Hello,
This is not exactly a driver development related question.
I have a device which runs Embedded Linux in it. It interfaces with a
windows PC through USB over Ethernet. It uses the RNDIS driver in windows
side.
Currently I am using the default VID/PID value which came with the Linux
g_ether driver. But I’m not sure whether I can use these in the market.
If I were to put the device to the market, do I need to change the VID/PID
of the inf file and do the WHQL certification on it? Or can I use the
default VID/PID in the g_ether driver?
Current PID/VID is as follows,
%RndisDevice.COMM% = RNDIS.NT.5.1, USB\VID_0525&PID_A4A2
Thank you.
-Pradeepa
Pradeepa Senanayake wrote:
This is not exactly a driver development related question.
Sure it is. INF files and driver packages are a key (and difficult)
component of driver development.
I have a device which runs Embedded Linux in it. It interfaces with a
windows PC through USB over Ethernet. It uses the RNDIS driver in
windows side.
Currently I am using the default VID/PID value which came with the
Linux g_ether driver. But I’m not sure whether I can use these in the
market.
If I were to put the device to the market, do I need to change the
VID/PID of the inf file and do the WHQL certification on it? Or can I
use the default VID/PID in the g_ether driver?
Current PID/VID is as follows,
%RndisDevice.COMM%= RNDIS.NT.5.1, USB\VID_0525&PID_A4A2
If your device uses the same INF and the same driver as all of the other
0525/A4A2 devices, then you don’t need to change it. There may already
be a WHQLed driver you can use.
If your device has been altered in some way, so that you need your own
custom driver, then you really need to change the VID and PID. 0525
belongs to Netchips.
The key point is that, when you WHQL a driver for 0525/A4A2, your driver
goes into the Windows library as the driver for ALL devices with that
VID and PID. If your driver can’t do that, then you’d better use a
different number.
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.
Hello Tim,
Thanks for the response.
I have not changed any firmware side code. Neither do I need any custom
functionality. So I think I can use the Netchip driver as it is in that
case.
But since I am not Netchip, is it legal to load there driver in the
commercial environment to my device? (I have my own VID) Apart from the
Ethernet interface my device has it’s own functionality. Actually it is a
scanner. It interfaces with PC through RNDIS.
Also isn’t this some sort of a security issue. I can change the firmware
and put some fraud device into the market with Netchip PID/VID. In that
case also Windows will not distinguish between this fake device from the
original and load the driver. Actually I can pretend to be someone else in
that case. Isn’t this a security issue?
-Pradeepa
On Mon, Oct 27, 2014 at 11:01 PM, Tim Roberts wrote:
> Pradeepa Senanayake wrote:
>
>
> This is not exactly a driver development related question.
>
>
> Sure it is. INF files and driver packages are a key (and difficult)
> component of driver development.
>
>
> I have a device which runs Embedded Linux in it. It interfaces with a
> windows PC through USB over Ethernet. It uses the RNDIS driver in windows
> side.
>
> Currently I am using the default VID/PID value which came with the Linux
> g_ether driver. But I’m not sure whether I can use these in the market.
>
> If I were to put the device to the market, do I need to change the
> VID/PID of the inf file and do the WHQL certification on it? Or can I use
> the default VID/PID in the g_ether driver?
>
> Current PID/VID is as follows,
>
> %RndisDevice.COMM% = RNDIS.NT.5.1, USB\VID_0525&PID_A4A2
>
>
> If your device uses the same INF and the same driver as all of the other
> 0525/A4A2 devices, then you don’t need to change it. There may already be a
> WHQLed driver you can use.
>
> If your device has been altered in some way, so that you need your own
> custom driver, then you really need to change the VID and PID. 0525
> belongs to Netchips.
>
> The key point is that, when you WHQL a driver for 0525/A4A2, your driver
> goes into the Windows library as the driver for ALL devices with that VID
> and PID. If your driver can’t do that, then you’d better use a different
> number.
>
> –
> Tim Roberts, xxxxx@probo.com
> Providenza & Boekelheide, Inc.
>
>
> —
> NTDEV is sponsored by OSR
>
> Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev
>
> OSR is HIRING!! See http://www.osr.com/careers
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
Pradeepa Senanayake wrote:
I have not changed any firmware side code. Neither do I need any
custom functionality. So I think I can use the Netchip driver as it is
in that case.
But since I am not Netchip, is it legal to load there driver in the
commercial environment to my device? (I have my own VID) Apart from
the Ethernet interface my device has it’s own functionality. Actually
it is a scanner. It interfaces with PC through RNDIS.
That’s up to Netchip (or PLX, who now owns Netchip). When you bought
their chips and downloaded their development kit, you agreed to a
contract that dictated what you were allowed to do with their drivers.
Since most of these companies are interested in selling chips, the
agreements are usually pretty generous regarding the use of stock
drivers, but you’d need to check the fine print.
Also isn’t this some sort of a security issue. I can change the
firmware and put some fraud device into the market with Netchip
PID/VID. In that case also Windows will not distinguish between this
fake device from the original and load the driver. Actually I can
pretend to be someone else in that case. Isn’t this a security issue?
It can be, but the damage you can do is limited by the driver. Let’s
say you build a fraudulent device that responds as if it were a Logitech
C920 web camera. When you plug that it, Windows will load the C920 web
camera driver. Your device might be capable of many other nefarious
things, but remember that a USB device cannot “push” any data. It can
only send what it is asked to send. It can’t arbitrarily write over memory.
Indeed, the USB dangers being chatted up in the news today involve
exactly the opposite, where you plug in a genuine Logitech C920, but a
nefarious piece of software reprograms the firmware so that it also
includes (for example) a fake CD endpoint. Depending on your
configuration, Windows will do an autorun on the contents of that fake
CD, so when you plug the device into another PC, the infection spreads.
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.