I'm working on a hardware device that exposes itself as a Mass Storage device over USB.
When I plug in a typical USB key it gets attached in device manager as a Mass Storage device with the corresponding disk's removal policy set to Quick Removal.
When I plug in my device the removal policy however is set to "Better Performance". Note that in both cases no driver was installed (This is Windows' Mass Storage driver). Screenshot.
I've tried comparing all the properties on the device properties page to no avail. What am I doing wrong?
Sorry for answering my own question but upon furthur investigation these are the result:
Linux USB storage gadget driver does not support MODE_SELECT:
http://lxr.free-electrons.com/source/drivers/usb/gadget/file_storage.c?v=2.6.35
(Lines 1881 to 1889)
This causes Windows to behave as described above. Returning without an error without doing anything appears to correct this problem but I'm unsure if it is the correct behavior.
I would expect that the problem is that the standard Mass Storage driver is checking for a FAT-formatted partition-- finding one on the USB key it sets the policy to Quick Removal; and it doesn't find one on your device.
This document will get you where you need to be. Additionally, this SO link is also relevant.
Related
Link to the bug report on 'Feedback Hub'
An audio endpoint device, from here on referred to as 'endpoint', is a physical or virtual audio output or input device.
With the Windows 10 April Update 1803 the long overdue 'App volume and device preferences' have been introduced. These settings allow more control over audio stream management as it is now possible to set different endpoints for different applications, no matter whether that particular application comes with an endpoint selection or not.
However, there is an issue where the audio of a program, whose endpoint is non-default, is streamed through the default endpoint (or not at all) after it has been closed and launched again, although the endpoint is displayed correctly in the settings:
As far as I know the issue can be recreated on a Windows 10 machine (version 1803 or higher) with any virtual or physical endpoint and an affected program. I used 'VLC Media Player' in this example (disregarding the fact that it comes with an endpoint selection) as it is well known and widely accessible, which should make it easier to recreate the issue.
What I'm searching for...
... is a programmatically solution to switch between endpoints, which ideally can be launched in form of a script to set the correct endpoint with an application launch.
For my purpose it would be enough to have to adjust the device instance path manually, as the device would be always the same, but I'm not going to complain about a solution which retrieves the device instance path from the registry, too.
Defined endpoints and the device instance path of the device they are using can be retrieved from the subkeys of the key HKEY_USERS\# YOUR SID #\Software\Microsoft\Multimedia\Audio\DefaultEndpoint. I don't know how windows generates the name of the subkeys or where they can be found. If I had to take a wild guess, I'd say these are Application IDs (feel free to correct me if I'm wrong).
The device instance path itself can be found in the Device Manager (under 'Audio inputs and outputs' double click the desired device, navigate to the tab 'Details' and select 'Device instance path' from the 'Property' drop-down menu).
Additionally the entry about Audio Endpoint Devices and Stream Management in the Microsoft Docs might be helpful, but that is way above my head.
A possible but impractical workaround...
... would be, to manually set another endpoint for the application and switch back to desired endpoint at every launch of said application (as shown above).
But not just takes this at least 10 seconds at each and every launch, you might even forget to do this as the audio might just get streamed through the default endpoint *¹.
The alternative to the latter is, that no audio will be streamed at all *² or in some cases it actually works *³.
*¹ e.g.: VLC Media Player, Tom Clancy's Rainbow Six Siege (although the audio will be streamed correctly during the splash screens)
*² e.g.: Call of Duty 4: Modern Warfare, Call of Duty: Modern Warfare 2, Call of Duty: Modern Warfare 3
*³ e.g.: Window Media Player, Microsoft Edge, Firefox
Observations
VLC Media Player comes with an endpoint selection, but so does TeamSpeak 3 and, unlike VLC, it skips the Windows settings completely.
Call of Duty not streaming any audio most likely is connected to the engine as I didn't encounter any other application doing something similar.
Windows Media Player, Microsoft Edge and Firefox are the only programs (I tested so far) which work fine. They have no endpoint selection (I'd know of) and will use the correct endpoint after closing and launching it again. It should be noted, however, that Firefox and Microsoft Edge will show multiple instances in the "App volume and device preferences" when adjusting the endpoint.
Disclaimer
I already tried two 3rd party softwares: 'Audio Router', which didn't work at all and 'CheVolume', which doesn't solve the issue and constantly crashes while doing so.
This question is based on one I asked over at Super User (here), where I didn't get an answer I was able to work with due to my lack of knowledge regarding actual programming (I'm only somewhat familiar with Batch and PowerShell). I'm well aware that neither Stack Overflow nor Super User are script writing services, however, the issue is not being fixed with the Windows 10 October Update 1809 and I see this as a problem which is affecting not just me and with that would be helpful for multiple people after me. Feel free to write a comment or propose an edit if you see this differently.
I'm also not sure whether the tags 'audio-streaming' and 'endpoint' should be used in this context, please propose an edit if they shouldn't or you can think of any better.
Edit - 05/11/18
Using the 3rd party software 'EarTrumpet' I was able to overcome the issue with the 'Call of Duty' games (no audio at all after restarting), however, 'VLC Media Player' would not restart after I assigned a non-default endpoint with 'EarTrumpet' until I closed 'EarTrumpet' again and the issue with 'Tom Clancy's Rainbow Six Siege' remains the same.
Edit - 18/01/19
Added link to a bug report I created on the 'Feedback Hub' 2 month ago.
Edit - 20/01/19
After doing some testing again it should be noted that having 'EarTrumpet' run in the background will keep a non-default endpoint for 'VLC Media Player' across restarts, however, 'VLC Media Player' will only (reliably) restart when the non-default endpoint was set in the 'App volume and device preferences'.
I do not have any solution regarding a programming language to handle such events.
But I can recommend EarTrumpet app to handle this change more quickly https://www.theverge.com/2018/6/13/17457778/eartrumpet-windows-10-audio-app
(Windows store: https://www.microsoft.com/en-us/p/eartrumpet/9nblggh516xp?ranMID=24542&ranEAID=nOD%2FrLJHOac&ranSiteID=nOD_rLJHOac-hUn6PgKuMKwQLdrzRqnPTA&epi=nOD_rLJHOac-hUn6PgKuMKwQLdrzRqnPTA&irgwc=1&OCID=AID681541_aff_7593_1243925&tduid=%28ir__qwqlg6jd0jba3y9hpnbvikaite2xk6kuyv9udtr100%29%287593%29%281243925%29%28nOD_rLJHOac-hUn6PgKuMKwQLdrzRqnPTA%29%28%29&irclickid=_qwqlg6jd0jba3y9hpnbvikaite2xk6kuyv9udtr100&activetab=pivot:overviewtab )
I will update the answer if I find a easy way to script/program a change of output on each app.
does anyone happens to know how to use XFS API to update ATM encryption keys (such as 32 characters clear key pairs) ?
I have read CWA16374 documents but not sure how to use the API since there is some many commands involved (which command to call and how)
thanks a lot
Sadly CEN XFS standard is not covering all the aspects and at least some of the key manipulations needs to be done using the manufacturer specific APIs.
I only have experience from NCR crypto module, and it doesn't sound like you use one of those.
So you'll need to go through the Hardware providers manuals to get hang of it.
You need to use the msxfs.dll to access the XFS devices (in your case, I think this device will be PIN specification). All XFS devices works using the same API interface defined in msxfs.dll. You have a WFSStartUp command to start XFS Manager communication, a WFSOpen command to open a sesion with a specific device (The PIN in your case, a cash dispenser, a card reader, etc). Once you have access with WFSOpen, you need to execute WFSExecute or WFSGetInfo commands to access the device. For this you need the PIN API documentation (public in internet). This documentation describes the commnands you can execute using WFSExecute and WFSGetInfo XFS commands. There is a standard specification for each financial device type in the market. For keys, encryptions, etc, you have the PinPad device (a keyboard, key stored and cypher operations)
There are a lot of things to explain about it, but I think this would be a good starting point.
Here you have the starndard documentation:
https://www.cen.eu/work/areas/ICT/eBusiness/Pages/WS-XFS.aspx
i need to add some files to results returned by FindFirstFile and FindNextFile under windows. Is this possible by file system filter driver or what type of drivers?
Thank you
You can do this by File System Filter Driver. But you can do this by implementing a system wide API hook. I have not tried it before but you really don't need to take the pains of writing the drivers and making the system unstable in case of spoiling the driver stack.
System Wide API Hooking
API Hooking Revealed
As pointed out you can use a file system filter driver (legacy or mini-filter, based on fltmgr). However, I would strongly recommend against the system-wide API hooking. Simple reason: if you do it in usermode it's not really going to be system-wide and if you use an SSDT-hook or some hotpatching method you risk the system's stability. An alternative, albeit equally shady as system-wide hooking, would be entry-point stealing. In this case you use the device object of the volume (in which you're interested, just listen for the attach notifications or enumerate them at startup) to find the driver responsible for it and modify the major function entry points in the driver object (Ilho pointed you into the right direction already).
A file system filter driver is the supported method to do just that.
In the latest Windows 7 WDK the sample under 7600.16385.1\src\filesys\miniFilter\minispy provides a good starting point. Biggest problem with mini filters for a private person is to get assigned an altitude for the driver to load at. Because using just any altitude can well lead to BSODs - and in case of FSFDs you might even risk your data integrity (although the kernel steps in with the BSOD to prevent that). You only need to fake IRP_MN_QUERY_DIRECTORY - this is the minor control code you're looking for when you are handling the IRP_MJ_DIRECTORY_CONTROL major control code. All others you can pass through as long as you don't need to allow the file to be opened, read or written and such. How to do that can be seen in the 7600.16385.1\src\filesys\miniFilter\passThrough sample source.
I am trying to fix an Audacity bug that revolves around portmixer. The output/input level is settable using the mac version of portmixer, but not always in windows. I am debugging portmixer's window code to try to make it work there.
Using IAudioEndpointVolume::SetMasterVolumeLevelScalar to set the master volume works fine for onboard sound, but using pro external USB or firewire interfaces like the RME Fireface 400, the output volume won't change, although it is reflected in Window's sound control panel for that device, and also in the system mixer.
Also, outside of our program, changing the master slider for the system mixer (in the taskbar) there is no effect - the soundcard outputs the same (full) level regardless of the level the system says it is at. The only way to change the output level is using the custom app that the hardware developers give with the card.
The IAudioEndpointVolume::QueryHardwareSupport function gives back ENDPOINT_HARDWARE_SUPPORT_VOLUME so it should be able to do this.
This behavior exists for both input and output on many devices.
Is this possibly a Window's bug?
It is possible to workaround this by emulating (scaling) the output, but this is not preferred as it is not functionally identical - better to let the audio interface do the scaling (esp. for input if it involves a preamp).
The cards you talk about -like the RME- ones simply do not support setting the master or any other level through software, and there is not much you can do about it. This is not a Windows bug. One could argue that giving back ENDPOINT_HARDWARE_SUPPORT_VOLUME is a bug though, but that likely originates from the driver level, not Windows itself.
The only solution I found so far is hooking up a debugger (or adding a dll hook) to the vendor supplied software and looking at the DeviceIOControl calls it makes (those are the ones used to talk to the hardware) while setting the volume in the vendor software. Pretty hard to do this for every single card, but probably worth doing for a couple of pro cards. Especially for Audacity, for open source audio software it's actually not that bad so I can imagine some people being really happy if the volume on their card could be set by it. (at the time we were exclusively using an RME Multiface I spent quite some time in figuring out the DeviceIOControl calls, but in the end it was definitely worth it as I could set the volume in dB for any point in the matrix)
For a requirement to generate per-PC license keys, I need some code which will return a stable and (near) unique key on any PC. It doesn't have to be guaranteed unique, but close. It does need to be reasonably stable though, so that a given PC always generates the same result unless the hardware is substantially changed.
This is for a Windows application, using wxWidgets but a Win32 or other option is fine.
I was thinking about MAC address but what about laptops which can routinely disable the network card in power-saving mode? I came across GetCurrentHwProfile but it doesn't quite look like what I want?
One idea I had a while back for this is to use CryptProtectData as a way to identify a machine. Behind-the-scenes in that API, Microsoft has done what you're looking for. I never tested it though and I'm curious if it's actually viable.
Basically you would encode a constant magic value with CryptProtectData with CRYPTPROTECT_LOCAL_MACHINE, and the result is your machine ID.
I would just go with the MAC address method; when the wireless / LAN cards are turned off they still show up in Network Connections. You should therefore still be able to get the MAC.
Consider this: Any time you'd be able to contact your webserver or whatever you're cataloging these IDs with, the user is going to have to have some form of network card available.
Oh, and you might be able to use CPU serial number of the customer's computer supports it.
I think there no really easy and unique method so far discovered here.
GetVolumeInformation retrieves not even close to unique ID.....
To use any hardware serial is problematic because manufactures are not committed to supported it always and especially to keep it globally unique
GetCurrentHwProfile retrieves GUID but it's value affected by minor! hardware changes...
Using Product Key ... will bring U to deal with the stolen software - there lot of pirate installations over the globe.
Creation of own GUID and preserving it under registry (in any place) will not prevent duplication by cloning of image ....
etc...
From my perspective of view the best way is combine:
Volume ID + MAC's list + Machine SID + Machine Name. And obviously manage license policy on the server side ;0)
Regards
Mickel.
If you want something a bit harder to spoof than whatever the machine itself can tell you, you'll probably need to provide a USB dongle dedicated for this purpose (not just a flash drive).
For a pretty brain dead test I am using the ProductID code of the OS and the computer name - both extracted from the registry. Not really secure, but its all pretend security anyway.
edit
To answer John's question about what keys I am reading:
SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductID
SYSTEM\CurrentControlset\Control\ComputerName\ComputerName\ComputerName
How about using the serial number of the harddisk where windows is installed?
The function GetVolumeInformation() will give you such serial number.
To access the ID assigned by the harddisk vendor instead of the ID assigned by Windows, you can use the Win32_PhysicalMedia Class.
To determine the drive where windows is installed, you could expand the variable %windir" by using the function ExpandEnvironmentStrings()
Another option, if your architecture allows, is to use UuidCreate() to generate a random GUID at installation time and save it permanently in the registry. This GUID can then be used as the ID as long as the registry remains. A new registry database is generally considered as a new installation.
A third option is to have a well-known server assigning the IDs. Upon starting up, the software could look up for the ID in the registry and if not found, would contact the server and supply it with its MAC address, hostname, harddisk serial number, Machine SID and any number of indentifyable information (keys).
The server then determines if the client is already registered or not based on the information given. The server could have a relaxed policy and for example only require most of the keys for a match, so that the mechanism would work even in the event of a complete wipe out of the registry and if part (but not all) of the hardware was replaced.
How about using the serial number of a CPU. I remember Microsoft used to provide an api for this that would run the necessary assembler code and give you back all sorts of info about the CPU including serial number. Not sure if it'd work with AMD chips or not, I think it was intel specific.
Surely CPU Id is secure and static enough!!