WdfUsbTargetDeviceCreateWithParameters fails in usb bus filter

Hello ! I am writing usb bus filter. I am upper filter for USB Bus Devices (hubs and host controllers) Class = USB ClassGuid = {36fc9e60-c465-11cf-8056-444553540000} I call WdfUsbTargetDeviceCreateWithParameters from prepare hardware callback like this: WDF_USB_DEVICE_CREATE_CONFIG usbCreateConfig; WDF_USB_DEVICE_CREATE_CONFIG_INIT(&usbCreateConfig, USBD_CLIENT_CONTRACT_VERSION_602); WDFUSBDEVICE usbDevice; NTSTATUS stat = WdfUsbTargetDeviceCreateWithParameters(device, &usbCreateConfig, WDF_NO_OBJECT_ATTRIBUTES, &usbDevice); Testing on virtualbox win10x64 with one usb hdd attached. Here are some the results for different devices enumerated during windows load Device 1: device class name is USB device description is USB xHCI Compliant Host Controller device manufacturer is Generic USB xHCI Host Controller device friendly name is Intel(R) USB 3.0 eXtensible Host Controller - 1.0 (Microsoft) device bus GUID name is GUID_BUS_TYPE_PCI device bus is PCIBus device location is PCI bus 0, device 12, function 0 Wdflogdump excerpt: FxUsbDevice::InitDevice - Could not retrieve device descriptor, 0xc0000010(STATUS_INVALID_DEVICE_REQUEST) Device 2: device description is USB Root Hub (USB 3.0) device class name is USB device manufacturer is (Standard USB HUBs) device bus GUID name is GUID_BUS_TYPE_USB device bus is PNPBus Wdflogdump excerpt: FxUsbDevice::InitDevice - Could not retrieve device descriptor, 0xc0000001(STATUS_UNSUCCESSFUL) Device 3: device description is USB Mass Storage Device device class name is USB device manufacturer is Compatible USB storage device device location is Port_#0009.Hub_#0001 device bus GUID name is GUID_BUS_TYPE_USB device bus is PNPBus Wdflogdump excerpt: FxUsbDevice::InitDevice - Could not retrieve device descriptor, 0xc00000bb(STATUS_NOT_SUPPORTED) I also tried to call this routine from adddevice and d0entry callbacks with the same result. Am I doing something wrong ? Maybe I can’t call this routine for filter device object ?

What are you trying to implement in this filter? You select configs are failing because an upper filter cannot send select configs through the FDO. Most FDOs are expecting to send the select config themselves, do not expect a select config IRP to be sent to the FDO so they fail the incoming select config IRPs.

Thank you very much Doran !!
I had such suspicion.
I don’t know much about usb right now. This is why I writing this filter, to learn things.

I try to query information about usb device, such as vid, pid, device class, serial number.
For one device( usb hdd) I can get this information if I send request directly to PDO, bypassing fdo.

if you are trying to learn, a class filter is not the right choice IMHO. Write a device lower filter for one specific device. Your usb mass storage device is a great example. Your device lower filter can see all of the USB URB traffice flowing from the FDO down the stack. From there you can query the config (i would not recommend setting the config as you are changing the state of the device behind the FDO’s back). as well

Thank you again Doran !

I don’t want to dive deep in usb internals. My goal is to identify devices so that my filter can decide if device will be available to user or not.
It would be great to construct some globally unique identifier for device, so that policy could be enforced for all machines in organization.

Also could you please confirm that I can change device state just by sending query urbs to device and device can misbehave as a result ?

querying state/config will not change the state. Can you expand on what you mean by “available to the user”? are you interested only in mass storage? any usb device?

A USB device will have have a globally unique identifier (it’s serial number) or not. In the absence of a serial number, there is no way to identify the device outside of the port it is plugged into. IOW, if it is plugged into a different port on the same machine, or a different machine entirely, it will be appear as an entirely new device.

@Doron_Holan said:
querying state/config will not change the state.
Thank you !

Can you expand on what you mean by “available to the user”?
I mean that I fail adddevice or start device if device is not whitelisted, not that device will be available for one user and not present for another

are you interested only in mass storage? any usb device?
Any usb device, so that employee was unable to use his personal usb storage/webcam/ anything usb on employer’s machine

A USB device will have have a globally unique identifier (it’s serial number) or not. In the absence of a serial number, there is no way to identify the device outside of the port it is plugged into. IOW, if it is plugged into a different port on the same machine, or a different machine entirely, it will be appear as an entirely new device.
Thank you, I thought so :frowning:

My goal is to identify devices so that my filter can decide if device will be available to user or not.

And what do you think YOU can do that the Windows Group Policy system and the roughly 300 existing products on the market that offer this exact same service cannot do?

I don’t want to dive deep in usb internals.

That’s a trigger phrase. How can you possibly hope to understand what effect your interference will have without understanding how USB works?

> @Tim_Roberts said: > (Quote) > And what do you think YOU can do that the Windows Group Policy system and the roughly 300 existing products on the market that offer this exact same service cannot do? I think that this is my task assigned to me by my higher ups > (Quote) > That’s a trigger phrase. How can you possibly hope to understand what effect your interference will have without understanding how USB works? For me it is enough to be able to query usb device characteristics. For example device class from device descriptor. If I fail device start device won’t appear on the system. I think that this is true for device of any class and not usb specific.