|
|
/*++
Copyright (c) 1996-2001 Microsoft Corporation
Module Name:
SCSI.C
Abstract:
This source file contains the dispatch routines which handle:
IRP_MJ_DEVICE_CONTROL IRP_MJ_SCSI
Environment:
kernel mode
Revision History:
06-01-98 : started rewrite
--*/
//*****************************************************************************
// I N C L U D E S
//*****************************************************************************
#include <ntddk.h>
#include <usbdi.h>
#include <usbdlib.h>
#include <ntddscsi.h>
#include <ntddstor.h>
#include "usbmass.h"
//*****************************************************************************
// L O C A L F U N C T I O N P R O T O T Y P E S
//*****************************************************************************
NTSTATUSUSBSTOR_QueryProperty ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp );
NTSTATUSUSBSTOR_BuildDeviceDescriptor ( IN PDEVICE_OBJECT DeviceObject, IN PSTORAGE_DEVICE_DESCRIPTOR Descriptor, IN OUT PULONG DescriptorLength );
NTSTATUSUSBSTOR_BuildAdapterDescriptor ( IN PDEVICE_OBJECT DeviceObject, IN PSTORAGE_DEVICE_DESCRIPTOR Descriptor, IN OUT PULONG DescriptorLength );
NTSTATUSUSBSTOR_SendPassThrough ( IN PDEVICE_OBJECT DeviceObject, IN PIRP RequestIrp );
#if defined (_WIN64)
NTSTATUSUSBSTOR_TranslatePassThrough32To64( IN PSCSI_PASS_THROUGH32 SrbControl32, IN OUT PSCSI_PASS_THROUGH SrbControl64 );
VOIDUSBSTOR_TranslatePassThrough64To32( IN PSCSI_PASS_THROUGH SrbControl64, IN OUT PSCSI_PASS_THROUGH32 SrbControl32 );
#endif
VOIDUSBSTOR_CancelIo ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp );
//
// CBI (Control/Bulk/Interrupt) Routines
//
NTSTATUSUSBSTOR_IssueClientCdb ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp );
NTSTATUSUSBSTOR_ClientCdbCompletion ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID NotUsed );
NTSTATUSUSBSTOR_IssueClientBulkRequest ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp );
NTSTATUSUSBSTOR_ClientBulkCompletionRoutine ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID NotUsed );
NTSTATUSUSBSTOR_IssueInterruptRequest ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp );
NTSTATUSUSBSTOR_InterruptDataCompletionRoutine ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID NotUsed );
NTSTATUSUSBSTOR_IssueRequestSenseCdb ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN ULONG_PTR AutoFlag );
NTSTATUSUSBSTOR_RequestSenseCdbCompletion ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID AutoFlag );
NTSTATUSUSBSTOR_IssueRequestSenseBulkRequest ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN ULONG_PTR AutoFlag );
NTSTATUSUSBSTOR_SenseDataCompletionRoutine ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID AutoFlag );
NTSTATUSUSBSTOR_IssueRequestSenseInterruptRequest ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN ULONG_PTR AutoFlag );
NTSTATUSUSBSTOR_RequestSenseInterruptCompletionRoutine ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID AutoFlag );
NTSTATUSUSBSTOR_ProcessRequestSenseCompletion ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN ULONG_PTR AutoFlag );
VOIDUSBSTOR_QueueResetPipe ( IN PDEVICE_OBJECT DeviceObject );
VOIDUSBSTOR_ResetPipeWorkItem ( IN PDEVICE_OBJECT DeviceObject, IN PVOID Context );
//
// Bulk-Only Routines
//
NTSTATUSUSBSTOR_CbwTransfer ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp );
NTSTATUSUSBSTOR_CbwCompletion ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID NotUsed );
NTSTATUSUSBSTOR_DataTransfer ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp );
NTSTATUSUSBSTOR_DataCompletion ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID NotUsed );
NTSTATUSUSBSTOR_CswTransfer ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp );
NTSTATUSUSBSTOR_CswCompletion ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID NotUsed );
NTSTATUSUSBSTOR_IssueRequestSense ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp );
VOIDUSBSTOR_BulkQueueResetPipe ( IN PDEVICE_OBJECT DeviceObject );
VOIDUSBSTOR_BulkResetPipeWorkItem ( IN PDEVICE_OBJECT DeviceObject, IN PVOID Context );
//
// CBI / Bulk-Only Common Routines
//
VOIDUSBSTOR_QueueResetDevice ( IN PDEVICE_OBJECT DeviceObject );
VOIDUSBSTOR_ResetDeviceWorkItem ( IN PDEVICE_OBJECT DeviceObject, IN PVOID Context );
NTSTATUSUSBSTOR_IsDeviceConnected ( IN PDEVICE_OBJECT DeviceObject );
NTSTATUSUSBSTOR_ResetDevice ( IN PDEVICE_OBJECT DeviceObject );
NTSTATUSUSBSTOR_IssueInternalCdb ( PDEVICE_OBJECT DeviceObject, PVOID DataBuffer, PULONG DataTransferLength, PCDB Cdb, UCHAR CdbLength, ULONG TimeOutValue );
#ifdef ALLOC_PRAGMA
#pragma alloc_text(PAGE, USBSTOR_DeviceControl)
#pragma alloc_text(PAGE, USBSTOR_QueryProperty)
#pragma alloc_text(PAGE, USBSTOR_BuildDeviceDescriptor)
#pragma alloc_text(PAGE, USBSTOR_BuildAdapterDescriptor)
#pragma alloc_text(PAGE, USBSTOR_SendPassThrough)
#if defined (_WIN64)
#pragma alloc_text(PAGE, USBSTOR_TranslatePassThrough32To64)
#pragma alloc_text(PAGE, USBSTOR_TranslatePassThrough64To32)
#endif
#pragma alloc_text(PAGE, USBSTOR_IssueInternalCdb)
#pragma alloc_text(PAGE, USBSTOR_GetInquiryData)
#pragma alloc_text(PAGE, USBSTOR_IsFloppyDevice)
#endif
//******************************************************************************
//
// USBSTOR_DeviceControl()
//
// Dispatch routine which handles IRP_MJ_DEVICE_CONTROL
//
//******************************************************************************
NTSTATUSUSBSTOR_DeviceControl ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ){ PDEVICE_EXTENSION deviceExtension; PIO_STACK_LOCATION irpStack; ULONG ioControlCode; NTSTATUS ntStatus;
PAGED_CODE();
DBGPRINT(2, ("enter: USBSTOR_DeviceControl\n"));
//LOGENTRY('IOCT', DeviceObject, Irp, 0);
DBGFBRK(DBGF_BRK_IOCTL);
deviceExtension = DeviceObject->DeviceExtension;
// Only the PDO should handle these ioctls
//
if (deviceExtension->Type == USBSTOR_DO_TYPE_PDO) { PFDO_DEVICE_EXTENSION fdoDeviceExtension;
fdoDeviceExtension = ((PPDO_DEVICE_EXTENSION)deviceExtension)->ParentFDO->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
irpStack = IoGetCurrentIrpStackLocation(Irp);
ioControlCode = irpStack->Parameters.DeviceIoControl.IoControlCode;
switch (ioControlCode) { case IOCTL_STORAGE_QUERY_PROPERTY: ntStatus = USBSTOR_QueryProperty(DeviceObject, Irp); break;
case IOCTL_SCSI_PASS_THROUGH: case IOCTL_SCSI_PASS_THROUGH_DIRECT:
ntStatus = USBSTOR_SendPassThrough(DeviceObject, Irp);
Irp->IoStatus.Status = ntStatus; IoCompleteRequest(Irp, IO_NO_INCREMENT); break;
case IOCTL_SCSI_GET_ADDRESS: // XXXXX
DBGPRINT(2, ("IOCTL_SCSI_GET_ADDRESS\n")); goto IoctlNotSupported;
case IOCTL_STORAGE_GET_MEDIA_SERIAL_NUMBER: //
// Pass the Irp down the stack
//
IoSkipCurrentIrpStackLocation(Irp);
ntStatus = IoCallDriver(fdoDeviceExtension->StackDeviceObject, Irp); break;
default:IoctlNotSupported: // Maybe we can just ignore these. Print debug info
// for now so we know what IOCTLs that we've seen so
// far that we fail.
//
DBGPRINT(2, ("ioControlCode not supported 0x%08X\n", ioControlCode));
DBGFBRK(DBGF_BRK_IOCTL);
ntStatus = STATUS_NOT_SUPPORTED; Irp->IoStatus.Status = ntStatus; IoCompleteRequest(Irp, IO_NO_INCREMENT); break; } } else { ASSERT(deviceExtension->Type == USBSTOR_DO_TYPE_FDO);
DBGPRINT(2, ("ioctl not supported for FDO\n"));
ntStatus = STATUS_NOT_SUPPORTED; Irp->IoStatus.Status = ntStatus; IoCompleteRequest(Irp, IO_NO_INCREMENT); }
DBGPRINT(2, ("exit: USBSTOR_DeviceControl %08X\n", ntStatus));
//LOGENTRY('ioct', ntStatus, 0, 0);
return ntStatus;}
//******************************************************************************
//
// USBSTOR_QueryProperty()
//
// Dispatch routine which handles IRP_MJ_DEVICE_CONTROL,
// IOCTL_STORAGE_QUERY_PROPERTY for the PDO
//
//******************************************************************************
NTSTATUSUSBSTOR_QueryProperty ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ){ PIO_STACK_LOCATION irpStack; PSTORAGE_PROPERTY_QUERY query; ULONG inputLength; ULONG outputLength; NTSTATUS ntStatus;
PAGED_CODE();
DBGPRINT(2, ("enter: USBSTOR_QueryProperty\n"));
irpStack = IoGetCurrentIrpStackLocation(Irp);
query = Irp->AssociatedIrp.SystemBuffer;
inputLength = irpStack->Parameters.DeviceIoControl.InputBufferLength;
outputLength = irpStack->Parameters.DeviceIoControl.OutputBufferLength;
if (inputLength < sizeof(STORAGE_PROPERTY_QUERY)) { ntStatus = STATUS_INVALID_PARAMETER; // Bad InputBufferLength
outputLength = 0; goto USBSTOR_QueryPropertyDone; }
switch (query->PropertyId) { case StorageDeviceProperty:
switch (query->QueryType) { case PropertyExistsQuery: ntStatus = STATUS_SUCCESS; outputLength = 0; break;
case PropertyStandardQuery: ntStatus = USBSTOR_BuildDeviceDescriptor( DeviceObject, Irp->AssociatedIrp.SystemBuffer, &outputLength); break;
default: ntStatus = STATUS_INVALID_PARAMETER_2; // Bad QueryType
outputLength = 0; break;
} break;
case StorageAdapterProperty:
switch (query->QueryType) { case PropertyExistsQuery: ntStatus = STATUS_SUCCESS; outputLength = 0; break;
case PropertyStandardQuery: ntStatus = USBSTOR_BuildAdapterDescriptor( DeviceObject, Irp->AssociatedIrp.SystemBuffer, &outputLength); break;
default: ntStatus = STATUS_INVALID_PARAMETER_2; // Bad QueryType
outputLength = 0; break;
} break;
default:
ntStatus = STATUS_INVALID_PARAMETER_1; // Bad PropertyId
outputLength = 0; break; }
USBSTOR_QueryPropertyDone:
Irp->IoStatus.Status = ntStatus; Irp->IoStatus.Information = outputLength;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
DBGPRINT(2, ("exit: USBSTOR_QueryProperty %08X\n", ntStatus));
return ntStatus;}
//******************************************************************************
//
// USBSTOR_BuildDeviceDescriptor()
//
//******************************************************************************
NTSTATUSUSBSTOR_BuildDeviceDescriptor ( IN PDEVICE_OBJECT DeviceObject, IN PSTORAGE_DEVICE_DESCRIPTOR Descriptor, IN OUT PULONG DescriptorLength ){ PPDO_DEVICE_EXTENSION pdoDeviceExtension; PINQUIRYDATA inquiryData; LONG inquiryLength; STORAGE_DEVICE_DESCRIPTOR localDescriptor; PUCHAR currentOffset; LONG bytesRemaining;
PAGED_CODE();
DBGPRINT(2, ("enter: USBSTOR_BuildDeviceDescriptor\n"));
// Get a pointer to our Inquiry data
//
pdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(pdoDeviceExtension->Type == USBSTOR_DO_TYPE_PDO);
inquiryData = (PINQUIRYDATA)pdoDeviceExtension->InquiryDataBuffer;
// inquiryLength = 5 + inquiryData->AdditionalLength;
//
// if (inquiryLength > INQUIRYDATABUFFERSIZE)
// {
// inquiryLength = INQUIRYDATABUFFERSIZE;
// }
//
// Just return whatever we got from the device and leave it up to
// whoever looks at this information to decide how much is valid.
//
inquiryLength = sizeof(pdoDeviceExtension->InquiryDataBuffer);
// Zero initialize the output buffer
//
RtlZeroMemory(Descriptor, *DescriptorLength);
// Build the temp local descriptor
//
RtlZeroMemory(&localDescriptor, sizeof(localDescriptor));
localDescriptor.Version = sizeof(localDescriptor);
localDescriptor.Size = FIELD_OFFSET(STORAGE_DEVICE_DESCRIPTOR, RawDeviceProperties) + inquiryLength + sizeof(inquiryData->VendorId) + 1 + sizeof(inquiryData->ProductId) + 1 + sizeof(inquiryData->ProductRevisionLevel) + 1;
localDescriptor.DeviceType = inquiryData->DeviceType; localDescriptor.DeviceTypeModifier = inquiryData->DeviceTypeModifier; localDescriptor.RemovableMedia = inquiryData->RemovableMedia;
localDescriptor.BusType = BusTypeUsb;
// Start copying as much data as will fit in the output buffer
//
currentOffset = (PUCHAR)Descriptor; bytesRemaining = *DescriptorLength;
// First copy the temp local descriptor
//
RtlCopyMemory(currentOffset, &localDescriptor, min(bytesRemaining, FIELD_OFFSET(STORAGE_DEVICE_DESCRIPTOR, RawDeviceProperties)));
bytesRemaining -= FIELD_OFFSET(STORAGE_DEVICE_DESCRIPTOR, RawDeviceProperties);
if (bytesRemaining <= 0) { return STATUS_SUCCESS; }
// This should advance us to RawDeviceProperties[0]
//
currentOffset += FIELD_OFFSET(STORAGE_DEVICE_DESCRIPTOR, RawDeviceProperties);
// Next copy the Inquiry data
//
Descriptor->RawPropertiesLength = min(bytesRemaining, inquiryLength);
RtlCopyMemory(currentOffset, inquiryData, Descriptor->RawPropertiesLength);
bytesRemaining -= inquiryLength;
if (bytesRemaining <= 0) { return STATUS_SUCCESS; }
currentOffset += inquiryLength;
// Now copy the Vendor Id
//
RtlCopyMemory(currentOffset, inquiryData->VendorId, min(bytesRemaining, sizeof(inquiryData->VendorId)));
bytesRemaining -= sizeof(inquiryData->VendorId) + 1; // include null
if (bytesRemaining >= 0) { Descriptor->VendorIdOffset = (ULONG)((ULONG_PTR) currentOffset - (ULONG_PTR) Descriptor); }
if (bytesRemaining <= 0) { return STATUS_SUCCESS; }
currentOffset += sizeof(inquiryData->VendorId) + 1;
// Now copy the Product Id
//
RtlCopyMemory(currentOffset, inquiryData->ProductId, min(bytesRemaining, sizeof(inquiryData->ProductId)));
bytesRemaining -= sizeof(inquiryData->ProductId) + 1; // include null
if (bytesRemaining >= 0) { Descriptor->ProductIdOffset = (ULONG)((ULONG_PTR) currentOffset - (ULONG_PTR) Descriptor); }
if (bytesRemaining <= 0) { return STATUS_SUCCESS; }
currentOffset += sizeof(inquiryData->ProductId) + 1;
// And finally copy the Product Revision Level
//
RtlCopyMemory(currentOffset, inquiryData->ProductRevisionLevel, min(bytesRemaining, sizeof(inquiryData->ProductRevisionLevel)));
bytesRemaining -= sizeof(inquiryData->ProductRevisionLevel) + 1; // include null
if (bytesRemaining >= 0) { Descriptor->ProductRevisionOffset = (ULONG)((ULONG_PTR) currentOffset - (ULONG_PTR) Descriptor); }
if (bytesRemaining <= 0) { return STATUS_SUCCESS; }
*DescriptorLength -= bytesRemaining;
return STATUS_SUCCESS;}
//******************************************************************************
//
// USBSTOR_BuildAdapterDescriptor()
//
//******************************************************************************
NTSTATUSUSBSTOR_BuildAdapterDescriptor ( IN PDEVICE_OBJECT DeviceObject, IN PSTORAGE_DEVICE_DESCRIPTOR Descriptor, IN OUT PULONG DescriptorLength ){ PPDO_DEVICE_EXTENSION pdoDeviceExtension; PFDO_DEVICE_EXTENSION fdoDeviceExtension; STORAGE_ADAPTER_DESCRIPTOR localDescriptor; NTSTATUS ntStatus;
PAGED_CODE();
DBGPRINT(2, ("enter: USBSTOR_BuildAdapterDescriptor\n"));
pdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(pdoDeviceExtension->Type == USBSTOR_DO_TYPE_PDO);
fdoDeviceExtension = pdoDeviceExtension->ParentFDO->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
localDescriptor.Version = sizeof(localDescriptor); localDescriptor.Size = sizeof(localDescriptor);
localDescriptor.MaximumTransferLength = USBSTOR_MAX_TRANSFER_SIZE; localDescriptor.MaximumPhysicalPages = USBSTOR_MAX_TRANSFER_PAGES; localDescriptor.AlignmentMask = 0; localDescriptor.AdapterUsesPio = FALSE; localDescriptor.AdapterScansDown = FALSE; localDescriptor.CommandQueueing = FALSE; localDescriptor.AcceleratedTransfer = FALSE;
localDescriptor.BusType = BusTypeUsb;
localDescriptor.BusMajorVersion = fdoDeviceExtension->DeviceIsHighSpeed ? 2 : 1;
localDescriptor.BusMinorVersion = 0;
if (*DescriptorLength > localDescriptor.Size) { *DescriptorLength = localDescriptor.Size; }
RtlCopyMemory(Descriptor, &localDescriptor, *DescriptorLength);
ntStatus = STATUS_SUCCESS;
DBGPRINT(2, ("exit: USBSTOR_BuildAdapterDescriptor %08X\n", ntStatus));
return ntStatus;}
//******************************************************************************
//
// USBSTOR_SendPassThrough()
//
// This routine handles IOCTL_SCSI_PASS_THROUGH requests.
// It creates an Irp/Srb which is processed normally by the port driver.
// This call is synchornous.
//
// (This routine borrowed from ATAPI.SYS)
//
//******************************************************************************
NTSTATUSUSBSTOR_SendPassThrough ( IN PDEVICE_OBJECT DeviceObject, IN PIRP RequestIrp ){ PPDO_DEVICE_EXTENSION pdoDeviceExtension; PIRP irp; PIO_STACK_LOCATION irpStack; PSCSI_PASS_THROUGH srbControl; PVOID srbBuffer; SCSI_REQUEST_BLOCK srb; KEVENT event; LARGE_INTEGER startingOffset; IO_STATUS_BLOCK ioStatusBlock; ULONG outputLength; ULONG length; ULONG bufferOffset; PVOID buffer; PVOID endByte; PVOID senseBuffer; UCHAR majorCode;
#if defined (_WIN64)
PSCSI_PASS_THROUGH32 srbControl32 = NULL; SCSI_PASS_THROUGH srbControl64;#endif
NTSTATUS status;
PAGED_CODE();
DBGPRINT(2, ("enter: USBSTOR_SendPassThrough\n"));
pdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(pdoDeviceExtension->Type == USBSTOR_DO_TYPE_PDO);
startingOffset.QuadPart = (LONGLONG)1;
// Get a pointer to the control block.
//
irpStack = IoGetCurrentIrpStackLocation(RequestIrp); srbControl = RequestIrp->AssociatedIrp.SystemBuffer;
// Save the original srbControl to use as a buffer pointer in the
// case where the srbControl is replaced with a 32->64 bit
// translated version.
//
srbBuffer = (PVOID) srbControl;
// Validiate the user buffer.
//
#if defined (_WIN64)
if (IoIs32bitProcess(RequestIrp)) { if (irpStack->Parameters.DeviceIoControl.InputBufferLength < sizeof(SCSI_PASS_THROUGH32)) { return STATUS_INVALID_PARAMETER; }
srbControl32 = RequestIrp->AssociatedIrp.SystemBuffer;
status = USBSTOR_TranslatePassThrough32To64(srbControl32, &srbControl64);
if (!NT_SUCCESS(status)) { return status; }
srbControl = &srbControl64;
} else {#endif
if (irpStack->Parameters.DeviceIoControl.InputBufferLength < sizeof(SCSI_PASS_THROUGH)) { return STATUS_INVALID_PARAMETER; }
if (srbControl->Length != sizeof(SCSI_PASS_THROUGH) && srbControl->Length != sizeof(SCSI_PASS_THROUGH_DIRECT)) { return STATUS_REVISION_MISMATCH; }
#if defined (_WIN64)
}#endif
outputLength = irpStack->Parameters.DeviceIoControl.OutputBufferLength;
// Validate the rest of the buffer parameters.
//
if (srbControl->CdbLength > 16) { return STATUS_INVALID_PARAMETER; }
if (srbControl->SenseInfoLength != 0 && (srbControl->Length > srbControl->SenseInfoOffset || (srbControl->SenseInfoOffset + srbControl->SenseInfoLength > srbControl->DataBufferOffset && srbControl->DataTransferLength != 0))) { return STATUS_INVALID_PARAMETER; }
majorCode = !srbControl->DataIn ? IRP_MJ_WRITE : IRP_MJ_READ;
if (srbControl->DataTransferLength == 0) { length = 0; buffer = NULL; bufferOffset = 0; majorCode = IRP_MJ_FLUSH_BUFFERS;
} else if ((srbControl->DataBufferOffset > outputLength) && (srbControl->DataBufferOffset > irpStack->Parameters.DeviceIoControl.InputBufferLength)) { // The data buffer offset is greater than system buffer. Assume this
// is a user mode address.
//
if ((srbControl->SenseInfoOffset + srbControl->SenseInfoLength > outputLength) && srbControl->SenseInfoLength) { return STATUS_INVALID_PARAMETER; }
length = srbControl->DataTransferLength; buffer = (PCHAR) srbControl->DataBufferOffset; bufferOffset = 0;
// make sure the user buffer is valid
//
if (RequestIrp->RequestorMode != KernelMode) { if (length) { endByte = (PVOID)((PCHAR)buffer + length - 1);
if (buffer >= endByte) { return STATUS_INVALID_USER_BUFFER; } } } } else { if (srbControl->DataIn != SCSI_IOCTL_DATA_IN) { if (((srbControl->SenseInfoOffset + srbControl->SenseInfoLength > outputLength) && srbControl->SenseInfoLength != 0) || (srbControl->DataBufferOffset + srbControl->DataTransferLength > irpStack->Parameters.DeviceIoControl.InputBufferLength) || (srbControl->Length > srbControl->DataBufferOffset)) { return STATUS_INVALID_PARAMETER; } }
if (srbControl->DataIn) { if ((srbControl->DataBufferOffset + srbControl->DataTransferLength > outputLength) || (srbControl->Length > srbControl->DataBufferOffset)) { return STATUS_INVALID_PARAMETER; } }
length = (ULONG)srbControl->DataBufferOffset + srbControl->DataTransferLength;
// Buffer base is the original srbControl, not the 32->64 bit
// translated srbControl.
//
buffer = (PUCHAR) srbBuffer;
bufferOffset = (ULONG)srbControl->DataBufferOffset; }
// Validate that the request isn't too large for the miniport.
//
if (srbControl->DataTransferLength && ((ADDRESS_AND_SIZE_TO_SPAN_PAGES( (PUCHAR)buffer+bufferOffset, srbControl->DataTransferLength ) > USBSTOR_MAX_TRANSFER_PAGES) || (USBSTOR_MAX_TRANSFER_SIZE < srbControl->DataTransferLength))) { return STATUS_INVALID_PARAMETER; }
if (srbControl->TimeOutValue == 0 || srbControl->TimeOutValue > 30 * 60 * 60) { return STATUS_INVALID_PARAMETER; }
//
// Check for illegal command codes.
//
if (srbControl->Cdb[0] == SCSIOP_COPY || srbControl->Cdb[0] == SCSIOP_COMPARE || srbControl->Cdb[0] == SCSIOP_COPY_COMPARE) { return STATUS_INVALID_DEVICE_REQUEST; }
// If this request came through a normal device control rather than from
// class driver then the device must exist and be unclaimed. Class drivers
// will set the minor function code for the device control. It is always
// zero for a user request.
//
if (irpStack->MinorFunction == 0 && pdoDeviceExtension->Claimed) { return STATUS_INVALID_PARAMETER; }
// Allocate an aligned request sense buffer.
//
if (srbControl->SenseInfoLength != 0) { senseBuffer = ExAllocatePoolWithTag(NonPagedPoolCacheAligned, srbControl->SenseInfoLength, POOL_TAG); if (senseBuffer == NULL) { return STATUS_INSUFFICIENT_RESOURCES; } } else { senseBuffer = NULL; }
//
// Initialize the notification event.
//
KeInitializeEvent(&event, NotificationEvent, FALSE);
// Build IRP for this request.
// Note we do this synchronously for two reasons. If it was done
// asynchonously then the completion code would have to make a special
// check to deallocate the buffer. Second if a completion routine were
// used then an addation stack locate would be needed.
//
try { irp = IoBuildSynchronousFsdRequest( majorCode, DeviceObject, buffer, length, &startingOffset, &event, &ioStatusBlock);
} except(EXCEPTION_EXECUTE_HANDLER) { // An exception was incurred while attempting to probe the
// caller's parameters. Dereference the file object and return
// an appropriate error status code.
//
if (senseBuffer != NULL) { ExFreePool(senseBuffer); }
return GetExceptionCode(); }
if (irp == NULL) { if (senseBuffer != NULL) { ExFreePool(senseBuffer); }
return STATUS_INSUFFICIENT_RESOURCES; }
irpStack = IoGetNextIrpStackLocation(irp);
// Set major code.
//
irpStack->MajorFunction = IRP_MJ_SCSI; irpStack->MinorFunction = 1;
// Fill in SRB fields.
//
irpStack->Parameters.Others.Argument1 = &srb;
// Zero out the srb.
//
RtlZeroMemory(&srb, sizeof(SCSI_REQUEST_BLOCK));
// Fill in the srb.
//
srb.Length = SCSI_REQUEST_BLOCK_SIZE; srb.Function = SRB_FUNCTION_EXECUTE_SCSI; srb.SrbStatus = SRB_STATUS_PENDING; srb.CdbLength = srbControl->CdbLength; srb.SenseInfoBufferLength = srbControl->SenseInfoLength;
switch (srbControl->DataIn) { case SCSI_IOCTL_DATA_OUT: if (srbControl->DataTransferLength) { srb.SrbFlags = SRB_FLAGS_DATA_OUT; } break;
case SCSI_IOCTL_DATA_IN: if (srbControl->DataTransferLength) { srb.SrbFlags = SRB_FLAGS_DATA_IN; } break;
default: srb.SrbFlags = SRB_FLAGS_DATA_IN | SRB_FLAGS_DATA_OUT; break; }
if (srbControl->DataTransferLength == 0) { srb.SrbFlags = 0; } else { // Flush the data buffer for output. This will insure that the data is
// written back to memory.
//
KeFlushIoBuffers(irp->MdlAddress, FALSE, TRUE); }
srb.DataTransferLength = srbControl->DataTransferLength; srb.TimeOutValue = srbControl->TimeOutValue; srb.DataBuffer = (PCHAR) buffer + bufferOffset; srb.SenseInfoBuffer = senseBuffer; srb.OriginalRequest = irp; RtlCopyMemory(srb.Cdb, srbControl->Cdb, srbControl->CdbLength);
// Call port driver to handle this request.
//
status = IoCallDriver(DeviceObject, irp);
// Wait for request to complete.
//
if (status == STATUS_PENDING) { KeWaitForSingleObject(&event, Executive, KernelMode, FALSE, NULL); } else { ioStatusBlock.Status = status; }
// Copy the returned values from the srb to the control structure.
//
srbControl->ScsiStatus = srb.ScsiStatus;
if (srb.SrbStatus & SRB_STATUS_AUTOSENSE_VALID) { // Set the status to success so that the data is returned.
//
ioStatusBlock.Status = STATUS_SUCCESS; srbControl->SenseInfoLength = srb.SenseInfoBufferLength;
// Copy the sense data to the system buffer.
//
RtlCopyMemory((PUCHAR) srbBuffer + srbControl->SenseInfoOffset, senseBuffer, srb.SenseInfoBufferLength); } else { srbControl->SenseInfoLength = 0; }
// Free the sense buffer.
//
if (senseBuffer != NULL) { ExFreePool(senseBuffer); }
// If the srb status is buffer underrun then set the status to success.
// This insures that the data will be returned to the caller.
//
if (SRB_STATUS(srb.SrbStatus) == SRB_STATUS_DATA_OVERRUN) { ioStatusBlock.Status = STATUS_SUCCESS; }
srbControl->DataTransferLength = srb.DataTransferLength;
// Set the information length
//
if (!srbControl->DataIn || bufferOffset == 0) {
RequestIrp->IoStatus.Information = srbControl->SenseInfoOffset + srbControl->SenseInfoLength; } else { RequestIrp->IoStatus.Information = srbControl->DataBufferOffset + srbControl->DataTransferLength; }
#if defined (_WIN64)
if (srbControl32 != NULL) { USBSTOR_TranslatePassThrough64To32(srbControl, srbControl32); }#endif
RequestIrp->IoStatus.Status = ioStatusBlock.Status;
DBGPRINT(2, ("exit: USBSTOR_SendPassThrough %08X\n", ioStatusBlock.Status));
return ioStatusBlock.Status;}
#if defined (_WIN64)
//******************************************************************************
//
// USBSTOR_TranslatePassThrough32To64()
//
// Translates a SCSI_PASS_THROUGH32 request from a 32-bit client into
// the equivalent 64-bit version.
//
//******************************************************************************
NTSTATUSUSBSTOR_TranslatePassThrough32To64( IN PSCSI_PASS_THROUGH32 SrbControl32, IN OUT PSCSI_PASS_THROUGH SrbControl64 ){ if (SrbControl32->Length != sizeof(SCSI_PASS_THROUGH32) && SrbControl32->Length != sizeof(SCSI_PASS_THROUGH_DIRECT32)) { return(STATUS_REVISION_MISMATCH); }
//
// Copy the first set of fields out of the 32-bit structure. These
// fields all line up between the 32 & 64 bit versions.
//
// Note that we do NOT adjust the length in the srbControl. This is to
// allow the calling routine to compare the length of the actual
// control area against the offsets embedded within. If we adjusted the
// length then requests with the sense area backed against the control
// area would be rejected because the 64-bit control area is 4 bytes
// longer.
//
RtlCopyMemory(SrbControl64, SrbControl32, FIELD_OFFSET(SCSI_PASS_THROUGH, DataBufferOffset));
//
// Copy over the CDB.
//
RtlCopyMemory(SrbControl64->Cdb, SrbControl32->Cdb, 16*sizeof(UCHAR) );
//
// copy the fields that follow the ULONG_PTR
//
SrbControl64->DataBufferOffset = (ULONG_PTR) SrbControl32->DataBufferOffset; SrbControl64->SenseInfoOffset = SrbControl32->SenseInfoOffset;
return STATUS_SUCCESS;}
//******************************************************************************
//
// USBSTOR_TranslatePassThrough64To32()
//
// Inverse of USBSTOR_TranslatePassThrough32To64() to translate the
// results back to a 32-bit client.
//
//******************************************************************************
VOIDUSBSTOR_TranslatePassThrough64To32( IN PSCSI_PASS_THROUGH SrbControl64, IN OUT PSCSI_PASS_THROUGH32 SrbControl32 ){ //
// Copy back the fields through the data offsets.
//
RtlCopyMemory(SrbControl32, SrbControl64, FIELD_OFFSET(SCSI_PASS_THROUGH, DataBufferOffset)); return;}
#endif
//******************************************************************************
//
// IsRequestValid()
//
// Validates IRP_MJ_SCSI SRB_FUNCTION_EXECUTE_SCSI requests against
// assumptions made later when processing the Srb.
//
//******************************************************************************
BOOLEANIsRequestValid ( IN PIRP Irp ){ PIO_STACK_LOCATION irpStack; PSCSI_REQUEST_BLOCK srb; BOOLEAN result;
irpStack = IoGetCurrentIrpStackLocation(Irp);
srb = irpStack->Parameters.Scsi.Srb;
// Default return value unless a problem is found.
//
result = TRUE;
// Note: SRB_FLAGS_UNSPECIFIED_DIRECTION is defined as
// (SRB_FLAGS_DATA_IN | SRB_FLAGS_DATA_OUT)
if ((srb->SrbFlags & SRB_FLAGS_UNSPECIFIED_DIRECTION) == 0) {
// Neither SRB_FLAGS_DATA_IN nor SRB_FLAGS_DATA_IN is set.
// A transfer buffer should not be specified.
if (srb->DataTransferLength || srb->DataBuffer || Irp->MdlAddress) {
result = FALSE; }
} else if ((srb->SrbFlags & SRB_FLAGS_UNSPECIFIED_DIRECTION) == SRB_FLAGS_UNSPECIFIED_DIRECTION) {
// Both SRB_FLAGS_DATA_IN and SRB_FLAGS_DATA_IN are set.
// We don't currently have a way to resolve this.
result = FALSE;
} else {
// Either SRB_FLAGS_DATA_IN or SRB_FLAGS_DATA_IN is set.
// A transfer buffer should be specified.
if (!srb->DataTransferLength || srb->DataTransferLength > USBSTOR_MAX_TRANSFER_SIZE || //!srb->DataBuffer ||
!Irp->MdlAddress) {
result = FALSE; } }
if (!result) {
DBGPRINT(1, ("SrbFlags %08X, DataTransferLength %08X, " "DataBuffer %08X, MdlAddress %08X\n", srb->SrbFlags, srb->DataTransferLength, srb->DataBuffer, Irp->MdlAddress));
DBGPRINT(1, ("Irp %08X, Srb %08X\n", Irp, srb));
DBGFBRK(DBGF_BRK_INVALID_REQ); }
return result;}
//******************************************************************************
//
// USBSTOR_Scsi()
//
// Dispatch routine which handles IRP_MJ_SCSI
//
//******************************************************************************
NTSTATUSUSBSTOR_Scsi ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ){ PDEVICE_EXTENSION deviceExtension; PPDO_DEVICE_EXTENSION pdoDeviceExtension; PIO_STACK_LOCATION irpStack; PSCSI_REQUEST_BLOCK srb; KIRQL irql; NTSTATUS ntStatus;
DBGPRINT(3, ("enter: USBSTOR_Scsi\n"));
DBGFBRK(DBGF_BRK_SCSI);
deviceExtension = DeviceObject->DeviceExtension;
// Only the PDO should handle IRP_MJ_SCSI
//
if (deviceExtension->Type == USBSTOR_DO_TYPE_PDO) { pdoDeviceExtension = DeviceObject->DeviceExtension;
irpStack = IoGetCurrentIrpStackLocation(Irp);
srb = irpStack->Parameters.Scsi.Srb;
LOGENTRY('SCSI', DeviceObject, Irp, srb->Function);
switch (srb->Function) { case SRB_FUNCTION_EXECUTE_SCSI:
DBGPRINT(3, ("SRB_FUNCTION_EXECUTE_SCSI\n"));
// XXXXX check STOP / REMOVE flags
// XXXXX check SRB_FLAGS_BYPASS_LOCKED_QUEUE flag
if (IsRequestValid(Irp)) { srb->SrbStatus = SRB_STATUS_PENDING;
IoMarkIrpPending(Irp);
IoStartPacket(pdoDeviceExtension->ParentFDO, Irp, &srb->QueueSortKey, USBSTOR_CancelIo);
ntStatus = STATUS_PENDING; } else { ntStatus = STATUS_INVALID_PARAMETER; } break;
case SRB_FUNCTION_FLUSH:
DBGPRINT(2, ("SRB_FUNCTION_FLUSH\n"));
ntStatus = STATUS_SUCCESS; srb->SrbStatus = SRB_STATUS_SUCCESS; break;
case SRB_FUNCTION_CLAIM_DEVICE:
DBGPRINT(2, ("SRB_FUNCTION_CLAIM_DEVICE\n"));
//KeAcquireSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock,
// &irql);
{ if (pdoDeviceExtension->Claimed) { ntStatus = STATUS_DEVICE_BUSY; srb->SrbStatus = SRB_STATUS_BUSY; } else { pdoDeviceExtension->Claimed = TRUE; srb->DataBuffer = DeviceObject; ntStatus = STATUS_SUCCESS; srb->SrbStatus = SRB_STATUS_SUCCESS; } } //KeReleaseSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock,
// irql);
break;
case SRB_FUNCTION_RELEASE_DEVICE:
DBGPRINT(2, ("SRB_FUNCTION_RELEASE_DEVICE\n"));
//KeAcquireSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock,
// &irql);
{ pdoDeviceExtension->Claimed = FALSE; } //KeReleaseSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock,
// irql);
ntStatus = STATUS_SUCCESS; srb->SrbStatus = SRB_STATUS_SUCCESS; break;
default:
DBGPRINT(2, ("Unhandled SRB function %d\n", srb->Function));
ntStatus = STATUS_NOT_SUPPORTED; srb->SrbStatus = SRB_STATUS_ERROR; break; } } else { ASSERT(deviceExtension->Type == USBSTOR_DO_TYPE_FDO);
DBGPRINT(2, ("IRP_MJ_SCSI not supported for FDO\n"));
ntStatus = STATUS_NOT_SUPPORTED; }
if (ntStatus != STATUS_PENDING) { Irp->IoStatus.Status = ntStatus; IoCompleteRequest(Irp, IO_NO_INCREMENT); }
DBGPRINT(3, ("exit: USBSTOR_Scsi %08X\n", ntStatus));
LOGENTRY('scsi', ntStatus, 0, 0);
return ntStatus;}
//******************************************************************************
//
// USBSTOR_TranslateCDBSubmit()
//
// Called by USBSTOR_StartIo() before a request is started.
//
//******************************************************************************
VOIDUSBSTOR_TranslateCDBSubmit ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PSCSI_REQUEST_BLOCK Srb ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; PCDB cdb;
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
if (fdoDeviceExtension->InterfaceDescriptor->bInterfaceSubClass == USBSTOR_SUBCLASS_SCSI_PASSTHROUGH) { return; }
// Save the original CDB
//
cdb = (PCDB)Srb->Cdb;
RtlCopyMemory(fdoDeviceExtension->OriginalCDB, cdb, 16);
// Make sure the CDB is padded with zero bytes.
//
if (Srb->CdbLength < 16) { RtlZeroMemory(&Srb->Cdb[Srb->CdbLength], 16 - Srb->CdbLength);
} Srb->CdbLength = 12;
switch (Srb->Cdb[0]) { // Send a SCSIOP_START_STOP_UNIT request instead of a
// SCSIOP_TEST_UNIT_READY request for selected buggy
// devices which don't otherwise update their internal
// geometry information when the media changes.
//
case SCSIOP_TEST_UNIT_READY:
if (TEST_FLAG(fdoDeviceExtension->DeviceHackFlags, DHF_TUR_START_UNIT)) { // Zero the new CDB
//
RtlZeroMemory(cdb, 16);
cdb->START_STOP.OperationCode = SCSIOP_START_STOP_UNIT; cdb->START_STOP.Start = 1; } break;
// Convert 6-byte Mode Sense to 10-byte Mode Sense
//
case SCSIOP_MODE_SENSE: { UCHAR PageCode; UCHAR Length;
// Extract the relevant params from original CDB
//
PageCode = cdb->MODE_SENSE.PageCode; Length = cdb->MODE_SENSE.AllocationLength;
// Zero the new CDB
//
RtlZeroMemory(cdb, 16);
// Insert the relevant params into the translated CDB
//
cdb->MODE_SENSE10.OperationCode = SCSIOP_MODE_SENSE10; cdb->MODE_SENSE10.PageCode = PageCode; cdb->MODE_SENSE10.AllocationLength[1] = Length; } break;
// Convert 6-byte Mode Select to 10-byte Mode Select
//
case SCSIOP_MODE_SELECT: { UCHAR SPBit; UCHAR Length;
// Extract the relevant params from original CDB
//
SPBit = cdb->MODE_SELECT.SPBit; Length = cdb->MODE_SELECT.ParameterListLength;
// Zero the new CDB
//
RtlZeroMemory(cdb, 16);
// Insert the relevant params into the translated CDB
//
cdb->MODE_SELECT10.OperationCode = SCSIOP_MODE_SELECT10; cdb->MODE_SELECT10.SPBit = SPBit; cdb->MODE_SELECT10.PFBit = 1; cdb->MODE_SELECT10.ParameterListLength[1] = Length; } break; }}
//******************************************************************************
//
// USBSTOR_TranslateSrbStatus()
//
// This routine translates an srb status into an ntstatus.
//
//******************************************************************************
NTSTATUSUSBSTOR_TranslateSrbStatus( IN PSCSI_REQUEST_BLOCK Srb ){ switch (SRB_STATUS(Srb->SrbStatus)) { case SRB_STATUS_INVALID_LUN: case SRB_STATUS_INVALID_TARGET_ID: case SRB_STATUS_NO_DEVICE: case SRB_STATUS_NO_HBA: return(STATUS_DEVICE_DOES_NOT_EXIST); case SRB_STATUS_COMMAND_TIMEOUT: case SRB_STATUS_BUS_RESET: case SRB_STATUS_TIMEOUT: return(STATUS_IO_TIMEOUT); case SRB_STATUS_SELECTION_TIMEOUT: return(STATUS_DEVICE_NOT_CONNECTED); case SRB_STATUS_BAD_FUNCTION: case SRB_STATUS_BAD_SRB_BLOCK_LENGTH: return(STATUS_INVALID_DEVICE_REQUEST); case SRB_STATUS_DATA_OVERRUN: return(STATUS_BUFFER_OVERFLOW); default: return(STATUS_IO_DEVICE_ERROR); }
return(STATUS_IO_DEVICE_ERROR);}
//******************************************************************************
//
// USBSTOR_TranslateCDBComplete()
//
// Called everywhere a request is completed.
//
//******************************************************************************
VOIDUSBSTOR_TranslateCDBComplete ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PSCSI_REQUEST_BLOCK Srb ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; PCDB cdb;
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
if (fdoDeviceExtension->InterfaceDescriptor->bInterfaceSubClass == USBSTOR_SUBCLASS_SCSI_PASSTHROUGH) {#if DBG
if ((Srb->SrbStatus & SRB_STATUS_AUTOSENSE_VALID) && (Srb->SenseInfoBufferLength >= 14)) { PSENSE_DATA senseData;
senseData = (PSENSE_DATA)Srb->SenseInfoBuffer;
DBGPRINT(1, ("OP: %02X SenseKey %02X ASC %02X ASCQ %02X\n", Srb->Cdb[0], senseData->SenseKey, senseData->AdditionalSenseCode, senseData->AdditionalSenseCodeQualifier)); }#endif
if (SRB_STATUS(Srb->SrbStatus) != SRB_STATUS_SUCCESS) { Irp->IoStatus.Status = USBSTOR_TranslateSrbStatus(Srb); }
return; }
if (Srb->Cdb[0] != fdoDeviceExtension->OriginalCDB[0]) { cdb = (PCDB)Srb->Cdb;
switch (Srb->Cdb[0]) { // Convert 10-byte Mode Sense back to 6-byte Mode Sense
//
case SCSIOP_MODE_SENSE10: { if ((SRB_STATUS(Srb->SrbStatus) == SRB_STATUS_SUCCESS || SRB_STATUS(Srb->SrbStatus) == SRB_STATUS_DATA_OVERRUN) && Srb->DataTransferLength >= sizeof(MODE_PARAMETER_HEADER10)) { PMODE_PARAMETER_HEADER hdr6; PMODE_PARAMETER_HEADER10 hdr10;
hdr6 = (PMODE_PARAMETER_HEADER) Srb->DataBuffer; hdr10 = (PMODE_PARAMETER_HEADER10)Srb->DataBuffer;
// Convert the 10-byte header to a 6-byte header
//
hdr6->ModeDataLength = hdr10->ModeDataLength[1];
hdr6->MediumType = hdr10->MediumType;
hdr6->DeviceSpecificParameter = hdr10->DeviceSpecificParameter;
hdr6->BlockDescriptorLength = hdr10->BlockDescriptorLength[1];
// Advance past headers
//
hdr6++; hdr10++;
// Copy everything past the 10-byte header
//
RtlMoveMemory(hdr6, hdr10, (Srb->DataTransferLength - sizeof(MODE_PARAMETER_HEADER10)));
// Adjust the return size to account for the smaller header
//
Srb->DataTransferLength -= (sizeof(MODE_PARAMETER_HEADER10) - sizeof(MODE_PARAMETER_HEADER));
// Since we just shrunk Srb->DataTransferLength, don't
// we have SRB_STATUS_DATA_OVERRUN by definition???
//
if (Srb->SrbStatus & SRB_STATUS_AUTOSENSE_VALID) { Srb->SrbStatus = SRB_STATUS_DATA_OVERRUN | SRB_STATUS_AUTOSENSE_VALID; } else { Srb->SrbStatus = SRB_STATUS_DATA_OVERRUN; } } } break; }
// Restore the original CDB
//
RtlCopyMemory(cdb, fdoDeviceExtension->OriginalCDB, 16); }
#if DBG
if ((Srb->SrbStatus & SRB_STATUS_AUTOSENSE_VALID) && (Srb->SenseInfoBufferLength >= 14)) { PSENSE_DATA senseData;
senseData = (PSENSE_DATA)Srb->SenseInfoBuffer;
DBGPRINT(1, ("OP: %02X SenseKey %02X ASC %02X ASCQ %02X\n", Srb->Cdb[0], senseData->SenseKey, senseData->AdditionalSenseCode, senseData->AdditionalSenseCodeQualifier)); }#endif
if (SRB_STATUS(Srb->SrbStatus) != SRB_STATUS_SUCCESS) { Irp->IoStatus.Status = USBSTOR_TranslateSrbStatus(Srb); }}
//******************************************************************************
//
// USBSTOR_CancelIo()
//
// This routine runs at DPC level (until the cancel spinlock is released).
//
//******************************************************************************
VOIDUSBSTOR_CancelIo ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ){ if (DeviceObject->CurrentIrp == Irp) { IoReleaseCancelSpinLock(Irp->CancelIrql);
LOGENTRY('CAN1', DeviceObject, Irp, 0);
DBGPRINT(1, ("USBSTOR_CancelIo cancelling CurrentIrp\n")); } else if (KeRemoveEntryDeviceQueue(&DeviceObject->DeviceQueue, &Irp->Tail.Overlay.DeviceQueueEntry)) { IoReleaseCancelSpinLock(Irp->CancelIrql);
LOGENTRY('CAN2', DeviceObject, Irp, 0);
DBGPRINT(1, ("USBSTOR_CancelIo cancelling queued Irp\n"));
Irp->IoStatus.Status = STATUS_CANCELLED; Irp->IoStatus.Information = 0;
IoCompleteRequest(Irp, IO_NO_INCREMENT); } else { IoReleaseCancelSpinLock(Irp->CancelIrql); }}
//******************************************************************************
//
// USBSTOR_StartIo()
//
// This routine handles IRP_MJ_SCSI, SRB_FUNCTION_EXECUTE_SCSI requests from
// the device the queue.
//
// This routine runs at DPC level.
//
//******************************************************************************
VOIDUSBSTOR_StartIo ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; PIO_STACK_LOCATION irpStack; PSCSI_REQUEST_BLOCK srb; BOOLEAN startNext; BOOLEAN deviceDisconnected; BOOLEAN persistentError; KIRQL irql; NTSTATUS ntStatus;
LOGENTRY('STIO', DeviceObject, Irp, 0);
DBGPRINT(3, ("enter: USBSTOR_StartIo %08X %08X\n", DeviceObject, Irp));
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Get our Irp parameters
//
irpStack = IoGetCurrentIrpStackLocation(Irp);
// Check to see if this is a power down Irp.
//
if (irpStack->MajorFunction == IRP_MJ_POWER) { // This is a power down Irp. Now that we know that no transfer
// requests are in progress, pass down the power Irp.
ASSERT(irpStack->MinorFunction == IRP_MN_SET_POWER); ASSERT(irpStack->Parameters.Power.Type == DevicePowerState); ASSERT(irpStack->Parameters.Power.State.DeviceState != PowerDeviceD0);
DBGPRINT(2, ("FDO Power Down Passing Down %08X %08X\n", DeviceObject, Irp));
LOGENTRY('FPDC', DeviceObject, Irp, 0);
//
// Signal that it is time to pass the request down to the next
// lower driver
//
KeSetEvent(&fdoDeviceExtension->PowerDownEvent, IO_NO_INCREMENT, 0);
// Leave the device queue blocked now by simply not calling
// IoStartNextPacket(). When we want to start the device queue
// again, simply call IoStartNextPacket().
return; }
// If the Irp is not IRP_MJ_POWER it better be IRP_MJ_SCSI
//
ASSERT(irpStack->MajorFunction == IRP_MJ_SCSI);
// Check to see if the current Irp was cancelled.
//
IoAcquireCancelSpinLock(&irql); IoSetCancelRoutine(Irp, NULL);
if (Irp->Cancel) { // The current Irp was cancelled. Complete the request now, and start
// the next request, unless a reset is still in progress in which case
// the next request will be started when the reset completes.
//
KeAcquireSpinLockAtDpcLevel(&fdoDeviceExtension->ExtensionDataSpinLock); { startNext = !TEST_FLAG(fdoDeviceExtension->DeviceFlags, DF_RESET_IN_PROGRESS); } KeReleaseSpinLockFromDpcLevel(&fdoDeviceExtension->ExtensionDataSpinLock);
IoReleaseCancelSpinLock(irql);
LOGENTRY('CAN3', DeviceObject, Irp, 0);
Irp->IoStatus.Status = STATUS_CANCELLED; Irp->IoStatus.Information = 0;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
if (startNext) { IoStartNextPacket(DeviceObject, TRUE); }
return; }
// The current Irp was not cancelled. It is no longer cancelable.
//
IoReleaseCancelSpinLock(irql);
// Get our Irp parameters
//
srb = irpStack->Parameters.Scsi.Srb; fdoDeviceExtension->OriginalSrb = srb;
deviceDisconnected = FALSE; persistentError = FALSE;
KeAcquireSpinLockAtDpcLevel(&fdoDeviceExtension->ExtensionDataSpinLock); { if (TEST_FLAG(fdoDeviceExtension->DeviceFlags, DF_DEVICE_DISCONNECTED)) { deviceDisconnected = TRUE; } else { fdoDeviceExtension->SrbTimeout = srb->TimeOutValue;
if (TEST_FLAG(fdoDeviceExtension->DeviceFlags, DF_PERSISTENT_ERROR)) { persistentError = TRUE;
CLEAR_FLAG(fdoDeviceExtension->DeviceFlags, DF_PERSISTENT_ERROR); } } } KeReleaseSpinLockFromDpcLevel(&fdoDeviceExtension->ExtensionDataSpinLock);
if (deviceDisconnected) { LOGENTRY('siod', DeviceObject, Irp, 0);
// The device is disconnected, fail this request immediately and start
// the next request.
//
srb->SrbStatus = SRB_STATUS_NO_DEVICE; srb->DataTransferLength = 0;
ntStatus = STATUS_DEVICE_DOES_NOT_EXIST; Irp->IoStatus.Status = ntStatus; Irp->IoStatus.Information = 0;
IoCompleteRequest(Irp, IO_NO_INCREMENT);
IoStartNextPacket(DeviceObject, TRUE); } else { // Translate the CDB if necessary
//
USBSTOR_TranslateCDBSubmit(DeviceObject, Irp, srb);
DBGPRINT(3, ("CDB OP 0x%02X, Length %d\n", srb->Cdb[0], srb->CdbLength));
if (fdoDeviceExtension->DriverFlags == DeviceProtocolBulkOnly) { ntStatus = USBSTOR_CbwTransfer(DeviceObject, Irp); } else { if (persistentError && (srb->Cdb[0] != SCSIOP_REQUEST_SENSE)) { // There was a persistent error during the last request which
// was not cleared with an AutoSense, and this request is not
// a Request Sense, so first clear the persistent error with a
// Request Sense before issuing this request.
//
ntStatus = USBSTOR_IssueRequestSenseCdb(DeviceObject, Irp, NON_AUTO_SENSE); } else { // Normal case, just issue the real request.
//
ntStatus = USBSTOR_IssueClientCdb(DeviceObject, Irp); } } }
DBGPRINT(3, ("exit: USBSTOR_StartIo %08X\n", ntStatus));
return;}
//******************************************************************************
//
// USBSTOR_CheckRequestTimeOut()
//
// Returns TRUE if the request timed out and the request should be completed.
//
//******************************************************************************
BOOLEANUSBSTOR_CheckRequestTimeOut ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PSCSI_REQUEST_BLOCK Srb, OUT PNTSTATUS NtStatus ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; BOOLEAN resetStarted; KIRQL irql; PIO_STACK_LOCATION irpStack;
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Check to see if a reset was started while this request was in progress.
//
resetStarted = FALSE;
KeAcquireSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock, &irql); { CLEAR_FLAG(fdoDeviceExtension->DeviceFlags, DF_SRB_IN_PROGRESS);
if (TEST_FLAG(fdoDeviceExtension->DeviceFlags, DF_RESET_IN_PROGRESS)) { LOGENTRY('CRT1', DeviceObject, Irp, Srb);
resetStarted = TRUE; } } KeReleaseSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock, irql);
// If a timeout reset has been started, then complete this request with
// a timeout error. Well, don't actually complete the request just yet.
// Signal the cancel completion event and let USBSTOR_ResetDeviceWorkItem()
// complete the request. This allows USBSTOR_ResetDeviceWorkItem() to
// cancel the request without worrying about the request completing and
// disappearing out from underneath it.
//
if (resetStarted) { irpStack = IoGetCurrentIrpStackLocation(Irp);
Srb = fdoDeviceExtension->OriginalSrb; irpStack->Parameters.Scsi.Srb = Srb;
Irp->IoStatus.Status = STATUS_IO_TIMEOUT; Irp->IoStatus.Information = 0; Srb->SrbStatus = SRB_STATUS_TIMEOUT;
USBSTOR_TranslateCDBComplete(DeviceObject, Irp, Srb);
*NtStatus = STATUS_MORE_PROCESSING_REQUIRED;
KeSetEvent(&fdoDeviceExtension->CancelEvent, IO_NO_INCREMENT, FALSE);
return TRUE; } else { fdoDeviceExtension->PendingIrp = NULL;
return FALSE; }}
//******************************************************************************
//
// USBSTOR_IssueControlRequest()
//
// This routine is called by USBSTOR_IssueClientCdb() and
// USBSTOR_IssueRequestSenseCdb()
//
// This routine may run at DPC level.
//
// Basic idea:
//
// Intializes the Control transfer Urb and sends it down the stack:
//
// bmRequestType = 0x21, Class specific, host to device transfer, to
// recipient interface
// bRequest = 0x00, Accept Device Specific Command
// wValue = 0x00, Not Used
// wIndex = bInterfaceNumber
// wLength = length of device specific command block
//
//******************************************************************************
NTSTATUSUSBSTOR_IssueControlRequest ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN ULONG TransferBufferLength, IN PVOID TransferBuffer, IN PIO_COMPLETION_ROUTINE CompletionRoutine, IN PVOID Context ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; PIO_STACK_LOCATION nextStack; KIRQL irql; NTSTATUS ntStatus;
struct _URB_CONTROL_VENDOR_OR_CLASS_REQUEST *controlUrb;
DBGPRINT(3, ("enter: USBSTOR_IssueControlRequest\n"));
LOGENTRY('ICTR', DeviceObject, Irp, 0);
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Get a pointer to the Control/Bulk/Interrupt Transfer URB in our
// Device Extension
//
controlUrb = &fdoDeviceExtension->Urb.ControlUrb;
// Initialize the Control Transfer URB, all fields default to zero
//
RtlZeroMemory(controlUrb, sizeof(*controlUrb));
controlUrb->Hdr.Length = sizeof(*controlUrb);
controlUrb->Hdr.Function = URB_FUNCTION_CLASS_INTERFACE;
// controlUrb->TransferFlags is already zero
controlUrb->TransferBufferLength = TransferBufferLength;
controlUrb->TransferBuffer = TransferBuffer;
// controlUrb->TransferBufferMDL is already zero
// controlUrb->RequestTypeReservedBits is already zero
// controlUrb->Request is already zero
// controlUrb->Value is already zero
// Target the request at the proper interface on the device
//
controlUrb->Index = fdoDeviceExtension->InterfaceInfo->InterfaceNumber;
// Set the Irp parameters for the lower driver
//
nextStack = IoGetNextIrpStackLocation(Irp);
nextStack->MajorFunction = IRP_MJ_INTERNAL_DEVICE_CONTROL;
nextStack->Parameters.DeviceIoControl.IoControlCode = IOCTL_INTERNAL_USB_SUBMIT_URB;
nextStack->Parameters.Others.Argument1 = controlUrb;
// Set the completion routine, which will handle the next phase of the Srb
//
IoSetCompletionRoutine(Irp, CompletionRoutine, Context, TRUE, // InvokeOnSuccess
TRUE, // InvokeOnError
TRUE); // InvokeOnCancel
KeAcquireSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock, &irql); { fdoDeviceExtension->PendingIrp = Irp;
SET_FLAG(fdoDeviceExtension->DeviceFlags, DF_SRB_IN_PROGRESS); } KeReleaseSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock, irql);
// Pass the Irp & Urb down the stack
//
ntStatus = IoCallDriver(fdoDeviceExtension->StackDeviceObject, Irp);
DBGPRINT(3, ("exit: USBSTOR_IssueControlRequest %08X\n", ntStatus));
LOGENTRY('ictr', DeviceObject, Irp, ntStatus);
return ntStatus;}
//******************************************************************************
//
// USBSTOR_IssueBulkOrInterruptRequest()
//
// This routine is called by USBSTOR_IssueClientBulkRequest(),
// USBSTOR_IssueInterruptRequest() and USBSTOR_IssueRequestSenseBulkRequest().
//
// This routine may run at DPC level.
//
// Basic idea:
//
// Initializes the Bulk or Interrupt transfer Urb and sends it down the stack
//
//******************************************************************************
NTSTATUSUSBSTOR_IssueBulkOrInterruptRequest ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN USBD_PIPE_HANDLE PipeHandle, IN ULONG TransferFlags, IN ULONG TransferBufferLength, IN PVOID TransferBuffer, IN PMDL TransferBufferMDL, IN PIO_COMPLETION_ROUTINE CompletionRoutine, IN PVOID Context ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; PIO_STACK_LOCATION nextStack; KIRQL irql; NTSTATUS ntStatus;
struct _URB_BULK_OR_INTERRUPT_TRANSFER *bulkIntrUrb;
DBGPRINT(3, ("enter: USBSTOR_IssueBulkOrInterruptRequest\n"));
LOGENTRY('IBIR', DeviceObject, Irp, 0);
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Get a pointer to the Bulk/Interrupt Transfer URB in our Device Extension
//
bulkIntrUrb = &fdoDeviceExtension->Urb.BulkIntrUrb;
// Initialize the Bulk/Interrupt Transfer URB, all fields default to zero
//
RtlZeroMemory(bulkIntrUrb, sizeof(*bulkIntrUrb));
bulkIntrUrb->Hdr.Length = sizeof(*bulkIntrUrb);
bulkIntrUrb->Hdr.Function = URB_FUNCTION_BULK_OR_INTERRUPT_TRANSFER;
bulkIntrUrb->PipeHandle = PipeHandle;
bulkIntrUrb->TransferFlags = TransferFlags;
bulkIntrUrb->TransferBufferLength = TransferBufferLength;
bulkIntrUrb->TransferBuffer = TransferBuffer;
bulkIntrUrb->TransferBufferMDL = TransferBufferMDL;
// Set the Irp parameters for the lower driver
//
nextStack = IoGetNextIrpStackLocation(Irp);
nextStack->MajorFunction = IRP_MJ_INTERNAL_DEVICE_CONTROL;
nextStack->Parameters.DeviceIoControl.IoControlCode = IOCTL_INTERNAL_USB_SUBMIT_URB;
nextStack->Parameters.Others.Argument1 = bulkIntrUrb;
// Set the completion routine, which will handle the next phase of the Srb
//
IoSetCompletionRoutine(Irp, CompletionRoutine, Context, TRUE, // InvokeOnSuccess
TRUE, // InvokeOnError
TRUE); // InvokeOnCancel
KeAcquireSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock, &irql); { fdoDeviceExtension->PendingIrp = Irp;
SET_FLAG(fdoDeviceExtension->DeviceFlags, DF_SRB_IN_PROGRESS); } KeReleaseSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock, irql);
// Pass the Irp & Urb down the stack
//
ntStatus = IoCallDriver(fdoDeviceExtension->StackDeviceObject, Irp);
DBGPRINT(3, ("exit: USBSTOR_IssueBulkOrInterruptRequest %08X\n", ntStatus));
LOGENTRY('ibir', DeviceObject, Irp, ntStatus);
return ntStatus;}
//
// CBI (Control/Bulk/Interrupt) Routines
//
//
// Phase 1, CDB Control transfer
//
//******************************************************************************
//
// USBSTOR_IssueClientCdb()
//
// This routine is called by USBSTOR_StartIo().
//
// It runs at DPC level.
//
// Basic idea:
//
// Starts a USB transfer to write the Srb->Cdb out the control endpoint.
//
// Sets USBSTOR_ClientCdbCompletion() as the completion routine.
//
//******************************************************************************
NTSTATUSUSBSTOR_IssueClientCdb ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ){ PIO_STACK_LOCATION irpStack; PSCSI_REQUEST_BLOCK srb; NTSTATUS ntStatus;
DBGPRINT(3, ("enter: USBSTOR_IssueClientCdb\n"));
LOGENTRY('ICDB', DeviceObject, Irp, 0);
// Get the client Srb
//
irpStack = IoGetCurrentIrpStackLocation(Irp);
srb = irpStack->Parameters.Scsi.Srb;
ntStatus = USBSTOR_IssueControlRequest( DeviceObject, Irp, srb->CdbLength, // TransferBufferLength
srb->Cdb, // TransferBuffer
USBSTOR_ClientCdbCompletion, // CompletionRoutine
NULL); // Context
DBGPRINT(3, ("exit: USBSTOR_IssueClientCdb %08X\n", ntStatus));
LOGENTRY('icdb', DeviceObject, Irp, ntStatus);
return ntStatus;}
//******************************************************************************
//
// USBSTOR_ClientCdbCompletion()
//
// Completion routine used by USBSTOR_IssueClientCdb()
//
// This routine may run at DPC level.
//
// Basic idea:
//
// If a timeout reset occured, complete the request.
//
// Else if the CDB USB transfer failed due to a STALL and AutoSense is not
// disabled, do not complete the request yet and start a Request Sense by
// calling USBSTOR_IssueRequestSenseCdb(AUTO_SENSE).
//
// Else if the CDB USB transfer failed due to a STALL and AutoSense is
// disabled, mark a persistant error and complete the request.
//
// Else if the CDB USB transfer failed due to some other reason, complete the
// request and start a reset by queuing USBSTOR_ResetDeviceWorkItem().
//
// Else if the CDB USB transfer succeeded and the Srb has a transfer buffer,
// do not complete the request yet and start the bulk data transfer by calling
// USBSTOR_IssueClientBulkRequest().
//
// Else if the CDB USB transfer succeeded and the Srb has no transfer buffer,
// do not complete the request yet and start the command completion interrupt
// data transfer by calling USBSTOR_IssueInterruptRequest().
//
//******************************************************************************
NTSTATUSUSBSTOR_ClientCdbCompletion ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID NotUsed ){ PPDO_DEVICE_EXTENSION pdoDeviceExtension; PDEVICE_OBJECT fdoDeviceObject; PFDO_DEVICE_EXTENSION fdoDeviceExtension; PIO_STACK_LOCATION irpStack; PSCSI_REQUEST_BLOCK srb; KIRQL irql; NTSTATUS ntStatus;
struct _URB_CONTROL_VENDOR_OR_CLASS_REQUEST *controlUrb;
DBGPRINT(3, ("enter: USBSTOR_ClientCdbCompletion\n"));
LOGENTRY('CDBC', DeviceObject, Irp, Irp->IoStatus.Status);
pdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(pdoDeviceExtension->Type == USBSTOR_DO_TYPE_PDO);
fdoDeviceObject = pdoDeviceExtension->ParentFDO; fdoDeviceExtension = fdoDeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Get a pointer to the Control Transfer URB in our Device Extension
//
controlUrb = &fdoDeviceExtension->Urb.ControlUrb;
// Get our Irp parameters
//
irpStack = IoGetCurrentIrpStackLocation(Irp);
srb = irpStack->Parameters.Scsi.Srb;
// If a timeout reset occured, complete the request.
//
if (USBSTOR_CheckRequestTimeOut(fdoDeviceObject, Irp, srb, &ntStatus)) { LOGENTRY('cdb1', fdoDeviceObject, Irp, srb); DBGPRINT(1, ("USBSTOR_ClientCdbCompletion: timeout completion\n")); return ntStatus; }
if (!NT_SUCCESS(Irp->IoStatus.Status)) { // The CDB Control Transfer was not successful. Look at how the
// the transfer failed to figure out how to recover.
//
LOGENTRY('cdb2', Irp->IoStatus.Status, controlUrb->Hdr.Status, 0);
DBGPRINT(1, ("CDB transfer failed %08X %08X\n", Irp->IoStatus.Status, controlUrb->Hdr.Status));
if (USBD_STATUS(controlUrb->Hdr.Status) == USBD_STATUS(USBD_STATUS_STALL_PID)) { // The device STALLed the Control Transfer
srb->SrbStatus = SRB_STATUS_ERROR; srb->ScsiStatus = SCSISTAT_CHECK_CONDITION; srb->DataTransferLength = 0;
if (!(srb->SrbFlags & SRB_FLAGS_DISABLE_AUTOSENSE) && (srb->SenseInfoBufferLength != 0) && (srb->SenseInfoBuffer != NULL)) { LOGENTRY('cdb3', fdoDeviceObject, Irp, srb);
// AutoSense is not disabled so do not complete the request yet
// and issue a Request Sense. This request will be completed
// and the next request started when the AutoSense Request
// Sense completes later.
//
ntStatus = USBSTOR_IssueRequestSenseCdb(fdoDeviceObject, Irp, AUTO_SENSE);
return STATUS_MORE_PROCESSING_REQUIRED; } else { LOGENTRY('cdb4', fdoDeviceObject, Irp, srb);
// AutoSense is disabled so mark a persistent error and complete
// this request now. Also start the next request now.
//
ntStatus = STATUS_IO_DEVICE_ERROR; Irp->IoStatus.Status = ntStatus; Irp->IoStatus.Information = 0;
KeAcquireSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock, &irql); { SET_FLAG(fdoDeviceExtension->DeviceFlags, DF_PERSISTENT_ERROR); } KeReleaseSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock, irql);
USBSTOR_TranslateCDBComplete(fdoDeviceObject, Irp, srb);
KeRaiseIrql(DISPATCH_LEVEL, &irql); { IoStartNextPacket(fdoDeviceObject, TRUE); } KeLowerIrql(irql);
return ntStatus; } } else { LOGENTRY('cdb5', fdoDeviceObject, Irp, srb);
// Else some other strange error has occured. Maybe the device is
// unplugged, or maybe the device port was disabled, or maybe the
// request was cancelled.
//
// Complete this request now and then reset the device. The next
// request will be started when the reset completes.
//
ntStatus = STATUS_IO_DEVICE_ERROR; Irp->IoStatus.Status = ntStatus; Irp->IoStatus.Information = 0; srb->SrbStatus = SRB_STATUS_BUS_RESET;
USBSTOR_TranslateCDBComplete(fdoDeviceObject, Irp, srb);
USBSTOR_QueueResetDevice(fdoDeviceObject);
DBGPRINT(1, ("USBSTOR_ClientCdbCompletion: xfer error completion\n"));
return ntStatus; } }
// The CDB Control Transfer was successful. Start the next phase, either
// the Data Bulk Transfer or Command Completion Interrupt Transfer, and do
// not complete the request yet (unless there is no Bulk Transfer and the
// Interrupt Transfer is not supported).
//
if (Irp->MdlAddress != NULL) { LOGENTRY('cdb6', fdoDeviceObject, Irp, srb);
ASSERT(srb->DataTransferLength != 0);
// The Srb has a transfer buffer, start the Data Bulk Transfer.
//
ntStatus = USBSTOR_IssueClientBulkRequest(fdoDeviceObject, Irp);
if (NT_SUCCESS(ntStatus)) { ntStatus = STATUS_MORE_PROCESSING_REQUIRED; } else { Irp->IoStatus.Status = ntStatus; Irp->IoStatus.Information = 0; srb->SrbStatus = SRB_STATUS_ERROR;
USBSTOR_TranslateCDBComplete(fdoDeviceObject, Irp, srb);
USBSTOR_QueueResetDevice(fdoDeviceObject); } } else { ASSERT(srb->DataTransferLength == 0);
// The Srb has no transfer buffer. If the Command Completion
// Interrupt Transfer is supported, start the Command Completion
// Interrupt Transfer, else just complete the request now and
// start the next request.
//
if (fdoDeviceExtension->InterruptInPipe) { LOGENTRY('cdb7', fdoDeviceObject, Irp, srb);
srb->SrbStatus = SRB_STATUS_SUCCESS;
ntStatus = USBSTOR_IssueInterruptRequest(fdoDeviceObject, Irp);
ntStatus = STATUS_MORE_PROCESSING_REQUIRED; } else { LOGENTRY('cdb8', fdoDeviceObject, Irp, srb);
ntStatus = STATUS_SUCCESS; Irp->IoStatus.Status = ntStatus; Irp->IoStatus.Information = 0; srb->SrbStatus = SRB_STATUS_SUCCESS;
USBSTOR_TranslateCDBComplete(fdoDeviceObject, Irp, srb);
KeRaiseIrql(DISPATCH_LEVEL, &irql); { IoStartNextPacket(fdoDeviceObject, TRUE); } KeLowerIrql(irql); } }
DBGPRINT(3, ("exit: USBSTOR_ClientCdbCompletion %08X\n", ntStatus));
return ntStatus;}
//
// Phase 2, Data Bulk transfer
//
//******************************************************************************
//
// USBSTOR_IssueClientBulkRequest()
//
// This routine is called by USBSTOR_ClientCdbCompletion().
//
// This routine may run at DPC level.
//
// Basic idea:
//
// Starts a USB transfer to read or write the Srb->DataBuffer data In or Out
// the Bulk endpoint.
//
// Sets USBSTOR_ClientBulkCompletionRoutine() as the completion routine.
//
//******************************************************************************
NTSTATUSUSBSTOR_IssueClientBulkRequest ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; PIO_STACK_LOCATION irpStack; PSCSI_REQUEST_BLOCK srb; PMDL mdl; PVOID mdlVa; USBD_PIPE_HANDLE pipeHandle; ULONG transferFlags; NTSTATUS ntStatus;
DBGPRINT(3, ("enter: USBSTOR_IssueClientBulkRequest\n"));
LOGENTRY('ICBK', DeviceObject, Irp, 0);
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Get our Irp parameters
//
irpStack = IoGetCurrentIrpStackLocation(Irp);
srb = irpStack->Parameters.Scsi.Srb;
// Bulk IN or Bulk OUT?
//
if ((srb->SrbFlags & SRB_FLAGS_UNSPECIFIED_DIRECTION) == SRB_FLAGS_DATA_IN) { pipeHandle = fdoDeviceExtension->BulkInPipe->PipeHandle; transferFlags = USBD_SHORT_TRANSFER_OK; } else if ((srb->SrbFlags & SRB_FLAGS_UNSPECIFIED_DIRECTION) == SRB_FLAGS_DATA_OUT) { pipeHandle = fdoDeviceExtension->BulkOutPipe->PipeHandle; transferFlags = 0; } else { // Something is wrong if we end up here.
//
ASSERT((srb->SrbFlags & SRB_FLAGS_UNSPECIFIED_DIRECTION) && ((srb->SrbFlags & SRB_FLAGS_UNSPECIFIED_DIRECTION) != SRB_FLAGS_UNSPECIFIED_DIRECTION));
return STATUS_INVALID_PARAMETER; }
// Check to see if this request is part of a split request.
//
mdlVa = MmGetMdlVirtualAddress(Irp->MdlAddress);
if (mdlVa == (PVOID)srb->DataBuffer) { // Not part of a split request, use original MDL
//
mdl = Irp->MdlAddress; } else { // Part of a split request, allocate new partial MDL
//
mdl = IoAllocateMdl(srb->DataBuffer, srb->DataTransferLength, FALSE, FALSE, NULL); if (mdl == NULL) { ntStatus = STATUS_INSUFFICIENT_RESOURCES; } else { IoBuildPartialMdl(Irp->MdlAddress, mdl, srb->DataBuffer, srb->DataTransferLength); } }
if (mdl != NULL) { ntStatus = USBSTOR_IssueBulkOrInterruptRequest( DeviceObject, Irp, pipeHandle, // PipeHandle
transferFlags, // TransferFlags
srb->DataTransferLength, // TransferBufferLen
NULL, // TransferBuffer
mdl, // TransferBufferMDL
USBSTOR_ClientBulkCompletionRoutine, // CompletionRoutine
NULL); // Context
// Just return STATUS_SUCCESS at this point. If there is an error,
// USBSTOR_ClientBulkCompletionRoutine() will handle it, not the caller
// of USBSTOR_IssueClientBulkRequest().
//
ntStatus = STATUS_SUCCESS; }
DBGPRINT(3, ("exit: USBSTOR_IssueClientBulkRequest %08X\n", ntStatus));
LOGENTRY('icbk', DeviceObject, Irp, ntStatus);
return ntStatus;}
//******************************************************************************
//
// USBSTOR_ClientBulkCompletionRoutine()
//
// Completion routine used by USBSTOR_IssueClientBulkRequest
//
// This routine may run at DPC level.
//
// Basic idea:
//
// If a timeout reset occured, complete the request.
//
// Else if the Bulk USB transfer failed due to a STALL and AutoSense is not
// disabled, do not complete the request yet and start a pipe reset by calling
// USBSTOR_QueueResetPipe().
//
// Else if the Bulk USB transfer failed due to a STALL and AutoSense is
// disabled, mark a persistant error and complete the request.
//
// Else if the Bulk USB transfer failed due to some other reason, complete the
// request and start a reset by queuing USBSTOR_ResetDeviceWorkItem().
//
// Else if the Bulk USB transfer succeeded, start the command completion
// interrupt data transfer by calling USBSTOR_IssueInterruptRequest().
//
//******************************************************************************
NTSTATUSUSBSTOR_ClientBulkCompletionRoutine ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID NotUsed ){ PPDO_DEVICE_EXTENSION pdoDeviceExtension; PDEVICE_OBJECT fdoDeviceObject; PFDO_DEVICE_EXTENSION fdoDeviceExtension; PIO_STACK_LOCATION irpStack; PSCSI_REQUEST_BLOCK srb; KIRQL irql; NTSTATUS ntStatus;
struct _URB_BULK_OR_INTERRUPT_TRANSFER *bulkUrb;
DBGPRINT(3, ("enter: USBSTOR_ClientBulkCompletionRoutine\n"));
LOGENTRY('CBKC', DeviceObject, Irp, Irp->IoStatus.Status);
pdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(pdoDeviceExtension->Type == USBSTOR_DO_TYPE_PDO);
fdoDeviceObject = pdoDeviceExtension->ParentFDO; fdoDeviceExtension = fdoDeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Get a pointer to the Bulk Transfer URB in our Device Extension
//
bulkUrb = &fdoDeviceExtension->Urb.BulkIntrUrb;
// Get our Irp parameters
//
irpStack = IoGetCurrentIrpStackLocation(Irp);
srb = irpStack->Parameters.Scsi.Srb;
if (bulkUrb->TransferBufferMDL != Irp->MdlAddress) { IoFreeMdl(bulkUrb->TransferBufferMDL); }
// If a timeout reset occured, complete the request.
//
if (USBSTOR_CheckRequestTimeOut(fdoDeviceObject, Irp, srb, &ntStatus)) { LOGENTRY('cbk1', fdoDeviceObject, Irp, srb); DBGPRINT(1, ("USBSTOR_ClientBulkCompletionRoutine: timeout completion\n")); return ntStatus; }
if (!NT_SUCCESS(Irp->IoStatus.Status)) { // The Data Bulk Transfer was not successful. Look at how the
// the transfer failed to figure out how to recover.
//
LOGENTRY('cbk2', Irp->IoStatus.Status, bulkUrb->Hdr.Status, 0);
DBGPRINT(1, ("Client Bulk transfer failed %08X %08X\n", Irp->IoStatus.Status, bulkUrb->Hdr.Status));
if (USBD_STATUS(bulkUrb->Hdr.Status) == USBD_STATUS(USBD_STATUS_STALL_PID)) { // The device STALLed the Bulk Transfer
srb->SrbStatus = SRB_STATUS_ERROR; srb->ScsiStatus = SCSISTAT_CHECK_CONDITION; srb->DataTransferLength = bulkUrb->TransferBufferLength;
if (!(srb->SrbFlags & SRB_FLAGS_DISABLE_AUTOSENSE) && (srb->SenseInfoBufferLength != 0) && (srb->SenseInfoBuffer != NULL)) { LOGENTRY('cbk3', fdoDeviceObject, Irp, srb);
// AutoSense is not disabled so do not complete the request
// yet. Queue a bulk pipe reset. After the bulk pipe reset
// completes, a Request Sense will be issued. This request
// will be completed and the next request started when the
// AutoSense Request Sense completes later.
//
USBSTOR_QueueResetPipe(fdoDeviceObject);
return STATUS_MORE_PROCESSING_REQUIRED; } else { LOGENTRY('cbk4', fdoDeviceObject, Irp, srb);
// AutoSense is disabled so mark a persistent error and
// complete the request, but also queue a bulk pipe reset.
//
// The next request will be started when the bulk pipe
// reset completes.
//
ntStatus = STATUS_IO_DEVICE_ERROR; Irp->IoStatus.Status = ntStatus; Irp->IoStatus.Information = 0;
KeAcquireSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock, &irql); { SET_FLAG(fdoDeviceExtension->DeviceFlags, DF_PERSISTENT_ERROR); } KeReleaseSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock, irql);
USBSTOR_TranslateCDBComplete(fdoDeviceObject, Irp, srb);
USBSTOR_QueueResetPipe(fdoDeviceObject);
return ntStatus; } } else { LOGENTRY('cbk5', fdoDeviceObject, Irp, srb);
// Else some other strange error has occured. Maybe the device is
// unplugged, or maybe the device port was disabled, or maybe the
// request was cancelled.
//
// Complete this request now and then reset the device. The next
// request will be started when the reset completes.
//
ntStatus = STATUS_IO_DEVICE_ERROR; Irp->IoStatus.Status = ntStatus; Irp->IoStatus.Information = 0; srb->SrbStatus = SRB_STATUS_BUS_RESET;
USBSTOR_TranslateCDBComplete(fdoDeviceObject, Irp, srb);
USBSTOR_QueueResetDevice(fdoDeviceObject);
DBGPRINT(1, ("USBSTOR_ClientBulkCompletionRoutine: xfer error completion\n"));
return ntStatus; } }
// Check for overrun
//
if (bulkUrb->TransferBufferLength < srb->DataTransferLength) { srb->SrbStatus = SRB_STATUS_DATA_OVERRUN; } else { srb->SrbStatus = SRB_STATUS_SUCCESS; }
// Update the the Srb data transfer length based on the actual bulk
// transfer length.
//
srb->DataTransferLength = bulkUrb->TransferBufferLength;
// Client data Bulk Transfer successful completion. If the Command
// Completion Interrupt Transfer is supported, start the Command Completion
// Interrupt Transfer, else just complete the request now and start the
// next request.
//
if (fdoDeviceExtension->InterruptInPipe) { LOGENTRY('cbk6', fdoDeviceObject, Irp, bulkUrb->TransferBufferLength);
ntStatus = USBSTOR_IssueInterruptRequest(fdoDeviceObject, Irp);
ntStatus = STATUS_MORE_PROCESSING_REQUIRED; } else { LOGENTRY('cbk7', fdoDeviceObject, Irp, bulkUrb->TransferBufferLength);
ntStatus = STATUS_SUCCESS; Irp->IoStatus.Status = ntStatus;
USBSTOR_TranslateCDBComplete(fdoDeviceObject, Irp, srb);
Irp->IoStatus.Information = srb->DataTransferLength;
KeRaiseIrql(DISPATCH_LEVEL, &irql); { IoStartNextPacket(fdoDeviceObject, TRUE); } KeLowerIrql(irql); }
DBGPRINT(3, ("exit: USBSTOR_ClientBulkCompletionRoutine %08X\n", ntStatus));
return ntStatus;}
//
// Phase 3, Command completion Interrupt transfer
//
//******************************************************************************
//
// USBSTOR_IssueInterruptRequest()
//
// This routine is called by USBSTOR_ClientCdbCompletion() and
// USBSTOR_ClientBulkCompletionRoutine()
//
// This routine may run at DPC level.
//
// Basic idea:
//
// Starts a USB transfer to read the command completion interrupt data In
// the Interrupt endpoint.
//
// Sets USBSTOR_InterruptDataCompletionRoutine() as the completion routine.
//
//******************************************************************************
NTSTATUSUSBSTOR_IssueInterruptRequest ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; USBD_PIPE_HANDLE pipeHandle; ULONG transferBufferLength; PVOID transferBuffer; NTSTATUS ntStatus;
DBGPRINT(3, ("enter: USBSTOR_IssueInterruptRequest\n"));
LOGENTRY('IINT', DeviceObject, Irp, 0);
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
pipeHandle = fdoDeviceExtension->InterruptInPipe->PipeHandle;
transferBufferLength = sizeof(fdoDeviceExtension->Cbi.InterruptData);
transferBuffer = &fdoDeviceExtension->Cbi.InterruptData;
ntStatus = USBSTOR_IssueBulkOrInterruptRequest( DeviceObject, Irp, pipeHandle, // PipeHandle
0, // TransferFlags
transferBufferLength, // TransferBufferLength
transferBuffer, // TransferBuffer
NULL, // TransferBufferMDL
USBSTOR_InterruptDataCompletionRoutine, // CompletionRoutine
NULL); // Context
DBGPRINT(3, ("exit: USBSTOR_IssueInterruptRequest %08X\n", ntStatus));
LOGENTRY('iint', DeviceObject, Irp, ntStatus);
return ntStatus;}
//******************************************************************************
//
// USBSTOR_InterruptDataCompletionRoutine()
//
// Completion routine used by USBSTOR_IssueInterruptRequest()
//
// This routine may run at DPC level.
//
// Basic idea:
//
// If a timeout reset occured, complete the request.
//
// Else if the Interrupt USB transfer failed due to any reason, complete the
// request and start a reset by queuing USBSTOR_ResetDeviceWorkItem().
//
// Else if the Interrupt USB transfer succeeded but the completion data is
// non-zero and AutoSense is not disabled, do not complete the request yet and
// start a Request Sense by calling USBSTOR_IssueRequestSenseCdb(AUTO).
//
// Else if the Interrupt USB transfer succeeded but the completion data is
// non-zero and AutoSense is disabled, mark a persistant error and complete
// the request.
//
// Else if the Interrupt USB transfer succeeded and the completion data is
// zero, complete the request.
//
//******************************************************************************
NTSTATUSUSBSTOR_InterruptDataCompletionRoutine ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID NotUsed ){ PPDO_DEVICE_EXTENSION pdoDeviceExtension; PDEVICE_OBJECT fdoDeviceObject; PFDO_DEVICE_EXTENSION fdoDeviceExtension; PIO_STACK_LOCATION irpStack; PSCSI_REQUEST_BLOCK srb; KIRQL irql; NTSTATUS ntStatus;
struct _URB_BULK_OR_INTERRUPT_TRANSFER *intrUrb;
DBGPRINT(3, ("enter: USBSTOR_InterruptDataCompletionRoutine\n"));
LOGENTRY('IDCR', DeviceObject, Irp, Irp->IoStatus.Status);
pdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(pdoDeviceExtension->Type == USBSTOR_DO_TYPE_PDO);
fdoDeviceObject = pdoDeviceExtension->ParentFDO; fdoDeviceExtension = fdoDeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Get a pointer to the Interrupt Transfer URB in our Device Extension
//
intrUrb = &fdoDeviceExtension->Urb.BulkIntrUrb;
// Get our Irp parameters
//
irpStack = IoGetCurrentIrpStackLocation(Irp);
srb = irpStack->Parameters.Scsi.Srb;
// If a timeout reset occured, complete the request.
//
if (USBSTOR_CheckRequestTimeOut(fdoDeviceObject, Irp, srb, &ntStatus)) { LOGENTRY('idc1', fdoDeviceObject, Irp, srb); DBGPRINT(1, ("USBSTOR_InterruptDataCompletionRoutine: timeout completion\n")); return ntStatus; }
if (!NT_SUCCESS(Irp->IoStatus.Status)) { // The Interrupt CDB USB transfer failed. Complete this request
// now and then reset the device. The next request will be started
// when the reset completes.
//
LOGENTRY('idc2', Irp->IoStatus.Status, intrUrb->Hdr.Status, 0);
DBGPRINT(1, ("Interrupt transfer failed %08X %08X\n", Irp->IoStatus.Status, intrUrb->Hdr.Status));
ntStatus = STATUS_IO_DEVICE_ERROR; Irp->IoStatus.Status = ntStatus; Irp->IoStatus.Information = 0; srb->SrbStatus = SRB_STATUS_BUS_RESET;
USBSTOR_TranslateCDBComplete(fdoDeviceObject, Irp, srb);
USBSTOR_QueueResetDevice(fdoDeviceObject);
DBGPRINT(1, ("USBSTOR_InterruptDataCompletionRoutine: xfer error completion\n"));
return ntStatus; }
if ((fdoDeviceExtension->Cbi.InterruptData != 0) && (srb->Cdb[0] != SCSIOP_INQUIRY) && (srb->Cdb[0] != SCSIOP_REQUEST_SENSE)) { // Command completion interrupt data indicates an error. Either don't
// complete the request yet and start an AutoSense, or complete the
// request now and indicate a persistent error.
//
srb->SrbStatus = SRB_STATUS_ERROR; srb->ScsiStatus = SCSISTAT_CHECK_CONDITION; srb->DataTransferLength = 0; // XXXXX Leave as set by bulk completion???
if (!(srb->SrbFlags & SRB_FLAGS_DISABLE_AUTOSENSE) && (srb->SenseInfoBufferLength != 0) && (srb->SenseInfoBuffer != NULL)) { LOGENTRY('idc3', fdoDeviceObject, Irp, srb);
// AutoSense is not disabled so do not complete the request
// yet. Queue a bulk pipe reset. After the bulk pipe reset
// completes, a Request Sense will be issued. This request
// will be completed and the next request started when the
// AutoSense Request Sense completes later.
//
USBSTOR_QueueResetPipe(fdoDeviceObject);
return STATUS_MORE_PROCESSING_REQUIRED; } else { LOGENTRY('idc4', fdoDeviceObject, Irp, srb);
// AutoSense is disabled so mark a persistent error and
// complete the request, but also queue a bulk pipe reset.
//
// The next request will be started when the bulk pipe
// reset completes.
//
ntStatus = STATUS_IO_DEVICE_ERROR; Irp->IoStatus.Status = ntStatus; Irp->IoStatus.Information = 0;
KeAcquireSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock, &irql); { SET_FLAG(fdoDeviceExtension->DeviceFlags, DF_PERSISTENT_ERROR); } KeReleaseSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock, irql);
USBSTOR_TranslateCDBComplete(fdoDeviceObject, Irp, srb);
USBSTOR_QueueResetPipe(fdoDeviceObject);
return ntStatus; } }
// Hack for Y-E Data USB Floppy. Occasionally it will return interrupt
// data with the wrong data toggle. The interrupt data with the wrong
// toggle is silently ignored, which results in a request timeout.
// Forcing a Request Sense command between the completion of one command
// and the start of the next appears to be one way to work around this.
//
if (TEST_FLAG(fdoDeviceExtension->DeviceHackFlags, DHF_FORCE_REQUEST_SENSE)) { KeAcquireSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock, &irql); { SET_FLAG(fdoDeviceExtension->DeviceFlags, DF_PERSISTENT_ERROR); } KeReleaseSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock, irql); }
// The Interrupt USB transfer succeeded and the completion data is zero,
// complete this request now. Also start the next request now.
ntStatus = STATUS_SUCCESS; Irp->IoStatus.Status = ntStatus;
ASSERT(srb->SrbStatus != SRB_STATUS_PENDING);
USBSTOR_TranslateCDBComplete(fdoDeviceObject, Irp, srb);
Irp->IoStatus.Information = srb->DataTransferLength;
LOGENTRY('idc5', fdoDeviceObject, Irp, srb);
KeRaiseIrql(DISPATCH_LEVEL, &irql); { IoStartNextPacket(fdoDeviceObject, TRUE); } KeLowerIrql(irql);
DBGPRINT(3, ("exit: USBSTOR_InterruptDataCompletionRoutine %08X\n", ntStatus));
return ntStatus;}
//
// Phase 4, Request Sense CDB Control transfer
//
//******************************************************************************
//
// USBSTOR_IssueRequestSenseCdb()
//
// This routine can be called by USBSTOR_StartIo, USBSTOR_ClientCdbCompletion(),
// USBSTOR_InterruptDataCompletionRoutine(), and by USBSTOR_ResetPipeWorkItem().
//
// This routine may run at DPC level.
//
// Basic idea:
//
// Starts a USB transfer to write a Request Sense CDB out the control endpoint.
//
// Sets USBSTOR_RequestSenseCdbCompletion(AutoFlag) as the completion routine.
//
//******************************************************************************
NTSTATUSUSBSTOR_IssueRequestSenseCdb ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN ULONG_PTR AutoFlag ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; PIO_STACK_LOCATION irpStack; PSCSI_REQUEST_BLOCK srb; ULONG transferBufferLength; PVOID transferBuffer; NTSTATUS ntStatus;
DBGPRINT(3, ("enter: USBSTOR_IssueRequestSenseCdb\n"));
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Get the client Srb
//
irpStack = IoGetCurrentIrpStackLocation(Irp);
srb = irpStack->Parameters.Scsi.Srb;
// The Control Transfer data buffer is our own Request Sense Cdb
//
RtlZeroMemory(fdoDeviceExtension->Cbi.RequestSenseCDB, sizeof(fdoDeviceExtension->Cbi.RequestSenseCDB));
fdoDeviceExtension->Cbi.RequestSenseCDB[0] = SCSIOP_REQUEST_SENSE;
transferBufferLength = sizeof(fdoDeviceExtension->Cbi.RequestSenseCDB);
transferBuffer = fdoDeviceExtension->Cbi.RequestSenseCDB;
// If this is an AutoSense, we'll use the client Srb Sense Info Buffer,
// else we are doing this Request Sense to clear a persistent error and
// we'll use our own sense info buffer.
//
if (AutoFlag == AUTO_SENSE) { fdoDeviceExtension->Cbi.RequestSenseCDB[4] = srb->SenseInfoBufferLength; } else { fdoDeviceExtension->Cbi.RequestSenseCDB[4] = sizeof(fdoDeviceExtension->Cbi.SenseData); }
ntStatus = USBSTOR_IssueControlRequest( DeviceObject, Irp, transferBufferLength, // TransferBufferLength
transferBuffer, // TransferBuffer
USBSTOR_RequestSenseCdbCompletion, // CompletionRoutine
(PVOID)AutoFlag); // Context
DBGPRINT(3, ("exit: USBSTOR_IssueRequestSenseCdb %08X\n", ntStatus));
return ntStatus;}
//******************************************************************************
//
// USBSTOR_RequestSenseCdbCompletion()
//
// Completion routine used by USBSTOR_IssueRequestSenseCdb
//
// This routine may run at DPC level.
//
// Basic idea:
//
// If a timeout reset occured, complete the request.
//
// Else if the Request Sense CDB USB transfer failed, complete the request and
// start a reset by queuing USBSTOR_ResetDeviceWorkItem().
//
// Else if the Request Sense CDB USB transfer succeeded, do not complete the
// request yet and start the Request Sense Bulk USB data transfer by calling
// USBSTOR_IssueRequestSenseBulkRequest(AutoFlag)
//
//******************************************************************************
NTSTATUSUSBSTOR_RequestSenseCdbCompletion ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID AutoFlag ){ PPDO_DEVICE_EXTENSION pdoDeviceExtension; PDEVICE_OBJECT fdoDeviceObject; PFDO_DEVICE_EXTENSION fdoDeviceExtension; PIO_STACK_LOCATION irpStack; PSCSI_REQUEST_BLOCK srb; NTSTATUS ntStatus;
struct _URB_CONTROL_VENDOR_OR_CLASS_REQUEST *controlUrb;
DBGPRINT(3, ("enter: USBSTOR_RequestSenseCdbCompletion\n"));
LOGENTRY('RSCC', DeviceObject, Irp, Irp->IoStatus.Status);
pdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(pdoDeviceExtension->Type == USBSTOR_DO_TYPE_PDO);
fdoDeviceObject = pdoDeviceExtension->ParentFDO; fdoDeviceExtension = fdoDeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Get a pointer to the Control/Bulk/Interrupt Transfer URB in our Device
// Extension
//
controlUrb = &fdoDeviceExtension->Urb.ControlUrb;
// Get our Irp parameters
//
irpStack = IoGetCurrentIrpStackLocation(Irp);
srb = irpStack->Parameters.Scsi.Srb;
// If a timeout reset occured, complete the request.
//
if (USBSTOR_CheckRequestTimeOut(fdoDeviceObject, Irp, srb, &ntStatus)) { LOGENTRY('rsc1', fdoDeviceObject, Irp, srb); DBGPRINT(1, ("USBSTOR_RequestSenseCdbCompletion: timeout completion\n")); return ntStatus; }
if (!NT_SUCCESS(Irp->IoStatus.Status)) { LOGENTRY('rsc2', Irp->IoStatus.Status, controlUrb->Hdr.Status, 0);
DBGPRINT(1, ("Request Sense CDB transfer failed %08X %08X\n", Irp->IoStatus.Status, controlUrb->Hdr.Status));
// The Request Sense CDB USB transfer failed. Complete this request
// now and then reset the device. The next request will be started
// when the reset completes.
//
ntStatus = STATUS_IO_DEVICE_ERROR; Irp->IoStatus.Status = ntStatus; Irp->IoStatus.Information = 0; srb->SrbStatus = SRB_STATUS_BUS_RESET;
USBSTOR_TranslateCDBComplete(fdoDeviceObject, Irp, srb);
USBSTOR_QueueResetDevice(fdoDeviceObject);
DBGPRINT(1, ("USBSTOR_RequestSenseCdbCompletion: xfer error completion\n"));
return ntStatus; }
LOGENTRY('rsc3', Irp->IoStatus.Status, controlUrb->Hdr.Status, 0);
// The Request Sense CDB USB transfer succeeded, do not complete the request
// yet and start the Request Sense Bulk USB data transfer.
//
ntStatus = USBSTOR_IssueRequestSenseBulkRequest(fdoDeviceObject, Irp, (ULONG_PTR)AutoFlag);
DBGPRINT(3, ("exit: USBSTOR_RequestSenseCdbCompletion %08X\n", ntStatus));
return STATUS_MORE_PROCESSING_REQUIRED;}
//
// Phase 5, Request Sense Bulk transfer
//
//******************************************************************************
//
// USBSTOR_IssueRequestSenseBulkRequest()
//
// This routine is called by USBSTOR_RequestSenseCdbCompletion().
//
// This routine may run at DPC level.
//
// Basic idea:
//
// Starts a USB transfer to read the Requese Sense data in the bulk endpoint.
//
// If AutoFlag==AUTO, transfer buffer = Srb->SenseInfoBuffer.
//
// Else if AutoFlag==NON_AUTO, transfer buffer = bit bucket
//
// Sets USBSTOR_SenseDataCompletionRoutine(AutoFlag) as the completion routine.
//
//******************************************************************************
NTSTATUSUSBSTOR_IssueRequestSenseBulkRequest ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN ULONG_PTR AutoFlag ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; PIO_STACK_LOCATION irpStack; PSCSI_REQUEST_BLOCK srb; USBD_PIPE_HANDLE pipeHandle; ULONG transferBufferLength; PVOID transferBuffer; NTSTATUS ntStatus;
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Get our Irp parameters
//
irpStack = IoGetCurrentIrpStackLocation(Irp);
srb = irpStack->Parameters.Scsi.Srb;
pipeHandle = fdoDeviceExtension->BulkInPipe->PipeHandle;
// If this is an AutoSense, we'll use the client Srb Sense Info Buffer,
// else we are doing this Request Sense to clear a persistent error and
// we'll use our own sense info buffer.
//
if (AutoFlag == AUTO_SENSE) { transferBufferLength = srb->SenseInfoBufferLength; transferBuffer = srb->SenseInfoBuffer; } else { transferBufferLength = sizeof(fdoDeviceExtension->Cbi.SenseData); transferBuffer = &fdoDeviceExtension->Cbi.SenseData; }
RtlZeroMemory(&fdoDeviceExtension->Cbi.SenseData, sizeof(fdoDeviceExtension->Cbi.SenseData));
ntStatus = USBSTOR_IssueBulkOrInterruptRequest( DeviceObject, Irp, pipeHandle, // PipeHandle
USBD_SHORT_TRANSFER_OK, // TransferFlags
transferBufferLength, // TransferBufferLength
transferBuffer, // TransferBuffer
NULL, // TransferBufferMDL
USBSTOR_SenseDataCompletionRoutine, // CompletionRoutine
(PVOID)AutoFlag); // Context
return ntStatus;}
//******************************************************************************
//
// USBSTOR_SenseDataCompletionRoutine()
//
// Completion routine used by USBSTOR_IssueRequestSenseBulkRequest()
//
// This routine may run at DPC level.
//
// Basic idea:
//
// If a timeout reset occured, complete the request.
//
// Else if the Request Sense Bulk USB transfer failed due to any reason,
// complete the request and start a reset by queuing a call to
// USBSTOR_ResetDeviceWorkItem().
//
// Else if the Request Sense Bulk USB transfer succeeded and the device
// does support the command completion interrupt, start the command completion
// interrupt transfer by calling USBSTOR_IssueRequestSenseInterruptRequest().
//
// Else if the Request Sense Bulk USB transfer succeeded and the device
// does not support the command completion interrupt, complete the request
// by calling USBSTOR_ProcessRequestSenseCompletion().
//
//******************************************************************************
NTSTATUSUSBSTOR_SenseDataCompletionRoutine ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID AutoFlag ){ PPDO_DEVICE_EXTENSION pdoDeviceExtension; PDEVICE_OBJECT fdoDeviceObject; PFDO_DEVICE_EXTENSION fdoDeviceExtension; PIO_STACK_LOCATION irpStack; PSCSI_REQUEST_BLOCK srb; NTSTATUS ntStatus;
struct _URB_BULK_OR_INTERRUPT_TRANSFER *bulkUrb;
DBGPRINT(3, ("enter: USBSTOR_SenseDataCompletionRoutine\n"));
LOGENTRY('SDCR', DeviceObject, Irp, Irp->IoStatus.Status);
pdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(pdoDeviceExtension->Type == USBSTOR_DO_TYPE_PDO);
fdoDeviceObject = pdoDeviceExtension->ParentFDO; fdoDeviceExtension = fdoDeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Get a pointer to the Bulk Transfer URB in our Device Extension
//
bulkUrb = &fdoDeviceExtension->Urb.BulkIntrUrb;
// Get our Irp parameters
//
irpStack = IoGetCurrentIrpStackLocation(Irp);
srb = irpStack->Parameters.Scsi.Srb;
// If a timeout reset occured, complete the request.
//
if (USBSTOR_CheckRequestTimeOut(fdoDeviceObject, Irp, srb, &ntStatus)) { LOGENTRY('sdc1', fdoDeviceObject, Irp, srb); DBGPRINT(1, ("USBSTOR_SenseDataCompletionRoutine: timeout completion\n")); return ntStatus; }
if (!NT_SUCCESS(Irp->IoStatus.Status)) { LOGENTRY('sdc2', Irp->IoStatus.Status, bulkUrb->Hdr.Status, 0);
DBGPRINT(1, ("BULK sense data transfer failed %08X %08X\n", Irp->IoStatus.Status, bulkUrb->Hdr.Status));
// The Request Sense Bulk USB transfer failed. Complete this request
// now and then reset the device. The next request will be started
// when the reset completes.
//
ntStatus = STATUS_IO_DEVICE_ERROR; Irp->IoStatus.Status = ntStatus; Irp->IoStatus.Information = 0; srb->SrbStatus = SRB_STATUS_BUS_RESET;
USBSTOR_TranslateCDBComplete(fdoDeviceObject, Irp, srb);
USBSTOR_QueueResetDevice(fdoDeviceObject);
DBGPRINT(1, ("USBSTOR_SenseDataCompletionRoutine: xfer error completion\n"));
return ntStatus; }
// The Request Sense Bulk transfer completed successfully.
LOGENTRY('sdc3', Irp->IoStatus.Status, bulkUrb->Hdr.Status, bulkUrb->TransferBufferLength);
// Save the sense data so we can look at it after the command
// completion interrupt transfer completes.
//
if ((ULONG_PTR)AutoFlag == AUTO_SENSE) { RtlCopyMemory(&fdoDeviceExtension->Cbi.SenseData, bulkUrb->TransferBuffer, min(bulkUrb->TransferBufferLength, sizeof(fdoDeviceExtension->Cbi.SenseData)));
// Update the SRB with the length of the sense data that was
// actually returned.
//
srb->SenseInfoBufferLength = (UCHAR)bulkUrb->TransferBufferLength; }
DBGPRINT(2, ("Sense Data: 0x%02X 0x%02X 0x%02X\n", fdoDeviceExtension->Cbi.SenseData.SenseKey, fdoDeviceExtension->Cbi.SenseData.AdditionalSenseCode, fdoDeviceExtension->Cbi.SenseData.AdditionalSenseCodeQualifier));
if (fdoDeviceExtension->InterruptInPipe) { // Command completion interrupt supported. Do not complete the
// request yet. Start the Request Sense command completion interrupt
// transfer.
//
ntStatus = USBSTOR_IssueRequestSenseInterruptRequest( fdoDeviceObject, Irp, (ULONG_PTR)AutoFlag);
ntStatus = STATUS_MORE_PROCESSING_REQUIRED; } else { // Command completion interrupt not supported. Complete the request
// now.
//
ntStatus = USBSTOR_ProcessRequestSenseCompletion( fdoDeviceObject, Irp, (ULONG_PTR)AutoFlag); }
DBGPRINT(3, ("exit: USBSTOR_SenseDataCompletionRoutine %08X\n", ntStatus));
return ntStatus;}
//
// Phase 6, Request Sense Command completion Interrupt transfer
//
//******************************************************************************
//
// USBSTOR_IssueRequestSenseInterruptRequest()
//
// This routine is called USBSTOR_SenseDataCompletionRoutine()
//
// This routine may run at DPC level.
//
// Basic idea:
//
// Starts a USB transfer to read the command completion interrupt data In
// the Interrupt endpoint.
//
// Sets USBSTOR_RequestSenseInterruptCompletionRoutine() as the completion
// routine.
//
//******************************************************************************
NTSTATUSUSBSTOR_IssueRequestSenseInterruptRequest ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN ULONG_PTR AutoFlag ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; USBD_PIPE_HANDLE pipeHandle; ULONG transferBufferLength; PVOID transferBuffer; NTSTATUS ntStatus;
DBGPRINT(3, ("enter: USBSTOR_IssueRequestSenseInterruptRequest\n"));
LOGENTRY('IRSI', DeviceObject, Irp, 0);
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
pipeHandle = fdoDeviceExtension->InterruptInPipe->PipeHandle;
transferBufferLength = sizeof(fdoDeviceExtension->Cbi.InterruptData);
transferBuffer = &fdoDeviceExtension->Cbi.InterruptData;
ntStatus = USBSTOR_IssueBulkOrInterruptRequest( DeviceObject, Irp, pipeHandle, // PipeHandle
0, // TransferFlags
transferBufferLength, // TransferBufferLength
transferBuffer, // TransferBuffer
NULL, // TransferBufferMDL
USBSTOR_RequestSenseInterruptCompletionRoutine, // CompletionRoutine
(PVOID)AutoFlag); // Context
DBGPRINT(3, ("exit: USBSTOR_IssueRequestSenseInterruptRequest %08X\n", ntStatus));
LOGENTRY('irsi', DeviceObject, Irp, ntStatus);
return ntStatus;}
//******************************************************************************
//
// USBSTOR_RequestSenseInterruptCompletionRoutine()
//
// Completion routine used by USBSTOR_IssueRequestSenseInterruptRequest()
//
// This routine may run at DPC level.
//
// Basic idea:
//
// If a timeout reset occured, complete the request.
//
// Else if the Interrupt USB transfer failed due to any reason, complete the
// request and start a reset by queuing USBSTOR_ResetDeviceWorkItem().
//
// Else if the Interrupt USB transfer succeeded but the completion data is
// non-zero and AutoSense is not disabled, do not complete the request yet and
// start a Request Sense by calling USBSTOR_IssueRequestSenseCdb(AUTO).
//
// Else if the Interrupt USB transfer succeeded, ignore the interrupt data
// and complete the request by calling USBSTOR_ProcessRequestSenseCompletion().
//
//******************************************************************************
NTSTATUSUSBSTOR_RequestSenseInterruptCompletionRoutine ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID AutoFlag ){ PPDO_DEVICE_EXTENSION pdoDeviceExtension; PDEVICE_OBJECT fdoDeviceObject; PFDO_DEVICE_EXTENSION fdoDeviceExtension; PIO_STACK_LOCATION irpStack; PSCSI_REQUEST_BLOCK srb; NTSTATUS ntStatus;
struct _URB_BULK_OR_INTERRUPT_TRANSFER *intrUrb;
DBGPRINT(3, ("enter: USBSTOR_RequestSenseInterruptCompletionRoutine\n"));
LOGENTRY('RSIC', DeviceObject, Irp, Irp->IoStatus.Status);
pdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(pdoDeviceExtension->Type == USBSTOR_DO_TYPE_PDO);
fdoDeviceObject = pdoDeviceExtension->ParentFDO; fdoDeviceExtension = fdoDeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Get a pointer to the Interrupt Transfer URB in our Device Extension
//
intrUrb = &fdoDeviceExtension->Urb.BulkIntrUrb;
// Get our Irp parameters
//
irpStack = IoGetCurrentIrpStackLocation(Irp);
srb = irpStack->Parameters.Scsi.Srb;
// If a timeout reset occured, complete the request.
//
if (USBSTOR_CheckRequestTimeOut(fdoDeviceObject, Irp, srb, &ntStatus)) { LOGENTRY('rsi1', fdoDeviceObject, Irp, srb); DBGPRINT(1, ("USBSTOR_RequestSenseInterruptCompletionRoutine: timeout completion\n")); return ntStatus; }
if (!NT_SUCCESS(Irp->IoStatus.Status)) { // The command completion Interrupt USB transfer failed. Complete
// this request now and then reset the device. The next request will
// be started when the reset completes.
//
LOGENTRY('rsi2', Irp->IoStatus.Status, intrUrb->Hdr.Status, 0);
DBGPRINT(1, ("Interrupt transfer failed %08X %08X\n", Irp->IoStatus.Status, intrUrb->Hdr.Status));
ntStatus = STATUS_IO_DEVICE_ERROR; Irp->IoStatus.Status = ntStatus; Irp->IoStatus.Information = 0; srb->SrbStatus = SRB_STATUS_BUS_RESET;
USBSTOR_TranslateCDBComplete(fdoDeviceObject, Irp, srb);
USBSTOR_QueueResetDevice(fdoDeviceObject);
DBGPRINT(1, ("USBSTOR_RequestSenseInterruptCompletionRoutine: xfer error completion\n"));
return ntStatus; }
// Request Sense Command Completion Interrupt tranfer completed successfully.
LOGENTRY('rsi3', Irp->IoStatus.Status, intrUrb->Hdr.Status, intrUrb->TransferBufferLength);
ntStatus = USBSTOR_ProcessRequestSenseCompletion( fdoDeviceObject, Irp, (ULONG_PTR)AutoFlag);
DBGPRINT(3, ("exit: USBSTOR_RequestSenseInterruptCompletionRoutine %08X\n", ntStatus));
return ntStatus;}
//******************************************************************************
//
// USBSTOR_ProcessRequestSenseCompletion()
//
// This routine handles completion for USBSTOR_SenseDataCompletionRoutine()
// and USBSTOR_RequestSenseInterruptCompletionRoutine(). It basically just
// handles a couple of special cases.
//
// This routine may run at DPC level.
//
//******************************************************************************
NTSTATUSUSBSTOR_ProcessRequestSenseCompletion ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN ULONG_PTR AutoFlag ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; PIO_STACK_LOCATION irpStack; PSCSI_REQUEST_BLOCK srb; KIRQL irql; NTSTATUS ntStatus;
LOGENTRY('PRSC', DeviceObject, Irp, 0);
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Get our Irp parameters
//
irpStack = IoGetCurrentIrpStackLocation(Irp);
srb = irpStack->Parameters.Scsi.Srb;
if (AutoFlag == NON_AUTO_SENSE) { LOGENTRY('prs1', DeviceObject, Irp, srb);
if ((fdoDeviceExtension->Cbi.SenseData.SenseKey == SCSI_SENSE_UNIT_ATTENTION) && (fdoDeviceExtension->Cbi.SenseData.AdditionalSenseCode == SCSI_ADSENSE_BUS_RESET)) { fdoDeviceExtension->LastSenseWasReset = TRUE; }
// Just cleared the persistent error from the previous request,
// now issue the real request.
//
ntStatus = USBSTOR_IssueClientCdb(DeviceObject, Irp);
return STATUS_MORE_PROCESSING_REQUIRED; }
// SrbStatus and DataTransferLength were already set in
// USBSTOR_ClientCdbCompletion(), USBSTOR_ClientBulkCompletionRoutine(), or in
// or USBSTOR_InterruptDataCompletionRoutine() before we got here.
//
srb->SrbStatus |= SRB_STATUS_AUTOSENSE_VALID;
USBSTOR_TranslateCDBComplete(DeviceObject, Irp, srb);
Irp->IoStatus.Information = srb->DataTransferLength;
ntStatus = Irp->IoStatus.Status;
// Disgusting hack for Y-E Data USB Floppy. On Medium Changed it doesn't
// automatically update the Write Protect status that you get back in
// the Mode Parameter Header on a Mode Sense. Supposedly a Start Unit
// request after a Medium Changed should cause it to update the Write
// Protect status, but that does not seem to be the case. A good old
// bus reset gets its attention though and updates the Write Protect
// status. Don't do this if the last status was a Bus Reset or that
// will cause a loop.
//
if ((fdoDeviceExtension->Cbi.SenseData.SenseKey == SCSI_SENSE_UNIT_ATTENTION) && (fdoDeviceExtension->Cbi.SenseData.AdditionalSenseCode == SCSI_ADSENSE_MEDIUM_CHANGED) && !fdoDeviceExtension->LastSenseWasReset && TEST_FLAG(fdoDeviceExtension->DeviceHackFlags, DHF_MEDIUM_CHANGE_RESET)) { LOGENTRY('prs2', DeviceObject, Irp, srb);
USBSTOR_QueueResetDevice(DeviceObject); } else { if ((fdoDeviceExtension->Cbi.SenseData.SenseKey == SCSI_SENSE_UNIT_ATTENTION) && (fdoDeviceExtension->Cbi.SenseData.AdditionalSenseCode == SCSI_ADSENSE_BUS_RESET)) { LOGENTRY('prs3', DeviceObject, Irp, srb);
fdoDeviceExtension->LastSenseWasReset = TRUE; } else { LOGENTRY('prs4', DeviceObject, Irp, srb);
fdoDeviceExtension->LastSenseWasReset = FALSE; }
KeRaiseIrql(DISPATCH_LEVEL, &irql); { IoStartNextPacket(DeviceObject, TRUE); } KeLowerIrql(irql); }
return ntStatus;}
//******************************************************************************
//
// USBSTOR_QueueResetPipe()
//
// Called by USBSTOR_BulkCompletionRoutine() to clear the STALL on the bulk
// endpoints.
//
//******************************************************************************
VOIDUSBSTOR_QueueResetPipe ( IN PDEVICE_OBJECT DeviceObject ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension;
LOGENTRY('QRSP', DeviceObject, 0, 0);
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
INCREMENT_PENDING_IO_COUNT(fdoDeviceExtension);
IoQueueWorkItem(fdoDeviceExtension->IoWorkItem, USBSTOR_ResetPipeWorkItem, CriticalWorkQueue, NULL);}
//******************************************************************************
//
// USBSTOR_ResetPipeWorkItem()
//
// WorkItem routine used by USBSTOR_ResetPipe()
//
// This routine runs at PASSIVE level.
//
// Basic idea:
//
// Issue a Reset Pipe request to clear the Bulk endpoint STALL and reset
// the data toggle to Data0.
//
// If AutoSense is not disabled, do not complete the request yet and start
// a Request Sense by calling USBSTOR_IssueRequestSenseCdb(AUTO).
//
// Else if AutoSense is disabled, complete the request.
//
//******************************************************************************
VOIDUSBSTOR_ResetPipeWorkItem ( IN PDEVICE_OBJECT DeviceObject, IN PVOID Context ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; BOOLEAN persistentError; KIRQL irql; NTSTATUS ntStatus;
LOGENTRY('RSPW', DeviceObject, 0, 0);
DBGPRINT(2, ("enter: USBSTOR_ResetPipeWorkItem\n"));
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Reset the Bulk Endpoint. This clears the endpoint halt on the
// host side, resets the host side data toggle to Data0, and issues
// the Clear_Feature Endpoint_Stall request to the device.
//
ntStatus = USBSTOR_ResetPipe((PDEVICE_OBJECT)DeviceObject, fdoDeviceExtension->BulkInPipe->PipeHandle);
ntStatus = USBSTOR_ResetPipe((PDEVICE_OBJECT)DeviceObject, fdoDeviceExtension->BulkOutPipe->PipeHandle);
persistentError = FALSE;
KeAcquireSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock, &irql); { if (TEST_FLAG(fdoDeviceExtension->DeviceFlags, DF_PERSISTENT_ERROR)) { persistentError = TRUE; } } KeReleaseSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock, irql);
if (persistentError) { // We are not doing an AutoSense, start the next packet.
//
KeRaiseIrql(DISPATCH_LEVEL, &irql); { IoStartNextPacket(DeviceObject, TRUE); } KeLowerIrql(irql); } else { // We are doing an AutoSense, send the REQUEST_SENSE Cdb to the device.
//
ntStatus = USBSTOR_IssueRequestSenseCdb( (PDEVICE_OBJECT)DeviceObject, ((PDEVICE_OBJECT)DeviceObject)->CurrentIrp, AUTO_SENSE); }
DBGPRINT(2, ("exit: USBSTOR_ResetPipeWorkItem\n"));
DECREMENT_PENDING_IO_COUNT(fdoDeviceExtension);}
//
// Bulk-Only Routines
//
//
// Phase 1, CBW Transfer
//
//******************************************************************************
//
// USBSTOR_CbwTransfer()
//
// This routine is called by USBSTOR_StartIo().
//
// It runs at DPC level.
//
// Basic idea:
//
// Starts a USB transfer to write the Srb->Cdb wrapped inside a CBW out
// the Bulk OUT endpoint.
//
// Sets USBSTOR_CbwCompletion() as the completion routine.
//
//******************************************************************************
NTSTATUSUSBSTOR_CbwTransfer ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; PPDO_DEVICE_EXTENSION pdoDeviceExtension; PIO_STACK_LOCATION irpStack; PSCSI_REQUEST_BLOCK srb; PCBW cbw; USBD_PIPE_HANDLE pipeHandle; NTSTATUS ntStatus;
DBGPRINT(3, ("enter: USBSTOR_CbwTransfer\n"));
LOGENTRY('ICBW', DeviceObject, Irp, 0);
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
fdoDeviceExtension->BulkOnly.StallCount = 0;
irpStack = IoGetCurrentIrpStackLocation(Irp);
// Get the PDO extension from the PDO which was saved in the current
// stack location when the Irp was originally sent to the PDO.
//
pdoDeviceExtension = irpStack->DeviceObject->DeviceExtension; ASSERT(pdoDeviceExtension->Type == USBSTOR_DO_TYPE_PDO);
LOGENTRY('icbl', DeviceObject, irpStack->DeviceObject, pdoDeviceExtension->LUN);
// Get the client Srb
//
srb = irpStack->Parameters.Scsi.Srb;
// Initialize the Command Block Wrapper
//
cbw = &fdoDeviceExtension->BulkOnly.CbwCsw.Cbw;
cbw->dCBWSignature = CBW_SIGNATURE;
cbw->dCBWTag = PtrToUlong(Irp);
cbw->dCBWDataTransferLength = srb->DataTransferLength;
cbw->bCBWFlags = (srb->SrbFlags & SRB_FLAGS_DATA_IN) ? CBW_FLAGS_DATA_IN : CBW_FLAGS_DATA_OUT;
cbw->bCBWLUN = pdoDeviceExtension->LUN;
cbw->bCDBLength = srb->CdbLength;
RtlCopyMemory(cbw->CBWCDB, srb->Cdb, 16);
pipeHandle = fdoDeviceExtension->BulkOutPipe->PipeHandle;
ntStatus = USBSTOR_IssueBulkOrInterruptRequest( DeviceObject, Irp, pipeHandle, // PipeHandle
0, // TransferFlags
sizeof(CBW), // TransferBufferLength
cbw, // TransferBuffer
NULL, // TransferBufferMDL
USBSTOR_CbwCompletion, // CompletionRoutine
NULL); // Context
DBGPRINT(3, ("exit: USBSTOR_CbwTransfer %08X\n", ntStatus));
LOGENTRY('icbw', DeviceObject, Irp, ntStatus);
return ntStatus;}
//******************************************************************************
//
// USBSTOR_CbwCompletion()
//
// Completion routine used by USBSTOR_CbwTransfer()
//
// This routine may run at DPC level.
//
// Basic idea:
//
// If a timeout reset occured, complete the request.
//
// Else if the CBW USB transfer failed due to any reason, complete the
// request and start a reset by queuing USBSTOR_ResetDeviceWorkItem().
//
// Else if the CBW USB transfer succeeded and the Srb has a transfer buffer,
// do not complete the request yet and start the bulk data transfer by calling
// USBSTOR_DataTransfer().
//
// Else if the CBW USB transfer succeeded and the Srb has no transfer buffer,
// do not complete the request yet and start the CSW bulk transfer by calling
// USBSTOR_CswTransfer().
//
//******************************************************************************
NTSTATUSUSBSTOR_CbwCompletion ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID NotUsed ){ PPDO_DEVICE_EXTENSION pdoDeviceExtension; PDEVICE_OBJECT fdoDeviceObject; PFDO_DEVICE_EXTENSION fdoDeviceExtension; PIO_STACK_LOCATION irpStack; PSCSI_REQUEST_BLOCK srb; NTSTATUS ntStatus;
struct _URB_BULK_OR_INTERRUPT_TRANSFER *bulkUrb;
DBGPRINT(3, ("enter: USBSTOR_CbwCompletion\n"));
LOGENTRY('CBWC', DeviceObject, Irp, Irp->IoStatus.Status);
pdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(pdoDeviceExtension->Type == USBSTOR_DO_TYPE_PDO);
fdoDeviceObject = pdoDeviceExtension->ParentFDO; fdoDeviceExtension = fdoDeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Get a pointer to the Bulk Transfer URB in our Device Extension
//
bulkUrb = &fdoDeviceExtension->Urb.BulkIntrUrb;
// Get our Irp parameters
//
irpStack = IoGetCurrentIrpStackLocation(Irp);
srb = irpStack->Parameters.Scsi.Srb;
// If a timeout reset occured, complete the request.
//
if (USBSTOR_CheckRequestTimeOut(fdoDeviceObject, Irp, srb, &ntStatus)) { LOGENTRY('cbw1', fdoDeviceObject, Irp, srb); DBGPRINT(1, ("USBSTOR_CbwCompletion: timeout completion\n")); return ntStatus; }
if (!NT_SUCCESS(Irp->IoStatus.Status)) { // The CBW Bulk Transfer was not successful.
//
LOGENTRY('cbw2', Irp->IoStatus.Status, bulkUrb->Hdr.Status, 0);
DBGPRINT(1, ("CBW transfer failed %08X %08X\n", Irp->IoStatus.Status, bulkUrb->Hdr.Status));
srb = fdoDeviceExtension->OriginalSrb; irpStack->Parameters.Scsi.Srb = srb;
// Complete this request now and then reset the device. The next
// request will be started when the reset completes.
//
ntStatus = STATUS_IO_DEVICE_ERROR; Irp->IoStatus.Status = ntStatus; Irp->IoStatus.Information = 0; srb->SrbStatus = SRB_STATUS_BUS_RESET;
USBSTOR_TranslateCDBComplete(fdoDeviceObject, Irp, srb);
USBSTOR_QueueResetDevice(fdoDeviceObject);
DBGPRINT(1, ("USBSTOR_CbwCompletion: xfer error completion\n"));
return ntStatus; }
// The CBW Bulk Transfer was successful. Start the next phase, either
// the Data Bulk Transfer or CSW Bulk Transfer, and do not complete the
// request yet.
//
if (Irp->MdlAddress != NULL || srb != fdoDeviceExtension->OriginalSrb) { // The Srb has a transfer buffer, start the Data Bulk Transfer.
//
LOGENTRY('cbw3', fdoDeviceObject, Irp, srb);
ASSERT(srb->DataTransferLength != 0);
ntStatus = USBSTOR_DataTransfer(fdoDeviceObject, Irp);
if (NT_SUCCESS(ntStatus)) { ntStatus = STATUS_MORE_PROCESSING_REQUIRED; } else { srb = fdoDeviceExtension->OriginalSrb; irpStack->Parameters.Scsi.Srb = srb;
Irp->IoStatus.Status = ntStatus; Irp->IoStatus.Information = 0; srb->SrbStatus = SRB_STATUS_ERROR;
USBSTOR_TranslateCDBComplete(fdoDeviceObject, Irp, srb);
USBSTOR_QueueResetDevice(fdoDeviceObject); } } else { // The Srb has no transfer buffer. Start the CSW Bulk Transfer.
//
LOGENTRY('cbw4', fdoDeviceObject, Irp, srb);
ASSERT(srb->DataTransferLength == 0);
srb->SrbStatus = SRB_STATUS_SUCCESS;
ntStatus = USBSTOR_CswTransfer(fdoDeviceObject, Irp);
ntStatus = STATUS_MORE_PROCESSING_REQUIRED; }
DBGPRINT(3, ("exit: USBSTOR_CbwCompletion %08X\n", ntStatus));
return ntStatus;}
//
// Phase 2, Data Transfer
//
//******************************************************************************
//
// USBSTOR_DataTransfer()
//
// This routine is called by USBSTOR_ClientCdbCompletion().
//
// This routine may run at DPC level.
//
// Basic idea:
//
// Starts a USB transfer to read or write the Srb->DataBuffer data In or Out
// the Bulk endpoint.
//
// Sets USBSTOR_DataCompletion() as the completion routine.
//
//******************************************************************************
NTSTATUSUSBSTOR_DataTransfer ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; PIO_STACK_LOCATION irpStack; PSCSI_REQUEST_BLOCK srb; PMDL mdl; PVOID mdlVa; PVOID transferBuffer; USBD_PIPE_HANDLE pipeHandle; ULONG transferFlags; NTSTATUS ntStatus;
DBGPRINT(3, ("enter: USBSTOR_DataTransfer\n"));
LOGENTRY('IBKD', DeviceObject, Irp, 0);
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Get our Irp parameters
//
irpStack = IoGetCurrentIrpStackLocation(Irp);
srb = irpStack->Parameters.Scsi.Srb;
// Bulk IN or Bulk OUT?
//
if ((srb->SrbFlags & SRB_FLAGS_UNSPECIFIED_DIRECTION) == SRB_FLAGS_DATA_IN) { pipeHandle = fdoDeviceExtension->BulkInPipe->PipeHandle; transferFlags = USBD_SHORT_TRANSFER_OK; } else if ((srb->SrbFlags & SRB_FLAGS_UNSPECIFIED_DIRECTION) == SRB_FLAGS_DATA_OUT) { pipeHandle = fdoDeviceExtension->BulkOutPipe->PipeHandle; transferFlags = 0; } else { // Something is wrong if we end up here.
//
ASSERT((srb->SrbFlags & SRB_FLAGS_UNSPECIFIED_DIRECTION) && ((srb->SrbFlags & SRB_FLAGS_UNSPECIFIED_DIRECTION) != SRB_FLAGS_UNSPECIFIED_DIRECTION));
return STATUS_INVALID_PARAMETER; }
mdl = NULL; transferBuffer = NULL;
if (srb == fdoDeviceExtension->OriginalSrb) { // Check to see if this request is part of a split request.
//
mdlVa = MmGetMdlVirtualAddress(Irp->MdlAddress);
if (mdlVa == (PVOID)srb->DataBuffer) { // Not part of a split request, use original MDL
//
mdl = Irp->MdlAddress; } else { // Part of a split request, allocate new partial MDL
//
mdl = IoAllocateMdl(srb->DataBuffer, srb->DataTransferLength, FALSE, FALSE, NULL); if (mdl == NULL) { ntStatus = STATUS_INSUFFICIENT_RESOURCES; } else { IoBuildPartialMdl(Irp->MdlAddress, mdl, srb->DataBuffer, srb->DataTransferLength); } } } else { transferBuffer = srb->DataBuffer;
// If (srb != fdoDeviceExtension->OriginalSrb) then
// srb->DataBuffer should equal OriginalSrb->SenseInfoBuffer,
// which should not be NULL if we end up here.
//
ASSERT(transferBuffer);
if (!transferBuffer) { // just in case
ntStatus = STATUS_INVALID_PARAMETER; } }
if (mdl != NULL || transferBuffer != NULL) { ntStatus = USBSTOR_IssueBulkOrInterruptRequest( DeviceObject, Irp, pipeHandle, // PipeHandle
transferFlags, // TransferFlags
srb->DataTransferLength, // TransferBufferLength
transferBuffer, // TransferBuffer
mdl, // TransferBufferMDL
USBSTOR_DataCompletion, // CompletionRoutine
NULL); // Context
// Just return STATUS_SUCCESS at this point. If there is an error,
// USBSTOR_DataCompletion() will handle it, not the caller of
// USBSTOR_DataTransfer().
//
ntStatus = STATUS_SUCCESS; }
DBGPRINT(3, ("exit: USBSTOR_DataTransfer %08X\n", ntStatus));
LOGENTRY('ibkd', DeviceObject, Irp, ntStatus);
return ntStatus;}
//******************************************************************************
//
// USBSTOR_DataCompletion()
//
// Completion routine used by USBSTOR_DataTransfer
//
// This routine may run at DPC level.
//
// Basic idea:
//
// If a timeout reset occured, complete the request.
//
// Else if the Bulk USB transfer failed due to a STALL do not complete the
// request yet and start a pipe reset by calling USBSTOR_BulkQueueResetPipe().
//
// Else if the Bulk USB transfer failed due to some other reason, complete the
// request and start a reset by queuing USBSTOR_ResetDeviceWorkItem().
//
// Else if the Bulk USB transfer succeeded, start CSW transfer by calling
// USBSTOR_CswTransfer().
//
//******************************************************************************
NTSTATUSUSBSTOR_DataCompletion ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID NotUsed ){ PPDO_DEVICE_EXTENSION pdoDeviceExtension; PDEVICE_OBJECT fdoDeviceObject; PFDO_DEVICE_EXTENSION fdoDeviceExtension; PIO_STACK_LOCATION irpStack; PSCSI_REQUEST_BLOCK srb; NTSTATUS ntStatus;
struct _URB_BULK_OR_INTERRUPT_TRANSFER *bulkUrb;
DBGPRINT(3, ("enter: USBSTOR_DataCompletion\n"));
LOGENTRY('BKDC', DeviceObject, Irp, Irp->IoStatus.Status);
pdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(pdoDeviceExtension->Type == USBSTOR_DO_TYPE_PDO);
fdoDeviceObject = pdoDeviceExtension->ParentFDO; fdoDeviceExtension = fdoDeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Get a pointer to the Bulk Transfer URB in our Device Extension
//
bulkUrb = &fdoDeviceExtension->Urb.BulkIntrUrb;
// Get our Irp parameters
//
irpStack = IoGetCurrentIrpStackLocation(Irp);
srb = irpStack->Parameters.Scsi.Srb;
if (srb == fdoDeviceExtension->OriginalSrb && bulkUrb->TransferBufferMDL != Irp->MdlAddress) { IoFreeMdl(bulkUrb->TransferBufferMDL); }
// If a timeout reset occured, complete the request.
//
if (USBSTOR_CheckRequestTimeOut(fdoDeviceObject, Irp, srb, &ntStatus)) { LOGENTRY('bkd1', fdoDeviceObject, Irp, srb); DBGPRINT(1, ("USBSTOR_DataCompletion: timeout completion\n")); return ntStatus; }
if (!NT_SUCCESS(Irp->IoStatus.Status)) { // The Data Bulk Transfer was not successful. Look at how the
// the transfer failed to figure out how to recover.
//
LOGENTRY('bkd2', Irp->IoStatus.Status, bulkUrb->Hdr.Status, 0);
DBGPRINT(1, ("Data transfer failed %08X %08X\n", Irp->IoStatus.Status, bulkUrb->Hdr.Status));
if (USBD_STATUS(bulkUrb->Hdr.Status) == USBD_STATUS(USBD_STATUS_STALL_PID)) { // The device STALLed the Data Bulk Transfer
//
fdoDeviceExtension->BulkOnly.StallCount++;
// A STALL during the Data Bulk Transfer does not necessarily
// indicate an error. Accept the data that was actually
// transferred. If a STALL was seen it must have been seen
// before the requested amount of data was transferred.
//
ASSERT(bulkUrb->TransferBufferLength < srb->DataTransferLength); srb->DataTransferLength = bulkUrb->TransferBufferLength; srb->SrbStatus = SRB_STATUS_DATA_OVERRUN;
LOGENTRY('bkd3', fdoDeviceObject, Irp, srb);
// Queue a bulk pipe reset. After the bulk pipe reset
// completes, a CSW transfer will be started.
//
USBSTOR_BulkQueueResetPipe(fdoDeviceObject);
return STATUS_MORE_PROCESSING_REQUIRED; } else { LOGENTRY('bkd4', fdoDeviceObject, Irp, srb);
// Else some other strange error has occured. Maybe the device is
// unplugged, or maybe the device port was disabled, or maybe the
// request was cancelled.
//
// Complete this request now and then reset the device. The next
// request will be started when the reset completes.
//
srb = fdoDeviceExtension->OriginalSrb; irpStack->Parameters.Scsi.Srb = srb;
ntStatus = STATUS_IO_DEVICE_ERROR; Irp->IoStatus.Status = ntStatus; Irp->IoStatus.Information = 0; srb->SrbStatus = SRB_STATUS_BUS_RESET;
USBSTOR_TranslateCDBComplete(fdoDeviceObject, Irp, srb);
USBSTOR_QueueResetDevice(fdoDeviceObject);
DBGPRINT(1, ("USBSTOR_DataCompletion: xfer error completion\n"));
return ntStatus; } }
// Check for overrun
//
if (bulkUrb->TransferBufferLength < srb->DataTransferLength) { srb->SrbStatus = SRB_STATUS_DATA_OVERRUN; } else { srb->SrbStatus = SRB_STATUS_SUCCESS; }
// Update the the Srb data transfer length based on the actual bulk
// transfer length.
//
srb->DataTransferLength = bulkUrb->TransferBufferLength;
// Client data Bulk Transfer successful completion. Start the CSW transfer.
//
LOGENTRY('bkd5', fdoDeviceObject, Irp, bulkUrb->TransferBufferLength);
ntStatus = USBSTOR_CswTransfer(fdoDeviceObject, Irp);
ntStatus = STATUS_MORE_PROCESSING_REQUIRED;
DBGPRINT(3, ("exit: USBSTOR_DataCompletion %08X\n", ntStatus));
return ntStatus;}
//******************************************************************************
//
// USBSTOR_CswTransfer()
//
// This routine is called by USBSTOR_CbwCompletion() and
// USBSTOR_DataCompletion()
//
// This routine may run at DPC level.
//
// Basic idea:
//
// Starts a USB transfer to read the CSW in the Bulk IN endpoint.
//
// Sets USBSTOR_CswCompletion() as the completion routine.
//
//******************************************************************************
NTSTATUSUSBSTOR_CswTransfer ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; PCSW csw; USBD_PIPE_HANDLE pipeHandle; ULONG transferFlags; ULONG transferBufferLength; NTSTATUS ntStatus;
DBGPRINT(3, ("enter: USBSTOR_CswTransfer\n"));
LOGENTRY('ICSW', DeviceObject, Irp, 0);
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
csw = &fdoDeviceExtension->BulkOnly.CbwCsw.Csw;
pipeHandle = fdoDeviceExtension->BulkInPipe->PipeHandle;
// Workaround for USB 2.0 controller Data Toggle / Babble bug
//
if (fdoDeviceExtension->BulkInPipe->MaximumPacketSize == sizeof(fdoDeviceExtension->BulkOnly.CbwCsw.MaxPacketSize))
{ transferFlags = USBD_SHORT_TRANSFER_OK;
transferBufferLength = sizeof(fdoDeviceExtension->BulkOnly.CbwCsw.MaxPacketSize); } else { transferFlags = 0;
transferBufferLength = sizeof(CSW); }
ntStatus = USBSTOR_IssueBulkOrInterruptRequest( DeviceObject, Irp, pipeHandle, // PipeHandle
transferFlags, // TransferFlags
transferBufferLength, // TransferBufferLength
csw, // TransferBuffer
NULL, // TransferBufferMDL
USBSTOR_CswCompletion, // CompletionRoutine
NULL); // Context
DBGPRINT(3, ("exit: USBSTOR_CswTransfer %08X\n", ntStatus));
LOGENTRY('icsw', DeviceObject, Irp, ntStatus);
return ntStatus;}
//******************************************************************************
//
// USBSTOR_CswCompletion()
//
// Completion routine used by USBSTOR_CswTransfer()
//
// This routine may run at DPC level.
//
// Basic idea:
//
// If a timeout reset occured, complete the request.
//
//******************************************************************************
NTSTATUSUSBSTOR_CswCompletion ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp, IN PVOID NotUsed ){ PPDO_DEVICE_EXTENSION pdoDeviceExtension; PDEVICE_OBJECT fdoDeviceObject; PFDO_DEVICE_EXTENSION fdoDeviceExtension; PIO_STACK_LOCATION irpStack; PSCSI_REQUEST_BLOCK srb; PCSW csw; KIRQL irql; NTSTATUS ntStatus;
struct _URB_BULK_OR_INTERRUPT_TRANSFER *bulkUrb;
DBGPRINT(3, ("enter: USBSTOR_CswCompletion\n"));
LOGENTRY('CSWC', DeviceObject, Irp, Irp->IoStatus.Status);
pdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(pdoDeviceExtension->Type == USBSTOR_DO_TYPE_PDO);
fdoDeviceObject = pdoDeviceExtension->ParentFDO; fdoDeviceExtension = fdoDeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Get a pointer to the Bulk Transfer URB in our Device Extension
//
bulkUrb = &fdoDeviceExtension->Urb.BulkIntrUrb;
// Get our Irp parameters
//
irpStack = IoGetCurrentIrpStackLocation(Irp);
srb = irpStack->Parameters.Scsi.Srb;
csw = &fdoDeviceExtension->BulkOnly.CbwCsw.Csw;
// If a timeout reset occured, complete the request.
//
if (USBSTOR_CheckRequestTimeOut(fdoDeviceObject, Irp, srb, &ntStatus)) { LOGENTRY('csw1', fdoDeviceObject, Irp, srb); DBGPRINT(1, ("USBSTOR_CswCompletion: timeout completion\n")); return ntStatus; }
if (!NT_SUCCESS(Irp->IoStatus.Status)) { // The Data Bulk Transfer was not successful. Look at how the
// the transfer failed to figure out how to recover.
//
LOGENTRY('csw2', Irp->IoStatus.Status, bulkUrb->Hdr.Status, 0);
DBGPRINT(1, ("CSW transfer failed %08X %08X\n", Irp->IoStatus.Status, bulkUrb->Hdr.Status));
if (USBD_STATUS(bulkUrb->Hdr.Status) == USBD_STATUS(USBD_STATUS_STALL_PID) && fdoDeviceExtension->BulkOnly.StallCount < 2) { // The device STALLed the CSW Bulk Transfer
//
fdoDeviceExtension->BulkOnly.StallCount++;
LOGENTRY('csw3', fdoDeviceObject, Irp, srb);
// Queue a bulk pipe reset. After the bulk pipe reset
// completes, a CSW transfer will be started.
//
USBSTOR_BulkQueueResetPipe(fdoDeviceObject);
return STATUS_MORE_PROCESSING_REQUIRED; } else { LOGENTRY('csw4', fdoDeviceObject, Irp, srb);
// Else some other strange error has occured. Maybe the device is
// unplugged, or maybe the device port was disabled, or maybe the
// request was cancelled.
//
// Complete this request now and then reset the device. The next
// request will be started when the reset completes.
//
srb = fdoDeviceExtension->OriginalSrb; irpStack->Parameters.Scsi.Srb = srb;
ntStatus = STATUS_IO_DEVICE_ERROR; Irp->IoStatus.Status = ntStatus; Irp->IoStatus.Information = 0; srb->SrbStatus = SRB_STATUS_BUS_RESET;
USBSTOR_TranslateCDBComplete(fdoDeviceObject, Irp, srb);
USBSTOR_QueueResetDevice(fdoDeviceObject);
DBGPRINT(1, ("USBSTOR_DataCompletion: xfer error completion\n"));
return ntStatus; } }
if (csw->bCSWStatus == CSW_STATUS_GOOD) { // Complete this request now. Also start the next request now.
//
// SrbStatus should have been set in USBSTOR_DataCompletion()
//
ASSERT(srb->SrbStatus != SRB_STATUS_PENDING);
if (srb != fdoDeviceExtension->OriginalSrb) { // Update the original SRB with the length of the sense data that
// was actually returned.
//
fdoDeviceExtension->OriginalSrb->SenseInfoBufferLength = (UCHAR)srb->DataTransferLength;
srb = fdoDeviceExtension->OriginalSrb; irpStack->Parameters.Scsi.Srb = srb;
srb->SrbStatus |= SRB_STATUS_AUTOSENSE_VALID; }
ntStatus = STATUS_SUCCESS; Irp->IoStatus.Status = ntStatus;
USBSTOR_TranslateCDBComplete(fdoDeviceObject, Irp, srb);
Irp->IoStatus.Information = srb->DataTransferLength;
LOGENTRY('csw5', fdoDeviceObject, Irp, srb);
KeRaiseIrql(DISPATCH_LEVEL, &irql); { IoStartNextPacket(fdoDeviceObject, TRUE); } KeLowerIrql(irql); } else if (csw->bCSWStatus == CSW_STATUS_FAILED && srb == fdoDeviceExtension->OriginalSrb) { LOGENTRY('csw6', fdoDeviceObject, Irp, srb);
srb->SrbStatus = SRB_STATUS_ERROR; srb->ScsiStatus = SCSISTAT_CHECK_CONDITION; srb->DataTransferLength = 0; // XXXXX Leave as set by bulk completion???
if (!(srb->SrbFlags & SRB_FLAGS_DISABLE_AUTOSENSE) && (srb->SenseInfoBufferLength != 0) && (srb->SenseInfoBuffer != NULL)) { // Start the Request Sense thing
//
ntStatus = USBSTOR_IssueRequestSense(fdoDeviceObject, Irp);
ntStatus = STATUS_MORE_PROCESSING_REQUIRED;
} else { ntStatus = STATUS_IO_DEVICE_ERROR; // XXXXX
Irp->IoStatus.Status = ntStatus; // XXXXX
Irp->IoStatus.Information = 0; // XXXXX
USBSTOR_TranslateCDBComplete(fdoDeviceObject, Irp, srb);
KeRaiseIrql(DISPATCH_LEVEL, &irql); { IoStartNextPacket(fdoDeviceObject, TRUE); } KeLowerIrql(irql); } } else { LOGENTRY('csw7', fdoDeviceObject, Irp, srb);
// PHASE ERROR or Unknown Status
//
// Complete this request now and then reset the device. The next
// request will be started when the reset completes.
//
srb = fdoDeviceExtension->OriginalSrb; irpStack->Parameters.Scsi.Srb = srb;
ntStatus = STATUS_IO_DEVICE_ERROR; Irp->IoStatus.Status = ntStatus; Irp->IoStatus.Information = 0; srb->SrbStatus = SRB_STATUS_BUS_RESET;
USBSTOR_TranslateCDBComplete(fdoDeviceObject, Irp, srb);
USBSTOR_QueueResetDevice(fdoDeviceObject); }
DBGPRINT(3, ("exit: USBSTOR_CswCompletion %08X\n", ntStatus));
return ntStatus;}
//******************************************************************************
//
// USBSTOR_IssueRequestSense()
//
//******************************************************************************
NTSTATUSUSBSTOR_IssueRequestSense ( IN PDEVICE_OBJECT DeviceObject, IN PIRP Irp ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; PIO_STACK_LOCATION irpStack; PSCSI_REQUEST_BLOCK srb; NTSTATUS ntStatus;
DBGPRINT(3, ("enter: USBSTOR_IssueRequestSense\n"));
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Get the current Srb
//
irpStack = IoGetCurrentIrpStackLocation(Irp);
srb = irpStack->Parameters.Scsi.Srb;
// Get a pointer to the internal Srb.
//
srb = &fdoDeviceExtension->BulkOnly.InternalSrb;
irpStack->Parameters.Scsi.Srb = srb;
// Initialize SRB & CDB to all ZERO
//
RtlZeroMemory(srb, sizeof(SCSI_REQUEST_BLOCK));
// Initialize SRB
//
srb->Length = sizeof(SCSI_REQUEST_BLOCK); srb->Function = SRB_FUNCTION_EXECUTE_SCSI; srb->CdbLength = 12; srb->SrbFlags = SRB_FLAGS_DATA_IN | SRB_FLAGS_DISABLE_AUTOSENSE;
srb->DataTransferLength = fdoDeviceExtension->OriginalSrb->SenseInfoBufferLength; srb->DataBuffer = fdoDeviceExtension->OriginalSrb->SenseInfoBuffer;
// Initialize CDB
//
srb->Cdb[0] = SCSIOP_REQUEST_SENSE; srb->Cdb[4] = fdoDeviceExtension->OriginalSrb->SenseInfoBufferLength;
ntStatus = USBSTOR_CbwTransfer(DeviceObject, Irp);
return ntStatus;
DBGPRINT(3, ("exit: USBSTOR_IssueRequestSense %08X\n", ntStatus));}
//******************************************************************************
//
// USBSTOR_BulkQueueResetPipe()
//
// Called by USBSTOR_DataCompletion() and USBSTOR_CswCompletion() to clear the
// STALL on the bulk endpoints.
//
//******************************************************************************
VOIDUSBSTOR_BulkQueueResetPipe ( IN PDEVICE_OBJECT DeviceObject ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension;
LOGENTRY('QRSP', DeviceObject, 0, 0);
DBGFBRK(DBGF_BRK_RESETPIPE);
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
INCREMENT_PENDING_IO_COUNT(fdoDeviceExtension);
IoQueueWorkItem(fdoDeviceExtension->IoWorkItem, USBSTOR_BulkResetPipeWorkItem, CriticalWorkQueue, NULL);}
//******************************************************************************
//
// USBSTOR_BulkResetPipeWorkItem()
//
// WorkItem routine used by USBSTOR_BulkQueueResetPipe()
//
// This routine runs at PASSIVE level.
//
// Basic idea:
//
// Issue a Reset Pipe request to clear the Bulk endpoint STALL and reset
// the data toggle to Data0.
//
// Then start the CSW transfer.
//
//******************************************************************************
VOIDUSBSTOR_BulkResetPipeWorkItem ( IN PDEVICE_OBJECT DeviceObject, IN PVOID Context ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; NTSTATUS ntStatus;
struct _URB_BULK_OR_INTERRUPT_TRANSFER *bulkUrb;
LOGENTRY('RSPW', DeviceObject, 0, 0);
DBGPRINT(2, ("enter: USBSTOR_BulkResetPipeWorkItem\n"));
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Get a pointer to the Bulk Transfer URB in our Device Extension.
// We'll pull the appropriate Bulk Endpoint pipe handle out of the URB.
//
// NOTE: This assumes that the URB in our Device Extension has
// not been touched since USBSTOR_DataCompletion() or
// USBSTOR_CswCompletion() called USBSTOR_BulkQueueResetPipe().
//
bulkUrb = &fdoDeviceExtension->Urb.BulkIntrUrb;
// Reset the Bulk Endpoint. This clears the endpoint halt on the
// host side, resets the host side data toggle to Data0, and issues
// the Clear_Feature Endpoint_Stall request to the device.
//
ntStatus = USBSTOR_ResetPipe((PDEVICE_OBJECT)DeviceObject, bulkUrb->PipeHandle);
ntStatus = USBSTOR_CswTransfer( (PDEVICE_OBJECT)DeviceObject, ((PDEVICE_OBJECT)DeviceObject)->CurrentIrp);
DBGPRINT(2, ("exit: USBSTOR_BulkResetPipeWorkItem\n"));
DECREMENT_PENDING_IO_COUNT(fdoDeviceExtension);}
//
// CBI / Bulk-Only Common Routines
//
//******************************************************************************
//
// USBSTOR_TimerTick()
//
// Called once per second at DISPATCH_LEVEL after the device has been started.
// Checks to see if there is an active Srb which has timed out, and if so,
// kicks off the reset recovery process.
//
//******************************************************************************
VOIDUSBSTOR_TimerTick ( IN PDEVICE_OBJECT DeviceObject, IN PVOID NotUsed ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; BOOLEAN reset;
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
reset = FALSE;
KeAcquireSpinLockAtDpcLevel(&fdoDeviceExtension->ExtensionDataSpinLock); { if (!TEST_FLAG(fdoDeviceExtension->DeviceFlags, DF_RESET_IN_PROGRESS) && TEST_FLAG(fdoDeviceExtension->DeviceFlags, DF_SRB_IN_PROGRESS)) { // There is no reset in progress and there is an Srb in progress.
// Decrement the timeout of the Srb. If it reaches zero, then we
// will reset the device.
//
if (--fdoDeviceExtension->SrbTimeout == 0) { SET_FLAG(fdoDeviceExtension->DeviceFlags, DF_RESET_IN_PROGRESS);
reset = TRUE; } } } KeReleaseSpinLockFromDpcLevel(&fdoDeviceExtension->ExtensionDataSpinLock);
if (reset) { LOGENTRY('TIMR', DeviceObject, 0, 0);
DBGPRINT(2, ("queuing USBSTOR_ResetDeviceWorkItem\n"));
// Queue WorkItem to reset the device
//
INCREMENT_PENDING_IO_COUNT(fdoDeviceExtension);
IoQueueWorkItem(fdoDeviceExtension->IoWorkItem, USBSTOR_ResetDeviceWorkItem, CriticalWorkQueue, NULL); }}
//******************************************************************************
//
// USBSTOR_QueueResetDevice()
//
//******************************************************************************
VOIDUSBSTOR_QueueResetDevice ( IN PDEVICE_OBJECT DeviceObject ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; KIRQL irql;
LOGENTRY('QRSD', DeviceObject, 0, 0);
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
KeAcquireSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock, &irql); { SET_FLAG(fdoDeviceExtension->DeviceFlags, DF_RESET_IN_PROGRESS); } KeReleaseSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock, irql);
// Queue WorkItem to reset the device
//
INCREMENT_PENDING_IO_COUNT(fdoDeviceExtension);
IoQueueWorkItem(fdoDeviceExtension->IoWorkItem, USBSTOR_ResetDeviceWorkItem, CriticalWorkQueue, NULL);}
//******************************************************************************
//
// USBSTOR_ResetDeviceWorkItem()
//
// Work item which runs at PASSIVE_LEVEL in the context of a system thread.
// This routine first checks to see if the device is still attached, and if
// it is, the device is reset.
//
//******************************************************************************
VOIDUSBSTOR_ResetDeviceWorkItem ( IN PDEVICE_OBJECT DeviceObject, IN PVOID Context ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; KIRQL irql; ULONG retryCount; NTSTATUS ntStatus;
LOGENTRY('RSDW', DeviceObject, 0, 0);
DBGFBRK(DBGF_BRK_RESET);
DBGPRINT(2, ("enter: USBSTOR_ResetDeviceWorkItem\n"));
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// If the we timed out a request and it is still pending, cancel
// it and then wait for the cancel to finish, and then complete
// the request.
//
if (fdoDeviceExtension->PendingIrp) { LOGENTRY('rsd1', DeviceObject, fdoDeviceExtension->PendingIrp, 0);
IoCancelIrp(fdoDeviceExtension->PendingIrp);
LOGENTRY('rsd2', DeviceObject, fdoDeviceExtension->PendingIrp, 0);
KeWaitForSingleObject(&fdoDeviceExtension->CancelEvent, Executive, KernelMode, FALSE, NULL);
LOGENTRY('rsd3', DeviceObject, fdoDeviceExtension->PendingIrp, 0);
// Some storage drivers (e.g. CDROM.SYS) assume that requests complete
// at DISPATCH_LEVEL.
//
KeRaiseIrql(DISPATCH_LEVEL, &irql); { IoCompleteRequest(fdoDeviceExtension->PendingIrp, IO_NO_INCREMENT); } KeLowerIrql(irql);
fdoDeviceExtension->PendingIrp = NULL; }
// Try the reset up to 3 times
//
for (retryCount = 0; retryCount < 3; retryCount++) { //
// First figure out if the device is still connected.
//
ntStatus = USBSTOR_IsDeviceConnected(DeviceObject);
if (!NT_SUCCESS(ntStatus)) { // Give up if the device is no longer connected.
break; }
//
// The device is still connected, now reset the device.
//
DBGPRINT(1, ("Reseting Device %d\n", retryCount));
ntStatus = USBSTOR_ResetDevice(DeviceObject);
if (NT_SUCCESS(ntStatus)) { // Reset was successful!
break; } }
KeAcquireSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock, &irql); { CLEAR_FLAG(fdoDeviceExtension->DeviceFlags, DF_RESET_IN_PROGRESS);
// If the reset failed, then abandon all hope and mark the device as
// disconnected.
//
if (!NT_SUCCESS(ntStatus)) { SET_FLAG(fdoDeviceExtension->DeviceFlags, DF_DEVICE_DISCONNECTED); } } KeReleaseSpinLock(&fdoDeviceExtension->ExtensionDataSpinLock, irql);
// A request has failed in a bad way or timed out if we are reseting the
// device. If the protocol was not specified then the default protocol
// was DeviceProtocolCB. Let's try DeviceProtocolBulkOnly now and see if
// we have any better luck. (Note that if a DeviceProtocolCB device fails
// the first request in a bad way then will we retry the first request as
// a DeviceProtocolBulkOnly device, which will then also fail and we will
// not recover from that situation).
//
if (fdoDeviceExtension->DriverFlags == DeviceProtocolUnspecified) { DBGPRINT(1, ("Setting Unspecified device to BulkOnly\n"));
fdoDeviceExtension->DriverFlags = DeviceProtocolBulkOnly; }
KeRaiseIrql(DISPATCH_LEVEL, &irql); { IoStartNextPacket(DeviceObject, TRUE); } KeLowerIrql(irql);
DECREMENT_PENDING_IO_COUNT(fdoDeviceExtension);
DBGPRINT(2, ("exit: USBSTOR_ResetDeviceWorkItem %08X\n", ntStatus));}
//******************************************************************************
//
// USBSTOR_IsDeviceConnected()
//
// This routine checks to see if the device is still attached.
//
// This routine runs at PASSIVE level.
//
//******************************************************************************
NTSTATUSUSBSTOR_IsDeviceConnected ( IN PDEVICE_OBJECT DeviceObject ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; PIRP irp; KEVENT localevent; PIO_STACK_LOCATION nextStack; ULONG portStatus; NTSTATUS ntStatus;
DBGPRINT(1, ("enter: USBSTOR_IsDeviceConnected\n"));
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Allocate the Irp
//
irp = IoAllocateIrp((CCHAR)(fdoDeviceExtension->StackDeviceObject->StackSize), FALSE);
if (irp == NULL) { return STATUS_INSUFFICIENT_RESOURCES; }
// Initialize the event we'll wait on.
//
KeInitializeEvent(&localevent, SynchronizationEvent, FALSE);
// Set the Irp parameters
//
nextStack = IoGetNextIrpStackLocation(irp);
nextStack->MajorFunction = IRP_MJ_INTERNAL_DEVICE_CONTROL;
nextStack->Parameters.DeviceIoControl.IoControlCode = IOCTL_INTERNAL_USB_GET_PORT_STATUS;
nextStack->Parameters.Others.Argument1 = &portStatus;
// Set the completion routine, which will signal the event
//
IoSetCompletionRoutineEx(DeviceObject, irp, USBSTOR_SyncCompletionRoutine, &localevent, TRUE, // InvokeOnSuccess
TRUE, // InvokeOnError
TRUE); // InvokeOnCancel
// Pass the Irp down the stack
//
ntStatus = IoCallDriver(fdoDeviceExtension->StackDeviceObject, irp);
// If the request is pending, block until it completes
//
if (ntStatus == STATUS_PENDING) { KeWaitForSingleObject(&localevent, Executive, KernelMode, FALSE, NULL);
ntStatus = irp->IoStatus.Status; }
IoFreeIrp(irp);
if (NT_SUCCESS(ntStatus) && !(portStatus & USBD_PORT_CONNECTED)) { ntStatus = STATUS_DEVICE_DOES_NOT_EXIST; }
DBGPRINT(1, ("exit: USBSTOR_IsDeviceConnected %08X\n", ntStatus));
return ntStatus;}
//******************************************************************************
//
// USBSTOR_ResetDevice()
//
// This routine resets the device (actually it resets the port to which the
// device is attached).
//
// This routine runs at PASSIVE level.
//
//******************************************************************************
NTSTATUSUSBSTOR_ResetDevice ( IN PDEVICE_OBJECT DeviceObject ){ PFDO_DEVICE_EXTENSION fdoDeviceExtension; PIRP irp; KEVENT localevent; PIO_STACK_LOCATION nextStack; ULONG portStatus; NTSTATUS ntStatus;
DBGPRINT(1, ("enter: USBSTOR_ResetDevice\n"));
fdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
// Allocate the Irp
//
irp = IoAllocateIrp((CCHAR)(fdoDeviceExtension->StackDeviceObject->StackSize), FALSE);
if (irp == NULL) { return STATUS_INSUFFICIENT_RESOURCES; }
// Initialize the event we'll wait on.
//
KeInitializeEvent(&localevent, SynchronizationEvent, FALSE);
// Set the Irp parameters
//
nextStack = IoGetNextIrpStackLocation(irp);
nextStack->MajorFunction = IRP_MJ_INTERNAL_DEVICE_CONTROL;
nextStack->Parameters.DeviceIoControl.IoControlCode = IOCTL_INTERNAL_USB_RESET_PORT;
// Set the completion routine, which will signal the event
//
IoSetCompletionRoutineEx(DeviceObject, irp, USBSTOR_SyncCompletionRoutine, &localevent, TRUE, // InvokeOnSuccess
TRUE, // InvokeOnError
TRUE); // InvokeOnCancel
fdoDeviceExtension->DeviceResetCount++;
// Pass the Irp & Urb down the stack
//
ntStatus = IoCallDriver(fdoDeviceExtension->StackDeviceObject, irp);
// If the request is pending, block until it completes
//
if (ntStatus == STATUS_PENDING) { KeWaitForSingleObject(&localevent, Executive, KernelMode, FALSE, NULL);
ntStatus = irp->IoStatus.Status; }
IoFreeIrp(irp);
DBGPRINT(1, ("exit: USBSTOR_ResetDevice %08X\n", ntStatus));
return ntStatus;}
//******************************************************************************
//
// USBSTOR_IssueInternalCdb()
//
//******************************************************************************
NTSTATUSUSBSTOR_IssueInternalCdb ( PDEVICE_OBJECT DeviceObject, PVOID DataBuffer, PULONG DataTransferLength, PCDB Cdb, UCHAR CdbLength, ULONG TimeOutValue ){ PIRP irp; PIO_STACK_LOCATION nextStack; PSCSI_REQUEST_BLOCK srb; PSENSE_DATA senseInfoBuffer; PMDL mdl; ULONG retryCount; KEVENT localevent; NTSTATUS ntStatus;
PAGED_CODE();
DBGPRINT(2, ("enter: USBSTOR_IssueInternalCdb\n"));
// Initialize these so we can bail early if an allocation fails
//
ntStatus = STATUS_INSUFFICIENT_RESOURCES; irp = NULL; srb = NULL; senseInfoBuffer = NULL; mdl = NULL;
// Allocate the Srb
//
srb = ExAllocatePoolWithTag(NonPagedPool, sizeof(SCSI_REQUEST_BLOCK), POOL_TAG);
if (srb == NULL) { goto USBSTOR_GetInquiryData_Exit; }
// Allocate the sense buffer
//
senseInfoBuffer = ExAllocatePoolWithTag(NonPagedPool, SENSE_BUFFER_SIZE, POOL_TAG);
if (senseInfoBuffer == NULL) { goto USBSTOR_GetInquiryData_Exit; }
// Try the request up to 3 times
//
for (retryCount = 0; retryCount < 3; retryCount++) { // Allocate an Irp including a stack location for a completion routine
//
irp = IoAllocateIrp((CCHAR)(DeviceObject->StackSize), FALSE);
if (irp == NULL) { break; }
nextStack = IoGetNextIrpStackLocation(irp); nextStack->MajorFunction = IRP_MJ_SCSI; nextStack->Parameters.Scsi.Srb = srb;
// (Re)Initialize the Srb
//
RtlZeroMemory(srb, sizeof(SCSI_REQUEST_BLOCK)); // SRB & CDB all ZERO
srb->Length = sizeof(SCSI_REQUEST_BLOCK); srb->Function = SRB_FUNCTION_EXECUTE_SCSI; srb->CdbLength = CdbLength; srb->SrbFlags = SRB_FLAGS_DATA_IN;
srb->SenseInfoBufferLength = SENSE_BUFFER_SIZE; srb->SenseInfoBuffer = senseInfoBuffer;
srb->DataTransferLength = *DataTransferLength; srb->DataBuffer = DataBuffer;
srb->TimeOutValue = TimeOutValue;
// (Re)Initialize the Cdb
//
RtlCopyMemory(srb->Cdb, Cdb, CdbLength);
// Initialize the MDL (first time only)
//
if (retryCount == 0) { mdl = IoAllocateMdl(DataBuffer, *DataTransferLength, FALSE, FALSE, NULL);
if (!mdl) { ntStatus = STATUS_INSUFFICIENT_RESOURCES; goto USBSTOR_GetInquiryData_Exit; }
MmBuildMdlForNonPagedPool(mdl); }
irp->MdlAddress = mdl;
// Initialize the event we'll wait on
//
KeInitializeEvent(&localevent, SynchronizationEvent, FALSE);
// Set the completion routine, which will signal the event
//
IoSetCompletionRoutine(irp, USBSTOR_SyncCompletionRoutine, &localevent, TRUE, // InvokeOnSuccess
TRUE, // InvokeOnError
TRUE); // InvokeOnCancel
// Pass the Irp & Srb down the stack
//
ntStatus = IoCallDriver(DeviceObject, irp);
// If the request is pending, block until it completes
//
if (ntStatus == STATUS_PENDING) { KeWaitForSingleObject(&localevent, Executive, KernelMode, FALSE, NULL);
// Get final completion status
//
ntStatus = irp->IoStatus.Status; }
DBGPRINT(2, ("USBSTOR_IssueInternalCdb %d %08X %08X\n", retryCount, ntStatus, srb->SrbStatus));
if ((SRB_STATUS(srb->SrbStatus) == SRB_STATUS_SUCCESS) || (SRB_STATUS(srb->SrbStatus) == SRB_STATUS_DATA_OVERRUN)) { ntStatus = STATUS_SUCCESS; *DataTransferLength = srb->DataTransferLength; break; } else { ntStatus = STATUS_UNSUCCESSFUL; }
// Free the Irp. A new one will be allocated the next time around.
//
IoFreeIrp(irp); irp = NULL; }
USBSTOR_GetInquiryData_Exit:
if (mdl != NULL) { IoFreeMdl(mdl); }
if (senseInfoBuffer != NULL) { ExFreePool(senseInfoBuffer); }
if (srb != NULL) { ExFreePool(srb); }
if (irp != NULL) { IoFreeIrp(irp); }
DBGPRINT(2, ("exit: USBSTOR_IssueInternalCdb %08X\n", ntStatus));
return ntStatus;}
//******************************************************************************
//
// USBSTOR_GetInquiryData()
//
//******************************************************************************
NTSTATUSUSBSTOR_GetInquiryData ( PDEVICE_OBJECT DeviceObject ){ PPDO_DEVICE_EXTENSION pdoDeviceExtension; PDEVICE_OBJECT fdoDeviceObject; PFDO_DEVICE_EXTENSION fdoDeviceExtension; PVOID dataBuffer; ULONG dataTransferLength; CDB cdb; NTSTATUS ntStatus;
PAGED_CODE();
DBGPRINT(2, ("enter: USBSTOR_GetInquiryData\n"));
pdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(pdoDeviceExtension->Type == USBSTOR_DO_TYPE_PDO);
fdoDeviceObject = pdoDeviceExtension->ParentFDO; fdoDeviceExtension = fdoDeviceObject->DeviceExtension; ASSERT(fdoDeviceExtension->Type == USBSTOR_DO_TYPE_FDO);
dataBuffer = pdoDeviceExtension->InquiryDataBuffer; dataTransferLength = sizeof(pdoDeviceExtension->InquiryDataBuffer);
RtlZeroMemory(&cdb, sizeof(CDB));
cdb.CDB6INQUIRY.OperationCode = SCSIOP_INQUIRY; cdb.CDB6INQUIRY.AllocationLength = (UCHAR)dataTransferLength;
ntStatus = USBSTOR_IssueInternalCdb(DeviceObject, dataBuffer, &dataTransferLength, &cdb, sizeof(cdb.CDB6INQUIRY), 20);
if (NT_SUCCESS(ntStatus) && fdoDeviceExtension->DriverFlags == DeviceProtocolUnspecified) { // The Inquiry request is the first request we send to the device. If
// the first request was successful and the protocol was not specified,
// set it to the default protocol, which is DeviceProtocolCB.
//
DBGPRINT(1, ("Setting Unspecified device to CB\n"));
fdoDeviceExtension->DriverFlags = DeviceProtocolCB; }
DBGPRINT(2, ("exit: USBSTOR_GetInquiryData %08X\n", ntStatus));
return ntStatus;}
//******************************************************************************
//
// USBSTOR_IsFloppyDevice()
//
// This routine issues a SCSIOP_READ_FORMATTED_CAPACITY request and looks
// at the returned Format Capacity Descriptor list to see if the device
// supports any of the known floppy capacities. If the device does support
// a known floppy capacity, it is assumed that the device is a floppy.
//
//******************************************************************************
typedef struct _FORMATTED_CAPACITY{ ULONG NumberOfBlocks; ULONG BlockLength;} FORMATTED_CAPACITY, *PFORMATTED_CAPACITY;
FORMATTED_CAPACITY FloppyCapacities[] ={ // Blocks BlockLen H T B/S S/T
{0x00000500, 0x000200}, // 2 80 512 8 640 KB F5_640_512
{0x000005A0, 0x000200}, // 2 80 512 9 720 KB F3_720_512
{0x00000960, 0x000200}, // 2 80 512 15 1.20 MB F3_1Pt2_512 (Toshiba)
{0x000004D0, 0x000400}, // 2 77 1024 8 1.23 MB F3_1Pt23_1024 (NEC)
{0x00000B40, 0x000200}, // 2 80 512 18 1.44 MB F3_1Pt44_512
{0x0003C300, 0x000200}, // 8 963 512 32 120 MB F3_120M_512
{0x000600A4, 0x000200} //13 890 512 34 200 MB HiFD
};
#define FLOPPY_CAPACITIES (sizeof(FloppyCapacities)/sizeof(FloppyCapacities[0]))
BOOLEANUSBSTOR_IsFloppyDevice ( PDEVICE_OBJECT DeviceObject ){ PPDO_DEVICE_EXTENSION pdoDeviceExtension; BOOLEAN isFloppy; struct _READ_FORMATTED_CAPACITIES cdb; PFORMATTED_CAPACITY_LIST capList; PVOID dataBuffer; ULONG dataTransferLength; NTSTATUS ntStatus;
PAGED_CODE();
DBGPRINT(1, ("enter: USBSTOR_IsFloppyDevice\n"));
pdoDeviceExtension = DeviceObject->DeviceExtension; ASSERT(pdoDeviceExtension->Type == USBSTOR_DO_TYPE_PDO);
isFloppy = FALSE;
// Allocate a transfer buffer for the SCSIOP_READ_FORMATTED_CAPACITY request
// The length of the returned descriptor array is limited to a byte field
// in the capacity list header.
//
dataTransferLength = sizeof(FORMATTED_CAPACITY_LIST) + 31 * sizeof(FORMATTED_CAPACITY_DESCRIPTOR);
ASSERT(dataTransferLength < 0x100);
dataBuffer = ExAllocatePoolWithTag(NonPagedPool, dataTransferLength, POOL_TAG);
if (dataBuffer) { RtlZeroMemory(dataBuffer, dataTransferLength);
RtlZeroMemory(&cdb, sizeof(cdb));
cdb.OperationCode = SCSIOP_READ_FORMATTED_CAPACITY; cdb.AllocationLength[1] = (UCHAR)dataTransferLength;
capList = (PFORMATTED_CAPACITY_LIST)dataBuffer;
ntStatus = USBSTOR_IssueInternalCdb(DeviceObject, dataBuffer, &dataTransferLength, (PCDB)&cdb, sizeof(cdb), 20);
DBGPRINT(1, ("%08X %08X %02X\n", ntStatus, dataTransferLength, capList->CapacityListLength));
if (NT_SUCCESS(ntStatus) && dataTransferLength >= sizeof(FORMATTED_CAPACITY_LIST) && capList->CapacityListLength && capList->CapacityListLength % sizeof(FORMATTED_CAPACITY_DESCRIPTOR) == 0) { ULONG NumberOfBlocks; ULONG BlockLength; ULONG i, j, count;
// Subtract the size of the Capacity List Header to get
// just the size of the Capacity List Descriptor array.
//
dataTransferLength -= sizeof(FORMATTED_CAPACITY_LIST);
// Only look at the Capacity List Descriptors that were
// actually returned.
//
if (dataTransferLength < capList->CapacityListLength) { count = dataTransferLength / sizeof(FORMATTED_CAPACITY_DESCRIPTOR); } else { count = capList->CapacityListLength / sizeof(FORMATTED_CAPACITY_DESCRIPTOR); }
for (i=0; i<count; i++) { NumberOfBlocks = (capList->Descriptors[i].NumberOfBlocks[0] << 24) + (capList->Descriptors[i].NumberOfBlocks[1] << 16) + (capList->Descriptors[i].NumberOfBlocks[2] << 8) + capList->Descriptors[i].NumberOfBlocks[3];
BlockLength = (capList->Descriptors[i].BlockLength[0] << 16) + (capList->Descriptors[i].BlockLength[1] << 8) + capList->Descriptors[i].BlockLength[2];
DBGPRINT(1, ("Capacity[%d] %08X %06X %d%d\n", i, NumberOfBlocks, BlockLength, capList->Descriptors[i].Valid, capList->Descriptors[i].Maximum));
for (j=0; j<FLOPPY_CAPACITIES; j++) { if (NumberOfBlocks == FloppyCapacities[j].NumberOfBlocks && BlockLength == FloppyCapacities[j].BlockLength) { isFloppy = TRUE; } }
} }
ExFreePool(dataBuffer); }
DBGPRINT(1, ("exit: USBSTOR_IsFloppyDevice %d\n", isFloppy));
return isFloppy;}
|
