1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3  * Driver for USB Mass Storage compliant devices
4  *
5  * Current development and maintenance by:
6  *   (c) 1999-2003 Matthew Dharm (mdharm-usb@one-eyed-alien.net)
7  *
8  * Developed with the assistance of:
9  *   (c) 2000 David L. Brown, Jr. (usb-storage@davidb.org)
10  *   (c) 2003-2009 Alan Stern (stern@rowland.harvard.edu)
11  *
12  * Initial work by:
13  *   (c) 1999 Michael Gee (michael@linuxspecific.com)
14  *
15  * usb_device_id support by Adam J. Richter (adam@yggdrasil.com):
16  *   (c) 2000 Yggdrasil Computing, Inc.
17  *
18  * This driver is based on the 'USB Mass Storage Class' document. This
19  * describes in detail the protocol used to communicate with such
20  * devices.  Clearly, the designers had SCSI and ATAPI commands in
21  * mind when they created this document.  The commands are all very
22  * similar to commands in the SCSI-II and ATAPI specifications.
23  *
24  * It is important to note that in a number of cases this class
25  * exhibits class-specific exemptions from the USB specification.
26  * Notably the usage of NAK, STALL and ACK differs from the norm, in
27  * that they are used to communicate wait, failed and OK on commands.
28  *
29  * Also, for certain devices, the interrupt endpoint is used to convey
30  * status of a command.
31  */
32 
33 #ifdef CONFIG_USB_STORAGE_DEBUG
34 #define DEBUG
35 #endif
36 
37 #include <linux/sched.h>
38 #include <linux/errno.h>
39 #include <linux/module.h>
40 #include <linux/slab.h>
41 #include <linux/kthread.h>
42 #include <linux/mutex.h>
43 #include <linux/utsname.h>
44 
45 #include <scsi/scsi.h>
46 #include <scsi/scsi_cmnd.h>
47 #include <scsi/scsi_device.h>
48 
49 #include "usb.h"
50 #include "scsiglue.h"
51 #include "transport.h"
52 #include "protocol.h"
53 #include "debug.h"
54 #include "initializers.h"
55 
56 #include "sierra_ms.h"
57 #include "option_ms.h"
58 
59 #if IS_ENABLED(CONFIG_USB_UAS)
60 #include "uas-detect.h"
61 #endif
62 
63 #define DRV_NAME "usb-storage"
64 
65 /* Some informational data */
66 MODULE_AUTHOR("Matthew Dharm <mdharm-usb@one-eyed-alien.net>");
67 MODULE_DESCRIPTION("USB Mass Storage driver for Linux");
68 MODULE_LICENSE("GPL");
69 
70 static unsigned int delay_use = 1;
71 module_param(delay_use, uint, S_IRUGO | S_IWUSR);
72 MODULE_PARM_DESC(delay_use, "seconds to delay before using a new device");
73 
74 static char quirks[128];
75 module_param_string(quirks, quirks, sizeof(quirks), S_IRUGO | S_IWUSR);
76 MODULE_PARM_DESC(quirks, "supplemental list of device IDs and their quirks");
77 
78 
79 /*
80  * The entries in this table correspond, line for line,
81  * with the entries in usb_storage_usb_ids[], defined in usual-tables.c.
82  */
83 
84 /*
85  *The vendor name should be kept at eight characters or less, and
86  * the product name should be kept at 16 characters or less. If a device
87  * has the US_FL_FIX_INQUIRY flag, then the vendor and product names
88  * normally generated by a device through the INQUIRY response will be
89  * taken from this list, and this is the reason for the above size
90  * restriction. However, if the flag is not present, then you
91  * are free to use as many characters as you like.
92  */
93 
94 #define UNUSUAL_DEV(idVendor, idProduct, bcdDeviceMin, bcdDeviceMax, \
95 		    vendor_name, product_name, use_protocol, use_transport, \
96 		    init_function, Flags) \
97 { \
98 	.vendorName = vendor_name,	\
99 	.productName = product_name,	\
100 	.useProtocol = use_protocol,	\
101 	.useTransport = use_transport,	\
102 	.initFunction = init_function,	\
103 }
104 
105 #define COMPLIANT_DEV	UNUSUAL_DEV
106 
107 #define USUAL_DEV(use_protocol, use_transport) \
108 { \
109 	.useProtocol = use_protocol,	\
110 	.useTransport = use_transport,	\
111 }
112 
113 #define UNUSUAL_VENDOR_INTF(idVendor, cl, sc, pr, \
114 		vendor_name, product_name, use_protocol, use_transport, \
115 		init_function, Flags) \
116 { \
117 	.vendorName = vendor_name,	\
118 	.productName = product_name,	\
119 	.useProtocol = use_protocol,	\
120 	.useTransport = use_transport,	\
121 	.initFunction = init_function,	\
122 }
123 
124 static struct us_unusual_dev us_unusual_dev_list[] = {
125 #	include "unusual_devs.h"
126 	{ }		/* Terminating entry */
127 };
128 
129 static struct us_unusual_dev for_dynamic_ids =
130 		USUAL_DEV(USB_SC_SCSI, USB_PR_BULK);
131 
132 #undef UNUSUAL_DEV
133 #undef COMPLIANT_DEV
134 #undef USUAL_DEV
135 #undef UNUSUAL_VENDOR_INTF
136 
137 #ifdef CONFIG_LOCKDEP
138 
139 static struct lock_class_key us_interface_key[USB_MAXINTERFACES];
140 
us_set_lock_class(struct mutex * mutex,struct usb_interface * intf)141 static void us_set_lock_class(struct mutex *mutex,
142 		struct usb_interface *intf)
143 {
144 	struct usb_device *udev = interface_to_usbdev(intf);
145 	struct usb_host_config *config = udev->actconfig;
146 	int i;
147 
148 	for (i = 0; i < config->desc.bNumInterfaces; i++) {
149 		if (config->interface[i] == intf)
150 			break;
151 	}
152 
153 	BUG_ON(i == config->desc.bNumInterfaces);
154 
155 	lockdep_set_class(mutex, &us_interface_key[i]);
156 }
157 
158 #else
159 
us_set_lock_class(struct mutex * mutex,struct usb_interface * intf)160 static void us_set_lock_class(struct mutex *mutex,
161 		struct usb_interface *intf)
162 {
163 }
164 
165 #endif
166 
167 #ifdef CONFIG_PM	/* Minimal support for suspend and resume */
168 
usb_stor_suspend(struct usb_interface * iface,pm_message_t message)169 int usb_stor_suspend(struct usb_interface *iface, pm_message_t message)
170 {
171 	struct us_data *us = usb_get_intfdata(iface);
172 
173 	/* Wait until no command is running */
174 	mutex_lock(&us->dev_mutex);
175 
176 	if (us->suspend_resume_hook)
177 		(us->suspend_resume_hook)(us, US_SUSPEND);
178 
179 	/*
180 	 * When runtime PM is working, we'll set a flag to indicate
181 	 * whether we should autoresume when a SCSI request arrives.
182 	 */
183 
184 	mutex_unlock(&us->dev_mutex);
185 	return 0;
186 }
187 EXPORT_SYMBOL_GPL(usb_stor_suspend);
188 
usb_stor_resume(struct usb_interface * iface)189 int usb_stor_resume(struct usb_interface *iface)
190 {
191 	struct us_data *us = usb_get_intfdata(iface);
192 
193 	mutex_lock(&us->dev_mutex);
194 
195 	if (us->suspend_resume_hook)
196 		(us->suspend_resume_hook)(us, US_RESUME);
197 
198 	mutex_unlock(&us->dev_mutex);
199 	return 0;
200 }
201 EXPORT_SYMBOL_GPL(usb_stor_resume);
202 
usb_stor_reset_resume(struct usb_interface * iface)203 int usb_stor_reset_resume(struct usb_interface *iface)
204 {
205 	struct us_data *us = usb_get_intfdata(iface);
206 
207 	/* Report the reset to the SCSI core */
208 	usb_stor_report_bus_reset(us);
209 
210 	/*
211 	 * If any of the subdrivers implemented a reinitialization scheme,
212 	 * this is where the callback would be invoked.
213 	 */
214 	return 0;
215 }
216 EXPORT_SYMBOL_GPL(usb_stor_reset_resume);
217 
218 #endif /* CONFIG_PM */
219 
220 /*
221  * The next two routines get called just before and just after
222  * a USB port reset, whether from this driver or a different one.
223  */
224 
usb_stor_pre_reset(struct usb_interface * iface)225 int usb_stor_pre_reset(struct usb_interface *iface)
226 {
227 	struct us_data *us = usb_get_intfdata(iface);
228 
229 	/* Make sure no command runs during the reset */
230 	mutex_lock(&us->dev_mutex);
231 	return 0;
232 }
233 EXPORT_SYMBOL_GPL(usb_stor_pre_reset);
234 
usb_stor_post_reset(struct usb_interface * iface)235 int usb_stor_post_reset(struct usb_interface *iface)
236 {
237 	struct us_data *us = usb_get_intfdata(iface);
238 
239 	/* Report the reset to the SCSI core */
240 	usb_stor_report_bus_reset(us);
241 
242 	/*
243 	 * If any of the subdrivers implemented a reinitialization scheme,
244 	 * this is where the callback would be invoked.
245 	 */
246 
247 	mutex_unlock(&us->dev_mutex);
248 	return 0;
249 }
250 EXPORT_SYMBOL_GPL(usb_stor_post_reset);
251 
252 /*
253  * fill_inquiry_response takes an unsigned char array (which must
254  * be at least 36 characters) and populates the vendor name,
255  * product name, and revision fields. Then the array is copied
256  * into the SCSI command's response buffer (oddly enough
257  * called request_buffer). data_len contains the length of the
258  * data array, which again must be at least 36.
259  */
260 
fill_inquiry_response(struct us_data * us,unsigned char * data,unsigned int data_len)261 void fill_inquiry_response(struct us_data *us, unsigned char *data,
262 		unsigned int data_len)
263 {
264 	if (data_len < 36) /* You lose. */
265 		return;
266 
267 	memset(data+8, ' ', 28);
268 	if (data[0]&0x20) { /*
269 			     * USB device currently not connected. Return
270 			     * peripheral qualifier 001b ("...however, the
271 			     * physical device is not currently connected
272 			     * to this logical unit") and leave vendor and
273 			     * product identification empty. ("If the target
274 			     * does store some of the INQUIRY data on the
275 			     * device, it may return zeros or ASCII spaces
276 			     * (20h) in those fields until the data is
277 			     * available from the device.").
278 			     */
279 	} else {
280 		u16 bcdDevice = le16_to_cpu(us->pusb_dev->descriptor.bcdDevice);
281 		int n;
282 
283 		n = strlen(us->unusual_dev->vendorName);
284 		memcpy(data+8, us->unusual_dev->vendorName, min(8, n));
285 		n = strlen(us->unusual_dev->productName);
286 		memcpy(data+16, us->unusual_dev->productName, min(16, n));
287 
288 		data[32] = 0x30 + ((bcdDevice>>12) & 0x0F);
289 		data[33] = 0x30 + ((bcdDevice>>8) & 0x0F);
290 		data[34] = 0x30 + ((bcdDevice>>4) & 0x0F);
291 		data[35] = 0x30 + ((bcdDevice) & 0x0F);
292 	}
293 
294 	usb_stor_set_xfer_buf(data, data_len, us->srb);
295 }
296 EXPORT_SYMBOL_GPL(fill_inquiry_response);
297 
usb_stor_control_thread(void * __us)298 static int usb_stor_control_thread(void * __us)
299 {
300 	struct us_data *us = (struct us_data *)__us;
301 	struct Scsi_Host *host = us_to_host(us);
302 	struct scsi_cmnd *srb;
303 
304 	for (;;) {
305 		usb_stor_dbg(us, "*** thread sleeping\n");
306 		if (wait_for_completion_interruptible(&us->cmnd_ready))
307 			break;
308 
309 		usb_stor_dbg(us, "*** thread awakened\n");
310 
311 		/* lock the device pointers */
312 		mutex_lock(&(us->dev_mutex));
313 
314 		/* lock access to the state */
315 		scsi_lock(host);
316 
317 		/* When we are called with no command pending, we're done */
318 		srb = us->srb;
319 		if (srb == NULL) {
320 			scsi_unlock(host);
321 			mutex_unlock(&us->dev_mutex);
322 			usb_stor_dbg(us, "-- exiting\n");
323 			break;
324 		}
325 
326 		/* has the command timed out *already* ? */
327 		if (test_bit(US_FLIDX_TIMED_OUT, &us->dflags)) {
328 			srb->result = DID_ABORT << 16;
329 			goto SkipForAbort;
330 		}
331 
332 		scsi_unlock(host);
333 
334 		/*
335 		 * reject the command if the direction indicator
336 		 * is UNKNOWN
337 		 */
338 		if (srb->sc_data_direction == DMA_BIDIRECTIONAL) {
339 			usb_stor_dbg(us, "UNKNOWN data direction\n");
340 			srb->result = DID_ERROR << 16;
341 		}
342 
343 		/*
344 		 * reject if target != 0 or if LUN is higher than
345 		 * the maximum known LUN
346 		 */
347 		else if (srb->device->id &&
348 				!(us->fflags & US_FL_SCM_MULT_TARG)) {
349 			usb_stor_dbg(us, "Bad target number (%d:%llu)\n",
350 				     srb->device->id,
351 				     srb->device->lun);
352 			srb->result = DID_BAD_TARGET << 16;
353 		}
354 
355 		else if (srb->device->lun > us->max_lun) {
356 			usb_stor_dbg(us, "Bad LUN (%d:%llu)\n",
357 				     srb->device->id,
358 				     srb->device->lun);
359 			srb->result = DID_BAD_TARGET << 16;
360 		}
361 
362 		/*
363 		 * Handle those devices which need us to fake
364 		 * their inquiry data
365 		 */
366 		else if ((srb->cmnd[0] == INQUIRY) &&
367 			    (us->fflags & US_FL_FIX_INQUIRY)) {
368 			unsigned char data_ptr[36] = {
369 			    0x00, 0x80, 0x02, 0x02,
370 			    0x1F, 0x00, 0x00, 0x00};
371 
372 			usb_stor_dbg(us, "Faking INQUIRY command\n");
373 			fill_inquiry_response(us, data_ptr, 36);
374 			srb->result = SAM_STAT_GOOD;
375 		}
376 
377 		/* we've got a command, let's do it! */
378 		else {
379 			US_DEBUG(usb_stor_show_command(us, srb));
380 			us->proto_handler(srb, us);
381 			usb_mark_last_busy(us->pusb_dev);
382 		}
383 
384 		/* lock access to the state */
385 		scsi_lock(host);
386 
387 		/* was the command aborted? */
388 		if (srb->result == DID_ABORT << 16) {
389 SkipForAbort:
390 			usb_stor_dbg(us, "scsi command aborted\n");
391 			srb = NULL;	/* Don't call srb->scsi_done() */
392 		}
393 
394 		/*
395 		 * If an abort request was received we need to signal that
396 		 * the abort has finished.  The proper test for this is
397 		 * the TIMED_OUT flag, not srb->result == DID_ABORT, because
398 		 * the timeout might have occurred after the command had
399 		 * already completed with a different result code.
400 		 */
401 		if (test_bit(US_FLIDX_TIMED_OUT, &us->dflags)) {
402 			complete(&(us->notify));
403 
404 			/* Allow USB transfers to resume */
405 			clear_bit(US_FLIDX_ABORTING, &us->dflags);
406 			clear_bit(US_FLIDX_TIMED_OUT, &us->dflags);
407 		}
408 
409 		/* finished working on this command */
410 		us->srb = NULL;
411 		scsi_unlock(host);
412 
413 		/* unlock the device pointers */
414 		mutex_unlock(&us->dev_mutex);
415 
416 		/* now that the locks are released, notify the SCSI core */
417 		if (srb) {
418 			usb_stor_dbg(us, "scsi cmd done, result=0x%x\n",
419 					srb->result);
420 			srb->scsi_done(srb);
421 		}
422 	} /* for (;;) */
423 
424 	/* Wait until we are told to stop */
425 	for (;;) {
426 		set_current_state(TASK_INTERRUPTIBLE);
427 		if (kthread_should_stop())
428 			break;
429 		schedule();
430 	}
431 	__set_current_state(TASK_RUNNING);
432 	return 0;
433 }
434 
435 /***********************************************************************
436  * Device probing and disconnecting
437  ***********************************************************************/
438 
439 /* Associate our private data with the USB device */
associate_dev(struct us_data * us,struct usb_interface * intf)440 static int associate_dev(struct us_data *us, struct usb_interface *intf)
441 {
442 	/* Fill in the device-related fields */
443 	us->pusb_dev = interface_to_usbdev(intf);
444 	us->pusb_intf = intf;
445 	us->ifnum = intf->cur_altsetting->desc.bInterfaceNumber;
446 	usb_stor_dbg(us, "Vendor: 0x%04x, Product: 0x%04x, Revision: 0x%04x\n",
447 		     le16_to_cpu(us->pusb_dev->descriptor.idVendor),
448 		     le16_to_cpu(us->pusb_dev->descriptor.idProduct),
449 		     le16_to_cpu(us->pusb_dev->descriptor.bcdDevice));
450 	usb_stor_dbg(us, "Interface Subclass: 0x%02x, Protocol: 0x%02x\n",
451 		     intf->cur_altsetting->desc.bInterfaceSubClass,
452 		     intf->cur_altsetting->desc.bInterfaceProtocol);
453 
454 	/* Store our private data in the interface */
455 	usb_set_intfdata(intf, us);
456 
457 	/* Allocate the control/setup and DMA-mapped buffers */
458 	us->cr = kmalloc(sizeof(*us->cr), GFP_KERNEL);
459 	if (!us->cr)
460 		return -ENOMEM;
461 
462 	us->iobuf = usb_alloc_coherent(us->pusb_dev, US_IOBUF_SIZE,
463 			GFP_KERNEL, &us->iobuf_dma);
464 	if (!us->iobuf) {
465 		usb_stor_dbg(us, "I/O buffer allocation failed\n");
466 		return -ENOMEM;
467 	}
468 	return 0;
469 }
470 
471 /* Works only for digits and letters, but small and fast */
472 #define TOLOWER(x) ((x) | 0x20)
473 
474 /* Adjust device flags based on the "quirks=" module parameter */
usb_stor_adjust_quirks(struct usb_device * udev,unsigned long * fflags)475 void usb_stor_adjust_quirks(struct usb_device *udev, unsigned long *fflags)
476 {
477 	char *p;
478 	u16 vid = le16_to_cpu(udev->descriptor.idVendor);
479 	u16 pid = le16_to_cpu(udev->descriptor.idProduct);
480 	unsigned f = 0;
481 	unsigned int mask = (US_FL_SANE_SENSE | US_FL_BAD_SENSE |
482 			US_FL_FIX_CAPACITY | US_FL_IGNORE_UAS |
483 			US_FL_CAPACITY_HEURISTICS | US_FL_IGNORE_DEVICE |
484 			US_FL_NOT_LOCKABLE | US_FL_MAX_SECTORS_64 |
485 			US_FL_CAPACITY_OK | US_FL_IGNORE_RESIDUE |
486 			US_FL_SINGLE_LUN | US_FL_NO_WP_DETECT |
487 			US_FL_NO_READ_DISC_INFO | US_FL_NO_READ_CAPACITY_16 |
488 			US_FL_INITIAL_READ10 | US_FL_WRITE_CACHE |
489 			US_FL_NO_ATA_1X | US_FL_NO_REPORT_OPCODES |
490 			US_FL_MAX_SECTORS_240 | US_FL_NO_REPORT_LUNS |
491 			US_FL_ALWAYS_SYNC);
492 
493 	p = quirks;
494 	while (*p) {
495 		/* Each entry consists of VID:PID:flags */
496 		if (vid == simple_strtoul(p, &p, 16) &&
497 				*p == ':' &&
498 				pid == simple_strtoul(p+1, &p, 16) &&
499 				*p == ':')
500 			break;
501 
502 		/* Move forward to the next entry */
503 		while (*p) {
504 			if (*p++ == ',')
505 				break;
506 		}
507 	}
508 	if (!*p)	/* No match */
509 		return;
510 
511 	/* Collect the flags */
512 	while (*++p && *p != ',') {
513 		switch (TOLOWER(*p)) {
514 		case 'a':
515 			f |= US_FL_SANE_SENSE;
516 			break;
517 		case 'b':
518 			f |= US_FL_BAD_SENSE;
519 			break;
520 		case 'c':
521 			f |= US_FL_FIX_CAPACITY;
522 			break;
523 		case 'd':
524 			f |= US_FL_NO_READ_DISC_INFO;
525 			break;
526 		case 'e':
527 			f |= US_FL_NO_READ_CAPACITY_16;
528 			break;
529 		case 'f':
530 			f |= US_FL_NO_REPORT_OPCODES;
531 			break;
532 		case 'g':
533 			f |= US_FL_MAX_SECTORS_240;
534 			break;
535 		case 'h':
536 			f |= US_FL_CAPACITY_HEURISTICS;
537 			break;
538 		case 'i':
539 			f |= US_FL_IGNORE_DEVICE;
540 			break;
541 		case 'j':
542 			f |= US_FL_NO_REPORT_LUNS;
543 			break;
544 		case 'l':
545 			f |= US_FL_NOT_LOCKABLE;
546 			break;
547 		case 'm':
548 			f |= US_FL_MAX_SECTORS_64;
549 			break;
550 		case 'n':
551 			f |= US_FL_INITIAL_READ10;
552 			break;
553 		case 'o':
554 			f |= US_FL_CAPACITY_OK;
555 			break;
556 		case 'p':
557 			f |= US_FL_WRITE_CACHE;
558 			break;
559 		case 'r':
560 			f |= US_FL_IGNORE_RESIDUE;
561 			break;
562 		case 's':
563 			f |= US_FL_SINGLE_LUN;
564 			break;
565 		case 't':
566 			f |= US_FL_NO_ATA_1X;
567 			break;
568 		case 'u':
569 			f |= US_FL_IGNORE_UAS;
570 			break;
571 		case 'w':
572 			f |= US_FL_NO_WP_DETECT;
573 			break;
574 		case 'y':
575 			f |= US_FL_ALWAYS_SYNC;
576 			break;
577 		/* Ignore unrecognized flag characters */
578 		}
579 	}
580 	*fflags = (*fflags & ~mask) | f;
581 }
582 EXPORT_SYMBOL_GPL(usb_stor_adjust_quirks);
583 
584 /* Get the unusual_devs entries and the string descriptors */
get_device_info(struct us_data * us,const struct usb_device_id * id,struct us_unusual_dev * unusual_dev)585 static int get_device_info(struct us_data *us, const struct usb_device_id *id,
586 		struct us_unusual_dev *unusual_dev)
587 {
588 	struct usb_device *dev = us->pusb_dev;
589 	struct usb_interface_descriptor *idesc =
590 		&us->pusb_intf->cur_altsetting->desc;
591 	struct device *pdev = &us->pusb_intf->dev;
592 
593 	/* Store the entries */
594 	us->unusual_dev = unusual_dev;
595 	us->subclass = (unusual_dev->useProtocol == USB_SC_DEVICE) ?
596 			idesc->bInterfaceSubClass :
597 			unusual_dev->useProtocol;
598 	us->protocol = (unusual_dev->useTransport == USB_PR_DEVICE) ?
599 			idesc->bInterfaceProtocol :
600 			unusual_dev->useTransport;
601 	us->fflags = id->driver_info;
602 	usb_stor_adjust_quirks(us->pusb_dev, &us->fflags);
603 
604 	if (us->fflags & US_FL_IGNORE_DEVICE) {
605 		dev_info(pdev, "device ignored\n");
606 		return -ENODEV;
607 	}
608 
609 	/*
610 	 * This flag is only needed when we're in high-speed, so let's
611 	 * disable it if we're in full-speed
612 	 */
613 	if (dev->speed != USB_SPEED_HIGH)
614 		us->fflags &= ~US_FL_GO_SLOW;
615 
616 	if (us->fflags)
617 		dev_info(pdev, "Quirks match for vid %04x pid %04x: %lx\n",
618 				le16_to_cpu(dev->descriptor.idVendor),
619 				le16_to_cpu(dev->descriptor.idProduct),
620 				us->fflags);
621 
622 	/*
623 	 * Log a message if a non-generic unusual_dev entry contains an
624 	 * unnecessary subclass or protocol override.  This may stimulate
625 	 * reports from users that will help us remove unneeded entries
626 	 * from the unusual_devs.h table.
627 	 */
628 	if (id->idVendor || id->idProduct) {
629 		static const char *msgs[3] = {
630 			"an unneeded SubClass entry",
631 			"an unneeded Protocol entry",
632 			"unneeded SubClass and Protocol entries"};
633 		struct usb_device_descriptor *ddesc = &dev->descriptor;
634 		int msg = -1;
635 
636 		if (unusual_dev->useProtocol != USB_SC_DEVICE &&
637 			us->subclass == idesc->bInterfaceSubClass)
638 			msg += 1;
639 		if (unusual_dev->useTransport != USB_PR_DEVICE &&
640 			us->protocol == idesc->bInterfaceProtocol)
641 			msg += 2;
642 		if (msg >= 0 && !(us->fflags & US_FL_NEED_OVERRIDE))
643 			dev_notice(pdev, "This device "
644 					"(%04x,%04x,%04x S %02x P %02x)"
645 					" has %s in unusual_devs.h (kernel"
646 					" %s)\n"
647 					"   Please send a copy of this message to "
648 					"<linux-usb@vger.kernel.org> and "
649 					"<usb-storage@lists.one-eyed-alien.net>\n",
650 					le16_to_cpu(ddesc->idVendor),
651 					le16_to_cpu(ddesc->idProduct),
652 					le16_to_cpu(ddesc->bcdDevice),
653 					idesc->bInterfaceSubClass,
654 					idesc->bInterfaceProtocol,
655 					msgs[msg],
656 					utsname()->release);
657 	}
658 
659 	return 0;
660 }
661 
662 /* Get the transport settings */
get_transport(struct us_data * us)663 static void get_transport(struct us_data *us)
664 {
665 	switch (us->protocol) {
666 	case USB_PR_CB:
667 		us->transport_name = "Control/Bulk";
668 		us->transport = usb_stor_CB_transport;
669 		us->transport_reset = usb_stor_CB_reset;
670 		us->max_lun = 7;
671 		break;
672 
673 	case USB_PR_CBI:
674 		us->transport_name = "Control/Bulk/Interrupt";
675 		us->transport = usb_stor_CB_transport;
676 		us->transport_reset = usb_stor_CB_reset;
677 		us->max_lun = 7;
678 		break;
679 
680 	case USB_PR_BULK:
681 		us->transport_name = "Bulk";
682 		us->transport = usb_stor_Bulk_transport;
683 		us->transport_reset = usb_stor_Bulk_reset;
684 		break;
685 	}
686 }
687 
688 /* Get the protocol settings */
get_protocol(struct us_data * us)689 static void get_protocol(struct us_data *us)
690 {
691 	switch (us->subclass) {
692 	case USB_SC_RBC:
693 		us->protocol_name = "Reduced Block Commands (RBC)";
694 		us->proto_handler = usb_stor_transparent_scsi_command;
695 		break;
696 
697 	case USB_SC_8020:
698 		us->protocol_name = "8020i";
699 		us->proto_handler = usb_stor_pad12_command;
700 		us->max_lun = 0;
701 		break;
702 
703 	case USB_SC_QIC:
704 		us->protocol_name = "QIC-157";
705 		us->proto_handler = usb_stor_pad12_command;
706 		us->max_lun = 0;
707 		break;
708 
709 	case USB_SC_8070:
710 		us->protocol_name = "8070i";
711 		us->proto_handler = usb_stor_pad12_command;
712 		us->max_lun = 0;
713 		break;
714 
715 	case USB_SC_SCSI:
716 		us->protocol_name = "Transparent SCSI";
717 		us->proto_handler = usb_stor_transparent_scsi_command;
718 		break;
719 
720 	case USB_SC_UFI:
721 		us->protocol_name = "Uniform Floppy Interface (UFI)";
722 		us->proto_handler = usb_stor_ufi_command;
723 		break;
724 	}
725 }
726 
727 /* Get the pipe settings */
get_pipes(struct us_data * us)728 static int get_pipes(struct us_data *us)
729 {
730 	struct usb_host_interface *alt = us->pusb_intf->cur_altsetting;
731 	struct usb_endpoint_descriptor *ep_in;
732 	struct usb_endpoint_descriptor *ep_out;
733 	struct usb_endpoint_descriptor *ep_int;
734 	int res;
735 
736 	/*
737 	 * Find the first endpoint of each type we need.
738 	 * We are expecting a minimum of 2 endpoints - in and out (bulk).
739 	 * An optional interrupt-in is OK (necessary for CBI protocol).
740 	 * We will ignore any others.
741 	 */
742 	res = usb_find_common_endpoints(alt, &ep_in, &ep_out, NULL, NULL);
743 	if (res) {
744 		usb_stor_dbg(us, "bulk endpoints not found\n");
745 		return res;
746 	}
747 
748 	res = usb_find_int_in_endpoint(alt, &ep_int);
749 	if (res && us->protocol == USB_PR_CBI) {
750 		usb_stor_dbg(us, "interrupt endpoint not found\n");
751 		return res;
752 	}
753 
754 	/* Calculate and store the pipe values */
755 	us->send_ctrl_pipe = usb_sndctrlpipe(us->pusb_dev, 0);
756 	us->recv_ctrl_pipe = usb_rcvctrlpipe(us->pusb_dev, 0);
757 	us->send_bulk_pipe = usb_sndbulkpipe(us->pusb_dev,
758 		usb_endpoint_num(ep_out));
759 	us->recv_bulk_pipe = usb_rcvbulkpipe(us->pusb_dev,
760 		usb_endpoint_num(ep_in));
761 	if (ep_int) {
762 		us->recv_intr_pipe = usb_rcvintpipe(us->pusb_dev,
763 			usb_endpoint_num(ep_int));
764 		us->ep_bInterval = ep_int->bInterval;
765 	}
766 	return 0;
767 }
768 
769 /* Initialize all the dynamic resources we need */
usb_stor_acquire_resources(struct us_data * us)770 static int usb_stor_acquire_resources(struct us_data *us)
771 {
772 	int p;
773 	struct task_struct *th;
774 
775 	us->current_urb = usb_alloc_urb(0, GFP_KERNEL);
776 	if (!us->current_urb)
777 		return -ENOMEM;
778 
779 	/*
780 	 * Just before we start our control thread, initialize
781 	 * the device if it needs initialization
782 	 */
783 	if (us->unusual_dev->initFunction) {
784 		p = us->unusual_dev->initFunction(us);
785 		if (p)
786 			return p;
787 	}
788 
789 	/* Start up our control thread */
790 	th = kthread_run(usb_stor_control_thread, us, "usb-storage");
791 	if (IS_ERR(th)) {
792 		dev_warn(&us->pusb_intf->dev,
793 				"Unable to start control thread\n");
794 		return PTR_ERR(th);
795 	}
796 	us->ctl_thread = th;
797 
798 	return 0;
799 }
800 
801 /* Release all our dynamic resources */
usb_stor_release_resources(struct us_data * us)802 static void usb_stor_release_resources(struct us_data *us)
803 {
804 	/*
805 	 * Tell the control thread to exit.  The SCSI host must
806 	 * already have been removed and the DISCONNECTING flag set
807 	 * so that we won't accept any more commands.
808 	 */
809 	usb_stor_dbg(us, "-- sending exit command to thread\n");
810 	complete(&us->cmnd_ready);
811 	if (us->ctl_thread)
812 		kthread_stop(us->ctl_thread);
813 
814 	/* Call the destructor routine, if it exists */
815 	if (us->extra_destructor) {
816 		usb_stor_dbg(us, "-- calling extra_destructor()\n");
817 		us->extra_destructor(us->extra);
818 	}
819 
820 	/* Free the extra data and the URB */
821 	kfree(us->extra);
822 	usb_free_urb(us->current_urb);
823 }
824 
825 /* Dissociate from the USB device */
dissociate_dev(struct us_data * us)826 static void dissociate_dev(struct us_data *us)
827 {
828 	/* Free the buffers */
829 	kfree(us->cr);
830 	usb_free_coherent(us->pusb_dev, US_IOBUF_SIZE, us->iobuf, us->iobuf_dma);
831 
832 	/* Remove our private data from the interface */
833 	usb_set_intfdata(us->pusb_intf, NULL);
834 }
835 
836 /*
837  * First stage of disconnect processing: stop SCSI scanning,
838  * remove the host, and stop accepting new commands
839  */
quiesce_and_remove_host(struct us_data * us)840 static void quiesce_and_remove_host(struct us_data *us)
841 {
842 	struct Scsi_Host *host = us_to_host(us);
843 
844 	/* If the device is really gone, cut short reset delays */
845 	if (us->pusb_dev->state == USB_STATE_NOTATTACHED) {
846 		set_bit(US_FLIDX_DISCONNECTING, &us->dflags);
847 		wake_up(&us->delay_wait);
848 	}
849 
850 	/*
851 	 * Prevent SCSI scanning (if it hasn't started yet)
852 	 * or wait for the SCSI-scanning routine to stop.
853 	 */
854 	cancel_delayed_work_sync(&us->scan_dwork);
855 
856 	/* Balance autopm calls if scanning was cancelled */
857 	if (test_bit(US_FLIDX_SCAN_PENDING, &us->dflags))
858 		usb_autopm_put_interface_no_suspend(us->pusb_intf);
859 
860 	/*
861 	 * Removing the host will perform an orderly shutdown: caches
862 	 * synchronized, disks spun down, etc.
863 	 */
864 	scsi_remove_host(host);
865 
866 	/*
867 	 * Prevent any new commands from being accepted and cut short
868 	 * reset delays.
869 	 */
870 	scsi_lock(host);
871 	set_bit(US_FLIDX_DISCONNECTING, &us->dflags);
872 	scsi_unlock(host);
873 	wake_up(&us->delay_wait);
874 }
875 
876 /* Second stage of disconnect processing: deallocate all resources */
release_everything(struct us_data * us)877 static void release_everything(struct us_data *us)
878 {
879 	usb_stor_release_resources(us);
880 	dissociate_dev(us);
881 
882 	/*
883 	 * Drop our reference to the host; the SCSI core will free it
884 	 * (and "us" along with it) when the refcount becomes 0.
885 	 */
886 	scsi_host_put(us_to_host(us));
887 }
888 
889 /* Delayed-work routine to carry out SCSI-device scanning */
usb_stor_scan_dwork(struct work_struct * work)890 static void usb_stor_scan_dwork(struct work_struct *work)
891 {
892 	struct us_data *us = container_of(work, struct us_data,
893 			scan_dwork.work);
894 	struct device *dev = &us->pusb_intf->dev;
895 
896 	dev_dbg(dev, "starting scan\n");
897 
898 	/* For bulk-only devices, determine the max LUN value */
899 	if (us->protocol == USB_PR_BULK &&
900 	    !(us->fflags & US_FL_SINGLE_LUN) &&
901 	    !(us->fflags & US_FL_SCM_MULT_TARG)) {
902 		mutex_lock(&us->dev_mutex);
903 		us->max_lun = usb_stor_Bulk_max_lun(us);
904 		/*
905 		 * Allow proper scanning of devices that present more than 8 LUNs
906 		 * While not affecting other devices that may need the previous
907 		 * behavior
908 		 */
909 		if (us->max_lun >= 8)
910 			us_to_host(us)->max_lun = us->max_lun+1;
911 		mutex_unlock(&us->dev_mutex);
912 	}
913 	scsi_scan_host(us_to_host(us));
914 	dev_dbg(dev, "scan complete\n");
915 
916 	/* Should we unbind if no devices were detected? */
917 
918 	usb_autopm_put_interface(us->pusb_intf);
919 	clear_bit(US_FLIDX_SCAN_PENDING, &us->dflags);
920 }
921 
usb_stor_sg_tablesize(struct usb_interface * intf)922 static unsigned int usb_stor_sg_tablesize(struct usb_interface *intf)
923 {
924 	struct usb_device *usb_dev = interface_to_usbdev(intf);
925 
926 	if (usb_dev->bus->sg_tablesize) {
927 		return usb_dev->bus->sg_tablesize;
928 	}
929 	return SG_ALL;
930 }
931 
932 /* First part of general USB mass-storage probing */
usb_stor_probe1(struct us_data ** pus,struct usb_interface * intf,const struct usb_device_id * id,struct us_unusual_dev * unusual_dev,struct scsi_host_template * sht)933 int usb_stor_probe1(struct us_data **pus,
934 		struct usb_interface *intf,
935 		const struct usb_device_id *id,
936 		struct us_unusual_dev *unusual_dev,
937 		struct scsi_host_template *sht)
938 {
939 	struct Scsi_Host *host;
940 	struct us_data *us;
941 	int result;
942 
943 	dev_info(&intf->dev, "USB Mass Storage device detected\n");
944 
945 	/*
946 	 * Ask the SCSI layer to allocate a host structure, with extra
947 	 * space at the end for our private us_data structure.
948 	 */
949 	host = scsi_host_alloc(sht, sizeof(*us));
950 	if (!host) {
951 		dev_warn(&intf->dev, "Unable to allocate the scsi host\n");
952 		return -ENOMEM;
953 	}
954 
955 	/*
956 	 * Allow 16-byte CDBs and thus > 2TB
957 	 */
958 	host->max_cmd_len = 16;
959 	host->sg_tablesize = usb_stor_sg_tablesize(intf);
960 	*pus = us = host_to_us(host);
961 	mutex_init(&(us->dev_mutex));
962 	us_set_lock_class(&us->dev_mutex, intf);
963 	init_completion(&us->cmnd_ready);
964 	init_completion(&(us->notify));
965 	init_waitqueue_head(&us->delay_wait);
966 	INIT_DELAYED_WORK(&us->scan_dwork, usb_stor_scan_dwork);
967 
968 	/* Associate the us_data structure with the USB device */
969 	result = associate_dev(us, intf);
970 	if (result)
971 		goto BadDevice;
972 
973 	/* Get the unusual_devs entries and the descriptors */
974 	result = get_device_info(us, id, unusual_dev);
975 	if (result)
976 		goto BadDevice;
977 
978 	/* Get standard transport and protocol settings */
979 	get_transport(us);
980 	get_protocol(us);
981 
982 	/*
983 	 * Give the caller a chance to fill in specialized transport
984 	 * or protocol settings.
985 	 */
986 	return 0;
987 
988 BadDevice:
989 	usb_stor_dbg(us, "storage_probe() failed\n");
990 	release_everything(us);
991 	return result;
992 }
993 EXPORT_SYMBOL_GPL(usb_stor_probe1);
994 
995 /* Second part of general USB mass-storage probing */
usb_stor_probe2(struct us_data * us)996 int usb_stor_probe2(struct us_data *us)
997 {
998 	int result;
999 	struct device *dev = &us->pusb_intf->dev;
1000 
1001 	/* Make sure the transport and protocol have both been set */
1002 	if (!us->transport || !us->proto_handler) {
1003 		result = -ENXIO;
1004 		goto BadDevice;
1005 	}
1006 	usb_stor_dbg(us, "Transport: %s\n", us->transport_name);
1007 	usb_stor_dbg(us, "Protocol: %s\n", us->protocol_name);
1008 
1009 	if (us->fflags & US_FL_SCM_MULT_TARG) {
1010 		/*
1011 		 * SCM eUSCSI bridge devices can have different numbers
1012 		 * of LUNs on different targets; allow all to be probed.
1013 		 */
1014 		us->max_lun = 7;
1015 		/* The eUSCSI itself has ID 7, so avoid scanning that */
1016 		us_to_host(us)->this_id = 7;
1017 		/* max_id is 8 initially, so no need to set it here */
1018 	} else {
1019 		/* In the normal case there is only a single target */
1020 		us_to_host(us)->max_id = 1;
1021 		/*
1022 		 * Like Windows, we won't store the LUN bits in CDB[1] for
1023 		 * SCSI-2 devices using the Bulk-Only transport (even though
1024 		 * this violates the SCSI spec).
1025 		 */
1026 		if (us->transport == usb_stor_Bulk_transport)
1027 			us_to_host(us)->no_scsi2_lun_in_cdb = 1;
1028 	}
1029 
1030 	/* fix for single-lun devices */
1031 	if (us->fflags & US_FL_SINGLE_LUN)
1032 		us->max_lun = 0;
1033 
1034 	/* Find the endpoints and calculate pipe values */
1035 	result = get_pipes(us);
1036 	if (result)
1037 		goto BadDevice;
1038 
1039 	/*
1040 	 * If the device returns invalid data for the first READ(10)
1041 	 * command, indicate the command should be retried.
1042 	 */
1043 	if (us->fflags & US_FL_INITIAL_READ10)
1044 		set_bit(US_FLIDX_REDO_READ10, &us->dflags);
1045 
1046 	/* Acquire all the other resources and add the host */
1047 	result = usb_stor_acquire_resources(us);
1048 	if (result)
1049 		goto BadDevice;
1050 	usb_autopm_get_interface_no_resume(us->pusb_intf);
1051 	snprintf(us->scsi_name, sizeof(us->scsi_name), "usb-storage %s",
1052 					dev_name(&us->pusb_intf->dev));
1053 	result = scsi_add_host(us_to_host(us), dev);
1054 	if (result) {
1055 		dev_warn(dev,
1056 				"Unable to add the scsi host\n");
1057 		goto HostAddErr;
1058 	}
1059 
1060 	/* Submit the delayed_work for SCSI-device scanning */
1061 	set_bit(US_FLIDX_SCAN_PENDING, &us->dflags);
1062 
1063 	if (delay_use > 0)
1064 		dev_dbg(dev, "waiting for device to settle before scanning\n");
1065 	queue_delayed_work(system_freezable_wq, &us->scan_dwork,
1066 			delay_use * HZ);
1067 	return 0;
1068 
1069 	/* We come here if there are any problems */
1070 HostAddErr:
1071 	usb_autopm_put_interface_no_suspend(us->pusb_intf);
1072 BadDevice:
1073 	usb_stor_dbg(us, "storage_probe() failed\n");
1074 	release_everything(us);
1075 	return result;
1076 }
1077 EXPORT_SYMBOL_GPL(usb_stor_probe2);
1078 
1079 /* Handle a USB mass-storage disconnect */
usb_stor_disconnect(struct usb_interface * intf)1080 void usb_stor_disconnect(struct usb_interface *intf)
1081 {
1082 	struct us_data *us = usb_get_intfdata(intf);
1083 
1084 	quiesce_and_remove_host(us);
1085 	release_everything(us);
1086 }
1087 EXPORT_SYMBOL_GPL(usb_stor_disconnect);
1088 
1089 static struct scsi_host_template usb_stor_host_template;
1090 
1091 /* The main probe routine for standard devices */
storage_probe(struct usb_interface * intf,const struct usb_device_id * id)1092 static int storage_probe(struct usb_interface *intf,
1093 			 const struct usb_device_id *id)
1094 {
1095 	struct us_unusual_dev *unusual_dev;
1096 	struct us_data *us;
1097 	int result;
1098 	int size;
1099 
1100 	/* If uas is enabled and this device can do uas then ignore it. */
1101 #if IS_ENABLED(CONFIG_USB_UAS)
1102 	if (uas_use_uas_driver(intf, id, NULL))
1103 		return -ENXIO;
1104 #endif
1105 
1106 	/*
1107 	 * If the device isn't standard (is handled by a subdriver
1108 	 * module) then don't accept it.
1109 	 */
1110 	if (usb_usual_ignore_device(intf))
1111 		return -ENXIO;
1112 
1113 	/*
1114 	 * Call the general probe procedures.
1115 	 *
1116 	 * The unusual_dev_list array is parallel to the usb_storage_usb_ids
1117 	 * table, so we use the index of the id entry to find the
1118 	 * corresponding unusual_devs entry.
1119 	 */
1120 
1121 	size = ARRAY_SIZE(us_unusual_dev_list);
1122 	if (id >= usb_storage_usb_ids && id < usb_storage_usb_ids + size) {
1123 		unusual_dev = (id - usb_storage_usb_ids) + us_unusual_dev_list;
1124 	} else {
1125 		unusual_dev = &for_dynamic_ids;
1126 
1127 		dev_dbg(&intf->dev, "Use Bulk-Only transport with the Transparent SCSI protocol for dynamic id: 0x%04x 0x%04x\n",
1128 			id->idVendor, id->idProduct);
1129 	}
1130 
1131 	result = usb_stor_probe1(&us, intf, id, unusual_dev,
1132 				 &usb_stor_host_template);
1133 	if (result)
1134 		return result;
1135 
1136 	/* No special transport or protocol settings in the main module */
1137 
1138 	result = usb_stor_probe2(us);
1139 	return result;
1140 }
1141 
1142 static struct usb_driver usb_storage_driver = {
1143 	.name =		DRV_NAME,
1144 	.probe =	storage_probe,
1145 	.disconnect =	usb_stor_disconnect,
1146 	.suspend =	usb_stor_suspend,
1147 	.resume =	usb_stor_resume,
1148 	.reset_resume =	usb_stor_reset_resume,
1149 	.pre_reset =	usb_stor_pre_reset,
1150 	.post_reset =	usb_stor_post_reset,
1151 	.id_table =	usb_storage_usb_ids,
1152 	.supports_autosuspend = 1,
1153 	.soft_unbind =	1,
1154 };
1155 
1156 module_usb_stor_driver(usb_storage_driver, usb_stor_host_template, DRV_NAME);
1157