Bluetooth Filter Driver for DS3-compatibility - research notes



  • @nefarius said in Bluetooth Filter Driver for DS3-compatibility - research notes:

    @GregM that would be fabulous, I recommend hopping on our Discord for more responsive exchanges.

    Ok, I'm in 🙂



  • @nefarius ok i get it ,no problem at all, i just hope that the touch pad will be usable as a button in ds4!



  • Auto-reset filter implemented

    And there we have it 🎉 it's now configurable if the DualShock 4 should be supported in PS4 mode and if turned off, the filter will be automatically disabled for a certain amount of seconds which allows the DS4 to re-connect in PC mode and then the filter patch will be enabled again automatically 😇

    Profile log

    2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	BthPS3_IndicationCallback Entry
    2019/10/05-15:41:46.795	TRACE_LEVEL_INFORMATION	New connection for PSM 0x5053 from ACFD93095C20 arrived
    2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	IRQL DPC (0x02) too high, preparing async call
    2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	BthPS3_IndicationCallback Exit
    2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	L2CAP_PS3_HandleRemoteConnectAsync Entry
    2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	L2CAP_PS3_HandleRemoteConnect Entry
    2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	ClientConnections_RetrieveByBthAddr Entry
    2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	ClientConnections_RetrieveByBthAddr Exit (STATUS_NOT_FOUND (0xC0000225))
    2019/10/05-15:41:46.795	TRACE_LEVEL_INFORMATION	++ Device ACFD93095C20 name: Wireless Controller
    2019/10/05-15:41:46.795	TRACE_LEVEL_INFORMATION	Filter disabled, re-enabling in 10 seconds
    2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	L2CAP_PS3_DenyRemoteConnect Entry
    2019/10/05-15:41:46.796	TRACE_LEVEL_VERBOSE	L2CAP_PS3_DenyRemoteConnectCompleted Entry (STATUS_SUCCESS (0x00000000))
    2019/10/05-15:41:46.796	TRACE_LEVEL_VERBOSE	L2CAP_PS3_DenyRemoteConnectCompleted Exit
    2019/10/05-15:41:46.796	TRACE_LEVEL_VERBOSE	L2CAP_PS3_DenyRemoteConnect Exit
    2019/10/05-15:41:46.796	TRACE_LEVEL_VERBOSE	L2CAP_PS3_HandleRemoteConnectAsync Exit
    2019/10/05-15:41:56.796	TRACE_LEVEL_VERBOSE	BthPS3_EnablePatchEvtWdfTimer called, requesting filter to enable patch
    2019/10/05-15:41:56.796	TRACE_LEVEL_ERROR	PSM Filter enable request finished with status STATUS_SUCCESS (0x00000000)
    

    Filter log

    2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	>> Connection request for HID Control PSM 0x0011 arrived
    2019/10/05-15:41:46.795	TRACE_LEVEL_INFORMATION	++ Patching HID Control PSM to 0x5053
    2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	>> Bulk IN transfer (PipeHandle: FFFF9A0572BD6320)
    2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	UrbFunctionBulkInTransferCompleted Exit
    2019/10/05-15:41:46.795	TRACE_LEVEL_INFORMATION	BthPS3PSM_SidebandIoDeviceControl Entry
    2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	PSM patch disabled for device 0
    2019/10/05-15:41:46.795	TRACE_LEVEL_INFORMATION	BthPS3PSM_SidebandIoDeviceControl Exit
    2019/10/05-15:41:49.079	TRACE_LEVEL_VERBOSE	UrbFunctionBulkInTransferCompleted Entry
    2019/10/05-15:41:49.079	TRACE_LEVEL_VERBOSE	UrbFunctionBulkInTransferCompleted Exit
    2019/10/05-15:41:49.080	TRACE_LEVEL_VERBOSE	UrbFunctionBulkInTransferCompleted Entry
    2019/10/05-15:41:49.080	TRACE_LEVEL_VERBOSE	UrbFunctionBulkInTransferCompleted Exit
    2019/10/05-15:41:49.080	TRACE_LEVEL_VERBOSE	UrbFunctionBulkInTransferCompleted Entry
    2019/10/05-15:41:49.080	TRACE_LEVEL_VERBOSE	UrbFunctionBulkInTransferCompleted Exit
    2019/10/05-15:41:56.796	TRACE_LEVEL_INFORMATION	BthPS3PSM_SidebandIoDeviceControl Entry
    2019/10/05-15:41:56.796	TRACE_LEVEL_VERBOSE	PSM patch enabled for device 0
    2019/10/05-15:41:56.796	TRACE_LEVEL_INFORMATION	BthPS3PSM_SidebandIoDeviceControl Exit
    

    Next step: reading supported device names from registry as well.



  • Ugh, I feel so dirty. Let's see if this works nonetheless though...

    #include <ntstrsafe.h>
    
    BOOLEAN
    StringUtil_BthNameIsEqual(
        CHAR Lhs,
        WDFSTRING Rhs
    )
    {
        UNICODE_STRING usRhs;
        DECLARE_UNICODE_STRING_SIZE(usLhs, BTH_MAX_NAME_SIZE);
    
        //
        // WDFSTRING to UNICODE_STRING
        // 
        WdfStringGetUnicodeString(
            Rhs,
            &usRhs
        );
    
        //
        // CHAR to UNICODE_STRING
        // 
        RtlUnicodeStringPrintf(&usLhs, L"%s", Lhs);
    
        //
        // Compare case-insensitive
        // 
        return RtlEqualUnicodeString(&usLhs, &usRhs, TRUE);
    }
    
    

    EDIT: nope, not that easy 🤣

    2f7dfbb1-2b4e-4284-b75c-c6f157d7c4a3-image.png



  • Welp, fixed... %s ain't %hs 😖

    BOOLEAN
    StringUtil_BthNameIsEqual(
        PCHAR Lhs,
        WDFSTRING Rhs
    )
    {
        NTSTATUS status;
        UNICODE_STRING usRhs;
        DECLARE_UNICODE_STRING_SIZE(usLhs, BTH_MAX_NAME_SIZE);
    
        //
        // WDFSTRING to UNICODE_STRING
        // 
        WdfStringGetUnicodeString(
            Rhs,
            &usRhs
        );
    
        //
        // CHAR to UNICODE_STRING
        // 
        status = RtlUnicodeStringPrintf(&usLhs, L"%hs", Lhs);
        if (!NT_SUCCESS(status)) {
            TraceEvents(TRACE_LEVEL_INFORMATION,
                TRACE_UTIL,
                "RtlUnicodeStringPrintf failed with status %!STATUS!",
                status
            );
        }
    
        TraceEvents(TRACE_LEVEL_INFORMATION,
            TRACE_UTIL,
            "!! LHS: \"%wZ\" RHS: \"%wZ\"",
            &usLhs, &usRhs
        );
    
        //
        // Compare case-insensitive
        // 
        return RtlEqualUnicodeString(&usLhs, &usRhs, TRUE);
    }
    

    Result:

    2019/10/06-13:20:31.438	TRACE_LEVEL_INFORMATION	!! LHS: "Wireless Controller" RHS: "PLAYSTATION(R)3 Controller"
    2019/10/06-13:20:31.438	TRACE_LEVEL_INFORMATION	!! LHS: "Wireless Controller" RHS: "Wireless Controller1"
    2019/10/06-13:20:31.438	TRACE_LEVEL_WARNING	!! Device ACFD93095C20 not identified or denied, dropping connection
    


  • All features implemented, the closed beta team is currently testing the latest changes 🙂



  • Aftermarket compatibility established 😁

    08beadda-ab3e-489c-a86d-ed963b8c319e-image.png

    2019/10/07-20:04:47.624	TRACE_LEVEL_INFORMATION	++ Device 00F570996325 name: PLAYSTATION(R)3Conteroller-PANHAI
    2019/10/07-20:04:47.624	TRACE_LEVEL_VERBOSE	StringUtil_BthNameIsEqual LHS: "PLAYSTATION(R)3Conteroller-PANHAI" RHS: "PLAYSTATION(R)3 Controller"
    2019/10/07-20:04:47.624	TRACE_LEVEL_VERBOSE	StringUtil_BthNameIsEqual LHS: "PLAYSTATION(R)3Conteroller-PANHAI" RHS: "PLAYSTATION(R)3Conteroller-PANHAI"
    2019/10/07-20:04:47.624	TRACE_LEVEL_INFORMATION	++ Device 00F570996325 identified as SIXAXIS compatible
    


  • I dug up more, thanks to the archive of ScpToolkit issues 🤣

    af3fc049-7c31-443e-813f-c18795738a3a-image.png



  • Navigation and Motion controllers connect as well. But mine are low on battery, so let's let them plugged in over night 😅



  • Amazing progress! i can't wait!!!



  • Pairing devices to BthPS3

    Useful link collection for later 😃

    Far more comfortable than SCP or going through FireShock 😇



  • @nefarius I have only one dual shock pad for my pc, already paired, this tool it's useful for pairing new pads ?



  • @Luke76bg yep. Once paired it ain't needed anymore but it's easier to use (IMHO) than what you need to go through with Shibari and PowerShell. The tool is unfortunately closed source but has a wide audience (Android users) so I'd assume it's just freeware doing what it promises. I don't have the resources currently to provide something of similar value.



  • Hopefully that close beta testing is going well, can't wait to finally put SCP away and use this alongside other peripherals! ^_^



  • @anontsuki It's going very well. Unfortunately due to work and health-related issues I need to shift down a few gears and take it easy for the rest of October. So stable production release expected in November I'd say 😑



  • @nefarius That's okies! You keep it up and keep yourself all in good order! 😃

    November isn't far at all.



  • Trying to sign currently... 💣

    88e9b45e-2a96-4c00-9550-fa60360247cf-image.png

    So far every submission has been rejected because the CAB format wasn't correct... FML 💢



  • @nefarius 😧 Something special it needs to be?



  • Ha! Gotcha!

    9ea09b9b-922c-4543-b3aa-360fe78bd31f-image.png

    4be904d9-1fa3-40f0-9f8c-822274612aad-image.png

    Building those submission CAB files feels like ancient magic once you haven't done it for a couple of months but I got it 😇



  • Almost there 😄

    7a2e5587-2624-44fa-94a6-392764c15786-image.png

    b2c015b7-3fba-4e07-9397-79d8d6a618d7-image.png


Log in to reply