usb.cpp revision 40a87784913066f74c2f7a1e9f5f54aaf4692364
1/* 2 * Copyright (C) 2007 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#define TRACE_TAG USB 18 19#include "sysdeps.h" 20 21#include <dirent.h> 22#include <errno.h> 23#include <linux/usb/ch9.h> 24#include <linux/usb/functionfs.h> 25#include <stdio.h> 26#include <stdlib.h> 27#include <string.h> 28#include <sys/ioctl.h> 29#include <sys/types.h> 30#include <unistd.h> 31 32#include <algorithm> 33#include <atomic> 34#include <chrono> 35#include <condition_variable> 36#include <mutex> 37#include <thread> 38 39#include <android-base/logging.h> 40#include <android-base/properties.h> 41 42#include "adb.h" 43#include "daemon/usb.h" 44#include "transport.h" 45 46using namespace std::chrono_literals; 47 48#define MAX_PACKET_SIZE_FS 64 49#define MAX_PACKET_SIZE_HS 512 50#define MAX_PACKET_SIZE_SS 1024 51 52// Kernels before 3.3 have a 16KiB transfer limit That limit was replaced 53// with a 16MiB global limit in 3.3, but each URB submitted required a 54// contiguous kernel allocation, so you would get ENOMEM if you tried to 55// send something larger than the biggest available contiguous kernel 56// memory region. Large contiguous allocations could be unreliable 57// on a device kernel that has been running for a while fragmenting its 58// memory so we start with a larger allocation, and shrink the amount if 59// necessary. 60#define USB_FFS_BULK_SIZE 16384 61 62#define cpu_to_le16(x) htole16(x) 63#define cpu_to_le32(x) htole32(x) 64 65#define FUNCTIONFS_ENDPOINT_ALLOC _IOR('g', 231, __u32) 66 67static constexpr size_t ENDPOINT_ALLOC_RETRIES = 10; 68 69static int dummy_fd = -1; 70 71struct func_desc { 72 struct usb_interface_descriptor intf; 73 struct usb_endpoint_descriptor_no_audio source; 74 struct usb_endpoint_descriptor_no_audio sink; 75} __attribute__((packed)); 76 77struct ss_func_desc { 78 struct usb_interface_descriptor intf; 79 struct usb_endpoint_descriptor_no_audio source; 80 struct usb_ss_ep_comp_descriptor source_comp; 81 struct usb_endpoint_descriptor_no_audio sink; 82 struct usb_ss_ep_comp_descriptor sink_comp; 83} __attribute__((packed)); 84 85struct desc_v1 { 86 struct usb_functionfs_descs_head_v1 { 87 __le32 magic; 88 __le32 length; 89 __le32 fs_count; 90 __le32 hs_count; 91 } __attribute__((packed)) header; 92 struct func_desc fs_descs, hs_descs; 93} __attribute__((packed)); 94 95struct desc_v2 { 96 struct usb_functionfs_descs_head_v2 header; 97 // The rest of the structure depends on the flags in the header. 98 __le32 fs_count; 99 __le32 hs_count; 100 __le32 ss_count; 101 __le32 os_count; 102 struct func_desc fs_descs, hs_descs; 103 struct ss_func_desc ss_descs; 104 struct usb_os_desc_header os_header; 105 struct usb_ext_compat_desc os_desc; 106} __attribute__((packed)); 107 108static struct func_desc fs_descriptors = { 109 .intf = { 110 .bLength = sizeof(fs_descriptors.intf), 111 .bDescriptorType = USB_DT_INTERFACE, 112 .bInterfaceNumber = 0, 113 .bNumEndpoints = 2, 114 .bInterfaceClass = ADB_CLASS, 115 .bInterfaceSubClass = ADB_SUBCLASS, 116 .bInterfaceProtocol = ADB_PROTOCOL, 117 .iInterface = 1, /* first string from the provided table */ 118 }, 119 .source = { 120 .bLength = sizeof(fs_descriptors.source), 121 .bDescriptorType = USB_DT_ENDPOINT, 122 .bEndpointAddress = 1 | USB_DIR_OUT, 123 .bmAttributes = USB_ENDPOINT_XFER_BULK, 124 .wMaxPacketSize = MAX_PACKET_SIZE_FS, 125 }, 126 .sink = { 127 .bLength = sizeof(fs_descriptors.sink), 128 .bDescriptorType = USB_DT_ENDPOINT, 129 .bEndpointAddress = 2 | USB_DIR_IN, 130 .bmAttributes = USB_ENDPOINT_XFER_BULK, 131 .wMaxPacketSize = MAX_PACKET_SIZE_FS, 132 }, 133}; 134 135static struct func_desc hs_descriptors = { 136 .intf = { 137 .bLength = sizeof(hs_descriptors.intf), 138 .bDescriptorType = USB_DT_INTERFACE, 139 .bInterfaceNumber = 0, 140 .bNumEndpoints = 2, 141 .bInterfaceClass = ADB_CLASS, 142 .bInterfaceSubClass = ADB_SUBCLASS, 143 .bInterfaceProtocol = ADB_PROTOCOL, 144 .iInterface = 1, /* first string from the provided table */ 145 }, 146 .source = { 147 .bLength = sizeof(hs_descriptors.source), 148 .bDescriptorType = USB_DT_ENDPOINT, 149 .bEndpointAddress = 1 | USB_DIR_OUT, 150 .bmAttributes = USB_ENDPOINT_XFER_BULK, 151 .wMaxPacketSize = MAX_PACKET_SIZE_HS, 152 }, 153 .sink = { 154 .bLength = sizeof(hs_descriptors.sink), 155 .bDescriptorType = USB_DT_ENDPOINT, 156 .bEndpointAddress = 2 | USB_DIR_IN, 157 .bmAttributes = USB_ENDPOINT_XFER_BULK, 158 .wMaxPacketSize = MAX_PACKET_SIZE_HS, 159 }, 160}; 161 162static struct ss_func_desc ss_descriptors = { 163 .intf = { 164 .bLength = sizeof(ss_descriptors.intf), 165 .bDescriptorType = USB_DT_INTERFACE, 166 .bInterfaceNumber = 0, 167 .bNumEndpoints = 2, 168 .bInterfaceClass = ADB_CLASS, 169 .bInterfaceSubClass = ADB_SUBCLASS, 170 .bInterfaceProtocol = ADB_PROTOCOL, 171 .iInterface = 1, /* first string from the provided table */ 172 }, 173 .source = { 174 .bLength = sizeof(ss_descriptors.source), 175 .bDescriptorType = USB_DT_ENDPOINT, 176 .bEndpointAddress = 1 | USB_DIR_OUT, 177 .bmAttributes = USB_ENDPOINT_XFER_BULK, 178 .wMaxPacketSize = MAX_PACKET_SIZE_SS, 179 }, 180 .source_comp = { 181 .bLength = sizeof(ss_descriptors.source_comp), 182 .bDescriptorType = USB_DT_SS_ENDPOINT_COMP, 183 .bMaxBurst = 4, 184 }, 185 .sink = { 186 .bLength = sizeof(ss_descriptors.sink), 187 .bDescriptorType = USB_DT_ENDPOINT, 188 .bEndpointAddress = 2 | USB_DIR_IN, 189 .bmAttributes = USB_ENDPOINT_XFER_BULK, 190 .wMaxPacketSize = MAX_PACKET_SIZE_SS, 191 }, 192 .sink_comp = { 193 .bLength = sizeof(ss_descriptors.sink_comp), 194 .bDescriptorType = USB_DT_SS_ENDPOINT_COMP, 195 .bMaxBurst = 4, 196 }, 197}; 198 199struct usb_ext_compat_desc os_desc_compat = { 200 .bFirstInterfaceNumber = 0, 201 .Reserved1 = cpu_to_le32(1), 202 .CompatibleID = {0}, 203 .SubCompatibleID = {0}, 204 .Reserved2 = {0}, 205}; 206 207static struct usb_os_desc_header os_desc_header = { 208 .interface = cpu_to_le32(1), 209 .dwLength = cpu_to_le32(sizeof(os_desc_header) + sizeof(os_desc_compat)), 210 .bcdVersion = cpu_to_le32(1), 211 .wIndex = cpu_to_le32(4), 212 .bCount = cpu_to_le32(1), 213 .Reserved = cpu_to_le32(0), 214}; 215 216#define STR_INTERFACE_ "ADB Interface" 217 218static const struct { 219 struct usb_functionfs_strings_head header; 220 struct { 221 __le16 code; 222 const char str1[sizeof(STR_INTERFACE_)]; 223 } __attribute__((packed)) lang0; 224} __attribute__((packed)) strings = { 225 .header = { 226 .magic = cpu_to_le32(FUNCTIONFS_STRINGS_MAGIC), 227 .length = cpu_to_le32(sizeof(strings)), 228 .str_count = cpu_to_le32(1), 229 .lang_count = cpu_to_le32(1), 230 }, 231 .lang0 = { 232 cpu_to_le16(0x0409), /* en-us */ 233 STR_INTERFACE_, 234 }, 235}; 236 237bool init_functionfs(struct usb_handle* h) { 238 ssize_t ret; 239 struct desc_v1 v1_descriptor; 240 struct desc_v2 v2_descriptor; 241 size_t retries = 0; 242 243 v2_descriptor.header.magic = cpu_to_le32(FUNCTIONFS_DESCRIPTORS_MAGIC_V2); 244 v2_descriptor.header.length = cpu_to_le32(sizeof(v2_descriptor)); 245 v2_descriptor.header.flags = FUNCTIONFS_HAS_FS_DESC | FUNCTIONFS_HAS_HS_DESC | 246 FUNCTIONFS_HAS_SS_DESC | FUNCTIONFS_HAS_MS_OS_DESC; 247 v2_descriptor.fs_count = 3; 248 v2_descriptor.hs_count = 3; 249 v2_descriptor.ss_count = 5; 250 v2_descriptor.os_count = 1; 251 v2_descriptor.fs_descs = fs_descriptors; 252 v2_descriptor.hs_descs = hs_descriptors; 253 v2_descriptor.ss_descs = ss_descriptors; 254 v2_descriptor.os_header = os_desc_header; 255 v2_descriptor.os_desc = os_desc_compat; 256 257 if (h->control < 0) { // might have already done this before 258 D("OPENING %s", USB_FFS_ADB_EP0); 259 h->control = adb_open(USB_FFS_ADB_EP0, O_RDWR); 260 if (h->control < 0) { 261 D("[ %s: cannot open control endpoint: errno=%d]", USB_FFS_ADB_EP0, errno); 262 goto err; 263 } 264 265 ret = adb_write(h->control, &v2_descriptor, sizeof(v2_descriptor)); 266 if (ret < 0) { 267 v1_descriptor.header.magic = cpu_to_le32(FUNCTIONFS_DESCRIPTORS_MAGIC); 268 v1_descriptor.header.length = cpu_to_le32(sizeof(v1_descriptor)); 269 v1_descriptor.header.fs_count = 3; 270 v1_descriptor.header.hs_count = 3; 271 v1_descriptor.fs_descs = fs_descriptors; 272 v1_descriptor.hs_descs = hs_descriptors; 273 D("[ %s: Switching to V1_descriptor format errno=%d ]", USB_FFS_ADB_EP0, errno); 274 ret = adb_write(h->control, &v1_descriptor, sizeof(v1_descriptor)); 275 if (ret < 0) { 276 D("[ %s: write descriptors failed: errno=%d ]", USB_FFS_ADB_EP0, errno); 277 goto err; 278 } 279 } 280 281 ret = adb_write(h->control, &strings, sizeof(strings)); 282 if (ret < 0) { 283 D("[ %s: writing strings failed: errno=%d]", USB_FFS_ADB_EP0, errno); 284 goto err; 285 } 286 //Signal only when writing the descriptors to ffs 287 android::base::SetProperty("sys.usb.ffs.ready", "1"); 288 } 289 290 h->bulk_out = adb_open(USB_FFS_ADB_OUT, O_RDWR); 291 if (h->bulk_out < 0) { 292 D("[ %s: cannot open bulk-out ep: errno=%d ]", USB_FFS_ADB_OUT, errno); 293 goto err; 294 } 295 296 h->bulk_in = adb_open(USB_FFS_ADB_IN, O_RDWR); 297 if (h->bulk_in < 0) { 298 D("[ %s: cannot open bulk-in ep: errno=%d ]", USB_FFS_ADB_IN, errno); 299 goto err; 300 } 301 302 h->max_rw = MAX_PAYLOAD; 303 while (h->max_rw >= USB_FFS_BULK_SIZE && retries < ENDPOINT_ALLOC_RETRIES) { 304 int ret_in = ioctl(h->bulk_in, FUNCTIONFS_ENDPOINT_ALLOC, static_cast<__u32>(h->max_rw)); 305 int errno_in = errno; 306 int ret_out = ioctl(h->bulk_out, FUNCTIONFS_ENDPOINT_ALLOC, static_cast<__u32>(h->max_rw)); 307 int errno_out = errno; 308 309 if (ret_in || ret_out) { 310 if (errno_in == ENODEV || errno_out == ENODEV) { 311 std::this_thread::sleep_for(100ms); 312 retries += 1; 313 continue; 314 } 315 h->max_rw /= 2; 316 } else { 317 return true; 318 } 319 } 320 321 D("[ adb: cannot call endpoint alloc: errno=%d ]", errno); 322 // Kernel pre-allocation could have failed for recoverable reasons. 323 // Continue running with a safe max rw size. 324 h->max_rw = USB_FFS_BULK_SIZE; 325 return true; 326 327err: 328 if (h->bulk_in > 0) { 329 adb_close(h->bulk_in); 330 h->bulk_in = -1; 331 } 332 if (h->bulk_out > 0) { 333 adb_close(h->bulk_out); 334 h->bulk_out = -1; 335 } 336 if (h->control > 0) { 337 adb_close(h->control); 338 h->control = -1; 339 } 340 return false; 341} 342 343static void usb_ffs_open_thread(void* x) { 344 struct usb_handle* usb = (struct usb_handle*)x; 345 346 adb_thread_setname("usb ffs open"); 347 348 while (true) { 349 // wait until the USB device needs opening 350 std::unique_lock<std::mutex> lock(usb->lock); 351 while (!usb->open_new_connection) { 352 usb->notify.wait(lock); 353 } 354 usb->open_new_connection = false; 355 lock.unlock(); 356 357 while (true) { 358 if (init_functionfs(usb)) { 359 break; 360 } 361 std::this_thread::sleep_for(1s); 362 } 363 364 D("[ usb_thread - registering device ]"); 365 register_usb_transport(usb, 0, 0, 1); 366 } 367 368 // never gets here 369 abort(); 370} 371 372static int usb_ffs_write(usb_handle* h, const void* data, int len) { 373 D("about to write (fd=%d, len=%d)", h->bulk_in, len); 374 375 const char* buf = static_cast<const char*>(data); 376 while (len > 0) { 377 int write_len = std::min(h->max_rw, len); 378 int n = adb_write(h->bulk_in, buf, write_len); 379 if (n < 0) { 380 D("ERROR: fd = %d, n = %d: %s", h->bulk_in, n, strerror(errno)); 381 return -1; 382 } 383 buf += n; 384 len -= n; 385 } 386 387 D("[ done fd=%d ]", h->bulk_in); 388 return 0; 389} 390 391static int usb_ffs_read(usb_handle* h, void* data, int len) { 392 D("about to read (fd=%d, len=%d)", h->bulk_out, len); 393 394 char* buf = static_cast<char*>(data); 395 while (len > 0) { 396 int read_len = std::min(h->max_rw, len); 397 int n = adb_read(h->bulk_out, buf, read_len); 398 if (n < 0) { 399 D("ERROR: fd = %d, n = %d: %s", h->bulk_out, n, strerror(errno)); 400 return -1; 401 } 402 buf += n; 403 len -= n; 404 } 405 406 D("[ done fd=%d ]", h->bulk_out); 407 return 0; 408} 409 410static void usb_ffs_kick(usb_handle* h) { 411 int err; 412 413 err = ioctl(h->bulk_in, FUNCTIONFS_CLEAR_HALT); 414 if (err < 0) { 415 D("[ kick: source (fd=%d) clear halt failed (%d) ]", h->bulk_in, errno); 416 } 417 418 err = ioctl(h->bulk_out, FUNCTIONFS_CLEAR_HALT); 419 if (err < 0) { 420 D("[ kick: sink (fd=%d) clear halt failed (%d) ]", h->bulk_out, errno); 421 } 422 423 // don't close ep0 here, since we may not need to reinitialize it with 424 // the same descriptors again. if however ep1/ep2 fail to re-open in 425 // init_functionfs, only then would we close and open ep0 again. 426 // Ditto the comment in usb_adb_kick. 427 h->kicked = true; 428 TEMP_FAILURE_RETRY(dup2(dummy_fd, h->bulk_out)); 429 TEMP_FAILURE_RETRY(dup2(dummy_fd, h->bulk_in)); 430} 431 432static void usb_ffs_close(usb_handle* h) { 433 h->kicked = false; 434 adb_close(h->bulk_out); 435 adb_close(h->bulk_in); 436 // Notify usb_adb_open_thread to open a new connection. 437 h->lock.lock(); 438 h->open_new_connection = true; 439 h->lock.unlock(); 440 h->notify.notify_one(); 441} 442 443static void usb_ffs_init() { 444 D("[ usb_init - using FunctionFS ]"); 445 446 usb_handle* h = new usb_handle(); 447 448 h->write = usb_ffs_write; 449 h->read = usb_ffs_read; 450 h->kick = usb_ffs_kick; 451 h->close = usb_ffs_close; 452 453 D("[ usb_init - starting thread ]"); 454 std::thread(usb_ffs_open_thread, h).detach(); 455} 456 457void usb_init() { 458 dummy_fd = adb_open("/dev/null", O_WRONLY); 459 CHECK_NE(dummy_fd, -1); 460 usb_ffs_init(); 461} 462 463int usb_write(usb_handle* h, const void* data, int len) { 464 return h->write(h, data, len); 465} 466 467int usb_read(usb_handle* h, void* data, int len) { 468 return h->read(h, data, len); 469} 470 471int usb_close(usb_handle* h) { 472 h->close(h); 473 return 0; 474} 475 476void usb_kick(usb_handle* h) { 477 h->kick(h); 478} 479