jamming_lab

1. /** @file wlan_mac_jamming.c
2.  *  @brief Simple MAC that does nothing but transmit and receive
3.  *
4.  *  @copyright Copyright 2014, Mango Communications. All rights reserved.
5.  *          Distributed under the Mango Communications Reference Design License
6.  *              See LICENSE.txt included in the design archive or
7.  *              at http://mangocomm.com/802.11/license
8.  *
9.  *  @author Chris Hunter (chunter [at] mangocomm.com)
10.  *  @author Patrick Murphy (murphpo [at] mangocomm.com)
11.  *  @author Erik Welsh (welsh [at] mangocomm.com)
12.  */
13.  
14. /***************************** Include Files *********************************/
15.  
16. // Xilinx SDK includes
17. #include "xparameters.h"
18. #include <stdio.h>
19. #include <stdlib.h>
20. #include "xtmrctr.h"
21. #include "xio.h"
22. #include <string.h>
23.  
24. // WARP includes
25. #include "wlan_mac_low.h"
26. #include "w3_userio.h"
27. #include "radio_controller.h"
28.  
29. #include "wlan_mac_ipc_util.h"
30. #include "wlan_mac_802_11_defs.h"
31. #include "wlan_mac_misc_util.h"
32. #include "wlan_phy_util.h"
33. #include "wlan_mac_jamming.h"
34.  
35. #include "wlan_exp.h"
36. #include "math.h"
37.  
38.  
39. /*************************** Constant Definitions ****************************/
40.  
41. #define WARPNET_TYPE_80211_LOW         WARPNET_TYPE_80211_LOW_JAMMING
42. #define NUM_LEDS                       4
43.  
44. // Wifi channel, where the jammer should operate on
45. #define WIFI_CHANNEL                   14
46.  
47. // Packet buffer used to hold the jamming frame
48. #define TX_PKT_BUF_JAM                 7
49.  
50. /*********************** Global Variable Definitions *************************/
51.  
52.  
53. /*************************** Variable Definitions ****************************/
54. static u8                              eeprom_addr[6];
55. static u8                              jamming;
56. static u8                              showmacs;
57.  
58. volatile u8                            red_led_index;
59. volatile u8                            green_led_index;
60.  
61. /**************************** Struct Definitions *****************************/
62. typedef struct{
63.     u8 dsap;
64.     u8 ssap;
65.     u8 control_field;
66.     u8 org_code[3];
67.     u16 type;
68. } llc_header;
69.  
70. #define LLC_SNAP                        0xAA
71. #define LLC_CNTRL_UNNUMBERED            0x03
72.  
73.  
74. static u8                               OURMAC[6] = {0xDE,0xAD,0xBE,0xEF,0x01,0x01};
75. static u8                               JAMMAC[6] = {0xDE,0xAD,0xBE,0xEF,0x11,0x11};
76. /******************************** Functions **********************************/
77.  
78. inline void set_tx_power(u8 tx_pkt_buf, s8 power) {
79.     tx_frame_info* mpdu_info = (tx_frame_info*) (TX_PKT_BUF_TO_ADDR(tx_pkt_buf));
80.     mpdu_info->params.phy.power = power; // dBm
81. }
82.  
83. inline void set_tx_ant_mode(u8 tx_pkt_buf, u8 antenna_mode) {
84.     tx_frame_info* mpdu_info = (tx_frame_info*) (TX_PKT_BUF_TO_ADDR(tx_pkt_buf));
85.     mpdu_info->params.phy.antenna_mode = antenna_mode;
86. }
87.  
88. int main(){
89.  
90.     wlan_mac_hw_info* hw_info;
91.     xil_printf("\f");
92.     xil_printf("----- SEEMOO Reactive WiFi Jammer -------\n");
93.     xil_printf("----- v0.1 ------------------------------\n");
94.     xil_printf("----- wlan_mac_jamming ------------------\n");
95.     xil_printf("Compiled %s %s\n\n", __DATE__, __TIME__);
96.  
97.     xil_printf("Note: this UART is currently printing from CPU_LOW. To view prints from\n");
98.     xil_printf("and interact with CPU_HIGH, raise the right-most User I/O DIP switch bit.\n");
99.     xil_printf("This switch can be toggled live while the design is running.\n\n");
100.  
101.     wlan_tx_config_ant_mode(TX_ANTMODE_SISO_ANTA);
102.  
103.     red_led_index = 0;
104.     green_led_index = 0;
105.     userio_write_leds_green(USERIO_BASEADDR, (1<<green_led_index));
106.     userio_write_leds_red(USERIO_BASEADDR, (1<<red_led_index));
107.  
108.     wlan_mac_low_init(WARPNET_TYPE_80211_LOW);
109.  
110.     hw_info = wlan_mac_low_get_hw_info();
111.     memcpy(eeprom_addr,hw_info->hw_addr_wlan,6);
112.  
113.  
114.     wlan_mac_low_set_frame_rx_callback((void*)frame_receive);
115.     wlan_mac_low_set_frame_tx_callback((void*)frame_transmit);
116.  
117.     wlan_mac_low_finish_init();
118.  
119.     REG_SET_BITS(WLAN_MAC_REG_CONTROL, (WLAN_MAC_CTRL_MASK_CCA_IGNORE_PHY_CS | WLAN_MAC_CTRL_MASK_CCA_IGNORE_NAV));
120.  
121.     // Set the WiFi channel
122.     if(radio_controller_setCenterFrequency(RC_BASEADDR, (RC_ALL_RF), RC_24GHZ, wlan_mac_low_wlan_chan_to_rc_chan(WIFI_CHANNEL)) >= 0) {
123.         xil_printf("WiFi Channel set to %d\n", WIFI_CHANNEL);
124.     } else {
125.         xil_printf("ERR: Setting the WiFi channel resulted in an error\n");
126.     }
127.  
128.     xil_printf("Initialization Finished\n");
129.  
130.  
131.  
132.     while(1){
133.  
134.         //Poll PHY RX start
135.         wlan_mac_low_poll_frame_rx();
136.  
137.         //Should check and handle push button events
138.         //push_button_checker();
139.     }
140.     return 0;
141. }
142.  
143.  
144.  
145.  
146. /**
147.  * @brief Checks which push button is pressed and calls functions to handle this event
148.  */
149. inline void push_button_checker() {
150.  
151.     if(userio_read_inputs(USERIO_BASEADDR) == W3_USERIO_PB_D){
152.  
153.  
154.         //xil_printf("FRAME PREPARE");
155.  
156.             mac_header_80211* header = (mac_header_80211*)(TX_PKT_BUF_TO_ADDR(0)+PHY_TX_PKT_BUF_PHY_HDR_SIZE+sizeof(tx_frame_info));
157.  
158.             header->frame_control_1 = MAC_FRAME_CTRL1_SUBTYPE_DATA;
159.             header->frame_control_2 = MAC_FRAME_CTRL2_FLAG_FROM_DS;
160.             header->duration_id = 0;
161.             header->sequence_control = 0;
162.  
163.             //header->address_1 = OURMAC;
164.             memcpy(header->address_1, OURMAC, 6);
165.             memcpy(header->address_2, OURMAC, 6);
166.             memcpy(header->address_3, OURMAC, 6);
167.  
168.             set_tx_power(0,TX_POWER_MAX_DBM);
169.             set_tx_ant_mode(0,TX_ANTMODE_SISO_ANTA);
170.  
171.             frame_transmit(0,WLAN_PHY_RATE_BPSK12,(u16) 1000,NULL);
172.  
173.             xil_printf("FRAME SENT");
174.  
175.             while(userio_read_inputs(USERIO_BASEADDR) == W3_USERIO_PB_D){
176.                 //do nothing
177.             }
178.         }
179.  
180.     if(userio_read_inputs(USERIO_BASEADDR) == W3_USERIO_PB_U){
181.         xil_printf(".");
182.  
183.         while(userio_read_inputs(USERIO_BASEADDR) == W3_USERIO_PB_U){
184.             //do nothing
185.         }
186.     }
187.  
188.  
189.  
190.  
191.  
192. }
193.  
194. /**
195.  * @brief Handles reception of a wireless packet
196.  *
197.  * This function is called after a good SIGNAL field is detected by either PHY (OFDM or DSSS)
198.  * It is the responsibility of this function to wait until a sufficient number of bytes have been received
199.  * before it can start to process those bytes. When this function is called the eventual checksum status is
200.  * unknown. In NOMAC, this function doesn't need to do any kind of filtering or operations like transmitting
201.  * an acknowledgment.
202.  *
203.  * @param u8 rx_pkt_buf
204.  *  -Index of the Rx packet buffer containing the newly recevied packet
205.  * @param u8 rate
206.  *  -Index of PHY rate at which pcaket was received
207.  * @param u16 length
208.  *  -Number of bytes received by the PHY, including MAC header and FCS
209.  * @return
210.  *  - always returns 0 in NOMAC implementation
211.  */
212.  
213.  
214. u32 frame_receive(u8 rx_pkt_buf, u8 rate, u16 length){
215.     //This function is called after a good SIGNAL field is detected by either PHY (OFDM or DSSS)
216.     //It is the responsibility of this function to wait until a sufficient number of bytes have been received
217.     // before it can start to process those bytes. When this function is called the eventual checksum status is
218.     // unknown. The packet contents can be provisionally processed (e.g. prepare an ACK for fast transmission),
219.     // but post-reception actions must be conditioned on the eventual FCS status (good or bad).
220.     //
221.     // Note: The timing of this function is critical for correct operation of the 802.11 DCF. It is not
222.     // safe to add large delays to this function (e.g. xil_printf or usleep)
223.  
224.  
225.     mac_header_80211* header = (mac_header_80211*)(RX_PKT_BUF_TO_ADDR(rx_pkt_buf)+PHY_RX_PKT_BUF_PHY_HDR_SIZE+sizeof(rx_frame_info));
226.  
227.     while(wlan_mac_get_last_byte()<=13+6){
228.         //DO NOTHING
229.     }
230.  
231.     if(wlan_addr_eq(header->address_1,JAMMAC)){
232.         mac_header_80211* header = (mac_header_80211*)(TX_PKT_BUF_TO_ADDR(0)+PHY_TX_PKT_BUF_PHY_HDR_SIZE+sizeof(tx_frame_info));
233.  
234.         header->frame_control_1 = MAC_FRAME_CTRL1_SUBTYPE_DATA;
235.         header->frame_control_2 = MAC_FRAME_CTRL2_FLAG_FROM_DS;
236.         header->duration_id = 0;
237.         header->sequence_control = 0;
238.  
239.         //header->address_1 = OURMAC;
240.         memcpy(header->address_1, OURMAC, 6);
241.         memcpy(header->address_2, OURMAC, 6);
242.         memcpy(header->address_3, OURMAC, 6);
243.  
244.  
245.         set_tx_power(0,TX_POWER_MAX_DBM);
246.         set_tx_ant_mode(0,TX_ANTMODE_SISO_ANTA);
247.  
248.         frame_transmit(0,WLAN_PHY_RATE_BPSK12,(u16) 1000,NULL);
249.  
250.  
251.         //xil_printf("Address: %x:%x:%x:%x:%x:%x \n",header->address_1[0],header->address_1[1],header->address_1[2],header->address_1[3],header->address_1[4],header->address_1[5]);
252.     }
253.  
254.  
255.  
256.     u32 state = wlan_mac_dcf_hw_rx_finish(); //Blocks until reception is complete
257.  
258.     //xil_printf("Address: %x:%x:%x:%x:%x:%x \n",header->address_1[0],header->address_1[1],header->address_1[2],header->address_1[3],header->address_1[4],header->address_1[5]);
259.  
260.  
261.  
262.     if(state == RX_MPDU_STATE_FCS_GOOD){
263.         green_led_index = (green_led_index + 1) % NUM_LEDS;
264.         userio_write_leds_green(USERIO_BASEADDR, (1<<green_led_index));
265.     } else {
266.         red_led_index = (red_led_index + 1) % NUM_LEDS;
267.         userio_write_leds_red(USERIO_BASEADDR, (1<<red_led_index));
268.     }
269.  
270.  
271.     // Clear packet buffer for debugging reasons
272.     bzero((void *)(RX_PKT_BUF_TO_ADDR(rx_pkt_buf)), 2048);
273.  
274.  
275.     // Set the OFDM and DSSS PHYs to use the same Rx pkt buffer
276.     wlan_phy_rx_pkt_buf_ofdm(rx_pkt_buf);
277.     wlan_phy_rx_pkt_buf_dsss(rx_pkt_buf);
278.  
279.     //Unblock the PHY post-Rx (no harm calling this if the PHY isn't actually blocked)
280.     wlan_mac_dcf_hw_unblock_rx_phy();
281.  
282.  
283.     return 0;
284. }
285.  
286. /**
287.  * @brief Handles transmission of a wireless packet
288.  *
289.  * This function is called to transmit a new packet via the PHY. While the code does utilize the wlan_mac_dcf_hw core,
290.  * it bypasses any of the DCF-specific state in order to directly transmit the frame. This function should be called once per packet and will return
291.  * immediately following that transmission. It will not perform any DCF-like retransmissions.
292.  *
293.  * This function is called once per IPC_MBOX_TX_MPDU_READY message from CPU High. The IPC_MBOX_TX_MPDU_DONE message will be sent
294.  * back to CPU High when this function returns.
295.  *
296.  * @param u8 rx_pkt_buf
297.  *  -Index of the Tx packet buffer containing the packet to transmit
298.  * @param u8 rate
299.  *  -Index of PHY rate at which packet will be transmitted
300.  * @param u16 length
301.  *  -Number of bytes in packet, including MAC header and FCS
302.  * @param wlan_mac_low_tx_details* low_tx_details
303.  *  -Pointer to array of metadata entries to be created for each PHY transmission of this packet (eventually leading to TX_LOW log entries)
304.  * @return
305.  *  -Transmission result
306.  */
307. int frame_transmit(u8 pkt_buf, u8 rate, u16 length, wlan_mac_low_tx_details* low_tx_details) {
308.     //This function manages the MAC_DCF_HW core.
309.  
310.     u32 tx_status;
311.     tx_frame_info* mpdu_info = (tx_frame_info*) (TX_PKT_BUF_TO_ADDR(pkt_buf));
312.     u64 last_tx_timestamp;
313.     int curr_tx_pow;
314.     last_tx_timestamp = (u64)(mpdu_info->delay_accept) + (u64)(mpdu_info->timestamp_create);
315.  
316.     //Write the SIGNAL field (interpreted by the PHY during Tx waveform generation)
317.     wlan_phy_set_tx_signal(pkt_buf, rate, length);
318.  
319.     unsigned char mpdu_tx_ant_mask = 0;
320.     switch(mpdu_info->params.phy.antenna_mode) {
321.         case TX_ANTMODE_SISO_ANTA:
322.             mpdu_tx_ant_mask |= 0x1;
323.         break;
324.         case TX_ANTMODE_SISO_ANTB:
325.             mpdu_tx_ant_mask |= 0x2;
326.         break;
327.         case TX_ANTMODE_SISO_ANTC:
328.             mpdu_tx_ant_mask |= 0x4;
329.         break;
330.         case TX_ANTMODE_SISO_ANTD:
331.             mpdu_tx_ant_mask |= 0x8;
332.         break;
333.         default:
334.             mpdu_tx_ant_mask = 0x1;
335.         break;
336.     }
337.  
338.     mpdu_info->num_tx = 1;
339.  
340.     curr_tx_pow = wlan_mac_low_dbm_to_gain_target(mpdu_info->params.phy.power);
341.  
342.     wlan_mac_MPDU_tx_params(pkt_buf, 0, 0, mpdu_tx_ant_mask);
343.  
344.     //Set Tx Gains
345.     wlan_mac_MPDU_tx_gains(curr_tx_pow,curr_tx_pow,curr_tx_pow,curr_tx_pow);
346.  
347.     //Before we mess with any PHY state, we need to make sure it isn't actively
348.     //transmitting. For example, it may be sending an ACK when we get to this part of the code
349.     while(wlan_mac_get_status() & WLAN_MAC_STATUS_MASK_PHY_TX_ACTIVE){}
350.  
351.     //Submit the MPDU for transmission - this starts the MAC hardware's MPDU Tx state machine
352.     wlan_mac_MPDU_tx_start(1);
353.     wlan_mac_MPDU_tx_start(0);
354.  
355.     //Wait for the MPDU Tx to finish
356.     do{
357.         if(low_tx_details != NULL){
358.             low_tx_details[0].phy_params.rate = mpdu_info->params.phy.rate;
359.             low_tx_details[0].phy_params.power = mpdu_info->params.phy.power;
360.             low_tx_details[0].phy_params.antenna_mode = mpdu_info->params.phy.antenna_mode;
361.             low_tx_details[0].chan_num = wlan_mac_low_get_active_channel();
362.             low_tx_details[0].num_slots = 0;
363.             low_tx_details[0].cw = 0;
364.         }
365.         tx_status = wlan_mac_get_status();
366.  
367.         if(tx_status & WLAN_MAC_STATUS_MASK_MPDU_TX_DONE) {
368.             if(low_tx_details != NULL){
369.                 low_tx_details[0].tx_start_delta = (u32)(get_tx_start_timestamp() - last_tx_timestamp);
370.                 last_tx_timestamp = get_tx_start_timestamp();
371.             }
372.  
373.             switch(tx_status & WLAN_MAC_STATUS_MASK_MPDU_TX_RESULT){
374.                 case WLAN_MAC_STATUS_MPDU_TX_RESULT_SUCCESS:
375.                     return 0;
376.                 break;
377.             }
378.         }
379.     } while(tx_status & WLAN_MAC_STATUS_MASK_MPDU_TX_PENDING);
380.  
381.     return -1;
382. }