rtl8xxxu true love for cheap usb wifi dongles
play

rtl8xxxu - true love for cheap USB WiFi dongles Jes Sorensen - PowerPoint PPT Presentation

Apr 19, 2023 •455 likes •609 views

rtl8xxxu - true love for cheap USB WiFi dongles Jes Sorensen <Jes.Sorensen@gmail.com> 1 / 15 How this project came about Purchased laptop with rlt8723au device No driver in upstream kernel. No specs Out of tree vendor

  1. rtl8xxxu - true love for cheap USB WiFi dongles Jes Sorensen <Jes.Sorensen@gmail.com> 1 / 15

  2. How this project came about ● Purchased laptop with rlt8723au device – No driver in upstream kernel. – No specs – Out of tree vendor provided driver ● I can clean this up in a couple of months and get it merged... riiiiiiight! ● 6 months hacking relentlessly on vendor code, finally got rtl8723au included into staging 2 / 15

  3. Linux 802.11 stack ● FullMAC vs SoftMAC – MLME (Media Access Control (MAC) Sublayer Management Entity) ● SoftMAC use mac80211 ● FullMAC use cfg80211 3 / 15

  4. Realtek hardware and software Only 802.11N+ devices: ● 1T1R 2T2R 1WiFi+1BT Chip MIMO/BT Gen Support Simple device, limited FW assist 8188su 1T1R 0 No ● 8192su 2T2R 0 No SW or firmware rate control ● 8723au 1T1R+BT 1 Yes Multiple TX+RX packet ● 8188cu 1T1R 1 Yes descriptor formats 8192cu 2T2R 1 Yes No direct method reporting TX ● 8188ru 1T1R hi-pa 1 Yes speed. Gen 2 parts have some 8192du 2T2R abgn 1 No Internal 'paths' configurable to 8188eu 1T1R 1.5 Almost ● external antenna. Bits set which 8192eu 2T2R 2 Yes antenna is enabled for TX+RX 8723bu 1T1R+BT 2 Yes USB/SDIO/PCIe version of each 881xau 4T4R ac 3 Not yet ● USB DMA packet aggregation ● Could use different RF modules 4 / 15 ●

  5. ● Realtek development process 1) Respin hardware 2) cp -a driver-<oldchip> driver-<newchip> 3) Hack driver-<newchip> 4) Release driver-<newchip> 5) goto 1 ● Endless revisions of drivers ● No multi-device support – no multi bus support 5 / 15

  6. Realtek vendor drivers Cross platform #ifdefmeharder: Windows XP, Windows CE, OSX, ● FreeBSD, Android, ARM embedded Linux (routers & TVs), Linux Emulates fullmac driver – comes with own 802.11 stack ● Multiple teams maintaining different driver modules using different ● styles: hal, ODM, core, OS: – Multiple defines for the same registers – Different APIs for accessing the same registers: PHY_SetBBReg(PADAPTER Adapter, u32 RegAddr, u32 BitMask, u32 Data) ODM_Write1Byte(PDM_ODM_T pDM_Odm, u4Byte RegAddr, u1Byte Data) ODM_SetBBReg(PDM_ODM_T pDM_Odm, u4Byte RegAddr, u4Byte BitMask, u4Byte Data) Command/event architecture to match hardware ● – Except hardware doesn't have command/event – Let's emulate in software! 6 / 15

  7. rtl8723au mac80211 (softmac) driver ● How hard can it be? ● X days later .... receive data .... connect to AP .... crypto ● Documentation? what documentation? – Read vendor driver over and over and over and over to understand what it is doing and why. – Trace register read+writes compare to vendor flow – Document registers based on vendor code + comments ● Lots of initialization via register files (reg value + data) ● Register files for power state change ● Relies on firmware rate control ● BT control via register reads/writes – no work on BT 7 / 15

  8. 8723au and 8188cu/8192cu ● Very similar devices – adding support was a couple of days of work ● Same TX+RX descriptor format ● Same firmware API (48 bits for H2C commands/C2H events) ● Device feature detection ● Retrieve init register files (reg+data) from vendor driver ● Handle 2T2R setup and channel config ● Special handling for 8188ru due to high power amplifier (special version of 8188cu) ● DMA packet aggregation 8 / 15

  9. Moving on to gen2 - 8723bu ● More! more! ordered every cheap dongle I found ● Had to get 8723bu from online Chinese retailer. Now started to show up in mini desktops + tablets ● New RX and TX descriptor formats ● New firmware API (64 bits for H2C commands + C2H events) ● Init flow in vendor driver reordered ● Firmware commands for selecting antennas and BT assignment ● New S0S1 internal path switch – haven't figured out how this work yet. Presumably related to BT vs WiFi ● No work on BT 9 / 15

  10. 8192eu ● Standard 2T2R similar to 8192cu – no BT ● Same TX/RX descriptor format as 8723bu ● Same firmware H2C/C2H API as 8723bu ● Reordered init sequence 10 / 15

  11. 8188eu ● Oddball inbetween device – one of the most common 150N devices on the market ● Odd IOL firmware assist API – Used for device setup – can be ignored ● Uses gen2 firmware H2C/C2H API ● Uses gen1 channel configuration API ● No firmware rate control! ● Currently works for non MCS (N) rates (B+G) 11 / 15

  12. Status ● 8723au/8188cu/8188ru/8192cu/8192eu/8723bu upstream ● 8188eu work in progress ● Station and monitor mode supported ● DMA aggregation added ● Patch to remove drivers/staging/rtl8723au submitted 12 / 15

  13. TODO – Help wanted! ● Finish up 8188eu ● Host rate control ● Beacon support – AP and Ad-Hoc mode ● SDIO support ● AMPDU support ● Automatic antenna detection ● PCIe support ● 802.11ac devices ● 8192du ● Bluetooth support for 8723au/8723bu 13 / 15

  14. Lessons learned ● WiFi is just a „little“ more complex than Ethernet ● Getting something into staging does not mean the job is done – Magnet for cosmetic fixups, few real fixes ● Register access traces are magic ● „How hard can it be“ really means: Walk away now! 14 / 15

  15. Acknowledgements ● Johannes Berg: Answering endless questions ● Larry Finger: Help with vendor drivers and vendor communication ● Andrea Merello & Taehee Yoo: 8188eu ● Bruno Randolf: Monitor mode ● Jakub Sitnicki: Early 8192eu work 15 / 15

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

TRUE patriot LOVE TRUE patriot LOVE The story of magazines in Canada is a political

TRUE patriot LOVE TRUE patriot LOVE The story of magazines in Canada is a political

TRUE patriot LOVE TRUE patriot LOVE The story of magazines in Canada is a political saga of small independent interests struggling to survive in an environment dominated by foreign interests. Historica Canada TRUE patriot

931 views • 29 slides
The meaning behind the song On the first day of Christmas my true love gave to me.... The

The meaning behind the song On the first day of Christmas my true love gave to me.... The

The meaning behind the song On the first day of Christmas my true love gave to me.... The True Love represents God and the me who receives these presents is the Christian The Partridge in a Pear Tree was Jesus Christ who

422 views • 8 slides
Pco PCD tri c N p Cn we didn't really prove pint D so 1 Induction Induction is a technique for

Pco PCD tri c N p Cn we didn't really prove pint D so 1 Induction Induction is a technique for

AU students love CS 70 Theorem given a set of n students they all love Let Pcn be Proof CS 70 PCO is trivially true Based Inducti vestep Assume Pln is true Suppose we're given a set of students Si Sa Sn Sn t By inductive hypothesis students

253 views • 8 slides
Ahyou gotta love family! No really, you doyou gotta love family. Family comes from the same

Ahyou gotta love family! No really, you doyou gotta love family. Family comes from the same

Ahyou gotta love family! No really, you doyou gotta love family. Family comes from the same word as familiar. Youve heard the phrase familiarity breeds contempt. This is true of families. We can love and seemingly dislike each

746 views • 30 slides
I am the the TR TRUE UE Vine. John 15 ohn 15 Abiding in Christs Love John 15:9-11

I am the the TR TRUE UE Vine. John 15 ohn 15 Abiding in Christs Love John 15:9-11

I am the the TR TRUE UE Vine. John 15 ohn 15 Abiding in Christs Love John 15:9-11 9 As the Father has loved me, so have I loved you. Abide in my love. 10 If you keep my commandments, you will abide in my love, just as I have

768 views • 42 slides
Outbound Student Orientation Oh Canada O Canada! Our home and native land! True patriot love in

Outbound Student Orientation Oh Canada O Canada! Our home and native land! True patriot love in

Outbound Student Orientation Oh Canada O Canada! Our home and native land! True patriot love in all of us command. With glowing hearts we see thee rise, The True North strong and free! From far and wide, O Canada, we stand on guard for thee.

593 views • 55 slides
Christian Love Weve Heard a Lot about Love Cant buy my Love! -The Beatles Love

Christian Love Weve Heard a Lot about Love Cant buy my Love! -The Beatles Love

9/7/2017 Christian Love Weve Heard a Lot about Love Cant buy my Love! -The Beatles Love Dont Cost a Thing -Jennifer Lopez Love Will Keep Us Together! -Captain &amp; Tennille Love Takes Time -Mariah Carey 1

425 views • 4 slides
Unbound &amp; FreeBSD A true love story (at the end of November 2013) 1 Presentation for

Unbound &amp; FreeBSD A true love story (at the end of November 2013) 1 Presentation for

Unbound &amp; FreeBSD A true love story (at the end of November 2013) 1 Presentation for EUROBSDCON 2019 Conference September 19-22, 2019 Lillehammer, Norway 2 About me: Pablo Carboni (42) , from Buenos Aires, Argentina. Worked as Unix

453 views • 31 slides
WiFi security Harald Vranken 1 Agenda WiFi security WEP WPA(2) WPA3 2 WiFi

WiFi security Harald Vranken 1 Agenda WiFi security WEP WPA(2) WPA3 2 WiFi

Advanced Network Security WiFi security Harald Vranken 1 Agenda WiFi security WEP WPA(2) WPA3 2 WiFi IEEE 802.11 standard Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications original

721 views • 48 slides
Plug-N-Pwned: Comprehensive Vulnerability Analysis of OBD-II Dongles as A New Over-the-Air Attack

Plug-N-Pwned: Comprehensive Vulnerability Analysis of OBD-II Dongles as A New Over-the-Air Attack

Plug-N-Pwned: Comprehensive Vulnerability Analysis of OBD-II Dongles as A New Over-the-Air Attack Surface in Automotive IoT Haohuang Wen 1 , Qi Alfred Chen 2 , Zhiqiang Lin 1 1 Ohio State University 2 University of California, Irvine USENIX

278 views • 26 slides
Key principles No drug or alternative therapy is cheap No cost effectiveness if not

Key principles No drug or alternative therapy is cheap No cost effectiveness if not

Key principles No drug or alternative therapy is cheap No cost effectiveness if not effective, not safe if not evaluated Ingredients vary, as does quality, price and consistency Patients love natural, organic, home-remedy, old-

387 views • 6 slides
I am the the TR TRUE UE Vine. John 15 ohn 15 Identity Crisis John 15:12-17 12

I am the the TR TRUE UE Vine. John 15 ohn 15 Identity Crisis John 15:12-17 12

I am the the TR TRUE UE Vine. John 15 ohn 15 Identity Crisis John 15:12-17 12 This is my commandment, that you love one another as I have loved you. 13 Greater love has no one than this, that someone lay down his life for his

668 views • 34 slides
WiFi security Harald Vranken 1 Agenda Introduction to WiFi Open WiFi networks Home

WiFi security Harald Vranken 1 Agenda Introduction to WiFi Open WiFi networks Home

Advanced Network Security (2019-2020) WiFi security Harald Vranken 1 Agenda Introduction to WiFi Open WiFi networks Home WiFi network IEEE 802.11 WEP WPA/WPA2/WPA3 Personal/Enterprise Eduroam Attacks 2

674 views • 45 slides
nouvelle mthode de placement MSc Jacques VERCRUYSSE GEO-GREEN sprl-bvba Cheap-GSHPs (Cheap and

nouvelle mthode de placement MSc Jacques VERCRUYSSE GEO-GREEN sprl-bvba Cheap-GSHPs (Cheap and

Cheap and efficient application of reliable Ground Source Heat exchangers and Pumps Training Workshop Nouveau type de sondes gothermiques et nouvelle mthode de placement MSc Jacques VERCRUYSSE GEO-GREEN sprl-bvba Cheap-GSHPs (Cheap and

521 views • 23 slides
LAVISH LOVE Mark 14:1-11 MAIN POINTS: 1. The Climate Jesus Is In 2. The Contrast of True

LAVISH LOVE Mark 14:1-11 MAIN POINTS: 1. The Climate Jesus Is In 2. The Contrast of True

LAVISH LOVE Mark 14:1-11 MAIN POINTS: 1. The Climate Jesus Is In 2. The Contrast of True Worship 3. The Conclusion of Judas QUESTION: What is the kindest thing anyone has ever done for you? 1. THE CLIMATE JESUS IS IN MARK 14:1-2 After two

887 views • 30 slides
Overview Basic WiFi concepts Some deployment issues WiFi versions 15-441/641: WiFi

Overview Basic WiFi concepts Some deployment issues WiFi versions 15-441/641: WiFi

11/20/2019 Overview Basic WiFi concepts Some deployment issues WiFi versions 15-441/641: WiFi Networks 15-441 Fall 2019 Profs Peter Steenkiste &amp; Justine Sherry Fall 2019 https://computer-networks.github.io/fa19/ 2

717 views • 10 slides
ANNUAL RESULTS PRESENTATION YEAR ENDED 30 JUNE 2013 19 August 2013 Growthpoint Properties

ANNUAL RESULTS PRESENTATION YEAR ENDED 30 JUNE 2013 19 August 2013 Growthpoint Properties

GROWTHPOINT PROPERTIES AUSTRALIA (ASX CODE: GOZ) ANNUAL RESULTS PRESENTATION YEAR ENDED 30 JUNE 2013 19 August 2013 Growthpoint Properties Australia Trust ARSN 120 121 002 Growthpoint Properties Australia Limited ABN 33 124 093 901 AFSL

480 views • 24 slides
THE ENERGY INFRASTRUCTURE INITIATIVE International Conference on Quality, Leadership and

THE ENERGY INFRASTRUCTURE INITIATIVE International Conference on Quality, Leadership and

THE ENERGY INFRASTRUCTURE INITIATIVE International Conference on Quality, Leadership and Management in the Nuclear Industry DAN PASQUALE SR. REACTOR SYSTEMS ENGINEER (301) 415-2498 Daniel.Pasquale@nrc.gov To license and regulate the

567 views • 29 slides
For personal use only Cloud security through cloud gateway intelligence FCT July Update Innovate

For personal use only Cloud security through cloud gateway intelligence FCT July Update Innovate

For personal use only Cloud security through cloud gateway intelligence FCT July Update Innovate Create Execute July 2017 1 For personal use only AGENDA Executive Summary Steve OBrien, MD Financial &amp; Operational Update

549 views • 30 slides
Security and Intelligence Services (India) Ltd INVESTOR PRESENTATION November 2017 2 SAFE

Security and Intelligence Services (India) Ltd INVESTOR PRESENTATION November 2017 2 SAFE

Security and Intelligence Services (India) Ltd INVESTOR PRESENTATION November 2017 2 SAFE HARBOUR This presentation and the accompanying slides (the Presentation), which have been prepared by Security and Intelligence Services (India)

612 views • 49 slides
Mobile Auto Godfrey Nolan RIIS LLC Agenda o Intro o The next big thing o So many options o Apple

Mobile Auto Godfrey Nolan RIIS LLC Agenda o Intro o The next big thing o So many options o Apple

Mobile Auto Godfrey Nolan RIIS LLC Agenda o Intro o The next big thing o So many options o Apple Carplay o Android Auto o Caveats o Getting to market o Even more options o Predictions RIIS LLC Intro Apple Carplay RIIS LLC Intro Apple

853 views • 59 slides
RF E xposur e Pr oc e dur e s Pr e se nte r : Jake Novic ky T CB Wor kshop Nove mbe r

RF E xposur e Pr oc e dur e s Pr e se nte r : Jake Novic ky T CB Wor kshop Nove mbe r

RF E xposur e Pr oc e dur e s Pr e se nte r : Jake Novic ky T CB Wor kshop Nove mbe r 2019 F e de ra l Co mmunic a tio ns Co mmissio n Offic e o f E ng ine e ring a nd T e c hno lo g y L a b o ra to ry Divisio n (E d ito

503 views • 16 slides
Vola A guide to using the Vola Event Management and Timing So6ware for 16-17 season Race Results

Vola A guide to using the Vola Event Management and Timing So6ware for 16-17 season Race Results

Vola A guide to using the Vola Event Management and Timing So6ware for 16-17 season Race Results Software h t t p : / / u s s a . o r g / g l o b a l / u s s a - r a c e - a n d - e v e n t - s c o r i n g - s o f t w a r e Downloading Vola Ski

1.41k views • 89 slides
Cross Case Analysis of Elementary Engineering Task John He ff ernan Problem Statement

Cross Case Analysis of Elementary Engineering Task John He ff ernan Problem Statement

Cross Case Analysis of Elementary Engineering Task John He ff ernan Problem Statement Increasing academic focus resulting in loss of designerly play including engineering ( Zhao, 2012 ) . High need for diverse STEM workforce ( Brophy, Portsmore,

740 views • 50 slides

More recommend