[Make-wifi-fast] Firmware patchable WiFi chips for MAC modification

Bob McMahon bob.mcmahon at broadcom.com
Tue Mar 20 18:35:01 EDT 2018


FYI, per our regulatory group the FCC KDBs that are relevant.

Note:  We have provided technical support to help with spectrum policy.
It's a long and arduous process.

Bob

On Fri, Mar 16, 2018 at 12:04 PM, dpreed at deepplum.com <dpreed at deepplum.com>
wrote:

> I agree that it would be nice if broadcom opened its firmware sources.
>
>
>
> However, hardware vendors have no incentives to do so, and a number of
> disincentives.
>
>
>
> In the case of drivers, by opening the API, they get broader support in a
> bigger market.
>
> No such benefit comes from opening the hardware (at least it has not been
> shown so far tp be the case).
>
>
>
> Worse, FCC and other regulatory regimes base their certification rules on
> the idea that purchasers cannot modify or substitute firmware without
> recertification. Certification means that the radios operate within Part 15
> rules at all times. The rules in the U-NII band require pretty serious
> restrictions - constant listening for possible Radar signals, and immediate
> shutdown of channel usage (within 30 sec.) when any radar signal louder
> than -62 dBm is sensed on the channel being used. Certifying hardware so no
> possible firmware can disobey those rules is not feasible, so the firmware
> must be certified by the vendor.
>
>
>
> That said, I am a licensed Amateur Radio operator. In much of the WiFi
> bands I can operate radios under Part 97, rather than Part 15, rules. Under
> Part 97, I have the ability to "self-certify" any hardware at all,
> including any modifications of firmware or hardware, as long as I operate
> the radios within Part 97 rules, which require that I be fully aware and
> responsible for the transmissions' waveforms and content, at the
> engineering level.
>
>
>
> So it would be great if Broadcom would publish the specs for use by
> licensed Amateurs alone. Manufacturers can sell radio components to hams
> without certifications of any kind.
>
>
>
> I doubt the Amateur market is of interest to Broadcom at this point. The
> market size is trivial compared to their main market. Most Amateurs are not
> interested in operation at frequencies above 1 GHz, though there are some
> experimentalists who are. Most Amateurs are also not interested in
> high-bit-rate digital operation either. I find that sad, and wish it were
> not the case.
>
>
>
> However, Eben Upton's success in turning an obsolescent CPU chip into a
> worldwide phenomenon (Raspberry Pi) gives me hope. Note that the Raspberry
> Pi also contains undocumented/secret hardware that required
> reverse-engineering, and the chip also comes from Broadcom.
>
>
>
> So effort spent on Broadcom to open things at the radio firmware level up
> would be worthwhile, I think. Far easier than Atheros/Qualcomm, which is
> now being pitched to the highest bidder and whose future is very uncertain.
>
>
>
> But I have no idea how to start the conversation with Broadcom.
>
>
>
>
>
>
>
> -----Original Message-----
> From: "Dave Taht" <dave at taht.net>
> Sent: Friday, March 16, 2018 12:57pm
> To: "dpreed at deepplum.com" <dpreed at deepplum.com>
> Cc: "Make-Wifi-fast" <make-wifi-fast at lists.bufferbloat.net>
> Subject: Re: [Make-wifi-fast] Firmware patchable WiFi chips for MAC
> modification
>
> "dpreed at deepplum.com" <dpreed at deepplum.com> writes:
>
> > https://github.com/seemoo-lab/nexmon
> >
> > Looks like a very useful toolkit for experimentation in making wifi
> fast. I'm
> > guessing that the queues can be managed better, for example.
>
> Lot a dissassembly required.
>
> >
> > Notice at least one Lede router works, along with Raspberry Pi 3, etc.
>
> The rpi3 is a good target. Still, it would be better to convince
> broadcom to make sources available to some developers.
>
> >
> > Also, ability to transmit arbitary waveform from quadrature samples
> using DAC.
> > https://github.com/seemoo-lab/mobisys2018_nexmon_software_defined_radio
> >
> > The reception via ADC of a sampled waveform seems to be undemonstrated,
> but may
> > be feasible. If so, one can experiment with alternative modulations, etc.
> >
> >
> > _______________________________________________
> > Make-wifi-fast mailing list
> > Make-wifi-fast at lists.bufferbloat.net
> > https://lists.bufferbloat.net/listinfo/make-wifi-fast
>
> _______________________________________________
> Make-wifi-fast mailing list
> Make-wifi-fast at lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/make-wifi-fast
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.bufferbloat.net/pipermail/make-wifi-fast/attachments/20180320/41b54a90/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 594280 D01 Software Configuration Control v02r01.pdf
Type: application/pdf
Size: 78857 bytes
Desc: not available
URL: <https://lists.bufferbloat.net/pipermail/make-wifi-fast/attachments/20180320/41b54a90/attachment-0002.pdf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 594280 D02 U-NII Device Security v01r03.pdf
Type: application/pdf
Size: 69353 bytes
Desc: not available
URL: <https://lists.bufferbloat.net/pipermail/make-wifi-fast/attachments/20180320/41b54a90/attachment-0003.pdf>


More information about the Make-wifi-fast mailing list