Hacking into a Vehicle CAN bus (Toyothack and SocketCAN)

CAN bus is an automation fieldbus commonly used in the automotive industry as the main network bus to allow communications between the many on-board ECUs on modern vehicles.

The Linux kernel has native CAN bus support at network layer since some years, with a lot of drivers for both embedded and USB CAN bus controllers, so it’s now fairly easy to add a CAN bus interface to any Linux laptop and have a playaround with it.

In this post I’ll show how to tap into a modern car local bus, dump a bunch of data and analyze the trace offline to write a decoder from scratch using the SocketCAN APIs and utilities.

This is based on my experiences hacking into my Toyota… Toyothack!


https://fabiobaltieri.files.wordpress.com/2013/07/toyothack-intro.png

Read more of this post

Linux Kernel Device Drivers for AVR V-USB Devices

V-USB is a really convenient library to implement USB communication between an AVR microcontroller and any USB host enabled system.

The host side software for a V-USB device is usually handled either from a class driver, such as for HID-compliant devices, or from an userspace libusb-based application.

This post shows how to implement a Linux kernel device driver for a simple ep0-based V-USB device.

https://fabiobaltieri.files.wordpress.com/2012/05/vusb-kernel-intro.jpg
Read more of this post

Network Statistics with iptables and rrdtool

Netfilter is a powerful tool when it comes to select traffic on a Linux router.

When you set up a chain of rules with iptables, you are also get set of traffic counters with each rule you set, which can be used to see how many times the rule have matched.

If you place a chain of rules without any jump, the packet get counted and goes forward the chain, so that you can write a set of rules just to get some statistic of selected pattern of traffic in your network.

In this post I’ll show how to write some simple rule, get the data on a rrdtool database and plot a traffic graphic out of it.

Read more of this post

Network Activity LED with Linux LED Subsystem

This is a nice userspace application I use on my router to control the Internet connection status LED in “smart” way.

The idea is simple, instead of just randomly blink the LED when there is some activity on the network, this application checks for the total bytes transferred on the network interface, and blinks the LED every 100KB of data.

That behavior is borrowed from modern electric counter, which have a LED that blinks every predefined number of Watt/hour.

That’s useful because you can quickly have an idea of the bandwidth utilization of your connection by just checking how often the LED blinks, so you can instantly identify a low-bandwidth constant traffic by a high-bandwidth traffic.

Read more of this post

IPv6 Stateful Firewall with netfilter/ip6tables

IPv6 is coming!

Ok, that was just a provocation. If you have some interest in networking technologies you’ll know for sure that stable IPv6 implementation are around for many years now but very few providers give the user IPv6 connectivity. You can follow the IPv6 deployment status around the world on this Wikipedia page.

Anyway, for those of you who are lucky enough to have a real IPv6 connection, it’s time to add the “6” to some network utility, and that includes ip6tables!

This script is a stateful firewall for an IPv6 standalone and router installation, which provides the same level of security given by an IPv4 NAT router.

Read more of this post

IPv6 Tunnel Broker on GNU/Linux Routers

IPv6 connectivity is slowly spreading around the net day after day. Sooner or later you may want to get IPv6 connectivity to your home, as some providers already does with brave users.

If your ISP does not give you native IPv6 connectivity you can still get your own IPv6 access in a number of ways.

Read more of this post

Daemonizing Processes and System Log

If you write software for embedded applications, sooner or later you will end up writing a daemon.

In my work I see many embedded applications, but very often the programmer write and debug all the program in foreground, and then forgets to implement a simple daemonize function.

The consequence is that when the application is started from the init scripts instead that from a command shell, it locks up the entire boot sequence of the system.

Also, when writing a background application, all the messages should be redirected to the system log… don’t reinvent the wheel rewriting a new logging system!

Here I’ll show a sample daemonize() function, and how to use the syslog() library function.

Read more of this post

Linux LED Subsystem

LEDs… Everyone likes that! Those little shiny electronic devices are mounted on any well-made electronic equipment to indicate at a glance its working status. They tell you when your network has activity, when your laptop battery is empty, when your hard-drive is working, when your amplifier is overloading… they may even light up your bedroom!

In embedded systems the proper design of the front panel, with the right LED illuminated icons, is an essential feature and if you are familiar with network troubleshooting you can understand why!

Well-made devices should have a panel that instantly gives you an idea of what’s working and what’s not just by looking at it.

If you are using Linux as your kernel on a SoC design, you’ll be glad to know that it has an entire subsystem dedicated to LEDs!

In this post I’ll show how you to check if your system has some controllable LEDs, and how to use that from userspace applications and kernel drivers.

Read more of this post

Iptables Stateful Firewall and NAT Routing

Network packet filtering! Whether is your home or your company, modern networks have many systems connected. Even a small domestic network can provide connectivity to many devices of different kinds: PCs, laptops, printers, smartphones, game consoles, your neighbor’s laptop (wait… what?!), NASes, media players, TVs…

If you have some basic knowledge in networking, you’ll probably want a way to control all the traffic going through your network, and if you are running a GNU/Linux system, you probably already have what you need… Netfilter!

What you’ll find here are some examples of common Netfilter (iptables) configurations and some scripts I use as a base for my firewalls and network installations.

These are really useful if you need some advanced firewall configuration and you choose to run your own GNU/Linux system as a router instead of a commercial one. Also, these scripts may come in handy if you need to quickly replace a broken router with a spare PC.

Read more of this post

Using Serial Ports on GNU/Linux Systems

While for the modern PC user serial ports are just a page on Wikipedia, for the embedded developer a 3 wire UART can be a simple point-to-point bus, or even the only way you have to access the debug data of the system.

Serial ports are almost always used in SoC based designs as the bus to access the bootloader command prompt and the debugging console, and is not uncommon to find SoC with 5 or more serial ports. Also, many peripherals communicate with the main processor via UARTs, such as GPS, GSM modems, Bluetooth radio, field bus devices and general purpose microcontrollers.

On a GNU/Linux system, a serial port is just a character device file, which can be opened, written, read and closed. However, to properly use the device from a C application, you have to use a certain command sequence, which can be quite tricky if you never did it before.

Read more of this post