从调试数据分析USB通信协议——USB存储介质【U盘】(三)
前面一圈分析完了,现在我们来分析一下数据流向,不得不说WireShark在用做嵌入式通信协议上的调试分析时,是个不错的软件。因此接下来我们就用WireShark再来分析一下USB Mass Storge设备,即U盘的枚举过程。首先,我要介绍的是如何安装WireShark来用作USB抓包。整个安装过程几乎都是傻瓜式的下一步操作,而这里我要提一下的是,既然是做USB抓包分析,这个USBPcap是一定要注意勾选的。小编我这里已经安装过了,所以显示已经安装好了。
接下来我们打开WireShark软件可以看到左下角有USBPcap1选项,双击进行设置。
同样,小编我这里还是插入的闪迪CZ80的32GB的U盘。当电脑检测到有U盘插入时,设置界面的右下角就会有相应的设备可以勾选,这里我们勾选上并点击OK。
然后我们就可以点击最上面工具栏那个蓝色的鲨鱼鳍按钮[第三个按钮],开始捕获数据了。现在我们拔下U盘重新插入。就可以看到U盘插入时设备在枚举过程中的所有数据包了。以下是我们在之前介绍的时候设备枚举的第一条指令,即发送Setup令牌包获取设备描述符的指令。但这里在这些数据的前面,你还会发现WireShark有一个URB的结构在USB数据包的前面,这个实际上是驱动程序内部的一些字段,下面我通过一篇博文对其中的信息做简要的介绍。
地址:http://www.cnblogs.com/tureno/articles/6888794.html
通过以上软件来分析,我们可以很清楚的看到数据在host和device的端点0之间的相互流动,device收发均使用的是端点0。其实这种流动一直保持到了GET MAX LUN (0xfe)这条指令以后,在这条指令以后,我们就会开始使用CBW块来承载SCSI指令进行通信了。这时候device使用的是端点2来接收host的命令,因此,从host视角来看,它是输出端点,同理,device使用端点1回发数据给host,即作为输入端点。
关于U盘的分析到这里我们基本就算结束了,最后我们使用USBlyzer22软件,对我们的U盘进行最后的一波分析,来验证我们上面的分析,有如下截图,这里看看就好,小编我也就不再啰嗦什么了。
| Connection Status | Device connected |
| Current Configuration | 1 |
| Speed | High (480 Mbit/s) |
| Device Address | 1 |
| Number Of Open Pipes | 2 |
| Offset | Field | Size | Value | Description |
| 0 | bLength | 1 | 12h |
|
| 1 | bDescriptorType | 1 | 01h | Device |
| 2 | bcdUSB | 2 | 0300h | USB Spec 3.0 |
| 4 | bDeviceClass | 1 | 00h | Class info in Ifc Descriptors |
| 5 | bDeviceSubClass | 1 | 00h |
|
| 6 | bDeviceProtocol | 1 | 00h |
|
| 7 | bMaxPacketSize0 | 1 | 09h | Should be 64 bytes for high-speed devices |
| 8 | idVendor | 2 | 0781h | SanDisk Corp. |
| 10 | idProduct | 2 | 5580h |
|
| 12 | bcdDevice | 2 | 0010h | 0.10 |
| 14 | iManufacturer | 1 | 01h | "SanDisk" |
| 15 | iProduct | 1 | 02h | "Extreme" |
| 16 | iSerialNumber | 1 | 03h | "AA010314151502060195" |
| 17 | bNumConfigurations | 1 | 01h |
|
Binary Device Object Store (BOS) Descriptor
| Offset | Field | Size | Value | Description |
| 0 | bLength | 1 | 05h |
|
| 1 | bDescriptorType | 1 | 0Fh | Binary Device Object Store (BOS) |
| 2 | wTotalLength | 2 | 0016h |
|
| 4 | bNumDeviceCaps | 1 | 02h |
|
Device Capability Descriptor - USB 2.0 Extension
| Offset | Field | Size | Value | Description |
| 0 | bLength | 1 | 07h |
|
| 1 | bDescriptorType | 1 | 10h | Device Capability |
| 2 | bDevCapabilityType | 1 | 02h | USB 2.0 Extension |
| 3 | bmAttributes | 4 | 00000002h |
|
|
| 0: Reserved |
| ........ ........ ........ .......0 |
|
|
| 1: Link Power Management |
| ........ ........ ........ ......1. | Yes |
|
| 31..2: Reserved |
| 00000000 00000000 00000000 000000.. |
|
Device Capability Descriptor - SuperSpeed USB
| Offset | Field | Size | Value | Description |
| 0 | bLength | 1 | 0Ah |
|
| 1 | bDescriptorType | 1 | 10h | Device Capability |
| 2 | bDevCapabilityType | 1 | 03h | SuperSpeed USB |
| 3 | bmAttributes | 1 | 00h |
|
|
| 0: Reserved |
| .......0 |
|
|
| 1: Latency Tolerance Messages |
| ......0. | No |
|
| 7..2: Reserved |
| 000000.. |
|
| 4 | wSpeedsSupported | 2 | 000Eh |
|
|
| 0: Low-Speed |
| ........ .......0 | No |
|
| 1: Full-Speed |
| ........ ......1. | Yes |
|
| 2: High-Speed |
| ........ .....1.. | Yes |
|
| 3: Super-Speed |
| ........ ....1... | Yes |
|
| 15..4: Reserved |
| 00000000 0000.... |
|
| 6 | bFunctionalitySupport | 1 | 01h | Full-Speed and above |
| 7 | bU1DevExitLat | 1 | 07h | Less than 7 祍 |
| 8 | wU2DevExitLat | 2 | 0065h | Less than 101 祍 |
Configuration Descriptor 1 Bus Powered, 400 mA
| Offset | Field | Size | Value | Description |
| 0 | bLength | 1 | 09h |
|
| 1 | bDescriptorType | 1 | 02h | Configuration |
| 2 | wTotalLength | 2 | 002Ch |
|
| 4 | bNumInterfaces | 1 | 01h |
|
| 5 | bConfigurationValue | 1 | 01h |
|
| 6 | iConfiguration | 1 | 00h |
|
| 7 | bmAttributes | 1 | 80h | Bus Powered |
|
| 4..0: Reserved |
| ...00000 |
|
|
| 5: Remote Wakeup |
| ..0..... | No |
|
| 6: Self Powered |
| .0...... | No, Bus Powered |
|
| 7: Reserved (set to one) |
| 1....... |
|
| 8 | bMaxPower | 1 | 32h | 100 mA |
Interface Descriptor 0/0 Mass Storage, 2 Endpoints
| Offset | Field | Size | Value | Description |
| 0 | bLength | 1 | 09h |
|
| 1 | bDescriptorType | 1 | 04h | Interface |
| 2 | bInterfaceNumber | 1 | 00h |
|
| 3 | bAlternateSetting | 1 | 00h |
|
| 4 | bNumEndpoints | 1 | 02h |
|
| 5 | bInterfaceClass | 1 | 08h | Mass Storage |
| 6 | bInterfaceSubClass | 1 | 06h | SCSI Transparent Command Set |
| 7 | bInterfaceProtocol | 1 | 50h | Bulk-Only Transport |
| 8 | iInterface | 1 | 00h |
|
Endpoint Descriptor 81 1 In, Bulk, 1024 bytes
| Offset | Field | Size | Value | Description |
| 0 | bLength | 1 | 07h |
|
| 1 | bDescriptorType | 1 | 05h | Endpoint |
| 2 | bEndpointAddress | 1 | 81h | 1 In |
| 3 | bmAttributes | 1 | 02h | Bulk |
|
| 1..0: Transfer Type |
| ......10 | Bulk |
|
| 7..6: Reserved |
| 00...... |
|
| 4 | wMaxPacketSize | 2 | 0400h | 1024 bytes |
| 6 | bInterval | 1 | 00h |
|
| Offset | Field | Size | Value | Description |
| 0 | bLength | 1 | 06h |
|
| 1 | bDescriptorType | 1 | 30h | SuperSpeed Endpoint Companion |
| 2 | bMaxBurst | 1 | 0Fh | Up to 16 packets at a time |
| 3 | bmAttributes | 1 | 00h |
|
|
| 4..0: MaxStreams |
| ...00000 |
|
|
| 7..5: Reserved |
| 000..... |
|
| 4 | wBytesPerInterval | 2 | 0000h |
|
Endpoint Descriptor 02 2 Out, Bulk, 1024 bytes
| Offset | Field | Size | Value | Description |
| 0 | bLength | 1 | 07h |
|
| 1 | bDescriptorType | 1 | 05h | Endpoint |
| 2 | bEndpointAddress | 1 | 02h | 2 Out |
| 3 | bmAttributes | 1 | 02h | Bulk |
|
| 1..0: Transfer Type |
| ......10 | Bulk |
|
| 7..6: Reserved |
| 00...... |
|
| 4 | wMaxPacketSize | 2 | 0400h | 1024 bytes |
| 6 | bInterval | 1 | 00h |
|
| Offset | Field | Size | Value | Description |
| 0 | bLength | 1 | 06h |
|
| 1 | bDescriptorType | 1 | 30h | SuperSpeed Endpoint Companion |
| 2 | bMaxBurst | 1 | 0Fh | Up to 16 packets at a time |
| 3 | bmAttributes | 1 | 00h |
|
|
| 4..0: MaxStreams |
| ...00000 |
|
|
| 7..5: Reserved |
| 000..... |
|
| 4 | wBytesPerInterval | 2 | 0000h |
|
这里小编我将相关的资料资源下载链接放在下面:
1.圈圈教你玩usb,一本介绍usb不错的书:http://download.csdn.net/download/tanjiaqi2554/10049482
3835
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
