void AndroidUsbPipeFileObject::OnEvtIoRead(WDFREQUEST request,
size_t length) {
ASSERT_IRQL_LOW_OR_DISPATCH();
// Make sure that this is an input pipe
if (is_output_pipe()) {
GoogleDbgPrint("\n!!!! Attempt to read from output pipe %p", this);
WdfRequestComplete(request, STATUS_ACCESS_DENIED);
return;
}
// Make sure zero length I/O doesn't go through
if (0 == length) {
WdfRequestCompleteWithInformation(request, STATUS_SUCCESS, 0);
return;
}
// Get MDL for this request.
PMDL request_mdl = NULL;
NTSTATUS status = WdfRequestRetrieveOutputWdmMdl(request, &request_mdl);
ASSERT(NT_SUCCESS(status) && (NULL != request_mdl));
if (NT_SUCCESS(status)) {
CommonBulkReadWrite(request,
request_mdl,
static_cast<ULONG>(length),
true,
0,
false);
} else {
WdfRequestComplete(request, status);
}
}
NTSTATUS GetTransferMdl(__in WDFREQUEST Request,
__in WDF_REQUEST_TYPE RequestType,
__out PMDL* wdmMdl)
{
return (RequestType == WdfRequestTypeWrite)
? WdfRequestRetrieveInputWdmMdl(Request, wdmMdl)
: WdfRequestRetrieveOutputWdmMdl(Request, wdmMdl);
}
void AndroidUsbPipeFileObject::OnCtlBulkRead(WDFREQUEST request,
size_t output_buf_len,
size_t input_buf_len) {
ASSERT_IRQL_LOW_OR_DISPATCH();
// Make sure that this is an input pipe
if (is_output_pipe()) {
GoogleDbgPrint("\n!!!! Attempt to IOCTL read from output pipe %p", this);
WdfRequestComplete(request, STATUS_ACCESS_DENIED);
return;
}
// Make sure zero length I/O doesn't go through
if (0 == output_buf_len) {
WdfRequestCompleteWithInformation(request, STATUS_SUCCESS, 0);
return;
}
// Verify buffers
ASSERT(input_buf_len >= sizeof(AdbBulkTransfer));
if (input_buf_len < sizeof(AdbBulkTransfer)) {
WdfRequestComplete(request, STATUS_INVALID_BUFFER_SIZE);
return;
}
// Get the input buffer
NTSTATUS status;
AdbBulkTransfer* transfer_param =
reinterpret_cast<AdbBulkTransfer*>(InAddress(request, &status));
ASSERT(NT_SUCCESS(status) && (NULL != transfer_param));
if (!NT_SUCCESS(status)) {
WdfRequestComplete(request, status);
return;
}
// Get MDL for this request.
PMDL request_mdl = NULL;
status = WdfRequestRetrieveOutputWdmMdl(request, &request_mdl);
ASSERT(NT_SUCCESS(status) && (NULL != request_mdl));
if (NT_SUCCESS(status)) {
// Perform the read
CommonBulkReadWrite(request,
request_mdl,
static_cast<ULONG>(output_buf_len),
true,
transfer_param->time_out,
true);
} else {
WdfRequestComplete(request, status);
}
}
/*++
Routine Description:
This callback is invoked when the framework received WdfRequestTypeRead or
WdfRequestTypeWrite request. This read/write is performed in stages of
MAX_TRANSFER_SIZE. Once a stage of transfer is complete, then the
request is circulated again, until the requested length of transfer is
performed.
Arguments:
Queue - Handle to the framework queue object that is associated
with the I/O request.
Request - Handle to a framework request object. This one represents
the WdfRequestTypeRead/WdfRequestTypeWrite IRP received by the framework.
Length - Length of the input/output buffer.
Return Value:
VOID
--*/
VOID ReadWriteBulkEndPoints(IN WDFQUEUE Queue, IN WDFREQUEST Request, IN ULONG Length, IN WDF_REQUEST_TYPE RequestType)
{
PMDL newMdl = NULL;
PMDL requestMdl = NULL;
PURB urb = NULL;
WDFMEMORY urbMemory;
ULONG totalLength = Length;
ULONG stageLength = 0;
ULONG urbFlags = 0;
NTSTATUS status;
ULONG_PTR virtualAddress = 0;
PREQUEST_CONTEXT rwContext = NULL;
PFILE_CONTEXT fileContext = NULL;
WDFUSBPIPE pipe;
WDF_USB_PIPE_INFORMATION pipeInfo;
WDF_OBJECT_ATTRIBUTES objectAttribs;
USBD_PIPE_HANDLE usbdPipeHandle;
PDEVICE_CONTEXT deviceContext;
WDF_REQUEST_SEND_OPTIONS sendOptions;
PSDrv_DbgPrint(3, ("ReadWriteBulkEndPoints - begins\n"));
// First validate input parameters.
deviceContext = GetDeviceContext(WdfIoQueueGetDevice(Queue));
if (totalLength > deviceContext->MaximumTransferSize)
{
PSDrv_DbgPrint(1, ("Transfer length (%d) is bigger then MaximumTransferSize (%d)!\n", totalLength, deviceContext->MaximumTransferSize));
status = STATUS_INVALID_PARAMETER;
goto Exit;
}
if ((RequestType != WdfRequestTypeRead) && (RequestType != WdfRequestTypeWrite))
{
PSDrv_DbgPrint(1, ("RequestType has to be either Read or Write! (RequestType = %d)\n", RequestType));
status = STATUS_INVALID_PARAMETER;
goto Exit;
}
// Get the pipe associate with this request.
fileContext = GetFileContext(WdfRequestGetFileObject(Request));
pipe = fileContext->Pipe;
WDF_USB_PIPE_INFORMATION_INIT(&pipeInfo);
WdfUsbTargetPipeGetInformation(pipe, &pipeInfo);
if((WdfUsbPipeTypeBulk != pipeInfo.PipeType) && (WdfUsbPipeTypeInterrupt != pipeInfo.PipeType))
{
PSDrv_DbgPrint(1, ("Usbd pipe type is not bulk or interrupt! (PipeType = %d)\n", pipeInfo.PipeType));
status = STATUS_INVALID_DEVICE_REQUEST;
goto Exit;
}
rwContext = GetRequestContext(Request);
if(RequestType == WdfRequestTypeRead)
{
status = WdfRequestRetrieveOutputWdmMdl(Request, &requestMdl);
if(!NT_SUCCESS(status))
{
PSDrv_DbgPrint(1, ("WdfRequestRetrieveOutputWdmMdl failed! (Status = %x)\n", status));
goto Exit;
}
urbFlags |= USBD_TRANSFER_DIRECTION_IN;
rwContext->Read = TRUE;
PSDrv_DbgPrint(3, ("This is a read operation...\n"));
}
else
{
status = WdfRequestRetrieveInputWdmMdl(Request, &requestMdl);
if(!NT_SUCCESS(status))
{
PSDrv_DbgPrint(1, ("WdfRequestRetrieveInputWdmMdl failed! (Status = %x)\n", status));
goto Exit;
}
urbFlags |= USBD_TRANSFER_DIRECTION_OUT;
rwContext->Read = FALSE;
PSDrv_DbgPrint(3, ("This is a write operation...\n"));
}
urbFlags |= USBD_SHORT_TRANSFER_OK;
virtualAddress = (ULONG_PTR) MmGetMdlVirtualAddress(requestMdl);
// The transfer request is for totalLength. We can perform a max of MAX_TRANSFER_SIZE in each stage.
if (totalLength > MAX_TRANSFER_SIZE)
{
stageLength = MAX_TRANSFER_SIZE;
}
else
{
stageLength = totalLength;
}
newMdl = IoAllocateMdl((PVOID)virtualAddress, totalLength, FALSE, FALSE, NULL);
if (newMdl == NULL)
{
PSDrv_DbgPrint(1, ("IoAllocateMdl failed! (newMdl is NULL)\n"));
status = STATUS_INSUFFICIENT_RESOURCES;
goto Exit;
}
// Map the portion of user-buffer described by an mdl to another mdl
IoBuildPartialMdl(requestMdl, newMdl, (PVOID)virtualAddress, stageLength);
WDF_OBJECT_ATTRIBUTES_INIT(&objectAttribs);
objectAttribs.ParentObject = Request;
status = WdfMemoryCreate(&objectAttribs, NonPagedPool, POOL_TAG, sizeof(struct _URB_BULK_OR_INTERRUPT_TRANSFER), &urbMemory, (PVOID*)&urb);
if (!NT_SUCCESS(status))
{
PSDrv_DbgPrint(1, ("WdfMemoryCreate for urbMemory failed! (Status = %x)\n", status));
status = STATUS_INSUFFICIENT_RESOURCES;
goto Exit;
}
usbdPipeHandle = WdfUsbTargetPipeWdmGetPipeHandle(pipe);
UsbBuildInterruptOrBulkTransferRequest(urb, sizeof(struct _URB_BULK_OR_INTERRUPT_TRANSFER), usbdPipeHandle, NULL, newMdl, stageLength, urbFlags, NULL);
status = WdfUsbTargetPipeFormatRequestForUrb(pipe, Request, urbMemory, NULL);
if (!NT_SUCCESS(status))
{
PSDrv_DbgPrint(1, ("WdfUsbTargetPipeFormatRequestForUrb failed! (Status = %x)\n", status));
status = STATUS_INSUFFICIENT_RESOURCES;
goto Exit;
}
WdfRequestSetCompletionRoutine(Request, ReadWriteCompletion, NULL);
// Set REQUEST_CONTEXT parameters.
rwContext->UrbMemory = urbMemory;
rwContext->Mdl = newMdl;
rwContext->Length = totalLength - stageLength;
rwContext->Numxfer = 0;
rwContext->VirtualAddress = virtualAddress + stageLength;
// Set the timeout
if (fileContext->nTimeOut != 0)
{
WDF_REQUEST_SEND_OPTIONS_INIT(&sendOptions, WDF_REQUEST_SEND_OPTION_TIMEOUT);
WDF_REQUEST_SEND_OPTIONS_SET_TIMEOUT(&sendOptions, WDF_REL_TIMEOUT_IN_MS(fileContext->nTimeOut));
PSDrv_DbgPrint(3, ("Pipe timeout is set to: %d\n", fileContext->nTimeOut));
if (!WdfRequestSend(Request, WdfUsbTargetPipeGetIoTarget(pipe), &sendOptions))
{
status = WdfRequestGetStatus(Request);
ASSERT(!NT_SUCCESS(status));
}
}
else
{
if (!WdfRequestSend(Request, WdfUsbTargetPipeGetIoTarget(pipe), WDF_NO_SEND_OPTIONS))
{
status = WdfRequestGetStatus(Request);
ASSERT(!NT_SUCCESS(status));
}
}
Exit:
if (!NT_SUCCESS(status))
{
WdfRequestCompleteWithInformation(Request, status, 0);
if (newMdl != NULL)
{
IoFreeMdl(newMdl);
}
}
PSDrv_DbgPrint(3, ("ReadWriteBulkEndPoints - ends\n"));
return;
}
/*++
Routine Description:
This is the completion routine for reads/writes
If the irp completes with success, we check if we
need to recirculate this irp for another stage of
transfer.
Arguments:
Context - Driver supplied context
Device - Device handle
Request - Request handle
Params - request completion params
Return Value:
None
--*/
VOID ReadWriteCompletion(IN WDFREQUEST Request, IN WDFIOTARGET Target, PWDF_REQUEST_COMPLETION_PARAMS CompletionParams, IN WDFCONTEXT Context)
{
PMDL requestMdl;
WDFUSBPIPE pipe;
ULONG stageLength;
NTSTATUS status;
PREQUEST_CONTEXT rwContext;
PURB urb;
PCHAR operation;
ULONG bytesReadWritten;
UNREFERENCED_PARAMETER(Context);
rwContext = GetRequestContext(Request);
PSDrv_DbgPrint(3, ("ReadWriteCompletion - begins\n"));
if (rwContext->Read)
{
operation = "Read";
}
else
{
operation = "Write";
}
pipe = (WDFUSBPIPE)Target;
status = CompletionParams->IoStatus.Status;
if (!NT_SUCCESS(status))
{
goto End;
}
urb = (PURB)WdfMemoryGetBuffer(rwContext->UrbMemory, NULL);
bytesReadWritten = urb->UrbBulkOrInterruptTransfer.TransferBufferLength;
rwContext->Numxfer += bytesReadWritten;
// If there is anything left to transfer.
if (rwContext->Length == 0)
{
// this is the last transfer
WdfRequestSetInformation(Request, rwContext->Numxfer);
goto End;
}
// Start another transfer
PSDrv_DbgPrint(3, ("Stage next %s transfer...\n", operation));
if (rwContext->Length > MAX_TRANSFER_SIZE)
{
stageLength = MAX_TRANSFER_SIZE;
}
else
{
stageLength = rwContext->Length;
}
// Following call is required to free any mapping made on the partial MDL and reset internal MDL state.
MmPrepareMdlForReuse(rwContext->Mdl);
if (rwContext->Read)
{
status = WdfRequestRetrieveOutputWdmMdl(Request, &requestMdl);
if(!NT_SUCCESS(status))
{
PSDrv_DbgPrint(1, ("WdfRequestRetrieveOutputWdmMdl for Read failed! (Status = %x)\n", status));
goto End;
}
}
else
{
status = WdfRequestRetrieveInputWdmMdl(Request, &requestMdl);
if(!NT_SUCCESS(status))
{
PSDrv_DbgPrint(1, ("WdfRequestRetrieveInputWdmMdl for Write failed! (Status = %x)\n", status));
goto End;
}
}
IoBuildPartialMdl(requestMdl, rwContext->Mdl, (PVOID)rwContext->VirtualAddress, stageLength);
// Reinitialize the urb
urb->UrbBulkOrInterruptTransfer.TransferBufferLength = stageLength;
rwContext->VirtualAddress += stageLength;
rwContext->Length -= stageLength;
// Format the request to send a URB to a USB pipe.
status = WdfUsbTargetPipeFormatRequestForUrb(pipe, Request, rwContext->UrbMemory, NULL);
if (!NT_SUCCESS(status))
{
PSDrv_DbgPrint(1, ("WdfUsbTargetPipeFormatRequestForUrb failed! (Status = %x)\n", status));
status = STATUS_INSUFFICIENT_RESOURCES;
goto End;
}
WdfRequestSetCompletionRoutine(Request, ReadWriteCompletion, NULL);
// Send the request asynchronously.
if (!WdfRequestSend(Request, WdfUsbTargetPipeGetIoTarget(pipe), WDF_NO_SEND_OPTIONS))
{
PSDrv_DbgPrint(1, ("WdfRequestSend for %s failed!\n", operation));
status = WdfRequestGetStatus(Request);
goto End;
}
// Else when the request completes, this completion routine will be called again.
PSDrv_DbgPrint(3, ("ReadWriteCompletion - ends 1\n"));
return;
End:
// Dump the request context, complete the request and return.
PSDrv_DbgPrint(3, ("rwContext->UrbMemory = %p\n", rwContext->UrbMemory));
PSDrv_DbgPrint(3, ("rwContext->Mdl = %p\n", rwContext->Mdl));
PSDrv_DbgPrint(3, ("rwContext->Length = %d\n", rwContext->Length));
PSDrv_DbgPrint(3, ("rwContext->Numxfer = %d\n", rwContext->Numxfer));
PSDrv_DbgPrint(3, ("rwContext->VirtualAddress = %p\n", rwContext->VirtualAddress));
IoFreeMdl(rwContext->Mdl);
PSDrv_DbgPrint(3, ("Bulk or Interrupt %s request has finished. (Status = %x)\n", operation, status));
WdfRequestComplete(Request, status);
PSDrv_DbgPrint(3, ("ReadWriteCompletion - ends 2\n"));
return;
}
VOID
ReadWriteBulkEndPoints(
_In_ WDFQUEUE Queue,
_In_ WDFREQUEST Request,
_In_ ULONG Length,
_In_ WDF_REQUEST_TYPE RequestType
)
/*++
Routine Description:
This callback is invoked when the framework received WdfRequestTypeRead or
WdfRequestTypeWrite request. This read/write is performed in stages of
maximum transfer size. Once a stage of transfer is complete, then the
request is circulated again, until the requested length of transfer is
performed.
Arguments:
Queue - Handle to the framework queue object that is associated
with the I/O request.
Request - Handle to a framework request object. This one represents
the WdfRequestTypeRead/WdfRequestTypeWrite IRP received by the framework.
Length - Length of the input/output buffer.
Return Value:
VOID
--*/
{
PMDL newMdl=NULL, requestMdl = NULL;
PURB urb = NULL;
WDFMEMORY urbMemory;
ULONG totalLength = Length;
ULONG stageLength = 0;
ULONG urbFlags = 0;
NTSTATUS status;
ULONG_PTR virtualAddress = 0;
PREQUEST_CONTEXT rwContext = NULL;
PFILE_CONTEXT fileContext = NULL;
WDFUSBPIPE pipe;
WDF_USB_PIPE_INFORMATION pipeInfo;
WDF_OBJECT_ATTRIBUTES objectAttribs;
USBD_PIPE_HANDLE usbdPipeHandle;
PDEVICE_CONTEXT deviceContext;
ULONG maxTransferSize;
PPIPE_CONTEXT pipeContext;
UsbSamp_DbgPrint(3, ("UsbSamp_DispatchReadWrite - begins\n"));
//
// First validate input parameters.
//
deviceContext = GetDeviceContext(WdfIoQueueGetDevice(Queue));
if (totalLength > deviceContext->MaximumTransferSize) {
UsbSamp_DbgPrint(1, ("Transfer length > circular buffer\n"));
status = STATUS_INVALID_PARAMETER;
goto Exit;
}
if ((RequestType != WdfRequestTypeRead) &&
(RequestType != WdfRequestTypeWrite)) {
UsbSamp_DbgPrint(1, ("RequestType has to be either Read or Write\n"));
status = STATUS_INVALID_PARAMETER;
goto Exit;
}
//
// Get the pipe associate with this request.
//
fileContext = GetFileContext(WdfRequestGetFileObject(Request));
pipe = fileContext->Pipe;
pipeContext = GetPipeContext(pipe);
WDF_USB_PIPE_INFORMATION_INIT(&pipeInfo);
WdfUsbTargetPipeGetInformation(pipe, &pipeInfo);
if ((WdfUsbPipeTypeBulk != pipeInfo.PipeType) &&
(WdfUsbPipeTypeInterrupt != pipeInfo.PipeType)) {
UsbSamp_DbgPrint(1, ("Usbd pipe type is not bulk or interrupt\n"));
status = STATUS_INVALID_DEVICE_REQUEST;
goto Exit;
}
rwContext = GetRequestContext(Request);
if (RequestType == WdfRequestTypeRead) {
status = WdfRequestRetrieveOutputWdmMdl(Request, &requestMdl);
if (!NT_SUCCESS(status)){
UsbSamp_DbgPrint(1, ("WdfRequestRetrieveOutputWdmMdl failed %x\n", status));
goto Exit;
}
urbFlags |= USBD_TRANSFER_DIRECTION_IN;
rwContext->Read = TRUE;
UsbSamp_DbgPrint(3, ("Read operation\n"));
}
else {
status = WdfRequestRetrieveInputWdmMdl(Request, &requestMdl);
if (!NT_SUCCESS(status)){
UsbSamp_DbgPrint(1, ("WdfRequestRetrieveInputWdmMdl failed %x\n", status));
goto Exit;
}
urbFlags |= USBD_TRANSFER_DIRECTION_OUT;
rwContext->Read = FALSE;
UsbSamp_DbgPrint(3, ("Write operation\n"));
}
urbFlags |= USBD_SHORT_TRANSFER_OK;
virtualAddress = (ULONG_PTR) MmGetMdlVirtualAddress(requestMdl);
//
// The transfer request is for totalLength.
// We can perform a max of maxTransfersize in each stage.
//
maxTransferSize = GetMaxTransferSize(pipe, deviceContext);
if (totalLength > maxTransferSize) {
stageLength = maxTransferSize;
}
else {
stageLength = totalLength;
}
newMdl = IoAllocateMdl((PVOID) virtualAddress,
totalLength,
FALSE,
FALSE,
NULL);
if (newMdl == NULL) {
UsbSamp_DbgPrint(1, ("Failed to alloc mem for mdl\n"));
status = STATUS_INSUFFICIENT_RESOURCES;
goto Exit;
}
//
// map the portion of user-buffer described by an mdl to another mdl
//
IoBuildPartialMdl(requestMdl,
newMdl,
(PVOID) virtualAddress,
stageLength);
WDF_OBJECT_ATTRIBUTES_INIT(&objectAttribs);
objectAttribs.ParentObject = Request;
status = WdfUsbTargetDeviceCreateUrb(deviceContext->WdfUsbTargetDevice,
&objectAttribs,
&urbMemory,
&urb);
if (!NT_SUCCESS(status)) {
UsbSamp_DbgPrint(1, ("WdfUsbTargetDeviceCreateUrb failed %x\n", status));
goto Exit;
}
#if (NTDDI_VERSION >= NTDDI_WIN8)
if(WdfUsbPipeTypeBulk == pipeInfo.PipeType &&
pipeContext->StreamConfigured == TRUE) {
//
// For super speed bulk pipe with streams, we specify one of its associated
// usbd pipe handles to format an URB for sending or receiving data.
// The usbd pipe handle is returned by the HCD via sucessful open-streams request
//
usbdPipeHandle = GetStreamPipeHandleFromBulkPipe(pipe);
}
else {
usbdPipeHandle = WdfUsbTargetPipeWdmGetPipeHandle(pipe);
}
#else
usbdPipeHandle = WdfUsbTargetPipeWdmGetPipeHandle(pipe);
#endif
UsbBuildInterruptOrBulkTransferRequest(urb,
sizeof(struct _URB_BULK_OR_INTERRUPT_TRANSFER),
usbdPipeHandle,
NULL,
newMdl,
stageLength,
urbFlags,
NULL);
status = WdfUsbTargetPipeFormatRequestForUrb(pipe, Request, urbMemory, NULL );
if (!NT_SUCCESS(status)) {
UsbSamp_DbgPrint(1, ("Failed to format requset for urb\n"));
status = STATUS_INSUFFICIENT_RESOURCES;
goto Exit;
}
WdfRequestSetCompletionRoutine(Request, UsbSamp_EvtReadWriteCompletion, deviceContext);
//
// set REQUEST_CONTEXT parameters.
//
rwContext->UrbMemory = urbMemory;
rwContext->Mdl = newMdl;
rwContext->Length = totalLength - stageLength;
rwContext->Numxfer = 0;
rwContext->VirtualAddress = virtualAddress + stageLength;
if (!WdfRequestSend(Request, WdfUsbTargetPipeGetIoTarget(pipe), WDF_NO_SEND_OPTIONS)) {
status = WdfRequestGetStatus(Request);
NT_ASSERT(!NT_SUCCESS(status));
}
Exit:
if (!NT_SUCCESS(status)) {
WdfRequestCompleteWithInformation(Request, status, 0);
if (newMdl != NULL) {
IoFreeMdl(newMdl);
}
}
UsbSamp_DbgPrint(3, ("UsbSamp_DispatchReadWrite - ends\n"));
return;
}
VOID
UsbSamp_EvtReadWriteCompletion(
_In_ WDFREQUEST Request,
_In_ WDFIOTARGET Target,
PWDF_REQUEST_COMPLETION_PARAMS CompletionParams,
_In_ WDFCONTEXT Context
)
/*++
Routine Description:
This is the completion routine for reads/writes
If the irp completes with success, we check if we
need to recirculate this irp for another stage of
transfer.
Arguments:
Context - Driver supplied context
Device - Device handle
Request - Request handle
Params - request completion params
Return Value:
None
--*/
{
PMDL requestMdl;
WDFUSBPIPE pipe;
ULONG stageLength;
NTSTATUS status;
PREQUEST_CONTEXT rwContext;
PURB urb;
PCHAR operation;
ULONG bytesReadWritten;
ULONG maxTransferSize;
PDEVICE_CONTEXT deviceContext;
rwContext = GetRequestContext(Request);
deviceContext = Context;
if (rwContext->Read) {
operation = "Read";
}
else {
operation = "Write";
}
pipe = (WDFUSBPIPE) Target ;
status = CompletionParams->IoStatus.Status;
if (!NT_SUCCESS(status)){
//
// Queue a workitem to reset the pipe because the completion could be
// running at DISPATCH_LEVEL.
//
QueuePassiveLevelCallback(WdfIoTargetGetDevice(Target), pipe);
goto End;
}
urb = (PURB) WdfMemoryGetBuffer(rwContext->UrbMemory, NULL);
bytesReadWritten = urb->UrbBulkOrInterruptTransfer.TransferBufferLength;
rwContext->Numxfer += bytesReadWritten;
//
// If there is anything left to transfer.
//
if (rwContext->Length == 0) {
//
// this is the last transfer
//
WdfRequestSetInformation(Request, rwContext->Numxfer);
goto End;
}
//
// Start another transfer
//
UsbSamp_DbgPrint(3, ("Stage next %s transfer...\n", operation));
//
// The transfer request is for totalLength.
// We can perform a max of maxTransfersize in each stage.
//
maxTransferSize = GetMaxTransferSize(pipe, deviceContext);
if (rwContext->Length > maxTransferSize) {
stageLength = maxTransferSize;
}
else {
stageLength = rwContext->Length;
}
//
// Following call is required to free any mapping made on the partial MDL
// and reset internal MDL state.
//
MmPrepareMdlForReuse(rwContext->Mdl);
if (rwContext->Read) {
status = WdfRequestRetrieveOutputWdmMdl(Request, &requestMdl);
if (!NT_SUCCESS(status)){
UsbSamp_DbgPrint(1, ("WdfRequestRetrieveOutputWdmMdl for Read failed %x\n", status));
goto End;
}
}
else {
status = WdfRequestRetrieveInputWdmMdl(Request, &requestMdl);
if (!NT_SUCCESS(status)){
UsbSamp_DbgPrint(1, ("WdfRequestRetrieveInputWdmMdl for Write failed %x\n", status));
goto End;
}
}
IoBuildPartialMdl(requestMdl,
rwContext->Mdl,
(PVOID) rwContext->VirtualAddress,
stageLength);
//
// reinitialize the urb
//
urb->UrbBulkOrInterruptTransfer.TransferBufferLength = stageLength;
rwContext->VirtualAddress += stageLength;
rwContext->Length -= stageLength;
//
// Format the request to send a URB to a USB pipe.
//
status = WdfUsbTargetPipeFormatRequestForUrb(pipe,
Request,
rwContext->UrbMemory,
NULL);
if (!NT_SUCCESS(status)) {
UsbSamp_DbgPrint(1, ("Failed to format requset for urb\n"));
status = STATUS_INSUFFICIENT_RESOURCES;
goto End;
}
WdfRequestSetCompletionRoutine(Request, UsbSamp_EvtReadWriteCompletion, deviceContext);
//
// Send the request asynchronously.
//
if (!WdfRequestSend(Request, WdfUsbTargetPipeGetIoTarget(pipe), WDF_NO_SEND_OPTIONS)) {
UsbSamp_DbgPrint(1, ("WdfRequestSend for %s failed\n", operation));
status = WdfRequestGetStatus(Request);
goto End;
}
//
// Else when the request completes, this completion routine will be
// called again.
//
return;
End:
//
// We are here because the request failed or some other call failed.
// Dump the request context, complete the request and return.
//
DbgPrintRWContext(rwContext);
IoFreeMdl(rwContext->Mdl);
UsbSamp_DbgPrint(3, ("%s request completed with status 0x%x\n",
operation, status));
WdfRequestComplete(Request, status);
return;
}
VOID
MarsEvtIoRead (
WDFQUEUE Queue,
WDFREQUEST Request,
size_t Length
)
/*++
Routine Description:
This event is called when the framework receives IRP_MJ_READ requests.
Arguments:
Queue - Handle to the framework queue object that is associated with the
I/O request.
Request - Handle to a framework request object.
Lenght - Length of the data buffer associated with the request.
The default property of the queue is to not dispatch
zero lenght read & write requests to the driver and
complete is with status success. So we will never get
a zero length request.
Return Value:
None.
--*/
{
WDFDEVICE device;
PFDO_DATA fdoData;
PMDL mdlAddress;
WDF_REQUEST_PARAMETERS parameters;
NTSTATUS status;
ULONG bytesRead;
device = WdfIoQueueGetDevice(Queue);
fdoData = MarsFdoGetData(device);
status = WdfRequestRetrieveOutputWdmMdl(Request,&mdlAddress);
if (!NT_SUCCESS(status)) {
WdfRequestComplete(Request, status);
return;
}
WDF_REQUEST_PARAMETERS_INIT(¶meters);
WdfRequestGetParameters(Request, ¶meters);
status = SdioReadWriteBuffer(device,
fdoData->FunctionFocus,
mdlAddress,
(ULONG)parameters.Parameters.Read.DeviceOffset,
(ULONG)parameters.Parameters.Read.Length,
FALSE,
&bytesRead);
WdfRequestCompleteWithInformation(Request, status, bytesRead);
return;
}
//-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.- DtuShBufferIoctl -.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
//
DtStatus DtuShBufferIoctl(
DtuDeviceData* pDvcData,
DtFileObject* pFile,
DtIoctlObject* pIoctl)
{
DtStatus Status = DT_STATUS_OK;
char* pIoctlStr; // Mnemonic string for Command
UInt InReqSize = 0; // Required length of input buffer
UInt OutReqSize = 0; // Required length of output buffer
Int Index;
DtuShBuffer* pShBuffer = NULL;
DtuIoctlShBufCmdInput* pShBufCmdInput =
(DtuIoctlShBufCmdInput*)pIoctl->m_pInputBuffer;
InReqSize = OFFSETOF(DtuIoctlShBufCmdInput, m_Data);
// Check if we can read m_Cmd
if (pIoctl->m_InputBufferSize < OFFSETOF(DtuIoctlShBufCmdInput, m_Data))
return DT_STATUS_INVALID_PARAMETER;
switch (pShBufCmdInput->m_Cmd)
{
case DTU_SH_BUF_CMD_INIT:
pIoctlStr = "DTU_SH_BUF_CMD_INIT";
InReqSize += sizeof(DtuIoctlShBufCmdInitInput);
// We expect an output buffer size, but will be checked later
OutReqSize = 0;
break;
case DTU_SH_BUF_CMD_CLOSE:
pIoctlStr = "DTU_HP_BUF_CMD_CLOSE";
// We expect no output buffer
OutReqSize = 0;
break;
default:
pIoctlStr = "??UNKNOWN VPDCMD CODE??";
Status = DT_STATUS_NOT_SUPPORTED;
}
if (DT_SUCCESS(Status))
{
// Check buffer sizes
if (pIoctl->m_InputBufferSize < InReqSize)
{
DtDbgOut(ERR, SHBUF, "%s: INPUT BUFFER TOO SMALL Size=%d Req=%d", pIoctlStr,
pIoctl->m_InputBufferSize, InReqSize);
return DT_STATUS_INVALID_PARAMETER;
}
if (pIoctl->m_OutputBufferSize < OutReqSize)
{
DtDbgOut(ERR, SHBUF, "%s: OUTPUT BUFFER TOO SMALL Size=%d Req=%d", pIoctlStr,
pIoctl->m_OutputBufferSize, OutReqSize);
return DT_STATUS_INVALID_PARAMETER;
}
DtDbgOut(MAX, SHBUF, "%s: In=%d (Rq=%d), Out=%d (Rq=%d)", pIoctlStr,
pIoctl->m_InputBufferSize, InReqSize, pIoctl->m_OutputBufferSize, OutReqSize);
}
if (pShBufCmdInput->m_BufferIndex != 0)
{
DtDbgOut(ERR, SHBUF, "%s: OUTPUT BUFFER TOO SMALL Size=%d Req=%d", pIoctlStr,
pIoctl->m_OutputBufferSize, OutReqSize);
return DT_STATUS_INVALID_PARAMETER;
}
// The bytes written will be updated if needed. Set the default value here.
pIoctl->m_OutputBufferBytesWritten = OutReqSize;
// Lookup the shared buffer structure
// Check if the PortIndex is from the NonIpPort
Status = DtuGetNonIpPortIndex(pDvcData, pShBufCmdInput->m_PortIndex, &Index);
if (!DT_SUCCESS(Status))
return DT_STATUS_NOT_FOUND;
pShBuffer = &pDvcData->m_pNonIpPorts[Index].m_SharedBuffer;
if (DT_SUCCESS(Status))
{
switch (pShBufCmdInput->m_Cmd)
{
case DTU_SH_BUF_CMD_INIT:
{
char* pBuffer;
UInt Size;
DtPageList* pPageList = NULL;
#if defined(WINBUILD)
DtPageList PageList;
PMDL pMdl;
NTSTATUS NtStatus;
// Retrieve MDL and virtual buffer from request object
NtStatus = WdfRequestRetrieveOutputWdmMdl(pIoctl->m_WdfRequest, &pMdl);
if (NtStatus != STATUS_SUCCESS)
{
DtDbgOut(ERR, SHBUF, "WdfRequestRetrieveOutputWdmMdl error: %08x",
NtStatus);
Status = DT_STATUS_OUT_OF_RESOURCES;
}
if (DT_SUCCESS(Status))
{
pBuffer = MmGetMdlVirtualAddress(pMdl);
if (pBuffer == NULL)
{
DtDbgOut(ERR, SHBUF, "DTU_SH_BUF_CMD_INIT: DT_STATUS_OUT_OF_MEMORY");
Status = DT_STATUS_OUT_OF_MEMORY;
}
Size = MmGetMdlByteCount(pMdl);
// Build pagelist object for user space buffer
pPageList = &PageList;
pPageList->m_BufType = DT_BUFTYPE_USER;
pPageList->m_OwnedByOs = TRUE;
pPageList->m_pMdl = pMdl;
pPageList->m_pVirtualKernel = NULL;
}
#else // LINBUILD
Size = (UInt)pShBufCmdInput->m_Data.m_Init.m_BufferSize;
#if defined(LIN32)
pBuffer = (char*)(UInt32)pShBufCmdInput->m_Data.m_Init.m_BufferAddr;
#else
pBuffer = (char*)(UInt64)pShBufCmdInput->m_Data.m_Init.m_BufferAddr;
#endif
#endif
if (DT_SUCCESS(Status))
{
Status = DtuShBufferInit(pShBufCmdInput, pFile, pPageList, pBuffer,
Size, DT_BUFTYPE_USER, pShBuffer);
if (!DT_SUCCESS(Status))
DtDbgOut(ERR, SHBUF, "DtuShBufferInit failed");
}
}
break;
case DTU_SH_BUF_CMD_CLOSE:
if (pDvcData->m_pNonIpPorts!=NULL &&
pDvcData->m_pNonIpPorts[0].m_State==DTU3_STATE_READ351)
{
pDvcData->m_pNonIpPorts[0].m_NextState = DTU3_STATE_DET_VIDSTD;
DtEventSet(&pDvcData->m_pNonIpPorts[0].m_StateChanged);
DtEventWait(&pDvcData->m_pNonIpPorts[0].m_StateChangeCmpl, -1);
}
else if (pDvcData->m_pNonIpPorts!=NULL &&
pDvcData->m_pNonIpPorts[0].m_State==DTU3_STATE_WRITE315)
{
pDvcData->m_pNonIpPorts[0].m_NextState = DTU3_STATE_IDLE;
DtEventSet(&pDvcData->m_pNonIpPorts[0].m_StateChanged);
DtEventWait(&pDvcData->m_pNonIpPorts[0].m_StateChangeCmpl, -1);
}
Status = DtuShBufferClose(pShBuffer);
break;
default:
Status = DT_STATUS_NOT_SUPPORTED;
}
}
// If we failed, no data has te be copied to user space
if (!DT_SUCCESS(Status))
{
pIoctl->m_OutputBufferBytesWritten = 0;
if (Status == DT_STATUS_NOT_SUPPORTED)
DtDbgOut(MIN, SHBUF, "ShBufCmd=0x%x: NOT SUPPORTED", pShBufCmdInput->m_Cmd);
}
return Status;
}
static VOID UsbChief_ReadEndPoint(IN WDFQUEUE Queue, IN WDFREQUEST Request,
IN ULONG totalLength)
{
PMDL newMdl=NULL, requestMdl = NULL;
PURB urb = NULL;
WDFMEMORY urbMemory;
ULONG stageLength = 0;
NTSTATUS status;
ULONG_PTR virtualAddress = 0;
PREQUEST_CONTEXT rwContext = NULL;
PFILE_CONTEXT fileContext = NULL;
WDFUSBPIPE pipe;
WDF_USB_PIPE_INFORMATION pipeInfo;
WDF_OBJECT_ATTRIBUTES objectAttribs;
USBD_PIPE_HANDLE usbdPipeHandle;
PDEVICE_CONTEXT deviceContext;
UsbChief_DbgPrint(DEBUG_RW, ("UsbChief_DispatchReadWrite - begins\n"));
deviceContext = GetDeviceContext(WdfIoQueueGetDevice(Queue));
fileContext = GetFileContext(WdfRequestGetFileObject(Request));
pipe = fileContext->Pipe;
WDF_USB_PIPE_INFORMATION_INIT(&pipeInfo);
WdfUsbTargetPipeGetInformation(pipe, &pipeInfo);
rwContext = GetRequestContext(Request);
status = WdfRequestRetrieveOutputWdmMdl(Request, &requestMdl);
if(!NT_SUCCESS(status)){
UsbChief_DbgPrint(0, ("WdfRequestRetrieveOutputWdmMdl failed %x\n", status));
goto Exit;
}
virtualAddress = (ULONG_PTR) MmGetMdlVirtualAddress(requestMdl);
if (totalLength > MAX_TRANSFER_SIZE)
stageLength = MAX_TRANSFER_SIZE;
else
stageLength = totalLength;
newMdl = IoAllocateMdl((PVOID) virtualAddress, totalLength,
FALSE, FALSE, NULL);
if (!newMdl) {
UsbChief_DbgPrint(0, ("Failed to alloc mem for mdl\n"));
status = STATUS_INSUFFICIENT_RESOURCES;
goto Exit;
}
IoBuildPartialMdl(requestMdl, newMdl, (PVOID)virtualAddress,
stageLength);
WDF_OBJECT_ATTRIBUTES_INIT(&objectAttribs);
objectAttribs.ParentObject = Request;
status = WdfMemoryCreate(&objectAttribs,
NonPagedPool,
POOL_TAG,
sizeof(struct _URB_BULK_OR_INTERRUPT_TRANSFER),
&urbMemory,
(PVOID*) &urb);
if (!NT_SUCCESS(status)) {
UsbChief_DbgPrint(0, ("Failed to alloc mem for urb\n"));
status = STATUS_INSUFFICIENT_RESOURCES;
goto Exit;
}
usbdPipeHandle = WdfUsbTargetPipeWdmGetPipeHandle(pipe);
UsbBuildInterruptOrBulkTransferRequest(urb,
sizeof(struct _URB_BULK_OR_INTERRUPT_TRANSFER),
usbdPipeHandle,
NULL,
newMdl,
stageLength,
USBD_TRANSFER_DIRECTION_IN |
USBD_SHORT_TRANSFER_OK,
NULL);
status = WdfUsbTargetPipeFormatRequestForUrb(pipe, Request, urbMemory, NULL );
if (!NT_SUCCESS(status)) {
UsbChief_DbgPrint(0, ("Failed to format requset for urb\n"));
status = STATUS_INSUFFICIENT_RESOURCES;
goto Exit;
}
WdfRequestSetCompletionRoutine(Request, UsbChief_ReadCompletion, NULL);
rwContext->UrbMemory = urbMemory;
rwContext->Mdl = newMdl;
rwContext->Length = totalLength - stageLength;
rwContext->Numxfer = 0;
rwContext->VirtualAddress = virtualAddress + stageLength;
if (!WdfRequestSend(Request, WdfUsbTargetPipeGetIoTarget(pipe), WDF_NO_SEND_OPTIONS)) {
status = WdfRequestGetStatus(Request);
ASSERT(!NT_SUCCESS(status));
}
Exit:
if (!NT_SUCCESS(status)) {
WdfRequestCompleteWithInformation(Request, status, 0);
if (newMdl != NULL) {
IoFreeMdl(newMdl);
}
}
}
static VOID UsbChief_ReadCompletion(IN WDFREQUEST Request, IN WDFIOTARGET Target,
PWDF_REQUEST_COMPLETION_PARAMS CompletionParams,
IN WDFCONTEXT Context)
{
PMDL requestMdl;
WDFUSBPIPE pipe;
ULONG stageLength;
NTSTATUS status;
PREQUEST_CONTEXT rwContext;
PURB urb;
ULONG bytesRead;
UNREFERENCED_PARAMETER(Context);
rwContext = GetRequestContext(Request);
pipe = (WDFUSBPIPE)Target;
status = CompletionParams->IoStatus.Status;
if (!NT_SUCCESS(status)){
UsbChief_QueuePassiveLevelCallback(WdfIoTargetGetDevice(Target), pipe);
goto End;
}
urb = (PURB) WdfMemoryGetBuffer(rwContext->UrbMemory, NULL);
bytesRead = urb->UrbBulkOrInterruptTransfer.TransferBufferLength;
rwContext->Numxfer += bytesRead;
if (rwContext->Length == 0) {
WdfRequestSetInformation(Request, rwContext->Numxfer);
goto End;
}
if (rwContext->Length > MAX_TRANSFER_SIZE)
stageLength = MAX_TRANSFER_SIZE;
else
stageLength = rwContext->Length;
UsbChief_DbgPrint(DEBUG_RW, ("Stage next Read transfer... %d bytes remaing\n", rwContext->Length));
MmPrepareMdlForReuse(rwContext->Mdl);
status = WdfRequestRetrieveOutputWdmMdl(Request, &requestMdl);
if(!NT_SUCCESS(status)){
UsbChief_DbgPrint(0, ("WdfRequestRetrieveOutputWdmMdl for Read failed %x\n", status));
goto End;
}
IoBuildPartialMdl(requestMdl, rwContext->Mdl,
(PVOID) rwContext->VirtualAddress, stageLength);
urb->UrbBulkOrInterruptTransfer.TransferBufferLength = stageLength;
rwContext->VirtualAddress += stageLength;
rwContext->Length -= stageLength;
status = WdfUsbTargetPipeFormatRequestForUrb(pipe, Request,
rwContext->UrbMemory, NULL);
if (!NT_SUCCESS(status)) {
UsbChief_DbgPrint(0, ("Failed to format requset for urb\n"));
status = STATUS_INSUFFICIENT_RESOURCES;
goto End;
}
WdfRequestSetCompletionRoutine(Request, UsbChief_ReadCompletion, NULL);
if (!WdfRequestSend(Request, WdfUsbTargetPipeGetIoTarget(pipe), WDF_NO_SEND_OPTIONS)) {
UsbChief_DbgPrint(0, ("WdfRequestSend for Read failed\n"));
status = WdfRequestGetStatus(Request);
goto End;
}
return;
End:
IoFreeMdl(rwContext->Mdl);
UsbChief_DbgPrint(DEBUG_RW, ("Read request completed with status 0x%x\n", status));
WdfRequestComplete(Request, status);
}