ 71 72 #ifdef USB_DEBUG 73 static int ustorage_fs_debug = 0; 74 75 SYSCTL_NODE(_hw_usb, OID_AUTO, ustorage_fs, CTLFLAG_RW, 0, "USB ustorage_fs"); 76 SYSCTL_INT(_hw_usb_ustorage_fs, OID_AUTO, debug, CTLFLAG_RWTUN, 77 &ustorage_fs_debug, 0, "ustorage_fs debug level"); 78 #endif 79 80 /* Define some limits */ 81 82 #ifndef USTORAGE_FS_BULK_SIZE 83 #define USTORAGE_FS_BULK_SIZE (1U << 17) /* bytes */ 84 #endif 85 86 #ifndef USTORAGE_FS_MAX_LUN 87 #define USTORAGE_FS_MAX_LUN 8 /* units */ 88 #endif 89 90 #ifndef USTORAGE_QDATA_MAX 91 #define USTORAGE_QDATA_MAX 40 /* bytes */ 92 #endif 93 94 /* 95 * The SCSI ID string must be exactly 28 characters long 96 * exluding the terminating zero. 97 */ 98 #ifndef USTORAGE_FS_ID_STRING 99 #define USTORAGE_FS_ID_STRING \ 100 "FreeBSD " /* 8 */ \ 101 "File-Stor Gadget" /* 16 */ \ 102 "0101" /* 4 */ 103 #endif 104 105 /* 106 * The following macro defines the number of 107 * sectors to be allocated for the RAM disk: 108 */ 109 #ifndef USTORAGE_FS_RAM_SECT 110 #define USTORAGE_FS_RAM_SECT (1UL << 13) 111 #endif 112 113 static uint8_t *ustorage_fs_ramdisk; 114 115 /* USB transfer definitions */ 116 117 #define USTORAGE_FS_T_BBB_COMMAND 0 118 #define USTORAGE_FS_T_BBB_DATA_DUMP 1 119 #define USTORAGE_FS_T_BBB_DATA_READ 2 120 #define USTORAGE_FS_T_BBB_DATA_WRITE 3 121 #define USTORAGE_FS_T_BBB_STATUS 4 122 #define USTORAGE_FS_T_BBB_MAX 5 123 124 /* USB data stage direction */ 125 126 #define DIR_NONE 0 127 #define DIR_READ 1 128 #define DIR_WRITE 2 129 130 /* USB interface specific control request */ 131 132 #define UR_BBB_RESET 0xff /* Bulk-Only reset */ 133 #define UR_BBB_GET_MAX_LUN 0xfe /* Get maximum lun */ 134 135 /* Command Block Wrapper */ 136 typedef struct { 137 uDWord dCBWSignature; 138 #define CBWSIGNATURE 0x43425355 139 uDWord dCBWTag; 140 uDWord dCBWDataTransferLength; 141 uByte bCBWFlags; 142 #define CBWFLAGS_OUT 0x00 143 #define CBWFLAGS_IN 0x80 144 uByte bCBWLUN; 145 uByte bCDBLength; 146 #define CBWCDBLENGTH 16 147 uByte CBWCDB[CBWCDBLENGTH]; 148 } __packed ustorage_fs_bbb_cbw_t; 149 150 #define USTORAGE_FS_BBB_CBW_SIZE 31 151 152 /* Command Status Wrapper */ 153 typedef struct { 154 uDWord dCSWSignature; 155 #define CSWSIGNATURE 0x53425355 156 uDWord dCSWTag; 157 uDWord dCSWDataResidue; 158 uByte bCSWStatus; 159 #define CSWSTATUS_GOOD 0x0 160 #define CSWSTATUS_FAILED 0x1 161 #define CSWSTATUS_PHASE 0x2 162 } __packed ustorage_fs_bbb_csw_t; 163 164 #define USTORAGE_FS_BBB_CSW_SIZE 13 165 166 struct ustorage_fs_lun { 167 168 uint8_t *memory_image; 169 170 uint32_t num_sectors; 171 uint32_t sense_data; 172 uint32_t sense_data_info; 173 uint32_t unit_attention_data; 174 175 uint8_t read_only:1; 176 uint8_t prevent_medium_removal:1; 177 uint8_t info_valid:1; 178 uint8_t removable:1; 179 }; 180 181 struct ustorage_fs_softc { 182 183 ustorage_fs_bbb_cbw_t *sc_cbw; /* Command Wrapper Block */ 184 ustorage_fs_bbb_csw_t *sc_csw; /* Command Status Block */ 185 void *sc_dma_ptr; /* Main data buffer */ 186 187 struct mtx sc_mtx; 188 189 struct ustorage_fs_lun sc_lun[USTORAGE_FS_MAX_LUN]; 190 191 struct { 192 uint8_t *data_ptr; 193 struct ustorage_fs_lun *currlun; 194 195 uint32_t data_rem; /* bytes, as reported by the command 196 * block wrapper */ 197 uint32_t offset; /* bytes */ 198 199 uint8_t cbw_dir; 200 uint8_t cmd_dir; 201 uint8_t lun; 202 uint8_t cmd_len; 203 uint8_t data_short:1; 204 uint8_t data_error:1; 205 } sc_transfer; 206 207 device_t sc_dev; 208 struct usb_device *sc_udev; 209 struct usb_xfer *sc_xfer[USTORAGE_FS_T_BBB_MAX]; 210 211 uint8_t sc_iface_no; /* interface number */ 212 uint8_t sc_last_lun; 213 uint8_t sc_last_xfer_index; 214 uint8_t sc_qdata[USTORAGE_QDATA_MAX]; 215 }; 216 217 /* prototypes */ 218 219 static device_probe_t ustorage_fs_probe; 220 static device_attach_t ustorage_fs_attach; 221 static device_detach_t ustorage_fs_detach; 222 static device_suspend_t ustorage_fs_suspend; 223 static device_resume_t ustorage_fs_resume; 224 static usb_handle_request_t ustorage_fs_handle_request; 225 226 static usb_callback_t ustorage_fs_t_bbb_command_callback; 227 static usb_callback_t ustorage_fs_t_bbb_data_dump_callback; 228 static usb_callback_t ustorage_fs_t_bbb_data_read_callback; 229 static usb_callback_t ustorage_fs_t_bbb_data_write_callback; 230 static usb_callback_t ustorage_fs_t_bbb_status_callback; 231 232 static void ustorage_fs_transfer_start(struct ustorage_fs_softc *sc, uint8_t xfer_index); 233 static void ustorage_fs_transfer_stop(struct ustorage_fs_softc *sc); 234 235 static uint8_t ustorage_fs_verify(struct ustorage_fs_softc *sc); 236 static uint8_t ustorage_fs_inquiry(struct ustorage_fs_softc *sc); 237 static uint8_t ustorage_fs_request_sense(struct ustorage_fs_softc *sc); 238 static uint8_t ustorage_fs_read_capacity(struct ustorage_fs_softc *sc); 239 static uint8_t ustorage_fs_mode_sense(struct ustorage_fs_softc *sc); 240 static uint8_t ustorage_fs_start_stop(struct ustorage_fs_softc *sc); 241 static uint8_t ustorage_fs_prevent_allow(struct ustorage_fs_softc *sc); 242 static uint8_t ustorage_fs_read_format_capacities(struct ustorage_fs_softc *sc); 243 static uint8_t ustorage_fs_mode_select(struct ustorage_fs_softc *sc); 244 static uint8_t ustorage_fs_min_len(struct ustorage_fs_softc *sc, uint32_t len, uint32_t mask); 245 static uint8_t ustorage_fs_read(struct ustorage_fs_softc *sc); 246 static uint8_t ustorage_fs_write(struct ustorage_fs_softc *sc); 247 static uint8_t ustorage_fs_check_cmd(struct ustorage_fs_softc *sc, uint8_t cmd_size, uint16_t mask, uint8_t needs_medium); 248 static uint8_t ustorage_fs_do_cmd(struct ustorage_fs_softc *sc); 249 250 static device_method_t ustorage_fs_methods[] = { 251 /* USB interface */ 252 DEVMETHOD(usb_handle_request, ustorage_fs_handle_request), 253 254 /* Device interface */ 255 DEVMETHOD(device_probe, ustorage_fs_probe), 256 DEVMETHOD(device_attach, ustorage_fs_attach), 257 DEVMETHOD(device_detach, ustorage_fs_detach), 258 DEVMETHOD(device_suspend, ustorage_fs_suspend), 259 DEVMETHOD(device_resume, ustorage_fs_resume), 260 261 DEVMETHOD_END 262 }; 263 264 static driver_t ustorage_fs_driver = { 265 .name = "ustorage_fs", 266 .methods = ustorage_fs_methods, 267 .size = sizeof(struct ustorage_fs_softc), 268 }; 269 270 static devclass_t ustorage_fs_devclass; 271 272 DRIVER_MODULE(ustorage_fs, uhub, ustorage_fs_driver, ustorage_fs_devclass, NULL, 0); 273 MODULE_VERSION(ustorage_fs, 0); 274 MODULE_DEPEND(ustorage_fs, usb, 1, 1, 1); 275 276 static struct usb_config ustorage_fs_bbb_config[USTORAGE_FS_T_BBB_MAX] = { 277 278 [USTORAGE_FS_T_BBB_COMMAND] = { 279 .type = UE_BULK, 280 .endpoint = UE_ADDR_ANY, 281 .direction = UE_DIR_OUT, 282 .bufsize = sizeof(ustorage_fs_bbb_cbw_t), 283 .callback = &ustorage_fs_t_bbb_command_callback, 284 .usb_mode = USB_MODE_DEVICE, 285 }, 286 287 [USTORAGE_FS_T_BBB_DATA_DUMP] = { 288 .type = UE_BULK, 289 .endpoint = UE_ADDR_ANY, 290 .direction = UE_DIR_OUT, 291 .bufsize = 0, /* use wMaxPacketSize */ 292 .flags = {.proxy_buffer = 1,.short_xfer_ok = 1,}, 293 .callback = &ustorage_fs_t_bbb_data_dump_callback, 294 .usb_mode = USB_MODE_DEVICE, 295 }, 296 297 [USTORAGE_FS_T_BBB_DATA_READ] = { 298 .type = UE_BULK, 299 .endpoint = UE_ADDR_ANY, 300 .direction = UE_DIR_OUT, 301 .bufsize = USTORAGE_FS_BULK_SIZE, 302 .flags = {.proxy_buffer = 1,.short_xfer_ok = 1}, 303 .callback = &ustorage_fs_t_bbb_data_read_callback, 304 .usb_mode = USB_MODE_DEVICE, 305 }, 306 307 [USTORAGE_FS_T_BBB_DATA_WRITE] = { 308 .type = UE_BULK, 309 .endpoint = UE_ADDR_ANY, 310 .direction = UE_DIR_IN, 311 .bufsize = USTORAGE_FS_BULK_SIZE, 312 .flags = {.proxy_buffer = 1,.short_xfer_ok = 1,.ext_buffer = 1}, 313 .callback = &ustorage_fs_t_bbb_data_write_callback, 314 .usb_mode = USB_MODE_DEVICE, 315 }, 316 317 [USTORAGE_FS_T_BBB_STATUS] = { 318 .type = UE_BULK, 319 .endpoint = UE_ADDR_ANY, 320 .direction = UE_DIR_IN, 321 .bufsize = sizeof(ustorage_fs_bbb_csw_t), 322 .flags = {.short_xfer_ok = 1}, 323 .callback = &ustorage_fs_t_bbb_status_callback, 324 .usb_mode = USB_MODE_DEVICE, 325 }, 326 }; 327 328 /* 329 * USB device probe/attach/detach 330 */ 331 332 static int 333 ustorage_fs_probe(device_t dev) 334 { 335 struct usb_attach_arg *uaa = device_get_ivars(dev); 336 struct usb_interface_descriptor *id; 337 338 if (uaa->usb_mode != USB_MODE_DEVICE) { 339 return (ENXIO); 340 } 341 /* Check for a standards compliant device */ 342 id = usbd_get_interface_descriptor(uaa->iface); 343 if ((id == NULL) || 344 (id->bInterfaceClass != UICLASS_MASS) || 345 (id->bInterfaceSubClass != UISUBCLASS_SCSI) || 346 (id->bInterfaceProtocol != UIPROTO_MASS_BBB)) { 347 return (ENXIO); 348 } 349 return (BUS_PROBE_GENERIC); 350 } 351 352 static int 353 ustorage_fs_attach(device_t dev) 354 { 355 struct ustorage_fs_softc *sc = device_get_softc(dev); 356 struct usb_attach_arg *uaa = device_get_ivars(dev); 357 struct usb_interface_descriptor *id; 358 int err; 359 int unit; 360 361 /* 362 * NOTE: the softc struct is cleared in device_set_driver. 363 * We can safely call ustorage_fs_detach without specifically 364 * initializing the struct. 365 */ 366 367 sc->sc_dev = dev; 368 sc->sc_udev = uaa->device; 369 unit = device_get_unit(dev); 370 371 /* enable power saving mode */ 372 usbd_set_power_mode(uaa->device, USB_POWER_MODE_SAVE); 373 374 if (unit == 0) { 375 if (ustorage_fs_ramdisk == NULL) { 376 /* 377 * allocate a memory image for our ramdisk until 378 * further 379 */ 380 ustorage_fs_ramdisk = 381 malloc(USTORAGE_FS_RAM_SECT << 9, M_USB, 382 M_ZERO | M_WAITOK); 383 384 if (ustorage_fs_ramdisk == NULL) { 385 return (ENOMEM); 386 } 387 } 388 sc->sc_lun[0].memory_image = ustorage_fs_ramdisk; 389 sc->sc_lun[0].num_sectors = USTORAGE_FS_RAM_SECT; 390 sc->sc_lun[0].removable = 1; 391 } 392 393 device_set_usb_desc(dev); 394 395 mtx_init(&sc->sc_mtx, "USTORAGE_FS lock", 396 NULL, (MTX_DEF | MTX_RECURSE)); 397 398 /* get interface index */ 399 400 id = usbd_get_interface_descriptor(uaa->iface); 401 if (id == NULL) { 402 device_printf(dev, "failed to get " 403 "interface number\n"); 404 goto detach; 405 } 406 sc->sc_iface_no = id->bInterfaceNumber; 407 408 err = usbd_transfer_setup(uaa->device, 409 &uaa->info.bIfaceIndex, sc->sc_xfer, ustorage_fs_bbb_config, 410 USTORAGE_FS_T_BBB_MAX, sc, &sc->sc_mtx); 411 if (err) { 412 device_printf(dev, "could not setup required " 413 "transfers, %s\n", usbd_errstr(err)); 414 goto detach; 415 } 416 417 sc->sc_cbw = usbd_xfer_get_frame_buffer(sc->sc_xfer[ 418 USTORAGE_FS_T_BBB_COMMAND], 0); 419 sc->sc_csw = usbd_xfer_get_frame_buffer(sc->sc_xfer[ 420 USTORAGE_FS_T_BBB_STATUS], 0); 421 sc->sc_dma_ptr = usbd_xfer_get_frame_buffer(sc->sc_xfer[ 422 USTORAGE_FS_T_BBB_DATA_READ], 0); 423 424 /* start Mass Storage State Machine */ 425 426 mtx_lock(&sc->sc_mtx); 427 ustorage_fs_transfer_start(sc, USTORAGE_FS_T_BBB_COMMAND); 428 mtx_unlock(&sc->sc_mtx); 429 430 return (0); /* success */ 431 432 detach: 433 ustorage_fs_detach(dev); 434 return (ENXIO); /* failure */ 435 } 436 437 static int 438 ustorage_fs_detach(device_t dev) 439 { 440 struct ustorage_fs_softc *sc = device_get_softc(dev); 441 442 /* teardown our statemachine */ 443 444 usbd_transfer_unsetup(sc->sc_xfer, USTORAGE_FS_T_BBB_MAX); 445 446 mtx_destroy(&sc->sc_mtx); 447 448 return (0); /* success */ 449 } 450 451 static int 452 ustorage_fs_suspend(device_t dev) 453 { 454 device_printf(dev, "suspending\n"); 455 return (0); /* success */ 456 } 457 458 static int 459 ustorage_fs_resume(device_t dev) 460 { 461 device_printf(dev, "resuming\n"); 462 return (0); /* success */ 463 } 464 465 /* 466 * Generic functions to handle transfers 467 */ 468 469 static void 470 ustorage_fs_transfer_start(struct ustorage_fs_softc *sc, uint8_t xfer_index) 471 { 472 if (sc->sc_xfer[xfer_index]) { 473 sc->sc_last_xfer_index = xfer_index; 474 usbd_transfer_start(sc->sc_xfer[xfer_index]); 475 } 476 } 477 478 static void 479 ustorage_fs_transfer_stop(struct ustorage_fs_softc *sc) 480 { 481 usbd_transfer_stop(sc->sc_xfer[sc->sc_last_xfer_index]); 482 mtx_unlock(&sc->sc_mtx); 483 usbd_transfer_drain(sc->sc_xfer[sc->sc_last_xfer_index]); 484 mtx_lock(&sc->sc_mtx); 485 } 486 487 static int 488 ustorage_fs_handle_request(device_t dev, 489 const void *preq, void **pptr, uint16_t *plen, 490 uint16_t offset, uint8_t *pstate) 491 { 492 struct ustorage_fs_softc *sc = device_get_softc(dev); 493 const struct usb_device_request *req = preq; 494 uint8_t is_complete = *pstate; 495 496 if (!is_complete) { 497 if ((req->bmRequestType == UT_WRITE_CLASS_INTERFACE) && 498 (req->bRequest == UR_BBB_RESET)) { 499 *plen = 0; 500 mtx_lock(&sc->sc_mtx); 501 ustorage_fs_transfer_stop(sc); 502 sc->sc_transfer.data_error = 1; 503 ustorage_fs_transfer_start(sc, 504 USTORAGE_FS_T_BBB_COMMAND); 505 mtx_unlock(&sc->sc_mtx); 506 return (0); 507 } else if ((req->bmRequestType == UT_READ_CLASS_INTERFACE) && 508 (req->bRequest == UR_BBB_GET_MAX_LUN)) { 509 if (offset == 0) { 510 *plen = 1; 511 *pptr = &sc->sc_last_lun; 512 } else { 513 *plen = 0; 514 } 515 return (0); 516 } 517 } 518 return (ENXIO); /* use builtin handler */ 519 } 520 521 static void 522 ustorage_fs_t_bbb_command_callback(struct usb_xfer *xfer, usb_error_t error) 523 { 524 struct ustorage_fs_softc *sc = usbd_xfer_softc(xfer); 525 uint32_t tag; 526 uint8_t err = 0; 527 528 DPRINTF("\n"); 529 530 switch (USB_GET_STATE(xfer)) { 531 case USB_ST_TRANSFERRED: 532 533 tag = UGETDW(sc->sc_cbw->dCBWSignature); 534 535 if (tag != CBWSIGNATURE) { 536 /* do nothing */ 537 DPRINTF("invalid signature 0x%08x\n", tag); 538 break; 539 } 540 tag = UGETDW(sc->sc_cbw->dCBWTag); 541 542 /* echo back tag */ 543 USETDW(sc->sc_csw->dCSWTag, tag); 544 545 /* reset status */ 546 sc->sc_csw->bCSWStatus = 0; 547 548 /* reset data offset, data length and data remainder */ 549 sc->sc_transfer.offset = 0; 550 sc->sc_transfer.data_rem = 551 UGETDW(sc->sc_cbw->dCBWDataTransferLength); 552 553 /* reset data flags */ 554 sc->sc_transfer.data_short = 0; 555 556 /* extract LUN */ 557 sc->sc_transfer.lun = sc->sc_cbw->bCBWLUN; 558 559 if (sc->sc_transfer.data_rem == 0) { 560 sc->sc_transfer.cbw_dir = DIR_NONE; 561 } else { 562 if (sc->sc_cbw->bCBWFlags & CBWFLAGS_IN) { 563 sc->sc_transfer.cbw_dir = DIR_WRITE; 564 } else { 565 sc->sc_transfer.cbw_dir = DIR_READ; 566 } 567 } 568 569 sc->sc_transfer.cmd_len = sc->sc_cbw->bCDBLength; 570 if ((sc->sc_transfer.cmd_len > sizeof(sc->sc_cbw->CBWCDB)) || 571 (sc->sc_transfer.cmd_len == 0)) { 572 /* just halt - this is invalid */ 573 DPRINTF("invalid command length %d bytes\n", 574 sc->sc_transfer.cmd_len); 575 break; 576 } 577 578 err = ustorage_fs_do_cmd(sc); 579 if (err) { 580 /* got an error */ 581 DPRINTF("command failed\n"); 582 break; 583 } 584 if ((sc->sc_transfer.data_rem > 0) && 585 (sc->sc_transfer.cbw_dir != sc->sc_transfer.cmd_dir)) { 586 /* contradicting data transfer direction */ 587 err = 1; 588 DPRINTF("data direction mismatch\n"); 589 break; 590 } 591 switch (sc->sc_transfer.cbw_dir) { 592 case DIR_READ: 593 ustorage_fs_transfer_start(sc, USTORAGE_FS_T_BBB_DATA_READ); 594 break; 595 case DIR_WRITE: 596 ustorage_fs_transfer_start(sc, USTORAGE_FS_T_BBB_DATA_WRITE); 597 break; 598 default: 599 ustorage_fs_transfer_start(sc, 600 USTORAGE_FS_T_BBB_STATUS); 601 break; 602 } 603 break; 604 605 case USB_ST_SETUP: 606 tr_setup: 607 if (sc->sc_transfer.data_error) { 608 sc->sc_transfer.data_error = 0; 609 usbd_xfer_set_stall(xfer); 610 DPRINTF("stall pipe\n"); 611 } 612 usbd_xfer_set_frame_len(xfer, 0, 613 sizeof(ustorage_fs_bbb_cbw_t)); 614 usbd_transfer_submit(xfer); 615 break; 616 617 default: /* Error */ 618 DPRINTF("error\n"); 619 if (error == USB_ERR_CANCELLED) { 620 break; 621 } 622 /* If the pipe is already stalled, don't do another stall */ 623 if (!usbd_xfer_is_stalled(xfer)) 624 sc->sc_transfer.data_error = 1; 625 626 /* try again */ 627 goto tr_setup; 628 } 629 if (err) { 630 if (sc->sc_csw->bCSWStatus == 0) { 631 /* set some default error code */ 632 sc->sc_csw->bCSWStatus = CSWSTATUS_FAILED; 633 } 634 if (sc->sc_transfer.cbw_dir == DIR_READ) { 635 /* dump all data */ 636 ustorage_fs_transfer_start(sc, 637 USTORAGE_FS_T_BBB_DATA_DUMP); 638 return; 639 } 640 if (sc->sc_transfer.cbw_dir == DIR_WRITE) { 641 /* need to stall before status */ 642 sc->sc_transfer.data_error = 1; 643 } 644 ustorage_fs_transfer_start(sc, USTORAGE_FS_T_BBB_STATUS); 645 } 646 } 647 648 static void 649 ustorage_fs_t_bbb_data_dump_callback(struct usb_xfer *xfer, usb_error_t error) 650 { 651 struct ustorage_fs_softc *sc = usbd_xfer_softc(xfer); 652 uint32_t max_bulk = usbd_xfer_max_len(xfer); 653 int actlen, sumlen; 654 655 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL); 656 657 DPRINTF("\n"); 658 659 switch (USB_GET_STATE(xfer)) { 660 case USB_ST_TRANSFERRED: 661 sc->sc_transfer.data_rem -= actlen; 662 sc->sc_transfer.offset += actlen; 663 664 if (actlen != sumlen || sc->sc_transfer.data_rem == 0) { 665 /* short transfer or end of data */ 666 ustorage_fs_transfer_start(sc, 667 USTORAGE_FS_T_BBB_STATUS); 668 break; 669 } 670 /* Fallthrough */ 671 672 case USB_ST_SETUP: 673 tr_setup: 674 if (max_bulk > sc->sc_transfer.data_rem) { 675 max_bulk = sc->sc_transfer.data_rem; 676 } 677 if (sc->sc_transfer.data_error) { 678 sc->sc_transfer.data_error = 0; 679 usbd_xfer_set_stall(xfer); 680 } 681 usbd_xfer_set_frame_len(xfer, 0, max_bulk); 682 usbd_transfer_submit(xfer); 683 break; 684 685 default: /* Error */ 686 if (error == USB_ERR_CANCELLED) { 687 break; 688 } 689 /* 690 * If the pipe is already stalled, don't do another stall: 691 */ 692 if (!usbd_xfer_is_stalled(xfer)) 693 sc->sc_transfer.data_error = 1; 694 695 /* try again */ 696 goto tr_setup; 697 } 698 } 699 700 static void 701 ustorage_fs_t_bbb_data_read_callback(struct usb_xfer *xfer, usb_error_t error) 702 { 703 struct ustorage_fs_softc *sc = usbd_xfer_softc(xfer); 704 uint32_t max_bulk = usbd_xfer_max_len(xfer); 705 int actlen, sumlen; 706 707 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL); 708 709 DPRINTF("\n"); 710 711 switch (USB_GET_STATE(xfer)) { 712 case USB_ST_TRANSFERRED: 713 /* XXX copy data from DMA buffer */ 714 memcpy(sc->sc_transfer.data_ptr, sc->sc_dma_ptr, actlen); 715 716 sc->sc_transfer.data_rem -= actlen; 717 sc->sc_transfer.data_ptr += actlen; 718 sc->sc_transfer.offset += actlen; 719 720 if (actlen != sumlen || sc->sc_transfer.data_rem == 0) { 721 /* short transfer or end of data */ 722 ustorage_fs_transfer_start(sc, 723 USTORAGE_FS_T_BBB_STATUS); 724 break; 725 } 726 /* Fallthrough */ 727 728 case USB_ST_SETUP: 729 tr_setup: 730 if (max_bulk > sc->sc_transfer.data_rem) { 731 max_bulk = sc->sc_transfer.data_rem; 732 } 733 if (sc->sc_transfer.data_error) { 734 sc->sc_transfer.data_error = 0; 735 usbd_xfer_set_stall(xfer); 736 } 737 738 usbd_xfer_set_frame_data(xfer, 0, sc->sc_dma_ptr, max_bulk); 739 usbd_transfer_submit(xfer); 740 break; 741 742 default: /* Error */ 743 if (error == USB_ERR_CANCELLED) { 744 break; 745 } 746 /* If the pipe is already stalled, don't do another stall */ 747 if (!usbd_xfer_is_stalled(xfer)) 748 sc->sc_transfer.data_error = 1; 749 750 /* try again */ 751 goto tr_setup; 752 } 753 } 754 755 static void 756 ustorage_fs_t_bbb_data_write_callback(struct usb_xfer *xfer, usb_error_t error) 757 { 758 struct ustorage_fs_softc *sc = usbd_xfer_softc(xfer); 759 uint32_t max_bulk = usbd_xfer_max_len(xfer); 760 int actlen, sumlen; 761 762 usbd_xfer_status(xfer, &actlen, &sumlen, NULL, NULL); 763 764 DPRINTF("\n"); 765 766 switch (USB_GET_STATE(xfer)) { 767 case USB_ST_TRANSFERRED: 768 sc->sc_transfer.data_rem -= actlen; 769 sc->sc_transfer.data_ptr += actlen; 770 sc->sc_transfer.offset += actlen; 771 772 if (actlen != sumlen || sc->sc_transfer.data_rem == 0) { 773 /* short transfer or end of data */ 774 ustorage_fs_transfer_start(sc, 775 USTORAGE_FS_T_BBB_STATUS); 776 break; 777 } 778 case USB_ST_SETUP: 779 tr_setup: 780 if (max_bulk >= sc->sc_transfer.data_rem) { 781 max_bulk = sc->sc_transfer.data_rem; 782 if (sc->sc_transfer.data_short) 783 usbd_xfer_set_flag(xfer, USB_FORCE_SHORT_XFER); 784 else 785 usbd_xfer_clr_flag(xfer, USB_FORCE_SHORT_XFER); 786 } else 787 usbd_xfer_clr_flag(xfer, USB_FORCE_SHORT_XFER); 788 789 if (sc->sc_transfer.data_error) { 790 sc->sc_transfer.data_error = 0; 791 usbd_xfer_set_stall(xfer); 792 } 793 794 /* XXX copy data to DMA buffer */ 795 memcpy(sc->sc_dma_ptr, sc->sc_transfer.data_ptr, max_bulk); 796 797 usbd_xfer_set_frame_data(xfer, 0, sc->sc_dma_ptr, max_bulk); 798 usbd_transfer_submit(xfer); 799 break; 800 801 default: /* Error */ 802 if (error == USB_ERR_CANCELLED) { 803 break; 804 } 805 /* 806 * If the pipe is already stalled, don't do another 807 * stall 808 */ 809 if (!usbd_xfer_is_stalled(xfer)) 810 sc->sc_transfer.data_error = 1; 811 812 /* try again */ 813 goto tr_setup; 814 } 815 } 816 817 static void 818 ustorage_fs_t_bbb_status_callback(struct usb_xfer *xfer, usb_error_t error) 819 { 820 struct ustorage_fs_softc *sc = usbd_xfer_softc(xfer); 821 822 DPRINTF("\n"); 823 824 switch (USB_GET_STATE(xfer)) { 825 case USB_ST_TRANSFERRED: 826 ustorage_fs_transfer_start(sc, USTORAGE_FS_T_BBB_COMMAND); 827 break; 828 829 case USB_ST_SETUP: 830 tr_setup: 831 USETDW(sc->sc_csw->dCSWSignature, CSWSIGNATURE); 832 USETDW(sc->sc_csw->dCSWDataResidue, sc->sc_transfer.data_rem); 833 834 if (sc->sc_transfer.data_error) { 835 sc->sc_transfer.data_error = 0; 836 usbd_xfer_set_stall(xfer); 837 } 838 usbd_xfer_set_frame_len(xfer, 0, 839 sizeof(ustorage_fs_bbb_csw_t)); 840 usbd_transfer_submit(xfer); 841 break; 842 843 default: 844 if (error == USB_ERR_CANCELLED) { 845 break; 846 } 847 /* If the pipe is already stalled, don't do another stall */ 848 if (!usbd_xfer_is_stalled(xfer)) 849 sc->sc_transfer.data_error = 1; 850 851 /* try again */ 852 goto tr_setup; 853 } 854 } 855 856 /* SCSI commands that we recognize */ 857 #define SC_FORMAT_UNIT 0x04 858 #define SC_INQUIRY 0x12 859 #define SC_MODE_SELECT_6 0x15 860 #define SC_MODE_SELECT_10 0x55 861 #define SC_MODE_SENSE_6 0x1a 862 #define SC_MODE_SENSE_10 0x5a 863 #define SC_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e 864 #define SC_READ_6 0x08 865 #define SC_READ_10 0x28 866 #define SC_READ_12 0xa8 867 #define SC_READ_CAPACITY 0x25 868 #define SC_READ_FORMAT_CAPACITIES 0x23 869 #define SC_RELEASE 0x17 870 #define SC_REQUEST_SENSE 0x03 871 #define SC_RESERVE 0x16 872 #define SC_SEND_DIAGNOSTIC 0x1d 873 #define SC_START_STOP_UNIT 0x1b 874 #define SC_SYNCHRONIZE_CACHE 0x35 875 #define SC_TEST_UNIT_READY 0x00 876 #define SC_VERIFY 0x2f 877 #define SC_WRITE_6 0x0a 878 #define SC_WRITE_10 0x2a 879 #define SC_WRITE_12 0xaa 880 881 /* SCSI Sense Key/Additional Sense Code/ASC Qualifier values */ 882 #define SS_NO_SENSE 0 883 #define SS_COMMUNICATION_FAILURE 0x040800 884 #define SS_INVALID_COMMAND 0x052000 885 #define SS_INVALID_FIELD_IN_CDB 0x052400 886 #define SS_LOGICAL_BLOCK_ADDRESS_OUT_OF_RANGE 0x052100 887 #define SS_LOGICAL_UNIT_NOT_SUPPORTED 0x052500 888 #define SS_MEDIUM_NOT_PRESENT 0x023a00 889 #define SS_MEDIUM_REMOVAL_PREVENTED 0x055302 890 #define SS_NOT_READY_TO_READY_TRANSITION 0x062800 891 #define SS_RESET_OCCURRED 0x062900 892 #define SS_SAVING_PARAMETERS_NOT_SUPPORTED 0x053900 893 #define SS_UNRECOVERED_READ_ERROR 0x031100 894 #define SS_WRITE_ERROR 0x030c02 895 #define SS_WRITE_PROTECTED 0x072700 896 897 #define SK(x) ((uint8_t) ((x) >> 16)) /* Sense Key byte, etc. */ 898 #define ASC(x) ((uint8_t) ((x) >> 8)) 899 #define ASCQ(x) ((uint8_t) (x)) 900 901 /* Routines for unaligned data access */ 902 903 static uint16_t 904 get_be16(uint8_t *buf) 905 { 906 return ((uint16_t)buf[0] << 8) | ((uint16_t)buf[1]); 907 } 908 909 static uint32_t 910 get_be32(uint8_t *buf) 911 { 912 return ((uint32_t)buf[0] << 24) | ((uint32_t)buf[1] << 16) | 913 ((uint32_t)buf[2] << 8) | ((uint32_t)buf[3]); 914 } 915 916 static void 917 put_be16(uint8_t *buf, uint16_t val) 918 { 919 buf[0] = val >> 8; 920 buf[1] = val; 921 } 922 923 static void 924 put_be32(uint8_t *buf, uint32_t val) 925 { 926 buf[0] = val >> 24; 927 buf[1] = val >> 16; 928 buf[2] = val >> 8; 929 buf[3] = val & 0xff; 930 } 931 932 /*------------------------------------------------------------------------* 933 * ustorage_fs_verify 934 * 935 * Returns: 936 * 0: Success 937 * Else: Failure 938 *------------------------------------------------------------------------*/ 939 static uint8_t 940 ustorage_fs_verify(struct ustorage_fs_softc *sc) 941 { 942 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 943 uint32_t lba; 944 uint32_t vlen; 945 uint64_t file_offset; 946 uint64_t amount_left; 947 948 /* 949 * Get the starting Logical Block Address 950 */ 951 lba = get_be32(&sc->sc_cbw->CBWCDB[2]); 952 953 /* 954 * We allow DPO (Disable Page Out = don't save data in the cache) 955 * but we don't implement it. 956 */ 957 if ((sc->sc_cbw->CBWCDB[1] & ~0x10) != 0) { 958 currlun->sense_data = SS_INVALID_FIELD_IN_CDB; 959 return (1); 960 } 961 vlen = get_be16(&sc->sc_cbw->CBWCDB[7]); 962 if (vlen == 0) { 963 goto done; 964 } 965 /* No default reply */ 966 967 /* Prepare to carry out the file verify */ 968 amount_left = vlen; 969 amount_left <<= 9; 970 file_offset = lba; 971 file_offset <<= 9; 972 973 /* Range check */ 974 vlen += lba; 975 976 if ((vlen < lba) || 977 (vlen > currlun->num_sectors) || 978 (lba >= currlun->num_sectors)) { 979 currlun->sense_data = SS_LOGICAL_BLOCK_ADDRESS_OUT_OF_RANGE; 980 return (1); 981 } 982 /* XXX TODO: verify that data is readable */ 983 done: 984 return (ustorage_fs_min_len(sc, 0, -1U)); 985 } 986 987 /*------------------------------------------------------------------------* 988 * ustorage_fs_inquiry 989 * 990 * Returns: 991 * 0: Success 992 * Else: Failure 993 *------------------------------------------------------------------------*/ 994 static uint8_t 995 ustorage_fs_inquiry(struct ustorage_fs_softc *sc) 996 { 997 uint8_t *buf = sc->sc_transfer.data_ptr; 998 999 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 1000 1001 if (!sc->sc_transfer.currlun) { 1002 /* Unsupported LUNs are okay */ 1003 memset(buf, 0, 36); 1004 buf[0] = 0x7f; 1005 /* Unsupported, no device - type */ 1006 return (ustorage_fs_min_len(sc, 36, -1U)); 1007 } 1008 memset(buf, 0, 8); 1009 /* Non - removable, direct - access device */ 1010 if (currlun->removable) 1011 buf[1] = 0x80; 1012 buf[2] = 2; 1013 /* ANSI SCSI level 2 */ 1014 buf[3] = 2; 1015 /* SCSI - 2 INQUIRY data format */ 1016 buf[4] = 31; 1017 /* Additional length */ 1018 /* No special options */ 1019 /* Copy in ID string */ 1020 memcpy(buf + 8, USTORAGE_FS_ID_STRING, 28); 1021 1022 #if (USTORAGE_QDATA_MAX < 36) 1023 #error "(USTORAGE_QDATA_MAX < 36)" 1024 #endif 1025 return (ustorage_fs_min_len(sc, 36, -1U)); 1026 } 1027 1028 /*------------------------------------------------------------------------* 1029 * ustorage_fs_request_sense 1030 * 1031 * Returns: 1032 * 0: Success 1033 * Else: Failure 1034 *------------------------------------------------------------------------*/ 1035 static uint8_t 1036 ustorage_fs_request_sense(struct ustorage_fs_softc *sc) 1037 { 1038 uint8_t *buf = sc->sc_transfer.data_ptr; 1039 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 1040 uint32_t sd; 1041 uint32_t sdinfo; 1042 uint8_t valid; 1043 1044 /* 1045 * From the SCSI-2 spec., section 7.9 (Unit attention condition): 1046 * 1047 * If a REQUEST SENSE command is received from an initiator 1048 * with a pending unit attention condition (before the target 1049 * generates the contingent allegiance condition), then the 1050 * target shall either: 1051 * a) report any pending sense data and preserve the unit 1052 * attention condition on the logical unit, or, 1053 * b) report the unit attention condition, may discard any 1054 * pending sense data, and clear the unit attention 1055 * condition on the logical unit for that initiator. 1056 * 1057 * FSG normally uses option a); enable this code to use option b). 1058 */ 1059 #if 0 1060 if (currlun && currlun->unit_attention_data != SS_NO_SENSE) { 1061 currlun->sense_data = currlun->unit_attention_data; 1062 currlun->unit_attention_data = SS_NO_SENSE; 1063 } 1064 #endif 1065 1066 if (!currlun) { 1067 /* Unsupported LUNs are okay */ 1068 sd = SS_LOGICAL_UNIT_NOT_SUPPORTED; 1069 sdinfo = 0; 1070 valid = 0; 1071 } else { 1072 sd = currlun->sense_data; 1073 sdinfo = currlun->sense_data_info; 1074 valid = currlun->info_valid << 7; 1075 currlun->sense_data = SS_NO_SENSE; 1076 currlun->sense_data_info = 0; 1077 currlun->info_valid = 0; 1078 } 1079 1080 memset(buf, 0, 18); 1081 buf[0] = valid | 0x70; 1082 /* Valid, current error */ 1083 buf[2] = SK(sd); 1084 put_be32(&buf[3], sdinfo); 1085 /* Sense information */ 1086 buf[7] = 18 - 8; 1087 /* Additional sense length */ 1088 buf[12] = ASC(sd); 1089 buf[13] = ASCQ(sd); 1090 1091 #if (USTORAGE_QDATA_MAX < 18) 1092 #error "(USTORAGE_QDATA_MAX < 18)" 1093 #endif 1094 return (ustorage_fs_min_len(sc, 18, -1U)); 1095 } 1096 1097 /*------------------------------------------------------------------------* 1098 * ustorage_fs_read_capacity 1099 * 1100 * Returns: 1101 * 0: Success 1102 * Else: Failure 1103 *------------------------------------------------------------------------*/ 1104 static uint8_t 1105 ustorage_fs_read_capacity(struct ustorage_fs_softc *sc) 1106 { 1107 uint8_t *buf = sc->sc_transfer.data_ptr; 1108 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 1109 uint32_t lba = get_be32(&sc->sc_cbw->CBWCDB[2]); 1110 uint8_t pmi = sc->sc_cbw->CBWCDB[8]; 1111 1112 /* Check the PMI and LBA fields */ 1113 if ((pmi > 1) || ((pmi == 0) && (lba != 0))) { 1114 currlun->sense_data = SS_INVALID_FIELD_IN_CDB; 1115 return (1); 1116 } 1117 /* Max logical block */ 1118 put_be32(&buf[0], currlun->num_sectors - 1); 1119 /* Block length */ 1120 put_be32(&buf[4], 512); 1121 1122 #if (USTORAGE_QDATA_MAX < 8) 1123 #error "(USTORAGE_QDATA_MAX < 8)" 1124 #endif 1125 return (ustorage_fs_min_len(sc, 8, -1U)); 1126 } 1127 1128 /*------------------------------------------------------------------------* 1129 * ustorage_fs_mode_sense 1130 * 1131 * Returns: 1132 * 0: Success 1133 * Else: Failure 1134 *------------------------------------------------------------------------*/ 1135 static uint8_t 1136 ustorage_fs_mode_sense(struct ustorage_fs_softc *sc) 1137 { 1138 uint8_t *buf = sc->sc_transfer.data_ptr; 1139 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 1140 uint8_t *buf0; 1141 uint16_t len; 1142 uint16_t limit; 1143 uint8_t mscmnd = sc->sc_cbw->CBWCDB[0]; 1144 uint8_t pc; 1145 uint8_t page_code; 1146 uint8_t changeable_values; 1147 uint8_t all_pages; 1148 1149 buf0 = buf; 1150 1151 if ((sc->sc_cbw->CBWCDB[1] & ~0x08) != 0) { 1152 /* Mask away DBD */ 1153 currlun->sense_data = SS_INVALID_FIELD_IN_CDB; 1154 return (1); 1155 } 1156 pc = sc->sc_cbw->CBWCDB[2] >> 6; 1157 page_code = sc->sc_cbw->CBWCDB[2] & 0x3f; 1158 if (pc == 3) { 1159 currlun->sense_data = SS_SAVING_PARAMETERS_NOT_SUPPORTED; 1160 return (1); 1161 } 1162 changeable_values = (pc == 1); 1163 all_pages = (page_code == 0x3f); 1164 1165 /* 1166 * Write the mode parameter header. Fixed values are: default 1167 * medium type, no cache control (DPOFUA), and no block descriptors. 1168 * The only variable value is the WriteProtect bit. We will fill in 1169 * the mode data length later. 1170 */ 1171 memset(buf, 0, 8); 1172 if (mscmnd == SC_MODE_SENSE_6) { 1173 buf[2] = (currlun->read_only ? 0x80 : 0x00); 1174 /* WP, DPOFUA */ 1175 buf += 4; 1176 limit = 255; 1177 } else { 1178 /* SC_MODE_SENSE_10 */ 1179 buf[3] = (currlun->read_only ? 0x80 : 0x00); 1180 /* WP, DPOFUA */ 1181 buf += 8; 1182 limit = 65535; 1183 /* Should really be mod_data.buflen */ 1184 } 1185 1186 /* No block descriptors */ 1187 1188 /* 1189 * The mode pages, in numerical order. 1190 */ 1191 if ((page_code == 0x08) || all_pages) { 1192 buf[0] = 0x08; 1193 /* Page code */ 1194 buf[1] = 10; 1195 /* Page length */ 1196 memset(buf + 2, 0, 10); 1197 /* None of the fields are changeable */ 1198 1199 if (!changeable_values) { 1200 buf[2] = 0x04; 1201 /* Write cache enable, */ 1202 /* Read cache not disabled */ 1203 /* No cache retention priorities */ 1204 put_be16(&buf[4], 0xffff); 1205 /* Don 't disable prefetch */ 1206 /* Minimum prefetch = 0 */ 1207 put_be16(&buf[8], 0xffff); 1208 /* Maximum prefetch */ 1209 put_be16(&buf[10], 0xffff); 1210 /* Maximum prefetch ceiling */ 1211 } 1212 buf += 12; 1213 } 1214 /* 1215 * Check that a valid page was requested and the mode data length 1216 * isn't too long. 1217 */ 1218 len = buf - buf0; 1219 if (len > limit) { 1220 currlun->sense_data = SS_INVALID_FIELD_IN_CDB; 1221 return (1); 1222 } 1223 /* Store the mode data length */ 1224 if (mscmnd == SC_MODE_SENSE_6) 1225 buf0[0] = len - 1; 1226 else 1227 put_be16(buf0, len - 2); 1228 1229 #if (USTORAGE_QDATA_MAX < 24) 1230 #error "(USTORAGE_QDATA_MAX < 24)" 1231 #endif 1232 return (ustorage_fs_min_len(sc, len, -1U)); 1233 } 1234 1235 /*------------------------------------------------------------------------* 1236 * ustorage_fs_start_stop 1237 * 1238 * Returns: 1239 * 0: Success 1240 * Else: Failure 1241 *------------------------------------------------------------------------*/ 1242 static uint8_t 1243 ustorage_fs_start_stop(struct ustorage_fs_softc *sc) 1244 { 1245 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 1246 uint8_t loej; 1247 uint8_t start; 1248 uint8_t immed; 1249 1250 if (!currlun->removable) { 1251 currlun->sense_data = SS_INVALID_COMMAND; 1252 return (1); 1253 } 1254 immed = sc->sc_cbw->CBWCDB[1] & 0x01; 1255 loej = sc->sc_cbw->CBWCDB[4] & 0x02; 1256 start = sc->sc_cbw->CBWCDB[4] & 0x01; 1257 1258 if (immed || loej || start) { 1259 /* compile fix */ 1260 } 1261 return (0); 1262 } 1263 1264 /*------------------------------------------------------------------------* 1265 * ustorage_fs_prevent_allow 1266 * 1267 * Returns: 1268 * 0: Success 1269 * Else: Failure 1270 *------------------------------------------------------------------------*/ 1271 static uint8_t 1272 ustorage_fs_prevent_allow(struct ustorage_fs_softc *sc) 1273 { 1274 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 1275 uint8_t prevent; 1276 1277 if (!currlun->removable) { 1278 currlun->sense_data = SS_INVALID_COMMAND; 1279 return (1); 1280 } 1281 prevent = sc->sc_cbw->CBWCDB[4] & 0x01; 1282 if ((sc->sc_cbw->CBWCDB[4] & ~0x01) != 0) { 1283 /* Mask away Prevent */ 1284 currlun->sense_data = SS_INVALID_FIELD_IN_CDB; 1285 return (1); 1286 } 1287 if (currlun->prevent_medium_removal && !prevent) { 1288 //fsync_sub(currlun); 1289 } 1290 currlun->prevent_medium_removal = prevent; 1291 return (0); 1292 } 1293 1294 /*------------------------------------------------------------------------* 1295 * ustorage_fs_read_format_capacities 1296 * 1297 * Returns: 1298 * 0: Success 1299 * Else: Failure 1300 *------------------------------------------------------------------------*/ 1301 static uint8_t 1302 ustorage_fs_read_format_capacities(struct ustorage_fs_softc *sc) 1303 { 1304 uint8_t *buf = sc->sc_transfer.data_ptr; 1305 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 1306 1307 buf[0] = buf[1] = buf[2] = 0; 1308 buf[3] = 8; 1309 /* Only the Current / Maximum Capacity Descriptor */ 1310 buf += 4; 1311 1312 /* Number of blocks */ 1313 put_be32(&buf[0], currlun->num_sectors); 1314 /* Block length */ 1315 put_be32(&buf[4], 512); 1316 /* Current capacity */ 1317 buf[4] = 0x02; 1318 1319 #if (USTORAGE_QDATA_MAX < 12) 1320 #error "(USTORAGE_QDATA_MAX < 12)" 1321 #endif 1322 return (ustorage_fs_min_len(sc, 12, -1U)); 1323 } 1324 1325 /*------------------------------------------------------------------------* 1326 * ustorage_fs_mode_select 1327 * 1328 * Return values: 1329 * 0: Success 1330 * Else: Failure 1331 *------------------------------------------------------------------------*/ 1332 static uint8_t 1333 ustorage_fs_mode_select(struct ustorage_fs_softc *sc) 1334 { 1335 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 1336 1337 /* We don't support MODE SELECT */ 1338 currlun->sense_data = SS_INVALID_COMMAND; 1339 return (1); 1340 } 1341 1342 /*------------------------------------------------------------------------* 1343 * ustorage_fs_synchronize_cache 1344 * 1345 * Return values: 1346 * 0: Success 1347 * Else: Failure 1348 *------------------------------------------------------------------------*/ 1349 static uint8_t 1350 ustorage_fs_synchronize_cache(struct ustorage_fs_softc *sc) 1351 { 1352 #if 0 1353 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 1354 uint8_t rc; 1355 1356 /* 1357 * We ignore the requested LBA and write out all dirty data buffers. 1358 */ 1359 rc = 0; 1360 if (rc) { 1361 currlun->sense_data = SS_WRITE_ERROR; 1362 } 1363 #endif 1364 return (0); 1365 } 1366 1367 /*------------------------------------------------------------------------* 1368 * ustorage_fs_read - read data from disk 1369 * 1370 * Return values: 1371 * 0: Success 1372 * Else: Failure 1373 *------------------------------------------------------------------------*/ 1374 static uint8_t 1375 ustorage_fs_read(struct ustorage_fs_softc *sc) 1376 { 1377 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 1378 uint64_t file_offset; 1379 uint32_t lba; 1380 uint32_t len; 1381 1382 /* 1383 * Get the starting Logical Block Address and check that it's not 1384 * too big 1385 */ 1386 if (sc->sc_cbw->CBWCDB[0] == SC_READ_6) { 1387 lba = (((uint32_t)sc->sc_cbw->CBWCDB[1]) << 16) | 1388 get_be16(&sc->sc_cbw->CBWCDB[2]); 1389 } else { 1390 lba = get_be32(&sc->sc_cbw->CBWCDB[2]); 1391 1392 /* 1393 * We allow DPO (Disable Page Out = don't save data in the 1394 * cache) and FUA (Force Unit Access = don't read from the 1395 * cache), but we don't implement them. 1396 */ 1397 if ((sc->sc_cbw->CBWCDB[1] & ~0x18) != 0) { 1398 currlun->sense_data = SS_INVALID_FIELD_IN_CDB; 1399 return (1); 1400 } 1401 } 1402 len = sc->sc_transfer.data_rem >> 9; 1403 len += lba; 1404 1405 if ((len < lba) || 1406 (len > currlun->num_sectors) || 1407 (lba >= currlun->num_sectors)) { 1408 currlun->sense_data = SS_LOGICAL_BLOCK_ADDRESS_OUT_OF_RANGE; 1409 return (1); 1410 } 1411 file_offset = lba; 1412 file_offset <<= 9; 1413 1414 sc->sc_transfer.data_ptr = currlun->memory_image + file_offset; 1415 1416 return (0); 1417 } 1418 1419 /*------------------------------------------------------------------------* 1420 * ustorage_fs_write - write data to disk 1421 * 1422 * Return values: 1423 * 0: Success 1424 * Else: Failure 1425 *------------------------------------------------------------------------*/ 1426 static uint8_t 1427 ustorage_fs_write(struct ustorage_fs_softc *sc) 1428 { 1429 struct ustorage_fs_lun *currlun = sc->sc_transfer.currlun; 1430 uint64_t file_offset; 1431 uint32_t lba; 1432 uint32_t len; 1433 1434 if (currlun->read_only) { 1435 currlun->sense_data = SS_WRITE_PROTECTED; 1436 return (1); 1437 } 1438 /* XXX clear SYNC */ 1439 1440 /* 1441 * Get the starting Logical Block Address and check that it's not 1442 * too big. 1443 */ 1444 if (sc->sc_cbw->CBWCDB[0] == SC_WRITE_6) 1445 lba = (((uint32_t)sc->sc_cbw->CBWCDB[1]) << 16) | 1446 get_be16(&sc->sc_cbw->CBWCDB[2]); 1447 else { 1448 lba = get_be32(&sc->sc_cbw->CBWCDB[2]); 1449 1450 /* 1451 * We allow DPO (Disable Page Out = don't save data in the 1452 * cache) and FUA (Force Unit Access = write directly to the 1453 * medium). We don't implement DPO; we implement FUA by 1454 * performing synchronous output. 1455 */ 1456 if ((sc->sc_cbw->CBWCDB[1] & ~0x18) != 0) { 1457 currlun->sense_data = SS_INVALID_FIELD_IN_CDB; 1458 return (1); 1459 } 1460 if (sc->sc_cbw->CBWCDB[1] & 0x08) { 1461 /* FUA */ 1462 /* XXX set SYNC flag here */ 1463 } 1464 } 1465 1466 len = sc->sc_transfer.data_rem >> 9; 1467 len += lba; 1468 1469 if ((len < lba) || 1470 (len > currlun->num_sectors) || 1471 (lba >= currlun->num_sectors)) { 1472 currlun->sense_data = SS_LOGICAL_BLOCK_ADDRESS_OUT_OF_RANGE; 1473 return (1); 1474 } 1475 file_offset = lba; 1476 file_offset <<= 9; 1477 1478 sc->sc_transfer.data_ptr = currlun->memory_image + file_offset; 1479 1480 return (0); 1481 } 1482 1483 /*------------------------------------------------------------------------* 1484 * ustorage_fs_min_len 1485 * 1486 * Return values: 1487 * 0: Success 1488 * Else: Failure 1489 *------------------------------------------------------------------------*/ 1490 static uint8_t 1491 ustorage_fs_min_len(struct ustorage_fs_softc *sc, uint32_t len, uint32_t mask) 1492 { 1493 if (len != sc->sc_transfer.data_rem) { 1494 1495 if (sc->sc_transfer.cbw_dir == DIR_READ) { 1496 /* 1497 * there must be something wrong about this SCSI 1498 * command 1499 */ 1500 sc->sc_csw->bCSWStatus = CSWSTATUS_PHASE; 1501 return (1); 1502 } 1503 /* compute the minimum length */ 1504 1505 if (sc->sc_transfer.data_rem > len) { 1506 /* data ends prematurely */ 1507 sc->sc_transfer.data_rem = len; 1508 sc->sc_transfer.data_short = 1; 1509 } 1510 /* check length alignment */ 1511 1512 if (sc->sc_transfer.data_rem & ~mask) { 1513 /* data ends prematurely */ 1514 sc->sc_transfer.data_rem &= mask; 1515 sc->sc_transfer.data_short = 1; 1516 } 1517 } 1518 return (0); 1519 } 1520 1521 /*------------------------------------------------------------------------* 1522 * ustorage_fs_check_cmd - check command routine 1523 * 1524 * Check whether the command is properly formed and whether its data 1525 * size and direction agree with the values we already have. 1526 * 1527 * Return values: 1528 * 0: Success 1529 * Else: Failure 1530 *------------------------------------------------------------------------*/ 1531 static uint8_t 1532 ustorage_fs_check_cmd(struct ustorage_fs_softc *sc, uint8_t min_cmd_size, 1533 uint16_t mask, uint8_t needs_medium) 1534 { 1535 struct ustorage_fs_lun *currlun; 1536 uint8_t lun = (sc->sc_cbw->CBWCDB[1] >> 5); 1537 uint8_t i; 1538 1539 /* Verify the length of the command itself */ 1540 if (min_cmd_size > sc->sc_transfer.cmd_len) { 1541 DPRINTF("%u > %u\n", 1542 min_cmd_size, sc->sc_transfer.cmd_len); 1543 sc->sc_csw->bCSWStatus = CSWSTATUS_PHASE; 1544 return (1); 1545 } 1546 /* Mask away the LUN */ 1547 sc->sc_cbw->CBWCDB[1] &= 0x1f; 1548 1549 /* Check if LUN is correct */ 1550 if (lun != sc->sc_transfer.lun) { 1551 1552 } 1553 /* Check the LUN */ 1554 if (sc->sc_transfer.lun <= sc->sc_last_lun) { 1555 sc->sc_transfer.currlun = currlun = 1556 sc->sc_lun + sc->sc_transfer.lun; 1557 if (sc->sc_cbw->CBWCDB[0] != SC_REQUEST_SENSE) { 1558 currlun->sense_data = SS_NO_SENSE; 1559 currlun->sense_data_info = 0; 1560 currlun->info_valid = 0; 1561 } 1562 /* 1563 * If a unit attention condition exists, only INQUIRY 1564 * and REQUEST SENSE commands are allowed. Anything 1565 * else must fail! 1566 */ 1567 if ((currlun->unit_attention_data != SS_NO_SENSE) && 1568 (sc->sc_cbw->CBWCDB[0] != SC_INQUIRY) && 1569 (sc->sc_cbw->CBWCDB[0] != SC_REQUEST_SENSE)) { 1570 currlun->sense_data = currlun->unit_attention_data; 1571 currlun->unit_attention_data = SS_NO_SENSE; 1572 return (1); 1573 } 1574 } else { 1575 sc->sc_transfer.currlun = currlun = NULL; 1576 1577 /* 1578 * INQUIRY and REQUEST SENSE commands are explicitly allowed 1579 * to use unsupported LUNs; all others may not. 1580 */ 1581 if ((sc->sc_cbw->CBWCDB[0] != SC_INQUIRY) && 1582 (sc->sc_cbw->CBWCDB[0] != SC_REQUEST_SENSE)) { 1583 return (1); 1584 } 1585 } 1586 1587 /* 1588 * Check that only command bytes listed in the mask are 1589 * non-zero. 1590 */ 1591 for (i = 0; i != min_cmd_size; i++) { 1592 if (sc->sc_cbw->CBWCDB[i] && !(mask & (1UL << i))) { 1593 if (currlun) { 1594 currlun->sense_data = SS_INVALID_FIELD_IN_CDB; 1595 } 1596 return (1); 1597 } 1598 } 1599 1600 /* 1601 * If the medium isn't mounted and the command needs to access 1602 * it, return an error. 1603 */ 1604 if (currlun && (!currlun->memory_image) && needs_medium) { 1605 currlun->sense_data = SS_MEDIUM_NOT_PRESENT; 1606 return (1); 1607 } 1608 return (0); 1609 } 1610 1611 /*------------------------------------------------------------------------* 1612 * ustorage_fs_do_cmd - do command 1613 * 1614 * Return values: 1615 * 0: Success 1616 * Else: Failure 1617 *------------------------------------------------------------------------*/ 1618 static uint8_t 1619 ustorage_fs_do_cmd(struct ustorage_fs_softc *sc) 1620 { 1621 uint8_t error = 1; 1622 uint8_t i; 1623 uint32_t temp; 1624 const uint32_t mask9 = (0xFFFFFFFFUL >> 9) << 9; 1625 1626 /* set default data transfer pointer */ 1627 sc->sc_transfer.data_ptr = sc->sc_qdata; 1628 1629 DPRINTF("cmd_data[0]=0x%02x, data_rem=0x%08x\n", 1630 sc->sc_cbw->CBWCDB[0], sc->sc_transfer.data_rem); 1631 1632 switch (sc->sc_cbw->CBWCDB[0]) { 1633 case SC_INQUIRY: 1634 sc->sc_transfer.cmd_dir = DIR_WRITE; 1635 error = ustorage_fs_min_len(sc, sc->sc_cbw->CBWCDB[4], -1U); 1636 if (error) { 1637 break; 1638 } 1639 error = ustorage_fs_check_cmd(sc, 6, 1640 (1UL << 4) | 1, 0); 1641 if (error) { 1642 break; 1643 } 1644 error = ustorage_fs_inquiry(sc); 1645 1646 break; 1647 1648 case SC_MODE_SELECT_6: 1649 sc->sc_transfer.cmd_dir = DIR_READ; 1650 error = ustorage_fs_min_len(sc, sc->sc_cbw->CBWCDB[4], -1U); 1651 if (error) { 1652 break; 1653 } 1654 error = ustorage_fs_check_cmd(sc, 6, 1655 (1UL << 1) | (1UL << 4) | 1, 0); 1656 if (error) { 1657 break; 1658 } 1659 error = ustorage_fs_mode_select(sc); 1660 1661 break; 1662 1663 case SC_MODE_SELECT_10: 1664 sc->sc_transfer.cmd_dir = DIR_READ; 1665 error = ustorage_fs_min_len(sc, 1666 get_be16(&sc->sc_cbw->CBWCDB[7]), -1U); 1667 if (error) { 1668 break; 1669 } 1670 error = ustorage_fs_check_cmd(sc, 10, 1671 (1UL << 1) | (3UL << 7) | 1, 0); 1672 if (error) { 1673 break; 1674 } 1675 error = ustorage_fs_mode_select(sc); 1676 1677 break; 1678 1679 case SC_MODE_SENSE_6: 1680 sc->sc_transfer.cmd_dir = DIR_WRITE; 1681 error = ustorage_fs_min_len(sc, sc->sc_cbw->CBWCDB[4], -1U); 1682 if (error) { 1683 break; 1684 } 1685 error = ustorage_fs_check_cmd(sc, 6, 1686 (1UL << 1) | (1UL << 2) | (1UL << 4) | 1, 0); 1687 if (error) { 1688 break; 1689 } 1690 error = ustorage_fs_mode_sense(sc); 1691 1692 break; 1693 1694 case SC_MODE_SENSE_10: 1695 sc->sc_transfer.cmd_dir = DIR_WRITE; 1696 error = ustorage_fs_min_len(sc, 1697 get_be16(&sc->sc_cbw->CBWCDB[7]), -1U); 1698 if (error) { 1699 break; 1700 } 1701 error = ustorage_fs_check_cmd(sc, 10, 1702 (1UL << 1) | (1UL << 2) | (3UL << 7) | 1, 0); 1703 if (error) { 1704 break; 1705 } 1706 error = ustorage_fs_mode_sense(sc); 1707 1708 break; 1709 1710 case SC_PREVENT_ALLOW_MEDIUM_REMOVAL: 1711 error = ustorage_fs_min_len(sc, 0, -1U); 1712 if (error) { 1713 break; 1714 } 1715 error = ustorage_fs_check_cmd(sc, 6, 1716 (1UL << 4) | 1, 0); 1717 if (error) { 1718 break; 1719 } 1720 error = ustorage_fs_prevent_allow(sc); 1721 1722 break; 1723 1724 case SC_READ_6: 1725 i = sc->sc_cbw->CBWCDB[4]; 1726 sc->sc_transfer.cmd_dir = DIR_WRITE; 1727 temp = ((i == 0) ? 256UL : i); 1728 error = ustorage_fs_min_len(sc, temp << 9, mask9); 1729 if (error) { 1730 break; 1731 } 1732 error = ustorage_fs_check_cmd(sc, 6, 1733 (7UL << 1) | (1UL << 4) | 1, 1); 1734 if (error) { 1735 break; 1736 } 1737 error = ustorage_fs_read(sc); 1738 1739 break; 1740 1741 case SC_READ_10: 1742 sc->sc_transfer.cmd_dir = DIR_WRITE; 1743 temp = get_be16(&sc->sc_cbw->CBWCDB[7]); 1744 error = ustorage_fs_min_len(sc, temp << 9, mask9); 1745 if (error) { 1746 break; 1747 } 1748 error = ustorage_fs_check_cmd(sc, 10, 1749 (1UL << 1) | (0xfUL << 2) | (3UL << 7) | 1, 1); 1750 if (error) { 1751 break; 1752 } 1753 error = ustorage_fs_read(sc); 1754 1755 break; 1756 1757 case SC_READ_12: 1758 sc->sc_transfer.cmd_dir = DIR_WRITE; 1759 temp = get_be32(&sc->sc_cbw->CBWCDB[6]); 1760 if (temp >= (1UL << (32 - 9))) { 1761 /* numerical overflow */ 1762 sc->sc_csw->bCSWStatus = CSWSTATUS_FAILED; 1763 error = 1; 1764 break; 1765 } 1766 error = ustorage_fs_min_len(sc, temp << 9, mask9); 1767 if (error) { 1768 break; 1769 } 1770 error = ustorage_fs_check_cmd(sc, 12, 1771 (1UL << 1) | (0xfUL << 2) | (0xfUL << 6) | 1, 1); 1772 if (error) { 1773 break; 1774 } 1775 error = ustorage_fs_read(sc); 1776 1777 break; 1778 1779 case SC_READ_CAPACITY: 1780 sc->sc_transfer.cmd_dir = DIR_WRITE; 1781 error = ustorage_fs_check_cmd(sc, 10, 1782 (0xfUL << 2) | (1UL << 8) | 1, 1); 1783 if (error) { 1784 break; 1785 } 1786 error = ustorage_fs_read_capacity(sc); 1787 1788 break; 1789 1790 case SC_READ_FORMAT_CAPACITIES: 1791 sc->sc_transfer.cmd_dir = DIR_WRITE; 1792 error = ustorage_fs_min_len(sc, 1793 get_be16(&sc->sc_cbw->CBWCDB[7]), -1U); 1794 if (error) { 1795 break; 1796 } 1797 error = ustorage_fs_check_cmd(sc, 10, 1798 (3UL << 7) | 1, 1); 1799 if (error) { 1800 break; 1801 } 1802 error = ustorage_fs_read_format_capacities(sc); 1803 1804 break; 1805 1806 case SC_REQUEST_SENSE: 1807 sc->sc_transfer.cmd_dir = DIR_WRITE; 1808 error = ustorage_fs_min_len(sc, sc->sc_cbw->CBWCDB[4], -1U); 1809 if (error) { 1810 break; 1811 } 1812 error = ustorage_fs_check_cmd(sc, 6, 1813 (1UL << 4) | 1, 0); 1814 if (error) { 1815 break; 1816 } 1817 error = ustorage_fs_request_sense(sc); 1818 1819 break; 1820 1821 case SC_START_STOP_UNIT: 1822 error = ustorage_fs_min_len(sc, 0, -1U); 1823 if (error) { 1824 break; 1825 } 1826 error = ustorage_fs_check_cmd(sc, 6, 1827 (1UL << 1) | (1UL << 4) | 1, 0); 1828 if (error) { 1829 break; 1830 } 1831 error = ustorage_fs_start_stop(sc); 1832 1833 break; 1834 1835 case SC_SYNCHRONIZE_CACHE: 1836 error = ustorage_fs_min_len(sc, 0, -1U); 1837 if (error) { 1838 break; 1839 } 1840 error = ustorage_fs_check_cmd(sc, 10, 1841 (0xfUL << 2) | (3UL << 7) | 1, 1); 1842 if (error) { 1843 break; 1844 } 1845 error = ustorage_fs_synchronize_cache(sc); 1846 1847 break; 1848 1849 case SC_TEST_UNIT_READY: 1850 error = ustorage_fs_min_len(sc, 0, -1U); 1851 if (error) { 1852 break; 1853 } 1854 error = ustorage_fs_check_cmd(sc, 6, 1855 0 | 1, 1); 1856 break; 1857 1858 /* 1859 * Although optional, this command is used by MS-Windows. 1860 * We support a minimal version: BytChk must be 0. 1861 */ 1862 case SC_VERIFY: 1863 error = ustorage_fs_min_len(sc, 0, -1U); 1864 if (error) { 1865 break; 1866 } 1867 error = ustorage_fs_check_cmd(sc, 10, 1868 (1UL << 1) | (0xfUL << 2) | (3UL << 7) | 1, 1); 1869 if (error) { 1870 break; 1871 } 1872 error = ustorage_fs_verify(sc); 1873 1874 break; 1875 1876 case SC_WRITE_6: 1877 i = sc->sc_cbw->CBWCDB[4]; 1878 sc->sc_transfer.cmd_dir = DIR_READ; 1879 temp = ((i == 0) ? 256UL : i); 1880 error = ustorage_fs_min_len(sc, temp << 9, mask9); 1881 if (error) { 1882 break; 1883 } 1884 error = ustorage_fs_check_cmd(sc, 6, 1885 (7UL << 1) | (1UL << 4) | 1, 1); 1886 if (error) { 1887 break; 1888 } 1889 error = ustorage_fs_write(sc); 1890 1891 break; 1892 1893 case SC_WRITE_10: 1894 sc->sc_transfer.cmd_dir = DIR_READ; 1895 temp = get_be16(&sc->sc_cbw->CBWCDB[7]); 1896 error = ustorage_fs_min_len(sc, temp << 9, mask9); 1897 if (error) { 1898 break; 1899 } 1900 error = ustorage_fs_check_cmd(sc, 10, 1901 (1UL << 1) | (0xfUL << 2) | (3UL << 7) | 1, 1); 1902 if (error) { 1903 break; 1904 } 1905 error = ustorage_fs_write(sc); 1906 1907 break; 1908 1909 case SC_WRITE_12: 1910 sc->sc_transfer.cmd_dir = DIR_READ; 1911 temp = get_be32(&sc->sc_cbw->CBWCDB[6]); 1912 if (temp > (mask9 >> 9)) { 1913 /* numerical overflow */ 1914 sc->sc_csw->bCSWStatus = CSWSTATUS_FAILED; 1915 error = 1; 1916 break; 1917 } 1918 error = ustorage_fs_min_len(sc, temp << 9, mask9); 1919 if (error) { 1920 break; 1921 } 1922 error = ustorage_fs_check_cmd(sc, 12, 1923 (1UL << 1) | (0xfUL << 2) | (0xfUL << 6) | 1, 1); 1924 if (error) { 1925 break; 1926 } 1927 error = ustorage_fs_write(sc); 1928 1929 break; 1930 1931 /* 1932 * Some mandatory commands that we recognize but don't 1933 * implement. They don't mean much in this setting. 1934 * It's left as an exercise for anyone interested to 1935 * implement RESERVE and RELEASE in terms of Posix 1936 * locks. 1937 */ 1938 case SC_FORMAT_UNIT: 1939 case SC_RELEASE: 1940 case SC_RESERVE: 1941 case SC_SEND_DIAGNOSTIC: 1942 /* Fallthrough */ 1943 1944 default: 1945 error = ustorage_fs_min_len(sc, 0, -1U); 1946 if (error) { 1947 break; 1948 } 1949 error = ustorage_fs_check_cmd(sc, sc->sc_transfer.cmd_len, 1950 0xff, 0); 1951 if (error) { 1952 break; 1953 } 1954 sc->sc_transfer.currlun->sense_data = 1955 SS_INVALID_COMMAND; 1956 error = 1; 1957 1958 break; 1959 } 1960 return (error); 1961 } 1962