Hi all:
I have spent some efforts to find the suitable device to test and develop the Bluetooth-3.0 HS implementation, but failed. So I'd like to work out a Virtual PAL as the virtual AMP controller to facilitate the 3.0 development work. Below is the RFC of VPAL. Any suggestions are welcome. :-)
VPAL(Virtual PAL) is an user space daemon, working as PAL of AMP Controller. It talks to virtual MAC 802.11 engine and translate the Mac802.11 data to AMP HCI. The main target of Virtual PAL is to provide virtual AMP controller for the development of Bluetooth-3.0 HS. In the future it can also talk to WPA_s or nl802.11 and use physical 802.11 stack direct.
The Framework of VPAL is showed at Figure 1(see attachment)
1. Virtual AMP HCI:
Vhci driver in kernel can be used directly to provide HCI interface to Bluetooth stack and route the HCI data to user space for VPAL daemon. So most of the VPAL logic is at user space.
2. Virtual PAL core:
Virtual PAL core implements a full feature of AMP PAL layer which is used to transfer MAC802.11 data and control to Bluetooth HCI interface. It composed of PAL Manager, Physical Link Manager, Logical Link Manager and Data Manager.
2.1 PAL Manager
PAL Manager implements operations that are global to the PAL, this includes responding to host requests for AMP info and PAL version as well as performing PAL reset.
Supports below HCI Commands:
#define HCI_OP_READ_LOCAL_AMP_VERSION 2.1 of [2]
#define HCI_OP_READ_LOCAL_AMP_INFO 0x1409 2.2 of [2]
#define HCI_OP_RESET 0x0c03 7.3.2 of [1]
2.2 Physical link Manager
Physical link handles physical links
Physical link managers and maintains the state machine which is trigged by HCI command, and info the states and commands result through HCI event and command status. Physical link manager uses mac_engine_call_back_functions to drive the MAC 802.11. See Figure 3.1 of[2] for state machine. VPAL need to cover all the state machine to test the Bluetooth-3.0 HS code.
2.2.1 Supports below HCI Commands:
#define HCI_OP_READ_LOCAL_AMP_ASSOC 0X140a
#define HCI_OP_CREATE_PHYSICAL_LINK 0X0435
#define HCI_OP_WRITE_REMOTE_AMP_ASSOC 0X140b
#define HCI_OP_ACCEPT_PHYSICAL_LINK 0X0436
#define HCI_EV_CHANNEL_SELECTED 0X41
#define HCI_EV_PHYSICAL_LINK_COMPLETE 0X40
#define HCI_OP_DISCONN_PHYSICAL_LINK 0X0437
#define HCI_EV_DISCONN_PHYSICAL_LINK_COMPLETE 0X42
...
Above commands are used to create and disconnect the physical link
2.2.2 Below mac_engine_call_back functions are used to call the functions of Mac802.11 engine
start_mac();
auth_request();
auth_indcation();
auth_response();
auth_confirm();
assoc_request();
assoc_indication();
assoc_response();
assoc_confirm();
4-way_request();
4-way_indication();
4_way_response();
4_way_confirm();
...
2.2.3 Channel Selection
Use the Preferred Channel List TLV in AMP_ASSOC in AMP_ASSOC to select channel
Prefer to use 5 MHZ band to avoid collision with BRDER
Shall not use 40 MHz channel width in the 2.4 GHz ISM band
for simple, currently, just ignore the regulatory info
2.2.4 Starting the AMP network
Starting AMP networking needs to send Beacons which are used to advertise MAC capabilities.
The maximum beacon period shall be Max80211BeaconPeriod.
The SSID information element for AMP devices shall be of the form 'AMP-xx-xx-
xx-xx-xx-xx'
AMP beacons shall be indicated as ESS-style beacons in the capability information
At virtual 802.11 plugin, a field named channel will be added to show which channel will be used. Since the 802.11 plugin uses the Ethernet to broadcast the beacon
struct {
__le64 timestamp;
__le16 beacon_int;
__le16 capab_info;
U8 ssid[21];
...
} beacon;
2.2.5 Establishing the 802.11 link
Establishing 802.11 link experience authentication and association process.
auth_request();
auth_indcation();
auth_response();
auth_confirm();
is used to authenticate
assoc_request();
assoc_indication();
assoc_response();
assoc_confirm();
is used to associate;
SSID and MAC address is not match, associate will fail
2.2.6 Address Fields of Data Frames
Use 4 address;
RA equal to DA, TA equal to SA;
2.2.7 Physical Link Maintenance
Supervision Request should be send if no data get before LSTO. If no supervision Reply got then the link is lost.
2.2.8 Physical Link Security
For simple, currently, Security will not be supported
However
4-way_request();
4-way_indication();
4_way_response();
4_way_confirm();
Still will be used, and the virtual 802.11 plugin will simulate the 4way-handshake error.
2.3 Physical Link Support For QOS
Currently, Guaranteed Link will not be supported.
3. Logical Link Manager
It is used to manage the logical link.
Below HCI command needs to be supported to create, modify and delete the logical link
#define HCI_OP_CREATE_LOGICAL_LINK 0x0438
#define HCI_OP_ACCEPT_LOGICAL_LINK 0x0439
#define HCI_OP_DISCONN_LOGICAL_LINK 0x043a
#define HCI_OP_LOGICAL_LINK_CANCEL 0x043b
#define HCI_OP_FLOW_SPEC_MODIFY 0X43C
HCI must include logical handler in handle field of ACL header
PAL must include the physical handle in handle field of ACL header
4. Data Manager
Max80211PALPDUSize is used to determine the PDU size.
HCI header will be removed and the LLC SNAP and 802.11 MAC header will be added. 4 address style MAC header will be used.
4.1 Local Interference
Currently, for simple, it will not touch the interference stuff. Since Virtual 80211 plugin uses Ethernet to transfer the data.
5. MAC 80211 Engine
MAC 80211 engine is used to acquire MAC 80211 resource. It is implemented in plugin style, so we can use different implementations to access 80211.
We can have a plugin to talk to physical MAC 80211 so even do not have physical AMP controller, we also can have Bluez-3.0 HS support. That is the next step. And there is still many job need to do to achieve it.
Currently, we only plan to implement Virtual 80211 plugin targeting to test the Bluetooth-3.0 HS kernel implementation.
5.1 Virtual 802.11 Plugin
It targets to use Ethernet network to simulate 802.11 network. And TCP or UDP will be used to transfer data. The data flow is as below:
L2CAP ACL data:
L2CAP <---> Virtual HCI <---> Vitual PAL DATA Manager <---> Virtual 802.11 plugin <---> TCP/UDP <---> Ethernet
It also needs to implement mac_engine_call_back_functions to create and maintain the physical link see section 2.
5.2 Virtual 802.11 Configure
It is the user configure interface to simulate the exception/err of the MAC80211 layer. And configure the parameters of the MAC802.11
For example:
1). Reject to start MAC(beacon)
2). Do not response Authentication
3). Do not response assoc
4). 4-way handshake error
5). Stop MAC(beacon) to simulate the lost of physical link
6). throw away some frames to test ERTM
[1] BLUETOOTH SPECIFICATION Version 4.0 [Vol 2]
[2] BLUETOOTH SPECIFICATION Version 4.0 [Vol 5]