search

vmonaco / kloak

Keystroke-level online anonymization kernel: obfuscates typing behavior at the device level.
BSD 3-Clause "New" or "Revised" License
485 stars 35 forks source link

Unable to grab device '/dev/input/event6' : Device or resource busy on a Wooting One. #23

Open PoorPocketsMcNewHold opened 4 years ago

PoorPocketsMcNewHold commented 4 years ago 
pm@Velvet4Renaissance:~$ kloak
You are not root! This may not work...
Found keyboard at: /dev/input/event6
Found uinput at: /dev/uinput
Waiting 500 ms...
Unable to grab device '/dev/input/event6' : Device or resource busy
pm@Velvet4Renaissance:~$ sudo kloak
Found keyboard at: /dev/input/event6
Found uinput at: /dev/uinput
Waiting 500 ms...
Unable to grab device '/dev/input/event6' : Device or resource busy
pm@Velvet4Renaissance:~$ service kloak
kloak: unrecognized service
pm@Velvet4Renaissance:~$ sudo ./kloak -r /dev/input/event6 -w /dev/uinput
sudo: ./kloak : commande introuvable
pm@Velvet4Renaissance:~$ sudo kloak -r /dev/input/event6 -w /dev/uinput
Waiting 500 ms...
Unable to grab device '/dev/input/event6' : Device or resource busy
pm@Velvet4Renaissance:~$ sudo kloak -r /dev/input/event6 -w /dev/uinput
Waiting 500 ms...
Could not open input device /dev/input/event6: No such file or directory

And that last prompt, was me trying to launch kloak again, with my keyboard completely disconnected. So as you can see, It seems that Kloak can’t grab the device, despite being correctly found. But here's one of the weird reasons causing this. So, The Wooting One keyboard that i’m using has drivers partially registered as a controller, and with all that, I’ve got a Steam Controller (Not connected during testing) which is partially registered as a keyboard. I don’t know if those weird peripherals can prove to cause some difficulties to kloak, but i’m want to point those out. The reason for the Wooting Keyboards to be registered partially as a controller, is because they have analog keystrokes (Being able, to press gradually keys like an analog button on a controller for example). And for the case of the Steam Controller, is because it aims to be adapted for PC gaming, to that extent of acting as a keyboard for those games who don’t have support for controllers, emulating controllers inputs into keyboard ones for the game.

vmonaco commented 4 years ago

Thanks for the info. It never occurred to me that an analog keyboard might cause an issue. Multiple devices are also not handled in the best way for now. The auto detection is done by finding the first device that supports at least 20 different EV_KEY events.

I'm wondering if there's another device for the Wooting keyboard that might be a better choice. Can you post the output of: $ cat /proc/bus/input/devices?

PoorPocketsMcNewHold commented 4 years ago 
pm@Velvet4Renaissance:~$ cat /proc/bus/input/devices
I: Bus=0019 Vendor=0000 Product=0001 Version=0000
N: Name="Power Button"
P: Phys=PNP0C0C/button/input0
S: Sysfs=/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0C:00/input/input0
U: Uniq=
H: Handlers=kbd event0 evbug 
B: PROP=0
B: EV=3
B: KEY=10000000000000 0

I: Bus=0019 Vendor=0000 Product=0003 Version=0000
N: Name="Sleep Button"
P: Phys=PNP0C0E/button/input0
S: Sysfs=/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0E:00/input/input1
U: Uniq=
H: Handlers=kbd event1 evbug 
B: PROP=0
B: EV=3
B: KEY=4000 0 0

I: Bus=0019 Vendor=0000 Product=0001 Version=0000
N: Name="Power Button"
P: Phys=LNXPWRBN/button/input0
S: Sysfs=/devices/LNXSYSTM:00/LNXPWRBN:00/input/input2
U: Uniq=
H: Handlers=kbd event2 evbug 
B: PROP=0
B: EV=3
B: KEY=10000000000000 0

I: Bus=0003 Vendor=08bb Product=2902 Version=0100
N: Name="C-Media Electronics Inc.       USB PnP Sound Device"
P: Phys=usb-0000:00:14.0-1/input3
S: Sysfs=/devices/pci0000:00/0000:00:14.0/usb3/3-1/3-1:1.3/0003:08BB:2902.0001/input/input3
U: Uniq=
H: Handlers=kbd event3 evbug 
B: PROP=0
B: EV=13
B: KEY=7800000000 e000000000000 0
B: MSC=10

I: Bus=0003 Vendor=0738 Product=1703 Version=0100
N: Name="Madcatz Mad Catz R.A.T.3 Mouse"
P: Phys=usb-0000:00:14.0-3/input0
S: Sysfs=/devices/pci0000:00/0000:00:14.0/usb3/3-3/3-3:1.0/0003:0738:1703.0004/input/input4
U: Uniq=
H: Handlers=mouse0 event4 evbug 
B: PROP=0
B: EV=17
B: KEY=3ff0000 0 0 0 0
B: REL=903
B: MSC=10

I: Bus=0003 Vendor=03eb Product=ff01 Version=0111
N: Name="Wooting WootingOne"
P: Phys=usb-0000:00:14.0-4/input1
S: Sysfs=/devices/pci0000:00/0000:00:14.0/usb3/3-4/3-4:1.1/0003:03EB:FF01.0005/input/input5
U: Uniq=WOOT_000_A255B1801W010H00516
H: Handlers=event5 evbug leds 
B: PROP=0
B: EV=20001
B: LED=1f

I: Bus=0003 Vendor=03eb Product=ff01 Version=0111
N: Name="Wooting WootingOne"
P: Phys=usb-0000:00:14.0-4/input3
S: Sysfs=/devices/pci0000:00/0000:00:14.0/usb3/3-4/3-4:1.3/0003:03EB:FF01.0007/input/input6
U: Uniq=WOOT_000_A255B1801W010H00516
H: Handlers=sysrq kbd event6 evbug leds 
B: PROP=0
B: EV=120013
B: KEY=1000000000007 ff980000000007ff febeffdfffefffff fffffffffffffffe
B: MSC=10
B: LED=1f

I: Bus=0003 Vendor=03eb Product=ff01 Version=0111
N: Name="Wooting WootingOne"
P: Phys=usb-0000:00:14.0-4/input4
S: Sysfs=/devices/pci0000:00/0000:00:14.0/usb3/3-4/3-4:1.4/0003:03EB:FF01.0008/input/input7
U: Uniq=WOOT_000_A255B1801W010H00516
H: Handlers=kbd event7 evbug 
B: PROP=0
B: EV=1b
B: KEY=30040 0 0 808003072fd025 bf84444200000000 1 13007300138000 43fa00404c00 9e168000004400 10000002
B: ABS=100000000
B: MSC=10

I: Bus=0003 Vendor=03eb Product=ff01 Version=0111
N: Name="Wooting WootingOne"
P: Phys=usb-0000:00:14.0-4/input5
S: Sysfs=/devices/pci0000:00/0000:00:14.0/usb3/3-4/3-4:1.5/0003:03EB:FF01.0009/input/input8
U: Uniq=WOOT_000_A255B1801W010H00516
H: Handlers=event8 evbug js0 
B: PROP=0
B: EV=1b
B: KEY=fff000000000000 0 0 0 0
B: ABS=2ff
B: MSC=10

I: Bus=0003 Vendor=28de Product=1142 Version=0111
N: Name="Valve Software Steam Controller"
P: Phys=usb-0000:00:14.0-6/input0
S: Sysfs=/devices/pci0000:00/0000:00:14.0/usb3/3-6/3-6:1.0/0003:28DE:1142.000B/input/input11
U: Uniq=
H: Handlers=sysrq kbd mouse1 event9 evbug leds 
B: PROP=0
B: EV=120017
B: KEY=1f0000 0 0 e080ffdf01cfffff fffffffffffffffe
B: REL=903
B: MSC=10
B: LED=1f

I: Bus=0003 Vendor=0bda Product=485a Version=0111
N: Name="Generic USB Audio Consumer Control"
P: Phys=usb-0000:00:14.0-5.2/input3
S: Sysfs=/devices/pci0000:00/0000:00:14.0/usb3/3-5/3-5.2/3-5.2:1.3/0003:0BDA:485A.0012/input/input12
U: Uniq=201405280001
H: Handlers=kbd event10 evbug 
B: PROP=0
B: EV=1f
B: KEY=300ff 0 0 483ffff17aff32d bfd4444600000000 1 130ff38b17c000 677bfad9415fed 9ed68000004400 10000002
B: REL=1040
B: ABS=100000000
B: MSC=10

I: Bus=0003 Vendor=0bda Product=485a Version=0111
N: Name="Generic USB Audio"
P: Phys=usb-0000:00:14.0-5.2/input3
S: Sysfs=/devices/pci0000:00/0000:00:14.0/usb3/3-5/3-5.2/3-5.2:1.3/0003:0BDA:485A.0012/input/input13
U: Uniq=201405280001
H: Handlers=kbd event11 evbug 
B: PROP=0
B: EV=13
B: KEY=ffff 0 0 0 0 100000000000000 0 0 0
B: MSC=10

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HDA Intel PCH Front Mic"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:1b.0/sound/card0/input21
U: Uniq=
H: Handlers=event19 evbug 
B: PROP=0
B: EV=21
B: SW=10

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HDA Intel PCH Rear Mic"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:1b.0/sound/card0/input22
U: Uniq=
H: Handlers=event20 evbug 
B: PROP=0
B: EV=21
B: SW=10

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HDA Intel PCH Line"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:1b.0/sound/card0/input23
U: Uniq=
H: Handlers=event21 evbug 
B: PROP=0
B: EV=21
B: SW=2000

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HDA Intel PCH Line Out Front"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:1b.0/sound/card0/input24
U: Uniq=
H: Handlers=event22 evbug 
B: PROP=0
B: EV=21
B: SW=40

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HDA Intel PCH Line Out Surround"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:1b.0/sound/card0/input25
U: Uniq=
H: Handlers=event23 evbug 
B: PROP=0
B: EV=21
B: SW=40

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HDA Intel PCH Line Out CLFE"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:1b.0/sound/card0/input26
U: Uniq=
H: Handlers=event24 evbug 
B: PROP=0
B: EV=21
B: SW=40

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HDA Intel PCH Line Out Side"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:1b.0/sound/card0/input27
U: Uniq=
H: Handlers=event25 evbug 
B: PROP=0
B: EV=21
B: SW=40

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HDA Intel PCH Front Headphone"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:1b.0/sound/card0/input28
U: Uniq=
H: Handlers=event26 evbug 
B: PROP=0
B: EV=21
B: SW=4

I: Bus=0010 Vendor=001f Product=0001 Version=0100
N: Name="PC Speaker"
P: Phys=isa0061/input0
S: Sysfs=/devices/platform/pcspkr/input/input29
U: Uniq=
H: Handlers=kbd event12 evbug 
B: PROP=0
B: EV=40001
B: SND=6

I: Bus=0003 Vendor=03f0 Product=e207 Version=1022
N: Name="HP Webcam HD 2300: HP Webcam HD"
P: Phys=usb-0000:00:14.0-2/button
S: Sysfs=/devices/pci0000:00/0000:00:14.0/usb3/3-2/3-2:1.0/input/input30
U: Uniq=
H: Handlers=kbd event13 evbug 
B: PROP=0
B: EV=3
B: KEY=100000 0 0 0

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HDA NVidia HDMI/DP,pcm=3"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:01.0/0000:01:00.1/sound/card1/input33
U: Uniq=
H: Handlers=event14 evbug 
B: PROP=0
B: EV=21
B: SW=140

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HDA NVidia HDMI/DP,pcm=7"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:01.0/0000:01:00.1/sound/card1/input34
U: Uniq=
H: Handlers=event15 evbug 
B: PROP=0
B: EV=21
B: SW=140

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HDA NVidia HDMI/DP,pcm=8"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:01.0/0000:01:00.1/sound/card1/input35
U: Uniq=
H: Handlers=event29 evbug 
B: PROP=0
B: EV=21
B: SW=140

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="HDA NVidia HDMI/DP,pcm=9"
P: Phys=ALSA
S: Sysfs=/devices/pci0000:00/0000:00:01.0/0000:01:00.1/sound/card1/input36
U: Uniq=
H: Handlers=event30 evbug 
B: PROP=0
B: EV=21
B: SW=140

I: Bus=0000 Vendor=0000 Product=0000 Version=0000
N: Name="kloak"
P: Phys=
S: Sysfs=/devices/virtual/input/input42
U: Uniq=
H: Handlers=sysrq rfkill kbd event256 evbug 
B: PROP=0
B: EV=3
B: KEY=ffffffffffff ffffffffffffffff ffffffffffffffff fffffffffffffffe

I: Bus=0003 Vendor=256c Product=006e Version=0111
N: Name="HUION Pen"
P: Phys=usb-0000:00:14.0-9.2/input0
S: Sysfs=/devices/pci0000:00/0000:00:14.0/usb3/3-9/3-9.2/3-9.2:1.0/0003:256C:006E.0019/input/input43
U: Uniq=
H: Handlers=mouse2 event16 evbug 
B: PROP=2
B: EV=1b
B: KEY=1c01 0 0 0 0 0
B: ABS=1000003
B: MSC=10

I: Bus=0003 Vendor=256c Product=006e Version=0111
N: Name="HUION Pad"
P: Phys=usb-0000:00:14.0-9.2/input0
S: Sysfs=/devices/pci0000:00/0000:00:14.0/usb3/3-9/3-9.2/3-9.2:1.0/0003:256C:006E.0019/input/input44
U: Uniq=
H: Handlers=event17 evbug js1 
B: PROP=0
B: EV=1b
B: KEY=800 30000000003ff 0 0 0 0
B: ABS=3
B: MSC=10

I: Bus=0003 Vendor=256c Product=006e Version=0111
N: Name="HUION Mouse"
P: Phys=usb-0000:00:14.0-9.2/input1
S: Sysfs=/devices/pci0000:00/0000:00:14.0/usb3/3-9/3-9.2/3-9.2:1.1/0003:256C:006E.001A/input/input45
U: Uniq=
H: Handlers=mouse3 event18 evbug 
B: PROP=0
B: EV=17
B: KEY=1f0000 0 0 0 0
B: REL=1943
B: MSC=10

I: Bus=0003 Vendor=256c Product=006e Version=0111
N: Name="HUION Keyboard"
P: Phys=usb-0000:00:14.0-9.2/input2
S: Sysfs=/devices/pci0000:00/0000:00:14.0/usb3/3-9/3-9.2/3-9.2:1.2/0003:256C:006E.001B/input/input47
U: Uniq=
H: Handlers=sysrq kbd event27 evbug 
B: PROP=0
B: EV=100013
B: KEY=1000000000007 ff9f207ac14057ff febeffdfffefffff fffffffffffffffe
B: MSC=10

I: Bus=0003 Vendor=256c Product=006e Version=0111
N: Name="HUION Consumer Control"
P: Phys=usb-0000:00:14.0-9.2/input2
S: Sysfs=/devices/pci0000:00/0000:00:14.0/usb3/3-9/3-9.2/3-9.2:1.2/0003:256C:006E.001B/input/input48
U: Uniq=
H: Handlers=kbd event28 evbug 
B: PROP=0
B: EV=1f
B: KEY=300ff 0 0 483ffff17aff32d bfd4444600000000 1 130c730b17c000 267bfad9415fed 9e168000004400 10000002
B: REL=1040
B: ABS=100000000
B: MSC=10

I: Bus=0003 Vendor=256c Product=006e Version=0111
N: Name="HUION System Control"
P: Phys=usb-0000:00:14.0-9.2/input2
S: Sysfs=/devices/pci0000:00/0000:00:14.0/usb3/3-9/3-9.2/3-9.2:1.2/0003:256C:006E.001B/input/input49
U: Uniq=
H: Handlers=kbd event31 evbug 
B: PROP=0
B: EV=13
B: KEY=c000 10000000000000 0
B: MSC=10

Oh! Great, It seems that my drawing tablet is recognized as a keyboard too! Awesome! (Sarcasm). I suppose it's due to not being entirely handled by my Linux distribution, and it installed whatever compatibility drivers it had. My actual Graphical tablet is a Huion 420, and doesn't have any real features that would explain a driver like this to be used (It only has a light indicator when the tablet is being pressed, and two additional mouse buttons on the stylus) Outside of that, I think the rest of the entries are pretty self-explanatory.

vmonaco commented 4 years ago

When I wrote the autodetect, I realized how difficult it was to generally recognize the correct device. Most of the devices above support EV_KEY events (such as the power/sleep buttons and the mouse devices). Anything with a bit set in the 1 offset position in the EV bitstring (see https://unix.stackexchange.com/questions/74903/explain-ev-in-proc-bus-input-devices-data).

The Wooting keyboard at /input3, /input4, and /input5 all support EV_KEY events. But I also see kloak registered as a device, which should only occur if it's running successfully. If that's the case, that would explain the error grabbing the keyboard. Is it possible kloak was running in the first comment above, maybe it got detached from the service somehow? (check with $ pgrep kloak).

PoorPocketsMcNewHold commented 4 years ago

I just got 5799 as an output of pgrep kloak. However, after testing the keyboard pattern recognition test, I can confirm it doesn't work as expected (Achieving 99%).

vmonaco commented 4 years ago

The high accuracy could be due to either:

  1. kloak is running on the wrong device. To make sure the correct device was actually found, you can use the eventcap tool. After cloning the repository, try

    $ make eventcap $ sudo ./eventcap /dev/input/event5 $ sudo ./eventcap /dev/input/event6 ...

and then type on the keyboard to determine which is the correct device (you'll should see the events printed to std out when the right device is selected).

  1. The max delay parameter is too low. The default is 100 ms. Once you verify the correct device has been grabbed, and still getting high accuracy, try increasing the max delay (make sure kloak is not running first by stopping the service if you installed the package):

    $ sudo ./kloak -d 200 -r "/dev/input/event5"

using the device you found in the previous step.

PoorPocketsMcNewHold commented 4 years ago 
pm@host:~/kloak$ make eventcap
gcc src/eventcap.c -o eventcap   
pm@host:~/kloak$ sudo ./eventcap /dev/input/event5
Reading From : /dev/input/event5 (Wooting WootingOne)
sasdasd I suppose it does say things there. That's also what i'm currently typing on my keyboard (Under, non analog mode)

^C
pm@host:~/kloak$ sudo ./eventcap /dev/input/event6
Reading From : /dev/input/event6 (Wooting WootingOne)
And, it works there aswell. saddasd Yep, even in analog mode. (Analog mode mainly make the analog input, but by default, does a keyboard input aswell, if it isn't supported)

^C
pm@host:~/kloak$ sudo ./kloak -d 200 -r "/dev/input/event5"
sudo: ./kloak : commande introuvable
pm@host:~/kloak$ sudo ./kloak -d 200 -r "/dev/input/event6"
sudo: ./kloak : commande introuvable
pm@host:~/kloak$ cd
pm@host:~$ stop kloak
bash: stop : commande introuvable
pm@host:~$ stop service kloak
bash: stop : commande introuvable
pm@host:~$ kloak
You are not root! This may not work...
Found keyboard at: /dev/input/event6
Found uinput at: /dev/uinput
Waiting 500 ms...
Unable to grab device '/dev/input/event6' : Device or resource busy
pm@host:~$ htop
pm@host:~$ I've just SIGTERM the kloak service trought htop btw
> ^C
pm@host:~$ sudo kloak -d 200 -r "/dev/input/event5"
Found uinput at: /dev/uinput
Waiting 500 ms...
********************************************************************************
* Started kloak : Keystroke-level Online Anonymizing Kernel
* Reading from  : /dev/input/event5 (Wooting WootingOne)
* Writing to    : /dev/uinput
* Maximum delay : 200 ms
* Rescue keys   : KEY_LEFTSHIFT + KEY_RIGHTSHIFT + KEY_ESC
********************************************************************************
sssw Yep, still working on non-analog mode.
^[^C
pm@host:~$ sudo kloak -d 200 -r "/dev/input/event6"
Found uinput at: /dev/uinput
Waiting 500 ms...
Unable to grab device '/dev/input/event6' : Device or resource busy
pm@host:~$ htop
pm@host:~$ sudo kloak -d 200 -r "/dev/input/event6"
Found uinput at: /dev/uinput
Waiting 500 ms...
Unable to grab device '/dev/input/event6' : Device or resource busy
pm@host:~$ sudo kloak -d 200 -r "/dev/input/event5"
Found uinput at: /dev/uinput
Waiting 500 ms...
********************************************************************************
* Started kloak : Keystroke-level Online Anonymizing Kernel
* Reading from  : /dev/input/event5 (Wooting WootingOne)
* Writing to    : /dev/uinput
* Maximum delay : 200 ms
* Rescue keys   : KEY_LEFTSHIFT + KEY_RIGHTSHIFT + KEY_ESC
********************************************************************************
sdwa And here in analog mode. But as you can see, It doesn´t work for event6^C

So, the event cap test does work on both input events, however, trying a maximum delay only works for the event5 input. However, with a train kloak, test kloak, I get a 96% of accuracy on the test. With a train normal, test kloak, (By setting 200ms command at the test section) i also get 96%.