error Proxing a keyboard: ioctl(USB_RAW_IOCTL_EP0_WRITE): Cannot send after transport endpoint shutdown #4
Comments
|
I noticed in this block: ` setup_host_usb_desc(); ` |
|
Hi, Thank you for spending time playing around with this project! Could you please provide the output of the following command?
|
|
the project is unique, and have learn a lot about USB thanks to this project lsusb -t the mini keyboard shows as 2 devices, I guess the first is a internal hub then the keyboard itself and the touch pad as a mouse. lsusb -v -d 1997:2433 Bus 001 Device 004: ID 1997:2433 Shenzhen Riitek Technology Co., Ltd wireless mini keyboard with touchpad |
|
update: ran it with level 2 verbose and this is the output Device is: fe980000.usb the error comes from proxy.cpp > void ep0_loop(int fd) >rv = usb_raw_ep0_write(fd, (struct usb_raw_ep_io *)&io); //line: 379 seems like somehow host or device closes fd, i been doing tests with USBPCAP and Wireshark and in the capture taken from the target host machine doesn't even get any device request. would you point me were to look at? if helps this is the traffic of the device conected directly to the host (no proxy) in PCAP format. this is the usb traffic recived in the target host with proxy enabled, only 6 interrupt packets, but no device request or response or anything. |
|
Hi, Thanks for sharing the info, sorry that I don't have time recently because I am on a business trip in Europe, I will check this out when I am back to my hometown |
|
don't worry bro, good luck in your travel, I feel this project is unique and has future there are only 2 proxy USB projects with this one included available, just remember to throw a hand to the project when you have time. |
|
update: Configuration descriptor > usb.bMaxPacketSize0 we get this error: ioctl(USB_RAW_IOCTL_EP0_WRITE): Cannot send after transport endpoint shutdown it feels like the endpoint is expecting the configuration descriptor in 2 parts one of the full packet size and other with the rest but when it tries to send all the 59 at once it fails. i tested with other devices and this issue repeats when such conditions meet. all devices that work on high speed have 64 bytes in ep0, haven't found a device that fails for having a configuration descriptor bigger than 64bytes but I'm guessing it could happen too. but most high speed devices pass this part then fail somewhere else but I'm trying to solve this issue first but i lack of the knowledge YET to complete this. |
|
Hi, May I know where did you get the mini keyboard? I am thinking that if it is not too expensive, I might buy one to debug this issue For the bMaxPacketSize0 that you mentioned, maybe you can try to manually set this value higher Line 65 in 6aecd45 BTW, I am not a USB expert as well, and AFAIK there are some buggy USB devices that might require special driver to work, or possibly need to setup some USB quirks in kernel module, which means that this project might not be able to handle that special case |
|
this is the mini keyboard: but may be you don't need to buy it, I can run any tests for you and provide logs or pcaps. My mouse has a issue that looked like the same problem but now i made deeper tests. The mouse is a death adder V2 which has a bMaxPacketSize0 of 64 bytes but its configuration descriptor is 84 bytes but in this case it manages to send the descriptor even though is bigger than the bMaxPacketSize0. so after running it with verbose level 2: it seems to be sending the descriptor without problem... but crashes only after I move the mouse in this case crashes when trying to send a interrupt with the movement data: EP81(int_in): enqueued 8 bytes to queue now this makes me wonder if the problem is the size of the descriptor or if is something else because in this case the descriptor is also bigger than the bMaxPacketSize0 but it sends the descriptor.
I made this test because this project: https://github.com/nesto-software/USBProxy manages to proxy that mini keyboard just fine but that project fails with every other device I have, it uses GadgetFS instead of Raw Gadget, Proxied using that project to see whats different and how it sends the descriptor and what I found in the pcap was that the mini keyboard shows in the device descriptor MaxPacketSize0 = 64 which is weird because that device conected directly reports its MaxPacketSize0 = 32 and also usb.bcdDevice = 0x0200 instead of usb.bcdDevice = 0x0110 (which is its original value) its like that other proxy somehow changes these values. This problems are interesting every time I get a hypothesis it always results in something else after few days. |
|
@Alphadan28 Could you change |
|
sure this is the result: connecting as USB_SPEED_FULL instead of USB_SPEED_HIGH Device is: fe980000.usb and dmesg output: [ 3458.920575] hwmon hwmon1: Undervoltage detected! |
|
Alphadan28, could you please try proxying the device with the Dummy HCD controller instead of dwc2 (you need to build and load |
|
And also, could you apply the following patch to diff --git a/raw_gadget/raw_gadget.c b/raw_gadget/raw_gadget.c
index 5eedee5..d79b690 100644
--- a/raw_gadget/raw_gadget.c
+++ b/raw_gadget/raw_gadget.c
@@ -7,6 +7,8 @@
* Author: Andrey Konovalov <andreyknvl@gmail.com>
*/
+#define DEBUG
+
#include <linux/compiler.h>
#include <linux/ctype.h>
#include <linux/debugfs.h>
@@ -365,10 +367,26 @@ out:
}
/* These are currently unused but present in case UDC driver requires them. */
-static void gadget_disconnect(struct usb_gadget *gadget) { }
-static void gadget_suspend(struct usb_gadget *gadget) { }
-static void gadget_resume(struct usb_gadget *gadget) { }
-static void gadget_reset(struct usb_gadget *gadget) { }
+static void gadget_disconnect(struct usb_gadget *gadget)
+{
+ dev_dbg(&gadget->dev, "gadget disconnected\n");
+ WARN_ON(1);
+}
+static void gadget_suspend(struct usb_gadget *gadget)
+{
+ dev_dbg(&gadget->dev, "gadget suspended\n");
+ WARN_ON(1);
+}
+static void gadget_resume(struct usb_gadget *gadget)
+{
+ dev_dbg(&gadget->dev, "gadget resumed\n");
+ WARN_ON(1);
+}
+static void gadget_reset(struct usb_gadget *gadget)
+{
+ dev_dbg(&gadget->dev, "gadget reset\n");
+ WARN_ON(1);
+}
/*----------------------------------------------------------------------*/
|
|
I got the K12+ keyboard, and it's being proxied perfectly with Dummy HCD. So I suspect the issue is either with the dwc2 driver or with Raw Gadget. I don't have a full-size Raspberry Pie to debug further, but I'll try to get my hands on one. |
|
This project https://github.com/patryk4815/usb-proxy manages to proxy my logitech mouse without issues. This usb-proxy project results in the error described above. |
|
I have experienced the same issue with a wireless mouse & keyboard. It works perfectly with dummy driver but not with the project by patryk4815. I ran the patch above. dmesg. |
|
I have this issue too,with a wireless mouse. on orangepipc,I change the MaxPackageSize0,and change connect_device when ctrl event set interface 1, control_request failed dmesg output has a gadget |
Current code assumes that only one interface is active at a time. This is not correct: all interfaces of a chosen cofiguration are active simultaneously. Fixes AristoChen#4.
|
Very thanks, I also make my mouse work, but i think @xairy code is good, i will test the code. i have a ic card reader, which have a bEndpointAddress 0x85, but raw_gadget use driver musb-hdrc max bEndpointAddress 0x84, this make raw_gadget ep addr enable failed in process_eps Is there a good solution? |
|
Hi @imatespl, thanks for confirm that the fix works for you! could you please open another issue to discuss your question? we may discuss there further, because I think it is not related to this issue Just a quick reply to your question, I guess your hardware only support endopoints address from 0x01 to 0x04, and from 0x81 to 0x84. Your IC card reader uses 0x85, which may not be supported on your hardware. There may be 2 solutions
|
|
very thanks,I will open a new issue,my ic card reader have three endpoints, 0x01 0x82 0x85, I hard code map 0x85 to 0x81, in |
|
I test @xairy #6, and should change the index e3dbd57..d703445 100644
--- a/proxy.cpp
+++ b/proxy.cpp
@@ -368,6 +368,12 @@ void ep0_loop(int fd) {
break;
}
}
+ if ((event.ctrl.bRequestType & USB_TYPE_MASK) == USB_TYPE_STANDARD &&
+ event.ctrl.bRequest == USB_REQ_GET_DESCRIPTOR &&
+ (event.ctrl.wValue >> 8) == USB_DT_DEVICE) {
+ struct usb_device_descriptor* pdata = (struct usb_device_descriptor*)&io.data;
+ pdata->bMaxPacketSize0 = 64;
+ }
if (verbose_level >= 2)
printData(io, 0x00, "control", "in");
@@ -495,7 +501,14 @@ void ep0_loop(int fd) {
printf("ep0: transferred %d bytes (out)\n", rv);
}
else {
- usb_raw_ep0_stall(fd);
+ if (event.ctrl.bRequestType == 0x21
+ && event.ctrl.bRequest == 0x0a
+ && event.ctrl.wIndex != 0) {
+ continue;
+ }
+ else {
+ usb_raw_ep0_stall(fd);
+ }
}
}
} |
|
Ok, I add to #6, thanks! |
first of all thanks for sharing your work, I successfuly proxied a ethernet adapter but fails with all HID i have
pi@raspberrypi:~/usb-proxy $ sudo ./usb-proxy --device=fe980000.usb --driver=fe980000.usb --vendor_id=1997 --product_id=2433
Device is: fe980000.usb
Driver is: fe980000.usb
vendor_id is: 6551
product_id is: 9267
Device opened successfully
Start hotplug_monitor thread, thread id(2326)
Setup USB config successfully
Start for EP0, thread id(2324)
event: connect, length: 0
event: control, length: 8
bRequestType: 0x80 (IN), bRequest: 0x06, wValue: 0x0100, wIndex: 0x0000, wLength: 64
type = USB_TYPE_STANDARD
req = USB_REQ_GET_DESCRIPTOR
desc = USB_DT_DEVICE
ep0: transferred 18 bytes (in)
event: control, length: 8
bRequestType: 0x80 (IN), bRequest: 0x06, wValue: 0x0100, wIndex: 0x0000, wLength: 18
type = USB_TYPE_STANDARD
req = USB_REQ_GET_DESCRIPTOR
desc = USB_DT_DEVICE
ep0: transferred 18 bytes (in)
event: control, length: 8
bRequestType: 0x80 (IN), bRequest: 0x06, wValue: 0x0200, wIndex: 0x0000, wLength: 255
type = USB_TYPE_STANDARD
req = USB_REQ_GET_DESCRIPTOR
desc = USB_DT_CONFIG
ioctl(USB_RAW_IOCTL_EP0_WRITE): Cannot send after transport endpoint shutdown
Any idea whats causing this?
The text was updated successfully, but these errors were encountered: