projects / project / usbmode.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
add GPL v2+ SPDX header
[project/usbmode.git] / switch.c
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 #include <unistd.h>
3 #include "switch.h"
4
5 enum {
6 DATA_MODE,
7 DATA_MODEVAL,
8 DATA_MSG,
9 DATA_INTERFACE,
10 DATA_MSG_EP,
11 DATA_RES_EP,
12 DATA_RESPONSE,
13 DATA_RELEASE_DELAY,
14 DATA_CONFIG,
15 DATA_ALT,
16 DATA_DEV_CLASS,
17 __DATA_MAX
18 };
19
20 static void detach_driver(struct usbdev_data *data)
21 {
22 libusb_detach_kernel_driver(data->devh, data->interface);
23 }
24
25 struct msg_entry {
26 char *data;
27 int len;
28 };
29
30 static int send_msg(struct usbdev_data *data, struct msg_entry *msg)
31 {
32 int transferred;
33
34 return libusb_bulk_transfer(data->devh, data->msg_endpoint,
35 (void *) msg->data, msg->len,
36 &transferred, 3000);
37 }
38
39 static int read_response(struct usbdev_data *data, int len)
40 {
41 unsigned char *buf;
42 int ret, transferred;
43
44 if (len < 13)
45 len = 13;
46 buf = alloca(len);
47 ret = libusb_bulk_transfer(data->devh, data->response_endpoint,
48 buf, len, &transferred, 3000);
49 libusb_bulk_transfer(data->devh, data->response_endpoint,
50 buf, 13, &transferred, 100);
51 return ret;
52 }
53
54 static void send_messages(struct usbdev_data *data, struct msg_entry *msg, int n_msg)
55 {
56 int i, len;
57
58 libusb_claim_interface(data->devh, data->interface);
59 libusb_clear_halt(data->devh, data->msg_endpoint);
60
61 for (i = 0; i < n_msg; i++) {
62 if (send_msg(data, &msg[i])) {
63 fprintf(stderr, "Failed to send switch message\n");
64 continue;
65 }
66
67 if (!data->need_response)
68 continue;
69
70 if (!memcmp(msg[i].data, "\x55\x53\x42\x43", 4))
71 len = 13;
72 else
73 len = msg[i].len;
74
75 if (read_response(data, len))
76 return;
77 }
78
79 libusb_clear_halt(data->devh, data->msg_endpoint);
80 libusb_clear_halt(data->devh, data->response_endpoint);
81
82 usleep(200000);
83
84 if (data->release_delay)
85 usleep(data->release_delay * 1000);
86
87 libusb_release_interface(data->devh, data->interface);
88 return;
89 }
90
91 static void send_config_messages(struct usbdev_data *data, struct blob_attr *attr)
92 {
93 struct blob_attr *cur;
94 int rem, n_msg = 0;
95 struct msg_entry *msg;
96
97 blobmsg_for_each_attr(cur, attr, rem)
98 n_msg++;
99
100 msg = alloca(n_msg * sizeof(*msg));
101 n_msg = 0;
102 blobmsg_for_each_attr(cur, attr, rem) {
103 int msg_nr;
104
105 if (blobmsg_type(cur) != BLOBMSG_TYPE_INT32) {
106 fprintf(stderr, "Invalid data in message list\n");
107 return;
108 }
109
110 msg_nr = blobmsg_get_u32(cur);
111 if (msg_nr >= n_messages) {
112 fprintf(stderr, "Message index out of range!\n");
113 return;
114 }
115
116 msg[n_msg].data = messages[msg_nr];
117 msg[n_msg++].len = message_len[msg_nr];
118 }
119
120 send_messages(data, msg, n_msg);
121 }
122
123 static void handle_generic(struct usbdev_data *data, struct blob_attr **tb)
124 {
125 detach_driver(data);
126 send_config_messages(data, tb[DATA_MSG]);
127 }
128
129 static void send_control_packet(struct usbdev_data *data, uint8_t type, uint8_t req,
130 uint16_t val, uint16_t idx, int len)
131 {
132 unsigned char *buffer = alloca(len ? len : 1);
133
134 libusb_control_transfer(data->devh, type, req, val, idx, buffer, len, 1000);
135 }
136
137 static void handle_huawei(struct usbdev_data *data, struct blob_attr **tb)
138 {
139 int type = LIBUSB_REQUEST_TYPE_STANDARD | LIBUSB_RECIPIENT_DEVICE;
140 send_control_packet(data, type, LIBUSB_REQUEST_SET_FEATURE, 1, 0, 0);
141 }
142
143 static void handle_huaweinew(struct usbdev_data *data, struct blob_attr **tb)
144 {
145 static struct msg_entry msgs[] = {
146 {
147 "\x55\x53\x42\x43\x12\x34\x56\x78\x00\x00\x00\x00\x00\x00\x00\x11"
148 "\x06\x20\x00\x00\x01\x01\x00\x01\x00\x00\x00\x00\x00\x00\x00", 31
149 }
150 };
151
152 detach_driver(data);
153 data->need_response = false;
154 send_messages(data, msgs, ARRAY_SIZE(msgs));
155 }
156
157 static void handle_option(struct usbdev_data *data, struct blob_attr **tb)
158 {
159 static struct msg_entry msgs[] = {
160 {
161 "\x55\x53\x42\x43\x12\x34\x56\x78\x00\x00\x00\x00\x00\x00\x06\x01"
162 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 31
163 }
164 };
165
166 detach_driver(data);
167 data->need_response = false;
168 send_messages(data, msgs, ARRAY_SIZE(msgs));
169 }
170
171 static void handle_standardeject(struct usbdev_data *data, struct blob_attr **tb)
172 {
173 static struct msg_entry msgs[] = {
174 {
175 "\x55\x53\x42\x43\x12\x34\x56\x78\x00\x00\x00\x00\x00\x00\x06\x1e"
176 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 31
177 }, {
178 "\x55\x53\x42\x43\x12\x34\x56\x79\x00\x00\x00\x00\x00\x00\x06\x1b"
179 "\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 31
180 }, {
181 "\x55\x53\x42\x43\x12\x34\x56\x78\x00\x00\x00\x00\x00\x01\x06\x1e"
182 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 31
183 }, {
184 "\x55\x53\x42\x43\x12\x34\x56\x79\x00\x00\x00\x00\x00\x01\x06\x1b"
185 "\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 31
186 }
187 };
188
189 detach_driver(data);
190 data->need_response = true;
191 send_messages(data, msgs, ARRAY_SIZE(msgs));
192 }
193
194 static void handle_sierra(struct usbdev_data *data, struct blob_attr **tb)
195 {
196 int type = LIBUSB_REQUEST_TYPE_VENDOR | LIBUSB_RECIPIENT_DEVICE;
197 send_control_packet(data, type, LIBUSB_REQUEST_SET_INTERFACE, 1, 0, 0);
198 }
199
200 static void handle_sony(struct usbdev_data *data, struct blob_attr **tb)
201 {
202 int type = LIBUSB_REQUEST_TYPE_VENDOR | LIBUSB_ENDPOINT_IN;
203 int i;
204
205 detach_driver(data);
206 send_control_packet(data, type, 0x11, 2, 0, 3);
207
208 libusb_close(data->devh);
209 sleep(5);
210
211 for (i = 0; i < 25; i++) {
212 data->devh = libusb_open_device_with_vid_pid(usb,
213 data->desc.idVendor, data->desc.idProduct);
214 if (data->devh)
215 break;
216 }
217
218 send_control_packet(data, type, 0x11, 2, 0, 3);
219 }
220
221 static void handle_qisda(struct usbdev_data *data, struct blob_attr **tb)
222 {
223 static unsigned char buffer[] = "\x05\x8c\x04\x08\xa0\xee\x20\x00\x5c\x01\x04\x08\x98\xcd\xea\xbf";
224 int type = LIBUSB_REQUEST_TYPE_VENDOR | LIBUSB_RECIPIENT_DEVICE;
225
226 libusb_control_transfer(data->devh, type, 0x04, 0, 0, buffer, 16, 1000);
227 }
228
229 static void handle_gct(struct usbdev_data *data, struct blob_attr **tb)
230 {
231 int type = LIBUSB_REQUEST_TYPE_CLASS | LIBUSB_RECIPIENT_INTERFACE | LIBUSB_ENDPOINT_IN;
232
233 detach_driver(data);
234
235 if (libusb_claim_interface(data->devh, data->interface))
236 return;
237
238 send_control_packet(data, type, 0xa0, 0, data->interface, 1);
239 send_control_packet(data, type, 0xfe, 0, data->interface, 1);
240
241 libusb_release_interface(data->devh, data->interface);
242 }
243
244 static void handle_kobil(struct usbdev_data *data, struct blob_attr **tb)
245 {
246 int type = LIBUSB_REQUEST_TYPE_VENDOR | LIBUSB_RECIPIENT_DEVICE | LIBUSB_ENDPOINT_IN;
247
248 detach_driver(data);
249 send_control_packet(data, type, 0x88, 0, 0, 8);
250 }
251
252 static void handle_sequans(struct usbdev_data *data, struct blob_attr **tb)
253 {
254 int type = LIBUSB_REQUEST_TYPE_VENDOR | LIBUSB_RECIPIENT_DEVICE;
255 send_control_packet(data, type, LIBUSB_REQUEST_SET_INTERFACE, 2, 0, 0);
256 }
257
258 static void mobile_action_interrupt_msg(struct usbdev_data *data, void *msg, int n_in)
259 {
260 unsigned char *buf = alloca(8);
261 int ep_out = 0x02, ep_in = 0x81;
262 int transferred;
263 int i;
264
265 if (msg)
266 libusb_interrupt_transfer(data->devh, ep_out, msg, 8, &transferred, 1000);
267 for (i = 0; i < n_in; i++)
268 libusb_interrupt_transfer(data->devh, ep_in, buf, 8, &transferred, 1000);
269 }
270
271 static void handle_mobile_action(struct usbdev_data *data, struct blob_attr **tb)
272 {
273 int type = LIBUSB_REQUEST_TYPE_CLASS | LIBUSB_RECIPIENT_INTERFACE;
274 char *msg[] = {
275 "\xb0\x04\x00\x00\x02\x90\x26\x86",
276 "\x37\x01\xfe\xdb\xc1\x33\x1f\x83",
277 "\x37\x0e\xb5\x9d\x3b\x8a\x91\x51",
278 "\x34\x87\xba\x0d\xfc\x8a\x91\x51",
279 "\x37\x01\xfe\xdb\xc1\x33\x1f\x83",
280 "\x37\x0e\xb5\x9d\x3b\x8a\x91\x51",
281 "\x34\x87\xba\x0d\xfc\x8a\x91\x51",
282 "\x33\x04\xfe\x00\xf4\x6c\x1f\xf0",
283 "\x32\x07\xfe\xf0\x29\xb9\x3a\xf0"
284 };
285 int i;
286
287 for (i = 0; i < 2; i++)
288 libusb_control_transfer(data->devh, type, 0x09, 0x0300, 0, (void *) msg[0], 8, 1000);
289 mobile_action_interrupt_msg(data, NULL, 2);
290 mobile_action_interrupt_msg(data, msg[1], 1);
291 mobile_action_interrupt_msg(data, msg[2], 1);
292 mobile_action_interrupt_msg(data, msg[3], 63);
293 mobile_action_interrupt_msg(data, msg[4], 1);
294 mobile_action_interrupt_msg(data, msg[5], 1);
295 mobile_action_interrupt_msg(data, msg[6], 73);
296 mobile_action_interrupt_msg(data, msg[7], 1);
297 mobile_action_interrupt_msg(data, msg[8], 1);
298 }
299
300 static void handle_cisco(struct usbdev_data *data, struct blob_attr **tb)
301 {
302 static struct msg_entry msgs[] = {
303 {
304 "\x55\x53\x42\x43\xf8\x3b\xcd\x81\x00\x02\x00\x00\x80\x00\x0a\xfd"
305 "\x00\x00\x00\x03\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 31
306 }, {
307 "\x55\x53\x42\x43\x98\x43\x00\x82\x00\x02\x00\x00\x80\x00\x0a\xfd"
308 "\x00\x00\x00\x07\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 31
309 }, {
310 "\x55\x53\x42\x43\x98\x43\x00\x82\x00\x00\x00\x00\x00\x00\x0a\xfd"
311 "\x00\x01\x00\x07\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 31
312 }, {
313 "\x55\x53\x42\x43\x98\x43\x00\x82\x00\x02\x00\x00\x80\x00\x0a\xfd"
314 "\x00\x02\x00\x23\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 31
315 }, {
316 "\x55\x53\x42\x43\x98\x43\x00\x82\x00\x00\x00\x00\x00\x00\x0a\xfd"
317 "\x00\x03\x00\x23\x82\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 31
318 }, {
319 "\x55\x53\x42\x43\x98\x43\x00\x82\x00\x02\x00\x00\x80\x00\x0a\xfd"
320 "\x00\x02\x00\x26\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 31
321 }, {
322 "\x55\x53\x42\x43\x98\x43\x00\x82\x00\x00\x00\x00\x00\x00\x0a\xfd"
323 "\x00\x03\x00\x26\xc8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 31
324 }, {
325 "\x55\x53\x42\x43\xd8\x4c\x04\x82\x00\x02\x00\x00\x80\x00\x0a\xfd"
326 "\x00\x00\x10\x73\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 31
327 }, {
328 "\x55\x53\x42\x43\xd8\x4c\x04\x82\x00\x02\x00\x00\x80\x00\x0a\xfd"
329 "\x00\x02\x00\x24\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 31
330 }, {
331 "\x55\x53\x42\x43\xd8\x4c\x04\x82\x00\x00\x00\x00\x00\x00\x0a\xfd"
332 "\x00\x03\x00\x24\x13\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 31
333 }, {
334 "\x55\x53\x42\x43\xd8\x4c\x04\x82\x00\x00\x00\x00\x00\x00\x0a\xfd"
335 "\x00\x01\x10\x73\x24\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 31
336 }
337
338 };
339
340 detach_driver(data);
341 data->need_response = true;
342 send_messages(data, msgs, ARRAY_SIZE(msgs));
343 }
344
345 static void handle_mbim(struct usbdev_data *data, struct blob_attr **tb)
346 {
347 int j;
348
349 if (data->desc.bNumConfigurations < 2)
350 return;
351
352 for (j = 0; j < data->desc.bNumConfigurations; j++) {
353 struct libusb_config_descriptor *config;
354 int i;
355
356 libusb_get_config_descriptor(data->dev, j, &config);
357
358 for (i = 0; i < config->bNumInterfaces; i++) {
359 if (config->interface[i].altsetting[0].bInterfaceClass == 2) {
360 if (config->interface[i].altsetting[0].bInterfaceSubClass == 0x0e) {
361 struct libusb_config_descriptor *active;
362 int count = 5;
363
364 libusb_get_active_config_descriptor(data->dev, &active);
365 if (active->bConfigurationValue == config->bConfigurationValue)
366 return;
367 while ((libusb_set_configuration(data->devh, config->bConfigurationValue) < 0) && --count)
368 libusb_detach_kernel_driver(data->devh, active->interface[0].altsetting[0].bInterfaceNumber);
369
370 libusb_free_config_descriptor(config);
371 return;
372 }
373 }
374 }
375
376 libusb_free_config_descriptor(config);
377 }
378 }
379
380 static void handle_quanta(struct usbdev_data *data, struct blob_attr **tb)
381 {
382 int type = LIBUSB_REQUEST_TYPE_VENDOR | LIBUSB_RECIPIENT_DEVICE | LIBUSB_ENDPOINT_IN;
383
384 detach_driver(data);
385 send_control_packet(data, type, 0xff, 0, 0, 8);
386 }
387
388 static void handle_blackberry(struct usbdev_data *data, struct blob_attr **tb)
389 {
390 int type = LIBUSB_REQUEST_TYPE_VENDOR | LIBUSB_RECIPIENT_DEVICE | LIBUSB_ENDPOINT_IN;
391
392 detach_driver(data);
393 send_control_packet(data, type, 0xb1, 0x0000, 0, 8);
394 send_control_packet(data, type, 0xa9, 0x000e, 0, 8);
395 }
396
397 static void handle_pantech(struct usbdev_data *data, struct blob_attr **tb)
398 {
399 int type = LIBUSB_REQUEST_TYPE_VENDOR | LIBUSB_RECIPIENT_DEVICE | LIBUSB_ENDPOINT_OUT;
400 int val = 1;
401
402 if (tb[DATA_MODEVAL])
403 val = blobmsg_get_u32(tb[DATA_MODEVAL]);
404 detach_driver(data);
405 if (val > 1)
406 send_control_packet(data, type, 0x70, val, 0, 0);
407 }
408
409 static void set_alt_setting(struct usbdev_data *data, int setting)
410 {
411 if (libusb_claim_interface(data->devh, data->interface))
412 return;
413
414 libusb_set_interface_alt_setting(data->devh, data->interface, setting);
415 libusb_release_interface(data->devh, data->interface);
416 }
417
418 enum {
419 MODE_GENERIC,
420 MODE_HUAWEI,
421 MODE_HUAWEINEW,
422 MODE_SIERRA,
423 MODE_STDEJECT,
424 MODE_SONY,
425 MODE_QISDA,
426 MODE_GCT,
427 MODE_KOBIL,
428 MODE_SEQUANS,
429 MODE_MOBILE_ACTION,
430 MODE_CISCO,
431 MODE_MBIM,
432 MODE_OPTION,
433 MODE_QUANTA,
434 MODE_BLACKBERRY,
435 MODE_PANTECH,
436 __MODE_MAX
437 };
438
439 static const struct {
440 const char *name;
441 void (*cb)(struct usbdev_data *data, struct blob_attr **tb);
442 } modeswitch_cb[__MODE_MAX] = {
443 [MODE_GENERIC] = { "Generic", handle_generic },
444 [MODE_STDEJECT] = { "StandardEject", handle_standardeject },
445 [MODE_HUAWEI] = { "Huawei", handle_huawei },
446 [MODE_HUAWEINEW] = { "HuaweiNew", handle_huaweinew },
447 [MODE_SIERRA] = { "Sierra", handle_sierra },
448 [MODE_SONY] = { "Sony", handle_sony },
449 [MODE_QISDA] = { "Qisda", handle_qisda },
450 [MODE_GCT] = { "GCT", handle_gct },
451 [MODE_KOBIL] = { "Kobil", handle_kobil },
452 [MODE_SEQUANS] = { "Sequans", handle_sequans },
453 [MODE_MOBILE_ACTION] = { "MobileAction", handle_mobile_action },
454 [MODE_CISCO] = { "Cisco", handle_cisco },
455 [MODE_MBIM] = { "MBIM", handle_mbim },
456 [MODE_OPTION] = { "Option", handle_option },
457 [MODE_QUANTA] = { "Quanta", handle_quanta },
458 [MODE_BLACKBERRY] = { "Blackberry", handle_blackberry },
459 [MODE_PANTECH] = { "Pantech", handle_pantech },
460 };
461
462 void handle_switch(struct usbdev_data *data)
463 {
464 static const struct blobmsg_policy data_policy[__DATA_MAX] = {
465 [DATA_MODE] = { .name = "mode", .type = BLOBMSG_TYPE_STRING },
466 [DATA_MODEVAL] = { .name = "modeval", .type = BLOBMSG_TYPE_INT32 },
467 [DATA_MSG] = { .name = "msg", .type = BLOBMSG_TYPE_ARRAY },
468 [DATA_INTERFACE] = { .name = "interface", .type = BLOBMSG_TYPE_INT32 },
469 [DATA_MSG_EP] = { .name = "msg_endpoint", .type = BLOBMSG_TYPE_INT32 },
470 [DATA_RES_EP] = { .name = "response_endpoint", .type = BLOBMSG_TYPE_INT32 },
471 [DATA_RESPONSE] = { .name = "response", .type = BLOBMSG_TYPE_BOOL },
472 [DATA_CONFIG] = { .name = "config", .type = BLOBMSG_TYPE_INT32 },
473 [DATA_ALT] = { .name = "alt", .type = BLOBMSG_TYPE_INT32 },
474 [DATA_DEV_CLASS] = { .name = "t_class", .type = BLOBMSG_TYPE_INT32 },
475 };
476 struct blob_attr *tb[__DATA_MAX];
477 int mode = MODE_GENERIC;
478 int t_class = 0;
479
480 blobmsg_parse(data_policy, __DATA_MAX, tb, blobmsg_data(data->info), blobmsg_data_len(data->info));
481
482 if (tb[DATA_DEV_CLASS])
483 t_class = blobmsg_get_u32(tb[DATA_DEV_CLASS]);
484
485 if (tb[DATA_INTERFACE])
486 data->interface = blobmsg_get_u32(tb[DATA_INTERFACE]);
487
488 if (tb[DATA_MSG_EP])
489 data->msg_endpoint = blobmsg_get_u32(tb[DATA_MSG_EP]);
490
491 if (tb[DATA_RES_EP])
492 data->response_endpoint = blobmsg_get_u32(tb[DATA_RES_EP]);
493
494 if (tb[DATA_RELEASE_DELAY])
495 data->release_delay = blobmsg_get_u32(tb[DATA_RELEASE_DELAY]);
496
497 if (tb[DATA_RESPONSE])
498 data->need_response = blobmsg_get_bool(tb[DATA_RESPONSE]);
499
500 if (t_class > 0 && data->dev_class != t_class)
501 return;
502
503 if (tb[DATA_MODE]) {
504 const char *modestr;
505 int i;
506
507 modestr = blobmsg_data(tb[DATA_MODE]);
508 for (i = 0; i < __MODE_MAX; i++) {
509 if (strcmp(modeswitch_cb[i].name, modestr) != 0)
510 continue;
511
512 mode = i;
513 break;
514 }
515 }
516
517 modeswitch_cb[mode].cb(data, tb);
518
519 if (tb[DATA_CONFIG]) {
520 int config, config_new;
521
522 config_new = blobmsg_get_u32(tb[DATA_CONFIG]);
523 if (libusb_get_configuration(data->devh, &config) ||
524 config != config_new) {
525 libusb_set_configuration(data->devh, 0);
526 usleep(100000);
527 libusb_set_configuration(data->devh, config_new);
528 }
529 }
530
531 if (tb[DATA_ALT]) {
532 int new = blobmsg_get_u32(tb[DATA_ALT]);
533 set_alt_setting(data, new);
534 }
535 }
usbmode - usb_modeswitch replacement