|Schulz, Matthias; Wegemer, Daniel; Hollick, Matthias
|The most widespread Wi-Fi enabled devices are smartphones.
They are mobile, close to people and available in large quantities, which makes them perfect candidates for real-world wireless testbeds. Unfortunately, most smartphones contain closed-source FullMAC Wi-Fi chips that hinder the modification of lower-layer Wi-Fi mechanisms and the implementation of new
algorithms. To enable researchers' access to lower-layer frame processing and advanced physical-layer functionalities on Broadcom Wi-Fi chips, we developed the Nexmon firmware patching framework. It allows users to create firmware
modifications for embedded ARM processors using C code and to change the behavior of Broadcom's real-time processor using Assembly. Currently, our framework supports five Broadcom chips available in smartphones and Raspberry Pis. Our example patches enable monitor mode, frame injection, handling of
ioctls, ucode compression and flashpatches. In a simple ping offloading example, we demonstrate how handling pings in firmware reduces power consumption by up to 165 mW and is nine times faster than in the kernel on a Nexus 5. Using Nexmon, researchers can unleash the full capabilities of off-the-shelf Wi-Fi devices.
|11th Workshop on Wireless Network Testbeds, Experimental Evaluation & CHaracterization
|Proceedings of the 11th Workshop on Wireless Network Testbeds, Experimental Evaluation & CHaracterization, p.59-66