clang -cc1 -cc1 -triple amd64-unknown-openbsd7.0 -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name usb_subr.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model static -mframe-pointer=all -relaxed-aliasing -fno-rounding-math -mconstructor-aliases -ffreestanding -mcmodel=kernel -target-cpu x86-64 -target-feature +retpoline-indirect-calls -target-feature +retpoline-indirect-branches -target-feature -sse2 -target-feature -sse -target-feature -3dnow -target-feature -mmx -target-feature +save-args -disable-red-zone -no-implicit-float -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/usr/src/sys/arch/amd64/compile/GENERIC.MP/obj -nostdsysteminc -nobuiltininc -resource-dir /usr/local/lib/clang/13.0.0 -I /usr/src/sys -I /usr/src/sys/arch/amd64/compile/GENERIC.MP/obj -I /usr/src/sys/arch -I /usr/src/sys/dev/pci/drm/include -I /usr/src/sys/dev/pci/drm/include/uapi -I /usr/src/sys/dev/pci/drm/amd/include/asic_reg -I /usr/src/sys/dev/pci/drm/amd/include -I /usr/src/sys/dev/pci/drm/amd/amdgpu -I /usr/src/sys/dev/pci/drm/amd/display -I /usr/src/sys/dev/pci/drm/amd/display/include -I /usr/src/sys/dev/pci/drm/amd/display/dc -I /usr/src/sys/dev/pci/drm/amd/display/amdgpu_dm -I /usr/src/sys/dev/pci/drm/amd/pm/inc -I /usr/src/sys/dev/pci/drm/amd/pm/swsmu -I /usr/src/sys/dev/pci/drm/amd/pm/swsmu/smu11 -I /usr/src/sys/dev/pci/drm/amd/pm/swsmu/smu12 -I /usr/src/sys/dev/pci/drm/amd/pm/powerplay -I /usr/src/sys/dev/pci/drm/amd/pm/powerplay/hwmgr -I /usr/src/sys/dev/pci/drm/amd/pm/powerplay/smumgr -I /usr/src/sys/dev/pci/drm/amd/display/dc/inc -I /usr/src/sys/dev/pci/drm/amd/display/dc/inc/hw -I /usr/src/sys/dev/pci/drm/amd/display/dc/clk_mgr -I /usr/src/sys/dev/pci/drm/amd/display/modules/inc -I /usr/src/sys/dev/pci/drm/amd/display/modules/hdcp -I /usr/src/sys/dev/pci/drm/amd/display/dmub/inc -I /usr/src/sys/dev/pci/drm/i915 -D DDB -D DIAGNOSTIC -D KTRACE -D ACCOUNTING -D KMEMSTATS -D PTRACE -D POOL_DEBUG -D CRYPTO -D SYSVMSG -D SYSVSEM -D SYSVSHM -D UVM_SWAP_ENCRYPT -D FFS -D FFS2 -D FFS_SOFTUPDATES -D UFS_DIRHASH -D QUOTA -D EXT2FS -D MFS -D NFSCLIENT -D NFSSERVER -D CD9660 -D UDF -D MSDOSFS -D FIFO -D FUSE -D SOCKET_SPLICE -D TCP_ECN -D TCP_SIGNATURE -D INET6 -D IPSEC -D PPP_BSDCOMP -D PPP_DEFLATE -D PIPEX -D MROUTING -D MPLS -D BOOT_CONFIG -D USER_PCICONF -D APERTURE -D MTRR -D NTFS -D HIBERNATE -D PCIVERBOSE -D USBVERBOSE -D WSDISPLAY_COMPAT_USL -D WSDISPLAY_COMPAT_RAWKBD -D WSDISPLAY_DEFAULTSCREENS=6 -D X86EMU -D ONEWIREVERBOSE -D MULTIPROCESSOR -D MAXUSERS=80 -D _KERNEL -D CONFIG_DRM_AMD_DC_DCN3_0 -O2 -Wno-pointer-sign -Wno-address-of-packed-member -Wno-constant-conversion -Wno-unused-but-set-variable -Wno-gnu-folding-constant -fdebug-compilation-dir=/usr/src/sys/arch/amd64/compile/GENERIC.MP/obj -ferror-limit 19 -fwrapv -D_RET_PROTECTOR -ret-protector -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -fno-builtin-malloc -fno-builtin-calloc -fno-builtin-realloc -fno-builtin-valloc -fno-builtin-free -fno-builtin-strdup -fno-builtin-strndup -analyzer-output=html -faddrsig -o /usr/obj/sys/arch/amd64/compile/GENERIC.MP/scan-build/2022-01-12-131800-47421-1 -x c /usr/src/sys/dev/usb/usb_subr.c
1 | |
2 | |
3 | |
4 | |
5 | |
6 | |
7 | |
8 | |
9 | |
10 | |
11 | |
12 | |
13 | |
14 | |
15 | |
16 | |
17 | |
18 | |
19 | |
20 | |
21 | |
22 | |
23 | |
24 | |
25 | |
26 | |
27 | |
28 | |
29 | |
30 | |
31 | |
32 | |
33 | |
34 | |
35 | #include <sys/param.h> |
36 | #include <sys/systm.h> |
37 | #include <sys/kernel.h> |
38 | #include <sys/malloc.h> |
39 | #include <sys/device.h> |
40 | #include <sys/selinfo.h> |
41 | #include <sys/rwlock.h> |
42 | |
43 | #include <machine/bus.h> |
44 | |
45 | #include <dev/usb/usb.h> |
46 | |
47 | #include <dev/usb/usbdi.h> |
48 | #include <dev/usb/usbdi_util.h> |
49 | #include <dev/usb/usbdivar.h> |
50 | #include <dev/usb/usbdevs.h> |
51 | #include <dev/usb/usb_quirks.h> |
52 | |
53 | #ifdef USB_DEBUG |
54 | #define DPRINTF(x) do { if (usbdebug) printf x; } while (0) |
55 | #define DPRINTFN(n,x) do { if (usbdebug>(n)) printf x; } while (0) |
56 | extern int usbdebug; |
57 | #else |
58 | #define DPRINTF(x) |
59 | #define DPRINTFN(n,x) |
60 | #endif |
61 | |
62 | usbd_status usbd_set_config(struct usbd_device *, int); |
63 | void usbd_devinfo(struct usbd_device *, int, char *, size_t); |
64 | char *usbd_get_string(struct usbd_device *, int, char *, size_t); |
65 | int usbd_getnewaddr(struct usbd_bus *); |
66 | int usbd_print(void *, const char *); |
67 | void usbd_free_iface_data(struct usbd_device *, int); |
68 | int usbd_cache_devinfo(struct usbd_device *); |
69 | usbd_status usbd_probe_and_attach(struct device *, |
70 | struct usbd_device *, int, int); |
71 | |
72 | int usbd_printBCD(char *cp, size_t len, int bcd); |
73 | void usb_free_device(struct usbd_device *); |
74 | int usbd_parse_idesc(struct usbd_device *, struct usbd_interface *); |
75 | |
76 | #ifdef USBVERBOSE |
77 | #include <dev/usb/usbdevs_data.h> |
78 | #endif /* USBVERBOSE */ |
79 | |
80 | const char * const usbd_error_strs[] = { |
81 | "NORMAL_COMPLETION", |
82 | "IN_PROGRESS", |
83 | "PENDING_REQUESTS", |
84 | "NOT_STARTED", |
85 | "INVAL", |
86 | "NOMEM", |
87 | "CANCELLED", |
88 | "BAD_ADDRESS", |
89 | "IN_USE", |
90 | "NO_ADDR", |
91 | "SET_ADDR_FAILED", |
92 | "NO_POWER", |
93 | "TOO_DEEP", |
94 | "IOERROR", |
95 | "NOT_CONFIGURED", |
96 | "TIMEOUT", |
97 | "SHORT_XFER", |
98 | "STALLED", |
99 | "INTERRUPTED", |
100 | "XXX", |
101 | }; |
102 | |
103 | const char * |
104 | usbd_errstr(usbd_status err) |
105 | { |
106 | static char buffer[5]; |
107 | |
108 | if (err < USBD_ERROR_MAX) |
109 | return (usbd_error_strs[err]); |
110 | else { |
111 | snprintf(buffer, sizeof(buffer), "%d", err); |
112 | return (buffer); |
113 | } |
114 | } |
115 | |
116 | usbd_status |
117 | usbd_get_string_desc(struct usbd_device *dev, int sindex, int langid, |
118 | usb_string_descriptor_t *sdesc, int *sizep) |
119 | { |
120 | usb_device_request_t req; |
121 | usbd_status err; |
122 | int actlen; |
123 | |
124 | req.bmRequestType = UT_READ_DEVICE; |
125 | req.bRequest = UR_GET_DESCRIPTOR; |
126 | USETW2(req.wValue, UDESC_STRING, sindex); |
127 | USETW(req.wIndex, langid); |
128 | USETW(req.wLength, 2); |
129 | err = usbd_do_request_flags(dev, &req, sdesc, USBD_SHORT_XFER_OK, |
130 | &actlen, USBD_DEFAULT_TIMEOUT); |
131 | if (err) |
132 | return (err); |
133 | |
134 | if (actlen < 2) |
135 | return (USBD_SHORT_XFER); |
136 | |
137 | USETW(req.wLength, sdesc->bLength); |
138 | err = usbd_do_request_flags(dev, &req, sdesc, USBD_SHORT_XFER_OK, |
139 | &actlen, USBD_DEFAULT_TIMEOUT); |
140 | if (err) |
141 | return (err); |
142 | |
143 | if (actlen != sdesc->bLength) { |
144 | DPRINTFN(-1, ("%s: expected %d, got %d\n", __func__, |
145 | sdesc->bLength, actlen)); |
146 | } |
147 | |
148 | *sizep = actlen; |
149 | return (USBD_NORMAL_COMPLETION); |
150 | } |
151 | |
152 | char * |
153 | usbd_get_string(struct usbd_device *dev, int si, char *buf, size_t buflen) |
154 | { |
155 | int swap = dev->quirks->uq_flags & UQ_SWAP_UNICODE; |
156 | usb_string_descriptor_t us; |
157 | char *s; |
158 | int i, n; |
159 | u_int16_t c; |
160 | usbd_status err; |
161 | int size; |
162 | |
163 | if (si == 0) |
| 45 | | Assuming 'si' is not equal to 0 | |
|
| |
164 | return (0); |
165 | if (dev->quirks->uq_flags & UQ_NO_STRINGS) |
| 47 | | Assuming the condition is true | |
|
| |
166 | return (0); |
| 49 | | Returning without writing to 'dev->subdevs' | |
|
167 | if (dev->langid == USBD_NOLANG) { |
168 | |
169 | err = usbd_get_string_desc(dev, USB_LANGUAGE_TABLE, 0, &us, |
170 | &size); |
171 | if (err || size < 4) |
172 | dev->langid = 0; |
173 | else { |
174 | |
175 | dev->langid = UGETW(us.bString[0]); |
176 | } |
177 | } |
178 | err = usbd_get_string_desc(dev, si, dev->langid, &us, &size); |
179 | if (err) |
180 | return (0); |
181 | s = buf; |
182 | n = size / 2 - 1; |
183 | for (i = 0; i < n && i < buflen ; i++) { |
184 | c = UGETW(us.bString[i]); |
185 | |
186 | if ((c & 0xff00) == 0) |
187 | *s++ = c; |
188 | else if ((c & 0x00ff) == 0 && swap) |
189 | *s++ = c >> 8; |
190 | else |
191 | *s++ = '?'; |
192 | } |
193 | if (buflen > 0) |
194 | *s++ = 0; |
195 | return (buf); |
196 | } |
197 | |
198 | static void |
199 | usbd_trim_spaces(char *p) |
200 | { |
201 | char *q, *e; |
202 | |
203 | if (p == NULL) |
204 | return; |
205 | q = e = p; |
206 | while (*q == ' ') |
207 | q++; |
208 | while ((*p = *q++)) |
209 | if (*p++ != ' ') |
210 | e = p; |
211 | *e = 0; |
212 | } |
213 | |
214 | int |
215 | usbd_cache_devinfo(struct usbd_device *dev) |
216 | { |
217 | usb_device_descriptor_t *udd = &dev->ddesc; |
218 | |
219 | dev->serial = malloc(USB_MAX_STRING_LEN, M_USB, M_NOWAIT); |
220 | if (dev->serial == NULL) |
| 36 | | Assuming field 'serial' is not equal to NULL | |
|
| |
221 | return (ENOMEM); |
222 | |
223 | if (usbd_get_string(dev, udd->iSerialNumber, dev->serial, USB_MAX_STRING_LEN) != NULL) { |
| |
224 | usbd_trim_spaces(dev->serial); |
225 | } else { |
226 | free(dev->serial, M_USB, USB_MAX_STRING_LEN); |
227 | dev->serial = NULL; |
228 | } |
229 | |
230 | dev->vendor = malloc(USB_MAX_STRING_LEN, M_USB, M_NOWAIT); |
231 | if (dev->vendor == NULL) |
| 39 | | Assuming field 'vendor' is not equal to NULL | |
|
| |
232 | return (ENOMEM); |
233 | |
234 | if (usbd_get_string(dev, udd->iManufacturer, dev->vendor, USB_MAX_STRING_LEN) != NULL) { |
| |
235 | usbd_trim_spaces(dev->vendor); |
236 | } else { |
237 | #ifdef USBVERBOSE |
238 | const struct usb_known_vendor *ukv; |
239 | |
240 | for (ukv = usb_known_vendors; ukv->vendorname != NULL; ukv++) { |
241 | if (ukv->vendor == UGETW(udd->idVendor)) { |
242 | strlcpy(dev->vendor, ukv->vendorname, |
243 | USB_MAX_STRING_LEN); |
244 | break; |
245 | } |
246 | } |
247 | if (ukv->vendorname == NULL) |
248 | #endif |
249 | snprintf(dev->vendor, USB_MAX_STRING_LEN, "vendor 0x%04x", |
250 | UGETW(udd->idVendor)); |
251 | } |
252 | |
253 | dev->product = malloc(USB_MAX_STRING_LEN, M_USB, M_NOWAIT); |
254 | if (dev->product == NULL) |
| 42 | | Assuming field 'product' is not equal to NULL | |
|
| |
255 | return (ENOMEM); |
256 | |
257 | if (usbd_get_string(dev, udd->iProduct, dev->product, USB_MAX_STRING_LEN) != NULL) { |
| 44 | | Calling 'usbd_get_string' | |
|
| 50 | | Returning from 'usbd_get_string' | |
|
| |
258 | usbd_trim_spaces(dev->product); |
259 | } else { |
260 | #ifdef USBVERBOSE |
261 | const struct usb_known_product *ukp; |
262 | |
263 | for (ukp = usb_known_products; ukp->productname != NULL; ukp++) { |
| 52 | | Assuming field 'productname' is equal to NULL | |
|
| 53 | | Loop condition is false. Execution continues on line 271 | |
|
264 | if (ukp->vendor == UGETW(udd->idVendor) && |
265 | (ukp->product == UGETW(udd->idProduct))) { |
266 | strlcpy(dev->product, ukp->productname, |
267 | USB_MAX_STRING_LEN); |
268 | break; |
269 | } |
270 | } |
271 | if (ukp->productname == NULL) |
| |
272 | #endif |
273 | snprintf(dev->product, USB_MAX_STRING_LEN, "product 0x%04x", |
274 | UGETW(udd->idProduct)); |
275 | } |
276 | |
277 | return (0); |
278 | } |
279 | |
280 | int |
281 | usbd_printBCD(char *cp, size_t len, int bcd) |
282 | { |
283 | int l; |
284 | |
285 | l = snprintf(cp, len, "%x.%02x", bcd >> 8, bcd & 0xff); |
286 | if (l == -1 || len == 0) |
287 | return (0); |
288 | if (l >= len) |
289 | return len - 1; |
290 | return (l); |
291 | } |
292 | |
293 | void |
294 | usbd_devinfo(struct usbd_device *dev, int showclass, char *base, size_t len) |
295 | { |
296 | usb_device_descriptor_t *udd = &dev->ddesc; |
297 | char *cp = base; |
298 | int bcdDevice, bcdUSB; |
299 | |
300 | snprintf(cp, len, "\"%s %s\"", dev->vendor, dev->product); |
301 | cp += strlen(cp); |
302 | if (showclass) { |
303 | snprintf(cp, base + len - cp, ", class %d/%d", |
304 | udd->bDeviceClass, udd->bDeviceSubClass); |
305 | cp += strlen(cp); |
306 | } |
307 | bcdUSB = UGETW(udd->bcdUSB); |
308 | bcdDevice = UGETW(udd->bcdDevice); |
309 | snprintf(cp, base + len - cp, " rev "); |
310 | cp += strlen(cp); |
311 | usbd_printBCD(cp, base + len - cp, bcdUSB); |
312 | cp += strlen(cp); |
313 | snprintf(cp, base + len - cp, "/"); |
314 | cp += strlen(cp); |
315 | usbd_printBCD(cp, base + len - cp, bcdDevice); |
316 | cp += strlen(cp); |
317 | snprintf(cp, base + len - cp, " addr %d", dev->address); |
318 | } |
319 | |
320 | |
321 | void |
322 | usb_delay_ms(struct usbd_bus *bus, u_int ms) |
323 | { |
324 | static int usb_delay_wchan; |
325 | |
326 | if (bus->use_polling || cold) |
327 | delay((ms+1) * 1000); |
328 | else |
329 | tsleep_nsec(&usb_delay_wchan, PRIBIO, "usbdly", |
330 | MSEC_TO_NSEC(ms)); |
331 | } |
332 | |
333 | |
334 | void |
335 | usbd_delay_ms(struct usbd_device *dev, u_int ms) |
336 | { |
337 | if (usbd_is_dying(dev)) |
338 | return; |
339 | |
340 | usb_delay_ms(dev->bus, ms); |
341 | } |
342 | |
343 | usbd_status |
344 | usbd_port_disown_to_1_1(struct usbd_device *dev, int port) |
345 | { |
346 | usb_port_status_t ps; |
347 | usbd_status err; |
348 | int n; |
349 | |
350 | err = usbd_set_port_feature(dev, port, UHF_PORT_DISOWN_TO_1_1); |
351 | DPRINTF(("%s: port %d disown request done, error=%s\n", __func__, |
352 | port, usbd_errstr(err))); |
353 | if (err) |
354 | return (err); |
355 | n = 10; |
356 | do { |
357 | |
358 | usbd_delay_ms(dev, USB_PORT_RESET_DELAY); |
359 | err = usbd_get_port_status(dev, port, &ps); |
360 | if (err) { |
361 | DPRINTF(("%s: get status failed %d\n", __func__, err)); |
362 | return (err); |
363 | } |
364 | |
365 | if (!(UGETW(ps.wPortStatus) & UPS_CURRENT_CONNECT_STATUS)) |
366 | return (USBD_NORMAL_COMPLETION); |
367 | } while ((UGETW(ps.wPortChange) & UPS_C_PORT_RESET) == 0 && --n > 0); |
368 | if (n == 0) |
369 | return (USBD_TIMEOUT); |
370 | |
371 | return (err); |
372 | } |
373 | |
374 | int |
375 | usbd_reset_port(struct usbd_device *dev, int port) |
376 | { |
377 | usb_port_status_t ps; |
378 | int n; |
379 | |
380 | if (usbd_set_port_feature(dev, port, UHF_PORT_RESET)) |
381 | return (EIO); |
382 | DPRINTF(("%s: port %d reset done\n", __func__, port)); |
383 | n = 10; |
384 | do { |
385 | |
386 | usbd_delay_ms(dev, USB_PORT_RESET_DELAY); |
387 | if (usbd_get_port_status(dev, port, &ps)) { |
388 | DPRINTF(("%s: get status failed\n", __func__)); |
389 | return (EIO); |
390 | } |
391 | |
392 | if (!(UGETW(ps.wPortStatus) & UPS_CURRENT_CONNECT_STATUS)) |
393 | return (0); |
394 | } while ((UGETW(ps.wPortChange) & UPS_C_PORT_RESET) == 0 && --n > 0); |
395 | |
396 | |
397 | if (usbd_clear_port_feature(dev, port, UHF_C_PORT_RESET)) { |
398 | DPRINTF(("%s: clear port feature failed\n", __func__)); |
399 | return (EIO); |
400 | } |
401 | |
402 | if (n == 0) |
403 | return (ETIMEDOUT); |
404 | |
405 | |
406 | usbd_delay_ms(dev, USB_PORT_RESET_RECOVERY); |
407 | return (0); |
408 | } |
409 | |
410 | usb_interface_descriptor_t * |
411 | usbd_find_idesc(usb_config_descriptor_t *cd, int ifaceno, int altno) |
412 | { |
413 | char *p = (char *)cd; |
414 | char *end = p + UGETW(cd->wTotalLength); |
415 | usb_interface_descriptor_t *d; |
416 | int curidx, lastidx, curaidx = 0; |
417 | |
418 | for (curidx = lastidx = -1; p < end; ) { |
419 | d = (usb_interface_descriptor_t *)p; |
420 | DPRINTFN(4,("usbd_find_idesc: ifaceno=%d(%d) altno=%d(%d) " |
421 | "len=%d type=%d\n", |
422 | ifaceno, curidx, altno, curaidx, |
423 | d->bLength, d->bDescriptorType)); |
424 | if (d->bLength == 0) |
425 | break; |
426 | p += d->bLength; |
427 | if (p <= end && d->bDescriptorType == UDESC_INTERFACE) { |
428 | if (d->bInterfaceNumber != lastidx) { |
429 | lastidx = d->bInterfaceNumber; |
430 | curidx++; |
431 | curaidx = 0; |
432 | } else |
433 | curaidx++; |
434 | if (ifaceno == curidx && altno == curaidx) |
435 | return (d); |
436 | } |
437 | } |
438 | return (NULL); |
439 | } |
440 | |
441 | usb_endpoint_descriptor_t * |
442 | usbd_find_edesc(usb_config_descriptor_t *cd, int ifaceno, int altno, |
443 | int endptidx) |
444 | { |
445 | char *p = (char *)cd; |
446 | char *end = p + UGETW(cd->wTotalLength); |
447 | usb_interface_descriptor_t *d; |
448 | usb_endpoint_descriptor_t *e; |
449 | int curidx; |
450 | |
451 | d = usbd_find_idesc(cd, ifaceno, altno); |
452 | if (d == NULL) |
453 | return (NULL); |
454 | if (endptidx >= d->bNumEndpoints) |
455 | return (NULL); |
456 | |
457 | curidx = -1; |
458 | for (p = (char *)d + d->bLength; p < end; ) { |
459 | e = (usb_endpoint_descriptor_t *)p; |
460 | if (e->bLength == 0) |
461 | break; |
462 | p += e->bLength; |
463 | if (p <= end && e->bDescriptorType == UDESC_INTERFACE) |
464 | return (NULL); |
465 | if (p <= end && e->bDescriptorType == UDESC_ENDPOINT) { |
466 | curidx++; |
467 | if (curidx == endptidx) |
468 | return (e); |
469 | } |
470 | } |
471 | return (NULL); |
472 | } |
473 | |
474 | usbd_status |
475 | usbd_fill_iface_data(struct usbd_device *dev, int ifaceno, int altno) |
476 | { |
477 | struct usbd_interface *ifc = &dev->ifaces[ifaceno]; |
478 | usb_interface_descriptor_t *idesc; |
479 | int nendpt; |
480 | |
481 | DPRINTFN(4,("%s: ifaceno=%d altno=%d\n", __func__, ifaceno, altno)); |
482 | |
483 | idesc = usbd_find_idesc(dev->cdesc, ifaceno, altno); |
484 | if (idesc == NULL) |
485 | return (USBD_INVAL); |
486 | |
487 | nendpt = idesc->bNumEndpoints; |
488 | DPRINTFN(4,("%s: found idesc nendpt=%d\n", __func__, nendpt)); |
489 | |
490 | ifc->device = dev; |
491 | ifc->idesc = idesc; |
492 | ifc->index = ifaceno; |
493 | ifc->altindex = altno; |
494 | ifc->endpoints = NULL; |
495 | ifc->priv = NULL; |
496 | LIST_INIT(&ifc->pipes); |
497 | ifc->nendpt = nendpt; |
498 | |
499 | if (nendpt != 0) { |
500 | ifc->endpoints = mallocarray(nendpt, sizeof(*ifc->endpoints), |
501 | M_USB, M_NOWAIT | M_ZERO); |
502 | if (ifc->endpoints == NULL) |
503 | return (USBD_NOMEM); |
504 | } |
505 | |
506 | if (usbd_parse_idesc(dev, ifc)) { |
507 | free(ifc->endpoints, M_USB, nendpt * sizeof(*ifc->endpoints)); |
508 | ifc->endpoints = NULL; |
509 | return (USBD_INVAL); |
510 | } |
511 | |
512 | return (USBD_NORMAL_COMPLETION); |
513 | } |
514 | |
515 | int |
516 | usbd_parse_idesc(struct usbd_device *dev, struct usbd_interface *ifc) |
517 | { |
518 | #define ed ((usb_endpoint_descriptor_t *)p) |
519 | char *p, *end; |
520 | int i; |
521 | |
522 | p = (char *)ifc->idesc + ifc->idesc->bLength; |
523 | end = (char *)dev->cdesc + UGETW(dev->cdesc->wTotalLength); |
524 | |
525 | for (i = 0; i < ifc->idesc->bNumEndpoints; i++) { |
526 | for (; p < end; p += ed->bLength) { |
527 | if (p + ed->bLength <= end && ed->bLength != 0 && |
528 | ed->bDescriptorType == UDESC_ENDPOINT) |
529 | break; |
530 | |
531 | if (ed->bLength == 0 || |
532 | ed->bDescriptorType == UDESC_INTERFACE) |
533 | return (-1); |
534 | } |
535 | |
536 | if (p >= end) |
537 | return (-1); |
538 | |
539 | if (dev->speed == USB_SPEED_HIGH) { |
540 | unsigned int mps; |
541 | |
542 | |
543 | switch (UE_GET_XFERTYPE(ed->bmAttributes)) { |
544 | case UE_CONTROL: |
545 | mps = USB_2_MAX_CTRL_PACKET; |
546 | goto check; |
547 | case UE_BULK: |
548 | mps = USB_2_MAX_BULK_PACKET; |
549 | check: |
550 | if (UGETW(ed->wMaxPacketSize) != mps) { |
551 | USETW(ed->wMaxPacketSize, mps); |
552 | DPRINTF(("%s: bad max packet size\n", |
553 | __func__)); |
554 | } |
555 | break; |
556 | default: |
557 | break; |
558 | } |
559 | } |
560 | |
561 | ifc->endpoints[i].edesc = ed; |
562 | ifc->endpoints[i].refcnt = 0; |
563 | ifc->endpoints[i].savedtoggle = 0; |
564 | p += ed->bLength; |
565 | } |
566 | |
567 | return (0); |
568 | #undef ed |
569 | } |
570 | |
571 | void |
572 | usbd_free_iface_data(struct usbd_device *dev, int ifcno) |
573 | { |
574 | struct usbd_interface *ifc = &dev->ifaces[ifcno]; |
575 | |
576 | free(ifc->endpoints, M_USB, ifc->nendpt * sizeof(*ifc->endpoints)); |
577 | ifc->endpoints = NULL; |
578 | } |
579 | |
580 | usbd_status |
581 | usbd_set_config(struct usbd_device *dev, int conf) |
582 | { |
583 | usb_device_request_t req; |
584 | |
585 | req.bmRequestType = UT_WRITE_DEVICE; |
586 | req.bRequest = UR_SET_CONFIG; |
587 | USETW(req.wValue, conf); |
588 | USETW(req.wIndex, 0); |
589 | USETW(req.wLength, 0); |
590 | return (usbd_do_request(dev, &req, 0)); |
591 | } |
592 | |
593 | usbd_status |
594 | usbd_set_config_no(struct usbd_device *dev, int no, int msg) |
595 | { |
596 | int index; |
597 | usb_config_descriptor_t cd; |
598 | usbd_status err; |
599 | |
600 | DPRINTFN(5,("%s: %d\n", __func__, no)); |
601 | |
602 | for (index = 0; index < dev->ddesc.bNumConfigurations; index++) { |
603 | err = usbd_get_desc(dev, UDESC_CONFIG, index, |
604 | USB_CONFIG_DESCRIPTOR_SIZE, &cd); |
605 | if (err || cd.bDescriptorType != UDESC_CONFIG) |
606 | return (err); |
607 | if (cd.bConfigurationValue == no) |
608 | return (usbd_set_config_index(dev, index, msg)); |
609 | } |
610 | return (USBD_INVAL); |
611 | } |
612 | |
613 | usbd_status |
614 | usbd_set_config_index(struct usbd_device *dev, int index, int msg) |
615 | { |
616 | usb_status_t ds; |
617 | usb_config_descriptor_t cd, *cdp; |
618 | usbd_status err; |
619 | int i, ifcidx, nifc, cdplen, selfpowered, power; |
620 | |
621 | DPRINTFN(5,("%s: dev=%p index=%d\n", __func__, dev, index)); |
622 | |
623 | |
624 | if (dev->config != USB_UNCONFIG_NO) { |
| 63 | | Assuming field 'config' is equal to USB_UNCONFIG_NO | |
|
| |
625 | DPRINTF(("%s: free old config\n", __func__)); |
626 | |
627 | nifc = dev->cdesc->bNumInterfaces; |
628 | for (ifcidx = 0; ifcidx < nifc; ifcidx++) |
629 | usbd_free_iface_data(dev, ifcidx); |
630 | free(dev->ifaces, M_USB, nifc * sizeof(*dev->ifaces)); |
631 | free(dev->cdesc, M_USB, UGETW(dev->cdesc->wTotalLength)); |
632 | dev->ifaces = NULL; |
633 | dev->cdesc = NULL; |
634 | dev->config = USB_UNCONFIG_NO; |
635 | } |
636 | |
637 | if (index == USB_UNCONFIG_INDEX) { |
| |
638 | |
639 | DPRINTF(("%s: set config 0\n", __func__)); |
640 | err = usbd_set_config(dev, USB_UNCONFIG_NO); |
641 | if (err) |
642 | DPRINTF(("%s: setting config=0 failed, error=%s\n", |
643 | __func__, usbd_errstr(err))); |
644 | return (err); |
645 | } |
646 | |
647 | |
648 | err = usbd_get_desc(dev, UDESC_CONFIG, index, |
649 | USB_CONFIG_DESCRIPTOR_SIZE, &cd); |
650 | if (err) |
| |
| |
651 | return (err); |
652 | if (cd.bDescriptorType != UDESC_CONFIG) |
| 68 | | Assuming field 'bDescriptorType' is equal to UDESC_CONFIG | |
|
| |
653 | return (USBD_INVAL); |
654 | cdplen = UGETW(cd.wTotalLength); |
655 | cdp = malloc(cdplen, M_USB, M_NOWAIT); |
656 | if (cdp == NULL) |
| 70 | | Assuming 'cdp' is not equal to NULL | |
|
| |
657 | return (USBD_NOMEM); |
658 | |
659 | for (i = 0; i < 3; i++) { |
| 72 | | Loop condition is true. Entering loop body | |
|
660 | err = usbd_get_desc(dev, UDESC_CONFIG, index, cdplen, cdp); |
661 | if (!err) |
| 73 | | Assuming 'err' is 0, which participates in a condition later | |
|
| |
662 | break; |
| 75 | | Execution continues on line 665 | |
|
663 | usbd_delay_ms(dev, 200); |
664 | } |
665 | if (err) |
| |
666 | goto bad; |
667 | |
668 | if (cdp->bDescriptorType != UDESC_CONFIG) { |
| 77 | | Assuming field 'bDescriptorType' is equal to UDESC_CONFIG | |
|
| |
669 | DPRINTFN(-1,("%s: bad desc %d\n", __func__, |
670 | cdp->bDescriptorType)); |
671 | err = USBD_INVAL; |
672 | goto bad; |
673 | } |
674 | |
675 | |
676 | selfpowered = 0; |
677 | if (!(dev->quirks->uq_flags & UQ_BUS_POWERED) && |
| 79 | | Assuming the condition is false | |
|
678 | (cdp->bmAttributes & UC_SELF_POWERED)) { |
679 | |
680 | if (cdp->bmAttributes & UC_BUS_POWERED) { |
681 | |
682 | if (dev->quirks->uq_flags & UQ_POWER_CLAIM) { |
683 | |
684 | |
685 | |
686 | |
687 | |
688 | usb_hub_descriptor_t hd; |
689 | usb_device_request_t req; |
690 | req.bmRequestType = UT_READ_CLASS_DEVICE; |
691 | req.bRequest = UR_GET_DESCRIPTOR; |
692 | USETW(req.wValue, 0); |
693 | USETW(req.wIndex, 0); |
694 | USETW(req.wLength, USB_HUB_DESCRIPTOR_SIZE); |
695 | err = usbd_do_request(dev, &req, &hd); |
696 | if (!err && |
697 | (UGETW(hd.wHubCharacteristics) & |
698 | UHD_PWR_INDIVIDUAL)) |
699 | selfpowered = 1; |
700 | DPRINTF(("%s: charac=0x%04x, error=%s\n", |
701 | __func__, UGETW(hd.wHubCharacteristics), |
702 | usbd_errstr(err))); |
703 | } else { |
704 | err = usbd_get_device_status(dev, &ds); |
705 | if (!err && |
706 | (UGETW(ds.wStatus) & UDS_SELF_POWERED)) |
707 | selfpowered = 1; |
708 | DPRINTF(("%s: status=0x%04x, error=%s\n", |
709 | __func__, UGETW(ds.wStatus), |
710 | usbd_errstr(err))); |
711 | } |
712 | } else |
713 | selfpowered = 1; |
714 | } |
715 | DPRINTF(("%s: (addr %d) cno=%d attr=0x%02x, selfpowered=%d, power=%d\n", |
716 | __func__, dev->address, cdp->bConfigurationValue, cdp->bmAttributes, |
717 | selfpowered, cdp->bMaxPower * 2)); |
718 | |
719 | |
720 | #ifdef USB_DEBUG |
721 | if (dev->powersrc == NULL) { |
722 | DPRINTF(("%s: No power source?\n", __func__)); |
723 | err = USBD_IOERROR; |
724 | goto bad; |
725 | } |
726 | #endif |
727 | power = cdp->bMaxPower * 2; |
728 | if (power > dev->powersrc->power) { |
| 80 | | Assuming 'power' is <= field 'power' | |
|
| |
729 | DPRINTF(("power exceeded %d %d\n", power,dev->powersrc->power)); |
730 | |
731 | if (msg) |
732 | printf("%s: device addr %d (config %d) exceeds power " |
733 | "budget, %d mA > %d mA\n", |
734 | dev->bus->bdev.dv_xname, dev->address, |
735 | cdp->bConfigurationValue, |
736 | power, dev->powersrc->power); |
737 | err = USBD_NO_POWER; |
738 | goto bad; |
739 | } |
740 | dev->power = power; |
741 | dev->self_powered = selfpowered; |
742 | |
743 | |
744 | DPRINTF(("%s: set config %d\n", __func__, cdp->bConfigurationValue)); |
745 | err = usbd_set_config(dev, cdp->bConfigurationValue); |
746 | if (err) { |
| |
| |
747 | DPRINTF(("%s: setting config=%d failed, error=%s\n", __func__, |
748 | cdp->bConfigurationValue, usbd_errstr(err))); |
749 | goto bad; |
750 | } |
751 | |
752 | |
753 | nifc = cdp->bNumInterfaces; |
754 | dev->ifaces = mallocarray(nifc, sizeof(*dev->ifaces), M_USB, |
755 | M_NOWAIT | M_ZERO); |
756 | if (dev->ifaces == NULL) { |
| 84 | | Assuming field 'ifaces' is not equal to NULL | |
|
| |
757 | err = USBD_NOMEM; |
758 | goto bad; |
759 | } |
760 | DPRINTFN(5,("%s: dev=%p cdesc=%p\n", __func__, dev, cdp)); |
761 | dev->cdesc = cdp; |
762 | dev->config = cdp->bConfigurationValue; |
763 | for (ifcidx = 0; ifcidx < nifc; ifcidx++) { |
| 86 | | Assuming 'ifcidx' is >= 'nifc' | |
|
| 87 | | Loop condition is false. Execution continues on line 769 | |
|
764 | err = usbd_fill_iface_data(dev, ifcidx, 0); |
765 | if (err) |
766 | return (err); |
767 | } |
768 | |
769 | return (USBD_NORMAL_COMPLETION); |
| 88 | | Returning zero, which participates in a condition later | |
|
770 | |
771 | bad: |
772 | free(cdp, M_USB, cdplen); |
773 | return (err); |
774 | } |
775 | |
776 | |
777 | |
778 | usbd_status |
779 | usbd_setup_pipe(struct usbd_device *dev, struct usbd_interface *iface, |
780 | struct usbd_endpoint *ep, int ival, struct usbd_pipe **pipe) |
781 | { |
782 | struct usbd_pipe *p; |
783 | usbd_status err; |
784 | |
785 | DPRINTF(("%s: dev=%p iface=%p ep=%p pipe=%p\n", __func__, |
786 | dev, iface, ep, pipe)); |
787 | p = malloc(dev->bus->pipe_size, M_USB, M_NOWAIT|M_ZERO); |
788 | if (p == NULL) |
| 9 | | Assuming 'p' is not equal to NULL | |
|
| |
789 | return (USBD_NOMEM); |
790 | p->pipe_size = dev->bus->pipe_size; |
791 | p->device = dev; |
792 | p->iface = iface; |
793 | p->endpoint = ep; |
794 | ep->refcnt++; |
795 | p->interval = ival; |
796 | SIMPLEQ_INIT(&p->queue); |
| 11 | | Loop condition is false. Exiting loop | |
|
797 | err = dev->bus->methods->open_pipe(p); |
798 | if (err) { |
| |
| |
799 | DPRINTF(("%s: endpoint=0x%x failed, error=%s\n", __func__, |
800 | ep->edesc->bEndpointAddress, usbd_errstr(err))); |
801 | free(p, M_USB, dev->bus->pipe_size); |
802 | return (err); |
803 | } |
804 | *pipe = p; |
805 | return (USBD_NORMAL_COMPLETION); |
806 | } |
807 | |
808 | int |
809 | usbd_set_address(struct usbd_device *dev, int addr) |
810 | { |
811 | usb_device_request_t req; |
812 | |
813 | req.bmRequestType = UT_WRITE_DEVICE; |
814 | req.bRequest = UR_SET_ADDRESS; |
815 | USETW(req.wValue, addr); |
816 | USETW(req.wIndex, 0); |
817 | USETW(req.wLength, 0); |
818 | if (usbd_do_request(dev, &req, 0)) |
819 | return (1); |
820 | |
821 | |
822 | usbd_delay_ms(dev, USB_SET_ADDRESS_SETTLE); |
823 | |
824 | return (0); |
825 | } |
826 | |
827 | int |
828 | usbd_getnewaddr(struct usbd_bus *bus) |
829 | { |
830 | int addr; |
831 | |
832 | for (addr = 1; addr < USB_MAX_DEVICES; addr++) |
833 | if (bus->devices[addr] == NULL) |
834 | return (addr); |
835 | return (-1); |
836 | } |
837 | |
838 | usbd_status |
839 | usbd_probe_and_attach(struct device *parent, struct usbd_device *dev, int port, |
840 | int addr) |
841 | { |
842 | struct usb_attach_arg uaa; |
843 | usb_device_descriptor_t *dd = &dev->ddesc; |
844 | int i, confi, nifaces; |
845 | usbd_status err; |
846 | struct device *dv; |
847 | struct usbd_interface **ifaces; |
848 | extern struct rwlock usbpalock; |
849 | |
850 | rw_enter_write(&usbpalock); |
851 | |
852 | uaa.device = dev; |
853 | uaa.iface = NULL; |
854 | uaa.ifaces = NULL; |
855 | uaa.nifaces = 0; |
856 | uaa.usegeneric = 0; |
857 | uaa.port = port; |
858 | uaa.configno = UHUB_UNK_CONFIGURATION; |
859 | uaa.ifaceno = UHUB_UNK_INTERFACE; |
860 | uaa.vendor = UGETW(dd->idVendor); |
861 | uaa.product = UGETW(dd->idProduct); |
862 | uaa.release = UGETW(dd->bcdDevice); |
863 | |
864 | |
865 | DPRINTF(("usbd_probe_and_attach trying device specific drivers\n")); |
866 | dv = config_found(parent, &uaa, usbd_print); |
867 | if (dv) { |
| |
| |
868 | dev->subdevs = mallocarray(2, sizeof dv, M_USB, M_NOWAIT); |
869 | if (dev->subdevs == NULL) { |
870 | err = USBD_NOMEM; |
871 | goto fail; |
872 | } |
873 | dev->nsubdev = 2; |
874 | dev->subdevs[dev->ndevs++] = dv; |
875 | dev->subdevs[dev->ndevs] = 0; |
876 | err = USBD_NORMAL_COMPLETION; |
877 | goto fail; |
878 | } |
879 | |
880 | DPRINTF(("%s: no device specific driver found\n", __func__)); |
881 | |
882 | DPRINTF(("%s: looping over %d configurations\n", __func__, |
883 | dd->bNumConfigurations)); |
884 | |
885 | for (confi = 0; confi < dd->bNumConfigurations; confi++) { |
| 60 | | Assuming 'confi' is < field 'bNumConfigurations' | |
|
| 61 | | Loop condition is true. Entering loop body | |
|
| 100 | | Assuming 'confi' is >= field 'bNumConfigurations' | |
|
| 101 | | Loop condition is false. Execution continues on line 953 | |
|
886 | DPRINTFN(1,("%s: trying config idx=%d\n", __func__, |
887 | confi)); |
888 | err = usbd_set_config_index(dev, confi, 1); |
| 62 | | Calling 'usbd_set_config_index' | |
|
| 89 | | Returning from 'usbd_set_config_index' | |
|
889 | if (err) { |
| |
890 | #ifdef USB_DEBUG |
891 | DPRINTF(("%s: port %d, set config at addr %d failed, " |
892 | "error=%s\n", parent->dv_xname, port, |
893 | addr, usbd_errstr(err))); |
894 | #else |
895 | printf("%s: port %d, set config %d at addr %d failed\n", |
896 | parent->dv_xname, port, confi, addr); |
897 | #endif |
898 | |
899 | goto fail; |
900 | } |
901 | nifaces = dev->cdesc->bNumInterfaces; |
902 | uaa.configno = dev->cdesc->bConfigurationValue; |
903 | ifaces = mallocarray(nifaces, sizeof(*ifaces), M_USB, M_NOWAIT); |
904 | if (ifaces == NULL) { |
| 91 | | Assuming 'ifaces' is not equal to NULL | |
|
| |
905 | err = USBD_NOMEM; |
906 | goto fail; |
907 | } |
908 | for (i = 0; i < nifaces; i++) |
| 93 | | Loop condition is false. Execution continues on line 910 | |
|
909 | ifaces[i] = &dev->ifaces[i]; |
910 | uaa.ifaces = ifaces; |
911 | uaa.nifaces = nifaces; |
912 | |
913 | |
914 | dev->subdevs = mallocarray(nifaces + 2, sizeof(dv), M_USB, |
915 | M_NOWAIT | M_ZERO); |
916 | if (dev->subdevs == NULL) { |
| 94 | | Assuming field 'subdevs' is not equal to NULL | |
|
| |
917 | free(ifaces, M_USB, nifaces * sizeof(*ifaces)); |
918 | err = USBD_NOMEM; |
919 | goto fail; |
920 | } |
921 | dev->nsubdev = nifaces + 2; |
922 | |
923 | for (i = 0; i < nifaces; i++) { |
| 96 | | Loop condition is false. Execution continues on line 934 | |
|
924 | if (usbd_iface_claimed(dev, i)) |
925 | continue; |
926 | uaa.iface = ifaces[i]; |
927 | uaa.ifaceno = ifaces[i]->idesc->bInterfaceNumber; |
928 | dv = config_found(parent, &uaa, usbd_print); |
929 | if (dv != NULL) { |
930 | dev->subdevs[dev->ndevs++] = dv; |
931 | usbd_claim_iface(dev, i); |
932 | } |
933 | } |
934 | free(ifaces, M_USB, nifaces * sizeof(*ifaces)); |
935 | |
936 | if (dev->ndevs > 0) { |
| 97 | | Assuming field 'ndevs' is <= 0 | |
|
| |
937 | for (i = 0; i < nifaces; i++) { |
938 | if (!usbd_iface_claimed(dev, i)) |
939 | break; |
940 | } |
941 | if (i < nifaces) |
942 | goto generic; |
943 | else |
944 | goto fail; |
945 | } |
946 | |
947 | free(dev->subdevs, M_USB, dev->nsubdev * sizeof(*dev->subdevs)); |
948 | dev->subdevs = NULL; |
| 99 | | Null pointer value stored to field 'subdevs' | |
|
949 | dev->nsubdev = 0; |
950 | } |
951 | |
952 | |
953 | if (dd->bNumConfigurations > 1) |
| |
954 | usbd_set_config_index(dev, 0, 0); |
955 | |
956 | DPRINTF(("%s: no interface drivers found\n", __func__)); |
957 | |
958 | generic: |
959 | |
960 | uaa.iface = NULL; |
961 | uaa.usegeneric = 1; |
962 | uaa.configno = dev->ndevs == 0 ? UHUB_UNK_CONFIGURATION : |
| 103 | | Assuming field 'ndevs' is not equal to 0 | |
|
| 104 | | '?' condition is false | |
|
963 | dev->cdesc->bConfigurationValue; |
964 | uaa.ifaceno = UHUB_UNK_INTERFACE; |
965 | dv = config_found(parent, &uaa, usbd_print); |
966 | if (dv != NULL) { |
| 105 | | Assuming 'dv' is not equal to NULL | |
|
| |
967 | if (dev->ndevs == 0) { |
| |
968 | dev->subdevs = mallocarray(2, sizeof dv, M_USB, M_NOWAIT); |
969 | if (dev->subdevs == NULL) { |
970 | err = USBD_NOMEM; |
971 | goto fail; |
972 | } |
973 | dev->nsubdev = 2; |
974 | } |
975 | dev->subdevs[dev->ndevs++] = dv; |
| 108 | | Array access (via field 'subdevs') results in a null pointer dereference |
|
976 | dev->subdevs[dev->ndevs] = 0; |
977 | err = USBD_NORMAL_COMPLETION; |
978 | goto fail; |
979 | } |
980 | |
981 | |
982 | |
983 | |
984 | |
985 | |
986 | DPRINTF(("%s: generic attach failed\n", __func__)); |
987 | err = USBD_NORMAL_COMPLETION; |
988 | fail: |
989 | rw_exit_write(&usbpalock); |
990 | return (err); |
991 | } |
992 | |
993 | |
994 | |
995 | |
996 | |
997 | |
998 | |
999 | |
1000 | usbd_status |
1001 | usbd_new_device(struct device *parent, struct usbd_bus *bus, int depth, |
1002 | int speed, int port, struct usbd_port *up) |
1003 | { |
1004 | struct usbd_device *dev, *adev, *hub; |
1005 | usb_device_descriptor_t *dd; |
1006 | usbd_status err; |
1007 | uint32_t mps, mps0; |
1008 | int addr, i, p; |
1009 | |
1010 | DPRINTF(("%s: bus=%p port=%d depth=%d speed=%d\n", __func__, |
1011 | bus, port, depth, speed)); |
1012 | |
1013 | |
1014 | |
1015 | |
1016 | |
1017 | switch (speed) { |
| 1 | Control jumps to 'case 4:' at line 1025 | |
|
1018 | case USB_SPEED_LOW: |
1019 | mps0 = 8; |
1020 | break; |
1021 | case USB_SPEED_HIGH: |
1022 | case USB_SPEED_FULL: |
1023 | mps0 = 64; |
1024 | break; |
1025 | case USB_SPEED_SUPER: |
1026 | mps0 = 512; |
1027 | break; |
| 2 | | Execution continues on line 1032 | |
|
1028 | default: |
1029 | return (USBD_INVAL); |
1030 | } |
1031 | |
1032 | addr = usbd_getnewaddr(bus); |
1033 | if (addr < 0) { |
| |
1034 | printf("%s: No free USB addresses, new device ignored.\n", |
1035 | bus->bdev.dv_xname); |
1036 | return (USBD_NO_ADDR); |
1037 | } |
1038 | |
1039 | dev = malloc(sizeof *dev, M_USB, M_NOWAIT | M_ZERO); |
1040 | if (dev == NULL) |
| 4 | | Assuming 'dev' is not equal to NULL | |
|
| |
1041 | return (USBD_NOMEM); |
1042 | |
1043 | dev->bus = bus; |
1044 | |
1045 | |
1046 | dev->def_ep.edesc = &dev->def_ep_desc; |
1047 | |
1048 | |
1049 | dev->def_ep_desc.bLength = USB_ENDPOINT_DESCRIPTOR_SIZE; |
1050 | dev->def_ep_desc.bDescriptorType = UDESC_ENDPOINT; |
1051 | dev->def_ep_desc.bEndpointAddress = USB_CONTROL_ENDPOINT; |
1052 | dev->def_ep_desc.bmAttributes = UE_CONTROL; |
1053 | dev->def_ep_desc.bInterval = 0; |
1054 | USETW(dev->def_ep_desc.wMaxPacketSize, mps0); |
1055 | |
1056 | dev->quirks = &usbd_no_quirk; |
1057 | dev->address = USB_START_ADDR; |
1058 | dev->ddesc.bMaxPacketSize = 0; |
1059 | dev->depth = depth; |
1060 | dev->powersrc = up; |
1061 | dev->myhub = up->parent; |
1062 | dev->speed = speed; |
1063 | dev->langid = USBD_NOLANG; |
1064 | |
1065 | up->device = dev; |
1066 | |
1067 | |
1068 | for (adev = dev, hub = up->parent; |
1069 | hub != NULL && hub->speed != USB_SPEED_HIGH; |
| 6 | | Assuming 'hub' is equal to NULL | |
|
1070 | adev = hub, hub = hub->myhub) |
1071 | ; |
1072 | if (hub) { |
| |
1073 | for (p = 0; p < hub->hub->nports; p++) { |
1074 | if (hub->hub->ports[p].device == adev) { |
1075 | dev->myhsport = &hub->hub->ports[p]; |
1076 | goto found; |
1077 | } |
1078 | } |
1079 | panic("usbd_new_device: cannot find HS port"); |
1080 | found: |
1081 | DPRINTFN(1,("%s: high speed port %d\n", __func__, p)); |
1082 | } else { |
1083 | dev->myhsport = NULL; |
1084 | } |
1085 | |
1086 | |
1087 | err = usbd_setup_pipe(dev, 0, &dev->def_ep, USBD_DEFAULT_INTERVAL, |
| 8 | | Calling 'usbd_setup_pipe' | |
|
| 14 | | Returning from 'usbd_setup_pipe' | |
|
1088 | &dev->default_pipe); |
1089 | if (err) |
| |
1090 | goto fail; |
1091 | |
1092 | dd = &dev->ddesc; |
1093 | |
1094 | |
1095 | |
1096 | |
1097 | |
1098 | |
1099 | |
1100 | for (i = 0; i < 3; i++) { |
| 16 | | Loop condition is true. Entering loop body | |
|
1101 | |
1102 | |
1103 | |
1104 | err = usbd_get_desc(dev, UDESC_DEVICE, 0, USB_MAX_IPACKET, dd); |
1105 | if (!err) |
| |
| |
1106 | break; |
| 19 | | Execution continues on line 1113 | |
|
1107 | if (err == USBD_TIMEOUT) |
1108 | goto fail; |
1109 | usbd_delay_ms(dev, 100+50*i); |
1110 | } |
1111 | |
1112 | |
1113 | if (err) { |
| |
1114 | USETW(dev->def_ep_desc.wMaxPacketSize, |
1115 | USB_DEVICE_DESCRIPTOR_SIZE); |
1116 | usbd_reset_port(up->parent, port); |
1117 | for (i = 0; i < 3; i++) { |
1118 | err = usbd_get_desc(dev, UDESC_DEVICE, 0, |
1119 | USB_DEVICE_DESCRIPTOR_SIZE, dd); |
1120 | if (!err) |
1121 | break; |
1122 | if (err == USBD_TIMEOUT) |
1123 | goto fail; |
1124 | usbd_delay_ms(dev, 100+50*i); |
1125 | } |
1126 | } |
1127 | |
1128 | |
1129 | if (err) { |
| |
1130 | USETW(dev->def_ep_desc.wMaxPacketSize, USB_MAX_IPACKET); |
1131 | usbd_reset_port(up->parent, port); |
1132 | usbd_delay_ms(dev, 500); |
1133 | err = usbd_get_desc(dev, UDESC_DEVICE, 0, |
1134 | USB_MAX_IPACKET, dd); |
1135 | } |
1136 | |
1137 | if (err) |
| |
1138 | goto fail; |
1139 | |
1140 | DPRINTF(("%s: adding unit addr=%d, rev=%02x, class=%d, subclass=%d, " |
1141 | "protocol=%d, maxpacket=%d, len=%d, speed=%d\n", __func__, |
1142 | addr,UGETW(dd->bcdUSB), dd->bDeviceClass, dd->bDeviceSubClass, |
1143 | dd->bDeviceProtocol, dd->bMaxPacketSize, dd->bLength, |
1144 | dev->speed)); |
1145 | |
1146 | if ((dd->bDescriptorType != UDESC_DEVICE) || |
| 23 | | Assuming field 'bDescriptorType' is equal to UDESC_DEVICE | |
|
| |
1147 | (dd->bLength < USB_DEVICE_DESCRIPTOR_SIZE)) { |
| 24 | | Assuming field 'bLength' is >= USB_DEVICE_DESCRIPTOR_SIZE | |
|
1148 | err = USBD_INVAL; |
1149 | goto fail; |
1150 | } |
1151 | |
1152 | mps = dd->bMaxPacketSize; |
1153 | if (speed == USB_SPEED_SUPER) { |
| |
1154 | if (mps == 0xff) |
| 27 | | Assuming 'mps' is not equal to 255 | |
|
| |
1155 | mps = 9; |
1156 | |
1157 | mps = (1 << mps); |
1158 | } |
1159 | |
1160 | if (mps != mps0) { |
| 29 | | Assuming 'mps' is equal to 'mps0' | |
|
| |
1161 | if ((speed == USB_SPEED_LOW) || |
1162 | (mps != 8 && mps != 16 && mps != 32 && mps != 64)) { |
1163 | err = USBD_INVAL; |
1164 | goto fail; |
1165 | } |
1166 | USETW(dev->def_ep_desc.wMaxPacketSize, mps); |
1167 | } |
1168 | |
1169 | |
1170 | |
1171 | if (bus->methods->dev_setaddr != NULL && |
| 31 | | Assuming field 'dev_setaddr' is equal to NULL | |
|
1172 | bus->methods->dev_setaddr(dev, addr)) { |
1173 | err = USBD_SET_ADDR_FAILED; |
1174 | goto fail; |
1175 | } |
1176 | |
1177 | |
1178 | usbd_delay_ms(dev, 10); |
1179 | |
1180 | |
1181 | |
1182 | |
1183 | |
1184 | dev->address = addr; |
1185 | |
1186 | err = usbd_reload_device_desc(dev); |
1187 | if (err) |
| |
1188 | goto fail; |
1189 | |
1190 | |
1191 | if (dev->quirks->uq_flags & UQ_EHCI_NEEDTO_DISOWN) { |
| 33 | | Assuming the condition is false | |
|
| |
1192 | |
1193 | if (dev->bus->usbrev == USBREV_2_0) { |
1194 | DPRINTF(("%s: disown request issues to dev:%p on usb2.0 bus\n", |
1195 | __func__, dev)); |
1196 | usbd_port_disown_to_1_1(dev->myhub, port); |
1197 | |
1198 | usbd_reset_port(dev->myhub, port); |
1199 | return (USBD_NORMAL_COMPLETION); |
1200 | } |
1201 | } |
1202 | |
1203 | |
1204 | dev->power = USB_MIN_POWER; |
1205 | dev->self_powered = 0; |
1206 | |
1207 | DPRINTF(("%s: new dev (addr %d), dev=%p, parent=%p\n", __func__, |
1208 | addr, dev, parent)); |
1209 | |
1210 | |
1211 | err = usbd_cache_devinfo(dev); |
| 35 | | Calling 'usbd_cache_devinfo' | |
|
| 55 | | Returning from 'usbd_cache_devinfo' | |
|
1212 | if (err) |
| |
1213 | goto fail; |
1214 | |
1215 | bus->devices[addr] = dev; |
1216 | |
1217 | err = usbd_probe_and_attach(parent, dev, port, addr); |
| 57 | | Calling 'usbd_probe_and_attach' | |
|
1218 | if (err) |
1219 | goto fail; |
1220 | |
1221 | return (USBD_NORMAL_COMPLETION); |
1222 | |
1223 | fail: |
1224 | usb_free_device(dev); |
1225 | up->device = NULL; |
1226 | return (err); |
1227 | } |
1228 | |
1229 | usbd_status |
1230 | usbd_reload_device_desc(struct usbd_device *dev) |
1231 | { |
1232 | usbd_status err; |
1233 | |
1234 | |
1235 | err = usbd_get_desc(dev, UDESC_DEVICE, 0, |
1236 | USB_DEVICE_DESCRIPTOR_SIZE, &dev->ddesc); |
1237 | if (err) |
1238 | return (err); |
1239 | |
1240 | |
1241 | dev->quirks = usbd_find_quirk(&dev->ddesc); |
1242 | |
1243 | return (USBD_NORMAL_COMPLETION); |
1244 | } |
1245 | |
1246 | int |
1247 | usbd_print(void *aux, const char *pnp) |
1248 | { |
1249 | struct usb_attach_arg *uaa = aux; |
1250 | char *devinfop; |
1251 | |
1252 | devinfop = malloc(DEVINFOSIZE, M_TEMP, M_WAITOK); |
1253 | usbd_devinfo(uaa->device, 0, devinfop, DEVINFOSIZE); |
1254 | |
1255 | DPRINTFN(15, ("usbd_print dev=%p\n", uaa->device)); |
1256 | if (pnp) { |
1257 | if (!uaa->usegeneric) { |
1258 | free(devinfop, M_TEMP, DEVINFOSIZE); |
1259 | return (QUIET); |
1260 | } |
1261 | printf("%s at %s", devinfop, pnp); |
1262 | } |
1263 | if (uaa->port != 0) |
1264 | printf(" port %d", uaa->port); |
1265 | if (uaa->configno != UHUB_UNK_CONFIGURATION) |
1266 | printf(" configuration %d", uaa->configno); |
1267 | if (uaa->ifaceno != UHUB_UNK_INTERFACE) |
1268 | printf(" interface %d", uaa->ifaceno); |
1269 | |
1270 | if (!pnp) |
1271 | printf(" %s\n", devinfop); |
1272 | free(devinfop, M_TEMP, DEVINFOSIZE); |
1273 | return (UNCONF); |
1274 | } |
1275 | |
1276 | void |
1277 | usbd_fill_deviceinfo(struct usbd_device *dev, struct usb_device_info *di) |
1278 | { |
1279 | struct usbd_port *p; |
1280 | int i; |
1281 | |
1282 | di->udi_bus = dev->bus->usbctl->dv_unit; |
1283 | di->udi_addr = dev->address; |
1284 | strlcpy(di->udi_vendor, dev->vendor, sizeof(di->udi_vendor)); |
1285 | strlcpy(di->udi_product, dev->product, sizeof(di->udi_product)); |
1286 | usbd_printBCD(di->udi_release, sizeof di->udi_release, |
1287 | UGETW(dev->ddesc.bcdDevice)); |
1288 | di->udi_vendorNo = UGETW(dev->ddesc.idVendor); |
1289 | di->udi_productNo = UGETW(dev->ddesc.idProduct); |
1290 | di->udi_releaseNo = UGETW(dev->ddesc.bcdDevice); |
1291 | di->udi_class = dev->ddesc.bDeviceClass; |
1292 | di->udi_subclass = dev->ddesc.bDeviceSubClass; |
1293 | di->udi_protocol = dev->ddesc.bDeviceProtocol; |
1294 | di->udi_config = dev->config; |
1295 | di->udi_power = dev->self_powered ? 0 : dev->power; |
1296 | di->udi_speed = dev->speed; |
1297 | di->udi_port = dev->powersrc ? dev->powersrc->portno : 0; |
1298 | |
1299 | if (dev->subdevs != NULL) { |
1300 | for (i = 0; dev->subdevs[i] && i < USB_MAX_DEVNAMES; i++) { |
1301 | strncpy(di->udi_devnames[i], |
1302 | dev->subdevs[i]->dv_xname, USB_MAX_DEVNAMELEN); |
1303 | di->udi_devnames[i][USB_MAX_DEVNAMELEN-1] = '\0'; |
1304 | } |
1305 | } else |
1306 | i = 0; |
1307 | |
1308 | for (; i < USB_MAX_DEVNAMES; i++) |
1309 | di->udi_devnames[i][0] = 0; |
1310 | |
1311 | if (dev->hub) { |
1312 | for (i = 0; |
1313 | i < nitems(di->udi_ports) && i < dev->hub->nports; i++) { |
1314 | p = &dev->hub->ports[i]; |
1315 | di->udi_ports[i] = UGETW(p->status.wPortChange) << 16 | |
1316 | UGETW(p->status.wPortStatus); |
1317 | } |
1318 | di->udi_nports = dev->hub->nports; |
1319 | } else |
1320 | di->udi_nports = 0; |
1321 | |
1322 | bzero(di->udi_serial, sizeof(di->udi_serial)); |
1323 | if (dev->serial != NULL) |
1324 | strlcpy(di->udi_serial, dev->serial, |
1325 | sizeof(di->udi_serial)); |
1326 | } |
1327 | |
1328 | |
1329 | usb_config_descriptor_t * |
1330 | usbd_get_cdesc(struct usbd_device *dev, int index, u_int *lenp) |
1331 | { |
1332 | usb_config_descriptor_t *cdesc, *tdesc, cdescr; |
1333 | u_int len; |
1334 | usbd_status err; |
1335 | |
1336 | if (index == USB_CURRENT_CONFIG_INDEX) { |
1337 | tdesc = usbd_get_config_descriptor(dev); |
1338 | if (tdesc == NULL) |
1339 | return (NULL); |
1340 | len = UGETW(tdesc->wTotalLength); |
1341 | if (lenp) |
1342 | *lenp = len; |
1343 | cdesc = malloc(len, M_TEMP, M_WAITOK); |
1344 | memcpy(cdesc, tdesc, len); |
1345 | DPRINTFN(5,("%s: current, len=%u\n", __func__, len)); |
1346 | } else { |
1347 | err = usbd_get_desc(dev, UDESC_CONFIG, index, |
1348 | USB_CONFIG_DESCRIPTOR_SIZE, &cdescr); |
1349 | if (err || cdescr.bDescriptorType != UDESC_CONFIG) |
1350 | return (NULL); |
1351 | len = UGETW(cdescr.wTotalLength); |
1352 | DPRINTFN(5,("%s: index=%d, len=%u\n", __func__, index, len)); |
1353 | if (lenp) |
1354 | *lenp = len; |
1355 | cdesc = malloc(len, M_TEMP, M_WAITOK); |
1356 | err = usbd_get_desc(dev, UDESC_CONFIG, index, len, cdesc); |
1357 | if (err) { |
1358 | free(cdesc, M_TEMP, len); |
1359 | return (NULL); |
1360 | } |
1361 | } |
1362 | return (cdesc); |
1363 | } |
1364 | |
1365 | void |
1366 | usb_free_device(struct usbd_device *dev) |
1367 | { |
1368 | int ifcidx, nifc; |
1369 | |
1370 | DPRINTF(("%s: %p\n", __func__, dev)); |
1371 | |
1372 | if (dev->default_pipe != NULL) |
1373 | usbd_close_pipe(dev->default_pipe); |
1374 | if (dev->ifaces != NULL) { |
1375 | nifc = dev->cdesc->bNumInterfaces; |
1376 | for (ifcidx = 0; ifcidx < nifc; ifcidx++) |
1377 | usbd_free_iface_data(dev, ifcidx); |
1378 | free(dev->ifaces, M_USB, nifc * sizeof(*dev->ifaces)); |
1379 | } |
1380 | if (dev->cdesc != NULL) |
1381 | free(dev->cdesc, M_USB, UGETW(dev->cdesc->wTotalLength)); |
1382 | free(dev->subdevs, M_USB, dev->nsubdev * sizeof(*dev->subdevs)); |
1383 | dev->bus->devices[dev->address] = NULL; |
1384 | |
1385 | if (dev->vendor != NULL) |
1386 | free(dev->vendor, M_USB, USB_MAX_STRING_LEN); |
1387 | if (dev->product != NULL) |
1388 | free(dev->product, M_USB, USB_MAX_STRING_LEN); |
1389 | if (dev->serial != NULL) |
1390 | free(dev->serial, M_USB, USB_MAX_STRING_LEN); |
1391 | |
1392 | free(dev, M_USB, sizeof *dev); |
1393 | } |
1394 | |
1395 | |
1396 | |
1397 | |
1398 | |
1399 | int |
1400 | usbd_detach(struct usbd_device *dev, struct device *parent) |
1401 | { |
1402 | int i, rv = 0; |
1403 | |
1404 | usbd_deactivate(dev); |
1405 | |
1406 | if (dev->ndevs > 0) { |
1407 | for (i = 0; dev->subdevs[i] != NULL; i++) |
1408 | rv |= config_detach(dev->subdevs[i], DETACH_FORCE); |
1409 | } |
1410 | |
1411 | if (rv == 0) |
1412 | usb_free_device(dev); |
1413 | |
1414 | return (rv); |
1415 | } |