Reverse Engineering RGB Keyboard Backlights With Linux Kernel Drivers

Summary:

This talk revolves around a recent hobby open source project I undertook to reverse engineer a Windows HP Laptop RGB Keyboard driver and re-implement the same functionality on Linux by writing a kernel driver. Initially, I thought this would be straightforward, but I was proven wrong fast! Due to the lack of any unified interface for keyboard backlights, laptop manufacturers create their own proprietary firmware to interface these devices using obscure Windows APIs. The first phase of my talk explains how I reverse-engineered these APIs to understand how they work and what I learned in the process. A lot of the standards used here are not only applicable to Keyboard LEDs but all manufacturer-specific functionality in general. In this section of the talk, I aim to explain different reverse engineering techniques for dotnet / Windows native applications. The second phase of my talk describes about how I started contributing to the Linux kernel and submitted my first patch to the mainline 6.x Linux Kernel. It also talks about my ongoing work on Linux HP WMI drivers, where I am working with Kernel Maintainers to introduce new standards to hopefully unify RGB keyboard drivers on Linux: something which Windows was unable to do!

Flow Of The Talk:

Chapter 1: How I reverse engineered a service written by HP in C# and .NET Length: (15 min) Reference Blog with actual content: https://dev.to/rishit/reverse-engineering-keyboard-driver-part-2-decompiling-net-applications-44l2

-> Introduction to the HP Light Studio Application: A small overview of how HP’s GUI tool to control RGB Keyboard backlights on Omen Laptops. A mini demo video to show the tool in action. This section is mostly to set the context and theme for the goal of the rest of the talk.

-> Using ILSpy to decompile DLL files, and exploring the source This is a small introduction (and a mini live demo) to using ILSPy (https://github.com/icsharpcode/ILSpy), an open source tool to decompile and reverse engineer DLL files written in C# and .NET I will give a quick introduction of how you can decompile a DLL on ILSply in under 2 clicks, and then browse through the source. (more details in blog posted above)

-> WMI and ACPI (https://lwn.net/Articles/391230/) This section of the talk describes standards introduced for reasons having nothing to do with keyboards and RGB backlights, working hand in hand to do exactly that! Quick Introduction to ACPI and WMI, a standard which was originally built to do power management on hardware components, but has now been extended to do basically any kind of manufacturer specific firmware interop.

Chapter 2: Developing WMI Drivers on the Linux Kernel Length: (15 min) An overview of my contributions to the kernel can be found here (some of this is WIP) https://lore.kernel.org/lkml/?q=rishit+bansal

-> Learning how existing drivers implement WMI in the kernel and getting inspiration from existing RGB backlight drivers (5 min) Here, I will talk about how I started browsing through the linux kernel source for the first time, and found the hp-wmi driver.

-> Learning about the linux kernel mailing list, and how people submit patches to the kernel (5 min) In this section I will talk about the process of contributing to the linux kernel, by showing my local setup to do the same: Introduction to the Linux Kernel Mailing List (LKML), and how people communicate there (https://lore.kernel.org/lkml/) Overview of Kernel “Patches”, and the journey of a patch from your machine all the way to the linux kernel’s main branch. Learning more about standards followed in the kernel (Coding style, and the hierarchy of maintenance to contact). Here I will explain how to use the check-maintaners.pl and checkpatch.pl scripts included in the kernel to make sure you are following the rules of making contributions.

-> Interacting with maintainers on the mailing list, and realising a standard for RGB backlights using the LED multicolor Class. (5 min) Here, I will give a short summary of my current work where I interacted with maintainers to hopefully set the stepping stones to introducing a unified interface for RGB backlights in the linux kernel. (More details in this email thread (https://lore.kernel.org/lkml/20230131235027.36304-1-rishitbansal0@gmail.com/T/#u)) If I have extra time, I also plan to introduce “sysfs” and “devfs”, and how these act as a bridge between userspace software to communicate with kernel space. (https://www.linux.it/~rubini/docs/devfs/)

Rishit Bansal a CS enthusiast and have been interested in fiddling around with technology since a young age. My first encounter with programming was during 8th grade in school, through web development, and since then, I have branched out into many other fields. While pursuing my degree in Computer Science from the Vellore Institute of Technology, I developed my technical skills through numerous internships, providing valuable industrial experience. I am a quick learner and always ready to explore new topics with a fresh approach, as seen from the diverse areas I have studied in the past. Currently working as a full-stack developer and DevOps engineer at Dyte. I have been one of the core team members of Dyte since its inception. Since then, I have built significant components of their infrastructure ground up to power millions of minutes of video callings every day. Here, I work with NodeJS, Typescript, WebRTC, Golang, and Kubernetes.