Bluetooth Filter Driver for DS3-compatibility - research notes

@nefarius Well i'm using your old scpi toolkit because the other solutions i couldn't get them to work if i have to be honest, your old driver works really good except for some bugs ( i have to connect two times my ds4 because the first time it's not really connected, i have to shut it off, and then when i press again the central button, it's connected to the dongle! However your old driver don't have a button mapping tool, autofire, and touchpad and central button can't be used in games, so that's why i'm waiting your solution so badly! Thanks for your answer, i'm so glad you added ds4 compatibility!!! ^^

I'm in your discord now, yesterday wasn't working, i don't know why!

Wait...your driver is not released yet, right ?

@Luke76bg said in Bluetooth Filter Driver for DS3-compatibility - research notes:

Wait...your driver is not released yet, right ?

That is correct. And button mapping and other stuff you mentioned isn't part of this, this covers the age old issue of having to replace the vanilla stock drivers for Bluetooth like under SCP. Controller data manipulation is a whole different topic. Achievable, yes, but not part of this thread 🙂

@nefarius There is Hori Onyx PS4 controller, that work with PS4 by BT only, without support for Windows (not detect as HID device after BT pairing, no drivers). Is there a chance, that will be worked with BthPS3?

Do you intend to release it soon ? If not, why don't you release beta version to public ?

@GregM no idea, don't know said device, subject to experimentation 😛

May work though if protocol compliant.

@Atreides I release it when I feel like it's stable and production ready. Since my name and reputation will be attached to it I won't release some beta garbage potentially crashing your machine. When and why? When it's done 😛 guess I'll still make it in the upcoming month but I have other priorities as well.

@nefarius said in Bluetooth Filter Driver for DS3-compatibility - research notes:

@GregM no idea, don't know said device, subject to experimentation 😛

May work though if protocol compliant.

The driver will work for every device with protocol compliant, or for specific device IDs?

@GregM for every device mimicking the classic remote names used by Sony in the firmware and using the same protocol as the PS3/4.

@nefarius said in Bluetooth Filter Driver for DS3-compatibility - research notes:

@GregM for every device mimicking the classic remote names used by Sony in the firmware and using the same protocol as the PS3/4.

The name is ONYX WIRELESS CONTROLLER, followed by PSM 0x11. So, if this name will be ok for the filter, then may work.

Dump from btmon:
9c2e7872-5eca-41fe-ac6c-22071e9b1172-obraz.png

@GregM you just raised a feature request: configurable name match 😆 you delayed release, congraz 😁

@nefarius said in Bluetooth Filter Driver for DS3-compatibility - research notes:

@GregM you just raised a feature request: configurable name match 😆 you delayed release, congraz 😁

Oh, no 🙂

The configurable name match is very good idea (better than static name set) 👍

@GregM yep, I'm convinced. That's a good idea and contributes to the flexibility to cover such cases as yours. Shouldn't take too much code to implement.

@nefarius said in Bluetooth Filter Driver for DS3-compatibility - research notes:

@GregM yep, I'm convinced. That's a good idea and contributes to the flexibility to cover such cases as yours. Shouldn't take too much code to implement.

I can test beta with this feature implemented on Onyx PS4.

@GregM that would be fabulous, I recommend hopping on our Discord for more responsive exchanges.

@nefarius said in Bluetooth Filter Driver for DS3-compatibility - research notes:

@GregM that would be fabulous, I recommend hopping on our Discord for more responsive exchanges.

Ok, I'm in 🙂

@nefarius ok i get it ,no problem at all, i just hope that the touch pad will be usable as a button in ds4!

Auto-reset filter implemented

And there we have it 🎉 it's now configurable if the DualShock 4 should be supported in PS4 mode and if turned off, the filter will be automatically disabled for a certain amount of seconds which allows the DS4 to re-connect in PC mode and then the filter patch will be enabled again automatically 😇

Profile log

2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	BthPS3_IndicationCallback Entry
2019/10/05-15:41:46.795	TRACE_LEVEL_INFORMATION	New connection for PSM 0x5053 from ACFD93095C20 arrived
2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	IRQL DPC (0x02) too high, preparing async call
2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	BthPS3_IndicationCallback Exit
2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	L2CAP_PS3_HandleRemoteConnectAsync Entry
2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	L2CAP_PS3_HandleRemoteConnect Entry
2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	ClientConnections_RetrieveByBthAddr Entry
2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	ClientConnections_RetrieveByBthAddr Exit (STATUS_NOT_FOUND (0xC0000225))
2019/10/05-15:41:46.795	TRACE_LEVEL_INFORMATION	++ Device ACFD93095C20 name: Wireless Controller
2019/10/05-15:41:46.795	TRACE_LEVEL_INFORMATION	Filter disabled, re-enabling in 10 seconds
2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	L2CAP_PS3_DenyRemoteConnect Entry
2019/10/05-15:41:46.796	TRACE_LEVEL_VERBOSE	L2CAP_PS3_DenyRemoteConnectCompleted Entry (STATUS_SUCCESS (0x00000000))
2019/10/05-15:41:46.796	TRACE_LEVEL_VERBOSE	L2CAP_PS3_DenyRemoteConnectCompleted Exit
2019/10/05-15:41:46.796	TRACE_LEVEL_VERBOSE	L2CAP_PS3_DenyRemoteConnect Exit
2019/10/05-15:41:46.796	TRACE_LEVEL_VERBOSE	L2CAP_PS3_HandleRemoteConnectAsync Exit
2019/10/05-15:41:56.796	TRACE_LEVEL_VERBOSE	BthPS3_EnablePatchEvtWdfTimer called, requesting filter to enable patch
2019/10/05-15:41:56.796	TRACE_LEVEL_ERROR	PSM Filter enable request finished with status STATUS_SUCCESS (0x00000000)

Filter log

2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	>> Connection request for HID Control PSM 0x0011 arrived
2019/10/05-15:41:46.795	TRACE_LEVEL_INFORMATION	++ Patching HID Control PSM to 0x5053
2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	>> Bulk IN transfer (PipeHandle: FFFF9A0572BD6320)
2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	UrbFunctionBulkInTransferCompleted Exit
2019/10/05-15:41:46.795	TRACE_LEVEL_INFORMATION	BthPS3PSM_SidebandIoDeviceControl Entry
2019/10/05-15:41:46.795	TRACE_LEVEL_VERBOSE	PSM patch disabled for device 0
2019/10/05-15:41:46.795	TRACE_LEVEL_INFORMATION	BthPS3PSM_SidebandIoDeviceControl Exit
2019/10/05-15:41:49.079	TRACE_LEVEL_VERBOSE	UrbFunctionBulkInTransferCompleted Entry
2019/10/05-15:41:49.079	TRACE_LEVEL_VERBOSE	UrbFunctionBulkInTransferCompleted Exit
2019/10/05-15:41:49.080	TRACE_LEVEL_VERBOSE	UrbFunctionBulkInTransferCompleted Entry
2019/10/05-15:41:49.080	TRACE_LEVEL_VERBOSE	UrbFunctionBulkInTransferCompleted Exit
2019/10/05-15:41:49.080	TRACE_LEVEL_VERBOSE	UrbFunctionBulkInTransferCompleted Entry
2019/10/05-15:41:49.080	TRACE_LEVEL_VERBOSE	UrbFunctionBulkInTransferCompleted Exit
2019/10/05-15:41:56.796	TRACE_LEVEL_INFORMATION	BthPS3PSM_SidebandIoDeviceControl Entry
2019/10/05-15:41:56.796	TRACE_LEVEL_VERBOSE	PSM patch enabled for device 0
2019/10/05-15:41:56.796	TRACE_LEVEL_INFORMATION	BthPS3PSM_SidebandIoDeviceControl Exit

Next step: reading supported device names from registry as well.

Ugh, I feel so dirty. Let's see if this works nonetheless though...

#include <ntstrsafe.h>

BOOLEAN
StringUtil_BthNameIsEqual(
    CHAR Lhs,
    WDFSTRING Rhs
)
{
    UNICODE_STRING usRhs;
    DECLARE_UNICODE_STRING_SIZE(usLhs, BTH_MAX_NAME_SIZE);

    //
    // WDFSTRING to UNICODE_STRING
    // 
    WdfStringGetUnicodeString(
        Rhs,
        &usRhs
    );

    //
    // CHAR to UNICODE_STRING
    // 
    RtlUnicodeStringPrintf(&usLhs, L"%s", Lhs);

    //
    // Compare case-insensitive
    // 
    return RtlEqualUnicodeString(&usLhs, &usRhs, TRUE);
}

EDIT: nope, not that easy 🤣

2f7dfbb1-2b4e-4284-b75c-c6f157d7c4a3-image.png

Welp, fixed... %s ain't %hs 😖

BOOLEAN
StringUtil_BthNameIsEqual(
    PCHAR Lhs,
    WDFSTRING Rhs
)
{
    NTSTATUS status;
    UNICODE_STRING usRhs;
    DECLARE_UNICODE_STRING_SIZE(usLhs, BTH_MAX_NAME_SIZE);

    //
    // WDFSTRING to UNICODE_STRING
    // 
    WdfStringGetUnicodeString(
        Rhs,
        &usRhs
    );

    //
    // CHAR to UNICODE_STRING
    // 
    status = RtlUnicodeStringPrintf(&usLhs, L"%hs", Lhs);
    if (!NT_SUCCESS(status)) {
        TraceEvents(TRACE_LEVEL_INFORMATION,
            TRACE_UTIL,
            "RtlUnicodeStringPrintf failed with status %!STATUS!",
            status
        );
    }

    TraceEvents(TRACE_LEVEL_INFORMATION,
        TRACE_UTIL,
        "!! LHS: \"%wZ\" RHS: \"%wZ\"",
        &usLhs, &usRhs
    );

    //
    // Compare case-insensitive
    // 
    return RtlEqualUnicodeString(&usLhs, &usRhs, TRUE);
}

Result:

2019/10/06-13:20:31.438	TRACE_LEVEL_INFORMATION	!! LHS: "Wireless Controller" RHS: "PLAYSTATION(R)3 Controller"
2019/10/06-13:20:31.438	TRACE_LEVEL_INFORMATION	!! LHS: "Wireless Controller" RHS: "Wireless Controller1"
2019/10/06-13:20:31.438	TRACE_LEVEL_WARNING	!! Device ACFD93095C20 not identified or denied, dropping connection

All features implemented, the closed beta team is currently testing the latest changes 🙂