Bus snooping/sniffing: Difference between revisions

From LinuxTVWiki
Jump to navigation Jump to search
No edit summary
Line 61: Line 61:
After getting the log, you should analyse and understand the meaning for your device.
After getting the log, you should analyse and understand the meaning for your device.


In the case of [[Em28xx Devices | em28xx]], you can use the [[http://linuxtv.org/hg/v4l-dvb/raw-file/tip/v4l2-apps/util/parse_em28xx.pl em28xx log parser]] to proccess the URBs and the driver dmesg dumps (in the compact format as shown above) and print them into a more human way:
For example, in the case of [[Em28xx Devices | em28xx]], you can use the [[http://linuxtv.org/hg/v4l-dvb/raw-file/tip/v4l2-apps/util/parse_em28xx.pl em28xx log parser]] to proccess the URBs and the driver dmesg dumps (in the compact format as shown above) and print them into a more human way:


em28xx_write_reg(dev, EM28XX_R08_GPIO, 0x3d);
em28xx_write_reg(dev, EM28XX_R08_GPIO, 0x3d);

Revision as of 16:07, 2 January 2009

Purpose and relevance to development work -- description coming soon

PCI / PCIe

Snooping Utilities:

USB

Snooping Utilities:

  • usbsnoop - a Windows based utility for sniffing/monitoring communications traffic for a USB device. Note: In case usbsnoop/SniffUSB doesn't work for you, here are a few time limited apps that should work under Vista:
  • SnoopyPro - Windows based snoop for USB device communications traffic
  • usbsnoop/SniffUSB - Windows based snoop for USB device communications traffic
  • usbmon - Linux kernel module which can snoop USB device communications traffic
    • Wireshark - logs usbmon output, via libpcap
    • USBMon - logs usbmon output

Log parsers, format etc

...

Snooping Procedures:

  • Use a Snopping utility to get the log.
  • Group URB transactions into a shorter log by using a parser
  • Identify the URB transactions at the control endpoint. URB transactions look like those:

40 02 00 00 ba 00 03 00 >>> 20 11 00

URB fields
Byte Meaning
1 bit 7 = 1 - read / 0 - write

bit 6 = 1 - Vendor Class

2 URB Request
3-4 URB Value in big endian
5-6 URB Index in big endian
7-8 URB message size in big endian


control URB examples
40 00 00 00 08 00 01 00 >>> 3d USB OUT, Vendor class, Req = 0, Value = 0x0000, Index = 0x0008, Size = 0x0001, Message = 0x3d
40 02 00 00 ba 00 03 00 >>> 20 11 00 USB OUT, Vendor class, Req = 0x02, Value = 0x0000, Index = 0x00ba, Size = 0x0003, Message = "0x20, 0x11, 0x00"
c0 00 00 00 15 00 01 00 <<< 00 USB IN, Vendor class, Req = 0x00, Value = 0x0000, Index = 0x0015, Size = 0x0001, Message = "0x00"


After getting the log, you should analyse and understand the meaning for your device.

For example, in the case of em28xx, you can use the [em28xx log parser] to proccess the URBs and the driver dmesg dumps (in the compact format as shown above) and print them into a more human way:

 em28xx_write_reg(dev, EM28XX_R08_GPIO, 0x3d);
 i2c_master_send(0xba>>1, { 20 11 00  }, 0x03);
 em28xx_read_reg(dev, EM28XX_R15_RGAIN);         /* read 0x00 */

Command Playback Utilities:

  • usb-robot - plays back USB Snoopy capture logs
  • usbreplay - plays back usbsnoop capture logs

i2c

External Links