On Sat, Mar 01, 2008 at 05:28:39AM -0700, Brian Edginton wrote:
So, what have you found to be the best way to snoop the USB? Is windows
better than Linux? Is there a tool that produces the same output as you have
used in the past? Have you standardized anything?
I've used windows snooping and linux snooping. They are both good, but
linux captures more of the protocol than windows... I had to use linux
snooping in order to find the special usb control messages for bcharge,
for example. If the traffic you're trying to see only uss Bulk messages
(which is the case for most of what the Blackberry does, that I've seen),
then windows snooping is fine.
One drawback of linux snooping is that I've found on my system, sometimes
it seems like the kernel printk message buffering gets overwhelmed, and
somewhere along the line from kernel printk to syslog /var/log/kern.log
some data is dropped. This may be a peculiarity of my system, but I haven't
tracked it down.
Both methods are documented under barry/doc/USB-capture.txt.
Another issue with linux snooping is that it tries to log the entire URB
packet, whether or not the data is being used at all... this makes following
the traffic a little confusing, since a data packet might be logged that
really has nothing to do with reality. You can tell this by the context,
but you have to concentrate.
But the nice thing about linux snooping is that you have the source code
to everything. ;-) I've attached a patch to kernel 2.6.24.3 that adds
endpoint logging and tries to limit the data packet size that is written to
the log.
- Chris
diff -ru linux-2.6.24.3-vanilla/drivers/usb/core/devio.c
linux-2.6.24.3-cdfsnooplimit/drivers/usb/core/devio.c
--- linux-2.6.24.3-vanilla/drivers/usb/core/devio.c 2008-02-25
19:20:20.0 -0500
+++ linux-2.6.24.3-cdfsnooplimit/drivers/usb/core/devio.c 2008-02-29
17:12:24.0 -0500
@@ -284,7 +284,7 @@
static void snoop_urb(struct urb *urb, void __user *userurb)
{
- int j;
+ int j, len;
unsigned char *data = urb-transfer_buffer;
if (!usbfs_snoop)
@@ -297,7 +297,12 @@
urb-transfer_buffer_length);
dev_info(urb-dev-dev, actual_length=%d\n, urb-actual_length);
dev_info(urb-dev-dev, data: );
- for (j = 0; j urb-transfer_buffer_length; ++j)
+
+ len = urb-actual_length;
+ if( len urb-transfer_buffer_length )
+ len = urb-transfer_buffer_length;
+
+ for (j = 0; j len; ++j)
printk (%02x , data[j]);
printk(\n);
}
@@ -726,8 +731,8 @@
kfree(tbuf);
return -EINVAL;
}
- snoop(dev-dev, bulk read: len=0x%02x timeout=%04d\n,
- bulk.len, bulk.timeout);
+ snoop(dev-dev, bulk read: ep=0x%02x, len=0x%02x
timeout=%04d\n,
+ bulk.ep, bulk.len, bulk.timeout);
usb_unlock_device(dev);
i = usb_bulk_msg(dev, pipe, tbuf, len1, len2, tmo);
usb_lock_device(dev);
@@ -750,8 +755,8 @@
return -EFAULT;
}
}
- snoop(dev-dev, bulk write: len=0x%02x timeout=%04d\n,
- bulk.len, bulk.timeout);
+ snoop(dev-dev, bulk write: ep=0x%02x, len=0x%02x
timeout=%04d\n,
+ bulk.ep, bulk.len, bulk.timeout);
if (usbfs_snoop) {
dev_info(dev-dev, bulk write: data: );
for (j = 0; j len1; ++j)
@@ -1092,6 +1097,8 @@
return -EFAULT;
}
}
+ snoop(ps-dev-dev, submit urb: bEndpoint %02x\n,
+ uurb-endpoint);
snoop_urb(as-urb, as-userurb);
async_newpending(as);
if ((ret = usb_submit_urb(as-urb, GFP_KERNEL))) {
Only in linux-2.6.24.3-cdfsnooplimit: tags
-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/___
Barry-devel mailing list
Barry-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/barry-devel
