mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1605 lines
52 KiB
1605 lines
52 KiB
/*++
|
|
|
|
Copyright (C) Microsoft Corporation, 1997 - 1999
|
|
|
|
Module Name:
|
|
|
|
ioctl.c
|
|
|
|
Abstract:
|
|
|
|
Author:
|
|
|
|
Environment:
|
|
|
|
kernel mode only
|
|
|
|
Notes:
|
|
|
|
Revision History:
|
|
|
|
--*/
|
|
|
|
#include <stdio.h>
|
|
#include <stddef.h>
|
|
#include <wdm.h>
|
|
#include <usbscan.h>
|
|
#include "usbd_api.h"
|
|
#include "private.h"
|
|
//#include "missdef.h"
|
|
|
|
#ifdef ALLOC_PRAGMA
|
|
#pragma alloc_text(PAGE, USDeviceControl)
|
|
#pragma alloc_text(PAGE, USReadWriteRegisters)
|
|
#pragma alloc_text(PAGE, USCancelPipe)
|
|
#pragma alloc_text(PAGE, USAbortResetPipe)
|
|
#endif
|
|
|
|
#ifdef _WIN64
|
|
BOOLEAN
|
|
IoIs32bitProcess(
|
|
IN PIRP Irp
|
|
);
|
|
#endif // _WIN64
|
|
|
|
NTSTATUS
|
|
USDeviceControl(
|
|
IN PDEVICE_OBJECT pDeviceObject,
|
|
IN PIRP pIrp
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
Arguments:
|
|
pDeviceObject - Device object for a device.
|
|
pIrp - DEVICE IOCTL irp
|
|
|
|
Return Value:
|
|
NT Status - STATUS_SUCCESS
|
|
|
|
--*/
|
|
{
|
|
PIO_STACK_LOCATION pIrpStack;
|
|
PIO_STACK_LOCATION pNextIrpStack;
|
|
PFILE_OBJECT fileObject;
|
|
PUSBSCAN_FILE_CONTEXT pFileContext;
|
|
ULONG IoControlCode;
|
|
PUSBSCAN_DEVICE_EXTENSION pde;
|
|
NTSTATUS Status;
|
|
PDRV_VERSION pVersion;
|
|
PDEVICE_DESCRIPTOR pDesc;
|
|
PUSBSCAN_GET_DESCRIPTOR pGetDesc;
|
|
PUSBSCAN_PIPE_CONFIGURATION pPipeConfig;
|
|
PVOID pBuffer;
|
|
|
|
IO_BLOCK LocalIoBlock;
|
|
IO_BLOCK_EX LocalIoBlockEx;
|
|
PIO_BLOCK pIoBlock;
|
|
PIO_BLOCK_EX pIoBlockEx;
|
|
|
|
ULONG InLength;
|
|
ULONG OutLength;
|
|
BOOLEAN fRead = FALSE;
|
|
BOOLEAN fAbort = TRUE;
|
|
ULONG i;
|
|
PURB pUrb;
|
|
|
|
PAGED_CODE();
|
|
|
|
DebugTrace(TRACE_PROC_ENTER,("USDeviceControl: Enter...\n"));
|
|
|
|
//
|
|
// Check arguments.
|
|
//
|
|
|
|
if( (NULL == pDeviceObject)
|
|
|| (NULL == pDeviceObject->DeviceExtension)
|
|
|| (NULL == pIrp) )
|
|
{
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! Invalid parameter passed.\n"));
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
DebugTrace(TRACE_PROC_LEAVE,("USDeviceControl: Leaving.. Status = %x.\n", Status));
|
|
return Status;
|
|
}
|
|
|
|
//
|
|
// Indicates I/O processing increase.
|
|
//
|
|
|
|
USIncrementIoCount( pDeviceObject );
|
|
|
|
pde = (PUSBSCAN_DEVICE_EXTENSION)pDeviceObject -> DeviceExtension;
|
|
|
|
if (FALSE == pde -> AcceptingRequests) {
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! IOCTL issued after device stopped/removed!\n"));
|
|
Status = STATUS_DELETE_PENDING;
|
|
pIrp -> IoStatus.Status = Status;
|
|
pIrp -> IoStatus.Information = 0;
|
|
IoCompleteRequest(pIrp, IO_NO_INCREMENT);
|
|
|
|
goto USDeviceControl_return;
|
|
}
|
|
|
|
//
|
|
// Check device power state.
|
|
//
|
|
|
|
if (PowerDeviceD0 != pde -> CurrentDevicePowerState) {
|
|
DebugTrace(TRACE_WARNING,("USDeviceControl: WARNING!! Device is suspended.\n"));
|
|
Status = STATUS_DELETE_PENDING;
|
|
pIrp -> IoStatus.Status = Status;
|
|
pIrp -> IoStatus.Information = 0;
|
|
IoCompleteRequest(pIrp, IO_NO_INCREMENT);
|
|
|
|
goto USDeviceControl_return;
|
|
}
|
|
|
|
|
|
pIrpStack = IoGetCurrentIrpStackLocation( pIrp );
|
|
pNextIrpStack = IoGetNextIrpStackLocation( pIrp );
|
|
IoControlCode = pIrpStack->Parameters.DeviceIoControl.IoControlCode;
|
|
|
|
InLength = pIrpStack->Parameters.DeviceIoControl.InputBufferLength;
|
|
OutLength = pIrpStack->Parameters.DeviceIoControl.OutputBufferLength;
|
|
pBuffer = pIrp -> AssociatedIrp.SystemBuffer;
|
|
|
|
fileObject = pIrpStack->FileObject;
|
|
pFileContext = fileObject->FsContext;
|
|
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: Control code 0x%x = ", IoControlCode));
|
|
|
|
switch (IoControlCode) {
|
|
|
|
case IOCTL_GET_VERSION:
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: IOCTL_GET_VERSION\n"));
|
|
|
|
if (OutLength < sizeof(DRV_VERSION) ) {
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! Buffer(0x%x) too small(<0x%x)\n", OutLength, sizeof(DRV_VERSION)));
|
|
DEBUG_BREAKPOINT();
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
break;
|
|
}
|
|
|
|
pVersion = (PDRV_VERSION)pBuffer;
|
|
pVersion->major = 1;
|
|
pVersion->minor = 0;
|
|
pVersion->internal = 0;
|
|
|
|
pIrp -> IoStatus.Information = sizeof(DRV_VERSION);
|
|
|
|
Status = STATUS_SUCCESS;
|
|
break;
|
|
|
|
case IOCTL_CANCEL_IO:
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: IOCTL_CANCEL_IO\n"));
|
|
fAbort = TRUE;
|
|
|
|
//
|
|
// Falling through to the next case, this is intentional. We want to reset pipe when
|
|
// cancel requested
|
|
//
|
|
|
|
case IOCTL_RESET_PIPE:
|
|
if(IOCTL_RESET_PIPE == IoControlCode){
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: IOCTL_RESET_PIPE\n"));
|
|
fAbort = FALSE;
|
|
}
|
|
|
|
//
|
|
// Validate buffer size
|
|
//
|
|
|
|
if (InLength < sizeof(PIPE_TYPE) ) {
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! Pipe type buffer (0x%x bytes) too small\n" ,InLength));
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
break;
|
|
}
|
|
|
|
Status = USCancelPipe(pDeviceObject,
|
|
pIrp,
|
|
*(PIPE_TYPE*)pBuffer,
|
|
fAbort);
|
|
break;
|
|
|
|
case IOCTL_WAIT_ON_DEVICE_EVENT:
|
|
{
|
|
ULONG Index;
|
|
ULONG Timeout;
|
|
PULONG pTimeout;
|
|
|
|
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: IOCTL_WAIT_ON_DEVICE_EVENT\n"));
|
|
|
|
Index = USGetPipeIndexToUse(pDeviceObject,
|
|
pIrp,
|
|
pde -> IndexInterrupt);
|
|
|
|
if (OutLength < pde -> PipeInfo[Index].MaximumPacketSize) {
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! User buffer(0x%x) too small(<)\n"
|
|
, OutLength
|
|
, pde -> PipeInfo[Index].MaximumPacketSize));
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
break;
|
|
}
|
|
|
|
//
|
|
// Copy timeout value from file context.
|
|
//
|
|
|
|
Timeout = pFileContext->TimeoutEvent;
|
|
|
|
//
|
|
// If timeout value is 0, then never timeout.
|
|
//
|
|
|
|
if(0 == Timeout){
|
|
pTimeout = NULL;
|
|
} else {
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: Timeout is set to 0x%x sec.\n", Timeout));
|
|
pTimeout = &Timeout;
|
|
}
|
|
|
|
Status = USTransfer(pDeviceObject,
|
|
pIrp,
|
|
Index,
|
|
pIrp -> AssociatedIrp.SystemBuffer,
|
|
NULL,
|
|
pde -> PipeInfo[Index].MaximumPacketSize,
|
|
pTimeout);
|
|
|
|
//
|
|
// IRP should be completed in USTransfer or its completion routine.
|
|
//
|
|
|
|
goto USDeviceControl_return;
|
|
}
|
|
|
|
case IOCTL_READ_REGISTERS:
|
|
fRead = TRUE;
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: IOCTL_READ_REGISTERS\n"));
|
|
|
|
case IOCTL_WRITE_REGISTERS:{
|
|
|
|
if (IOCTL_WRITE_REGISTERS == IoControlCode) {
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: IOCTL_WRITE_REGISTERS\n"));
|
|
fRead = FALSE;
|
|
}
|
|
#ifdef _WIN64
|
|
|
|
if(IoIs32bitProcess(pIrp)){
|
|
PIO_BLOCK_32 pIoBlock32;
|
|
|
|
if (InLength < sizeof(IO_BLOCK_32) ) {
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! Invalid input 32bit buffer size(0x%x<0x%x)\n"
|
|
, InLength,
|
|
sizeof(IO_BLOCK_32)));
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
break;
|
|
}
|
|
|
|
//
|
|
// Copy all parameters from 32bit structure.
|
|
//
|
|
|
|
pIoBlock32 = (PIO_BLOCK_32)pBuffer;
|
|
pIoBlock = &LocalIoBlock;
|
|
|
|
pIoBlock -> uOffset = pIoBlock32 -> uOffset;
|
|
pIoBlock -> uLength = pIoBlock32 -> uLength;
|
|
pIoBlock -> pbyData = pIoBlock32 -> pbyData;
|
|
pIoBlock -> uIndex = pIoBlock32 -> uIndex;
|
|
|
|
} else { // if(IoIs32bitProcess(pIrp))
|
|
#endif // _WIN64
|
|
|
|
if (InLength < sizeof(IO_BLOCK) ) {
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! Invalid input buffer size(0x%x<0x%x)\n"
|
|
, InLength,
|
|
sizeof(IO_BLOCK)));
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
break;
|
|
}
|
|
pIoBlock = (PIO_BLOCK)pBuffer;
|
|
|
|
#ifdef _WIN64
|
|
} // if(IoIs32bitProcess(pIrp))
|
|
#endif // _WIN64
|
|
|
|
if(TRUE == fRead){
|
|
|
|
//
|
|
// Check the size of Output buffer.
|
|
//
|
|
|
|
if (OutLength < pIoBlock -> uLength) {
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! Out buffer(0x%x) too small(<0x%x)\n"
|
|
, OutLength
|
|
, pIoBlock -> uLength));
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
break;
|
|
} // if (OutLength < pIoBlock -> uLength)
|
|
} // if(TRUE == fRead)
|
|
|
|
pIrp -> IoStatus.Information = pIoBlock -> uLength;
|
|
|
|
//
|
|
// Caller gives us a pointer, embedded into IOCTL buffer. If call is made from
|
|
// user-mode , we need to validate that given pointer is readable.
|
|
//
|
|
|
|
if (pIrp->RequestorMode != KernelMode) {
|
|
|
|
try {
|
|
ProbeForRead(pIoBlock->pbyData,
|
|
pIoBlock -> uLength,
|
|
sizeof(UCHAR));
|
|
|
|
} except(EXCEPTION_EXECUTE_HANDLER) {
|
|
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: Read/Write registers buffer pointer is invalid\n"));
|
|
DEBUG_BREAKPOINT();
|
|
|
|
Status = GetExceptionCode();
|
|
|
|
pIrp -> IoStatus.Information = 0;
|
|
break;
|
|
} // except
|
|
} // !kernelmode
|
|
|
|
//
|
|
// Now go to worker function
|
|
//
|
|
|
|
Status = USReadWriteRegisters(pDeviceObject,
|
|
pIoBlock,
|
|
fRead,
|
|
InLength);
|
|
if (STATUS_SUCCESS != Status) {
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! USReadWriteRegisters failed\n"));
|
|
DEBUG_BREAKPOINT();
|
|
pIrp -> IoStatus.Information = 0;
|
|
}
|
|
break;
|
|
} // case IOCTL_WRITE_REGISTERS:
|
|
case IOCTL_GET_CHANNEL_ALIGN_RQST:
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: IOCTL_GET_CHANNEL_ALIGN_REQUEST\n"));
|
|
|
|
if (OutLength < sizeof(CHANNEL_INFO) ) {
|
|
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! Buffer(0x%x) too small(<0x%x)\n"
|
|
, OutLength
|
|
,sizeof(CHANNEL_INFO)));
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
break;
|
|
}
|
|
|
|
pIoBlock = (PIO_BLOCK)pBuffer;
|
|
RtlZeroMemory((PCHANNEL_INFO)pIoBlock, sizeof(CHANNEL_INFO));
|
|
|
|
for (i = 0; i < pde -> NumberOfPipes; i++) {
|
|
|
|
//
|
|
// Have to check which pipe to use
|
|
//
|
|
|
|
ULONG Index;
|
|
Index = USGetPipeIndexToUse(pDeviceObject,
|
|
pIrp,
|
|
i);
|
|
switch (pde -> PipeInfo[Index].PipeType) {
|
|
case USB_ENDPOINT_TYPE_INTERRUPT:
|
|
((PCHANNEL_INFO)pIoBlock)->EventChannelSize = pde -> PipeInfo[Index].MaximumPacketSize;
|
|
break;
|
|
case USB_ENDPOINT_TYPE_BULK:
|
|
if (pde -> pEndpointDescriptor[Index].bEndpointAddress & BULKIN_FLAG) {
|
|
((PCHANNEL_INFO)pIoBlock) -> uReadDataAlignment = pde -> PipeInfo[Index].MaximumPacketSize;
|
|
} else {
|
|
((PCHANNEL_INFO)pIoBlock) -> uWriteDataAlignment = pde -> PipeInfo[Index].MaximumPacketSize;
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
pIrp -> IoStatus.Information = sizeof(CHANNEL_INFO);
|
|
Status = STATUS_SUCCESS;
|
|
break;
|
|
|
|
case IOCTL_GET_DEVICE_DESCRIPTOR:
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: IOCTL_GET_DEVICE_DESCRIPTOR\n"));
|
|
|
|
if (OutLength < sizeof(DEVICE_DESCRIPTOR)) {
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! Out buffer(0x%x) is too small(<0x%x)\n"
|
|
, OutLength
|
|
, sizeof(DEVICE_DESCRIPTOR)));
|
|
Status = STATUS_INVALID_PARAMETER_6;
|
|
break;
|
|
}
|
|
|
|
pDesc = (PDEVICE_DESCRIPTOR)pBuffer;
|
|
pDesc -> usVendorId = pde -> pDeviceDescriptor -> idVendor;
|
|
pDesc -> usProductId = pde -> pDeviceDescriptor -> idProduct;
|
|
pDesc -> usBcdDevice = pde -> pDeviceDescriptor -> bcdDevice;
|
|
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: Vendor ID:%d\n", pDesc -> usVendorId));
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: Product ID:%d\n", pDesc -> usProductId));
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: BcdDevice:%d\n", pDesc -> usBcdDevice));
|
|
|
|
pIrp -> IoStatus.Information = sizeof(DEVICE_DESCRIPTOR);
|
|
Status = STATUS_SUCCESS;
|
|
break;
|
|
|
|
|
|
case IOCTL_GET_USB_DESCRIPTOR:
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: IOCTL_GET_USB_DESCRIPTOR\n"));
|
|
|
|
if (OutLength < sizeof(USBSCAN_GET_DESCRIPTOR)) {
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! Out buffer(0x%x) is too small(<0x%x)\n"
|
|
, OutLength
|
|
, sizeof(USBSCAN_GET_DESCRIPTOR)));
|
|
Status = STATUS_INVALID_PARAMETER_6;
|
|
break;
|
|
}
|
|
|
|
pGetDesc = (PUSBSCAN_GET_DESCRIPTOR)pBuffer;
|
|
pUrb = USAllocatePool(NonPagedPool,
|
|
sizeof(struct _URB_CONTROL_DESCRIPTOR_REQUEST));
|
|
if (NULL == pUrb) {
|
|
DebugTrace(TRACE_CRITICAL,("USDeviceControl: ERROR!! Can't allocate control descriptor URB.\n"));
|
|
DEBUG_BREAKPOINT();
|
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
|
break;
|
|
}
|
|
|
|
#ifdef DEBUG
|
|
switch(pGetDesc -> DescriptorType){
|
|
case USB_DEVICE_DESCRIPTOR_TYPE:
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: USB_DEVICE_DESCRIPTOR_TYPE\n"));
|
|
break;
|
|
case USB_CONFIGURATION_DESCRIPTOR_TYPE:
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: USB_CONFIGURATION_DESCRIPTOR_TYPE\n"));
|
|
break;
|
|
case USB_STRING_DESCRIPTOR_TYPE:
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: USB_STRING_DESCRIPTOR_TYPE\n"));
|
|
break;
|
|
default:
|
|
DebugTrace(TRACE_WARNING,("USDeviceControl: WARNING!! 0x%x = Undefined.\n", pGetDesc -> DescriptorType));
|
|
Status = STATUS_INVALID_PARAMETER_3;
|
|
|
|
USFreePool(pUrb);
|
|
pUrb = NULL;
|
|
pIrp -> IoStatus.Information = 0;
|
|
goto USDeviceControl_return;
|
|
}
|
|
DebugTrace(TRACE_STATUS, ("USDeviceControl: Index :%d\n",pGetDesc -> Index));
|
|
DebugTrace(TRACE_STATUS, ("USDeviceControl: LanguageID :%d\n", pGetDesc -> LanguageId));
|
|
#endif //DEBUG
|
|
|
|
UsbBuildGetDescriptorRequest(pUrb,
|
|
(USHORT)sizeof(struct _URB_CONTROL_DESCRIPTOR_REQUEST),
|
|
pGetDesc -> DescriptorType,
|
|
pGetDesc -> Index,
|
|
pGetDesc -> LanguageId,
|
|
pBuffer,
|
|
NULL,
|
|
OutLength,
|
|
NULL);
|
|
|
|
Status = USBSCAN_CallUSBD(pDeviceObject, pUrb);
|
|
#ifdef DEBUG
|
|
if ( (STATUS_SUCCESS == Status)
|
|
// && (USB_DEVICE_DESCRIPTOR_TYPE == pGetDesc -> DescriptorType)
|
|
)
|
|
{
|
|
PUSB_DEVICE_DESCRIPTOR pDeviceDescriptor;
|
|
pDeviceDescriptor = (PUSB_DEVICE_DESCRIPTOR)pBuffer;
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: Device Descriptor = %x, len %x\n",
|
|
pDeviceDescriptor,
|
|
pUrb->UrbControlDescriptorRequest.TransferBufferLength));
|
|
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: USBSCAN Device Descriptor:\n"));
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: -------------------------\n"));
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: bLength %d\n", pDeviceDescriptor->bLength));
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: bDescriptorType 0x%x\n", pDeviceDescriptor->bDescriptorType));
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: bcdUSB 0x%x\n", pDeviceDescriptor->bcdUSB));
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: bDeviceClass 0x%x\n", pDeviceDescriptor->bDeviceClass));
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: bDeviceSubClass 0x%x\n", pDeviceDescriptor->bDeviceSubClass));
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: bDeviceProtocol 0x%x\n", pDeviceDescriptor->bDeviceProtocol));
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: bMaxPacketSize0 0x%x\n", pDeviceDescriptor->bMaxPacketSize0));
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: idVendor 0x%x\n", pDeviceDescriptor->idVendor));
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: idProduct 0x%x\n", pDeviceDescriptor->idProduct));
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: bcdDevice 0x%x\n", pDeviceDescriptor->bcdDevice));
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: iManufacturer 0x%x\n", pDeviceDescriptor->iManufacturer));
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: iProduct 0x%x\n", pDeviceDescriptor->iProduct));
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: iSerialNumber 0x%x\n", pDeviceDescriptor->iSerialNumber));
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: bNumConfigurations 0x%x\n", pDeviceDescriptor->bNumConfigurations));
|
|
|
|
} else {
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR! Status = %d\n", Status));
|
|
}
|
|
|
|
#endif //DEBUG
|
|
|
|
USFreePool(pUrb);
|
|
pUrb = NULL;
|
|
pIrp -> IoStatus.Information = ((PUSB_DEVICE_DESCRIPTOR)pBuffer)->bLength;
|
|
break;
|
|
|
|
case IOCTL_SEND_USB_REQUEST:
|
|
{
|
|
|
|
//
|
|
// Generic pass-through mechanism for USB vendor requests.
|
|
//
|
|
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: IOCTL_SEND_USB_REQUEST\n"));
|
|
|
|
//
|
|
// Validate length parameters.
|
|
//
|
|
|
|
#ifdef _WIN64
|
|
|
|
if(IoIs32bitProcess(pIrp)){
|
|
PIO_BLOCK_EX_32 pIoBlockEx32;
|
|
|
|
if (InLength < sizeof(IO_BLOCK_EX_32) ) {
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! Invalid input 32bit buffer size(0x%x<0x%x)\n"
|
|
, InLength,
|
|
sizeof(IO_BLOCK_EX_32)));
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
break;
|
|
}
|
|
|
|
//
|
|
// Copy all parameters from 32bit structure.
|
|
//
|
|
|
|
pIoBlockEx32 = (PIO_BLOCK_EX_32)pBuffer;
|
|
pIoBlockEx = &LocalIoBlockEx;
|
|
|
|
pIoBlockEx -> uOffset = pIoBlockEx32 -> uOffset;
|
|
pIoBlockEx -> uLength = pIoBlockEx32 -> uLength;
|
|
pIoBlockEx -> pbyData = pIoBlockEx32 -> pbyData;
|
|
pIoBlockEx -> uIndex = pIoBlockEx32 -> uIndex;
|
|
pIoBlockEx -> bRequest = pIoBlockEx32 -> bRequest;
|
|
pIoBlockEx -> bmRequestType = pIoBlockEx32 -> bmRequestType;
|
|
pIoBlockEx -> fTransferDirectionIn = pIoBlockEx32 -> fTransferDirectionIn;
|
|
|
|
} else { // if(IoIs32bitProcess(pIrp))
|
|
#endif // _WIN64
|
|
|
|
if (InLength < sizeof(IO_BLOCK_EX) ) {
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! I/O buffer(0x%x) too small(<0x%x)\n"
|
|
, InLength
|
|
, sizeof(IO_BLOCK_EX)));
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
break;
|
|
}
|
|
|
|
pIoBlockEx = (PIO_BLOCK_EX)pBuffer;
|
|
|
|
#ifdef _WIN64
|
|
} // if(IoIs32bitProcess(pIrp))
|
|
#endif // _WIN64
|
|
|
|
if (pIoBlockEx->fTransferDirectionIn) {
|
|
|
|
//
|
|
// Check output buffer length is valid.
|
|
//
|
|
|
|
if (OutLength < pIoBlockEx -> uLength) {
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! OutLength too small\n"));
|
|
DEBUG_BREAKPOINT();
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
pIrp -> IoStatus.Information = 0;
|
|
break;
|
|
}
|
|
pIrp -> IoStatus.Information = pIoBlockEx -> uLength;
|
|
|
|
} else {
|
|
|
|
//
|
|
// No output to the caller.
|
|
//
|
|
|
|
pIrp -> IoStatus.Information = 0;
|
|
}
|
|
|
|
//
|
|
// Validate user buffer.
|
|
//
|
|
|
|
if (pIrp->RequestorMode != KernelMode) {
|
|
|
|
try {
|
|
ProbeForRead(pIoBlockEx->pbyData,
|
|
pIoBlockEx->uLength,
|
|
sizeof(UCHAR));
|
|
|
|
} except(EXCEPTION_EXECUTE_HANDLER) {
|
|
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: User buffer pointer is invalid\n"));
|
|
|
|
Status = GetExceptionCode();
|
|
|
|
pIrp -> IoStatus.Information = 0;
|
|
break;
|
|
} // except
|
|
} // !kernelmode
|
|
|
|
//
|
|
// Now go to worker function
|
|
//
|
|
|
|
Status = USPassThruUSBRequest(pDeviceObject,
|
|
(PIO_BLOCK_EX)pBuffer,
|
|
InLength,
|
|
OutLength
|
|
);
|
|
|
|
if (STATUS_SUCCESS != Status) {
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! USPassThruUSBRequest failed\n"));
|
|
DEBUG_BREAKPOINT();
|
|
pIrp -> IoStatus.Information = 0;
|
|
}
|
|
|
|
break;
|
|
|
|
} // case IOCTL_SEND_USB_REQUEST:
|
|
|
|
case IOCTL_SEND_USB_REQUEST_PTP:
|
|
{
|
|
|
|
//
|
|
// Generic pass-through mechanism for USB vendor requests.
|
|
//
|
|
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: IOCTL_SEND_USB_REQUEST_PTP\n"));
|
|
|
|
//
|
|
// Validate length parameters.
|
|
//
|
|
|
|
#ifdef _WIN64
|
|
|
|
if(IoIs32bitProcess(pIrp)){
|
|
PIO_BLOCK_EX_32 pIoBlockEx32;
|
|
|
|
if (InLength < sizeof(IO_BLOCK_EX_32) ) {
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! Invalid input 32bit buffer size(0x%x<0x%x)\n"
|
|
, InLength,
|
|
sizeof(IO_BLOCK_EX_32)));
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
break;
|
|
}
|
|
|
|
//
|
|
// Copy all parameters from 32bit structure.
|
|
//
|
|
|
|
pIoBlockEx32 = (PIO_BLOCK_EX_32)pBuffer;
|
|
pIoBlockEx = &LocalIoBlockEx;
|
|
|
|
pIoBlockEx -> uOffset = pIoBlockEx32 -> uOffset;
|
|
pIoBlockEx -> uLength = pIoBlockEx32 -> uLength;
|
|
pIoBlockEx -> pbyData = pIoBlockEx32 -> pbyData;
|
|
pIoBlockEx -> uIndex = pIoBlockEx32 -> uIndex;
|
|
pIoBlockEx -> bRequest = pIoBlockEx32 -> bRequest;
|
|
pIoBlockEx -> bmRequestType = pIoBlockEx32 -> bmRequestType;
|
|
pIoBlockEx -> fTransferDirectionIn = pIoBlockEx32 -> fTransferDirectionIn;
|
|
|
|
} else { // if(IoIs32bitProcess(pIrp))
|
|
#endif // _WIN64
|
|
|
|
if (InLength < sizeof(IO_BLOCK_EX) ) {
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! I/O buffer(0x%x) too small(<0x%x)\n"
|
|
, InLength
|
|
, sizeof(IO_BLOCK_EX)));
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
break;
|
|
}
|
|
|
|
pIoBlockEx = (PIO_BLOCK_EX)pBuffer;
|
|
|
|
#ifdef _WIN64
|
|
} // if(IoIs32bitProcess(pIrp))
|
|
#endif // _WIN64
|
|
|
|
if (pIoBlockEx->fTransferDirectionIn) {
|
|
|
|
//
|
|
// Check output buffer length is valid.
|
|
//
|
|
|
|
if (OutLength < pIoBlockEx -> uLength) {
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! OutLength too small\n"));
|
|
DEBUG_BREAKPOINT();
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
pIrp -> IoStatus.Information = 0;
|
|
break;
|
|
}
|
|
pIrp -> IoStatus.Information = pIoBlockEx -> uLength;
|
|
|
|
} else {
|
|
|
|
//
|
|
// No output to the caller.
|
|
//
|
|
|
|
pIrp -> IoStatus.Information = 0;
|
|
}
|
|
|
|
//
|
|
// Validate user buffer.
|
|
//
|
|
|
|
if (pIrp->RequestorMode != KernelMode) {
|
|
|
|
try {
|
|
ProbeForRead(pIoBlockEx->pbyData,
|
|
pIoBlockEx->uLength,
|
|
sizeof(UCHAR));
|
|
|
|
} except(EXCEPTION_EXECUTE_HANDLER) {
|
|
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: User buffer pointer is invalid\n"));
|
|
|
|
Status = GetExceptionCode();
|
|
|
|
pIrp -> IoStatus.Information = 0;
|
|
break;
|
|
} // except
|
|
} // !kernelmode
|
|
|
|
//
|
|
// Now go to worker function
|
|
//
|
|
|
|
Status = USPassThruUSBRequestPTP(pDeviceObject,
|
|
(PIO_BLOCK_EX)pBuffer,
|
|
InLength,
|
|
OutLength);
|
|
|
|
if (STATUS_SUCCESS != Status) {
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! USPassThruUSBRequestPTP failed\n"));
|
|
DEBUG_BREAKPOINT();
|
|
pIrp -> IoStatus.Information = 0;
|
|
}
|
|
|
|
break;
|
|
|
|
} // case IOCTL_SEND_USB_REQUEST_PTP:
|
|
|
|
case IOCTL_GET_PIPE_CONFIGURATION:
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: IOCTL_GET_PIPE_CONFIGURATION\n"));
|
|
|
|
//
|
|
// Check output buffer length
|
|
//
|
|
|
|
if (OutLength < sizeof(USBSCAN_PIPE_CONFIGURATION)) {
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! GetPipeConfig buffer(0x%x) too small(<0x%x)\n"
|
|
, OutLength
|
|
, sizeof(USBSCAN_PIPE_CONFIGURATION)));
|
|
Status = STATUS_INVALID_PARAMETER_6;
|
|
break;
|
|
}
|
|
|
|
//
|
|
// Copy Pipe configuration to user buffer.
|
|
//
|
|
|
|
pPipeConfig = (PUSBSCAN_PIPE_CONFIGURATION)pBuffer;
|
|
RtlZeroMemory(pPipeConfig, sizeof(USBSCAN_PIPE_CONFIGURATION));
|
|
|
|
pPipeConfig->NumberOfPipes = pde->NumberOfPipes;
|
|
for(i=0; i < pPipeConfig->NumberOfPipes; i++){
|
|
pPipeConfig->PipeInfo[i].MaximumPacketSize = pde->PipeInfo[i].MaximumPacketSize;
|
|
pPipeConfig->PipeInfo[i].EndpointAddress = pde->PipeInfo[i].EndpointAddress;
|
|
pPipeConfig->PipeInfo[i].Interval = pde->PipeInfo[i].Interval;
|
|
pPipeConfig->PipeInfo[i].PipeType = pde->PipeInfo[i].PipeType;
|
|
}
|
|
|
|
pIrp -> IoStatus.Information = sizeof(USBSCAN_PIPE_CONFIGURATION);
|
|
Status = STATUS_SUCCESS;
|
|
break;
|
|
|
|
|
|
case IOCTL_SET_TIMEOUT:
|
|
DebugTrace(TRACE_STATUS,("USDeviceControl: IOCTL_SET_TIMEOUT\n"));
|
|
|
|
//
|
|
// Make sure input buffer size is big enough.
|
|
//
|
|
|
|
if(sizeof(USBSCAN_TIMEOUT) > InLength){
|
|
|
|
//
|
|
// Incorrect Input buffer size.
|
|
//
|
|
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! Invalid input buffer size\n"));
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
break;
|
|
}
|
|
|
|
//
|
|
// Copy timeout value.
|
|
//
|
|
|
|
pFileContext -> TimeoutRead = ((PUSBSCAN_TIMEOUT)pBuffer) -> TimeoutRead;
|
|
pFileContext -> TimeoutWrite = ((PUSBSCAN_TIMEOUT)pBuffer) -> TimeoutWrite;
|
|
pFileContext -> TimeoutEvent = ((PUSBSCAN_TIMEOUT)pBuffer) -> TimeoutEvent;
|
|
|
|
pIrp -> IoStatus.Information = 0;
|
|
|
|
Status = STATUS_SUCCESS;
|
|
break;
|
|
|
|
default:
|
|
DebugTrace(TRACE_ERROR,("USDeviceControl: ERROR!! Unsupported IOCTL\n"));
|
|
Status = STATUS_NOT_SUPPORTED;
|
|
break;
|
|
}
|
|
|
|
|
|
pIrp -> IoStatus.Status = Status;
|
|
IoCompleteRequest(pIrp, IO_NO_INCREMENT);
|
|
|
|
USDeviceControl_return:
|
|
USDecrementIoCount(pDeviceObject);
|
|
DebugTrace(TRACE_PROC_LEAVE,("USDeviceControl: Leaving.. Status = 0x%x\n", Status));
|
|
return Status;
|
|
|
|
|
|
} // end USDeviceControl()
|
|
|
|
|
|
|
|
NTSTATUS
|
|
USReadWriteRegisters(
|
|
IN PDEVICE_OBJECT pDeviceObject,
|
|
IN PIO_BLOCK pIoBlock,
|
|
IN BOOLEAN fRead,
|
|
IN ULONG IoBlockSize
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
Arguments:
|
|
|
|
Return Value:
|
|
|
|
--*/
|
|
{
|
|
NTSTATUS Status;
|
|
PUSBSCAN_DEVICE_EXTENSION pde;
|
|
PURB pUrb;
|
|
ULONG siz;
|
|
UCHAR Request;
|
|
PVOID pBuffer = NULL;
|
|
//USHORT uIndex;
|
|
unsigned uIndex;
|
|
|
|
PAGED_CODE();
|
|
|
|
DebugTrace(TRACE_PROC_ENTER,("USReadWriteRegisters: Enter..\n"));
|
|
|
|
pde = (PUSBSCAN_DEVICE_EXTENSION)pDeviceObject -> DeviceExtension;
|
|
|
|
//
|
|
// Allocate URB
|
|
//
|
|
|
|
siz = sizeof(struct _URB_CONTROL_VENDOR_OR_CLASS_REQUEST);
|
|
pUrb = USAllocatePool(NonPagedPool, siz);
|
|
if (NULL == pUrb) {
|
|
DebugTrace(TRACE_CRITICAL,("USReadWriteRegisters: ERROR!! cannot allocated URB\n"));
|
|
DEBUG_BREAKPOINT();
|
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
|
goto USReadWriteRegisters_return;
|
|
}
|
|
|
|
RtlZeroMemory(pUrb, siz);
|
|
|
|
//
|
|
// Setup URB
|
|
//
|
|
|
|
Request = REGISTER_AREA;
|
|
if (pIoBlock -> uLength > 1) {
|
|
DebugTrace(TRACE_STATUS,("USReadWriteRegisters: ULength > 1, turning on automatic increment\n"));
|
|
Request |= OPCODE_SEQ_TRANSFER; // automatic address increment after the read
|
|
} else {
|
|
Request |= OPCODE_SINGLE_ADDR_TRANSFER; // no address increment after the read
|
|
}
|
|
|
|
//
|
|
// Reading registers will read into pIoBlock itself.
|
|
//
|
|
|
|
pBuffer = pIoBlock;
|
|
|
|
//
|
|
// If we are writing registers, then we need to make a copy of the
|
|
// register block into a non-paged block of memory before handing it off
|
|
// to usbd.
|
|
//
|
|
|
|
if (!fRead) {
|
|
DebugTrace(TRACE_STATUS,("USReadWriteRegisters: Write request, allocating non-paged reg buffer, len = %d\n",pIoBlock->uLength));
|
|
pBuffer = USAllocatePool(NonPagedPool, pIoBlock->uLength);
|
|
if (NULL == pBuffer) {
|
|
DebugTrace(TRACE_CRITICAL,("USReadWriteRegisters: ERROR!! cannot allocate write reg buffer\n"));
|
|
DEBUG_BREAKPOINT();
|
|
USFreePool(pUrb);
|
|
pUrb = NULL;
|
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
|
goto USReadWriteRegisters_return;
|
|
}
|
|
|
|
//
|
|
// Caller gives us a pointer, embedded into IOCTL buffer. We need to
|
|
// validate that given pointer is readable.
|
|
//
|
|
|
|
try{
|
|
RtlCopyMemory(pBuffer,
|
|
pIoBlock->pbyData,
|
|
pIoBlock->uLength);
|
|
|
|
} except(EXCEPTION_EXECUTE_HANDLER) {
|
|
|
|
//
|
|
// Caller buffer is not valid, or worse..
|
|
//
|
|
|
|
DebugTrace(TRACE_ERROR,("USReadWriteRegisters: ERROR!! Copying caller buffer failed.\n"));
|
|
DEBUG_BREAKPOINT();
|
|
Status = GetExceptionCode();
|
|
|
|
//
|
|
// Clear allocated pool
|
|
//
|
|
|
|
USFreePool(pUrb);
|
|
USFreePool(pBuffer);
|
|
pUrb = NULL;
|
|
pBuffer = NULL;
|
|
|
|
goto USReadWriteRegisters_return;
|
|
}
|
|
|
|
}
|
|
|
|
//
|
|
// If the IoBlock is new style (Intel has added a uIndex field to the end of it),
|
|
// then make sure we pass the corrected uIndex value to usbd.
|
|
//
|
|
|
|
uIndex = 0;
|
|
if (IoBlockSize == sizeof(IO_BLOCK)) {
|
|
DebugTrace(TRACE_STATUS,("USReadWriteRegisters: New (intel) style IoBlock -- setting uIndex to pIoBlock -> uIndex\n"));
|
|
uIndex = pIoBlock -> uIndex;
|
|
}
|
|
|
|
|
|
UsbBuildVendorClassSpecificCommand(pUrb,
|
|
fRead ? USBD_TRANSFER_DIRECTION_IN : 0,
|
|
pIoBlock->uLength,
|
|
pBuffer,
|
|
NULL,
|
|
fRead ? 0xc0 : 0x40,
|
|
Request,
|
|
(SHORT)pIoBlock->uOffset,
|
|
(USHORT)uIndex);
|
|
|
|
Status = USBSCAN_CallUSBD(pDeviceObject, pUrb);
|
|
|
|
if (!fRead) {
|
|
DebugTrace(TRACE_STATUS,("USReadWriteRegisters: freeing temp reg buffer\n"));
|
|
USFreePool(pBuffer);
|
|
pBuffer = NULL;
|
|
}
|
|
|
|
USFreePool(pUrb);
|
|
pUrb = NULL;
|
|
|
|
USReadWriteRegisters_return:
|
|
if(!NT_SUCCESS(Status)){
|
|
DebugTrace(TRACE_ERROR,("USReadWriteRegisters: ERROR!! Still had unfreed pointer. Free it...\n"));
|
|
|
|
if(pUrb){
|
|
USFreePool(pUrb);
|
|
}
|
|
if( (pBuffer)
|
|
&& (!fRead ) )
|
|
{
|
|
USFreePool(pBuffer);
|
|
}
|
|
}
|
|
DebugTrace(TRACE_PROC_LEAVE,("USReadWriteRegisters: Leaving.. Status = 0x%x\n", Status));
|
|
return Status;
|
|
}
|
|
|
|
|
|
NTSTATUS
|
|
USCancelPipe(
|
|
IN PDEVICE_OBJECT pDeviceObject,
|
|
IN PIRP pIrp,
|
|
IN PIPE_TYPE PipeType,
|
|
IN BOOLEAN fAbort // TRUE = Abort, FALSE = Reset
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
Cansel URB or reset pipe. If PipeType is PIPE_ALL, it applies to every pipes a device has.
|
|
If not, it applies to only one default pipe even if a device supports multipul same type of pipes.
|
|
|
|
Arguments:
|
|
pDeviceObject - Pointer to Device Object
|
|
pIrp - Can be NULL if PipeType is ALL_PIPE
|
|
PipeType - Specifies type of pipe
|
|
fAbort - Specifies type of operation
|
|
|
|
Return Value:
|
|
|
|
Returns status
|
|
--*/
|
|
{
|
|
NTSTATUS Status, temp;
|
|
PUSBSCAN_DEVICE_EXTENSION pde;
|
|
|
|
PAGED_CODE();
|
|
|
|
// DebugTrace(TRACE_PROC_ENTER,("USCancelPipe: Enter.. - "));
|
|
|
|
Status = STATUS_SUCCESS;
|
|
pde = (PUSBSCAN_DEVICE_EXTENSION)pDeviceObject -> DeviceExtension;
|
|
|
|
switch (PipeType) {
|
|
|
|
case EVENT_PIPE:
|
|
|
|
DebugTrace(TRACE_STATUS,("USCancelPipe: EVENT_PIPE\n"));
|
|
|
|
if(NULL == pIrp){
|
|
DebugTrace(TRACE_ERROR,("USCancelPipe: ERROR!! pIrp not valid\n"));
|
|
break;
|
|
}
|
|
|
|
if (-1 == pde -> IndexInterrupt) {
|
|
DebugTrace(TRACE_ERROR,("USCancelPipe: ERROR!! Interrupt pipe not valid\n"));
|
|
DEBUG_BREAKPOINT();
|
|
Status = STATUS_NOT_SUPPORTED;
|
|
break;
|
|
}
|
|
|
|
Status = USAbortResetPipe(pDeviceObject,
|
|
USGetPipeIndexToUse(pDeviceObject, pIrp, pde -> IndexInterrupt),
|
|
fAbort);
|
|
DebugTrace(TRACE_STATUS,("Event Pipe aborted/reset, Status = 0x%x\n",Status));
|
|
break;
|
|
|
|
case READ_DATA_PIPE:
|
|
|
|
DebugTrace(TRACE_STATUS,("USCancelPipe: READ_DATA_PIPE\n"));
|
|
|
|
if(NULL == pIrp){
|
|
DebugTrace(TRACE_ERROR,("USCancelPipe: ERROR!! pIrp not valid\n"));
|
|
break;
|
|
}
|
|
|
|
if (-1 == pde -> IndexBulkIn) {
|
|
DebugTrace(TRACE_ERROR,("USCancelPipe: ERROR!! bulk-in pipe not valid\n"));
|
|
DEBUG_BREAKPOINT();
|
|
Status = STATUS_NOT_SUPPORTED;
|
|
break;
|
|
}
|
|
Status = USAbortResetPipe(pDeviceObject,
|
|
USGetPipeIndexToUse(pDeviceObject, pIrp, pde -> IndexBulkIn),
|
|
fAbort);
|
|
DebugTrace(TRACE_STATUS,("USCancelPipe: Read Pipe aborted/reset, Status = 0x%x\n",Status));
|
|
break;
|
|
|
|
case WRITE_DATA_PIPE:
|
|
|
|
DebugTrace(TRACE_STATUS,("USCancelPipe: WRITE_DATA_PIPE\n"));
|
|
|
|
if(NULL == pIrp){
|
|
DebugTrace(TRACE_ERROR,("USCancelPipe: ERROR!! pIrp not valid\n"));
|
|
break;
|
|
}
|
|
|
|
if (-1 == pde -> IndexBulkOut) {
|
|
DebugTrace(TRACE_ERROR,("USCancelPipe: ERROR!! bulk-out pipe not valid\n"));
|
|
DEBUG_BREAKPOINT();
|
|
Status = STATUS_NOT_SUPPORTED;
|
|
break;
|
|
}
|
|
Status = USAbortResetPipe(pDeviceObject,
|
|
USGetPipeIndexToUse(pDeviceObject, pIrp, pde -> IndexBulkOut),
|
|
fAbort);
|
|
DebugTrace(TRACE_STATUS,("Write Pipe aborted/reset, Status = 0x%x\n",Status));
|
|
break;
|
|
|
|
case ALL_PIPE:
|
|
{
|
|
ULONG i;
|
|
|
|
DebugTrace(TRACE_STATUS,("USCancelPipe: ALL_PIPE\n"));
|
|
|
|
for(i=0; i < pde -> NumberOfPipes; i++){
|
|
temp = USAbortResetPipe(pDeviceObject, i, fAbort);
|
|
// DebugTrace(TRACE_STATUS,("USCancelPipe: pipe[%d] aborted/reset, Status = 0x%x\n", i, temp));
|
|
if(STATUS_SUCCESS != temp){
|
|
Status = temp;
|
|
}
|
|
}
|
|
break;
|
|
}
|
|
|
|
default:
|
|
|
|
DebugTrace(TRACE_ERROR,("USCancelPipe: ERROR!! INVALID_PIPE\n"));
|
|
|
|
Status = STATUS_INVALID_PARAMETER;
|
|
break;
|
|
}
|
|
|
|
DebugTrace(TRACE_PROC_LEAVE,("USCancelPipe: Leaving.. Status = 0x%x\n", Status));
|
|
return Status;
|
|
}
|
|
|
|
|
|
NTSTATUS
|
|
USAbortResetPipe(
|
|
IN PDEVICE_OBJECT pDeviceObject,
|
|
IN ULONG uIndex,
|
|
IN BOOLEAN fAbort // TRUE = Abort, FALSE = Reset
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
Arguments:
|
|
|
|
Return Value:
|
|
|
|
--*/
|
|
{
|
|
NTSTATUS Status = STATUS_SUCCESS;
|
|
NTSTATUS StatusReset = STATUS_SUCCESS;
|
|
PUSBSCAN_DEVICE_EXTENSION pde;
|
|
PURB pUrb;
|
|
ULONG siz;
|
|
|
|
PAGED_CODE();
|
|
|
|
DebugTrace(TRACE_PROC_ENTER,("USAbortResetPipe: Enter... \n"));
|
|
|
|
pde = (PUSBSCAN_DEVICE_EXTENSION)pDeviceObject -> DeviceExtension;
|
|
pUrb = NULL;
|
|
|
|
//
|
|
// Allocate URB
|
|
//
|
|
|
|
siz = sizeof(struct _URB_PIPE_REQUEST);
|
|
pUrb = USAllocatePool(NonPagedPool, siz);
|
|
if (NULL == pUrb) {
|
|
DebugTrace(TRACE_ERROR,("USAbortResetPipe: ERROR!! cannot allocated URB\n"));
|
|
DEBUG_BREAKPOINT();
|
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
|
goto USAbortResetPipe_return;
|
|
}
|
|
RtlZeroMemory(pUrb, siz);
|
|
|
|
if (fAbort) {
|
|
|
|
DebugTrace(TRACE_STATUS,("USAbortResetPipe: Aborting pipe[%d]\n", uIndex));
|
|
|
|
//
|
|
// Issue abort pipe call to USBD.
|
|
//
|
|
|
|
UsbBuildAbortPipeRequest(pUrb,
|
|
siz,
|
|
pde -> PipeInfo[uIndex].PipeHandle);
|
|
|
|
Status = USBSCAN_CallUSBD(pDeviceObject, pUrb);
|
|
|
|
if (STATUS_SUCCESS != Status) {
|
|
DebugTrace(TRACE_ERROR,("USAbortResetPipe: ERROR!! Abort pipe failed. Status = 0x%x\n",Status));
|
|
goto USAbortResetPipe_return;
|
|
}
|
|
|
|
UsbBuildResetPipeRequest(pUrb,
|
|
siz,
|
|
pde -> PipeInfo[uIndex].PipeHandle);
|
|
|
|
StatusReset = USBSCAN_CallUSBD(pDeviceObject, pUrb);
|
|
|
|
if (STATUS_SUCCESS != StatusReset) {
|
|
DebugTrace(TRACE_ERROR,("USAbortResetPipe: ERROR!! resetting pipe. Status = 0x%x\n",StatusReset));
|
|
goto USAbortResetPipe_return;
|
|
}
|
|
|
|
|
|
} else {
|
|
|
|
DebugTrace(TRACE_STATUS,("Reseting pipe[%d]\n", uIndex));
|
|
|
|
//
|
|
// Issue reset pipe call to USBD.
|
|
//
|
|
|
|
UsbBuildResetPipeRequest(pUrb,
|
|
siz,
|
|
pde -> PipeInfo[uIndex].PipeHandle);
|
|
|
|
Status = USBSCAN_CallUSBD(pDeviceObject, pUrb);
|
|
|
|
if (STATUS_SUCCESS != Status) {
|
|
DebugTrace(TRACE_ERROR,("USAbortResetPipe: ERROR!! Reset pipe failed. Status = 0x%x\n",Status));
|
|
goto USAbortResetPipe_return;
|
|
}
|
|
}
|
|
|
|
USAbortResetPipe_return:
|
|
//
|
|
// Clean up.
|
|
//
|
|
|
|
if(pUrb){
|
|
USFreePool(pUrb);
|
|
}
|
|
|
|
DebugTrace(TRACE_PROC_LEAVE,("USAbortResetPipe: Leaving.. Status = 0x%x\n", Status));
|
|
return Status;
|
|
}
|
|
|
|
NTSTATUS
|
|
USPassThruUSBRequest(
|
|
IN PDEVICE_OBJECT pDeviceObject,
|
|
IN PIO_BLOCK_EX pIoBlockEx,
|
|
IN ULONG InLength,
|
|
IN ULONG OutLength
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
Implements generic pass-thru for vendor request to USBD
|
|
|
|
Arguments:
|
|
|
|
pDeviceObject - Device object
|
|
pIoBlockEx - Pointer to I/O block as described in USBSCAN.H, passed from user mode client
|
|
InLength - In length from IRP
|
|
OutLength - Out length from IRP
|
|
|
|
Return Value:
|
|
|
|
NTSTATUS type
|
|
|
|
--*/
|
|
{
|
|
NTSTATUS Status;
|
|
PUSBSCAN_DEVICE_EXTENSION pde;
|
|
PURB pUrb;
|
|
ULONG siz;
|
|
PVOID pBuffer;
|
|
BOOLEAN fDirectionIn;
|
|
|
|
PAGED_CODE();
|
|
|
|
DebugTrace(TRACE_PROC_ENTER,("USPassThruUSBRequest: Enter..\n"));
|
|
|
|
//
|
|
// Initialize local variable.
|
|
//
|
|
|
|
pde = (PUSBSCAN_DEVICE_EXTENSION)pDeviceObject -> DeviceExtension;
|
|
|
|
Status = STATUS_SUCCESS;
|
|
pUrb = NULL;
|
|
pBuffer = NULL;
|
|
fDirectionIn = TRUE;
|
|
|
|
//
|
|
// Allocate memory for URB
|
|
//
|
|
|
|
siz = sizeof(struct _URB_CONTROL_VENDOR_OR_CLASS_REQUEST);
|
|
pUrb = USAllocatePool(NonPagedPool, siz);
|
|
if (NULL == pUrb) {
|
|
DebugTrace(TRACE_CRITICAL,("USPassThruUSBRequest: ERROR!! cannot allocated URB\n"));
|
|
DEBUG_BREAKPOINT();
|
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
|
goto USPassThruUSBRequest_return;
|
|
}
|
|
|
|
RtlZeroMemory(pUrb, siz);
|
|
|
|
//
|
|
// Setup URB
|
|
//
|
|
|
|
pBuffer = pIoBlockEx;
|
|
|
|
//
|
|
// If we are writing data, then we need to make a copy of the
|
|
// register block into a non-paged block of memory before handing it off
|
|
// to usbd.
|
|
//
|
|
|
|
if (!pIoBlockEx->fTransferDirectionIn) {
|
|
|
|
DebugTrace(TRACE_STATUS,("USPassThruUSBRequest: Write request, allocating non-paged buffer, len = %d\n",pIoBlockEx->uLength));
|
|
|
|
fDirectionIn = FALSE;
|
|
|
|
if ( pIoBlockEx->uLength ) {
|
|
|
|
pBuffer = USAllocatePool(NonPagedPool, pIoBlockEx->uLength);
|
|
if (NULL == pBuffer) {
|
|
|
|
DebugTrace(TRACE_CRITICAL,("USPassThruUSBRequest: ERROR!! cannot allocate write buffer"));
|
|
DEBUG_BREAKPOINT();
|
|
|
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
|
goto USPassThruUSBRequest_return;
|
|
}
|
|
|
|
//
|
|
// Caller gives us a pointer, embedded into IOCTL buffer. We need to
|
|
// validate that given pointer is readable.
|
|
//
|
|
|
|
try{
|
|
RtlCopyMemory(pBuffer,
|
|
pIoBlockEx->pbyData,
|
|
pIoBlockEx->uLength);
|
|
|
|
} except(EXCEPTION_EXECUTE_HANDLER) {
|
|
|
|
//
|
|
// Caller buffer is not valid, or worse..
|
|
//
|
|
|
|
DebugTrace(TRACE_ERROR,("USPassThruUSBRequest: ERROR!! Copying caller buffer failed.\n"));
|
|
DEBUG_BREAKPOINT();
|
|
Status = GetExceptionCode();
|
|
|
|
goto USPassThruUSBRequest_return;
|
|
}
|
|
|
|
|
|
} else {
|
|
|
|
//
|
|
// Zero length buffer used for Write , IHV claim that's useful.
|
|
//
|
|
|
|
pBuffer = NULL;
|
|
} // if ( pIoBlockEx->uLength )
|
|
}
|
|
|
|
UsbBuildVendorClassSpecificCommand(pUrb,
|
|
pIoBlockEx->fTransferDirectionIn ? USBD_TRANSFER_DIRECTION_IN : 0,
|
|
pIoBlockEx->uLength,
|
|
pBuffer,
|
|
NULL,
|
|
pIoBlockEx->bmRequestType,
|
|
pIoBlockEx->bRequest,
|
|
(SHORT)pIoBlockEx->uOffset,
|
|
(USHORT)pIoBlockEx -> uIndex
|
|
);
|
|
|
|
Status = USBSCAN_CallUSBD(pDeviceObject, pUrb);
|
|
|
|
USPassThruUSBRequest_return:
|
|
|
|
//
|
|
// Clean up.
|
|
//
|
|
|
|
if(NULL != pUrb){
|
|
DebugTrace(TRACE_STATUS,("USPassThruUSBRequest: Free USB Request Block.\n"));
|
|
USFreePool(pUrb);
|
|
}
|
|
|
|
if( (!fDirectionIn)
|
|
&& (NULL != pBuffer) )
|
|
{
|
|
DebugTrace(TRACE_STATUS,("USPassThruUSBRequest: Free temp buffer.\n"));
|
|
USFreePool(pBuffer);
|
|
}
|
|
|
|
DebugTrace(TRACE_PROC_LEAVE,("USPassThruUSBRequest: Leaving.. Status = 0x%x\n", Status));
|
|
return Status;
|
|
|
|
}
|
|
|
|
NTSTATUS
|
|
USPassThruUSBRequestPTP(
|
|
IN PDEVICE_OBJECT pDeviceObject,
|
|
IN PIO_BLOCK_EX pIoBlockEx,
|
|
IN ULONG InLength,
|
|
IN ULONG OutLength
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
Implements generic pass-thru for vendor request to USBD
|
|
|
|
Arguments:
|
|
|
|
pDeviceObject - Device object
|
|
pIoBlockEx - Pointer to I/O block as described in USBSCAN.H, passed from user mode client
|
|
InLength - In length from IRP
|
|
OutLength - Out length from IRP
|
|
|
|
Return Value:
|
|
|
|
NTSTATUS type
|
|
|
|
--*/
|
|
{
|
|
NTSTATUS Status;
|
|
PUSBSCAN_DEVICE_EXTENSION pde;
|
|
PURB pUrb;
|
|
ULONG siz;
|
|
PVOID pBuffer;
|
|
BOOLEAN fDirectionIn;
|
|
USHORT usUsbFunction;
|
|
|
|
PAGED_CODE();
|
|
|
|
DebugTrace(TRACE_PROC_ENTER,("USPassThruUSBRequest: Enter..\n"));
|
|
|
|
//
|
|
// Initialize local variable.
|
|
//
|
|
|
|
pde = (PUSBSCAN_DEVICE_EXTENSION)pDeviceObject -> DeviceExtension;
|
|
|
|
Status = STATUS_SUCCESS;
|
|
pUrb = NULL;
|
|
pBuffer = NULL;
|
|
fDirectionIn = TRUE;
|
|
usUsbFunction = 0;
|
|
|
|
//
|
|
// Allocate memory for URB
|
|
//
|
|
|
|
siz = sizeof(struct _URB_CONTROL_VENDOR_OR_CLASS_REQUEST);
|
|
pUrb = USAllocatePool(NonPagedPool, siz);
|
|
if (NULL == pUrb) {
|
|
DebugTrace(TRACE_CRITICAL,("USPassThruUSBRequest: ERROR!! cannot allocated URB\n"));
|
|
DEBUG_BREAKPOINT();
|
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
|
goto USPassThruUSBRequest_return;
|
|
}
|
|
|
|
RtlZeroMemory(pUrb, siz);
|
|
|
|
//
|
|
// Setup URB
|
|
//
|
|
|
|
pBuffer = pIoBlockEx;
|
|
|
|
//
|
|
// If we are writing data, then we need to make a copy of the
|
|
// register block into a non-paged block of memory before handing it off
|
|
// to usbd.
|
|
//
|
|
|
|
if (!pIoBlockEx->fTransferDirectionIn) {
|
|
|
|
DebugTrace(TRACE_STATUS,("USPassThruUSBRequest: Write request, allocating non-paged buffer, len = %d\n",pIoBlockEx->uLength));
|
|
|
|
fDirectionIn = FALSE;
|
|
|
|
if ( pIoBlockEx->uLength ) {
|
|
|
|
pBuffer = USAllocatePool(NonPagedPool, pIoBlockEx->uLength);
|
|
if (NULL == pBuffer) {
|
|
|
|
DebugTrace(TRACE_CRITICAL,("USPassThruUSBRequest: ERROR!! cannot allocate write buffer"));
|
|
DEBUG_BREAKPOINT();
|
|
|
|
Status = STATUS_INSUFFICIENT_RESOURCES;
|
|
goto USPassThruUSBRequest_return;
|
|
}
|
|
|
|
//
|
|
// Caller gives us a pointer, embedded into IOCTL buffer. We need to
|
|
// validate that given pointer is readable.
|
|
//
|
|
|
|
try{
|
|
RtlCopyMemory(pBuffer,
|
|
pIoBlockEx->pbyData,
|
|
pIoBlockEx->uLength);
|
|
|
|
} except(EXCEPTION_EXECUTE_HANDLER) {
|
|
|
|
//
|
|
// Caller buffer is not valid, or worse..
|
|
//
|
|
|
|
DebugTrace(TRACE_ERROR,("USPassThruUSBRequest: ERROR!! Copying caller buffer failed.\n"));
|
|
DEBUG_BREAKPOINT();
|
|
Status = GetExceptionCode();
|
|
|
|
goto USPassThruUSBRequest_return;
|
|
}
|
|
|
|
|
|
} else {
|
|
|
|
//
|
|
// Zero length buffer used for Write , IHV claim that's useful.
|
|
//
|
|
|
|
pBuffer = NULL;
|
|
} // if ( pIoBlockEx->uLength )
|
|
}
|
|
|
|
//
|
|
// Set proper USB funtion depends on bmRequestType.
|
|
//
|
|
|
|
if(0xa1 == pIoBlockEx->bmRequestType){ // USB_PTPREQUEST_TYPE_IN: Class/Interface Device to Host.
|
|
usUsbFunction = URB_FUNCTION_CLASS_INTERFACE;
|
|
} else if(0x21 == pIoBlockEx->bmRequestType){ // USB_PTPREQUEST_TYPE_OUT: Class/Interface Host to Device.
|
|
usUsbFunction = URB_FUNCTION_CLASS_INTERFACE;
|
|
} else { // Default.
|
|
usUsbFunction = URB_FUNCTION_VENDOR_DEVICE;
|
|
}
|
|
|
|
UsbBuildVendorClassSpecificCommandPTP(usUsbFunction,
|
|
pUrb,
|
|
pIoBlockEx->fTransferDirectionIn ? USBD_TRANSFER_DIRECTION_IN : 0,
|
|
pIoBlockEx->uLength,
|
|
pBuffer,
|
|
NULL,
|
|
pIoBlockEx->bmRequestType,
|
|
pIoBlockEx->bRequest,
|
|
(SHORT)pIoBlockEx->uOffset,
|
|
(USHORT)pIoBlockEx -> uIndex);
|
|
|
|
Status = USBSCAN_CallUSBD(pDeviceObject, pUrb);
|
|
|
|
USPassThruUSBRequest_return:
|
|
|
|
//
|
|
// Clean up.
|
|
//
|
|
|
|
if(NULL != pUrb){
|
|
DebugTrace(TRACE_STATUS,("USPassThruUSBRequest: Free USB Request Block.\n"));
|
|
USFreePool(pUrb);
|
|
}
|
|
|
|
if( (!fDirectionIn)
|
|
&& (NULL != pBuffer) )
|
|
{
|
|
DebugTrace(TRACE_STATUS,("USPassThruUSBRequest: Free temp buffer.\n"));
|
|
USFreePool(pBuffer);
|
|
}
|
|
|
|
DebugTrace(TRACE_PROC_LEAVE,("USPassThruUSBRequest: Leaving.. Status = 0x%x\n", Status));
|
|
return Status;
|
|
|
|
} // USPassThruUSBRequestPTP()
|
|
|
|
|