Saturday, September 22, 2012

Status update and plans

Packet Injection

We invest most of our time on this subject and we hope to deliver "good news" quickly.For now all we can say is that we had some progress on our packet injection research and we hope to have some useful version in the next weeks.

Lots of kernel versions...

Our goal is to have our solution running on as many phones as possible, sadly each different device has many different kernel configuration options. All that kernel versions are the main reason that most of our readers can't use our patched firmware and that makes us very sad.
Please don't add any more emails or comments on the "Exec format error" if the dmesg log states a wrong ver magic.

Our Suggested Solutions


Hot Patching


The diffs between the original broadcom driver and our version are very small, they are so small that we think hot patching of the kernel/ kernel module might be an easy task.  

Using Cyanogen

Cyanogen is not needed for adding monitor mode support but it's very useful. The reason for that is the their team already created a great build environment for most of the devices available on the market.  
We can assume most of our users currently use a stable version of cyanogen. Under that assumption we can build the kernel modules for all the devices automatically and post the binaries online.

Help needed!

We are only three guys, one of us is actually on this way to south america for a three week vacation.  So most of our time is spent on trying  adding new cool functionality like packet injection.

If you managed to get our firmware up and running and you think you can help us implementing one of our solutions (or come up with a new one), please contact us! 


Beer donors, we thank you!

We just wanted to say that we really appreciate your donations and hope to bring out new features soon.
  

13 comments:

  1. Great work guys! I'm working on spreading the news :)

    ReplyDelete
  2. hi i just installed backtrack 5 and running on my samsung galaxy nexus (maguro) and i was wondering if its ready for my device. im an advance linux user since 1993. if my wifi chipset isnt supported yet. can i just use my usb dongle i used to use everyday that already works with an micro usb to usb adapter ? will it be plug and play ?

    ReplyDelete
    Replies
    1. What does your advanced linux knowledge tell you?

      Delete
    2. maguro uses bcm4330 so it's the same driver as one of the 2 released. you need to use AOSP or another source repo with add_lunch_combo to add in the driver correctly though, and that's after you have a compiled driver. the driver source appears to require some external dependencies such as some sort of samsung sdk (someone please correct me if i'm wrong), and potentially others (unknown, does anyone know?).

      it's also possible to get "external usb wifi" working and there is a prominent thread on that topic via xda-developers. it also helps to know some of the issues with USB on Android, such as via the hardware side (e.g. USB 3.0, MHL, OTG, Host, etc) and software side (lsusb, et al).

      short answer: it won't be plug and play

      Delete
    3. "maguro uses bcm4330 so it's the same driver as one of the 2 released. you need to use AOSP or another source repo with add_lunch_combo to add in the driver correctly though, and that's after you have a compiled driver. the driver source appears to require some external dependencies such as some sort of samsung sdk (someone please correct me if i'm wrong), and potentially others (unknown, does anyone know?)."

      I would be willing to try that out, take some work out of your hands, but I'm not that comfortable into the whole building a driver stuff, so if you would be willing to explain the process somewhat in more detail I am willing to try it out !!!

      Delete
  3. Hello, I've been on the ekoparty conference and started working on porting your driver to Kernel 3.0.16 on my HTC Sensation that has de BCM4329 chipset. I'll post if have any news, the first thing i can see is the changes in the modules handling and functions from version 2.6.x to 3.X kernel. I hope have good news before i get home. Congrats for all the hardwork!!!

    ReplyDelete
  4. Just donated $20, grab a beer on me guys. Can't wait to see this running on my Galaxy Nexus.

    ReplyDelete
  5. OK my linux-box just broke the other day can't compile for nexus 7 (grouper).
    But was browsing around the ext4 fs and found an empty file /sys/devices/platform/bcm4330_wlan.1/driver.
    What is it for, could it be another solution, any take on this would be great thanks.

    ReplyDelete
  6. Hi guys,

    This is great stuff. I'm trying to duplicate your work on the Samsung Note 1 cyanogenmod 9.1 AT&T version (SN1) which also has the bcm4330 wifi chip but I am running into issues which I believe may be a firmware mismatch. From your blog I see that you have modified the bcm4330_sta.bin firmware from the cyanogenmod 9.1 SG2 build (CM9.1 SG2). I checked the stock CN9.1 firmware from the SG2 and SN1 and sure enough, the firmware seems to be different.

    SG2 CM9.1 bcm4330_sta.bin size: 197033 md5sum: 0c6dc9065a9833c9e800ef0eb2db975c
    SN1 CM9.1 bcm4330_sta.bin size: 202581 md5sum: f8e119e2143cfb6ac08c2882e06711c7

    When I load your modified driver and firmware (I merged the driver source into my build tree, and loaded the firmware using your script), I get the following dmesg which also leads me to believe that there may be a firmware mismatch as the driver does not seem to be getting the responses that it expects.

    <4>[ 680.704833] ## wifi_probe
    <4>[ 680.704986] wifi_set_power = 1
    <4>[ 680.705078] brcm_wlan_power: 1
    <4>[ 681.005157] wifi_set_carddetect = 1
    <4>[ 681.005340] msm_device_sdc4.name= 4
    <4>[ 681.117950] mmc3: queuing unknown CIS tuple 0x80 (7 bytes)
    <4>[ 681.120513] mmc3: queuing unknown CIS tuple 0x80 (6 bytes)
    <6>[ 681.179077] mmc3: new high speed SDIO card at address 0001
    <4>[ 681.182250] alloc static buf at dc980000!
    <4>[ 681.182739] dhdsdio_probe : no mutex held. set lock
    <4>[ 681.182952] F1 signature read @0x18000000=0x16844330
    <4>[ 681.186859] DHD: dongle ram size is set to 294912(orig 294912)
    <6>[ 681.188903] CFG80211-INFO2) wl_cfg80211_attach : wl_cfg80211_attach: wl = 0xda238b00
    <6>[ 681.189178] CFG80211-INFO2) wl_create_event_handler : Enter
    <6>[ 681.189361] CFG80211-INFO2) wl_create_event_handler : wl = 0xda238b00, wl->event_tsk = 0xda238cfc
    <4>[ 681.189636] wl_create_event_handler thr:5f4 created
    <6>[ 681.189697] CFG80211-INFO2) wl_event_handler : tsk Enter, tsk = 0xda238cfc
    <6>[ 681.189727] CFG80211-INFO2) wl_event_handler : DAEMONIZE completed
    <6>[ 681.189727] CFG80211-INFO2) wl_event_handler : tsk completed
    <4>[ 681.190093] wl_create_event_handler thr:5f4 started
    <4>[ 681.191192] dhd_attach thr:5f5 created
    <4>[ 681.191345] dhd_attach thr:5f5 started
    <4>[ 681.191436] dhd_attach thr:5f6 created
    <4>[ 681.191528] dhd_attach thr:5f6 started
    <4>[ 681.191680] dhd_attach thr:5f7 created
    <4>[ 681.191772] dhd_attach thr:5f7 started
    <4>[ 681.192047] dhdsdio_probe: dhd_bus_start failed
    <4>[ 681.194885] Broadcom Dongle Host Driver: register interface [wlan0]dhdsdio_probe : the lock is released.

    I would appreciate your insight and direction on this. If you concur that this is a firmware mismatch (please ask for additional information if needed) and have time to modify the firmware for the SN1, then I can attach the firmware in an email. Otherwise I would still appreciate some direction and I will dig up my copy of IDAPro and try to make the changes myself.

    One final item, I also noticed that the driver in the SN1 is slightly different than the SG2 making for a less clean merge of your changes. I am also wondering if that could be by problem? Much of the mismatch is in wl_cfg80211.c. I have a diff of the two drivers that I can also send via email.

    Thanks!
    Dan

    ReplyDelete
  7. When I replace files i kernel sources with your files and try to compile, i got this error:
    drivers/net/wireless/bcm4330/src/wl/sys/wl_cfg80211.c:5395: warning: initializat
    ion from incompatible pointer type
    drivers/net/wireless/bcm4330/src/wl/sys/wl_cfg80211.c:5396: warning: initializat
    ion from incompatible pointer type
    drivers/net/wireless/bcm4330/src/wl/sys/wl_cfg80211.c:5408: error: unknown field
    'mgmt_tx' specified in initializer
    drivers/net/wireless/bcm4330/src/wl/sys/wl_cfg80211.c:5408: warning: initializat
    ion from incompatible pointer type
    drivers/net/wireless/bcm4330/src/wl/sys/wl_cfg80211.c:5409: error: unknown field
    'mgmt_frame_register' specified in initializer
    drivers/net/wireless/bcm4330/src/wl/sys/wl_cfg80211.c:5409: warning: initializat
    ion from incompatible pointer type
    drivers/net/wireless/bcm4330/src/wl/sys/wl_cfg80211.c: In function 'wl_setup_wip
    hy':
    drivers/net/wireless/bcm4330/src/wl/sys/wl_cfg80211.c:5458: error: 'struct wiphy
    ' has no member named 'max_remain_on_channel_duration'
    drivers/net/wireless/bcm4330/src/wl/sys/wl_cfg80211.c:5459: error: 'struct wiphy
    ' has no member named 'mgmt_stypes'
    drivers/net/wireless/bcm4330/src/wl/sys/wl_cfg80211.c:5468: error: 'WIPHY_FLAG_S
    UPPORTS_SEPARATE_DEFAULT_KEYS' undeclared (first use in this function)
    drivers/net/wireless/bcm4330/src/wl/sys/wl_cfg80211.c: In function 'wl_inform_si
    ngle_bss':
    drivers/net/wireless/bcm4330/src/wl/sys/wl_cfg80211.c:5597: error: too many argu
    ments to function 'ieee80211_channel_to_frequency'
    drivers/net/wireless/bcm4330/src/wl/sys/wl_cfg80211.c: In function 'wl_notify_co
    nnect_status_ap':
    drivers/net/wireless/bcm4330/src/wl/sys/wl_cfg80211.c:5796: error: too many argu
    ments to function 'ieee80211_channel_to_frequency'
    drivers/net/wireless/bcm4330/src/wl/sys/wl_cfg80211.c:5806: error: implicit decl
    aration of function 'cfg80211_rx_mgmt'
    drivers/net/wireless/bcm4330/src/wl/sys/wl_cfg80211.c: In function 'wl_notify_rx
    _mgmt_frame':
    drivers/net/wireless/bcm4330/src/wl/sys/wl_cfg80211.c:6475: error: too many argu
    ments to function 'ieee80211_channel_to_frequency'
    drivers/net/wireless/bcm4330/src/wl/sys/wl_cfg80211.c: In function 'wl_construct
    _reginfo':
    drivers/net/wireless/bcm4330/src/wl/sys/wl_cfg80211.c:8104: error: too many argu
    ments to function 'ieee80211_channel_to_frequency'
    make[4]: *** [drivers/net/wireless/bcm4330/src/wl/sys/wl_cfg80211.o] Error 1
    make[3]: *** [drivers/net/wireless/bcm4330] Error 2
    make[2]: *** [drivers/net/wireless] Error 2
    make[1]: *** [drivers/net] Error 2
    make: *** [drivers] Error 2
    [root@denisrus KERNEL]# make clean
    CLEAN /home/KERNEL/KERNEL
    CLEAN arch/arm/kernel
    CLEAN drivers/char
    scripts/Makefile.clean:17: /home/KERNEL/KERNEL/drivers/input/touchscreen/ISSP/Ma
    kefile: No such file or directory
    make[4]: *** No rule to make target `/home/KERNEL/KERNEL/drivers/input/touchscre
    en/ISSP/Makefile'. Stop.
    make[3]: *** [drivers/input/touchscreen/ISSP] Error 2
    make[2]: *** [drivers/input/touchscreen] Error 2
    make[1]: *** [drivers/input] Error 2
    make: *** [_clean_drivers] Error 2


    Can someone help me?
    What i am doing wrong?
    Sorry for my English.

    ReplyDelete
  8. i need a reply too see if its compatible with Samsung Vibrant S1 its running cyanogenmod 10.1 nightly android 4.2.1 kernerl version 3.0.60-g1ed5a74inky-ghost thanks Devs loving this development post

    ReplyDelete
  9. Please send me logs
    neurosaif197@gmail.com

    ReplyDelete