1 /*
2 * Copyright (C) 2007 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <stdio.h>
18 #include <stdlib.h>
19 #include <unistd.h>
20 #include <string.h>
21
22 #include <sys/ioctl.h>
23 #include <sys/types.h>
24 #include <sys/time.h>
25 #include <dirent.h>
26 #include <fcntl.h>
27 #include <errno.h>
28 #include <ctype.h>
29
30 #include <linux/usbdevice_fs.h>
31 #include <linux/version.h>
32 #if LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 20)
33 #include <linux/usb/ch9.h>
34 #else
35 #include <linux/usb_ch9.h>
36 #endif
37 #include <asm/byteorder.h>
38
39 #include "sysdeps.h"
40
41 #define TRACE_TAG TRACE_USB
42 #include "adb.h"
43
44
45 /* usb scan debugging is waaaay too verbose */
46 #define DBGX(x...)
47
48 ADB_MUTEX_DEFINE( usb_lock );
49
50 struct usb_handle
51 {
52 usb_handle *prev;
53 usb_handle *next;
54
55 char fname[64];
56 int desc;
57 unsigned char ep_in;
58 unsigned char ep_out;
59
60 unsigned zero_mask;
61 unsigned writeable;
62
63 struct usbdevfs_urb urb_in;
64 struct usbdevfs_urb urb_out;
65
66 int urb_in_busy;
67 int urb_out_busy;
68 int dead;
69
70 adb_cond_t notify;
71 adb_mutex_t lock;
72
73 // for garbage collecting disconnected devices
74 int mark;
75
76 // ID of thread currently in REAPURB
77 pthread_t reaper_thread;
78 };
79
80 static usb_handle handle_list = {
81 .prev = &handle_list,
82 .next = &handle_list,
83 };
84
known_device(const char * dev_name)85 static int known_device(const char *dev_name)
86 {
87 usb_handle *usb;
88
89 adb_mutex_lock(&usb_lock);
90 for(usb = handle_list.next; usb != &handle_list; usb = usb->next){
91 if(!strcmp(usb->fname, dev_name)) {
92 // set mark flag to indicate this device is still alive
93 usb->mark = 1;
94 adb_mutex_unlock(&usb_lock);
95 return 1;
96 }
97 }
98 adb_mutex_unlock(&usb_lock);
99 return 0;
100 }
101
kick_disconnected_devices()102 static void kick_disconnected_devices()
103 {
104 usb_handle *usb;
105
106 adb_mutex_lock(&usb_lock);
107 // kick any devices in the device list that were not found in the device scan
108 for(usb = handle_list.next; usb != &handle_list; usb = usb->next){
109 if (usb->mark == 0) {
110 usb_kick(usb);
111 } else {
112 usb->mark = 0;
113 }
114 }
115 adb_mutex_unlock(&usb_lock);
116
117 }
118
119 static void register_device(const char *dev_name, const char *devpath,
120 unsigned char ep_in, unsigned char ep_out,
121 int ifc, int serial_index, unsigned zero_mask);
122
badname(const char * name)123 static inline int badname(const char *name)
124 {
125 while(*name) {
126 if(!isdigit(*name++)) return 1;
127 }
128 return 0;
129 }
130
find_usb_device(const char * base,void (* register_device_callback)(const char *,const char *,unsigned char,unsigned char,int,int,unsigned))131 static void find_usb_device(const char *base,
132 void (*register_device_callback)
133 (const char *, const char *, unsigned char, unsigned char, int, int, unsigned))
134 {
135 char busname[32], devname[32];
136 unsigned char local_ep_in, local_ep_out;
137 DIR *busdir , *devdir ;
138 struct dirent *de;
139 int fd ;
140
141 busdir = opendir(base);
142 if(busdir == 0) return;
143
144 while((de = readdir(busdir)) != 0) {
145 if(badname(de->d_name)) continue;
146
147 snprintf(busname, sizeof busname, "%s/%s", base, de->d_name);
148 devdir = opendir(busname);
149 if(devdir == 0) continue;
150
151 // DBGX("[ scanning %s ]\n", busname);
152 while((de = readdir(devdir))) {
153 unsigned char devdesc[4096];
154 unsigned char* bufptr = devdesc;
155 unsigned char* bufend;
156 struct usb_device_descriptor* device;
157 struct usb_config_descriptor* config;
158 struct usb_interface_descriptor* interface;
159 struct usb_endpoint_descriptor *ep1, *ep2;
160 unsigned zero_mask = 0;
161 unsigned vid, pid;
162 size_t desclength;
163
164 if(badname(de->d_name)) continue;
165 snprintf(devname, sizeof devname, "%s/%s", busname, de->d_name);
166
167 if(known_device(devname)) {
168 DBGX("skipping %s\n", devname);
169 continue;
170 }
171
172 // DBGX("[ scanning %s ]\n", devname);
173 if((fd = unix_open(devname, O_RDONLY | O_CLOEXEC)) < 0) {
174 continue;
175 }
176
177 desclength = adb_read(fd, devdesc, sizeof(devdesc));
178 bufend = bufptr + desclength;
179
180 // should have device and configuration descriptors, and atleast two endpoints
181 if (desclength < USB_DT_DEVICE_SIZE + USB_DT_CONFIG_SIZE) {
182 D("desclength %zu is too small\n", desclength);
183 adb_close(fd);
184 continue;
185 }
186
187 device = (struct usb_device_descriptor*)bufptr;
188 bufptr += USB_DT_DEVICE_SIZE;
189
190 if((device->bLength != USB_DT_DEVICE_SIZE) || (device->bDescriptorType != USB_DT_DEVICE)) {
191 adb_close(fd);
192 continue;
193 }
194
195 vid = device->idVendor;
196 pid = device->idProduct;
197 DBGX("[ %s is V:%04x P:%04x ]\n", devname, vid, pid);
198
199 // should have config descriptor next
200 config = (struct usb_config_descriptor *)bufptr;
201 bufptr += USB_DT_CONFIG_SIZE;
202 if (config->bLength != USB_DT_CONFIG_SIZE || config->bDescriptorType != USB_DT_CONFIG) {
203 D("usb_config_descriptor not found\n");
204 adb_close(fd);
205 continue;
206 }
207
208 // loop through all the descriptors and look for the ADB interface
209 while (bufptr < bufend) {
210 unsigned char length = bufptr[0];
211 unsigned char type = bufptr[1];
212
213 if (type == USB_DT_INTERFACE) {
214 interface = (struct usb_interface_descriptor *)bufptr;
215 bufptr += length;
216
217 if (length != USB_DT_INTERFACE_SIZE) {
218 D("interface descriptor has wrong size\n");
219 break;
220 }
221
222 DBGX("bInterfaceClass: %d, bInterfaceSubClass: %d,"
223 "bInterfaceProtocol: %d, bNumEndpoints: %d\n",
224 interface->bInterfaceClass, interface->bInterfaceSubClass,
225 interface->bInterfaceProtocol, interface->bNumEndpoints);
226
227 if (interface->bNumEndpoints == 2 &&
228 is_adb_interface(vid, pid, interface->bInterfaceClass,
229 interface->bInterfaceSubClass, interface->bInterfaceProtocol)) {
230
231 struct stat st;
232 char pathbuf[128];
233 char link[256];
234 char *devpath = NULL;
235
236 DBGX("looking for bulk endpoints\n");
237 // looks like ADB...
238 ep1 = (struct usb_endpoint_descriptor *)bufptr;
239 bufptr += USB_DT_ENDPOINT_SIZE;
240 ep2 = (struct usb_endpoint_descriptor *)bufptr;
241 bufptr += USB_DT_ENDPOINT_SIZE;
242
243 if (bufptr > devdesc + desclength ||
244 ep1->bLength != USB_DT_ENDPOINT_SIZE ||
245 ep1->bDescriptorType != USB_DT_ENDPOINT ||
246 ep2->bLength != USB_DT_ENDPOINT_SIZE ||
247 ep2->bDescriptorType != USB_DT_ENDPOINT) {
248 D("endpoints not found\n");
249 break;
250 }
251
252 // both endpoints should be bulk
253 if (ep1->bmAttributes != USB_ENDPOINT_XFER_BULK ||
254 ep2->bmAttributes != USB_ENDPOINT_XFER_BULK) {
255 D("bulk endpoints not found\n");
256 continue;
257 }
258 /* aproto 01 needs 0 termination */
259 if(interface->bInterfaceProtocol == 0x01) {
260 zero_mask = ep1->wMaxPacketSize - 1;
261 }
262
263 // we have a match. now we just need to figure out which is in and which is out.
264 if (ep1->bEndpointAddress & USB_ENDPOINT_DIR_MASK) {
265 local_ep_in = ep1->bEndpointAddress;
266 local_ep_out = ep2->bEndpointAddress;
267 } else {
268 local_ep_in = ep2->bEndpointAddress;
269 local_ep_out = ep1->bEndpointAddress;
270 }
271
272 // Determine the device path
273 if (!fstat(fd, &st) && S_ISCHR(st.st_mode)) {
274 char *slash;
275 ssize_t link_len;
276 snprintf(pathbuf, sizeof(pathbuf), "/sys/dev/char/%d:%d",
277 major(st.st_rdev), minor(st.st_rdev));
278 link_len = readlink(pathbuf, link, sizeof(link) - 1);
279 if (link_len > 0) {
280 link[link_len] = '\0';
281 slash = strrchr(link, '/');
282 if (slash) {
283 snprintf(pathbuf, sizeof(pathbuf),
284 "usb:%s", slash + 1);
285 devpath = pathbuf;
286 }
287 }
288 }
289
290 register_device_callback(devname, devpath,
291 local_ep_in, local_ep_out,
292 interface->bInterfaceNumber, device->iSerialNumber, zero_mask);
293 break;
294 }
295 } else {
296 bufptr += length;
297 }
298 } // end of while
299
300 adb_close(fd);
301 } // end of devdir while
302 closedir(devdir);
303 } //end of busdir while
304 closedir(busdir);
305 }
306
usb_cleanup()307 void usb_cleanup()
308 {
309 }
310
usb_bulk_write(usb_handle * h,const void * data,int len)311 static int usb_bulk_write(usb_handle *h, const void *data, int len)
312 {
313 struct usbdevfs_urb *urb = &h->urb_out;
314 int res;
315 struct timeval tv;
316 struct timespec ts;
317
318 memset(urb, 0, sizeof(*urb));
319 urb->type = USBDEVFS_URB_TYPE_BULK;
320 urb->endpoint = h->ep_out;
321 urb->status = -1;
322 urb->buffer = (void*) data;
323 urb->buffer_length = len;
324
325 D("++ write ++\n");
326
327 adb_mutex_lock(&h->lock);
328 if(h->dead) {
329 res = -1;
330 goto fail;
331 }
332 do {
333 res = ioctl(h->desc, USBDEVFS_SUBMITURB, urb);
334 } while((res < 0) && (errno == EINTR));
335
336 if(res < 0) {
337 goto fail;
338 }
339
340 res = -1;
341 h->urb_out_busy = 1;
342 for(;;) {
343 /* time out after five seconds */
344 gettimeofday(&tv, NULL);
345 ts.tv_sec = tv.tv_sec + 5;
346 ts.tv_nsec = tv.tv_usec * 1000L;
347 res = pthread_cond_timedwait(&h->notify, &h->lock, &ts);
348 if(res < 0 || h->dead) {
349 break;
350 }
351 if(h->urb_out_busy == 0) {
352 if(urb->status == 0) {
353 res = urb->actual_length;
354 }
355 break;
356 }
357 }
358 fail:
359 adb_mutex_unlock(&h->lock);
360 D("-- write --\n");
361 return res;
362 }
363
usb_bulk_read(usb_handle * h,void * data,int len)364 static int usb_bulk_read(usb_handle *h, void *data, int len)
365 {
366 struct usbdevfs_urb *urb = &h->urb_in;
367 struct usbdevfs_urb *out = NULL;
368 int res;
369
370 memset(urb, 0, sizeof(*urb));
371 urb->type = USBDEVFS_URB_TYPE_BULK;
372 urb->endpoint = h->ep_in;
373 urb->status = -1;
374 urb->buffer = data;
375 urb->buffer_length = len;
376
377
378 adb_mutex_lock(&h->lock);
379 if(h->dead) {
380 res = -1;
381 goto fail;
382 }
383 do {
384 res = ioctl(h->desc, USBDEVFS_SUBMITURB, urb);
385 } while((res < 0) && (errno == EINTR));
386
387 if(res < 0) {
388 goto fail;
389 }
390
391 h->urb_in_busy = 1;
392 for(;;) {
393 D("[ reap urb - wait ]\n");
394 h->reaper_thread = pthread_self();
395 adb_mutex_unlock(&h->lock);
396 res = ioctl(h->desc, USBDEVFS_REAPURB, &out);
397 int saved_errno = errno;
398 adb_mutex_lock(&h->lock);
399 h->reaper_thread = 0;
400 if(h->dead) {
401 res = -1;
402 break;
403 }
404 if(res < 0) {
405 if(saved_errno == EINTR) {
406 continue;
407 }
408 D("[ reap urb - error ]\n");
409 break;
410 }
411 D("[ urb @%p status = %d, actual = %d ]\n",
412 out, out->status, out->actual_length);
413
414 if(out == &h->urb_in) {
415 D("[ reap urb - IN complete ]\n");
416 h->urb_in_busy = 0;
417 if(urb->status == 0) {
418 res = urb->actual_length;
419 } else {
420 res = -1;
421 }
422 break;
423 }
424 if(out == &h->urb_out) {
425 D("[ reap urb - OUT compelete ]\n");
426 h->urb_out_busy = 0;
427 adb_cond_broadcast(&h->notify);
428 }
429 }
430 fail:
431 adb_mutex_unlock(&h->lock);
432 return res;
433 }
434
435
usb_write(usb_handle * h,const void * _data,int len)436 int usb_write(usb_handle *h, const void *_data, int len)
437 {
438 unsigned char *data = (unsigned char*) _data;
439 int n;
440 int need_zero = 0;
441
442 if(h->zero_mask) {
443 /* if we need 0-markers and our transfer
444 ** is an even multiple of the packet size,
445 ** we make note of it
446 */
447 if(!(len & h->zero_mask)) {
448 need_zero = 1;
449 }
450 }
451
452 while(len > 0) {
453 int xfer = (len > 4096) ? 4096 : len;
454
455 n = usb_bulk_write(h, data, xfer);
456 if(n != xfer) {
457 D("ERROR: n = %d, errno = %d (%s)\n",
458 n, errno, strerror(errno));
459 return -1;
460 }
461
462 len -= xfer;
463 data += xfer;
464 }
465
466 if(need_zero){
467 n = usb_bulk_write(h, _data, 0);
468 return n;
469 }
470
471 return 0;
472 }
473
usb_read(usb_handle * h,void * _data,int len)474 int usb_read(usb_handle *h, void *_data, int len)
475 {
476 unsigned char *data = (unsigned char*) _data;
477 int n;
478
479 D("++ usb_read ++\n");
480 while(len > 0) {
481 int xfer = (len > 4096) ? 4096 : len;
482
483 D("[ usb read %d fd = %d], fname=%s\n", xfer, h->desc, h->fname);
484 n = usb_bulk_read(h, data, xfer);
485 D("[ usb read %d ] = %d, fname=%s\n", xfer, n, h->fname);
486 if(n != xfer) {
487 if((errno == ETIMEDOUT) && (h->desc != -1)) {
488 D("[ timeout ]\n");
489 if(n > 0){
490 data += n;
491 len -= n;
492 }
493 continue;
494 }
495 D("ERROR: n = %d, errno = %d (%s)\n",
496 n, errno, strerror(errno));
497 return -1;
498 }
499
500 len -= xfer;
501 data += xfer;
502 }
503
504 D("-- usb_read --\n");
505 return 0;
506 }
507
usb_kick(usb_handle * h)508 void usb_kick(usb_handle *h)
509 {
510 D("[ kicking %p (fd = %d) ]\n", h, h->desc);
511 adb_mutex_lock(&h->lock);
512 if(h->dead == 0) {
513 h->dead = 1;
514
515 if (h->writeable) {
516 /* HACK ALERT!
517 ** Sometimes we get stuck in ioctl(USBDEVFS_REAPURB).
518 ** This is a workaround for that problem.
519 */
520 if (h->reaper_thread) {
521 pthread_kill(h->reaper_thread, SIGALRM);
522 }
523
524 /* cancel any pending transactions
525 ** these will quietly fail if the txns are not active,
526 ** but this ensures that a reader blocked on REAPURB
527 ** will get unblocked
528 */
529 ioctl(h->desc, USBDEVFS_DISCARDURB, &h->urb_in);
530 ioctl(h->desc, USBDEVFS_DISCARDURB, &h->urb_out);
531 h->urb_in.status = -ENODEV;
532 h->urb_out.status = -ENODEV;
533 h->urb_in_busy = 0;
534 h->urb_out_busy = 0;
535 adb_cond_broadcast(&h->notify);
536 } else {
537 unregister_usb_transport(h);
538 }
539 }
540 adb_mutex_unlock(&h->lock);
541 }
542
usb_close(usb_handle * h)543 int usb_close(usb_handle *h)
544 {
545 D("[ usb close ... ]\n");
546 adb_mutex_lock(&usb_lock);
547 h->next->prev = h->prev;
548 h->prev->next = h->next;
549 h->prev = 0;
550 h->next = 0;
551
552 adb_close(h->desc);
553 D("[ usb closed %p (fd = %d) ]\n", h, h->desc);
554 adb_mutex_unlock(&usb_lock);
555
556 free(h);
557 return 0;
558 }
559
register_device(const char * dev_name,const char * devpath,unsigned char ep_in,unsigned char ep_out,int interface,int serial_index,unsigned zero_mask)560 static void register_device(const char *dev_name, const char *devpath,
561 unsigned char ep_in, unsigned char ep_out,
562 int interface, int serial_index, unsigned zero_mask)
563 {
564 usb_handle* usb = 0;
565 int n = 0;
566 char serial[256];
567
568 /* Since Linux will not reassign the device ID (and dev_name)
569 ** as long as the device is open, we can add to the list here
570 ** once we open it and remove from the list when we're finally
571 ** closed and everything will work out fine.
572 **
573 ** If we have a usb_handle on the list 'o handles with a matching
574 ** name, we have no further work to do.
575 */
576 adb_mutex_lock(&usb_lock);
577 for(usb = handle_list.next; usb != &handle_list; usb = usb->next){
578 if(!strcmp(usb->fname, dev_name)) {
579 adb_mutex_unlock(&usb_lock);
580 return;
581 }
582 }
583 adb_mutex_unlock(&usb_lock);
584
585 D("[ usb located new device %s (%d/%d/%d) ]\n",
586 dev_name, ep_in, ep_out, interface);
587 usb = calloc(1, sizeof(usb_handle));
588 strcpy(usb->fname, dev_name);
589 usb->ep_in = ep_in;
590 usb->ep_out = ep_out;
591 usb->zero_mask = zero_mask;
592 usb->writeable = 1;
593
594 adb_cond_init(&usb->notify, 0);
595 adb_mutex_init(&usb->lock, 0);
596 /* initialize mark to 1 so we don't get garbage collected after the device scan */
597 usb->mark = 1;
598 usb->reaper_thread = 0;
599
600 usb->desc = unix_open(usb->fname, O_RDWR | O_CLOEXEC);
601 if(usb->desc < 0) {
602 /* if we fail, see if have read-only access */
603 usb->desc = unix_open(usb->fname, O_RDONLY | O_CLOEXEC);
604 if(usb->desc < 0) goto fail;
605 usb->writeable = 0;
606 D("[ usb open read-only %s fd = %d]\n", usb->fname, usb->desc);
607 } else {
608 D("[ usb open %s fd = %d]\n", usb->fname, usb->desc);
609 n = ioctl(usb->desc, USBDEVFS_CLAIMINTERFACE, &interface);
610 if(n != 0) goto fail;
611 }
612
613 /* read the device's serial number */
614 serial[0] = 0;
615 memset(serial, 0, sizeof(serial));
616 if (serial_index) {
617 struct usbdevfs_ctrltransfer ctrl;
618 __u16 buffer[128];
619 __u16 languages[128];
620 int i, result;
621 int languageCount = 0;
622
623 memset(languages, 0, sizeof(languages));
624 memset(&ctrl, 0, sizeof(ctrl));
625
626 // read list of supported languages
627 ctrl.bRequestType = USB_DIR_IN|USB_TYPE_STANDARD|USB_RECIP_DEVICE;
628 ctrl.bRequest = USB_REQ_GET_DESCRIPTOR;
629 ctrl.wValue = (USB_DT_STRING << 8) | 0;
630 ctrl.wIndex = 0;
631 ctrl.wLength = sizeof(languages);
632 ctrl.data = languages;
633 ctrl.timeout = 1000;
634
635 result = ioctl(usb->desc, USBDEVFS_CONTROL, &ctrl);
636 if (result > 0)
637 languageCount = (result - 2) / 2;
638
639 for (i = 1; i <= languageCount; i++) {
640 memset(buffer, 0, sizeof(buffer));
641 memset(&ctrl, 0, sizeof(ctrl));
642
643 ctrl.bRequestType = USB_DIR_IN|USB_TYPE_STANDARD|USB_RECIP_DEVICE;
644 ctrl.bRequest = USB_REQ_GET_DESCRIPTOR;
645 ctrl.wValue = (USB_DT_STRING << 8) | serial_index;
646 ctrl.wIndex = __le16_to_cpu(languages[i]);
647 ctrl.wLength = sizeof(buffer);
648 ctrl.data = buffer;
649 ctrl.timeout = 1000;
650
651 result = ioctl(usb->desc, USBDEVFS_CONTROL, &ctrl);
652 if (result > 0) {
653 int i;
654 // skip first word, and copy the rest to the serial string, changing shorts to bytes.
655 result /= 2;
656 for (i = 1; i < result; i++)
657 serial[i - 1] = __le16_to_cpu(buffer[i]);
658 serial[i - 1] = 0;
659 break;
660 }
661 }
662 }
663
664 /* add to the end of the active handles */
665 adb_mutex_lock(&usb_lock);
666 usb->next = &handle_list;
667 usb->prev = handle_list.prev;
668 usb->prev->next = usb;
669 usb->next->prev = usb;
670 adb_mutex_unlock(&usb_lock);
671
672 register_usb_transport(usb, serial, devpath, usb->writeable);
673 return;
674
675 fail:
676 D("[ usb open %s error=%d, err_str = %s]\n",
677 usb->fname, errno, strerror(errno));
678 if(usb->desc >= 0) {
679 adb_close(usb->desc);
680 }
681 free(usb);
682 }
683
device_poll_thread(void * unused)684 void* device_poll_thread(void* unused)
685 {
686 D("Created device thread\n");
687 for(;;) {
688 /* XXX use inotify */
689 find_usb_device("/dev/bus/usb", register_device);
690 kick_disconnected_devices();
691 sleep(1);
692 }
693 return NULL;
694 }
695
sigalrm_handler(int signo)696 static void sigalrm_handler(int signo)
697 {
698 // don't need to do anything here
699 }
700
usb_init()701 void usb_init()
702 {
703 adb_thread_t tid;
704 struct sigaction actions;
705
706 memset(&actions, 0, sizeof(actions));
707 sigemptyset(&actions.sa_mask);
708 actions.sa_flags = 0;
709 actions.sa_handler = sigalrm_handler;
710 sigaction(SIGALRM,& actions, NULL);
711
712 if(adb_thread_create(&tid, device_poll_thread, NULL)){
713 fatal_errno("cannot create input thread");
714 }
715 }
716