1 /* packet-usbll.c
2 *
3 * 2019 Tomasz Mon <desowin@gmail.com>
4 *
5 * USB link layer dissector
6 *
7 * This code is separated from packet-usb.c on purpose.
8 * It is important to note that packet-usb.c operates on the USB URB level.
9 * The idea behind this file is to transform low level link layer data
10 * (captured by hardware sniffers) into structures that resemble URB and pass
11 * such URB to the URB common dissection code.
12 *
13 * SPDX-License-Identifier: GPL-2.0-or-later
14 */
15
16 #include "config.h"
17 #include <epan/packet.h>
18 #include <epan/expert.h>
19 #include <epan/crc16-tvb.h>
20 #include <wsutil/crc5.h>
21 #include <epan/address_types.h>
22 #include <epan/to_str.h>
23 #include <epan/proto_data.h>
24 #include <epan/reassemble.h>
25 #include "packet-usb.h"
26
27 void proto_register_usbll(void);
28 void proto_reg_handoff_usbll(void);
29
30 static int proto_usbll = -1;
31
32 /* Fields defined by USB 2.0 standard */
33 static int hf_usbll_pid = -1;
34 static int hf_usbll_device_addr = -1;
35 static int hf_usbll_endp = -1;
36 static int hf_usbll_crc5 = -1;
37 static int hf_usbll_crc5_status = -1;
38 static int hf_usbll_data = -1;
39 static int hf_usbll_data_crc = -1;
40 static int hf_usbll_data_crc_status = -1;
41 static int hf_usbll_sof_framenum = -1;
42 static int hf_usbll_split_hub_addr = -1;
43 static int hf_usbll_split_sc = -1;
44 static int hf_usbll_split_port = -1;
45 static int hf_usbll_split_s = -1;
46 static int hf_usbll_split_e = -1;
47 static int hf_usbll_split_u = -1;
48 static int hf_usbll_split_iso_se = -1;
49 static int hf_usbll_split_et = -1;
50 static int hf_usbll_split_crc5 = -1;
51 static int hf_usbll_split_crc5_status = -1;
52 static int hf_usbll_src = -1;
53 static int hf_usbll_dst = -1;
54 static int hf_usbll_addr = -1;
55 static int hf_usbll_transfer_fragments = -1;
56 static int hf_usbll_transfer_fragment = -1;
57 static int hf_usbll_transfer_fragment_overlap = -1;
58 static int hf_usbll_transfer_fragment_overlap_conflicts = -1;
59 static int hf_usbll_transfer_fragment_multiple_tails = -1;
60 static int hf_usbll_transfer_fragment_too_long_fragment = -1;
61 static int hf_usbll_transfer_fragment_error = -1;
62 static int hf_usbll_transfer_fragment_count = -1;
63 static int hf_usbll_transfer_reassembled_in = -1;
64 static int hf_usbll_transfer_reassembled_length = -1;
65
66 static int ett_usbll = -1;
67 static int ett_usbll_transfer_fragment = -1;
68 static int ett_usbll_transfer_fragments = -1;
69
70 static const fragment_items usbll_frag_items = {
71 /* Fragment subtrees */
72 &ett_usbll_transfer_fragment,
73 &ett_usbll_transfer_fragments,
74 /* Fragment Fields */
75 &hf_usbll_transfer_fragments,
76 &hf_usbll_transfer_fragment,
77 &hf_usbll_transfer_fragment_overlap,
78 &hf_usbll_transfer_fragment_overlap_conflicts,
79 &hf_usbll_transfer_fragment_multiple_tails,
80 &hf_usbll_transfer_fragment_too_long_fragment,
81 &hf_usbll_transfer_fragment_error,
82 &hf_usbll_transfer_fragment_count,
83 /* Reassembled in field */
84 &hf_usbll_transfer_reassembled_in,
85 /* Reassembled length field */
86 &hf_usbll_transfer_reassembled_length,
87 /* Reassembled data field */
88 NULL,
89 /* Tag */
90 "USB transfer fragments"
91 };
92
93 static expert_field ei_invalid_pid = EI_INIT;
94 static expert_field ei_undecoded = EI_INIT;
95 static expert_field ei_wrong_crc5 = EI_INIT;
96 static expert_field ei_wrong_split_crc5 = EI_INIT;
97 static expert_field ei_wrong_crc16 = EI_INIT;
98 static expert_field ei_invalid_s = EI_INIT;
99 static expert_field ei_invalid_e_u = EI_INIT;
100 static expert_field ei_invalid_pid_sequence = EI_INIT;
101 static expert_field ei_invalid_setup_data = EI_INIT;
102
103 static int usbll_address_type = -1;
104
105 static dissector_handle_t usbll_handle;
106
107 static reassembly_table usbll_reassembly_table;
108
109 static wmem_map_t *transfer_info;
110
111 /* USB packet ID is 4-bit. It is send in octet alongside complemented form.
112 * The list of PIDs is available in Universal Serial Bus Specification Revision 2.0,
113 * Table 8-1. PID Types
114 * Packets here are sorted by the complemented form (high nibble).
115 */
116 #define USB_PID_DATA_MDATA 0x0F
117 #define USB_PID_HANDSHAKE_STALL 0x1E
118 #define USB_PID_TOKEN_SETUP 0x2D
119 #define USB_PID_SPECIAL_PRE_OR_ERR 0x3C
120 #define USB_PID_DATA_DATA1 0x4B
121 #define USB_PID_HANDSHAKE_NAK 0x5A
122 #define USB_PID_TOKEN_IN 0x69
123 #define USB_PID_SPECIAL_SPLIT 0x78
124 #define USB_PID_DATA_DATA2 0x87
125 #define USB_PID_HANDSHAKE_NYET 0x96
126 #define USB_PID_TOKEN_SOF 0xA5
127 #define USB_PID_SPECIAL_PING 0xB4
128 #define USB_PID_DATA_DATA0 0xC3
129 #define USB_PID_HANDSHAKE_ACK 0xD2
130 #define USB_PID_TOKEN_OUT 0xE1
131 #define USB_PID_SPECIAL_RESERVED 0xF0
132 static const value_string usb_packetid_vals[] = {
133 {USB_PID_DATA_MDATA, "MDATA"},
134 {USB_PID_HANDSHAKE_STALL, "STALL"},
135 {USB_PID_TOKEN_SETUP, "SETUP"},
136 {USB_PID_SPECIAL_PRE_OR_ERR, "PRE/ERR"},
137 {USB_PID_DATA_DATA1, "DATA1"},
138 {USB_PID_HANDSHAKE_NAK, "NAK"},
139 {USB_PID_TOKEN_IN, "IN"},
140 {USB_PID_SPECIAL_SPLIT, "SPLIT"},
141 {USB_PID_DATA_DATA2, "DATA2"},
142 {USB_PID_HANDSHAKE_NYET, "NYET"},
143 {USB_PID_TOKEN_SOF, "SOF"},
144 {USB_PID_SPECIAL_PING, "PING"},
145 {USB_PID_DATA_DATA0, "DATA0"},
146 {USB_PID_HANDSHAKE_ACK, "ACK"},
147 {USB_PID_TOKEN_OUT, "OUT"},
148 {USB_PID_SPECIAL_RESERVED, "Reserved"},
149 {0, NULL}
150 };
151 static value_string_ext usb_packetid_vals_ext =
152 VALUE_STRING_EXT_INIT(usb_packetid_vals);
153
154 static const value_string usb_start_complete_vals[] = {
155 {0, "Start"},
156 {1, "Complete"},
157 {0, NULL}
158 };
159
160 static const value_string usb_split_speed_vals[] = {
161 {0, "Full"},
162 {1, "Low"},
163 {0, NULL}
164 };
165
166 static const value_string usb_split_iso_se_vals[] = {
167 {0, "High-speed data is the middle of the fullspeed data payload"},
168 {1, "High-speed data is the beginning of the full-speed data payload"},
169 {2, "High-speed data is the end of the full-speed data payload"},
170 {3, "High-speed data is all of the full-speed data payload"},
171 {0, NULL}
172 };
173
174 #define USB_EP_TYPE_CONTROL 0
175 #define USB_EP_TYPE_ISOCHRONOUS 1
176 #define USB_EP_TYPE_BULK 2
177 #define USB_EP_TYPE_INTERRUPT 3
178 static const value_string usb_endpoint_type_vals[] = {
179 {USB_EP_TYPE_CONTROL, "Control"},
180 {USB_EP_TYPE_ISOCHRONOUS, "Isochronous"},
181 {USB_EP_TYPE_BULK, "Bulk"},
182 {USB_EP_TYPE_INTERRUPT, "Interrupt"},
183 {0, NULL}
184 };
185
186 /* Macros for Token Packets. */
187 #define TOKEN_BITS_GET_ADDRESS(bits) (bits & 0x007F)
188 #define TOKEN_BITS_GET_ENDPOINT(bits) ((bits & 0x0780) >> 7)
189
190 /* Macros for Split Packets. */
191 #define SPLIT_BITS_GET_HUB_ADDRESS(bits) (guint8)(bits & 0x007F)
192 #define SPLIT_BITS_GET_HUB_PORT(bits) (guint8)((bits & 0x7F00) >> 8)
193 #define SPLIT_BITS_GET_ENDPOINT_TYPE(bits) ((bits & 0x060000) >> 17)
194 #define SPLIT_BIT_SPEED 0x8000
195 #define SPLIT_BIT_E_U 0x10000
196 #define SPLIT_BIT_START_COMPLETE 0x0080
197
198 /* Bitmasks definitions for usbll_address_t flags
199 * and 'flags' parameter of usbll_set_address function.
200 */
201 #define USBLL_ADDRESS_STANDARD 0
202 #define USBLL_ADDRESS_HOST 0x01
203 #define USBLL_ADDRESS_HUB_PORT 0x02
204 #define USBLL_ADDRESS_BROADCAST 0x04
205 #define USBLL_ADDRESS_HOST_TO_DEV 0
206 #define USBLL_ADDRESS_DEV_TO_HOST 0x08
207
208 #define USBLL_ADDRESS_IS_DEV_TO_HOST(flags) \
209 (flags & USBLL_ADDRESS_DEV_TO_HOST)
210
211 #define USBLL_ADDRESS_IS_HOST_TO_DEV(flags) \
212 (!USBLL_ADDRESS_IS_DEV_TO_HOST(flags))
213
214 typedef enum usbll_state {
215 STATE_IDLE, /* No transaction, e.g. after SOF */
216 STATE_INVALID, /* Invalid PID sequence, e.g. ACK without transaction */
217 STATE_IN,
218 STATE_IN_DATA0,
219 STATE_IN_DATA1,
220 STATE_IN_HS_ISOCHRONOUS_DATA2,
221 STATE_IN_ACK,
222 STATE_IN_NAK,
223 STATE_IN_STALL,
224 STATE_OUT,
225 STATE_OUT_DATA0,
226 STATE_OUT_DATA1,
227 STATE_OUT_HS_ISOCHRONOUS_DATA2,
228 STATE_OUT_HS_ISOCHRONOUS_MDATA,
229 STATE_OUT_ACK,
230 STATE_OUT_NAK,
231 STATE_OUT_STALL,
232 STATE_OUT_NYET,
233 STATE_PING,
234 STATE_PING_ACK,
235 STATE_PING_NAK,
236 STATE_PING_STALL,
237 STATE_SETUP,
238 STATE_SETUP_DATA0,
239 STATE_SETUP_ACK,
240 /* LS/FS Control transactions via HS hub */
241 STATE_SSPLIT_CONTROL,
242 STATE_SSPLIT_CONTROL_SETUP,
243 STATE_SSPLIT_CONTROL_SETUP_DATA0,
244 STATE_SSPLIT_CONTROL_SETUP_ACK,
245 STATE_SSPLIT_CONTROL_SETUP_NAK,
246 STATE_SSPLIT_CONTROL_OUT,
247 STATE_SSPLIT_CONTROL_OUT_DATA0,
248 STATE_SSPLIT_CONTROL_OUT_DATA1,
249 STATE_SSPLIT_CONTROL_OUT_ACK,
250 STATE_SSPLIT_CONTROL_OUT_NAK,
251 STATE_SSPLIT_CONTROL_IN,
252 STATE_SSPLIT_CONTROL_IN_ACK,
253 STATE_SSPLIT_CONTROL_IN_NAK,
254 STATE_CSPLIT_CONTROL,
255 STATE_CSPLIT_CONTROL_SETUP,
256 STATE_CSPLIT_CONTROL_SETUP_ACK,
257 STATE_CSPLIT_CONTROL_SETUP_NYET,
258 STATE_CSPLIT_CONTROL_OUT,
259 STATE_CSPLIT_CONTROL_OUT_ACK,
260 STATE_CSPLIT_CONTROL_OUT_NAK,
261 STATE_CSPLIT_CONTROL_OUT_STALL,
262 STATE_CSPLIT_CONTROL_OUT_NYET,
263 STATE_CSPLIT_CONTROL_IN,
264 STATE_CSPLIT_CONTROL_IN_DATA0,
265 STATE_CSPLIT_CONTROL_IN_DATA1,
266 STATE_CSPLIT_CONTROL_IN_NAK,
267 STATE_CSPLIT_CONTROL_IN_STALL,
268 STATE_CSPLIT_CONTROL_IN_NYET,
269 /* LS/FS Bulk transactions via HS hub */
270 STATE_SSPLIT_BULK,
271 STATE_SSPLIT_BULK_OUT,
272 STATE_SSPLIT_BULK_OUT_DATA0,
273 STATE_SSPLIT_BULK_OUT_DATA1,
274 STATE_SSPLIT_BULK_OUT_ACK,
275 STATE_SSPLIT_BULK_OUT_NAK,
276 STATE_SSPLIT_BULK_IN,
277 STATE_SSPLIT_BULK_IN_ACK,
278 STATE_SSPLIT_BULK_IN_NAK,
279 STATE_CSPLIT_BULK,
280 STATE_CSPLIT_BULK_OUT,
281 STATE_CSPLIT_BULK_OUT_ACK,
282 STATE_CSPLIT_BULK_OUT_NAK,
283 STATE_CSPLIT_BULK_OUT_STALL,
284 STATE_CSPLIT_BULK_OUT_NYET,
285 STATE_CSPLIT_BULK_IN,
286 STATE_CSPLIT_BULK_IN_DATA0,
287 STATE_CSPLIT_BULK_IN_DATA1,
288 STATE_CSPLIT_BULK_IN_NAK,
289 STATE_CSPLIT_BULK_IN_STALL,
290 STATE_CSPLIT_BULK_IN_NYET,
291 /* LS/FS Interrupt transactions via HS hub */
292 STATE_SSPLIT_INTERRUPT,
293 STATE_SSPLIT_INTERRUPT_OUT,
294 STATE_SSPLIT_INTERRUPT_OUT_DATA0,
295 STATE_SSPLIT_INTERRUPT_OUT_DATA1,
296 STATE_SSPLIT_INTERRUPT_IN,
297 STATE_CSPLIT_INTERRUPT,
298 STATE_CSPLIT_INTERRUPT_OUT,
299 STATE_CSPLIT_INTERRUPT_OUT_ACK,
300 STATE_CSPLIT_INTERRUPT_OUT_NAK,
301 STATE_CSPLIT_INTERRUPT_OUT_STALL,
302 STATE_CSPLIT_INTERRUPT_OUT_ERR,
303 STATE_CSPLIT_INTERRUPT_OUT_NYET,
304 STATE_CSPLIT_INTERRUPT_IN,
305 STATE_CSPLIT_INTERRUPT_IN_MDATA,
306 STATE_CSPLIT_INTERRUPT_IN_DATA0,
307 STATE_CSPLIT_INTERRUPT_IN_DATA1,
308 STATE_CSPLIT_INTERRUPT_IN_NAK,
309 STATE_CSPLIT_INTERRUPT_IN_STALL,
310 STATE_CSPLIT_INTERRUPT_IN_ERR,
311 STATE_CSPLIT_INTERRUPT_IN_NYET,
312 /* FS Isochronous transactions via HS hub */
313 STATE_SSPLIT_ISOCHRONOUS,
314 STATE_SSPLIT_ISOCHRONOUS_OUT,
315 STATE_SSPLIT_ISOCHRONOUS_OUT_DATA0,
316 STATE_SSPLIT_ISOCHRONOUS_IN,
317 STATE_CSPLIT_ISOCHRONOUS,
318 STATE_CSPLIT_ISOCHRONOUS_IN,
319 STATE_CSPLIT_ISOCHRONOUS_IN_DATA0,
320 STATE_CSPLIT_ISOCHRONOUS_IN_MDATA,
321 STATE_CSPLIT_ISOCHRONOUS_IN_ERR,
322 STATE_CSPLIT_ISOCHRONOUS_IN_NYET,
323 } usbll_state_t;
324
325 typedef enum usbll_ep_type {
326 USBLL_EP_UNKNOWN,
327 USBLL_EP_CONTROL,
328 USBLL_EP_BULK,
329 USBLL_EP_INTERRUPT,
330 USBLL_EP_ISOCHRONOUS,
331 } usbll_ep_type_t;
332
333 /* usbll_address_t represents the address
334 * of Host, Hub and Devices.
335 */
336 typedef struct {
337 guint8 flags; /* flags - Contains information if address is
338 * Host, Hub, Device or Broadcast.
339 */
340 guint8 device; /* device - Device or Hub Address */
341 guint8 endpoint; /* endpoint - It represents endpoint number for
342 * Device and port number for Hub.
343 */
344 } usbll_address_t;
345
346 typedef struct usbll_transaction_info {
347 guint32 starts_in;
348 guint8 pid;
349 guint8 address;
350 guint8 endpoint;
351 struct usbll_transaction_info *split_start;
352 struct usbll_transaction_info *split_complete;
353 } usbll_transaction_info_t;
354
355 typedef struct usbll_transfer_info {
356 /* First data packet number, used as reassembly key */
357 guint32 first_packet;
358 /* Offset this packet starts at */
359 guint32 offset;
360 usbll_ep_type_t type;
361 /* TRUE if data from host to device, FALSE when from device to host */
362 gboolean from_host;
363 /* FALSE if this is the last packet */
364 gboolean more_frags;
365 } usbll_transfer_info_t;
366
367 /* USB is a stateful protocol. The addresses of Data Packets
368 * and Handshake Packets depend on the packets before them.
369 *
370 * We maintain a static global pointer of the type usbll_data_t.
371 * Maintaining a pointer instead of a conversation helps in reducing
372 * memory usage, taking the following advantages:
373 * 1. Packets are always ordered.
374 * 2. Addresses of packets only up to last 3 packets are required.
375 *
376 * Previous pointer is used in the initial pass to link packets
377 * into transactions.
378 */
379 typedef struct usbll_data {
380 usbll_state_t transaction_state;
381 usbll_transaction_info_t *transaction;
382 struct usbll_data *prev;
383 struct usbll_data *next;
384 } usbll_data_t;
385
386 static usbll_data_t *usbll_data_ptr = NULL;
387
388 /* Transaction Translator arrays used only during first pass. */
389 static usbll_transaction_info_t ***tt_non_periodic;
390 static usbll_transaction_info_t ***tt_periodic;
391
392 typedef enum usbll_transfer_data {
393 USBLL_TRANSFER_NORMAL,
394 USBLL_TRANSFER_GET_DEVICE_DESCRIPTOR,
395 } usbll_transfer_data_t;
396
397 typedef struct usbll_endpoint_info {
398 usbll_ep_type_t type;
399 usbll_transfer_data_t data;
400 /* Maximum packet size, 0 if not known */
401 guint16 max_packet_size;
402 /* DATA0/DATA1 tracking to detect retransmissions */
403 guint8 last_data_pid;
404 /* Current transfer key, 0 if no transfer in progress */
405 guint32 active_transfer_key;
406 /* Offset where next packet should start at */
407 guint32 transfer_offset;
408 /* Last data packet length that was part of transfer */
409 guint32 last_data_len;
410 /* Transfer length if known, 0 if unknown */
411 guint32 requested_transfer_length;
412 } usbll_endpoint_info_t;
413
414 /* Endpoint info arrays used only during first pass. */
415 static usbll_endpoint_info_t **ep_info_in;
416 static usbll_endpoint_info_t **ep_info_out;
417
usbll_fragment_key_hash(gconstpointer k)418 static guint usbll_fragment_key_hash(gconstpointer k)
419 {
420 return GPOINTER_TO_UINT(k);
421 }
422
usbll_fragment_key_equal(gconstpointer k1,gconstpointer k2)423 static gint usbll_fragment_key_equal(gconstpointer k1, gconstpointer k2)
424 {
425 return GPOINTER_TO_UINT(k1) == GPOINTER_TO_UINT(k2);
426 }
427
usbll_fragment_key(const packet_info * pinfo _U_,const guint32 id,const void * data _U_)428 static gpointer usbll_fragment_key(const packet_info *pinfo _U_, const guint32 id, const void *data _U_)
429 {
430 return GUINT_TO_POINTER(id);
431 }
432
usbll_fragment_free_key(gpointer ptr _U_)433 static void usbll_fragment_free_key(gpointer ptr _U_)
434 {
435 /* there's nothing to be freed */
436 }
437
438 static const reassembly_table_functions usbll_reassembly_table_functions = {
439 .hash_func = usbll_fragment_key_hash,
440 .equal_func = usbll_fragment_key_equal,
441 .temporary_key_func = usbll_fragment_key,
442 .persistent_key_func = usbll_fragment_key,
443 .free_temporary_key_func = usbll_fragment_free_key,
444 .free_persistent_key_func = usbll_fragment_free_key,
445 };
446
447 static usbll_state_t
usbll_next_state(usbll_state_t state,guint8 pid)448 usbll_next_state(usbll_state_t state, guint8 pid)
449 {
450 if (pid == USB_PID_TOKEN_SOF)
451 {
452 return STATE_IDLE;
453 }
454 else if (pid == USB_PID_SPECIAL_PING)
455 {
456 return STATE_PING;
457 }
458 else if (pid == USB_PID_TOKEN_SETUP)
459 {
460 switch (state)
461 {
462 case STATE_SSPLIT_CONTROL: return STATE_SSPLIT_CONTROL_SETUP;
463 case STATE_CSPLIT_CONTROL: return STATE_CSPLIT_CONTROL_SETUP;
464 default: return STATE_SETUP;
465 }
466 }
467 else if (pid == USB_PID_TOKEN_OUT)
468 {
469 switch (state)
470 {
471 case STATE_SSPLIT_CONTROL: return STATE_SSPLIT_CONTROL_OUT;
472 case STATE_CSPLIT_CONTROL: return STATE_CSPLIT_CONTROL_OUT;
473 case STATE_SSPLIT_BULK: return STATE_SSPLIT_BULK_OUT;
474 case STATE_CSPLIT_BULK: return STATE_CSPLIT_BULK_OUT;
475 case STATE_SSPLIT_INTERRUPT: return STATE_SSPLIT_INTERRUPT_OUT;
476 case STATE_CSPLIT_INTERRUPT: return STATE_CSPLIT_INTERRUPT_OUT;
477 case STATE_SSPLIT_ISOCHRONOUS: return STATE_SSPLIT_ISOCHRONOUS_OUT;
478 default: return STATE_OUT;
479 }
480 }
481 else if (pid == USB_PID_TOKEN_IN)
482 {
483 switch (state)
484 {
485 case STATE_SSPLIT_CONTROL: return STATE_SSPLIT_CONTROL_IN;
486 case STATE_CSPLIT_CONTROL: return STATE_CSPLIT_CONTROL_IN;
487 case STATE_SSPLIT_BULK: return STATE_SSPLIT_BULK_IN;
488 case STATE_CSPLIT_BULK: return STATE_CSPLIT_BULK_IN;
489 case STATE_SSPLIT_INTERRUPT: return STATE_SSPLIT_INTERRUPT_IN;
490 case STATE_CSPLIT_INTERRUPT: return STATE_CSPLIT_INTERRUPT_IN;
491 case STATE_SSPLIT_ISOCHRONOUS: return STATE_SSPLIT_ISOCHRONOUS_IN;
492 case STATE_CSPLIT_ISOCHRONOUS: return STATE_CSPLIT_ISOCHRONOUS_IN;
493 default: return STATE_IN;
494 }
495 }
496 else if (pid == USB_PID_DATA_DATA0)
497 {
498 switch (state)
499 {
500 case STATE_IN: return STATE_IN_DATA0;
501 case STATE_OUT: return STATE_OUT_DATA0;
502 case STATE_SETUP: return STATE_SETUP_DATA0;
503 case STATE_SSPLIT_CONTROL_SETUP: return STATE_SSPLIT_CONTROL_SETUP_DATA0;
504 case STATE_SSPLIT_CONTROL_OUT: return STATE_SSPLIT_CONTROL_OUT_DATA0;
505 case STATE_CSPLIT_CONTROL_IN: return STATE_CSPLIT_CONTROL_IN_DATA0;
506 case STATE_SSPLIT_BULK_OUT: return STATE_SSPLIT_BULK_OUT_DATA0;
507 case STATE_CSPLIT_BULK_IN: return STATE_CSPLIT_BULK_IN_DATA0;
508 case STATE_SSPLIT_INTERRUPT_OUT: return STATE_SSPLIT_INTERRUPT_OUT_DATA0;
509 case STATE_CSPLIT_INTERRUPT_IN: return STATE_CSPLIT_INTERRUPT_IN_DATA0;
510 case STATE_SSPLIT_ISOCHRONOUS_OUT: return STATE_SSPLIT_ISOCHRONOUS_OUT_DATA0;
511 case STATE_CSPLIT_ISOCHRONOUS_IN: return STATE_CSPLIT_ISOCHRONOUS_IN_DATA0;
512 default: return STATE_INVALID;
513 }
514 }
515 else if (pid == USB_PID_DATA_DATA1)
516 {
517 switch (state)
518 {
519 case STATE_IN: return STATE_IN_DATA1;
520 case STATE_OUT: return STATE_OUT_DATA1;
521 case STATE_SSPLIT_CONTROL_OUT: return STATE_SSPLIT_CONTROL_OUT_DATA1;
522 case STATE_CSPLIT_CONTROL_IN: return STATE_CSPLIT_CONTROL_IN_DATA1;
523 case STATE_SSPLIT_BULK_OUT: return STATE_SSPLIT_BULK_OUT_DATA1;
524 case STATE_CSPLIT_BULK_IN: return STATE_CSPLIT_BULK_IN_DATA1;
525 case STATE_SSPLIT_INTERRUPT_OUT: return STATE_SSPLIT_INTERRUPT_OUT_DATA1;
526 case STATE_CSPLIT_INTERRUPT_IN: return STATE_CSPLIT_INTERRUPT_IN_DATA1;
527 default: return STATE_INVALID;
528 }
529 }
530 else if (pid == USB_PID_DATA_DATA2)
531 {
532 switch (state)
533 {
534 case STATE_IN: return STATE_IN_HS_ISOCHRONOUS_DATA2;
535 default: return STATE_INVALID;
536 }
537 }
538 else if (pid == USB_PID_DATA_MDATA)
539 {
540 switch (state)
541 {
542 case STATE_OUT: return STATE_OUT_HS_ISOCHRONOUS_MDATA;
543 case STATE_CSPLIT_INTERRUPT_IN: return STATE_CSPLIT_INTERRUPT_IN_MDATA;
544 case STATE_CSPLIT_ISOCHRONOUS_IN: return STATE_CSPLIT_ISOCHRONOUS_IN_MDATA;
545 default: return STATE_INVALID;
546 }
547 }
548 else if (pid == USB_PID_HANDSHAKE_ACK)
549 {
550 switch (state)
551 {
552 case STATE_IN_DATA0: return STATE_IN_ACK;
553 case STATE_IN_DATA1: return STATE_IN_ACK;
554 case STATE_OUT_DATA0: return STATE_OUT_ACK;
555 case STATE_OUT_DATA1: return STATE_OUT_ACK;
556 case STATE_PING: return STATE_PING_ACK;
557 case STATE_SETUP_DATA0: return STATE_SETUP_ACK;
558 case STATE_SSPLIT_CONTROL_SETUP_DATA0: return STATE_SSPLIT_CONTROL_SETUP_ACK;
559 case STATE_CSPLIT_CONTROL_SETUP: return STATE_CSPLIT_CONTROL_SETUP_ACK;
560 case STATE_SSPLIT_CONTROL_OUT_DATA0: return STATE_SSPLIT_CONTROL_OUT_ACK;
561 case STATE_SSPLIT_CONTROL_OUT_DATA1: return STATE_SSPLIT_CONTROL_OUT_ACK;
562 case STATE_CSPLIT_CONTROL_OUT: return STATE_CSPLIT_CONTROL_OUT_ACK;
563 case STATE_SSPLIT_CONTROL_IN: return STATE_SSPLIT_CONTROL_IN_ACK;
564 case STATE_SSPLIT_BULK_OUT_DATA0: return STATE_SSPLIT_BULK_OUT_ACK;
565 case STATE_SSPLIT_BULK_OUT_DATA1: return STATE_SSPLIT_BULK_OUT_ACK;
566 case STATE_SSPLIT_BULK_IN: return STATE_SSPLIT_BULK_IN_ACK;
567 case STATE_CSPLIT_BULK_OUT: return STATE_CSPLIT_BULK_OUT_ACK;
568 case STATE_CSPLIT_INTERRUPT_OUT: return STATE_CSPLIT_INTERRUPT_OUT_ACK;
569 default: return STATE_INVALID;
570 }
571 }
572 else if (pid == USB_PID_HANDSHAKE_NAK)
573 {
574 switch (state)
575 {
576 case STATE_IN: return STATE_IN_NAK;
577 case STATE_OUT_DATA0: return STATE_OUT_NAK;
578 case STATE_OUT_DATA1: return STATE_OUT_NAK;
579 case STATE_PING: return STATE_PING_NAK;
580 case STATE_SSPLIT_CONTROL_SETUP_DATA0: return STATE_SSPLIT_CONTROL_SETUP_NAK;
581 case STATE_SSPLIT_CONTROL_OUT_DATA0: return STATE_SSPLIT_CONTROL_OUT_NAK;
582 case STATE_SSPLIT_CONTROL_OUT_DATA1: return STATE_SSPLIT_CONTROL_OUT_NAK;
583 case STATE_SSPLIT_CONTROL_IN: return STATE_SSPLIT_CONTROL_IN_NAK;
584 case STATE_CSPLIT_CONTROL_OUT: return STATE_CSPLIT_CONTROL_OUT_NAK;
585 case STATE_CSPLIT_CONTROL_IN: return STATE_CSPLIT_CONTROL_IN_NAK;
586 case STATE_SSPLIT_BULK_OUT_DATA0: return STATE_SSPLIT_BULK_OUT_NAK;
587 case STATE_SSPLIT_BULK_OUT_DATA1: return STATE_SSPLIT_BULK_OUT_NAK;
588 case STATE_SSPLIT_BULK_IN: return STATE_SSPLIT_BULK_IN_NAK;
589 case STATE_CSPLIT_BULK_OUT: return STATE_CSPLIT_BULK_OUT_NAK;
590 case STATE_CSPLIT_BULK_IN: return STATE_CSPLIT_BULK_IN_NAK;
591 case STATE_CSPLIT_INTERRUPT_OUT: return STATE_CSPLIT_INTERRUPT_OUT_NAK;
592 case STATE_CSPLIT_INTERRUPT_IN: return STATE_CSPLIT_INTERRUPT_IN_NAK;
593 default: return STATE_INVALID;
594 }
595 }
596 else if (pid == USB_PID_HANDSHAKE_STALL)
597 {
598 switch (state)
599 {
600 case STATE_IN: return STATE_IN_STALL;
601 case STATE_OUT_DATA0: return STATE_OUT_STALL;
602 case STATE_OUT_DATA1: return STATE_OUT_STALL;
603 case STATE_PING: return STATE_PING_STALL;
604 case STATE_CSPLIT_CONTROL_OUT: return STATE_CSPLIT_CONTROL_OUT_STALL;
605 case STATE_CSPLIT_CONTROL_IN: return STATE_CSPLIT_CONTROL_IN_STALL;
606 case STATE_CSPLIT_BULK_OUT: return STATE_CSPLIT_BULK_OUT_STALL;
607 case STATE_CSPLIT_BULK_IN: return STATE_CSPLIT_BULK_IN_STALL;
608 case STATE_CSPLIT_INTERRUPT_OUT: return STATE_CSPLIT_INTERRUPT_OUT_STALL;
609 case STATE_CSPLIT_INTERRUPT_IN: return STATE_CSPLIT_INTERRUPT_IN_STALL;
610 default: return STATE_INVALID;
611 }
612 }
613 else if (pid == USB_PID_HANDSHAKE_NYET)
614 {
615 /* Allowed only in High-Speed */
616 switch (state)
617 {
618 case STATE_OUT_DATA0: return STATE_OUT_NYET;
619 case STATE_OUT_DATA1: return STATE_OUT_NYET;
620 case STATE_CSPLIT_CONTROL_SETUP: return STATE_CSPLIT_CONTROL_SETUP_NYET;
621 case STATE_CSPLIT_CONTROL_OUT: return STATE_CSPLIT_CONTROL_OUT_NYET;
622 case STATE_CSPLIT_CONTROL_IN: return STATE_CSPLIT_CONTROL_IN_NYET;
623 case STATE_CSPLIT_BULK_OUT: return STATE_CSPLIT_BULK_OUT_NYET;
624 case STATE_CSPLIT_BULK_IN: return STATE_CSPLIT_BULK_IN_NYET;
625 case STATE_CSPLIT_INTERRUPT_OUT: return STATE_CSPLIT_INTERRUPT_OUT_NYET;
626 case STATE_CSPLIT_INTERRUPT_IN: return STATE_CSPLIT_INTERRUPT_IN_NYET;
627 case STATE_CSPLIT_ISOCHRONOUS_IN: return STATE_CSPLIT_ISOCHRONOUS_IN_NYET;
628 default: return STATE_INVALID;
629 }
630 }
631 else if (pid == USB_PID_SPECIAL_PRE_OR_ERR)
632 {
633 switch (state)
634 {
635 case STATE_CSPLIT_INTERRUPT_OUT: return STATE_CSPLIT_INTERRUPT_OUT_ERR;
636 case STATE_CSPLIT_INTERRUPT_IN: return STATE_CSPLIT_INTERRUPT_IN_ERR;
637 case STATE_CSPLIT_ISOCHRONOUS_IN: return STATE_CSPLIT_ISOCHRONOUS_IN_ERR;
638 default: return STATE_IDLE;
639 }
640 }
641 else if (pid == USB_PID_SPECIAL_RESERVED)
642 {
643 /* TODO: Link Power Management */
644 }
645
646 /* SPLIT is not suitable for this function as the state cannot be
647 * determined by looking solely at PID.
648 */
649 DISSECTOR_ASSERT(pid != USB_PID_SPECIAL_SPLIT);
650
651 return STATE_IDLE;
652 }
653
usbll_is_non_periodic_split_start_token(usbll_state_t state)654 static gboolean usbll_is_non_periodic_split_start_token(usbll_state_t state)
655 {
656 switch (state)
657 {
658 case STATE_SSPLIT_CONTROL_SETUP:
659 case STATE_SSPLIT_CONTROL_OUT:
660 case STATE_SSPLIT_CONTROL_IN:
661 case STATE_SSPLIT_BULK_OUT:
662 case STATE_SSPLIT_BULK_IN:
663 return TRUE;
664 default:
665 return FALSE;
666 }
667
668 }
usbll_is_periodic_split_start_token(usbll_state_t state)669 static gboolean usbll_is_periodic_split_start_token(usbll_state_t state)
670 {
671 switch (state)
672 {
673 case STATE_SSPLIT_INTERRUPT_OUT:
674 case STATE_SSPLIT_INTERRUPT_IN:
675 case STATE_SSPLIT_ISOCHRONOUS_OUT:
676 case STATE_SSPLIT_ISOCHRONOUS_IN:
677 return TRUE;
678 default:
679 return FALSE;
680 }
681
682 }
usbll_is_split_start_token(usbll_state_t state)683 static gboolean usbll_is_split_start_token(usbll_state_t state)
684 {
685 return usbll_is_non_periodic_split_start_token(state) || usbll_is_periodic_split_start_token(state);
686 }
687
usbll_is_non_periodic_split_complete_token(usbll_state_t state)688 static gboolean usbll_is_non_periodic_split_complete_token(usbll_state_t state)
689 {
690 switch (state)
691 {
692 case STATE_CSPLIT_CONTROL_SETUP:
693 case STATE_CSPLIT_CONTROL_OUT:
694 case STATE_CSPLIT_CONTROL_IN:
695 case STATE_CSPLIT_BULK_OUT:
696 case STATE_CSPLIT_BULK_IN:
697 return TRUE;
698 default:
699 return FALSE;
700 }
701 }
702
usbll_is_periodic_split_complete_token(usbll_state_t state)703 static gboolean usbll_is_periodic_split_complete_token(usbll_state_t state)
704 {
705 switch (state)
706 {
707 case STATE_CSPLIT_INTERRUPT_OUT:
708 case STATE_CSPLIT_INTERRUPT_IN:
709 case STATE_CSPLIT_ISOCHRONOUS_IN:
710 return TRUE;
711 default:
712 return FALSE;
713 }
714 }
715
usbll_is_split_complete_token(usbll_state_t state)716 static gboolean usbll_is_split_complete_token(usbll_state_t state)
717 {
718 return usbll_is_non_periodic_split_complete_token(state) || usbll_is_periodic_split_complete_token(state);
719 }
720
usbll_is_split_token(usbll_state_t state)721 static gboolean usbll_is_split_token(usbll_state_t state)
722 {
723 return usbll_is_split_start_token(state) || usbll_is_split_complete_token(state);
724 }
725
usbll_is_non_split_token(usbll_state_t state)726 static gboolean usbll_is_non_split_token(usbll_state_t state)
727 {
728 switch (state)
729 {
730 case STATE_IN:
731 case STATE_OUT:
732 case STATE_PING:
733 case STATE_SETUP:
734 return TRUE;
735 default:
736 return FALSE;
737 }
738 }
739
usbll_is_setup_data(usbll_state_t state)740 static gboolean usbll_is_setup_data(usbll_state_t state)
741 {
742 switch (state)
743 {
744 case STATE_SETUP_DATA0:
745 case STATE_SSPLIT_CONTROL_SETUP_DATA0:
746 return TRUE;
747 default:
748 return FALSE;
749 }
750 }
751
usbll_is_data_from_host(usbll_state_t state)752 static gboolean usbll_is_data_from_host(usbll_state_t state)
753 {
754 switch (state)
755 {
756 case STATE_OUT_DATA0:
757 case STATE_OUT_DATA1:
758 case STATE_OUT_HS_ISOCHRONOUS_DATA2:
759 case STATE_OUT_HS_ISOCHRONOUS_MDATA:
760 case STATE_SETUP_DATA0:
761 case STATE_SSPLIT_CONTROL_SETUP_DATA0:
762 case STATE_SSPLIT_CONTROL_OUT_DATA0:
763 case STATE_SSPLIT_CONTROL_OUT_DATA1:
764 case STATE_SSPLIT_BULK_OUT_DATA0:
765 case STATE_SSPLIT_BULK_OUT_DATA1:
766 case STATE_SSPLIT_INTERRUPT_OUT_DATA0:
767 case STATE_SSPLIT_INTERRUPT_OUT_DATA1:
768 case STATE_SSPLIT_ISOCHRONOUS_OUT_DATA0:
769 return TRUE;
770 case STATE_IN_DATA0:
771 case STATE_IN_DATA1:
772 case STATE_IN_HS_ISOCHRONOUS_DATA2:
773 case STATE_CSPLIT_CONTROL_IN_DATA0:
774 case STATE_CSPLIT_CONTROL_IN_DATA1:
775 case STATE_CSPLIT_BULK_IN_DATA0:
776 case STATE_CSPLIT_BULK_IN_DATA1:
777 case STATE_CSPLIT_INTERRUPT_IN_MDATA:
778 case STATE_CSPLIT_INTERRUPT_IN_DATA0:
779 case STATE_CSPLIT_INTERRUPT_IN_DATA1:
780 case STATE_CSPLIT_ISOCHRONOUS_IN_DATA0:
781 case STATE_CSPLIT_ISOCHRONOUS_IN_MDATA:
782 return FALSE;
783 default:
784 DISSECTOR_ASSERT_NOT_REACHED();
785 }
786 }
787
usbll_addr_to_str(const address * addr,gchar * buf,int buf_len)788 static int usbll_addr_to_str(const address* addr, gchar *buf, int buf_len)
789 {
790 const usbll_address_t *addrp = (const usbll_address_t *)addr->data;
791
792 if (addrp->flags & USBLL_ADDRESS_HOST) {
793 (void) g_strlcpy(buf, "host", buf_len);
794 } else if (addrp->flags & USBLL_ADDRESS_BROADCAST) {
795 (void) g_strlcpy(buf, "broadcast", buf_len);
796 } else if (addrp->flags & USBLL_ADDRESS_HUB_PORT) {
797 /*
798 * In split transaction we use : to mark that the last part is port not
799 * endpoint.
800 */
801 g_snprintf(buf, buf_len, "%d:%d", addrp->device,
802 addrp->endpoint);
803 } else {
804 /* Just a standard address.endpoint notation. */
805 g_snprintf(buf, buf_len, "%d.%d", addrp->device,
806 addrp->endpoint);
807 }
808
809 return (int)(strlen(buf)+1);
810 }
811
usbll_addr_str_len(const address * addr _U_)812 static int usbll_addr_str_len(const address* addr _U_)
813 {
814 return 50; /* The same as for usb. */
815 }
816
817 static void
usbll_set_address(proto_tree * tree,tvbuff_t * tvb,packet_info * pinfo,guint8 device,guint8 endpoint,guint8 flags)818 usbll_set_address(proto_tree *tree, tvbuff_t *tvb, packet_info *pinfo,
819 guint8 device, guint8 endpoint, guint8 flags)
820 {
821 proto_item *sub_item;
822 usbll_address_t *src_addr, *dst_addr;
823 guint8 *str_src_addr, *str_dst_addr;
824
825 src_addr = wmem_new0(pinfo->pool, usbll_address_t);
826 dst_addr = wmem_new0(pinfo->pool, usbll_address_t);
827
828 if (USBLL_ADDRESS_IS_HOST_TO_DEV(flags)) {
829 src_addr->flags = USBLL_ADDRESS_HOST;
830
831 if (flags & USBLL_ADDRESS_BROADCAST) {
832 dst_addr->flags = USBLL_ADDRESS_BROADCAST;
833 pinfo->ptype = PT_NONE;
834 } else {
835 dst_addr->device = device;
836 dst_addr->endpoint = endpoint;
837 if (flags & USBLL_ADDRESS_HUB_PORT) {
838 dst_addr->flags = USBLL_ADDRESS_HUB_PORT;
839 pinfo->ptype = PT_NONE;
840 } else {
841 pinfo->ptype = PT_USB;
842 pinfo->destport = dst_addr->endpoint;
843 }
844 }
845 } else {
846 dst_addr->flags = USBLL_ADDRESS_HOST;
847 src_addr->device = device;
848 src_addr->endpoint = endpoint;
849 if (flags & USBLL_ADDRESS_HUB_PORT) {
850 src_addr->flags = USBLL_ADDRESS_HUB_PORT;
851 pinfo->ptype = PT_NONE;
852 } else {
853 pinfo->ptype = PT_USB;
854 pinfo->srcport = src_addr->endpoint;
855 pinfo->destport = NO_ENDPOINT;
856 }
857 }
858
859 pinfo->p2p_dir = USBLL_ADDRESS_IS_HOST_TO_DEV(flags) ? P2P_DIR_SENT : P2P_DIR_RECV;
860
861 set_address(&pinfo->net_src, usbll_address_type, sizeof(usbll_address_t), (char *)src_addr);
862 copy_address_shallow(&pinfo->src, &pinfo->net_src);
863
864 set_address(&pinfo->net_dst, usbll_address_type, sizeof(usbll_address_t), (char *)dst_addr);
865 copy_address_shallow(&pinfo->dst, &pinfo->net_dst);
866
867 str_src_addr = address_to_str(pinfo->pool, &pinfo->src);
868 str_dst_addr = address_to_str(pinfo->pool, &pinfo->dst);
869
870 sub_item = proto_tree_add_string(tree, hf_usbll_src, tvb, 0, 0, str_src_addr);
871 proto_item_set_generated(sub_item);
872
873 sub_item = proto_tree_add_string(tree, hf_usbll_addr, tvb, 0, 0, str_src_addr);
874 proto_item_set_hidden(sub_item);
875
876 sub_item = proto_tree_add_string(tree, hf_usbll_dst, tvb, 0, 0, str_dst_addr);
877 proto_item_set_generated(sub_item);
878
879 sub_item = proto_tree_add_string(tree, hf_usbll_addr, tvb, 0, 0, str_dst_addr);
880 proto_item_set_hidden(sub_item);
881 }
882
883 static void
usbll_generate_address(proto_tree * tree,tvbuff_t * tvb,packet_info * pinfo,usbll_data_t * data)884 usbll_generate_address(proto_tree *tree, tvbuff_t *tvb, packet_info *pinfo, usbll_data_t *data)
885 {
886 switch (data->transaction_state)
887 {
888 case STATE_IDLE:
889 case STATE_INVALID:
890 /* Do not set address if we are not sure about it */
891 break;
892 case STATE_IN:
893 case STATE_IN_ACK:
894 case STATE_OUT:
895 case STATE_OUT_DATA0:
896 case STATE_OUT_DATA1:
897 case STATE_OUT_HS_ISOCHRONOUS_DATA2:
898 case STATE_OUT_HS_ISOCHRONOUS_MDATA:
899 case STATE_PING:
900 case STATE_SETUP:
901 case STATE_SETUP_DATA0:
902 DISSECTOR_ASSERT(data->transaction != NULL);
903 usbll_set_address(tree, tvb, pinfo,
904 data->transaction->address, data->transaction->endpoint,
905 USBLL_ADDRESS_HOST_TO_DEV);
906 break;
907 case STATE_IN_DATA0:
908 case STATE_IN_DATA1:
909 case STATE_IN_HS_ISOCHRONOUS_DATA2:
910 case STATE_IN_NAK:
911 case STATE_IN_STALL:
912 case STATE_OUT_ACK:
913 case STATE_OUT_NAK:
914 case STATE_OUT_STALL:
915 case STATE_OUT_NYET:
916 case STATE_PING_ACK:
917 case STATE_PING_NAK:
918 case STATE_PING_STALL:
919 case STATE_SETUP_ACK:
920 DISSECTOR_ASSERT(data->transaction != NULL);
921 usbll_set_address(tree, tvb, pinfo,
922 data->transaction->address, data->transaction->endpoint,
923 USBLL_ADDRESS_DEV_TO_HOST);
924 break;
925 case STATE_SSPLIT_CONTROL:
926 case STATE_CSPLIT_CONTROL:
927 case STATE_SSPLIT_BULK:
928 case STATE_CSPLIT_BULK:
929 case STATE_SSPLIT_INTERRUPT:
930 case STATE_CSPLIT_INTERRUPT:
931 case STATE_SSPLIT_ISOCHRONOUS:
932 case STATE_CSPLIT_ISOCHRONOUS:
933 DISSECTOR_ASSERT(data->transaction != NULL);
934 usbll_set_address(tree, tvb, pinfo,
935 data->transaction->address, data->transaction->endpoint,
936 USBLL_ADDRESS_HOST_TO_DEV | USBLL_ADDRESS_HUB_PORT);
937 break;
938 case STATE_SSPLIT_CONTROL_SETUP:
939 case STATE_SSPLIT_CONTROL_SETUP_DATA0:
940 case STATE_SSPLIT_CONTROL_OUT:
941 case STATE_SSPLIT_CONTROL_OUT_DATA0:
942 case STATE_SSPLIT_CONTROL_OUT_DATA1:
943 case STATE_SSPLIT_CONTROL_IN:
944 case STATE_SSPLIT_BULK_OUT:
945 case STATE_SSPLIT_BULK_OUT_DATA0:
946 case STATE_SSPLIT_BULK_OUT_DATA1:
947 case STATE_SSPLIT_BULK_IN:
948 case STATE_SSPLIT_INTERRUPT_OUT:
949 case STATE_SSPLIT_INTERRUPT_OUT_DATA0:
950 case STATE_SSPLIT_INTERRUPT_OUT_DATA1:
951 case STATE_SSPLIT_INTERRUPT_IN:
952 case STATE_SSPLIT_ISOCHRONOUS_OUT:
953 case STATE_SSPLIT_ISOCHRONOUS_OUT_DATA0:
954 case STATE_SSPLIT_ISOCHRONOUS_IN:
955 DISSECTOR_ASSERT(data->transaction != NULL);
956 DISSECTOR_ASSERT(data->transaction->split_start != NULL);
957 usbll_set_address(tree, tvb, pinfo,
958 data->transaction->address, data->transaction->endpoint,
959 USBLL_ADDRESS_HOST_TO_DEV);
960 break;
961 case STATE_SSPLIT_CONTROL_SETUP_ACK:
962 case STATE_SSPLIT_CONTROL_SETUP_NAK:
963 case STATE_SSPLIT_CONTROL_OUT_ACK:
964 case STATE_SSPLIT_CONTROL_OUT_NAK:
965 case STATE_SSPLIT_CONTROL_IN_ACK:
966 case STATE_SSPLIT_CONTROL_IN_NAK:
967 case STATE_SSPLIT_BULK_OUT_ACK:
968 case STATE_SSPLIT_BULK_OUT_NAK:
969 case STATE_SSPLIT_BULK_IN_ACK:
970 case STATE_SSPLIT_BULK_IN_NAK:
971 DISSECTOR_ASSERT(data->transaction != NULL);
972 DISSECTOR_ASSERT(data->transaction->split_start != NULL);
973 usbll_set_address(tree, tvb, pinfo,
974 data->transaction->split_start->address, data->transaction->split_start->endpoint,
975 USBLL_ADDRESS_DEV_TO_HOST | USBLL_ADDRESS_HUB_PORT);
976 break;
977 case STATE_CSPLIT_CONTROL_SETUP:
978 case STATE_CSPLIT_CONTROL_OUT:
979 case STATE_CSPLIT_CONTROL_IN:
980 case STATE_CSPLIT_BULK_OUT:
981 case STATE_CSPLIT_BULK_IN:
982 case STATE_CSPLIT_INTERRUPT_OUT:
983 case STATE_CSPLIT_INTERRUPT_IN:
984 case STATE_CSPLIT_ISOCHRONOUS_IN:
985 DISSECTOR_ASSERT(data->transaction != NULL);
986 DISSECTOR_ASSERT(data->transaction->split_complete != NULL);
987 usbll_set_address(tree, tvb, pinfo,
988 data->transaction->address, data->transaction->endpoint,
989 USBLL_ADDRESS_HOST_TO_DEV);
990 break;
991 case STATE_CSPLIT_CONTROL_SETUP_ACK:
992 case STATE_CSPLIT_CONTROL_OUT_ACK:
993 case STATE_CSPLIT_CONTROL_OUT_NAK:
994 case STATE_CSPLIT_CONTROL_OUT_STALL:
995 case STATE_CSPLIT_CONTROL_IN_DATA0:
996 case STATE_CSPLIT_CONTROL_IN_DATA1:
997 case STATE_CSPLIT_CONTROL_IN_NAK:
998 case STATE_CSPLIT_CONTROL_IN_STALL:
999 case STATE_CSPLIT_BULK_OUT_ACK:
1000 case STATE_CSPLIT_BULK_OUT_NAK:
1001 case STATE_CSPLIT_BULK_OUT_STALL:
1002 case STATE_CSPLIT_BULK_IN_DATA0:
1003 case STATE_CSPLIT_BULK_IN_DATA1:
1004 case STATE_CSPLIT_BULK_IN_NAK:
1005 case STATE_CSPLIT_BULK_IN_STALL:
1006 case STATE_CSPLIT_INTERRUPT_OUT_ACK:
1007 case STATE_CSPLIT_INTERRUPT_OUT_NAK:
1008 case STATE_CSPLIT_INTERRUPT_OUT_STALL:
1009 case STATE_CSPLIT_INTERRUPT_IN_MDATA:
1010 case STATE_CSPLIT_INTERRUPT_IN_DATA0:
1011 case STATE_CSPLIT_INTERRUPT_IN_DATA1:
1012 case STATE_CSPLIT_INTERRUPT_IN_NAK:
1013 case STATE_CSPLIT_INTERRUPT_IN_STALL:
1014 case STATE_CSPLIT_ISOCHRONOUS_IN_DATA0:
1015 case STATE_CSPLIT_ISOCHRONOUS_IN_MDATA:
1016 DISSECTOR_ASSERT(data->transaction != NULL);
1017 DISSECTOR_ASSERT(data->transaction->split_complete != NULL);
1018 usbll_set_address(tree, tvb, pinfo,
1019 data->transaction->address, data->transaction->endpoint,
1020 USBLL_ADDRESS_DEV_TO_HOST);
1021 break;
1022 case STATE_CSPLIT_CONTROL_SETUP_NYET:
1023 case STATE_CSPLIT_CONTROL_OUT_NYET:
1024 case STATE_CSPLIT_CONTROL_IN_NYET:
1025 case STATE_CSPLIT_BULK_OUT_NYET:
1026 case STATE_CSPLIT_BULK_IN_NYET:
1027 case STATE_CSPLIT_INTERRUPT_OUT_ERR:
1028 case STATE_CSPLIT_INTERRUPT_OUT_NYET:
1029 case STATE_CSPLIT_INTERRUPT_IN_ERR:
1030 case STATE_CSPLIT_INTERRUPT_IN_NYET:
1031 case STATE_CSPLIT_ISOCHRONOUS_IN_ERR:
1032 case STATE_CSPLIT_ISOCHRONOUS_IN_NYET:
1033 DISSECTOR_ASSERT(data->transaction != NULL);
1034 usbll_set_address(tree, tvb, pinfo,
1035 data->transaction->address, data->transaction->endpoint,
1036 USBLL_ADDRESS_DEV_TO_HOST | USBLL_ADDRESS_HUB_PORT);
1037 break;
1038 default:
1039 DISSECTOR_ASSERT_NOT_REACHED();
1040 }
1041 }
1042
1043 static usbll_transaction_info_t *
tt_restore_transaction(packet_info * pinfo,usbll_state_t state,guint8 hub_address,guint8 port)1044 tt_restore_transaction(packet_info *pinfo, usbll_state_t state, guint8 hub_address, guint8 port)
1045 {
1046 /* The buffer is simply updated with each subsequent packet, this is fine
1047 * if and only if we access it only during first pass.
1048 */
1049 DISSECTOR_ASSERT(!PINFO_FD_VISITED(pinfo));
1050 DISSECTOR_ASSERT(usbll_is_split_complete_token(state));
1051 DISSECTOR_ASSERT(hub_address <= 127);
1052 DISSECTOR_ASSERT(port <= 127);
1053
1054 if (!tt_periodic || !tt_non_periodic)
1055 {
1056 /* No transaciton has been registered yet */
1057 return NULL;
1058 }
1059
1060 if (usbll_is_periodic_split_complete_token(state))
1061 {
1062 return tt_periodic[hub_address][port];
1063 }
1064 else
1065 {
1066 DISSECTOR_ASSERT(usbll_is_non_periodic_split_complete_token(state));
1067 return tt_non_periodic[hub_address][port];
1068 }
1069 }
1070
1071 static void
tt_store_transaction(packet_info * pinfo,usbll_state_t state,guint8 hub_address,guint8 port,usbll_transaction_info_t * transaction)1072 tt_store_transaction(packet_info *pinfo, usbll_state_t state, guint8 hub_address, guint8 port,
1073 usbll_transaction_info_t *transaction)
1074 {
1075 DISSECTOR_ASSERT(!PINFO_FD_VISITED(pinfo));
1076 DISSECTOR_ASSERT(usbll_is_split_start_token(state));
1077 DISSECTOR_ASSERT(hub_address <= 127);
1078 DISSECTOR_ASSERT(port <= 127);
1079
1080 if (!tt_periodic || !tt_non_periodic)
1081 {
1082 /* Lazy allocate lookup table. Both address and port are 7 bit numbers,
1083 * so simply allocate buffers capable to hold all possible combinations.
1084 */
1085 int i;
1086 tt_periodic = wmem_alloc_array(wmem_file_scope(), usbll_transaction_info_t **, 128);
1087 for (i = 0; i < 128; i++)
1088 {
1089 tt_periodic[i] = wmem_alloc0_array(wmem_file_scope(), usbll_transaction_info_t *, 128);
1090 }
1091 tt_non_periodic = wmem_alloc_array(wmem_file_scope(), usbll_transaction_info_t **, 128);
1092 for (i = 0; i < 128; i++)
1093 {
1094 tt_non_periodic[i] = wmem_alloc0_array(wmem_file_scope(), usbll_transaction_info_t *, 128);
1095 }
1096 }
1097
1098 if (usbll_is_periodic_split_start_token(state))
1099 {
1100 tt_periodic[hub_address][port] = transaction;
1101 }
1102 else
1103 {
1104 DISSECTOR_ASSERT(usbll_is_non_periodic_split_start_token(state));
1105 tt_non_periodic[hub_address][port] = transaction;
1106 }
1107 }
1108
1109 static usbll_ep_type_t
usbll_ep_type_from_urb_type(guint8 urb_type)1110 usbll_ep_type_from_urb_type(guint8 urb_type)
1111 {
1112 switch (urb_type)
1113 {
1114 case URB_ISOCHRONOUS: return USBLL_EP_ISOCHRONOUS;
1115 case URB_INTERRUPT: return USBLL_EP_INTERRUPT;
1116 case URB_CONTROL: return USBLL_EP_CONTROL;
1117 case URB_BULK: return USBLL_EP_BULK;
1118 default: return USBLL_EP_UNKNOWN;
1119 }
1120 }
1121
1122 static void
usbll_reset_endpoint_info(usbll_endpoint_info_t * info,usbll_ep_type_t type,guint16 max_packet_size)1123 usbll_reset_endpoint_info(usbll_endpoint_info_t *info, usbll_ep_type_t type, guint16 max_packet_size)
1124 {
1125 info->type = type;
1126 info->data = USBLL_TRANSFER_NORMAL;
1127 info->max_packet_size = max_packet_size;
1128 info->last_data_pid = 0;
1129 info->active_transfer_key = 0;
1130 info->transfer_offset = 0;
1131 info->last_data_len = 0;
1132 info->requested_transfer_length = 0;
1133 }
1134
usbll_init_endpoint_tables(void)1135 static void usbll_init_endpoint_tables(void)
1136 {
1137 /* Address is 7 bits (0 - 127), while endpoint is 4 bits (0 - 15) */
1138 int addr;
1139 ep_info_in = wmem_alloc_array(wmem_file_scope(), usbll_endpoint_info_t *, 128);
1140 for (addr = 0; addr < 128; addr++)
1141 {
1142 ep_info_in[addr] = wmem_alloc_array(wmem_file_scope(), usbll_endpoint_info_t, 16);
1143 }
1144 ep_info_out = wmem_alloc_array(wmem_file_scope(), usbll_endpoint_info_t *, 128);
1145 for (addr = 0; addr < 128; addr++)
1146 {
1147 ep_info_out[addr] = wmem_alloc_array(wmem_file_scope(), usbll_endpoint_info_t, 16);
1148 }
1149
1150 for (addr = 0; addr < 128; addr++)
1151 {
1152 int ep;
1153 /* Endpoint 0 is always control type */
1154 usbll_reset_endpoint_info(&ep_info_in[addr][0], USBLL_EP_CONTROL, 0);
1155 usbll_reset_endpoint_info(&ep_info_out[addr][0], USBLL_EP_CONTROL, 0);
1156 for (ep = 1; ep < 16; ep++)
1157 {
1158 usbll_reset_endpoint_info(&ep_info_in[addr][ep], USBLL_EP_UNKNOWN, 0);
1159 usbll_reset_endpoint_info(&ep_info_out[addr][ep], USBLL_EP_UNKNOWN, 0);
1160 }
1161 }
1162 }
1163
1164 static usbll_endpoint_info_t *
usbll_get_endpoint_info(packet_info * pinfo,guint8 addr,guint8 ep,gboolean from_host)1165 usbll_get_endpoint_info(packet_info *pinfo, guint8 addr, guint8 ep, gboolean from_host)
1166 {
1167 usbll_endpoint_info_t *info;
1168 DISSECTOR_ASSERT(!PINFO_FD_VISITED(pinfo));
1169 DISSECTOR_ASSERT(addr <= 127);
1170 DISSECTOR_ASSERT(ep <= 15);
1171
1172 if (!ep_info_in || !ep_info_out)
1173 {
1174 usbll_init_endpoint_tables();
1175 DISSECTOR_ASSERT(ep_info_in != NULL);
1176 DISSECTOR_ASSERT(ep_info_out != NULL);
1177 }
1178
1179 if (from_host)
1180 {
1181 info = &ep_info_out[addr][ep];
1182 }
1183 else
1184 {
1185 info = &ep_info_in[addr][ep];
1186 }
1187
1188 if (ep != 0)
1189 {
1190 /* Get endpoint type and max packet size from USB dissector
1191 * USB dissector gets the information from CONFIGURATION descriptor
1192 *
1193 * TODO: Reorganize USB dissector to call us whenever selected
1194 * configuration and/or interface changes. USB dissector
1195 * currently assumes only one configuration and that all
1196 * alternate interface settings have matching endpoint
1197 * information. This should be fixed but is good for now
1198 * as most devices fullfills this (wrong) assumption.
1199 */
1200 usb_conv_info_t *usb_conv_info;
1201 usbll_ep_type_t type = USBLL_EP_UNKNOWN;
1202 guint16 max_packet_size = 0;
1203 usb_conv_info = get_existing_usb_ep_conv_info(pinfo, 0, addr, ep);
1204 if (usb_conv_info && usb_conv_info->max_packet_size)
1205 {
1206 type = usbll_ep_type_from_urb_type(usb_conv_info->descriptor_transfer_type);
1207 max_packet_size = usb_conv_info->max_packet_size;
1208 }
1209 /* Reset endpoint info if endpoint parameters changed */
1210 if ((info->type != type) || (info->max_packet_size != max_packet_size))
1211 {
1212 usbll_reset_endpoint_info(info, type, max_packet_size);
1213 }
1214 }
1215
1216 return info;
1217 }
1218
1219 static gint
dissect_usbll_sof(tvbuff_t * tvb,packet_info * pinfo,proto_tree * tree,gint offset)1220 dissect_usbll_sof(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, gint offset)
1221 {
1222 guint32 frame;
1223 /* SOF Packets are broadcasted from Host to all devices. */
1224 usbll_set_address(tree, tvb, pinfo, 0, 0, USBLL_ADDRESS_HOST_TO_DEV | USBLL_ADDRESS_BROADCAST);
1225
1226 proto_tree_add_item_ret_uint(tree, hf_usbll_sof_framenum, tvb, offset, 2, ENC_LITTLE_ENDIAN, &frame);
1227 proto_tree_add_checksum(tree, tvb, offset,
1228 hf_usbll_crc5, hf_usbll_crc5_status, &ei_wrong_crc5, pinfo,
1229 crc5_usb_11bit_input(frame),
1230 ENC_LITTLE_ENDIAN, PROTO_CHECKSUM_VERIFY);
1231 offset += 2;
1232
1233 return offset;
1234 }
1235
1236 static gint
dissect_usbll_token(tvbuff_t * tvb,packet_info * pinfo,proto_tree * tree,gint offset,guint8 pid,usbll_data_t * data)1237 dissect_usbll_token(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, gint offset,
1238 guint8 pid, usbll_data_t *data)
1239 {
1240 guint8 device_address;
1241 guint8 endpoint;
1242 guint16 address_bits;
1243
1244 static int * const address_fields[] = {
1245 &hf_usbll_device_addr,
1246 &hf_usbll_endp,
1247 NULL
1248 };
1249
1250 address_bits = tvb_get_letohs(tvb, offset);
1251 device_address = TOKEN_BITS_GET_ADDRESS(address_bits);
1252 endpoint = TOKEN_BITS_GET_ENDPOINT(address_bits);
1253
1254 proto_tree_add_bitmask_list_value(tree, tvb, offset, 2, address_fields, address_bits);
1255 proto_tree_add_checksum(tree, tvb, offset,
1256 hf_usbll_crc5, hf_usbll_crc5_status, &ei_wrong_crc5, pinfo,
1257 crc5_usb_11bit_input(address_bits),
1258 ENC_LITTLE_ENDIAN, PROTO_CHECKSUM_VERIFY);
1259 offset += 2;
1260
1261 if (!PINFO_FD_VISITED(pinfo))
1262 {
1263 usbll_state_t prev_state;
1264 usbll_transaction_info_t *transaction = NULL;
1265 usbll_transaction_info_t *split_transaction = NULL;
1266
1267 prev_state = data->prev ? data->prev->transaction_state : STATE_IDLE;
1268 data->transaction_state = usbll_next_state(prev_state, pid);
1269
1270 DISSECTOR_ASSERT(usbll_is_non_split_token(data->transaction_state) ||
1271 usbll_is_split_token(data->transaction_state));
1272
1273 if (usbll_is_split_complete_token(data->transaction_state))
1274 {
1275 DISSECTOR_ASSERT(data->prev != NULL);
1276 DISSECTOR_ASSERT(data->prev->transaction != NULL);
1277 DISSECTOR_ASSERT(data->prev->transaction->pid == USB_PID_SPECIAL_SPLIT);
1278 split_transaction = data->prev->transaction;
1279
1280 transaction = tt_restore_transaction(pinfo, data->transaction_state,
1281 split_transaction->address, split_transaction->endpoint);
1282
1283 if (transaction == NULL)
1284 {
1285 /* Most likely capture simply misses Split Start */
1286 transaction = wmem_new0(wmem_file_scope(), usbll_transaction_info_t);
1287 transaction->pid = pid;
1288 transaction->address = device_address;
1289 transaction->endpoint = endpoint;
1290 }
1291
1292 transaction->split_complete = data->prev->transaction;
1293 }
1294 else
1295 {
1296 transaction = wmem_new0(wmem_file_scope(), usbll_transaction_info_t);
1297 transaction->starts_in = pinfo->num;
1298 transaction->pid = pid;
1299 transaction->address = device_address;
1300 transaction->endpoint = endpoint;
1301 }
1302
1303 if (usbll_is_split_start_token(data->transaction_state))
1304 {
1305 DISSECTOR_ASSERT(data->prev != NULL);
1306 DISSECTOR_ASSERT(data->prev->transaction != NULL);
1307 DISSECTOR_ASSERT(data->prev->transaction->pid == USB_PID_SPECIAL_SPLIT);
1308 transaction->split_start = data->prev->transaction;
1309
1310 tt_store_transaction(pinfo, data->transaction_state,
1311 transaction->split_start->address, transaction->split_start->endpoint,
1312 transaction);
1313 }
1314
1315 data->transaction = transaction;
1316 }
1317
1318 return offset;
1319 }
1320
1321 static gboolean
packet_ends_transfer(usbll_endpoint_info_t * ep_info,guint32 offset,gint data_size)1322 packet_ends_transfer(usbll_endpoint_info_t *ep_info, guint32 offset, gint data_size)
1323 {
1324 DISSECTOR_ASSERT(ep_info->type != USBLL_EP_UNKNOWN);
1325
1326 if (ep_info->requested_transfer_length != 0)
1327 {
1328 /* We know requested transfer length */
1329 if (offset + data_size >= ep_info->requested_transfer_length)
1330 {
1331 /* No more data needed */
1332 return TRUE;
1333 }
1334 /* else check max packet size as transfer can end prematurely */
1335 }
1336 else
1337 {
1338 DISSECTOR_ASSERT(ep_info->type != USBLL_EP_CONTROL);
1339 DISSECTOR_ASSERT(ep_info->max_packet_size != 0);
1340 /* We don't know requested transfer length, for bulk transfers
1341 * assume that transfer can be larger than max packet length,
1342 * for periodic transfers assume transfer is not larger than
1343 * max packet length.
1344 */
1345 if (ep_info->type != USBLL_EP_BULK)
1346 {
1347 return TRUE;
1348 }
1349 }
1350
1351 if (ep_info->max_packet_size)
1352 {
1353 return data_size < ep_info->max_packet_size;
1354 }
1355
1356 DISSECTOR_ASSERT(ep_info->type == USBLL_EP_CONTROL);
1357 /* This code is valid only for high-speed control endpoints */
1358 if (data_size < 64)
1359 {
1360 return TRUE;
1361 }
1362
1363 return FALSE;
1364 }
1365
is_get_device_descriptor(guint8 setup[8])1366 static gboolean is_get_device_descriptor(guint8 setup[8])
1367 {
1368 guint16 lang_id = setup[4] | (setup[5] << 8);
1369 guint16 length = setup[6] | (setup[7] << 8);
1370 return (setup[0] == USB_DIR_IN) &&
1371 (setup[1] == USB_SETUP_GET_DESCRIPTOR) &&
1372 (setup[2] == 0x00) && /* Descriptor Index */
1373 (setup[3] == 0x01) && /* DEVICE descriptor */
1374 (lang_id == 0x00) && /* no language specified */
1375 (length >= 8); /* atleast 8 bytes needed to get bMaxPacketSize0 */
1376 }
1377
1378 static gint
dissect_usbll_data(tvbuff_t * tvb,packet_info * pinfo,proto_tree * tree,int offset,guint8 pid,usbll_data_t * data)1379 dissect_usbll_data(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset,
1380 guint8 pid, usbll_data_t *data)
1381 {
1382 /* TODO: How to determine the expected DATA size? */
1383 guint16 computed_crc, actual_crc;
1384 gint data_offset = offset;
1385 gint data_size = tvb_reported_length_remaining(tvb, offset) - 2;
1386 proto_item *data_item = NULL;
1387 usbll_transfer_info_t *transfer = NULL;
1388
1389 if (data_size > 0) {
1390 data_item = proto_tree_add_item(tree, hf_usbll_data, tvb, offset, data_size, ENC_NA);
1391 offset += data_size;
1392 }
1393
1394 actual_crc = tvb_get_letohs(tvb, offset);
1395 computed_crc = crc16_usb_tvb_offset(tvb, 1, offset - 1);
1396 proto_tree_add_checksum(tree, tvb, offset,
1397 hf_usbll_data_crc, hf_usbll_data_crc_status, &ei_wrong_crc16, pinfo,
1398 computed_crc, ENC_LITTLE_ENDIAN, PROTO_CHECKSUM_VERIFY);
1399 offset += 2;
1400
1401 if (!PINFO_FD_VISITED(pinfo))
1402 {
1403 usbll_state_t prev_state;
1404
1405 prev_state = data->prev ? data->prev->transaction_state : STATE_IDLE;
1406 data->transaction_state = usbll_next_state(prev_state, pid);
1407 if (data->transaction_state != STATE_INVALID)
1408 {
1409 DISSECTOR_ASSERT(data->prev != NULL);
1410 DISSECTOR_ASSERT(data->prev->transaction != NULL);
1411 data->transaction = data->prev->transaction;
1412 }
1413 }
1414
1415 if (actual_crc != computed_crc)
1416 {
1417 /* Do not reassemble on CRC error */
1418 return offset;
1419 }
1420
1421 if (usbll_is_setup_data(data->transaction_state))
1422 {
1423 if (data_size != 8)
1424 {
1425 expert_add_info(pinfo, data_item, &ei_invalid_setup_data);
1426 }
1427 else if (!PINFO_FD_VISITED(pinfo))
1428 {
1429 usbll_endpoint_info_t *ep_out, *ep_in;
1430 ep_out = usbll_get_endpoint_info(pinfo, data->transaction->address, data->transaction->endpoint, TRUE);
1431 ep_in = usbll_get_endpoint_info(pinfo, data->transaction->address, data->transaction->endpoint, FALSE);
1432 /* Check if SETUP data is indeed to control endpoint (discard if targtet endpoint is not control).
1433 * Practically all control transfers are to endpoint 0 which is always control endpoint.
1434 */
1435 if ((ep_out->type == USBLL_EP_CONTROL) && (ep_in->type == USBLL_EP_CONTROL))
1436 {
1437 guint8 setup[8];
1438 gboolean data_stage_from_host;
1439 guint16 requested_length;
1440
1441 tvb_memcpy(tvb, setup, data_offset, 8);
1442
1443 /* bmRequestType D7 0 = Host-to-device, 1 = Device-to-host */
1444 data_stage_from_host = (setup[0] & 0x80) ? FALSE : TRUE;
1445 /* wLength */
1446 requested_length = setup[6] | (setup[7] << 8);
1447
1448 usbll_reset_endpoint_info(ep_out, USBLL_EP_CONTROL, ep_out->max_packet_size);
1449 usbll_reset_endpoint_info(ep_in, USBLL_EP_CONTROL, ep_in->max_packet_size);
1450
1451 transfer = wmem_new0(wmem_file_scope(), usbll_transfer_info_t);
1452 transfer->first_packet = pinfo->num;
1453 transfer->offset = 0;
1454 transfer->type = USBLL_EP_CONTROL;
1455 transfer->from_host = TRUE; /* SETUP is always from host to sevice */
1456
1457 if (requested_length > 0)
1458 {
1459 if (data_stage_from_host)
1460 {
1461 /* Merge SETUP data with OUT Data to pass to USB dissector */
1462 transfer->more_frags = TRUE;
1463 ep_out->active_transfer_key = pinfo->num;
1464 ep_out->requested_transfer_length = requested_length;
1465 ep_out->transfer_offset = 8;
1466 ep_out->last_data_pid = pid;
1467 /* If SETUP is sent again, it always starts a new transfer.
1468 * If we receive DATA0 next then it is really a host failure.
1469 * Do not "overwrite" the 8 SETUP bytes in such case.
1470 */
1471 ep_out->last_data_len = 0;
1472 }
1473 else
1474 {
1475 transfer->more_frags = FALSE;
1476 /* Expect requested_length when reading from control endpoint.
1477 * The data should start with DATA1. If we receive DATA0 then
1478 * is is really device failure.
1479 */
1480 ep_in->requested_transfer_length = requested_length;
1481 ep_in->last_data_pid = pid;
1482 ep_in->last_data_len = 0;
1483 }
1484 }
1485
1486 if (is_get_device_descriptor(setup))
1487 {
1488 ep_in->data = USBLL_TRANSFER_GET_DEVICE_DESCRIPTOR;
1489 }
1490
1491 wmem_map_insert(transfer_info, GUINT_TO_POINTER(pinfo->num), transfer);
1492 }
1493 }
1494 }
1495 else if (!PINFO_FD_VISITED(pinfo))
1496 {
1497 usbll_endpoint_info_t *ep_info;
1498 gboolean from_host;
1499
1500 from_host = usbll_is_data_from_host(data->transaction_state);
1501 ep_info = usbll_get_endpoint_info(pinfo, data->transaction->address, data->transaction->endpoint, from_host);
1502
1503 if (ep_info->type == USBLL_EP_CONTROL)
1504 {
1505 if (ep_info->requested_transfer_length > 0)
1506 {
1507 if (pid == ep_info->last_data_pid)
1508 {
1509 if (ep_info->last_data_len == 0)
1510 {
1511 /* We received DATA0 immediately after SETUP (as response to OUT or IN)
1512 * Do not reassemble the data, instead mark it as unexpected PID.
1513 */
1514 data->transaction_state = STATE_INVALID;
1515 }
1516 else
1517 {
1518 /* Retransmission */
1519 transfer = wmem_new0(wmem_file_scope(), usbll_transfer_info_t);
1520 transfer->first_packet = ep_info->active_transfer_key;
1521 transfer->offset = ep_info->transfer_offset - ep_info->last_data_len;
1522 transfer->type = USBLL_EP_CONTROL;
1523 transfer->from_host = from_host;
1524 transfer->more_frags = !packet_ends_transfer(ep_info, transfer->offset, data_size);
1525 wmem_map_insert(transfer_info, GUINT_TO_POINTER(pinfo->num), transfer);
1526 /* Do not update endpoint info, previously transferred packet must have
1527 * the same data length as retransmitted packet.
1528 */
1529 }
1530 }
1531 else if ((pid == USB_PID_DATA_DATA0) || (pid == USB_PID_DATA_DATA1))
1532 {
1533 if (ep_info->active_transfer_key == 0)
1534 {
1535 /* This is allowed only when Data stage is from device to host */
1536 DISSECTOR_ASSERT(!from_host);
1537 DISSECTOR_ASSERT(ep_info->transfer_offset == 0);
1538 DISSECTOR_ASSERT(ep_info->last_data_len == 0);
1539 ep_info->active_transfer_key = pinfo->num;
1540
1541 if ((ep_info->data == USBLL_TRANSFER_GET_DEVICE_DESCRIPTOR) && (data_size >= 8))
1542 {
1543 usbll_endpoint_info_t *ep_out;
1544 ep_out = usbll_get_endpoint_info(pinfo, data->transaction->address, data->transaction->endpoint, TRUE);
1545 ep_info->max_packet_size = tvb_get_guint8(tvb, data_offset + 7);
1546 ep_out->max_packet_size = ep_info->max_packet_size;
1547 }
1548 }
1549 transfer = wmem_new0(wmem_file_scope(), usbll_transfer_info_t);
1550 transfer->first_packet = ep_info->active_transfer_key;
1551 transfer->offset = ep_info->transfer_offset;
1552 transfer->type = USBLL_EP_CONTROL;
1553 transfer->from_host = from_host;
1554 transfer->more_frags = !packet_ends_transfer(ep_info, transfer->offset, data_size);
1555 wmem_map_insert(transfer_info, GUINT_TO_POINTER(pinfo->num), transfer);
1556
1557 ep_info->last_data_pid = pid;
1558 ep_info->transfer_offset += data_size;
1559 ep_info->last_data_len = data_size;
1560 }
1561 else
1562 {
1563 /* Only DATA0 and DATA1 are allowed in Control transfers */
1564 data->transaction_state = STATE_INVALID;
1565 }
1566 }
1567 else
1568 {
1569 /* We don't know anything about the control transfer.
1570 * Most likely the capture is incomplete, there's nothing to be done here.
1571 */
1572 }
1573 }
1574 else if ((ep_info->type == USBLL_EP_BULK) ||
1575 (ep_info->type == USBLL_EP_INTERRUPT) ||
1576 (ep_info->type == USBLL_EP_ISOCHRONOUS))
1577 {
1578 if (pid == ep_info->last_data_pid)
1579 {
1580 /* Retransmission */
1581 DISSECTOR_ASSERT(ep_info->active_transfer_key != 0);
1582 transfer = wmem_new0(wmem_file_scope(), usbll_transfer_info_t);
1583 transfer->first_packet = ep_info->active_transfer_key;
1584 transfer->offset = ep_info->transfer_offset - ep_info->last_data_len;
1585 transfer->type = ep_info->type;
1586 transfer->from_host = from_host;
1587 transfer->more_frags = !packet_ends_transfer(ep_info, transfer->offset, data_size);
1588 wmem_map_insert(transfer_info, GUINT_TO_POINTER(pinfo->num), transfer);
1589 /* Do not update endpoint info, previously transferred packet must have
1590 * the same data length as retransmitted packet.
1591 */
1592 }
1593 else if ((ep_info->active_transfer_key == 0) ||
1594 packet_ends_transfer(ep_info, ep_info->transfer_offset, ep_info->last_data_len))
1595 {
1596 /* Packet starts new transfer */
1597 transfer = wmem_new0(wmem_file_scope(), usbll_transfer_info_t);
1598 transfer->first_packet = pinfo->num;
1599 transfer->offset = 0;
1600 transfer->type = ep_info->type;
1601 transfer->from_host = from_host;
1602 transfer->more_frags = !packet_ends_transfer(ep_info, transfer->offset, data_size);
1603 wmem_map_insert(transfer_info, GUINT_TO_POINTER(pinfo->num), transfer);
1604
1605 ep_info->last_data_pid = pid;
1606 ep_info->active_transfer_key = pinfo->num;
1607 ep_info->transfer_offset = data_size;
1608 ep_info->last_data_len = data_size;
1609 }
1610 else
1611 {
1612 transfer = wmem_new0(wmem_file_scope(), usbll_transfer_info_t);
1613 transfer->first_packet = ep_info->active_transfer_key;
1614 transfer->offset = ep_info->transfer_offset;
1615 transfer->type = ep_info->type;
1616 transfer->from_host = from_host;
1617 transfer->more_frags = !packet_ends_transfer(ep_info, transfer->offset, data_size);
1618 wmem_map_insert(transfer_info, GUINT_TO_POINTER(pinfo->num), transfer);
1619
1620 ep_info->last_data_pid = pid;
1621 ep_info->transfer_offset += data_size;
1622 ep_info->last_data_len = data_size;
1623 }
1624 }
1625 }
1626
1627 transfer = (usbll_transfer_info_t *)wmem_map_lookup(transfer_info, GUINT_TO_POINTER(pinfo->num));
1628 if (transfer)
1629 {
1630 tvbuff_t *transfer_tvb;
1631
1632 if ((transfer->first_packet == pinfo->num) && (!transfer->more_frags))
1633 {
1634 /* No multi-packet reassembly needed, simply construct tvb */
1635 transfer_tvb = tvb_new_subset_length(tvb, data_offset, data_size);
1636 add_new_data_source(pinfo, transfer_tvb, "USB transfer");
1637 }
1638 else
1639 {
1640 fragment_head *head;
1641 head = fragment_add_check(&usbll_reassembly_table, tvb, data_offset,
1642 pinfo, transfer->first_packet, NULL,
1643 transfer->offset, data_size, transfer->more_frags);
1644 transfer_tvb = process_reassembled_data(tvb, data_offset, pinfo,
1645 "USB transfer", head, &usbll_frag_items,
1646 NULL, tree);
1647 }
1648
1649 if (transfer_tvb != NULL)
1650 {
1651 usb_pseudo_urb_t pseudo_urb;
1652 pseudo_urb.from_host = transfer->from_host;
1653 switch (transfer->type)
1654 {
1655 case USBLL_EP_UNKNOWN:
1656 pseudo_urb.transfer_type = URB_UNKNOWN;
1657 break;
1658 case USBLL_EP_CONTROL:
1659 pseudo_urb.transfer_type = URB_CONTROL;
1660 break;
1661 case USBLL_EP_BULK:
1662 pseudo_urb.transfer_type = URB_BULK;
1663 break;
1664 case USBLL_EP_INTERRUPT:
1665 pseudo_urb.transfer_type = URB_INTERRUPT;
1666 break;
1667 case USBLL_EP_ISOCHRONOUS:
1668 pseudo_urb.transfer_type = URB_ISOCHRONOUS;
1669 break;
1670 default:
1671 DISSECTOR_ASSERT_NOT_REACHED();
1672 }
1673 pseudo_urb.device_address = data->transaction->address;
1674 pseudo_urb.endpoint = data->transaction->endpoint;
1675 pseudo_urb.bus_id = 0;
1676 dissect_usb_common(transfer_tvb, pinfo, proto_tree_get_parent_tree(tree),
1677 USB_HEADER_PSEUDO_URB, &pseudo_urb);
1678 }
1679 }
1680
1681 return offset;
1682 }
1683
1684 static gint
dissect_usbll_split(tvbuff_t * tvb,packet_info * pinfo,proto_tree * tree,gint offset,guint8 pid,usbll_data_t * data)1685 dissect_usbll_split(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, gint offset,
1686 guint8 pid, usbll_data_t *data)
1687 {
1688 guint8 hub_address;
1689 guint8 hub_port;
1690 proto_item *split_e_u;
1691 proto_item *split_s;
1692
1693 gint32 tmp = tvb_get_gint24(tvb, offset, ENC_LITTLE_ENDIAN);
1694
1695 hub_address = SPLIT_BITS_GET_HUB_ADDRESS(tmp);
1696 hub_port = SPLIT_BITS_GET_HUB_PORT(tmp);
1697
1698 col_append_str(pinfo->cinfo, COL_INFO, (tmp & SPLIT_BIT_START_COMPLETE) ? " Complete" : " Start");
1699
1700 proto_tree_add_uint(tree, hf_usbll_split_hub_addr, tvb, offset, 3, tmp);
1701 proto_tree_add_uint(tree, hf_usbll_split_sc, tvb, offset, 3, tmp);
1702 proto_tree_add_uint(tree, hf_usbll_split_port, tvb, offset, 3, tmp);
1703
1704 if (tmp & SPLIT_BIT_START_COMPLETE) {
1705 proto_tree_add_uint(tree, hf_usbll_split_s, tvb, offset, 3, tmp);
1706 split_e_u = proto_tree_add_uint(tree, hf_usbll_split_u, tvb, offset, 3, tmp);
1707
1708 if (tmp & SPLIT_BIT_E_U)
1709 expert_add_info(pinfo, split_e_u, &ei_invalid_e_u);
1710 } else {
1711 /* S/E fields have special meaning for Isochronous OUT transfers. */
1712 if (data->next && data->next->transaction_state == STATE_SSPLIT_ISOCHRONOUS_OUT) {
1713 DISSECTOR_ASSERT(SPLIT_BITS_GET_ENDPOINT_TYPE(tmp) == USB_EP_TYPE_ISOCHRONOUS);
1714 proto_tree_add_uint(tree, hf_usbll_split_iso_se, tvb, offset, 3, tmp);
1715 } else if (SPLIT_BITS_GET_ENDPOINT_TYPE(tmp) != USB_EP_TYPE_ISOCHRONOUS) {
1716 split_s = proto_tree_add_uint(tree, hf_usbll_split_s, tvb, offset, 3, tmp);
1717 split_e_u = proto_tree_add_uint(tree, hf_usbll_split_e, tvb, offset, 3, tmp);
1718
1719 if ((SPLIT_BITS_GET_ENDPOINT_TYPE(tmp) == USB_EP_TYPE_BULK) && (tmp & SPLIT_BIT_SPEED))
1720 expert_add_info(pinfo, split_s, &ei_invalid_s);
1721 if (tmp & SPLIT_BIT_E_U)
1722 expert_add_info(pinfo, split_e_u, &ei_invalid_e_u);
1723 } else if (data->next &&
1724 (data->next->transaction_state == STATE_SSPLIT_ISOCHRONOUS_IN ||
1725 data->next->transaction_state == STATE_CSPLIT_ISOCHRONOUS_IN)) {
1726 DISSECTOR_ASSERT(SPLIT_BITS_GET_ENDPOINT_TYPE(tmp) == USB_EP_TYPE_ISOCHRONOUS);
1727 split_s = proto_tree_add_uint(tree, hf_usbll_split_s, tvb, offset, 3, tmp);
1728 split_e_u = proto_tree_add_uint(tree, hf_usbll_split_e, tvb, offset, 3, tmp);
1729
1730 if (tmp & SPLIT_BIT_SPEED)
1731 expert_add_info(pinfo, split_s, &ei_invalid_s);
1732 if (tmp & SPLIT_BIT_E_U)
1733 expert_add_info(pinfo, split_e_u, &ei_invalid_e_u);
1734 }
1735 }
1736 proto_tree_add_uint(tree, hf_usbll_split_et, tvb, offset, 3, tmp);
1737
1738 proto_tree_add_checksum(tree, tvb, offset,
1739 hf_usbll_split_crc5, hf_usbll_split_crc5_status, &ei_wrong_split_crc5, pinfo,
1740 crc5_usb_19bit_input(tmp),
1741 ENC_LITTLE_ENDIAN, PROTO_CHECKSUM_VERIFY);
1742 offset += 3;
1743
1744 if (!PINFO_FD_VISITED(pinfo))
1745 {
1746 usbll_transaction_info_t *transaction;
1747 transaction = wmem_new0(wmem_file_scope(), usbll_transaction_info_t);
1748 transaction->starts_in = pinfo->num;
1749 transaction->pid = pid;
1750 transaction->address = hub_address;
1751 transaction->endpoint = hub_port;
1752
1753 data->transaction = transaction;
1754 if (tmp & SPLIT_BIT_START_COMPLETE)
1755 {
1756 switch (SPLIT_BITS_GET_ENDPOINT_TYPE(tmp))
1757 {
1758 case USB_EP_TYPE_CONTROL:
1759 data->transaction_state = STATE_CSPLIT_CONTROL;
1760 break;
1761 case USB_EP_TYPE_ISOCHRONOUS:
1762 data->transaction_state = STATE_CSPLIT_ISOCHRONOUS;
1763 break;
1764 case USB_EP_TYPE_BULK:
1765 data->transaction_state = STATE_CSPLIT_BULK;
1766 break;
1767 case USB_EP_TYPE_INTERRUPT:
1768 data->transaction_state = STATE_CSPLIT_INTERRUPT;
1769 break;
1770 }
1771 }
1772 else
1773 {
1774 switch (SPLIT_BITS_GET_ENDPOINT_TYPE(tmp))
1775 {
1776 case USB_EP_TYPE_CONTROL:
1777 data->transaction_state = STATE_SSPLIT_CONTROL;
1778 break;
1779 case USB_EP_TYPE_ISOCHRONOUS:
1780 data->transaction_state = STATE_SSPLIT_ISOCHRONOUS;
1781 break;
1782 case USB_EP_TYPE_BULK:
1783 data->transaction_state = STATE_SSPLIT_BULK;
1784 break;
1785 case USB_EP_TYPE_INTERRUPT:
1786 data->transaction_state = STATE_SSPLIT_INTERRUPT;
1787 break;
1788 }
1789 }
1790 }
1791
1792 return offset;
1793 }
1794
1795 static gint
dissect_usbll_handshake(tvbuff_t * tvb _U_,packet_info * pinfo _U_,proto_tree * tree _U_,int offset,guint8 pid,usbll_data_t * data)1796 dissect_usbll_handshake(tvbuff_t *tvb _U_, packet_info *pinfo _U_, proto_tree *tree _U_, int offset,
1797 guint8 pid, usbll_data_t *data)
1798 {
1799 if (!PINFO_FD_VISITED(pinfo))
1800 {
1801 usbll_state_t prev_state;
1802
1803 prev_state = data->prev ? data->prev->transaction_state : STATE_IDLE;
1804 data->transaction_state = usbll_next_state(prev_state, pid);
1805
1806 if (data->transaction_state != STATE_INVALID)
1807 {
1808 DISSECTOR_ASSERT(data->prev != NULL);
1809 DISSECTOR_ASSERT(data->prev->transaction != NULL);
1810 data->transaction = data->prev->transaction;
1811 }
1812 }
1813
1814 return offset;
1815 }
1816
1817 static usbll_data_t *
usbll_restore_data(packet_info * pinfo)1818 usbll_restore_data(packet_info *pinfo)
1819 {
1820 return (usbll_data_t *)p_get_proto_data(wmem_file_scope(), pinfo, proto_usbll, pinfo->num);
1821 }
1822
1823 static usbll_data_t *
usbll_create_data(packet_info * pinfo)1824 usbll_create_data(packet_info *pinfo)
1825 {
1826 /* allocate a data structure, as it is the first call on this frame. */
1827 usbll_data_t *n_data_ptr = wmem_new0(wmem_file_scope(), usbll_data_t);
1828
1829 p_add_proto_data(wmem_file_scope(), pinfo, proto_usbll, pinfo->num, n_data_ptr);
1830
1831 if (usbll_data_ptr)
1832 *n_data_ptr = *usbll_data_ptr;
1833
1834 n_data_ptr->transaction_state = STATE_IDLE;
1835 n_data_ptr->prev = usbll_data_ptr;
1836 if (n_data_ptr->prev)
1837 {
1838 n_data_ptr->prev->next = n_data_ptr;
1839 }
1840
1841 return n_data_ptr;
1842 }
1843
1844 static void
usbll_cleanup_data(void)1845 usbll_cleanup_data(void)
1846 {
1847 usbll_data_ptr = NULL;
1848 tt_non_periodic = NULL;
1849 tt_periodic = NULL;
1850 ep_info_in = NULL;
1851 ep_info_out = NULL;
1852 }
1853
1854 static int
dissect_usbll_packet(tvbuff_t * tvb,packet_info * pinfo,proto_tree * parent_tree,void * data _U_)1855 dissect_usbll_packet(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* data _U_)
1856 {
1857 proto_item *item;
1858 proto_tree *tree;
1859 gint offset = 0;
1860 guint32 pid;
1861 const gchar *str;
1862
1863 tree = proto_tree_add_subtree(parent_tree, tvb, offset, -1, ett_usbll, &item, "USB Packet");
1864
1865 item = proto_tree_add_item_ret_uint(tree, hf_usbll_pid, tvb, offset, 1, ENC_LITTLE_ENDIAN, &pid);
1866 offset++;
1867
1868 col_set_str(pinfo->cinfo, COL_PROTOCOL, "USBLL");
1869 str = try_val_to_str(pid, usb_packetid_vals);
1870 if (str) {
1871 col_set_str(pinfo->cinfo, COL_INFO, str);
1872 } else {
1873 col_add_fstr(pinfo->cinfo, COL_INFO, "Invalid Packet ID (0x%02x)", pid);
1874 expert_add_info(pinfo, item, &ei_invalid_pid);
1875 }
1876
1877 if (PINFO_FD_VISITED(pinfo)) {
1878 usbll_data_ptr = usbll_restore_data(pinfo);
1879 } else {
1880 usbll_data_ptr = usbll_create_data(pinfo);
1881 }
1882
1883 switch (pid)
1884 {
1885 case USB_PID_TOKEN_SETUP:
1886 case USB_PID_TOKEN_OUT:
1887 case USB_PID_TOKEN_IN:
1888 case USB_PID_SPECIAL_PING:
1889 offset = dissect_usbll_token(tvb, pinfo, tree, offset, pid, usbll_data_ptr);
1890 break;
1891
1892 case USB_PID_DATA_DATA0:
1893 case USB_PID_DATA_DATA1:
1894 case USB_PID_DATA_DATA2:
1895 case USB_PID_DATA_MDATA:
1896 offset = dissect_usbll_data(tvb, pinfo, tree, offset, pid, usbll_data_ptr);
1897 break;
1898
1899 case USB_PID_HANDSHAKE_ACK:
1900 case USB_PID_HANDSHAKE_NAK:
1901 case USB_PID_HANDSHAKE_NYET:
1902 case USB_PID_HANDSHAKE_STALL:
1903 offset = dissect_usbll_handshake(tvb, pinfo, tree, offset, pid, usbll_data_ptr);
1904 break;
1905
1906 case USB_PID_TOKEN_SOF:
1907 offset = dissect_usbll_sof(tvb, pinfo, tree, offset);
1908 break;
1909
1910 case USB_PID_SPECIAL_SPLIT:
1911 offset = dissect_usbll_split(tvb, pinfo, tree, offset, pid, usbll_data_ptr);
1912 break;
1913 case USB_PID_SPECIAL_PRE_OR_ERR:
1914 break;
1915 case USB_PID_SPECIAL_RESERVED:
1916 break;
1917 default:
1918 break;
1919 }
1920
1921 usbll_generate_address(tree, tvb, pinfo, usbll_data_ptr);
1922 if (usbll_data_ptr->transaction_state == STATE_INVALID)
1923 {
1924 expert_add_info(pinfo, item, &ei_invalid_pid_sequence);
1925 }
1926
1927 if (tvb_reported_length_remaining(tvb, offset) > 0) {
1928 proto_tree_add_expert(tree, pinfo, &ei_undecoded, tvb, offset, -1);
1929 offset += tvb_captured_length_remaining(tvb, offset);
1930 }
1931
1932 return offset;
1933 }
1934
1935 void
proto_register_usbll(void)1936 proto_register_usbll(void)
1937 {
1938 expert_module_t *expert_module;
1939
1940 static hf_register_info hf[] = {
1941 /* Common header fields */
1942 { &hf_usbll_pid,
1943 { "PID", "usbll.pid",
1944 FT_UINT8, BASE_HEX|BASE_EXT_STRING, &usb_packetid_vals_ext, 0x00,
1945 "USB Packet ID", HFILL }},
1946 { &hf_usbll_src,
1947 { "Source", "usbll.src",
1948 FT_STRING, STR_ASCII, NULL, 0x0,
1949 NULL, HFILL }},
1950 { &hf_usbll_dst,
1951 { "Destination", "usbll.dst",
1952 FT_STRING, STR_ASCII, NULL, 0x0,
1953 NULL, HFILL }},
1954 { &hf_usbll_addr,
1955 { "Source or Destination", "usbll.addr",
1956 FT_STRING, STR_ASCII, NULL, 0x0,
1957 NULL, HFILL }},
1958
1959 /* Token header fields */
1960 { &hf_usbll_device_addr,
1961 { "Address", "usbll.device_addr",
1962 FT_UINT16, BASE_DEC, NULL, 0x007F,
1963 NULL, HFILL }},
1964 { &hf_usbll_endp,
1965 { "Endpoint", "usbll.endp",
1966 FT_UINT16, BASE_DEC, NULL, 0x0780,
1967 NULL, HFILL }},
1968
1969 /*SOF header field */
1970 { &hf_usbll_sof_framenum,
1971 { "Frame Number", "usbll.frame_num",
1972 FT_UINT16, BASE_DEC, NULL, 0x07FF,
1973 NULL, HFILL }},
1974
1975 /* Token and SOF header fields */
1976 { &hf_usbll_crc5,
1977 { "CRC5", "usbll.crc5",
1978 FT_UINT16, BASE_HEX, NULL, 0xF800,
1979 NULL, HFILL }},
1980 { &hf_usbll_crc5_status,
1981 { "CRC5 Status", "usbll.crc5.status",
1982 FT_UINT8, BASE_NONE, VALS(proto_checksum_vals), 0,
1983 NULL, HFILL }},
1984
1985 /* Data header fields */
1986 { &hf_usbll_data,
1987 { "Data", "usbll.data",
1988 FT_BYTES, BASE_NONE, NULL, 0,
1989 NULL, HFILL }},
1990 { &hf_usbll_data_crc,
1991 { "CRC", "usbll.crc16",
1992 FT_UINT16, BASE_HEX, NULL, 0x0,
1993 NULL, HFILL }},
1994 { &hf_usbll_data_crc_status,
1995 { "CRC Status", "usbll.crc16.status",
1996 FT_UINT8, BASE_NONE, VALS(proto_checksum_vals), 0,
1997 NULL, HFILL }},
1998
1999 /* Split header fields */
2000 { &hf_usbll_split_hub_addr,
2001 { "Hub Address", "usbll.split_hub_addr",
2002 FT_UINT24, BASE_DEC, NULL, 0x00007F,
2003 NULL, HFILL }},
2004 { &hf_usbll_split_sc,
2005 { "SC", "usbll.split_sc",
2006 FT_UINT24, BASE_DEC, VALS(usb_start_complete_vals), 0x000080,
2007 NULL, HFILL }},
2008 { &hf_usbll_split_port,
2009 { "Port", "usbll.split_port",
2010 FT_UINT24, BASE_DEC, NULL, 0x007F00,
2011 NULL, HFILL }},
2012 { &hf_usbll_split_s,
2013 { "Speed", "usbll.split_s",
2014 FT_UINT24, BASE_DEC, VALS(usb_split_speed_vals), 0x008000,
2015 NULL, HFILL }},
2016 { &hf_usbll_split_e,
2017 { "E", "usbll.split_e",
2018 FT_UINT24, BASE_DEC, NULL, 0x010000,
2019 "Unused. Must be 0.", HFILL }},
2020 { &hf_usbll_split_u,
2021 { "U", "usbll.split_u",
2022 FT_UINT24, BASE_DEC, NULL, 0x010000,
2023 "Unused. Must be 0.", HFILL }},
2024 { &hf_usbll_split_iso_se,
2025 { "Start and End", "usbll.split_se",
2026 FT_UINT24, BASE_DEC, VALS(usb_split_iso_se_vals), 0x018000,
2027 NULL, HFILL }},
2028 { &hf_usbll_split_et,
2029 { "Endpoint Type", "usbll.split_et",
2030 FT_UINT24, BASE_DEC, VALS(usb_endpoint_type_vals), 0x060000,
2031 NULL, HFILL }},
2032 { &hf_usbll_split_crc5,
2033 { "CRC5", "usbll.split_crc5",
2034 FT_UINT24, BASE_HEX, NULL, 0xF80000,
2035 NULL, HFILL }},
2036 { &hf_usbll_split_crc5_status,
2037 { "CRC5 Status", "usbll.split_crc5.status",
2038 FT_UINT8, BASE_NONE, VALS(proto_checksum_vals), 0,
2039 NULL, HFILL }},
2040 { &hf_usbll_transfer_fragments,
2041 { "Transfer fragments", "usbll.fragments",
2042 FT_NONE, BASE_NONE, NULL, 0x00,
2043 NULL, HFILL }},
2044 { &hf_usbll_transfer_fragment,
2045 {"Transfer fragment", "usbll.fragment",
2046 FT_FRAMENUM, BASE_NONE, NULL, 0x00, NULL, HFILL }},
2047 { &hf_usbll_transfer_fragment_overlap,
2048 {"Transfer fragment overlap", "usbll.fragment.overlap",
2049 FT_BOOLEAN, 0, NULL, 0x00, NULL, HFILL }},
2050 { &hf_usbll_transfer_fragment_overlap_conflicts,
2051 {"Transfer fragment overlapping with conflicting data",
2052 "usbll.fragment.overlap.conflicts",
2053 FT_BOOLEAN, 0, NULL, 0x00, NULL, HFILL }},
2054 { &hf_usbll_transfer_fragment_multiple_tails,
2055 {"Transfer has multiple tail fragments",
2056 "usbll.fragment.multiple_tails",
2057 FT_BOOLEAN, 0, NULL, 0x00, NULL, HFILL }},
2058 { &hf_usbll_transfer_fragment_too_long_fragment,
2059 {"Transfer fragment too long", "usbll.fragment.too_long_fragment",
2060 FT_BOOLEAN, 0, NULL, 0x00, NULL, HFILL }},
2061 { &hf_usbll_transfer_fragment_error,
2062 {"Transfer defragmentation error", "usbll.fragment.error",
2063 FT_FRAMENUM, BASE_NONE, NULL, 0x00, NULL, HFILL }},
2064 { &hf_usbll_transfer_fragment_count,
2065 {"Transfer fragment count", "usbll.fragment.count",
2066 FT_UINT32, BASE_DEC, NULL, 0x00, NULL, HFILL }},
2067 { &hf_usbll_transfer_reassembled_in,
2068 {"Reassembled in", "usbll.reassembled.in",
2069 FT_FRAMENUM, BASE_NONE, NULL, 0x00, NULL, HFILL }},
2070 { &hf_usbll_transfer_reassembled_length,
2071 {"Reassembled length", "usbll.reassembled.length",
2072 FT_UINT32, BASE_DEC, NULL, 0x00, NULL, HFILL }},
2073 };
2074
2075 static ei_register_info ei[] = {
2076 { &ei_invalid_pid, { "usbll.invalid_pid", PI_MALFORMED, PI_ERROR, "Invalid USB Packet ID", EXPFILL }},
2077 { &ei_undecoded, { "usbll.undecoded", PI_UNDECODED, PI_WARN, "Not dissected yet (report to wireshark.org)", EXPFILL }},
2078 { &ei_wrong_crc5, { "usbll.crc5.wrong", PI_PROTOCOL, PI_WARN, "Wrong CRC", EXPFILL }},
2079 { &ei_wrong_split_crc5, { "usbll.split_crc5.wrong", PI_PROTOCOL, PI_WARN, "Wrong CRC", EXPFILL }},
2080 { &ei_wrong_crc16, { "usbll.crc16.wrong", PI_PROTOCOL, PI_WARN, "Wrong CRC", EXPFILL }},
2081 { &ei_invalid_s, { "usbll.invalid_s", PI_MALFORMED, PI_ERROR, "Invalid bit (Must be 0)", EXPFILL }},
2082 { &ei_invalid_e_u, { "usbll.invalid_e_u", PI_MALFORMED, PI_ERROR, "Invalid bit (Must be 0)", EXPFILL }},
2083 { &ei_invalid_pid_sequence, {"usbll.invalid_pid_sequence", PI_MALFORMED, PI_ERROR, "Invalid PID Sequence",EXPFILL }},
2084 { &ei_invalid_setup_data, {"usbll.invalid_setup_data", PI_MALFORMED, PI_ERROR, "Invalid data length (Must be 8 bytes)", EXPFILL }},
2085 };
2086
2087 static gint *ett[] = {
2088 &ett_usbll,
2089 &ett_usbll_transfer_fragment,
2090 &ett_usbll_transfer_fragments,
2091 };
2092
2093 transfer_info = wmem_map_new_autoreset(wmem_epan_scope(), wmem_file_scope(), g_direct_hash, g_direct_equal);
2094 proto_usbll = proto_register_protocol("USB Link Layer", "USBLL", "usbll");
2095 proto_register_field_array(proto_usbll, hf, array_length(hf));
2096 proto_register_subtree_array(ett, array_length(ett));
2097
2098 expert_module = expert_register_protocol(proto_usbll);
2099 expert_register_field_array(expert_module, ei, array_length(ei));
2100
2101 register_dissector("usbll", dissect_usbll_packet, proto_usbll);
2102 register_cleanup_routine(usbll_cleanup_data);
2103
2104 usbll_address_type = address_type_dissector_register("AT_USBLL", "USBLL Address",
2105 usbll_addr_to_str, usbll_addr_str_len,
2106 NULL, NULL, NULL, NULL, NULL);
2107
2108 reassembly_table_register(&usbll_reassembly_table, &usbll_reassembly_table_functions);
2109 }
2110
2111 void
proto_reg_handoff_usbll(void)2112 proto_reg_handoff_usbll(void)
2113 {
2114 usbll_handle = create_dissector_handle(dissect_usbll_packet, proto_usbll);
2115 dissector_add_uint("wtap_encap", WTAP_ENCAP_USB_2_0, usbll_handle);
2116 }
2117
2118 /*
2119 * Editor modelines
2120 *
2121 * Local Variables:
2122 * c-basic-offset: 4
2123 * tab-width: 8
2124 * indent-tabs-mode: nil
2125 * End:
2126 *
2127 * ex: set shiftwidth=4 tabstop=8 expandtab:
2128 * :indentSize=4:tabSize=8:noTabs=true:
2129 */
2130