All of lore.kernel.org
 help / color / mirror / Atom feed
From: Raj Joshi <rajjoshi@comp.nus.edu.sg>
To: ath10k@lists.infradead.org
Subject: Setting per-frame tx rate for frames injected in raw tx mode
Date: Tue, 10 May 2016 14:11:11 +0800	[thread overview]
Message-ID: <CA+uUJGtXNAe=FRgYTVDNf6aNVE78CMSs+gLj-bQgA_=hFZibaA@mail.gmail.com> (raw)

Hi all,

For a research project, I need to inject frames in monitor mode and
have them sent out with rate settings as set in the radiotap header -
basically setting per-frame tx rate. I have tried doing so, but the
frame is transmitted at a basic rate with 802.11a instead of a VHT
rate as set in the radiotap. Following are the setup and methodology
details. Sorry about email length; but wanted to provide as much
relevant information.

---------------
Setup Info
---------------
* x86-64 board running Ubuntu 12.04.5 LTS
* Chipset: QCA9880 hw2.0 with 3 x 3 antennas
* Kernel: 3.8.0-29-generic x86_64
* Firmware: Initially QCA's 10.2.4.70.42-2 obtained via
https://github.com/kvalo/ath10k-firmware. After experiencing crashes,
later changed to one from CT (10.2.4.70-31-ct-xtW-003-3b0444c) | Both
the firmwares support raw-mode.
* ath10k: https://github.com/kvalo/ath (snapshot of commit
7de1931eec121045e4e35d0b519ce8bad9b10b51 | Wed Mar 23 14:27:35 2016
+0200)
 => backport generated using backports.git
(https://git.kernel.org/cgit/linux/kernel/git/backports/backports.git)
backports-20160122-0-ga91a3e6. Backporting was not clean; had to fix a
few compile errors due to missing files by manually copying those
files.

-------------------
Methodology
-------------------
* Setup up a hostapd 802.11ac AP on one of the boards with 80 MHz
channel width and correctly specified center frequencies.
* Setup monitor mode on another board for sniffing traffic on the same
80 MHz channel width.
* Connect an 802.11ac capable laptop (Windows/Ubuntu) and exchange
data frames with the AP | Capture them on the sniffer board (with all
the VHT info in radiotap) so that they could be used as reference to
construct injection frame.
* Now shutdown the AP and change the interface on the AP board to
monitor mode. Re-load ath10k_core with rawmode=1 and then ath10k_pci
as well. Inject one of the captured frame with radiotap VHT rate info
into the monitor interface and use the sniffer to check if it was
transmitted.
* The firmware (QCA 10.2.4.70.42-2) crashed in this case => couldn't
understand the firmware crash dump. Changed the firmware to CT
10.2.4.70-31-ct-xtW-003-3b0444c.
* Now the frame is transmitted and detected by the sniffer. However,
the radio information via radiotap shows that it was sent with a basic
rate of 802.11a.
* Tried for both encrypted (WPA2) and non-encrypted frames. Result is the same.

--------------------------------
Other Considerations
--------------------------------
* The raw tx patch: As suggested on the CT firmware page, I looked
into the so called "out-of-tree" raw tx patch
(http://comments.gmane.org/gmane.linux.drivers.ath10k.devel/246) and
tried to reconcile it with the current ath10k source. Apparently other
than changes to cmd_tx.len,  the suggested changes in the patch are
either already in place by use of 'txmode' variable or they are no
more relevant with the new source code. For my non-encrypted frame, I
got my custom ASCII string inside the frame correctly transmitted and
so I 'believe' the changes to cmd_tx.len are no more required due to
correct msdu->len. Thus, it seems that this patch is no more necessary
and that this patch has nothing to do with correct tx rate setting.
* QoS versus non-QoS: Both of my sample injection frames are QoS data
with radiotap on top of it. I couldn't find a way to disable QoS and
it seems that it is not required either as there is no length issue
anymore as was discussed in the raw tx patch discussion; my frame is
transmitted whole and correct.
* VHT Parsing in Radiotap: I have double checked that my
net/mac80211/tx.c has the relevant updated code wrt parsing of VHT
rate information
(https://github.com/kvalo/ath/commit/646e76bb5daf4ca38438c69ffb72cccb605f3466)
* Disabling A-MSDU: I didn't have to do this as I could resolve my
firmware crash by switching to the CT firmware.
* Using the ath10k master development branch: I also tried backporting
master of https://git.kernel.org/cgit/linux/kernel/git/kvalo/ath.git,
but compilation of backported code failed due to lack of some methods
such as nla_put_net64, nla_put_be64, etc. in include/net/netlink.h of
my stock kernel headers (I believe). So I am not sure if things have
changed since the Mar 23 2016 snapshot of ath10k github repo and now
that rate is correctly set for VHT raw tx injection.

--------
Files
--------
* single udp encapsulating unencrypted frame
(https://www.dropbox.com/s/pqmjk2ayw6uwqiw/single_udp_unencrypted_frame.pcap?dl=0)
* single udp encapsulating encrypted frame
(https://www.dropbox.com/s/4zvgb7ls40v46zu/single_udp_encrypted_frame.pcap?dl=0)
Not sure if it is necessary to change the source MAC address to that
of your respective wlan card.

Any help in getting this thing to work is deeply appreciated.

Thanks,
Raj Joshi

_______________________________________________
ath10k mailing list
ath10k@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/ath10k

             reply	other threads:[~2016-05-10  6:12 UTC|newest]

Thread overview: 28+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-05-10  6:11 Raj Joshi [this message]
2016-05-10 16:28 ` Setting per-frame tx rate for frames injected in raw tx mode Ben Greear
2016-05-11  6:41   ` Raj Joshi
2016-05-11 16:13     ` Ben Greear
2016-05-15  2:40       ` Raj Joshi
2016-05-15 15:17         ` Ben Greear
2016-05-15 17:15           ` Ben Greear
2016-05-17  7:14             ` Raj Joshi
2016-05-17  7:36               ` Michal Kazior
2016-05-17  7:43               ` Valo, Kalle
2016-05-17 11:43                 ` QCA9984 VHT160 support Sebastian Gottschall
2016-05-17 12:00                   ` Michal Kazior
     [not found]                     ` <4e407b2c-29f9-3c74-ea94-4206632441c3@dd-wrt.com>
2016-05-17 12:18                       ` Michal Kazior
2016-05-17 12:22                         ` Sebastian Gottschall
2016-05-17 12:35                           ` Sebastian Gottschall
2016-05-17 13:20                     ` Valo, Kalle
2016-09-14 10:37                   ` Valo, Kalle
2016-09-14 14:38                     ` Sebastian Gottschall
2016-09-14 14:44                       ` Valo, Kalle
2016-09-16  7:51                         ` [PATCH] " Sebastian Gottschall
2016-09-17  6:21                           ` unusual event Sebastian Gottschall
2016-10-10 16:04                           ` [PATCH] QCA9984 VHT160 support Valo, Kalle
2016-10-10 16:06                             ` Valo, Kalle
2016-10-11  1:30                               ` Sebastian Gottschall
2016-10-14 10:06                                 ` Valo, Kalle
2016-10-14 10:14                           ` Valo, Kalle
2016-10-18  8:20                             ` Sebastian Gottschall
2016-10-18  9:16                               ` Sebastian Gottschall

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CA+uUJGtXNAe=FRgYTVDNf6aNVE78CMSs+gLj-bQgA_=hFZibaA@mail.gmail.com' \
    --to=rajjoshi@comp.nus.edu.sg \
    --cc=ath10k@lists.infradead.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.