18 static void detach_driver(struct usbdev_data
*data
)
20 libusb_detach_kernel_driver(data
->devh
, data
->interface
);
28 static int send_msg(struct usbdev_data
*data
, struct msg_entry
*msg
)
32 return libusb_bulk_transfer(data
->devh
, data
->msg_endpoint
,
33 (void *) msg
->data
, msg
->len
,
37 static int read_response(struct usbdev_data
*data
, int len
)
45 ret
= libusb_bulk_transfer(data
->devh
, data
->response_endpoint
,
46 buf
, len
, &transferred
, 3000);
47 libusb_bulk_transfer(data
->devh
, data
->response_endpoint
,
48 buf
, 13, &transferred
, 100);
52 static void send_messages(struct usbdev_data
*data
, struct msg_entry
*msg
, int n_msg
)
56 libusb_claim_interface(data
->devh
, data
->interface
);
57 libusb_clear_halt(data
->devh
, data
->msg_endpoint
);
59 for (i
= 0; i
< n_msg
; i
++) {
60 if (send_msg(data
, &msg
[i
])) {
61 fprintf(stderr
, "Failed to send switch message\n");
65 if (!data
->need_response
)
68 if (!memcmp(msg
[i
].data
, "\x55\x53\x42\x43", 4))
73 if (read_response(data
, len
))
77 libusb_clear_halt(data
->devh
, data
->msg_endpoint
);
78 libusb_clear_halt(data
->devh
, data
->response_endpoint
);
82 if (data
->release_delay
)
83 usleep(data
->release_delay
* 1000);
85 libusb_release_interface(data
->devh
, data
->interface
);
89 static void send_config_messages(struct usbdev_data
*data
, struct blob_attr
*attr
)
91 struct blob_attr
*cur
;
93 struct msg_entry
*msg
;
95 blobmsg_for_each_attr(cur
, attr
, rem
)
98 msg
= alloca(n_msg
* sizeof(*msg
));
100 blobmsg_for_each_attr(cur
, attr
, rem
) {
103 if (blobmsg_type(cur
) != BLOBMSG_TYPE_INT32
) {
104 fprintf(stderr
, "Invalid data in message list\n");
108 msg_nr
= blobmsg_get_u32(cur
);
109 if (msg_nr
>= n_messages
) {
110 fprintf(stderr
, "Message index out of range!\n");
114 msg
[n_msg
].data
= messages
[msg_nr
];
115 msg
[n_msg
++].len
= message_len
[msg_nr
];
118 send_messages(data
, msg
, n_msg
);
121 static void handle_generic(struct usbdev_data
*data
, struct blob_attr
**tb
)
124 send_config_messages(data
, tb
[DATA_MSG
]);
127 static void send_control_packet(struct usbdev_data
*data
, uint8_t type
, uint8_t req
,
128 uint16_t val
, uint16_t idx
, int len
)
130 unsigned char *buffer
= alloca(len
? len
: 1);
132 libusb_control_transfer(data
->devh
, type
, req
, val
, idx
, buffer
, len
, 1000);
135 static void handle_huawei(struct usbdev_data
*data
, struct blob_attr
**tb
)
137 int type
= LIBUSB_REQUEST_TYPE_STANDARD
| LIBUSB_RECIPIENT_DEVICE
;
138 send_control_packet(data
, type
, LIBUSB_REQUEST_SET_FEATURE
, 1, 0, 0);
141 static void handle_huaweinew(struct usbdev_data
*data
, struct blob_attr
**tb
)
143 static struct msg_entry msgs
[] = {
145 "\x55\x53\x42\x43\x12\x34\x56\x78\x00\x00\x00\x00\x00\x00\x00\x11"
146 "\x06\x20\x00\x00\x01\x01\x00\x01\x00\x00\x00\x00\x00\x00\x00", 31
151 data
->need_response
= false;
152 send_messages(data
, msgs
, ARRAY_SIZE(msgs
));
155 static void handle_standardeject(struct usbdev_data
*data
, struct blob_attr
**tb
)
157 static struct msg_entry msgs
[] = {
159 "\x55\x53\x42\x43\x12\x34\x56\x78\x00\x00\x00\x00\x00\x00\x06\x1e"
160 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 31
162 "\x55\x53\x42\x43\x12\x34\x56\x79\x00\x00\x00\x00\x00\x00\x06\x1b"
163 "\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 31
165 "\x55\x53\x42\x43\x12\x34\x56\x78\x00\x00\x00\x00\x00\x01\x06\x1e"
166 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 31
168 "\x55\x53\x42\x43\x12\x34\x56\x79\x00\x00\x00\x00\x00\x01\x06\x1b"
169 "\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 31
174 data
->need_response
= true;
175 send_messages(data
, msgs
, ARRAY_SIZE(msgs
));
178 static void handle_sierra(struct usbdev_data
*data
, struct blob_attr
**tb
)
180 int type
= LIBUSB_REQUEST_TYPE_VENDOR
| LIBUSB_RECIPIENT_DEVICE
;
181 send_control_packet(data
, type
, LIBUSB_REQUEST_SET_INTERFACE
, 1, 0, 0);
184 static void handle_sony(struct usbdev_data
*data
, struct blob_attr
**tb
)
186 int type
= LIBUSB_REQUEST_TYPE_VENDOR
| LIBUSB_ENDPOINT_IN
;
190 send_control_packet(data
, type
, 0x11, 2, 0, 3);
192 libusb_close(data
->devh
);
195 for (i
= 0; i
< 25; i
++) {
196 data
->devh
= libusb_open_device_with_vid_pid(usb
,
197 data
->desc
.idVendor
, data
->desc
.idProduct
);
202 send_control_packet(data
, type
, 0x11, 2, 0, 3);
205 static void handle_qisda(struct usbdev_data
*data
, struct blob_attr
**tb
)
207 static unsigned char buffer
[] = "\x05\x8c\x04\x08\xa0\xee\x20\x00\x5c\x01\x04\x08\x98\xcd\xea\xbf";
208 int type
= LIBUSB_REQUEST_TYPE_VENDOR
| LIBUSB_RECIPIENT_DEVICE
;
210 libusb_control_transfer(data
->devh
, type
, 0x04, 0, 0, buffer
, 16, 1000);
213 static void handle_gct(struct usbdev_data
*data
, struct blob_attr
**tb
)
215 int type
= LIBUSB_REQUEST_TYPE_CLASS
| LIBUSB_RECIPIENT_INTERFACE
| LIBUSB_ENDPOINT_IN
;
219 if (libusb_claim_interface(data
->devh
, data
->interface
))
222 send_control_packet(data
, type
, 0xa0, 0, data
->interface
, 1);
223 send_control_packet(data
, type
, 0xfe, 0, data
->interface
, 1);
225 libusb_release_interface(data
->devh
, data
->interface
);
228 static void handle_kobil(struct usbdev_data
*data
, struct blob_attr
**tb
)
230 int type
= LIBUSB_REQUEST_TYPE_VENDOR
| LIBUSB_RECIPIENT_DEVICE
| LIBUSB_ENDPOINT_IN
;
233 send_control_packet(data
, type
, 0x88, 0, 0, 8);
236 static void handle_sequans(struct usbdev_data
*data
, struct blob_attr
**tb
)
238 int type
= LIBUSB_REQUEST_TYPE_VENDOR
| LIBUSB_RECIPIENT_DEVICE
;
239 send_control_packet(data
, type
, LIBUSB_REQUEST_SET_INTERFACE
, 2, 0, 0);
242 static void mobile_action_interrupt_msg(struct usbdev_data
*data
, void *msg
, int n_in
)
244 unsigned char *buf
= alloca(8);
245 int ep_out
= 0x02, ep_in
= 0x81;
250 libusb_interrupt_transfer(data
->devh
, ep_out
, msg
, 8, &transferred
, 1000);
251 for (i
= 0; i
< n_in
; i
++)
252 libusb_interrupt_transfer(data
->devh
, ep_in
, buf
, 8, &transferred
, 1000);
255 static void handle_mobile_action(struct usbdev_data
*data
, struct blob_attr
**tb
)
257 int type
= LIBUSB_REQUEST_TYPE_CLASS
| LIBUSB_RECIPIENT_INTERFACE
;
259 "\xb0\x04\x00\x00\x02\x90\x26\x86",
260 "\x37\x01\xfe\xdb\xc1\x33\x1f\x83",
261 "\x37\x0e\xb5\x9d\x3b\x8a\x91\x51",
262 "\x34\x87\xba\x0d\xfc\x8a\x91\x51",
263 "\x37\x01\xfe\xdb\xc1\x33\x1f\x83",
264 "\x37\x0e\xb5\x9d\x3b\x8a\x91\x51",
265 "\x34\x87\xba\x0d\xfc\x8a\x91\x51",
266 "\x33\x04\xfe\x00\xf4\x6c\x1f\xf0",
267 "\x32\x07\xfe\xf0\x29\xb9\x3a\xf0"
271 for (i
= 0; i
< 2; i
++)
272 libusb_control_transfer(data
->devh
, type
, 0x09, 0x0300, 0, (void *) msg
[0], 8, 1000);
273 mobile_action_interrupt_msg(data
, NULL
, 2);
274 mobile_action_interrupt_msg(data
, msg
[1], 1);
275 mobile_action_interrupt_msg(data
, msg
[2], 1);
276 mobile_action_interrupt_msg(data
, msg
[3], 63);
277 mobile_action_interrupt_msg(data
, msg
[4], 1);
278 mobile_action_interrupt_msg(data
, msg
[5], 1);
279 mobile_action_interrupt_msg(data
, msg
[6], 73);
280 mobile_action_interrupt_msg(data
, msg
[7], 1);
281 mobile_action_interrupt_msg(data
, msg
[8], 1);
284 static void handle_cisco(struct usbdev_data
*data
, struct blob_attr
**tb
)
286 static struct msg_entry msgs
[] = {
288 "\x55\x53\x42\x43\xf8\x3b\xcd\x81\x00\x02\x00\x00\x80\x00\x0a\xfd"
289 "\x00\x00\x00\x03\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 31
291 "\x55\x53\x42\x43\x98\x43\x00\x82\x00\x02\x00\x00\x80\x00\x0a\xfd"
292 "\x00\x00\x00\x07\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 31
294 "\x55\x53\x42\x43\x98\x43\x00\x82\x00\x00\x00\x00\x00\x00\x0a\xfd"
295 "\x00\x01\x00\x07\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 31
297 "\x55\x53\x42\x43\x98\x43\x00\x82\x00\x02\x00\x00\x80\x00\x0a\xfd"
298 "\x00\x02\x00\x23\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 31
300 "\x55\x53\x42\x43\x98\x43\x00\x82\x00\x00\x00\x00\x00\x00\x0a\xfd"
301 "\x00\x03\x00\x23\x82\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 31
303 "\x55\x53\x42\x43\x98\x43\x00\x82\x00\x02\x00\x00\x80\x00\x0a\xfd"
304 "\x00\x02\x00\x26\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 31
306 "\x55\x53\x42\x43\x98\x43\x00\x82\x00\x00\x00\x00\x00\x00\x0a\xfd"
307 "\x00\x03\x00\x26\xc8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 31
309 "\x55\x53\x42\x43\xd8\x4c\x04\x82\x00\x02\x00\x00\x80\x00\x0a\xfd"
310 "\x00\x00\x10\x73\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 31
312 "\x55\x53\x42\x43\xd8\x4c\x04\x82\x00\x02\x00\x00\x80\x00\x0a\xfd"
313 "\x00\x02\x00\x24\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 31
315 "\x55\x53\x42\x43\xd8\x4c\x04\x82\x00\x00\x00\x00\x00\x00\x0a\xfd"
316 "\x00\x03\x00\x24\x13\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 31
318 "\x55\x53\x42\x43\xd8\x4c\x04\x82\x00\x00\x00\x00\x00\x00\x0a\xfd"
319 "\x00\x01\x10\x73\x24\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 31
325 data
->need_response
= true;
326 send_messages(data
, msgs
, ARRAY_SIZE(msgs
));
329 static void handle_mbim(struct usbdev_data
*data
, struct blob_attr
**tb
)
333 if (data
->desc
.bNumConfigurations
< 2)
336 for (j
= 0; j
< data
->desc
.bNumConfigurations
; j
++) {
337 struct libusb_config_descriptor
*config
;
340 libusb_get_config_descriptor(data
->dev
, j
, &config
);
342 for (i
= 0; i
< config
->bNumInterfaces
; i
++) {
343 if (config
->interface
[i
].altsetting
[0].bInterfaceClass
== 2) {
344 if (config
->interface
[i
].altsetting
[0].bInterfaceSubClass
== 0x0e) {
345 struct libusb_config_descriptor
*active
;
348 libusb_get_active_config_descriptor(data
->dev
, &active
);
349 if (active
->bConfigurationValue
== config
->bConfigurationValue
)
351 while ((libusb_set_configuration(data
->devh
, config
->bConfigurationValue
) < 0) && --count
)
352 libusb_detach_kernel_driver(data
->devh
, active
->interface
[0].altsetting
[0].bInterfaceNumber
);
354 libusb_free_config_descriptor(config
);
360 libusb_free_config_descriptor(config
);
364 static void set_alt_setting(struct usbdev_data
*data
, int setting
)
366 if (libusb_claim_interface(data
->devh
, data
->interface
))
369 libusb_set_interface_alt_setting(data
->devh
, data
->interface
, setting
);
370 libusb_release_interface(data
->devh
, data
->interface
);
390 static const struct {
392 void (*cb
)(struct usbdev_data
*data
, struct blob_attr
**tb
);
393 } modeswitch_cb
[__MODE_MAX
] = {
394 [MODE_GENERIC
] = { "Generic", handle_generic
},
395 [MODE_STDEJECT
] = { "StandardEject", handle_standardeject
},
396 [MODE_HUAWEI
] = { "Huawei", handle_huawei
},
397 [MODE_HUAWEINEW
] = { "HuaweiNew", handle_huaweinew
},
398 [MODE_SIERRA
] = { "Sierra", handle_sierra
},
399 [MODE_SONY
] = { "Sony", handle_sony
},
400 [MODE_QISDA
] = { "Qisda", handle_qisda
},
401 [MODE_GCT
] = { "GCT", handle_gct
},
402 [MODE_KOBIL
] = { "Kobil", handle_kobil
},
403 [MODE_SEQUANS
] = { "Sequans", handle_sequans
},
404 [MODE_MOBILE_ACTION
] = { "MobileAction", handle_mobile_action
},
405 [MODE_CISCO
] = { "Cisco", handle_cisco
},
406 [MODE_MBIM
] = { "MBIM", handle_mbim
},
409 void handle_switch(struct usbdev_data
*data
)
411 static const struct blobmsg_policy data_policy
[__DATA_MAX
] = {
412 [DATA_MODE
] = { .name
= "mode", .type
= BLOBMSG_TYPE_STRING
},
413 [DATA_MSG
] = { .name
= "msg", .type
= BLOBMSG_TYPE_ARRAY
},
414 [DATA_INTERFACE
] = { .name
= "interface", .type
= BLOBMSG_TYPE_INT32
},
415 [DATA_MSG_EP
] = { .name
= "msg_endpoint", .type
= BLOBMSG_TYPE_INT32
},
416 [DATA_RES_EP
] = { .name
= "response_endpoint", .type
= BLOBMSG_TYPE_INT32
},
417 [DATA_RESPONSE
] = { .name
= "response", .type
= BLOBMSG_TYPE_BOOL
},
418 [DATA_CONFIG
] = { .name
= "config", .type
= BLOBMSG_TYPE_INT32
},
419 [DATA_ALT
] = { .name
= "alt", .type
= BLOBMSG_TYPE_INT32
},
420 [DATA_DEV_CLASS
] = { .name
= "t_class", .type
= BLOBMSG_TYPE_INT32
},
422 struct blob_attr
*tb
[__DATA_MAX
];
423 int mode
= MODE_GENERIC
;
426 blobmsg_parse(data_policy
, __DATA_MAX
, tb
, blobmsg_data(data
->info
), blobmsg_data_len(data
->info
));
428 if (tb
[DATA_DEV_CLASS
])
429 t_class
= blobmsg_get_u32(tb
[DATA_DEV_CLASS
]);
431 if (tb
[DATA_INTERFACE
])
432 data
->interface
= blobmsg_get_u32(tb
[DATA_INTERFACE
]);
435 data
->msg_endpoint
= blobmsg_get_u32(tb
[DATA_MSG_EP
]);
438 data
->response_endpoint
= blobmsg_get_u32(tb
[DATA_RES_EP
]);
440 if (tb
[DATA_RELEASE_DELAY
])
441 data
->release_delay
= blobmsg_get_u32(tb
[DATA_RELEASE_DELAY
]);
443 if (tb
[DATA_RESPONSE
])
444 data
->need_response
= blobmsg_get_bool(tb
[DATA_RESPONSE
]);
446 if (t_class
> 0 && data
->dev_class
!= t_class
)
453 modestr
= blobmsg_data(tb
[DATA_MODE
]);
454 for (i
= 0; i
< __MODE_MAX
; i
++) {
455 if (strcmp(modeswitch_cb
[i
].name
, modestr
) != 0)
463 modeswitch_cb
[mode
].cb(data
, tb
);
465 if (tb
[DATA_CONFIG
]) {
466 int config
, config_new
;
468 config_new
= blobmsg_get_u32(tb
[DATA_CONFIG
]);
469 if (libusb_get_configuration(data
->devh
, &config
) ||
470 config
!= config_new
)
471 libusb_set_configuration(data
->devh
, config_new
);
475 int new = blobmsg_get_u32(tb
[DATA_ALT
]);
476 set_alt_setting(data
, new);