From nobody Wed Dec 11 07:16:05 2024 X-Original-To: freebsd-wireless@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Y7RjL58RQz5gXTj for ; Wed, 11 Dec 2024 07:16:22 +0000 (UTC) (envelope-from ljianlin99@gmail.com) Received: from mail-pg1-x532.google.com (mail-pg1-x532.google.com [IPv6:2607:f8b0:4864:20::532]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Y7RjK1Cbgz4Xg3; Wed, 11 Dec 2024 07:16:21 +0000 (UTC) (envelope-from ljianlin99@gmail.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20230601 header.b=DGPmtJpc; spf=pass (mx1.freebsd.org: domain of ljianlin99@gmail.com designates 2607:f8b0:4864:20::532 as permitted sender) smtp.mailfrom=ljianlin99@gmail.com; dmarc=pass (policy=none) header.from=gmail.com Received: by mail-pg1-x532.google.com with SMTP id 41be03b00d2f7-7feffe7cdb7so1398797a12.1; Tue, 10 Dec 2024 23:16:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1733901379; x=1734506179; darn=freebsd.org; h=to:cc:date:message-id:subject:mime-version :content-transfer-encoding:from:from:to:cc:subject:date:message-id :reply-to; bh=GZG5pkGUV+q7Kx4U844Mh3mnoOduCHWvf2AgHvdWKwo=; b=DGPmtJpcLhnMP6DIEPjbBBCetpVMDpFukJXm+86xYBd9JXQ5YRE1hNERg8dfMcJnQ3 SfMHd35XrQXX8Qob0gsN8vDHSBpraGa75gIiLPMLtOuwo0R0j+D68JZxEtXXlupkmyDz bXFzIpJOJdkPfjQx8x0qtQHHqnzctAviNvgVyk9Hn1aedeh/KzwtrC3jA0jSLKeAsdI7 bccozj7eF6jmr/YgH7hLIKaTyHtc3ygfdsDUJclvJMJJUslWUGXzwtPA4N0IRXquXnh3 DH6ID6ffVqaRgSRGhVvMgiek0LlQBiY4fIP/gGHPb1XN0PyN0GtEQH56wiYrYzkpmWrS +BZg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1733901379; x=1734506179; h=to:cc:date:message-id:subject:mime-version :content-transfer-encoding:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=GZG5pkGUV+q7Kx4U844Mh3mnoOduCHWvf2AgHvdWKwo=; b=pLX4PUfr+AK4oQVIqG6K+U5QKteHTRWbwhYiOk6uzDFfJYDH5EMltHWv/agtu9Kgky CRUltcUOAGWij0V297tyyCQbKClw7MDTbizarCWCewrkqAkXhXO95Kym+FuDokIQf6n0 RcmQOSrI/uuJiac6E3s+PALRt4ZYcau0woGQSJiaMIWhwE7Q0mPkgHyjo89jhkdlc6KO ViCZQMpF+O3SQKmqLpQnQi1VQW8BWz6jqAwRo0vmcI8OtTtnV2q3eL+33jZhoSCjH+MM 0MjiagY3UBlVaqCK8dZ3uw87tiemyJDPLH6c8V7Wkfxmgyx5LYB8TMp+pmKaFDO8yyTH l0pA== X-Gm-Message-State: AOJu0YwrQLnOnOTVWo/LsSZ5NhdZoHulW4N9O1F/1Uh9eoLxvgS8QkAO gkfFBMB9xiPG7ThK+aokwa78aMDLRNhKAubX4iJMAlsXi+6TGk3WWCRf5w== X-Gm-Gg: ASbGncuoDqACm8/qwJR4j0+NvZtln+S5+YEUbWQ82WGVrCpAbrsQ6DMKKSg4djigfSW yA3V4X7BAKlsqEFBMrVGiy6Sz/WViPHFxvkN9TZDj5jKtPVvW2UemxSsWSXxk2VAnBhkOPj7OSW LnM1c8TZK8AyZlSUj1n6ZmeBN+DHvBwmTjIqc5Ud6/QIx0JDt+OBkxDb0zCjwjKH8Hw1ACNKFEg AN+S3/1S/4FpVUsBNbwzkafVweI8lZHfQemlfhJwohNGhepu5icHzUe8g6dEAss8vbQa/JdFhmT ZxyCP5UExvp+VoeNajrDgD7p5cNp X-Google-Smtp-Source: AGHT+IF3261q30hkVCwxW7OLxgJeYRwvSZT31ZBjg99aZik9Sv5qWakmJy7WXPVoDlOsKpklJL2hNA== X-Received: by 2002:a17:90b:510c:b0:2ee:92bd:3a6 with SMTP id 98e67ed59e1d1-2f12802c13fmr2784218a91.25.1733901379328; Tue, 10 Dec 2024 23:16:19 -0800 (PST) Received: from smtpclient.apple (42-79-180-49.emome-ip.hinet.net. [42.79.180.49]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2ef45edf1c4sm11001060a91.0.2024.12.10.23.16.18 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 10 Dec 2024 23:16:18 -0800 (PST) From: Jian-Lin Li Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable List-Id: Discussions List-Archive: https://lists.freebsd.org/archives/freebsd-wireless List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-wireless@freebsd.org Sender: owner-freebsd-wireless@FreeBSD.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3818.100.11.1.3\)) Subject: Designing frame injection for wtap devices Message-Id: <1D2A9D71-192B-4E82-875D-D09A343DC5F0@gmail.com> Date: Wed, 11 Dec 2024 15:16:05 +0800 Cc: Li-Wen Hsu To: "freebsd-wireless@freebsd.org" X-Mailer: Apple Mail (2.3818.100.11.1.3) X-Spamd-Result: default: False [-3.50 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; MV_CASE(0.50)[]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20230601]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; MIME_GOOD(-0.10)[text/plain]; ARC_NA(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; TO_DN_EQ_ADDR_SOME(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; FREEMAIL_FROM(0.00)[gmail.com]; RCVD_TLS_LAST(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; RCVD_COUNT_TWO(0.00)[2]; FROM_EQ_ENVFROM(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MLMMJ_DEST(0.00)[freebsd-wireless@freebsd.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::532:from] X-Rspamd-Queue-Id: 4Y7RjK1Cbgz4Xg3 X-Spamd-Bar: --- Hey there, We are designing a WiFi subsystem fuzzer based on Syzkaller[1]. To do = this, we first need to put a WiFi device into adhoc mode, and then = perform 802.11 frame injection. On the Linux kernel, we can inject = frames using a netlink interface command "HWSIM_CMD_FRAME", which is = exposed by the virtual WiFi deivce mac80211_hwsim[2].=20 We'd like to introduce a netlink interface command for frame injection = into wtap device[3], a virtual WiFi device on FreeBSD. We found that the = "wtap_rx_proc" function in sys/dev/wtap/if_wtap.c might be useful. Can = =E2=80=9Cwtap_rx_proc" be a good backend if we want to do frame = injection over a wtap device? [1] = https://github.com/google/syzkaller/blob/master/docs/linux/wifi_fuzzing.md= [2] = https://wireless.docs.kernel.org/en/latest/en/users/drivers/mac80211_hwsim= .html [3] https://github.com/freebsd/freebsd-src/tree/main/sys/dev/wtap Jian-Lin