Thursday, November 14, 2013


My teensy based code succesfully connects maybe 1/4 to 1/3 of the time. Once it passes through the initial connection phase it is reliable. I believe it's some sort of timing issue with the USB host shield causing it to not respond to some requests. There are a few things that can be attempted to fix it.
  • do a little more setup before connecting the two sides (device & host). I can go ahead and set the configuration on the device (since controllers generally have just a single config). Also, the endpoint for HID reports, usually sends a few messages (with initial byte 0x01,0x02,0x03) before starting to send reports (which have initial byte 0x00). I can queue up those non report transmissions before starting to relay, and send those to the host without bothering the device.
  • reduce the polling time
But that is on the back burner for the moment. I'm currently working with Dominic Spill on usb-mitm. We're making an extensible framework for using the beaglebone black (although it would likely work on any system capable of using the linux gadgetfs framework) for USB sniffing relaying and injection. While the hardware is a bit more (about $45) than a Teensy 3, once you consider the 2 teensies, and the host shield, it's actually a bit cheaper. It includes the host and device ports, an ethernet port (as well as quite a bit more memory, storage, and muscle). And since it has everything you need, no soldering is needed.

We're hoping to have the basic functionality of our project done in a couple weeks. As a high level overview it connects a USB Device proxy to a USB Host proxy, and offers Injectors and Filters that modify the packets going from one side to the other.

some examples of a Device proxy:
  • connect to a physical device using libusb
  • a device emulated in software on the BBB
  • a device (emulated or real) tunneled over TCP/IP
some examples of a Host proxy:
  • connect to a physical host using gadgetfs (sort of like libusb but for talking to hosts rather than devices)
  • connect to a host emulated in software on the BBB
  • connect to a host (or multiple hosts) over TCP/IP
some examples of an Injector:
  • listen for packets over TCP/IP and send them to the device and/or host
  • replay packets from a log file
some examples of a Filter:
  • send all packets over TCP/IP (act as a USB sniffer)
  • modify the content of specific packets
  • drop specific packets
  • send packets over TCP/IP to a remote host which then decides whether to modify or drop them
The initial release will probably handle just include the physical device/host proxies, and the TCP/IP listener Injector, and the TCP/IP sniffer Filter.

No comments:

Post a Comment