1 /*
2 * Copyright (C) 2007 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #define TRACE_TAG USB
18
19 #include "sysdeps.h"
20
21 #include <dirent.h>
22 #include <errno.h>
23 #include <stdio.h>
24 #include <stdlib.h>
25 #include <string.h>
26 #include <sys/ioctl.h>
27 #include <sys/mman.h>
28 #include <sys/types.h>
29 #include <unistd.h>
30
31 #include <linux/usb/ch9.h>
32 #include <linux/usb/functionfs.h>
33
34 #include <algorithm>
35 #include <atomic>
36 #include <chrono>
37 #include <condition_variable>
38 #include <mutex>
39 #include <thread>
40
41 #include <android-base/logging.h>
42 #include <android-base/properties.h>
43
44 #include "adb.h"
45 #include "adbd/usb.h"
46 #include "transport.h"
47
48 using namespace std::chrono_literals;
49
50 #define MAX_PACKET_SIZE_FS 64
51 #define MAX_PACKET_SIZE_HS 512
52 #define MAX_PACKET_SIZE_SS 1024
53
54 #define USB_FFS_BULK_SIZE 16384
55
56 // Number of buffers needed to fit MAX_PAYLOAD, with an extra for ZLPs.
57 #define USB_FFS_NUM_BUFS ((4 * MAX_PAYLOAD / USB_FFS_BULK_SIZE) + 1)
58
59 static unique_fd& dummy_fd = *new unique_fd();
60
aio_block_init(aio_block * aiob,unsigned num_bufs)61 static void aio_block_init(aio_block* aiob, unsigned num_bufs) {
62 aiob->iocb.resize(num_bufs);
63 aiob->iocbs.resize(num_bufs);
64 aiob->events.resize(num_bufs);
65 aiob->num_submitted = 0;
66 for (unsigned i = 0; i < num_bufs; i++) {
67 aiob->iocbs[i] = &aiob->iocb[i];
68 }
69 memset(&aiob->ctx, 0, sizeof(aiob->ctx));
70 if (io_setup(num_bufs, &aiob->ctx)) {
71 D("[ aio: got error on io_setup (%d) ]", errno);
72 }
73 }
74
getMaxPacketSize(int ffs_fd)75 static int getMaxPacketSize(int ffs_fd) {
76 usb_endpoint_descriptor desc;
77 if (ioctl(ffs_fd, FUNCTIONFS_ENDPOINT_DESC, reinterpret_cast<unsigned long>(&desc))) {
78 D("[ could not get endpoint descriptor! (%d) ]", errno);
79 return MAX_PACKET_SIZE_HS;
80 } else {
81 return desc.wMaxPacketSize;
82 }
83 }
84
init_functionfs(struct usb_handle * h)85 static bool init_functionfs(struct usb_handle* h) {
86 LOG(INFO) << "initializing functionfs";
87 if (!open_functionfs(&h->control, &h->bulk_out, &h->bulk_in)) {
88 return false;
89 }
90
91 h->read_aiob.fd = h->bulk_out.get();
92 h->write_aiob.fd = h->bulk_in.get();
93 h->reads_zero_packets = true;
94 return true;
95 }
96
usb_legacy_ffs_open_thread(usb_handle * usb)97 static void usb_legacy_ffs_open_thread(usb_handle* usb) {
98 adb_thread_setname("usb legacy ffs open");
99
100 while (true) {
101 // wait until the USB device needs opening
102 std::unique_lock<std::mutex> lock(usb->lock);
103 while (!usb->open_new_connection) {
104 usb->notify.wait(lock);
105 }
106 usb->open_new_connection = false;
107 lock.unlock();
108
109 while (true) {
110 if (init_functionfs(usb)) {
111 LOG(INFO) << "functionfs successfully initialized";
112 break;
113 }
114 std::this_thread::sleep_for(1s);
115 }
116
117 LOG(INFO) << "registering usb transport";
118 register_usb_transport(usb, nullptr, nullptr, 1);
119 }
120
121 // never gets here
122 abort();
123 }
124
usb_ffs_write(usb_handle * h,const void * data,int len)125 static int usb_ffs_write(usb_handle* h, const void* data, int len) {
126 D("about to write (fd=%d, len=%d)", h->bulk_in.get(), len);
127
128 const char* buf = static_cast<const char*>(data);
129 int orig_len = len;
130 while (len > 0) {
131 int write_len = std::min(USB_FFS_BULK_SIZE, len);
132 int n = adb_write(h->bulk_in, buf, write_len);
133 if (n < 0) {
134 D("ERROR: fd = %d, n = %d: %s", h->bulk_in.get(), n, strerror(errno));
135 return -1;
136 }
137 buf += n;
138 len -= n;
139 }
140
141 D("[ done fd=%d ]", h->bulk_in.get());
142 return orig_len;
143 }
144
usb_ffs_read(usb_handle * h,void * data,int len,bool allow_partial)145 static int usb_ffs_read(usb_handle* h, void* data, int len, bool allow_partial) {
146 D("about to read (fd=%d, len=%d)", h->bulk_out.get(), len);
147
148 char* buf = static_cast<char*>(data);
149 int orig_len = len;
150 unsigned count = 0;
151 while (len > 0) {
152 int read_len = std::min(USB_FFS_BULK_SIZE, len);
153 int n = adb_read(h->bulk_out, buf, read_len);
154 if (n < 0) {
155 D("ERROR: fd = %d, n = %d: %s", h->bulk_out.get(), n, strerror(errno));
156 return -1;
157 }
158 buf += n;
159 len -= n;
160 count += n;
161
162 // For fastbootd command such as "getvar all", len parameter is always set 64.
163 // But what we read is actually less than 64.
164 // For example, length 10 for "getvar all" command.
165 // If we get less data than expected, this means there should be no more data.
166 if (allow_partial && n < read_len) {
167 orig_len = count;
168 break;
169 }
170 }
171
172 D("[ done fd=%d ]", h->bulk_out.get());
173 return orig_len;
174 }
175
usb_ffs_do_aio(usb_handle * h,const void * data,int len,bool read)176 static int usb_ffs_do_aio(usb_handle* h, const void* data, int len, bool read) {
177 aio_block* aiob = read ? &h->read_aiob : &h->write_aiob;
178 bool zero_packet = false;
179
180 int num_bufs = len / h->io_size + (len % h->io_size == 0 ? 0 : 1);
181 const char* cur_data = reinterpret_cast<const char*>(data);
182 int packet_size = getMaxPacketSize(aiob->fd);
183
184 if (posix_madvise(const_cast<void*>(data), len, POSIX_MADV_SEQUENTIAL | POSIX_MADV_WILLNEED) <
185 0) {
186 D("[ Failed to madvise: %d ]", errno);
187 }
188
189 for (int i = 0; i < num_bufs; i++) {
190 int buf_len = std::min(len, static_cast<int>(h->io_size));
191 io_prep(&aiob->iocb[i], aiob->fd, cur_data, buf_len, 0, read);
192
193 len -= buf_len;
194 cur_data += buf_len;
195
196 if (len == 0 && buf_len % packet_size == 0 && read) {
197 // adb does not expect the device to send a zero packet after data transfer,
198 // but the host *does* send a zero packet for the device to read.
199 zero_packet = h->reads_zero_packets;
200 }
201 }
202 if (zero_packet) {
203 io_prep(&aiob->iocb[num_bufs], aiob->fd, reinterpret_cast<const void*>(cur_data),
204 packet_size, 0, read);
205 num_bufs += 1;
206 }
207
208 while (true) {
209 if (TEMP_FAILURE_RETRY(io_submit(aiob->ctx, num_bufs, aiob->iocbs.data())) < num_bufs) {
210 PLOG(ERROR) << "aio: got error submitting " << (read ? "read" : "write");
211 return -1;
212 }
213 if (TEMP_FAILURE_RETRY(io_getevents(aiob->ctx, num_bufs, num_bufs, aiob->events.data(),
214 nullptr)) < num_bufs) {
215 PLOG(ERROR) << "aio: got error waiting " << (read ? "read" : "write");
216 return -1;
217 }
218 if (num_bufs == 1 && aiob->events[0].res == -EINTR) {
219 continue;
220 }
221 int ret = 0;
222 for (int i = 0; i < num_bufs; i++) {
223 if (aiob->events[i].res < 0) {
224 errno = -aiob->events[i].res;
225 PLOG(ERROR) << "aio: got error event on " << (read ? "read" : "write")
226 << " total bufs " << num_bufs;
227 return -1;
228 }
229 ret += aiob->events[i].res;
230 }
231 return ret;
232 }
233 }
234
usb_ffs_aio_read(usb_handle * h,void * data,int len,bool allow_partial)235 static int usb_ffs_aio_read(usb_handle* h, void* data, int len, bool allow_partial) {
236 return usb_ffs_do_aio(h, data, len, true);
237 }
238
usb_ffs_aio_write(usb_handle * h,const void * data,int len)239 static int usb_ffs_aio_write(usb_handle* h, const void* data, int len) {
240 return usb_ffs_do_aio(h, data, len, false);
241 }
242
usb_ffs_kick(usb_handle * h)243 static void usb_ffs_kick(usb_handle* h) {
244 int err;
245
246 err = ioctl(h->bulk_in.get(), FUNCTIONFS_CLEAR_HALT);
247 if (err < 0) {
248 D("[ kick: source (fd=%d) clear halt failed (%d) ]", h->bulk_in.get(), errno);
249 }
250
251 err = ioctl(h->bulk_out.get(), FUNCTIONFS_CLEAR_HALT);
252 if (err < 0) {
253 D("[ kick: sink (fd=%d) clear halt failed (%d) ]", h->bulk_out.get(), errno);
254 }
255
256 // don't close ep0 here, since we may not need to reinitialize it with
257 // the same descriptors again. if however ep1/ep2 fail to re-open in
258 // init_functionfs, only then would we close and open ep0 again.
259 // Ditto the comment in usb_adb_kick.
260 h->kicked = true;
261 TEMP_FAILURE_RETRY(dup2(dummy_fd.get(), h->bulk_out.get()));
262 TEMP_FAILURE_RETRY(dup2(dummy_fd.get(), h->bulk_in.get()));
263 }
264
usb_ffs_close(usb_handle * h)265 static void usb_ffs_close(usb_handle* h) {
266 LOG(INFO) << "closing functionfs transport";
267
268 h->kicked = false;
269 h->bulk_out.reset();
270 h->bulk_in.reset();
271
272 // Notify usb_adb_open_thread to open a new connection.
273 h->lock.lock();
274 h->open_new_connection = true;
275 h->lock.unlock();
276 h->notify.notify_one();
277 }
278
create_usb_handle(unsigned num_bufs,unsigned io_size)279 usb_handle* create_usb_handle(unsigned num_bufs, unsigned io_size) {
280 usb_handle* h = new usb_handle();
281
282 if (android::base::GetBoolProperty("sys.usb.ffs.aio_compat", false)) {
283 // Devices on older kernels (< 3.18) will not have aio support for ffs
284 // unless backported. Fall back on the non-aio functions instead.
285 h->write = usb_ffs_write;
286 h->read = usb_ffs_read;
287 } else {
288 h->write = usb_ffs_aio_write;
289 h->read = usb_ffs_aio_read;
290 aio_block_init(&h->read_aiob, num_bufs);
291 aio_block_init(&h->write_aiob, num_bufs);
292 }
293 h->io_size = io_size;
294 h->kick = usb_ffs_kick;
295 h->close = usb_ffs_close;
296 return h;
297 }
298
usb_init_legacy()299 void usb_init_legacy() {
300 D("[ usb_init - using legacy FunctionFS ]");
301 dummy_fd.reset(adb_open("/dev/null", O_WRONLY | O_CLOEXEC));
302 CHECK_NE(-1, dummy_fd.get());
303
304 std::thread(usb_legacy_ffs_open_thread, create_usb_handle(USB_FFS_NUM_BUFS, USB_FFS_BULK_SIZE))
305 .detach();
306 }
307
usb_write(usb_handle * h,const void * data,int len)308 int usb_write(usb_handle* h, const void* data, int len) {
309 return h->write(h, data, len);
310 }
311
usb_read(usb_handle * h,void * data,int len)312 int usb_read(usb_handle* h, void* data, int len) {
313 return h->read(h, data, len, false /* allow_partial */);
314 }
315
usb_close(usb_handle * h)316 int usb_close(usb_handle* h) {
317 h->close(h);
318 return 0;
319 }
320
usb_reset(usb_handle * h)321 void usb_reset(usb_handle* h) {
322 usb_close(h);
323 }
324
usb_kick(usb_handle * h)325 void usb_kick(usb_handle* h) {
326 h->kick(h);
327 }
328