FreeRDP
Loading...
Searching...
No Matches
data_transfer.c
1
21#include <stdio.h>
22#include <stdlib.h>
23#include <string.h>
24
25#include <winpr/sysinfo.h>
26#include <winpr/cast.h>
27
28#include <urbdrc_helpers.h>
29
30#include "urbdrc_types.h"
31#include "data_transfer.h"
32#include "msusb.h"
33
34static void usb_process_get_port_status(IUDEVICE* pdev, wStream* out)
35{
36 int bcdUSB = pdev->query_device_descriptor(pdev, BCD_USB);
37
38 switch (bcdUSB)
39 {
40 case USB_v1_0:
41 Stream_Write_UINT32(out, 0x303);
42 break;
43
44 case USB_v1_1:
45 Stream_Write_UINT32(out, 0x103);
46 break;
47
48 case USB_v2_0:
49 default:
50 Stream_Write_UINT32(out, 0x503);
51 break;
52 }
53}
54
55/* [MS-RDPEUSB] 2.2.10.1.1TS_URB_RESULT_HEADER */
56static BOOL write_urb_result_header(wStream* s, UINT16 Size, UINT32 status)
57{
58 if (!Stream_EnsureRemainingCapacity(s, 8ULL + Size))
59 return FALSE;
60 Stream_Write_UINT16(s, Size);
61 Stream_Seek_UINT16(s);
62 Stream_Write_UINT32(s, status);
63 return TRUE;
64}
65
66/* [MS-RDPEUSB] 2.2.7.2 URB Completion (URB_COMPLETION)
67 * 2.2.7.3 URB Completion No Data (URB_COMPLETION_NO_DATA)
68 */
69static wStream* create_urb_completion_message(UINT32 InterfaceId, UINT32 MessageId,
70 UINT32 RequestId, UINT32 FunctionId)
71{
72 wStream* out =
73 create_shared_message_header_with_functionid(InterfaceId, MessageId, FunctionId, 4);
74 if (!out)
75 return NULL;
76
77 Stream_Write_UINT32(out, RequestId);
78 return out;
79}
80
81static UINT send_urb_completion_message(GENERIC_CHANNEL_CALLBACK* callback, wStream* out,
82 HRESULT hResult, UINT32 OutputSize, const void* data)
83{
84 WINPR_ASSERT(callback);
85 UINT status = ERROR_OUTOFMEMORY;
86
87 if (!Stream_EnsureRemainingCapacity(out, 8ULL + OutputSize))
88 goto fail;
89
90 Stream_Write_INT32(out, hResult);
91 Stream_Write_UINT32(out, OutputSize);
92 Stream_Write(out, data, OutputSize);
93 return stream_write_and_free(callback->plugin, callback->channel, out);
94
95fail:
96 Stream_Free(out, TRUE);
97 return status;
98}
99
100static UINT urb_write_completion(WINPR_ATTR_UNUSED IUDEVICE* pdev,
101 GENERIC_CHANNEL_CALLBACK* callback, BOOL noAck, wStream* out,
102 UINT32 InterfaceId, UINT32 MessageId, UINT32 RequestId,
103 UINT32 usbd_status, UINT32 OutputBufferSize)
104{
105 if (!out)
106 return ERROR_INVALID_PARAMETER;
107
108 if (Stream_Capacity(out) < OutputBufferSize + 36)
109 {
110 Stream_Free(out, TRUE);
111 return ERROR_INVALID_PARAMETER;
112 }
113
114 Stream_SetPosition(out, 0);
115
116 const UINT32 FunctionId = (OutputBufferSize != 0) ? URB_COMPLETION : URB_COMPLETION_NO_DATA;
117 if (!write_shared_message_header_with_functionid(out, InterfaceId, MessageId, FunctionId))
118 {
119 Stream_Free(out, TRUE);
120 return ERROR_OUTOFMEMORY;
121 }
122
123 Stream_Write_UINT32(out, RequestId);
124 Stream_Write_UINT32(out, 8);
126 if (!write_urb_result_header(out, 8, usbd_status))
127 {
128 Stream_Free(out, TRUE);
129 return ERROR_OUTOFMEMORY;
130 }
131
132 Stream_Write_UINT32(out, 0);
133 Stream_Write_UINT32(out, OutputBufferSize);
134 Stream_Seek(out, OutputBufferSize);
135
136 if (!noAck)
137 return stream_write_and_free(callback->plugin, callback->channel, out);
138 else
139 Stream_Free(out, TRUE);
140
141 return ERROR_SUCCESS;
142}
143
144static wStream* urb_create_iocompletion(UINT32 InterfaceField, UINT32 MessageId, UINT32 RequestId,
145 UINT32 OutputBufferSize)
146{
147 const UINT32 InterfaceId = (STREAM_ID_PROXY << 30) | (InterfaceField & 0x3FFFFFFF);
148
149#if UINT32_MAX >= SIZE_MAX
150 if (OutputBufferSize > UINT32_MAX - 28ull)
151 return NULL;
152#endif
153
154 wStream* out = create_shared_message_header_with_functionid(
155 InterfaceId, MessageId, IOCONTROL_COMPLETION, OutputBufferSize + 16ull);
156 if (!out)
157 return NULL;
158
159 Stream_Write_UINT32(out, RequestId);
160 Stream_Write_UINT32(out, USBD_STATUS_SUCCESS);
161 Stream_Write_UINT32(out, OutputBufferSize);
162 Stream_Write_UINT32(out, OutputBufferSize);
163 return out;
164}
165
166static UINT urbdrc_process_register_request_callback(IUDEVICE* pdev,
167 GENERIC_CHANNEL_CALLBACK* callback, wStream* s,
168 IUDEVMAN* udevman)
169{
170 UINT32 NumRequestCompletion = 0;
171 UINT32 RequestCompletion = 0;
172
173 if (!callback || !s || !udevman || !pdev)
174 return ERROR_INVALID_PARAMETER;
175
176 URBDRC_PLUGIN* urbdrc = (URBDRC_PLUGIN*)callback->plugin;
177
178 if (!urbdrc)
179 return ERROR_INVALID_PARAMETER;
180
181 WLog_Print(urbdrc->log, WLOG_DEBUG, "urbdrc_process_register_request_callback");
182
183 if (!Stream_CheckAndLogRequiredLength(TAG, s, 4ULL))
184 return ERROR_INVALID_DATA;
185
186 Stream_Read_UINT32(s, NumRequestCompletion);
188 if (!Stream_CheckAndLogRequiredLength(TAG, s, 4ULL * NumRequestCompletion))
189 return ERROR_INVALID_DATA;
190 for (uint32_t x = 0; x < NumRequestCompletion; x++)
191 {
194 Stream_Read_UINT32(s, RequestCompletion);
195 pdev->set_ReqCompletion(pdev, RequestCompletion);
196 }
197
198 return ERROR_SUCCESS;
199}
200
201static UINT urbdrc_process_cancel_request(IUDEVICE* pdev, wStream* s, IUDEVMAN* udevman)
202{
203 UINT32 CancelId = 0;
204 URBDRC_PLUGIN* urbdrc = NULL;
205
206 if (!s || !udevman || !pdev)
207 return ERROR_INVALID_PARAMETER;
208
209 urbdrc = (URBDRC_PLUGIN*)udevman->plugin;
210
211 if (!Stream_CheckAndLogRequiredLength(TAG, s, 4))
212 return ERROR_INVALID_DATA;
213
214 Stream_Read_UINT32(s, CancelId);
215 WLog_Print(urbdrc->log, WLOG_DEBUG, "CANCEL_REQUEST: CancelId=%08" PRIx32 "", CancelId);
216
217 if (pdev->cancel_transfer_request(pdev, CancelId) < 0)
218 return ERROR_INTERNAL_ERROR;
219
220 return ERROR_SUCCESS;
221}
222
223static UINT urbdrc_process_retract_device_request(WINPR_ATTR_UNUSED IUDEVICE* pdev, wStream* s,
224 IUDEVMAN* udevman)
225{
226 UINT32 Reason = 0;
227 URBDRC_PLUGIN* urbdrc = NULL;
228
229 if (!s || !udevman)
230 return ERROR_INVALID_PARAMETER;
231
232 urbdrc = (URBDRC_PLUGIN*)udevman->plugin;
233
234 if (!urbdrc)
235 return ERROR_INVALID_PARAMETER;
236
237 if (!Stream_CheckAndLogRequiredLength(TAG, s, 4))
238 return ERROR_INVALID_DATA;
239
240 Stream_Read_UINT32(s, Reason);
242 switch (Reason)
243 {
244 case UsbRetractReason_BlockedByPolicy:
245 WLog_Print(urbdrc->log, WLOG_DEBUG,
246 "UsbRetractReason_BlockedByPolicy: now it is not support");
247 return ERROR_ACCESS_DENIED;
248
249 default:
250 WLog_Print(urbdrc->log, WLOG_DEBUG,
251 "urbdrc_process_retract_device_request: Unknown Reason %" PRIu32 "", Reason);
252 return ERROR_ACCESS_DENIED;
253 }
254
255 return ERROR_SUCCESS;
256}
257
258static UINT urbdrc_process_io_control(IUDEVICE* pdev, GENERIC_CHANNEL_CALLBACK* callback,
259 wStream* s, UINT32 MessageId, IUDEVMAN* udevman)
260{
261 UINT32 InterfaceId = 0;
262 UINT32 IoControlCode = 0;
263 UINT32 InputBufferSize = 0;
264 UINT32 OutputBufferSize = 0;
265 UINT32 RequestId = 0;
266 UINT32 usbd_status = USBD_STATUS_SUCCESS;
267 wStream* out = NULL;
268 int success = 0;
269 URBDRC_PLUGIN* urbdrc = NULL;
270
271 if (!callback || !s || !udevman || !pdev)
272 return ERROR_INVALID_PARAMETER;
273
274 urbdrc = (URBDRC_PLUGIN*)callback->plugin;
275
276 if (!urbdrc)
277 return ERROR_INVALID_PARAMETER;
278
279 if (!Stream_CheckAndLogRequiredLength(TAG, s, 8))
280 return ERROR_INVALID_DATA;
281
282 Stream_Read_UINT32(s, IoControlCode);
283 Stream_Read_UINT32(s, InputBufferSize);
284
285 if (!Stream_SafeSeek(s, InputBufferSize))
286 return ERROR_INVALID_DATA;
287 if (!Stream_CheckAndLogRequiredLength(TAG, s, 8ULL))
288 return ERROR_INVALID_DATA;
289
290 Stream_Read_UINT32(s, OutputBufferSize);
291 Stream_Read_UINT32(s, RequestId);
292
293 if (OutputBufferSize > UINT32_MAX - 4)
294 return ERROR_INVALID_DATA;
295
296 InterfaceId = ((STREAM_ID_PROXY << 30) | pdev->get_ReqCompletion(pdev));
297 out = urb_create_iocompletion(InterfaceId, MessageId, RequestId, OutputBufferSize + 4);
298
299 if (!out)
300 return ERROR_OUTOFMEMORY;
301
302 switch (IoControlCode)
303 {
304 case IOCTL_INTERNAL_USB_SUBMIT_URB:
305 WLog_Print(urbdrc->log, WLOG_DEBUG, "ioctl: IOCTL_INTERNAL_USB_SUBMIT_URB");
306 WLog_Print(urbdrc->log, WLOG_ERROR,
307 " Function IOCTL_INTERNAL_USB_SUBMIT_URB: Unchecked");
308 break;
309
310 case IOCTL_INTERNAL_USB_RESET_PORT:
311 WLog_Print(urbdrc->log, WLOG_DEBUG, "ioctl: IOCTL_INTERNAL_USB_RESET_PORT");
312 break;
313
314 case IOCTL_INTERNAL_USB_GET_PORT_STATUS:
315 WLog_Print(urbdrc->log, WLOG_DEBUG, "ioctl: IOCTL_INTERNAL_USB_GET_PORT_STATUS");
316 success = pdev->query_device_port_status(pdev, &usbd_status, &OutputBufferSize,
317 Stream_Pointer(out));
318
319 if (success)
320 {
321 if (!Stream_SafeSeek(out, OutputBufferSize))
322 {
323 Stream_Free(out, TRUE);
324 return ERROR_INVALID_DATA;
325 }
326
327 if (pdev->isExist(pdev) == 0)
328 Stream_Write_UINT32(out, 0);
329 else
330 usb_process_get_port_status(pdev, out);
331 }
332
333 break;
334
335 case IOCTL_INTERNAL_USB_CYCLE_PORT:
336 WLog_Print(urbdrc->log, WLOG_DEBUG, "ioctl: IOCTL_INTERNAL_USB_CYCLE_PORT");
337 WLog_Print(urbdrc->log, WLOG_ERROR,
338 " Function IOCTL_INTERNAL_USB_CYCLE_PORT: Unchecked");
339 break;
340
341 case IOCTL_INTERNAL_USB_SUBMIT_IDLE_NOTIFICATION:
342 WLog_Print(urbdrc->log, WLOG_DEBUG,
343 "ioctl: IOCTL_INTERNAL_USB_SUBMIT_IDLE_NOTIFICATION");
344 WLog_Print(urbdrc->log, WLOG_ERROR,
345 " Function IOCTL_INTERNAL_USB_SUBMIT_IDLE_NOTIFICATION: Unchecked");
346 break;
347
348 default:
349 WLog_Print(urbdrc->log, WLOG_DEBUG,
350 "urbdrc_process_io_control: unknown IoControlCode 0x%" PRIX32 "",
351 IoControlCode);
352 Stream_Free(out, TRUE);
353 return ERROR_INVALID_OPERATION;
354 }
355
356 return stream_write_and_free(callback->plugin, callback->channel, out);
357}
358
359static UINT urbdrc_process_internal_io_control(IUDEVICE* pdev, GENERIC_CHANNEL_CALLBACK* callback,
360 wStream* s, UINT32 MessageId, IUDEVMAN* udevman)
361{
362 if (!pdev || !callback || !s || !udevman)
363 return ERROR_INVALID_PARAMETER;
364
365 URBDRC_PLUGIN* urbdrc = (URBDRC_PLUGIN*)callback->plugin;
366 WINPR_ASSERT(urbdrc);
367
368 if (!Stream_CheckAndLogRequiredLength(TAG, s, 8))
369 return ERROR_INVALID_DATA;
370
371 const UINT32 IoControlCode = Stream_Get_UINT32(s);
372 if (IoControlCode != IOCTL_TSUSBGD_IOCTL_USBDI_QUERY_BUS_TIME)
373 {
374 WLog_ERR(
375 TAG,
376 "Invalid [MS-RDPEUSB] 2.2.13 USB Internal IO Control Code::IoControlCode0x%08" PRIx32
377 ", must be IOCTL_TSUSBGD_IOCTL_USBDI_QUERY_BUS_TIME [0x00224000]",
378 IoControlCode);
379 return ERROR_INVALID_DATA;
380 }
381 const UINT32 InputBufferSize = Stream_Get_UINT32(s);
382
383 if (!Stream_SafeSeek(s, InputBufferSize))
384 return ERROR_INVALID_DATA;
385 if (!Stream_CheckAndLogRequiredLength(TAG, s, 8ULL))
386 return ERROR_INVALID_DATA;
387 const UINT32 OutputBufferSize = Stream_Get_UINT32(s);
388 const UINT32 RequestId = Stream_Get_UINT32(s);
389 const UINT32 InterfaceId = ((STREAM_ID_PROXY << 30) | pdev->get_ReqCompletion(pdev));
390 // TODO: Implement control code.
392 const UINT32 frames = GetTickCount();
393
394 if (4 > OutputBufferSize)
395 {
396 WLog_Print(urbdrc->log, WLOG_DEBUG, "out_size %" PRIu32 " > OutputBufferSize %" PRIu32, 4u,
397 OutputBufferSize);
398 return ERROR_BAD_CONFIGURATION;
399 }
400 wStream* out = urb_create_iocompletion(InterfaceId, MessageId, RequestId, 4);
401
402 if (!out)
403 return ERROR_OUTOFMEMORY;
404
405 Stream_Write_UINT32(out, frames);
406 return stream_write_and_free(callback->plugin, callback->channel, out);
407}
408
409/* [MS-RDPEUSB] 2.2.6.6 Query Device Text Response Message (QUERY_DEVICE_TEXT_RSP) */
410static UINT urbdrc_send_query_device_text_response(GENERIC_CHANNEL_CALLBACK* callback,
411 UINT32 InterfaceId, UINT32 MessageId, HRESULT hr,
412 const BYTE* text, uint8_t bytelen)
413{
414 WINPR_ASSERT(callback);
415
416 const uint8_t charlen = bytelen / sizeof(WCHAR);
417 wStream* out = create_shared_message_header_with_functionid(InterfaceId, MessageId, charlen,
418 8ULL + bytelen);
419
420 if (!out)
421 return ERROR_OUTOFMEMORY;
422
423 Stream_Write(out, text, bytelen); /* '\0' terminated unicode */
424 Stream_Write_INT32(out, hr);
425 return stream_write_and_free(callback->plugin, callback->channel, out);
426}
427
428static UINT urbdrc_process_query_device_text(IUDEVICE* pdev, GENERIC_CHANNEL_CALLBACK* callback,
429 wStream* s, UINT32 MessageId, IUDEVMAN* udevman)
430{
431 UINT32 TextType = 0;
432 UINT32 LocaleId = 0;
433 UINT8 bufferSize = 0xFF;
434 BYTE DeviceDescription[0x100] = { 0 };
435
436 if (!pdev || !callback || !s || !udevman)
437 return ERROR_INVALID_PARAMETER;
438 if (!Stream_CheckAndLogRequiredLength(TAG, s, 8))
439 return ERROR_INVALID_DATA;
440
441 Stream_Read_UINT32(s, TextType);
442 Stream_Read_UINT32(s, LocaleId);
443 if (LocaleId > UINT16_MAX)
444 return ERROR_INVALID_DATA;
445
446 HRESULT hr = (HRESULT)pdev->control_query_device_text(pdev, TextType, (UINT16)LocaleId,
447 &bufferSize, DeviceDescription);
448 const UINT32 InterfaceId = ((STREAM_ID_STUB << 30) | pdev->get_UsbDevice(pdev));
449 return urbdrc_send_query_device_text_response(callback, InterfaceId, MessageId, hr,
450 DeviceDescription, bufferSize);
451}
452
453static void func_select_all_interface_for_msconfig(URBDRC_PLUGIN* urbdrc, IUDEVICE* pdev,
454 MSUSB_CONFIG_DESCRIPTOR* MsConfig)
455{
456 WINPR_ASSERT(urbdrc);
457 WINPR_ASSERT(pdev);
458 WINPR_ASSERT(MsConfig);
459
460 MSUSB_INTERFACE_DESCRIPTOR** MsInterfaces = MsConfig->MsInterfaces;
461 UINT32 NumInterfaces = MsConfig->NumInterfaces;
462
463 for (UINT32 inum = 0; inum < NumInterfaces; inum++)
464 {
465 const BYTE InterfaceNumber = MsInterfaces[inum]->InterfaceNumber;
466 const BYTE AlternateSetting = MsInterfaces[inum]->AlternateSetting;
467 const int rc = pdev->select_interface(pdev, InterfaceNumber, AlternateSetting);
468 if (rc < 0)
469 {
470 WLog_Print(urbdrc->log, WLOG_WARN, "select_interface %" PRIu8 " [%" PRIu8 "] failed",
471 InterfaceNumber, AlternateSetting);
472 }
473 }
474}
475
476/* [MS-RDPEUSB] 2.2.10.2 TS_URB_SELECT_CONFIGURATION_RESULT */
477static UINT send_urb_select_configuration_result(GENERIC_CHANNEL_CALLBACK* callback,
478 UINT32 InterfaceId, UINT32 MessageId,
479 UINT32 RequestId, UINT32 UrbStatus,
480 const MSUSB_CONFIG_DESCRIPTOR* MsConfig)
481{
482 wStream* out =
483 create_urb_completion_message(InterfaceId, MessageId, RequestId, URB_COMPLETION_NO_DATA);
484 if (!out)
485 return ERROR_OUTOFMEMORY;
486
487 const int size = 8 + ((MsConfig) ? MsConfig->MsOutSize : 8);
488 const uint16_t usize = WINPR_ASSERTING_INT_CAST(uint16_t, size);
489
490 if (!Stream_EnsureRemainingCapacity(out, 4))
491 goto fail;
492 Stream_Write_UINT32(out, usize); /* CbTsUrbResult */
493
494 if (!write_urb_result_header(out, usize, UrbStatus))
495 goto fail;
496
498 if (MsConfig)
499 msusb_msconfig_write(MsConfig, out);
500 else
501 {
502 Stream_Write_UINT32(out, 0);
503 Stream_Write_UINT32(out, 0);
504 }
505
506 return send_urb_completion_message(callback, out, 0, 0, NULL);
507
508fail:
509 Stream_Free(out, TRUE);
510 return ERROR_OUTOFMEMORY;
511}
512
513static UINT urb_select_configuration(IUDEVICE* pdev, GENERIC_CHANNEL_CALLBACK* callback, wStream* s,
514 UINT32 RequestField, UINT32 MessageId, IUDEVMAN* udevman,
515 int transferDir)
516{
517 MSUSB_CONFIG_DESCRIPTOR* MsConfig = NULL;
518 UINT32 NumInterfaces = 0;
519 UINT32 usbd_status = 0;
520 BYTE ConfigurationDescriptorIsValid = 0;
521 URBDRC_PLUGIN* urbdrc = NULL;
522 const BOOL noAck = (RequestField & 0x80000000U) != 0;
523 const UINT32 RequestId = RequestField & 0x7FFFFFFF;
524
525 if (!callback || !s || !udevman || !pdev)
526 return ERROR_INVALID_PARAMETER;
527
528 urbdrc = (URBDRC_PLUGIN*)callback->plugin;
529
530 if (!urbdrc)
531 return ERROR_INVALID_PARAMETER;
532
533 if (transferDir == 0)
534 {
535 WLog_Print(urbdrc->log, WLOG_ERROR, "urb_select_configuration: unsupported transfer out");
536 return ERROR_INVALID_PARAMETER;
537 }
538
539 if (!Stream_CheckAndLogRequiredLength(TAG, s, 8))
540 return ERROR_INVALID_DATA;
541
542 const UINT32 InterfaceId = ((STREAM_ID_PROXY << 30) | pdev->get_ReqCompletion(pdev));
543 Stream_Read_UINT8(s, ConfigurationDescriptorIsValid);
544 Stream_Seek(s, 3); /* Padding */
545 Stream_Read_UINT32(s, NumInterfaces);
546
548 if (ConfigurationDescriptorIsValid)
549 {
550 /* parser data for struct config */
551 MsConfig = msusb_msconfig_read(s, NumInterfaces);
552
553 if (!MsConfig)
554 return ERROR_INVALID_DATA;
555
556 /* select config */
557 const int lrc = pdev->select_configuration(pdev, MsConfig->bConfigurationValue);
558 if (lrc != 0)
559 {
560 msusb_msconfig_free(MsConfig);
561 MsConfig = NULL;
562 return ERROR_INTERNAL_ERROR;
563 }
564
565 /* select all interface */
566 func_select_all_interface_for_msconfig(urbdrc, pdev, MsConfig);
567 /* complete configuration setup */
568 if (!pdev->complete_msconfig_setup(pdev, MsConfig))
569 {
570 msusb_msconfig_free(MsConfig);
571 MsConfig = NULL;
572 }
573 }
574
575 if (noAck)
576 return CHANNEL_RC_OK;
577 return send_urb_select_configuration_result(callback, InterfaceId, MessageId, RequestId,
578 usbd_status, MsConfig);
579}
580
581/* [MS-RDPEUSB[ 2.2.10.3 TS_URB_SELECT_INTERFACE_RESULT */
582static UINT urb_select_interface_result(GENERIC_CHANNEL_CALLBACK* callback, UINT32 RequestId,
583 UINT32 InterfaceId, UINT32 MessageId,
584 MSUSB_INTERFACE_DESCRIPTOR* MsInterface,
585 UINT32 ConfigurationHandle)
586{
587 WINPR_ASSERT(callback);
588 WINPR_ASSERT(MsInterface);
589
590 const UINT32 NumInterfaces = 1;
591 const uint32_t interface_size = 16U + (MsInterface->NumberOfPipes * 20U);
592 wStream* out =
593 create_urb_completion_message(InterfaceId, MessageId, RequestId, URB_COMPLETION_NO_DATA);
594
595 if (!out)
596 return ERROR_OUTOFMEMORY;
597
598 const uint32_t size = 8U + interface_size;
599 const uint16_t usize = WINPR_ASSERTING_INT_CAST(uint16_t, size);
600
601 if (!Stream_EnsureRemainingCapacity(out, 4))
602 goto fail;
603 Stream_Write_UINT32(out, usize); /* CbTsUrbResult */
604
605 if (!write_urb_result_header(out, usize, USBD_STATUS_SUCCESS))
606 goto fail;
607
608 if (!msusb_msinterface_write(MsInterface, out))
609 goto fail;
610
611 if (!Stream_EnsureRemainingCapacity(out, 8))
612 goto fail;
613 Stream_Write_UINT32(out, ConfigurationHandle);
614 Stream_Write_UINT32(out, NumInterfaces);
616 for (size_t x = 0; x < NumInterfaces; x++)
617 {
618 const MSUSB_INTERFACE_DESCRIPTOR* ifc = &MsInterface[x];
619 if (!msusb_msinterface_write(ifc, out))
620 goto fail;
621 }
622
623 return send_urb_completion_message(callback, out, 0, 0, NULL);
624
625fail:
626 Stream_Free(out, TRUE);
627
628 return ERROR_INTERNAL_ERROR;
629}
630
631static UINT urb_select_interface(IUDEVICE* pdev, GENERIC_CHANNEL_CALLBACK* callback, wStream* s,
632 UINT32 RequestField, UINT32 MessageId, IUDEVMAN* udevman,
633 int transferDir)
634{
635 const BOOL noAck = (RequestField & 0x80000000U) != 0;
636 const UINT32 RequestId = RequestField & 0x7FFFFFFF;
637
638 if (!callback || !s || !udevman || !pdev)
639 return ERROR_INVALID_PARAMETER;
640
641 URBDRC_PLUGIN* urbdrc = (URBDRC_PLUGIN*)callback->plugin;
642
643 if (!urbdrc)
644 return ERROR_INVALID_PARAMETER;
645
646 if (transferDir == 0)
647 {
648 WLog_Print(urbdrc->log, WLOG_ERROR, "urb_select_interface: not support transfer out");
649 return ERROR_INVALID_PARAMETER;
650 }
651
652 if (!Stream_CheckAndLogRequiredLength(TAG, s, 4))
653 return ERROR_INVALID_DATA;
654
655 const UINT32 InterfaceId = ((STREAM_ID_PROXY << 30) | pdev->get_ReqCompletion(pdev));
656 const UINT32 ConfigurationHandle = Stream_Get_UINT32(s);
657 MSUSB_INTERFACE_DESCRIPTOR* MsInterface = msusb_msinterface_read(s);
658
659 if (!Stream_CheckAndLogRequiredLength(TAG, s, 4) || !MsInterface)
660 {
661 msusb_msinterface_free(MsInterface);
662 return ERROR_INVALID_DATA;
663 }
664
665 const UINT32 OutputBufferSize = Stream_Get_UINT32(s);
666 if (OutputBufferSize != 0)
667 {
668 WLog_Print(urbdrc->log, WLOG_ERROR,
669 "[MS-RDPEUSB] 2.2.9.3 TS_URB_SELECT_INTERFACE::OutputBufferSize must be 0, got "
670 "%" PRIu32,
671 OutputBufferSize);
672 msusb_msinterface_free(MsInterface);
673 return ERROR_INVALID_DATA;
674 }
675
676 const int lerr =
677 pdev->select_interface(pdev, MsInterface->InterfaceNumber, MsInterface->AlternateSetting);
678 if (lerr != 0)
679 {
680 msusb_msinterface_free(MsInterface);
681 return ERROR_INTERNAL_ERROR;
682 }
683
684 /* replace device's MsInterface */
685 MSUSB_CONFIG_DESCRIPTOR* MsConfig = pdev->get_MsConfig(pdev);
686 const uint8_t InterfaceNumber = MsInterface->InterfaceNumber;
687 if (!msusb_msinterface_replace(MsConfig, InterfaceNumber, MsInterface))
688 return ERROR_BAD_CONFIGURATION;
689
690 /* complete configuration setup */
691 if (!pdev->complete_msconfig_setup(pdev, MsConfig))
692 return ERROR_BAD_CONFIGURATION;
693
694 if (noAck)
695 return CHANNEL_RC_OK;
696
697 return urb_select_interface_result(callback, RequestId, InterfaceId, MessageId, MsInterface,
698 ConfigurationHandle);
699}
700
701static UINT urb_control_transfer(IUDEVICE* pdev, GENERIC_CHANNEL_CALLBACK* callback, wStream* s,
702 UINT32 RequestField, UINT32 MessageId, IUDEVMAN* udevman,
703 int transferDir, int External)
704{
705 UINT32 out_size = 0;
706 UINT32 InterfaceId = 0;
707 UINT32 EndpointAddress = 0;
708 UINT32 PipeHandle = 0;
709 UINT32 TransferFlags = 0;
710 UINT32 OutputBufferSize = 0;
711 UINT32 usbd_status = 0;
712 UINT32 Timeout = 0;
713 BYTE bmRequestType = 0;
714 BYTE Request = 0;
715 UINT16 Value = 0;
716 UINT16 Index = 0;
717 UINT16 length = 0;
718 BYTE* buffer = NULL;
719 wStream* out = NULL;
720 URBDRC_PLUGIN* urbdrc = NULL;
721 const BOOL noAck = (RequestField & 0x80000000U) != 0;
722 const UINT32 RequestId = RequestField & 0x7FFFFFFF;
723
724 if (!callback || !s || !udevman || !pdev)
725 return ERROR_INVALID_PARAMETER;
726
727 urbdrc = (URBDRC_PLUGIN*)callback->plugin;
728
729 if (!urbdrc)
730 return ERROR_INVALID_PARAMETER;
731
732 if (!Stream_CheckAndLogRequiredLength(TAG, s, 8))
733 return ERROR_INVALID_DATA;
734
735 InterfaceId = ((STREAM_ID_PROXY << 30) | pdev->get_ReqCompletion(pdev));
736 Stream_Read_UINT32(s, PipeHandle);
737 Stream_Read_UINT32(s, TransferFlags);
738 EndpointAddress = (PipeHandle & 0x000000ff);
739 Timeout = 2000;
740
741 switch (External)
742 {
743 case URB_CONTROL_TRANSFER_EXTERNAL:
744 if (!Stream_CheckAndLogRequiredLength(TAG, s, 4))
745 return ERROR_INVALID_DATA;
746
747 Stream_Read_UINT32(s, Timeout);
748 break;
749
750 case URB_CONTROL_TRANSFER_NONEXTERNAL:
751 break;
752 default:
753 break;
754 }
755
757 if (!Stream_CheckAndLogRequiredLength(TAG, s, 12))
758 return ERROR_INVALID_DATA;
759
760 Stream_Read_UINT8(s, bmRequestType);
761 Stream_Read_UINT8(s, Request);
762 Stream_Read_UINT16(s, Value);
763 Stream_Read_UINT16(s, Index);
764 Stream_Read_UINT16(s, length);
765 Stream_Read_UINT32(s, OutputBufferSize);
766
767 if (length != OutputBufferSize)
768 {
769 WLog_Print(urbdrc->log, WLOG_ERROR, "urb_control_transfer ERROR: buf != length");
770 return ERROR_INVALID_DATA;
771 }
772
773 out_size = 36 + OutputBufferSize;
774 out = Stream_New(NULL, out_size);
775
776 if (!out)
777 return ERROR_OUTOFMEMORY;
778
779 Stream_Seek(out, 36);
781 buffer = Stream_Pointer(out);
782
783 if (transferDir == USBD_TRANSFER_DIRECTION_OUT)
784 {
785 if (!Stream_CheckAndLogRequiredLength(TAG, s, OutputBufferSize))
786 {
787 Stream_Free(out, TRUE);
788 return ERROR_INVALID_DATA;
789 }
790 Stream_Copy(s, out, OutputBufferSize);
791 }
792
794 if (!pdev->control_transfer(pdev, RequestId, EndpointAddress, TransferFlags, bmRequestType,
795 Request, Value, Index, &usbd_status, &OutputBufferSize, buffer,
796 Timeout))
797 {
798 WLog_Print(urbdrc->log, WLOG_ERROR, "control_transfer failed");
799 Stream_Free(out, TRUE);
800 return ERROR_INTERNAL_ERROR;
801 }
802
803 return urb_write_completion(pdev, callback, noAck, out, InterfaceId, MessageId, RequestId,
804 usbd_status, OutputBufferSize);
805}
806
807static void urb_bulk_transfer_cb(IUDEVICE* pdev, GENERIC_CHANNEL_CALLBACK* callback, wStream* out,
808 UINT32 InterfaceId, BOOL noAck, UINT32 MessageId, UINT32 RequestId,
809 WINPR_ATTR_UNUSED UINT32 NumberOfPackets, UINT32 status,
810 WINPR_ATTR_UNUSED UINT32 StartFrame,
811 WINPR_ATTR_UNUSED UINT32 ErrorCount, UINT32 OutputBufferSize)
812{
813 if (!pdev->isChannelClosed(pdev))
814 urb_write_completion(pdev, callback, noAck, out, InterfaceId, MessageId, RequestId, status,
815 OutputBufferSize);
816 else
817 Stream_Free(out, TRUE);
818}
819
820static UINT urb_bulk_or_interrupt_transfer(IUDEVICE* pdev, GENERIC_CHANNEL_CALLBACK* callback,
821 wStream* s, UINT32 RequestField, UINT32 MessageId,
822 IUDEVMAN* udevman, int transferDir)
823{
824 UINT32 EndpointAddress = 0;
825 UINT32 PipeHandle = 0;
826 UINT32 TransferFlags = 0;
827 UINT32 OutputBufferSize = 0;
828 const BOOL noAck = (RequestField & 0x80000000U) != 0;
829 const UINT32 RequestId = RequestField & 0x7FFFFFFF;
830
831 if (!pdev || !callback || !s || !udevman)
832 return ERROR_INVALID_PARAMETER;
833
834 if (!Stream_CheckAndLogRequiredLength(TAG, s, 12))
835 return ERROR_INVALID_DATA;
836
837 Stream_Read_UINT32(s, PipeHandle);
838 Stream_Read_UINT32(s, TransferFlags);
839 Stream_Read_UINT32(s, OutputBufferSize);
840 EndpointAddress = (PipeHandle & 0x000000ff);
841
842 if (transferDir == USBD_TRANSFER_DIRECTION_OUT)
843 {
844 if (!Stream_CheckAndLogRequiredLength(TAG, s, OutputBufferSize))
845 {
846 return ERROR_INVALID_DATA;
847 }
848 }
849
851 const int rc = pdev->bulk_or_interrupt_transfer(
852 pdev, callback, MessageId, RequestId, EndpointAddress, TransferFlags, noAck,
853 OutputBufferSize, (transferDir == USBD_TRANSFER_DIRECTION_OUT) ? Stream_Pointer(s) : NULL,
854 urb_bulk_transfer_cb, 10000);
855
856 return (uint32_t)rc;
857}
858
859static void urb_isoch_transfer_cb(WINPR_ATTR_UNUSED IUDEVICE* pdev,
860 GENERIC_CHANNEL_CALLBACK* callback, wStream* out,
861 UINT32 InterfaceId, BOOL noAck, UINT32 MessageId,
862 UINT32 RequestId, UINT32 NumberOfPackets, UINT32 status,
863 UINT32 StartFrame, UINT32 ErrorCount, UINT32 OutputBufferSize)
864{
865 if (!noAck)
866 {
867 UINT32 packetSize = (status == 0) ? NumberOfPackets * 12 : 0;
868 Stream_SetPosition(out, 0);
869
870 const UINT32 FunctionId = (OutputBufferSize == 0) ? URB_COMPLETION_NO_DATA : URB_COMPLETION;
871 if (!write_shared_message_header_with_functionid(out, InterfaceId, MessageId, FunctionId))
872 {
873 Stream_Free(out, TRUE);
874 return;
875 }
876
877 Stream_Write_UINT32(out, RequestId);
878 Stream_Write_UINT32(out, 20 + packetSize);
879 if (!write_urb_result_header(out, WINPR_ASSERTING_INT_CAST(uint16_t, 20 + packetSize),
880 status))
881 {
882 Stream_Free(out, TRUE);
883 return;
884 }
885
886 Stream_Write_UINT32(out, StartFrame);
888 if (status == 0)
889 {
891 Stream_Write_UINT32(out, NumberOfPackets);
892 Stream_Write_UINT32(out, ErrorCount);
893 Stream_Seek(out, packetSize);
894 }
895 else
896 {
897 Stream_Write_UINT32(out, 0);
898 Stream_Write_UINT32(out, ErrorCount);
899 }
900
901 Stream_Write_UINT32(out, 0);
902 Stream_Write_UINT32(out, OutputBufferSize);
903 Stream_Seek(out, OutputBufferSize);
904
905 stream_write_and_free(callback->plugin, callback->channel, out);
906 }
907}
908
909static UINT urb_isoch_transfer(IUDEVICE* pdev, GENERIC_CHANNEL_CALLBACK* callback, wStream* s,
910 UINT32 RequestField, UINT32 MessageId, IUDEVMAN* udevman,
911 int transferDir)
912{
913 int rc = 0;
914 UINT32 EndpointAddress = 0;
915 UINT32 PipeHandle = 0;
916 UINT32 TransferFlags = 0;
917 UINT32 StartFrame = 0;
918 UINT32 NumberOfPackets = 0;
919 UINT32 ErrorCount = 0;
920 UINT32 OutputBufferSize = 0;
921 BYTE* packetDescriptorData = NULL;
922 const BOOL noAck = (RequestField & 0x80000000U) != 0;
923 const UINT32 RequestId = RequestField & 0x7FFFFFFF;
924
925 if (!pdev || !callback || !udevman)
926 return ERROR_INVALID_PARAMETER;
927
928 if (!Stream_CheckAndLogRequiredLength(TAG, s, 20))
929 return ERROR_INVALID_DATA;
930
931 Stream_Read_UINT32(s, PipeHandle);
932 EndpointAddress = (PipeHandle & 0x000000ff);
933 Stream_Read_UINT32(s, TransferFlags);
934 Stream_Read_UINT32(s, StartFrame);
935 Stream_Read_UINT32(s, NumberOfPackets);
936 Stream_Read_UINT32(s, ErrorCount);
938 if (!Stream_CheckAndLogRequiredLengthOfSize(TAG, s, NumberOfPackets, 12ull))
939 return ERROR_INVALID_DATA;
940
941 packetDescriptorData = Stream_Pointer(s);
942 Stream_Seek(s, 12ULL * NumberOfPackets);
943
944 if (!Stream_CheckAndLogRequiredLength(TAG, s, sizeof(UINT32)))
945 return ERROR_INVALID_DATA;
946 Stream_Read_UINT32(s, OutputBufferSize);
947
948 if (transferDir == USBD_TRANSFER_DIRECTION_OUT)
949 {
950 if (!Stream_CheckAndLogRequiredLength(TAG, s, OutputBufferSize))
951 return ERROR_INVALID_DATA;
952 }
953
954 rc = pdev->isoch_transfer(
955 pdev, callback, MessageId, RequestId, EndpointAddress, TransferFlags, StartFrame,
956 ErrorCount, noAck, packetDescriptorData, NumberOfPackets, OutputBufferSize,
957 (transferDir == USBD_TRANSFER_DIRECTION_OUT) ? Stream_Pointer(s) : NULL,
958 urb_isoch_transfer_cb, 2000);
959
960 if (rc < 0)
961 return ERROR_INTERNAL_ERROR;
962 return (UINT)rc;
963}
964
965static UINT urb_control_descriptor_request(IUDEVICE* pdev, GENERIC_CHANNEL_CALLBACK* callback,
966 wStream* s, UINT32 RequestField, UINT32 MessageId,
967 IUDEVMAN* udevman, BYTE func_recipient, int transferDir)
968{
969 size_t out_size = 0;
970 UINT32 InterfaceId = 0;
971 UINT32 OutputBufferSize = 0;
972 UINT32 usbd_status = 0;
973 BYTE bmRequestType = 0;
974 BYTE desc_index = 0;
975 BYTE desc_type = 0;
976 UINT16 langId = 0;
977 wStream* out = NULL;
978 URBDRC_PLUGIN* urbdrc = NULL;
979 const BOOL noAck = (RequestField & 0x80000000U) != 0;
980 const UINT32 RequestId = RequestField & 0x7FFFFFFF;
981
982 if (!callback || !s || !udevman || !pdev)
983 return ERROR_INVALID_PARAMETER;
984
985 urbdrc = (URBDRC_PLUGIN*)callback->plugin;
986
987 if (!urbdrc)
988 return ERROR_INVALID_PARAMETER;
989
990 if (!Stream_CheckAndLogRequiredLength(TAG, s, 8))
991 return ERROR_INVALID_DATA;
992
993 InterfaceId = ((STREAM_ID_PROXY << 30) | pdev->get_ReqCompletion(pdev));
994 Stream_Read_UINT8(s, desc_index);
995 Stream_Read_UINT8(s, desc_type);
996 Stream_Read_UINT16(s, langId);
997 Stream_Read_UINT32(s, OutputBufferSize);
998 if (OutputBufferSize > UINT32_MAX - 36)
999 return ERROR_INVALID_DATA;
1000 if (transferDir == USBD_TRANSFER_DIRECTION_OUT)
1001 {
1002 if (!Stream_CheckAndLogRequiredLength(TAG, s, OutputBufferSize))
1003 return ERROR_INVALID_DATA;
1004 }
1005
1006 out_size = 36ULL + OutputBufferSize;
1007 out = Stream_New(NULL, out_size);
1008
1009 if (!out)
1010 return ERROR_OUTOFMEMORY;
1011
1012 Stream_Seek(out, 36);
1013 bmRequestType = func_recipient;
1014
1015 switch (transferDir)
1016 {
1017 case USBD_TRANSFER_DIRECTION_IN:
1018 bmRequestType |= 0x80;
1019 break;
1020
1021 case USBD_TRANSFER_DIRECTION_OUT:
1022 bmRequestType |= 0x00;
1023 Stream_Copy(s, out, OutputBufferSize);
1024 Stream_Rewind(out, OutputBufferSize);
1025 break;
1026
1027 default:
1028 WLog_Print(urbdrc->log, WLOG_DEBUG, "get error transferDir");
1029 OutputBufferSize = 0;
1030 usbd_status = USBD_STATUS_STALL_PID;
1031 break;
1032 }
1033
1035 if (!pdev->control_transfer(pdev, RequestId, 0, 0, bmRequestType,
1036 0x06, /* REQUEST_GET_DESCRIPTOR */
1037 WINPR_ASSERTING_INT_CAST(UINT16, ((desc_type << 8) | desc_index)),
1038 langId, &usbd_status, &OutputBufferSize, Stream_Pointer(out), 1000))
1039 {
1040 WLog_Print(urbdrc->log, WLOG_ERROR, "get_descriptor failed");
1041 Stream_Free(out, TRUE);
1042 return ERROR_INTERNAL_ERROR;
1043 }
1044
1045 return urb_write_completion(pdev, callback, noAck, out, InterfaceId, MessageId, RequestId,
1046 usbd_status, OutputBufferSize);
1047}
1048
1049static UINT urb_control_get_status_request(IUDEVICE* pdev, GENERIC_CHANNEL_CALLBACK* callback,
1050 wStream* s, UINT32 RequestField, UINT32 MessageId,
1051 IUDEVMAN* udevman, BYTE func_recipient, int transferDir)
1052{
1053 size_t out_size = 0;
1054 UINT32 InterfaceId = 0;
1055 UINT32 OutputBufferSize = 0;
1056 UINT32 usbd_status = 0;
1057 UINT16 Index = 0;
1058 BYTE bmRequestType = 0;
1059 wStream* out = NULL;
1060 URBDRC_PLUGIN* urbdrc = NULL;
1061 const BOOL noAck = (RequestField & 0x80000000U) != 0;
1062 const UINT32 RequestId = RequestField & 0x7FFFFFFF;
1063
1064 if (!callback || !s || !udevman || !pdev)
1065 return ERROR_INVALID_PARAMETER;
1066
1067 urbdrc = (URBDRC_PLUGIN*)callback->plugin;
1068
1069 if (!urbdrc)
1070 return ERROR_INVALID_PARAMETER;
1071
1072 if (transferDir == 0)
1073 {
1074 WLog_Print(urbdrc->log, WLOG_DEBUG,
1075 "urb_control_get_status_request: transfer out not supported");
1076 return ERROR_INVALID_PARAMETER;
1077 }
1078
1079 if (!Stream_CheckAndLogRequiredLength(TAG, s, 8))
1080 return ERROR_INVALID_DATA;
1081
1082 InterfaceId = ((STREAM_ID_PROXY << 30) | pdev->get_ReqCompletion(pdev));
1083 Stream_Read_UINT16(s, Index);
1084 Stream_Seek(s, 2);
1085 Stream_Read_UINT32(s, OutputBufferSize);
1086 if (OutputBufferSize > UINT32_MAX - 36)
1087 return ERROR_INVALID_DATA;
1088 out_size = 36ULL + OutputBufferSize;
1089 out = Stream_New(NULL, out_size);
1090
1091 if (!out)
1092 return ERROR_OUTOFMEMORY;
1093
1094 Stream_Seek(out, 36);
1095 bmRequestType = func_recipient | 0x80;
1096
1097 if (!pdev->control_transfer(pdev, RequestId, 0, 0, bmRequestType, 0x00, /* REQUEST_GET_STATUS */
1098 0, Index, &usbd_status, &OutputBufferSize, Stream_Pointer(out),
1099 1000))
1100 {
1101 WLog_Print(urbdrc->log, WLOG_ERROR, "control_transfer failed");
1102 Stream_Free(out, TRUE);
1103 return ERROR_INTERNAL_ERROR;
1104 }
1105
1106 return urb_write_completion(pdev, callback, noAck, out, InterfaceId, MessageId, RequestId,
1107 usbd_status, OutputBufferSize);
1108}
1109
1110static UINT urb_control_vendor_or_class_request(IUDEVICE* pdev, GENERIC_CHANNEL_CALLBACK* callback,
1111 wStream* s, UINT32 RequestField, UINT32 MessageId,
1112 IUDEVMAN* udevman, BYTE func_type,
1113 BYTE func_recipient, int transferDir)
1114{
1115 UINT32 out_size = 0;
1116 UINT32 InterfaceId = 0;
1117 UINT32 TransferFlags = 0;
1118 UINT32 usbd_status = 0;
1119 UINT32 OutputBufferSize = 0;
1120 BYTE ReqTypeReservedBits = 0;
1121 BYTE Request = 0;
1122 BYTE bmRequestType = 0;
1123 UINT16 Value = 0;
1124 UINT16 Index = 0;
1125 wStream* out = NULL;
1126 URBDRC_PLUGIN* urbdrc = NULL;
1127 const BOOL noAck = (RequestField & 0x80000000U) != 0;
1128 const UINT32 RequestId = RequestField & 0x7FFFFFFF;
1129
1130 if (!callback || !s || !udevman || !pdev)
1131 return ERROR_INVALID_PARAMETER;
1132
1133 urbdrc = (URBDRC_PLUGIN*)callback->plugin;
1134
1135 if (!urbdrc)
1136 return ERROR_INVALID_PARAMETER;
1137
1138 if (!Stream_CheckAndLogRequiredLength(TAG, s, 16))
1139 return ERROR_INVALID_DATA;
1140
1141 InterfaceId = ((STREAM_ID_PROXY << 30) | pdev->get_ReqCompletion(pdev));
1142 Stream_Read_UINT32(s, TransferFlags);
1143 Stream_Read_UINT8(s, ReqTypeReservedBits);
1144 Stream_Read_UINT8(s, Request);
1145 Stream_Read_UINT16(s, Value);
1146 Stream_Read_UINT16(s, Index);
1147 Stream_Seek_UINT16(s);
1148 Stream_Read_UINT32(s, OutputBufferSize);
1149 if (OutputBufferSize > UINT32_MAX - 36)
1150 return ERROR_INVALID_DATA;
1151
1152 if (transferDir == USBD_TRANSFER_DIRECTION_OUT)
1153 {
1154 if (!Stream_CheckAndLogRequiredLength(TAG, s, OutputBufferSize))
1155 return ERROR_INVALID_DATA;
1156 }
1157
1158 out_size = 36ULL + OutputBufferSize;
1159 out = Stream_New(NULL, out_size);
1160
1161 if (!out)
1162 return ERROR_OUTOFMEMORY;
1163
1164 Stream_Seek(out, 36);
1165
1167 if (transferDir == USBD_TRANSFER_DIRECTION_OUT)
1168 {
1169 Stream_Copy(s, out, OutputBufferSize);
1170 Stream_Rewind(out, OutputBufferSize);
1171 }
1172
1174 bmRequestType = func_type | func_recipient;
1175
1176 if (TransferFlags & USBD_TRANSFER_DIRECTION)
1177 bmRequestType |= 0x80;
1178
1179 WLog_Print(urbdrc->log, WLOG_DEBUG,
1180 "RequestId 0x%" PRIx32 " TransferFlags: 0x%" PRIx32 " ReqTypeReservedBits: 0x%" PRIx8
1181 " "
1182 "Request:0x%" PRIx8 " Value: 0x%" PRIx16 " Index: 0x%" PRIx16
1183 " OutputBufferSize: 0x%" PRIx32 " bmRequestType: 0x%" PRIx8,
1184 RequestId, TransferFlags, ReqTypeReservedBits, Request, Value, Index,
1185 OutputBufferSize, bmRequestType);
1186
1187 if (!pdev->control_transfer(pdev, RequestId, 0, 0, bmRequestType, Request, Value, Index,
1188 &usbd_status, &OutputBufferSize, Stream_Pointer(out), 2000))
1189 {
1190 WLog_Print(urbdrc->log, WLOG_ERROR, "control_transfer failed");
1191 Stream_Free(out, TRUE);
1192 return ERROR_INTERNAL_ERROR;
1193 }
1194
1195 return urb_write_completion(pdev, callback, noAck, out, InterfaceId, MessageId, RequestId,
1196 usbd_status, OutputBufferSize);
1197}
1198
1199static UINT urb_os_feature_descriptor_request(IUDEVICE* pdev, GENERIC_CHANNEL_CALLBACK* callback,
1200 wStream* s, UINT32 RequestField, UINT32 MessageId,
1201 IUDEVMAN* udevman, int transferDir)
1202{
1203 size_t out_size = 0;
1204 UINT32 InterfaceId = 0;
1205 UINT32 OutputBufferSize = 0;
1206 UINT32 usbd_status = 0;
1207 BYTE Recipient = 0;
1208 BYTE InterfaceNumber = 0;
1209 BYTE Ms_PageIndex = 0;
1210 UINT16 Ms_featureDescIndex = 0;
1211 wStream* out = NULL;
1212 int ret = 0;
1213 URBDRC_PLUGIN* urbdrc = NULL;
1214 const BOOL noAck = (RequestField & 0x80000000U) != 0;
1215 const UINT32 RequestId = RequestField & 0x7FFFFFFF;
1216
1217 if (!callback || !s || !udevman || !pdev)
1218 return ERROR_INVALID_PARAMETER;
1219
1220 urbdrc = (URBDRC_PLUGIN*)callback->plugin;
1221
1222 if (!urbdrc)
1223 return ERROR_INVALID_PARAMETER;
1224
1225 if (!Stream_CheckAndLogRequiredLength(TAG, s, 12))
1226 return ERROR_INVALID_DATA;
1227
1228 /* 2.2.9.15 TS_URB_OS_FEATURE_DESCRIPTOR_REQUEST */
1229 Stream_Read_UINT8(s, Recipient);
1230 Recipient = (Recipient & 0x1f); /* Mask out Padding1 */
1231 Stream_Read_UINT8(s, InterfaceNumber);
1232 Stream_Read_UINT8(s, Ms_PageIndex);
1233 Stream_Read_UINT16(s, Ms_featureDescIndex);
1234 Stream_Seek(s, 3); /* Padding 2 */
1235 Stream_Read_UINT32(s, OutputBufferSize);
1236 if (OutputBufferSize > UINT32_MAX - 36)
1237 return ERROR_INVALID_DATA;
1238
1239 switch (transferDir)
1240 {
1241 case USBD_TRANSFER_DIRECTION_OUT:
1242 if (!Stream_CheckAndLogRequiredLength(TAG, s, OutputBufferSize))
1243 return ERROR_INVALID_DATA;
1244
1245 break;
1246
1247 default:
1248 break;
1249 }
1250
1251 InterfaceId = ((STREAM_ID_PROXY << 30) | pdev->get_ReqCompletion(pdev));
1252 out_size = 36ULL + OutputBufferSize;
1253 out = Stream_New(NULL, out_size);
1254
1255 if (!out)
1256 return ERROR_OUTOFMEMORY;
1257
1258 Stream_Seek(out, 36);
1259
1260 switch (transferDir)
1261 {
1262 case USBD_TRANSFER_DIRECTION_OUT:
1263 Stream_Copy(s, out, OutputBufferSize);
1264 Stream_Rewind(out, OutputBufferSize);
1265 break;
1266
1267 case USBD_TRANSFER_DIRECTION_IN:
1268 break;
1269 default:
1270 break;
1271 }
1272
1273 WLog_Print(urbdrc->log, WLOG_DEBUG,
1274 "Ms descriptor arg: Recipient:0x%" PRIx8 ", "
1275 "InterfaceNumber:0x%" PRIx8 ", Ms_PageIndex:0x%" PRIx8 ", "
1276 "Ms_featureDescIndex:0x%" PRIx16 ", OutputBufferSize:0x%" PRIx32 "",
1277 Recipient, InterfaceNumber, Ms_PageIndex, Ms_featureDescIndex, OutputBufferSize);
1279 ret = pdev->os_feature_descriptor_request(pdev, RequestId, Recipient, InterfaceNumber,
1280 Ms_PageIndex, Ms_featureDescIndex, &usbd_status,
1281 &OutputBufferSize, Stream_Pointer(out), 1000);
1282
1283 if (ret < 0)
1284 WLog_Print(urbdrc->log, WLOG_DEBUG, "os_feature_descriptor_request: error num %d", ret);
1285
1286 return urb_write_completion(pdev, callback, noAck, out, InterfaceId, MessageId, RequestId,
1287 usbd_status, OutputBufferSize);
1288}
1289
1290static UINT urb_pipe_request(IUDEVICE* pdev, GENERIC_CHANNEL_CALLBACK* callback, wStream* s,
1291 UINT32 RequestField, UINT32 MessageId, IUDEVMAN* udevman,
1292 int transferDir, int action)
1293{
1294 UINT32 out_size = 0;
1295 UINT32 InterfaceId = 0;
1296 UINT32 PipeHandle = 0;
1297 UINT32 EndpointAddress = 0;
1298 UINT32 OutputBufferSize = 0;
1299 UINT32 usbd_status = 0;
1300 wStream* out = NULL;
1301 UINT32 ret = USBD_STATUS_REQUEST_FAILED;
1302 int rc = 0;
1303 URBDRC_PLUGIN* urbdrc = NULL;
1304 const BOOL noAck = (RequestField & 0x80000000U) != 0;
1305 const UINT32 RequestId = RequestField & 0x7FFFFFFF;
1306
1307 if (!callback || !s || !udevman || !pdev)
1308 return ERROR_INVALID_PARAMETER;
1309
1310 urbdrc = (URBDRC_PLUGIN*)callback->plugin;
1311
1312 if (!urbdrc)
1313 return ERROR_INVALID_PARAMETER;
1314
1315 if (!Stream_CheckAndLogRequiredLength(TAG, s, 8))
1316 return ERROR_INVALID_DATA;
1317
1318 if (transferDir == 0)
1319 {
1320 WLog_Print(urbdrc->log, WLOG_DEBUG, "urb_pipe_request: not support transfer out");
1321 return ERROR_INVALID_PARAMETER;
1322 }
1323
1324 InterfaceId = ((STREAM_ID_PROXY << 30) | pdev->get_ReqCompletion(pdev));
1325 Stream_Read_UINT32(s, PipeHandle);
1326 Stream_Read_UINT32(s, OutputBufferSize);
1327 EndpointAddress = (PipeHandle & 0x000000ff);
1328
1329 switch (action)
1330 {
1331 case PIPE_CANCEL:
1332 rc = pdev->control_pipe_request(pdev, RequestId, EndpointAddress, &usbd_status,
1333 PIPE_CANCEL);
1334
1335 if (rc < 0)
1336 WLog_Print(urbdrc->log, WLOG_DEBUG, "PIPE SET HALT: error %u", ret);
1337 else
1338 ret = USBD_STATUS_SUCCESS;
1339
1340 break;
1341
1342 case PIPE_RESET:
1343 WLog_Print(urbdrc->log, WLOG_DEBUG, "urb_pipe_request: PIPE_RESET ep 0x%" PRIx32 "",
1344 EndpointAddress);
1345 rc = pdev->control_pipe_request(pdev, RequestId, EndpointAddress, &usbd_status,
1346 PIPE_RESET);
1347
1348 if (rc < 0)
1349 WLog_Print(urbdrc->log, WLOG_DEBUG, "PIPE RESET: error %u", ret);
1350 else
1351 ret = USBD_STATUS_SUCCESS;
1352
1353 break;
1354
1355 default:
1356 WLog_Print(urbdrc->log, WLOG_DEBUG, "urb_pipe_request action: %d not supported",
1357 action);
1358 ret = USBD_STATUS_INVALID_URB_FUNCTION;
1359 break;
1360 }
1361
1363 out_size = 36;
1364 if (out_size > OutputBufferSize)
1365 {
1366 WLog_Print(urbdrc->log, WLOG_DEBUG, "out_size %" PRIu32 " > OutputBufferSize %" PRIu32,
1367 out_size, OutputBufferSize);
1368 return ERROR_BAD_CONFIGURATION;
1369 }
1370 out = Stream_New(NULL, out_size);
1371
1372 if (!out)
1373 return ERROR_OUTOFMEMORY;
1374
1375 return urb_write_completion(pdev, callback, noAck, out, InterfaceId, MessageId, RequestId, ret,
1376 0);
1377}
1378/* [MS-RDPEUSB] 2.2.10.4 TS_URB_GET_CURRENT_FRAME_NUMBER_RESULT */
1379static UINT urb_send_current_frame_number_result(GENERIC_CHANNEL_CALLBACK* callback,
1380 UINT32 RequestId, UINT32 MessageId,
1381 UINT32 CompletionId, UINT32 FrameNumber)
1382{
1383 WINPR_ASSERT(callback);
1384
1385 const UINT32 InterfaceId = ((STREAM_ID_PROXY << 30) | CompletionId);
1386 wStream* out =
1387 create_urb_completion_message(InterfaceId, MessageId, RequestId, URB_COMPLETION_NO_DATA);
1388
1389 if (!out)
1390 return ERROR_OUTOFMEMORY;
1391
1392 Stream_Write_UINT32(out, 12);
1393 if (!write_urb_result_header(out, 12, USBD_STATUS_SUCCESS))
1394 {
1395 Stream_Free(out, TRUE);
1396 return ERROR_OUTOFMEMORY;
1397 }
1398
1399 Stream_Write_UINT32(out, FrameNumber);
1400 return send_urb_completion_message(callback, out, 0, 0, NULL);
1401}
1402
1403static UINT urb_get_current_frame_number(IUDEVICE* pdev, GENERIC_CHANNEL_CALLBACK* callback,
1404 wStream* s, UINT32 RequestField, UINT32 MessageId,
1405 IUDEVMAN* udevman, int transferDir)
1406{
1407 const BOOL noAck = (RequestField & 0x80000000U) != 0;
1408 const UINT32 RequestId = RequestField & 0x7FFFFFFF;
1409
1410 if (!callback || !s || !udevman || !pdev)
1411 return ERROR_INVALID_PARAMETER;
1412
1413 URBDRC_PLUGIN* urbdrc = (URBDRC_PLUGIN*)callback->plugin;
1414
1415 if (!urbdrc)
1416 return ERROR_INVALID_PARAMETER;
1417
1418 if (!Stream_CheckAndLogRequiredLength(TAG, s, 4))
1419 return ERROR_INVALID_DATA;
1420
1421 if (transferDir == 0)
1422 {
1423 WLog_Print(urbdrc->log, WLOG_DEBUG,
1424 "urb_get_current_frame_number: not support transfer out");
1425 return ERROR_INVALID_PARAMETER;
1426 }
1427
1428 const UINT32 OutputBufferSize = Stream_Get_UINT32(s);
1429 if (OutputBufferSize != 0)
1430 {
1431 WLog_Print(urbdrc->log, WLOG_WARN, "OutputBufferSize=%" PRIu32 ", expected 0",
1432 OutputBufferSize);
1433 }
1435 const UINT32 dummy_frames = GetTickCount();
1436 const UINT32 CompletionId = pdev->get_ReqCompletion(pdev);
1437
1438 if (noAck)
1439 return CHANNEL_RC_OK;
1440
1441 return urb_send_current_frame_number_result(callback, RequestId, MessageId, CompletionId,
1442 dummy_frames);
1443}
1444
1445/* Unused function for current server */
1446static UINT urb_control_get_configuration_request(IUDEVICE* pdev,
1447 GENERIC_CHANNEL_CALLBACK* callback, wStream* s,
1448 UINT32 RequestField, UINT32 MessageId,
1449 IUDEVMAN* udevman, int transferDir)
1450{
1451 size_t out_size = 0;
1452 UINT32 InterfaceId = 0;
1453 UINT32 OutputBufferSize = 0;
1454 UINT32 usbd_status = 0;
1455 wStream* out = NULL;
1456 URBDRC_PLUGIN* urbdrc = NULL;
1457 const BOOL noAck = (RequestField & 0x80000000U) != 0;
1458 const UINT32 RequestId = RequestField & 0x7FFFFFFF;
1459
1460 if (!callback || !s || !udevman || !pdev)
1461 return ERROR_INVALID_PARAMETER;
1462
1463 urbdrc = (URBDRC_PLUGIN*)callback->plugin;
1464
1465 if (!urbdrc)
1466 return ERROR_INVALID_PARAMETER;
1467
1468 if (transferDir == 0)
1469 {
1470 WLog_Print(urbdrc->log, WLOG_DEBUG,
1471 "urb_control_get_configuration_request:"
1472 " not support transfer out");
1473 return ERROR_INVALID_PARAMETER;
1474 }
1475
1476 if (!Stream_CheckAndLogRequiredLength(TAG, s, 4))
1477 return ERROR_INVALID_DATA;
1478
1479 Stream_Read_UINT32(s, OutputBufferSize);
1480 if (OutputBufferSize > UINT32_MAX - 36)
1481 return ERROR_INVALID_DATA;
1482 out_size = 36ULL + OutputBufferSize;
1483 out = Stream_New(NULL, out_size);
1484
1485 if (!out)
1486 return ERROR_OUTOFMEMORY;
1487
1488 Stream_Seek(out, 36);
1489 InterfaceId = ((STREAM_ID_PROXY << 30) | pdev->get_ReqCompletion(pdev));
1490
1491 if (!pdev->control_transfer(pdev, RequestId, 0, 0, 0x80 | 0x00,
1492 0x08, /* REQUEST_GET_CONFIGURATION */
1493 0, 0, &usbd_status, &OutputBufferSize, Stream_Pointer(out), 1000))
1494 {
1495 WLog_Print(urbdrc->log, WLOG_DEBUG, "control_transfer failed");
1496 Stream_Free(out, TRUE);
1497 return ERROR_INTERNAL_ERROR;
1498 }
1499
1500 return urb_write_completion(pdev, callback, noAck, out, InterfaceId, MessageId, RequestId,
1501 usbd_status, OutputBufferSize);
1502}
1503
1504/* Unused function for current server */
1505static UINT urb_control_get_interface_request(IUDEVICE* pdev, GENERIC_CHANNEL_CALLBACK* callback,
1506 wStream* s, UINT32 RequestField, UINT32 MessageId,
1507 IUDEVMAN* udevman, int transferDir)
1508{
1509 size_t out_size = 0;
1510 UINT32 InterfaceId = 0;
1511 UINT32 OutputBufferSize = 0;
1512 UINT32 usbd_status = 0;
1513 UINT16 InterfaceNr = 0;
1514 wStream* out = NULL;
1515 URBDRC_PLUGIN* urbdrc = NULL;
1516 const BOOL noAck = (RequestField & 0x80000000U) != 0;
1517 const UINT32 RequestId = RequestField & 0x7FFFFFFF;
1518
1519 if (!callback || !s || !udevman || !pdev)
1520 return ERROR_INVALID_PARAMETER;
1521
1522 urbdrc = (URBDRC_PLUGIN*)callback->plugin;
1523
1524 if (!urbdrc)
1525 return ERROR_INVALID_PARAMETER;
1526
1527 if (!Stream_CheckAndLogRequiredLength(TAG, s, 8))
1528 return ERROR_INVALID_DATA;
1529
1530 if (transferDir == 0)
1531 {
1532 WLog_Print(urbdrc->log, WLOG_DEBUG,
1533 "urb_control_get_interface_request: not support transfer out");
1534 return ERROR_INVALID_PARAMETER;
1535 }
1536
1537 InterfaceId = ((STREAM_ID_PROXY << 30) | pdev->get_ReqCompletion(pdev));
1538 Stream_Read_UINT16(s, InterfaceNr);
1539 Stream_Seek(s, 2);
1540 Stream_Read_UINT32(s, OutputBufferSize);
1541 if (OutputBufferSize > UINT32_MAX - 36)
1542 return ERROR_INVALID_DATA;
1543 out_size = 36ULL + OutputBufferSize;
1544 out = Stream_New(NULL, out_size);
1545
1546 if (!out)
1547 return ERROR_OUTOFMEMORY;
1548
1549 Stream_Seek(out, 36);
1550
1551 if (!pdev->control_transfer(
1552 pdev, RequestId, 0, 0, 0x80 | 0x01, 0x0A, /* REQUEST_GET_INTERFACE */
1553 0, InterfaceNr, &usbd_status, &OutputBufferSize, Stream_Pointer(out), 1000))
1554 {
1555 WLog_Print(urbdrc->log, WLOG_DEBUG, "control_transfer failed");
1556 Stream_Free(out, TRUE);
1557 return ERROR_INTERNAL_ERROR;
1558 }
1559
1560 return urb_write_completion(pdev, callback, noAck, out, InterfaceId, MessageId, RequestId,
1561 usbd_status, OutputBufferSize);
1562}
1563
1564static UINT urb_control_feature_request(IUDEVICE* pdev, GENERIC_CHANNEL_CALLBACK* callback,
1565 wStream* s, UINT32 RequestField, UINT32 MessageId,
1566 IUDEVMAN* udevman, BYTE func_recipient, BYTE command,
1567 int transferDir)
1568{
1569 UINT32 InterfaceId = 0;
1570 UINT32 OutputBufferSize = 0;
1571 UINT32 usbd_status = 0;
1572 UINT16 FeatureSelector = 0;
1573 UINT16 Index = 0;
1574 BYTE bmRequestType = 0;
1575 BYTE bmRequest = 0;
1576 wStream* out = NULL;
1577 URBDRC_PLUGIN* urbdrc = NULL;
1578 const BOOL noAck = (RequestField & 0x80000000U) != 0;
1579 const UINT32 RequestId = RequestField & 0x7FFFFFFF;
1580
1581 if (!callback || !s || !udevman || !pdev)
1582 return ERROR_INVALID_PARAMETER;
1583
1584 urbdrc = (URBDRC_PLUGIN*)callback->plugin;
1585
1586 if (!urbdrc)
1587 return ERROR_INVALID_PARAMETER;
1588
1589 if (!Stream_CheckAndLogRequiredLength(TAG, s, 8))
1590 return ERROR_INVALID_DATA;
1591
1592 InterfaceId = ((STREAM_ID_PROXY << 30) | pdev->get_ReqCompletion(pdev));
1593 Stream_Read_UINT16(s, FeatureSelector);
1594 Stream_Read_UINT16(s, Index);
1595 Stream_Read_UINT32(s, OutputBufferSize);
1596 if (OutputBufferSize > UINT32_MAX - 36)
1597 return ERROR_INVALID_DATA;
1598 switch (transferDir)
1599 {
1600 case USBD_TRANSFER_DIRECTION_OUT:
1601 if (!Stream_CheckAndLogRequiredLength(TAG, s, OutputBufferSize))
1602 return ERROR_INVALID_DATA;
1603
1604 break;
1605
1606 default:
1607 break;
1608 }
1609
1610 out = Stream_New(NULL, 36ULL + OutputBufferSize);
1611
1612 if (!out)
1613 return ERROR_OUTOFMEMORY;
1614
1615 Stream_Seek(out, 36);
1616 bmRequestType = func_recipient;
1617
1618 switch (transferDir)
1619 {
1620 case USBD_TRANSFER_DIRECTION_OUT:
1621 WLog_Print(urbdrc->log, WLOG_ERROR,
1622 "Function urb_control_feature_request: OUT Unchecked");
1623 Stream_Copy(s, out, OutputBufferSize);
1624 Stream_Rewind(out, OutputBufferSize);
1625 bmRequestType |= 0x00;
1626 break;
1627
1628 case USBD_TRANSFER_DIRECTION_IN:
1629 bmRequestType |= 0x80;
1630 break;
1631 default:
1632 break;
1633 }
1634
1635 switch (command)
1636 {
1637 case URB_SET_FEATURE:
1638 bmRequest = 0x03; /* REQUEST_SET_FEATURE */
1639 break;
1640
1641 case URB_CLEAR_FEATURE:
1642 bmRequest = 0x01; /* REQUEST_CLEAR_FEATURE */
1643 break;
1644
1645 default:
1646 WLog_Print(urbdrc->log, WLOG_ERROR,
1647 "urb_control_feature_request: Error Command 0x%02" PRIx8 "", command);
1648 Stream_Free(out, TRUE);
1649 return ERROR_INTERNAL_ERROR;
1650 }
1651
1652 if (!pdev->control_transfer(pdev, RequestId, 0, 0, bmRequestType, bmRequest, FeatureSelector,
1653 Index, &usbd_status, &OutputBufferSize, Stream_Pointer(out), 1000))
1654 {
1655 WLog_Print(urbdrc->log, WLOG_DEBUG, "feature control transfer failed");
1656 Stream_Free(out, TRUE);
1657 return ERROR_INTERNAL_ERROR;
1658 }
1659
1660 return urb_write_completion(pdev, callback, noAck, out, InterfaceId, MessageId, RequestId,
1661 usbd_status, OutputBufferSize);
1662}
1663
1664static UINT urbdrc_process_transfer_request(IUDEVICE* pdev, GENERIC_CHANNEL_CALLBACK* callback,
1665 wStream* s, UINT32 MessageId, IUDEVMAN* udevman,
1666 int transferDir)
1667{
1668 UINT32 CbTsUrb = 0;
1669 UINT16 Size = 0;
1670 UINT16 URB_Function = 0;
1671 UINT32 RequestId = 0;
1672 UINT error = ERROR_INTERNAL_ERROR;
1673 URBDRC_PLUGIN* urbdrc = NULL;
1674
1675 if (!callback || !s || !udevman || !pdev)
1676 return ERROR_INVALID_PARAMETER;
1677
1678 urbdrc = (URBDRC_PLUGIN*)callback->plugin;
1679
1680 if (!urbdrc)
1681 return ERROR_INVALID_PARAMETER;
1682
1683 if (!Stream_CheckAndLogRequiredLength(TAG, s, 12))
1684 return ERROR_INVALID_DATA;
1685
1686 Stream_Read_UINT32(s, CbTsUrb);
1687 if (!Stream_CheckAndLogRequiredLength(TAG, s, 4ULL + CbTsUrb))
1688 return ERROR_INVALID_DATA;
1689 Stream_Read_UINT16(s, Size);
1690 if (Size != CbTsUrb)
1691 {
1692 const char* section = (transferDir == USBD_TRANSFER_DIRECTION_IN)
1693 ? "2.2.6.7 Transfer In Request (TRANSFER_IN_REQUEST)"
1694 : "2.2.6.8 Transfer Out Request (TRANSFER_OUT_REQUEST)";
1695 WLog_ERR(TAG,
1696 "[MS-RDPEUSB] 2.2.9.1.1 TS_URB_HEADER::Size 0x%04" PRIx16
1697 " != %s::CbTsUrb 0x%08" PRIx32,
1698 Size, section, CbTsUrb);
1699 return ERROR_INVALID_DATA;
1700 }
1701 Stream_Read_UINT16(s, URB_Function);
1702 Stream_Read_UINT32(s, RequestId);
1703 WLog_Print(urbdrc->log, WLOG_DEBUG, "URB %s[%" PRIu16 "]", urb_function_string(URB_Function),
1704 URB_Function);
1705
1706 switch (URB_Function)
1707 {
1708 case TS_URB_SELECT_CONFIGURATION:
1709 error = urb_select_configuration(pdev, callback, s, RequestId, MessageId, udevman,
1710 transferDir);
1711 break;
1712
1713 case TS_URB_SELECT_INTERFACE:
1714 error =
1715 urb_select_interface(pdev, callback, s, RequestId, MessageId, udevman, transferDir);
1716 break;
1717
1718 case TS_URB_PIPE_REQUEST:
1719 error = urb_pipe_request(pdev, callback, s, RequestId, MessageId, udevman, transferDir,
1720 PIPE_CANCEL);
1721 break;
1722
1723 case TS_URB_TAKE_FRAME_LENGTH_CONTROL:
1727 break;
1728
1729 case TS_URB_RELEASE_FRAME_LENGTH_CONTROL:
1733 break;
1734
1735 case TS_URB_GET_FRAME_LENGTH:
1739 break;
1740
1741 case TS_URB_SET_FRAME_LENGTH:
1745 break;
1746
1747 case TS_URB_GET_CURRENT_FRAME_NUMBER:
1748 error = urb_get_current_frame_number(pdev, callback, s, RequestId, MessageId, udevman,
1749 transferDir);
1750 break;
1751
1752 case TS_URB_CONTROL_TRANSFER:
1753 error = urb_control_transfer(pdev, callback, s, RequestId, MessageId, udevman,
1754 transferDir, URB_CONTROL_TRANSFER_NONEXTERNAL);
1755 break;
1756
1757 case TS_URB_BULK_OR_INTERRUPT_TRANSFER:
1758 error = urb_bulk_or_interrupt_transfer(pdev, callback, s, RequestId, MessageId, udevman,
1759 transferDir);
1760 break;
1761
1762 case TS_URB_ISOCH_TRANSFER:
1763 error =
1764 urb_isoch_transfer(pdev, callback, s, RequestId, MessageId, udevman, transferDir);
1765 break;
1766
1767 case TS_URB_GET_DESCRIPTOR_FROM_DEVICE:
1768 error = urb_control_descriptor_request(pdev, callback, s, RequestId, MessageId, udevman,
1769 0x00, transferDir);
1770 break;
1771
1772 case TS_URB_SET_DESCRIPTOR_TO_DEVICE:
1773 error = urb_control_descriptor_request(pdev, callback, s, RequestId, MessageId, udevman,
1774 0x00, transferDir);
1775 break;
1776
1777 case TS_URB_SET_FEATURE_TO_DEVICE:
1778 error = urb_control_feature_request(pdev, callback, s, RequestId, MessageId, udevman,
1779 0x00, URB_SET_FEATURE, transferDir);
1780 break;
1781
1782 case TS_URB_SET_FEATURE_TO_INTERFACE:
1783 error = urb_control_feature_request(pdev, callback, s, RequestId, MessageId, udevman,
1784 0x01, URB_SET_FEATURE, transferDir);
1785 break;
1786
1787 case TS_URB_SET_FEATURE_TO_ENDPOINT:
1788 error = urb_control_feature_request(pdev, callback, s, RequestId, MessageId, udevman,
1789 0x02, URB_SET_FEATURE, transferDir);
1790 break;
1791
1792 case TS_URB_CLEAR_FEATURE_TO_DEVICE:
1793 error = urb_control_feature_request(pdev, callback, s, RequestId, MessageId, udevman,
1794 0x00, URB_CLEAR_FEATURE, transferDir);
1795 break;
1796
1797 case TS_URB_CLEAR_FEATURE_TO_INTERFACE:
1798 error = urb_control_feature_request(pdev, callback, s, RequestId, MessageId, udevman,
1799 0x01, URB_CLEAR_FEATURE, transferDir);
1800 break;
1801
1802 case TS_URB_CLEAR_FEATURE_TO_ENDPOINT:
1803 error = urb_control_feature_request(pdev, callback, s, RequestId, MessageId, udevman,
1804 0x02, URB_CLEAR_FEATURE, transferDir);
1805 break;
1806
1807 case TS_URB_GET_STATUS_FROM_DEVICE:
1808 error = urb_control_get_status_request(pdev, callback, s, RequestId, MessageId, udevman,
1809 0x00, transferDir);
1810 break;
1811
1812 case TS_URB_GET_STATUS_FROM_INTERFACE:
1813 error = urb_control_get_status_request(pdev, callback, s, RequestId, MessageId, udevman,
1814 0x01, transferDir);
1815 break;
1816
1817 case TS_URB_GET_STATUS_FROM_ENDPOINT:
1818 error = urb_control_get_status_request(pdev, callback, s, RequestId, MessageId, udevman,
1819 0x02, transferDir);
1820 break;
1821
1822 case TS_URB_RESERVED_0X0016:
1823 break;
1824
1825 case TS_URB_VENDOR_DEVICE:
1826 error = urb_control_vendor_or_class_request(pdev, callback, s, RequestId, MessageId,
1827 udevman, (0x02 << 5), /* vendor type */
1828 0x00, transferDir);
1829 break;
1830
1831 case TS_URB_VENDOR_INTERFACE:
1832 error = urb_control_vendor_or_class_request(pdev, callback, s, RequestId, MessageId,
1833 udevman, (0x02 << 5), /* vendor type */
1834 0x01, transferDir);
1835 break;
1836
1837 case TS_URB_VENDOR_ENDPOINT:
1838 error = urb_control_vendor_or_class_request(pdev, callback, s, RequestId, MessageId,
1839 udevman, (0x02 << 5), /* vendor type */
1840 0x02, transferDir);
1841 break;
1842
1843 case TS_URB_CLASS_DEVICE:
1844 error = urb_control_vendor_or_class_request(pdev, callback, s, RequestId, MessageId,
1845 udevman, (0x01 << 5), /* class type */
1846 0x00, transferDir);
1847 break;
1848
1849 case TS_URB_CLASS_INTERFACE:
1850 error = urb_control_vendor_or_class_request(pdev, callback, s, RequestId, MessageId,
1851 udevman, (0x01 << 5), /* class type */
1852 0x01, transferDir);
1853 break;
1854
1855 case TS_URB_CLASS_ENDPOINT:
1856 error = urb_control_vendor_or_class_request(pdev, callback, s, RequestId, MessageId,
1857 udevman, (0x01 << 5), /* class type */
1858 0x02, transferDir);
1859 break;
1860
1861 case TS_URB_RESERVE_0X001D:
1862 break;
1863
1864 case TS_URB_SYNC_RESET_PIPE_AND_CLEAR_STALL:
1865 error = urb_pipe_request(pdev, callback, s, RequestId, MessageId, udevman, transferDir,
1866 PIPE_RESET);
1867 break;
1868
1869 case TS_URB_CLASS_OTHER:
1870 error = urb_control_vendor_or_class_request(pdev, callback, s, RequestId, MessageId,
1871 udevman, (0x01 << 5), /* class type */
1872 0x03, transferDir);
1873 break;
1874
1875 case TS_URB_VENDOR_OTHER:
1876 error = urb_control_vendor_or_class_request(pdev, callback, s, RequestId, MessageId,
1877 udevman, (0x02 << 5), /* vendor type */
1878 0x03, transferDir);
1879 break;
1880
1881 case TS_URB_GET_STATUS_FROM_OTHER:
1882 error = urb_control_get_status_request(pdev, callback, s, RequestId, MessageId, udevman,
1883 0x03, transferDir);
1884 break;
1885
1886 case TS_URB_CLEAR_FEATURE_TO_OTHER:
1887 error = urb_control_feature_request(pdev, callback, s, RequestId, MessageId, udevman,
1888 0x03, URB_CLEAR_FEATURE, transferDir);
1889 break;
1890
1891 case TS_URB_SET_FEATURE_TO_OTHER:
1892 error = urb_control_feature_request(pdev, callback, s, RequestId, MessageId, udevman,
1893 0x03, URB_SET_FEATURE, transferDir);
1894 break;
1895
1896 case TS_URB_GET_DESCRIPTOR_FROM_ENDPOINT:
1897 error = urb_control_descriptor_request(pdev, callback, s, RequestId, MessageId, udevman,
1898 0x02, transferDir);
1899 break;
1900
1901 case TS_URB_SET_DESCRIPTOR_TO_ENDPOINT:
1902 error = urb_control_descriptor_request(pdev, callback, s, RequestId, MessageId, udevman,
1903 0x02, transferDir);
1904 break;
1905
1906 case TS_URB_CONTROL_GET_CONFIGURATION_REQUEST:
1907 error = urb_control_get_configuration_request(pdev, callback, s, RequestId, MessageId,
1908 udevman, transferDir);
1909 break;
1910
1911 case TS_URB_CONTROL_GET_INTERFACE_REQUEST:
1912 error = urb_control_get_interface_request(pdev, callback, s, RequestId, MessageId,
1913 udevman, transferDir);
1914 break;
1915
1916 case TS_URB_GET_DESCRIPTOR_FROM_INTERFACE:
1917 error = urb_control_descriptor_request(pdev, callback, s, RequestId, MessageId, udevman,
1918 0x01, transferDir);
1919 break;
1920
1921 case TS_URB_SET_DESCRIPTOR_TO_INTERFACE:
1922 error = urb_control_descriptor_request(pdev, callback, s, RequestId, MessageId, udevman,
1923 0x01, transferDir);
1924 break;
1925
1926 case TS_URB_GET_OS_FEATURE_DESCRIPTOR_REQUEST:
1927 error = urb_os_feature_descriptor_request(pdev, callback, s, RequestId, MessageId,
1928 udevman, transferDir);
1929 break;
1930
1931 case TS_URB_RESERVE_0X002B:
1932 case TS_URB_RESERVE_0X002C:
1933 case TS_URB_RESERVE_0X002D:
1934 case TS_URB_RESERVE_0X002E:
1935 case TS_URB_RESERVE_0X002F:
1936 break;
1937
1939 case TS_URB_SYNC_RESET_PIPE:
1940 error = urb_pipe_request(pdev, callback, s, RequestId, MessageId, udevman, transferDir,
1941 PIPE_RESET);
1942 break;
1943
1944 case TS_URB_SYNC_CLEAR_STALL:
1945 urb_pipe_request(pdev, callback, s, RequestId, MessageId, udevman, transferDir,
1946 PIPE_RESET);
1947 break;
1948
1949 case TS_URB_CONTROL_TRANSFER_EX:
1950 error = urb_control_transfer(pdev, callback, s, RequestId, MessageId, udevman,
1951 transferDir, URB_CONTROL_TRANSFER_EXTERNAL);
1952 break;
1953
1954 default:
1955 WLog_Print(urbdrc->log, WLOG_DEBUG, "URB_Func: %" PRIx16 " is not found!",
1956 URB_Function);
1957 break;
1958 }
1959
1960 if (error)
1961 {
1962 WLog_Print(urbdrc->log, WLOG_WARN,
1963 "USB transfer request URB Function '%s' [0x%08x] failed with %08" PRIx32,
1964 urb_function_string(URB_Function), URB_Function, error);
1965 }
1966
1967 return error;
1968}
1969
1970UINT urbdrc_process_udev_data_transfer(GENERIC_CHANNEL_CALLBACK* callback, URBDRC_PLUGIN* urbdrc,
1971 IUDEVMAN* udevman, wStream* data)
1972{
1973 UINT32 InterfaceId = 0;
1974 UINT32 MessageId = 0;
1975 UINT32 FunctionId = 0;
1976 IUDEVICE* pdev = NULL;
1977 UINT error = ERROR_INTERNAL_ERROR;
1978
1979 if (!urbdrc || !data || !callback || !udevman)
1980 goto fail;
1981
1982 if (!Stream_CheckAndLogRequiredLength(TAG, data, 8))
1983 goto fail;
1984
1985 Stream_Rewind_UINT32(data);
1986
1987 Stream_Read_UINT32(data, InterfaceId);
1988 Stream_Read_UINT32(data, MessageId);
1989 Stream_Read_UINT32(data, FunctionId);
1990
1991 pdev = udevman->get_udevice_by_UsbDevice(udevman, InterfaceId);
1992
1993 /* Device does not exist, ignore this request. */
1994 if (pdev == NULL)
1995 {
1996 error = ERROR_SUCCESS;
1997 goto fail;
1998 }
1999
2000 /* Device has been removed, ignore this request. */
2001 if (pdev->isChannelClosed(pdev))
2002 {
2003 error = ERROR_SUCCESS;
2004 goto fail;
2005 }
2006
2007 /* USB kernel driver detach!! */
2008 if (!pdev->detach_kernel_driver(pdev))
2009 {
2010 error = ERROR_SUCCESS;
2011 goto fail;
2012 }
2013
2014 switch (FunctionId)
2015 {
2016 case CANCEL_REQUEST:
2017 error = urbdrc_process_cancel_request(pdev, data, udevman);
2018 break;
2019
2020 case REGISTER_REQUEST_CALLBACK:
2021 error = urbdrc_process_register_request_callback(pdev, callback, data, udevman);
2022 break;
2023
2024 case IO_CONTROL:
2025 error = urbdrc_process_io_control(pdev, callback, data, MessageId, udevman);
2026 break;
2027
2028 case INTERNAL_IO_CONTROL:
2029 error = urbdrc_process_internal_io_control(pdev, callback, data, MessageId, udevman);
2030 break;
2031
2032 case QUERY_DEVICE_TEXT:
2033 error = urbdrc_process_query_device_text(pdev, callback, data, MessageId, udevman);
2034 break;
2035
2036 case TRANSFER_IN_REQUEST:
2037 error = urbdrc_process_transfer_request(pdev, callback, data, MessageId, udevman,
2038 USBD_TRANSFER_DIRECTION_IN);
2039 break;
2040
2041 case TRANSFER_OUT_REQUEST:
2042 error = urbdrc_process_transfer_request(pdev, callback, data, MessageId, udevman,
2043 USBD_TRANSFER_DIRECTION_OUT);
2044 break;
2045
2046 case RETRACT_DEVICE:
2047 error = urbdrc_process_retract_device_request(pdev, data, udevman);
2048 break;
2049
2050 default:
2051 WLog_Print(urbdrc->log, WLOG_WARN,
2052 "urbdrc_process_udev_data_transfer:"
2053 " unknown FunctionId 0x%" PRIX32 "",
2054 FunctionId);
2055 break;
2056 }
2057
2058fail:
2059 if (error)
2060 {
2061 WLog_WARN(TAG, "USB request failed with %08" PRIx32, error);
2062 }
2063
2064 return error;
2065}
GENERIC_CHANNEL_CALLBACK
Definition include/freerdp/client/channels.h:35
MSUSB_CONFIG_DESCRIPTOR
Definition msusb.h:55
MSUSB_INTERFACE_DESCRIPTOR
Definition msusb.h:40
URBDRC_PLUGIN
Definition urbdrc_main.h:57