Merge pull request #15 from cyberman54/master

don't count unrandomized ble macs & bugfix LSB ble mac
dbinfrago · Apr 14, 2022 · 900e29f · 900e29f
2 parents 445ea08 + c374b87
commit 900e29f
Show file tree

Hide file tree

Showing 6 changed files with 35 additions and 51 deletions.
diff --git a/lib/libpax/blescan.cpp b/lib/libpax/blescan.cpp
@@ -55,7 +55,7 @@ static int host_rcv_pkt(uint8_t *data, uint16_t len) {
 
   data_pkt = (uint8_t *)malloc(sizeof(uint8_t) * len);
   if (data_pkt == NULL) {
-    ESP_LOGE(TAG, "Malloc data_pkt failed!");
+    ESP_LOGE(TAG, "Malloc data_pkt failed");
     return ESP_FAIL;
   }
   memcpy(data_pkt, data, len);
@@ -110,14 +110,14 @@ static void hci_cmd_send_ble_scan_start(void) {
   uint16_t sz =
       make_cmd_ble_set_scan_enable(hci_cmd_buf, scan_enable, filter_duplicates);
   esp_vhci_host_send_packet(hci_cmd_buf, sz);
-  ESP_LOGI(TAG, "BLE Scanning started..");
+  ESP_LOGI(TAG, "BLE Scanning started");
 }
 
 void hci_evt_process(void *pvParameters) {
   host_rcv_data_t *rcv_data =
       (host_rcv_data_t *)malloc(sizeof(host_rcv_data_t));
   if (rcv_data == NULL) {
-    ESP_LOGE(TAG, "Malloc rcv_data failed!");
+    ESP_LOGE(TAG, "Malloc rcv_data failed");
     return;
   }
 
@@ -152,16 +152,18 @@ void hci_evt_process(void *pvParameters) {
           // skip 2 bytes event type and advertising type for every report
           data_ptr += 2 * num_responses;
 
-          // get BD address in every advertising report and store in
-          // single array of length `6 * num_responses' as each address
-          // will take 6 spaces
+          // get device address in every advertising report and
+          // store in array of length `6 * num_responses' as each record
+          // contains 6 octets
+          // -> note: BD addresses are stored in little endian format!
+          // see # Bluetooth Specification v5.0, Vol 2, Part E, sec 5.2
           addr = (uint8_t *)malloc(sizeof(uint8_t) * 6 * num_responses);
           if (addr == NULL) {
-            ESP_LOGE(TAG, "Malloc addr failed!");
+            ESP_LOGE(TAG, "Malloc addr failed");
             goto reset;
           }
           for (int i = 0; i < num_responses; i += 1) {
-            for (int j = 0; j < 6; j += 1) {
+            for (int j = 5; j >= 0; j -= 1) {
               addr[(6 * i) + j] = queue_data[data_ptr++];
             }
           }
@@ -178,9 +180,10 @@ void hci_evt_process(void *pvParameters) {
           for (uint8_t i = 0; i < num_responses; i += 1) {
             rssi = -(0xFF - queue_data[data_ptr++]);
             if (ble_rssi_threshold && (rssi < ble_rssi_threshold))
-              continue;  // do not count
-            else
-              mac_add((uint8_t *)(addr + 6 * i), MAC_SNIFF_BLE);
+              continue;  // do not count weak signal mac
+            else {
+              mac_add(addr + 6 * i, MAC_SNIFF_BLE);
+            }
           }
 
         // freeing all spaces allocated
@@ -212,11 +215,11 @@ void start_BLE_scan(uint16_t blescantime, uint16_t blescanwindow,
     /* A queue for storing received HCI packets. */
     adv_queue = xQueueCreate(30, sizeof(host_rcv_data_t));
     if (adv_queue == NULL) {
-      ESP_LOGE(TAG, "Queue creation failed\n");
+      ESP_LOGE(TAG, "Queue creation failed");
       return;
     }
 
-    /* start HCI event processor task */
+    /* start HCI event processor task with prio 1 on core 0 */
     xTaskCreatePinnedToCore(&hci_evt_process, "hci_evt_process", 2048, NULL, 1,
                             &hci_eventprocessor, 0);
 

diff --git a/lib/libpax/libpax.cpp b/lib/libpax/libpax.cpp
@@ -30,27 +30,27 @@ enum { BITS_PER_WORD = sizeof(bitmap_t) * CHAR_BIT };
 #define LIBPAX_MAX_SIZE 0xFFFF  // full enumeration of uint16_t
 #define LIBPAX_MAP_SIZE (LIBPAX_MAX_SIZE / BITS_PER_WORD)
 
-bitmap_t seen_ids_map[LIBPAX_MAP_SIZE];
+DRAM_ATTR bitmap_t seen_ids_map[LIBPAX_MAP_SIZE];
 int seen_ids_count = 0;
 
 uint16_t volatile macs_wifi = 0;
 uint16_t volatile macs_ble = 0;
 
 uint8_t volatile channel = 0;  // channel rotation counter
 
-void set_id(bitmap_t *bitmap, uint16_t id) {
+IRAM_ATTR void set_id(bitmap_t *bitmap, uint16_t id) {
   bitmap[WORD_OFFSET(id)] |= ((bitmap_t)1 << BIT_OFFSET(id));
 }
 
-int get_id(bitmap_t *bitmap, uint16_t id) {
+IRAM_ATTR int get_id(bitmap_t *bitmap, uint16_t id) {
   bitmap_t bit = bitmap[WORD_OFFSET(id)] & ((bitmap_t)1 << BIT_OFFSET(id));
   return bit != 0;
 }
 
 /** remember given id
  * returns 1 if id is new, 0 if already seen this is since last reset
  */
-int add_to_bucket(uint16_t id) {
+IRAM_ATTR int add_to_bucket(uint16_t id) {
   if (get_id(seen_ids_map, id)) {
     return 0;  // already seen
   } else {
@@ -65,22 +65,20 @@ void reset_bucket() {
   seen_ids_count = 0;
 }
 
-int libpax_wifi_counter_count() {
-  return macs_wifi;
-}
-
-int libpax_ble_counter_count() {
-  return macs_ble;
-}
+int libpax_wifi_counter_count() { return macs_wifi; }
 
+int libpax_ble_counter_count() { return macs_ble; }
 
-int mac_add(uint8_t *paddr, snifftype_t sniff_type) {
+IRAM_ATTR int mac_add(uint8_t *paddr, snifftype_t sniff_type) {
   uint16_t *id;
   // mac addresses are 6 bytes long, we only use the last two bytes
   id = (uint16_t *)(paddr + 4);
 
   //ESP_LOGD(TAG, "MAC=%02x:%02x:%02x:%02x:%02x:%02x -> ID=%04x", paddr[0],
   //         paddr[1], paddr[2], paddr[3], paddr[4], paddr[5], *id);
+
+  // if it is NOT a locally administered ("random") mac, we don't count it
+  if (!(paddr[0] & 0b10)) return false;
 
   int added = add_to_bucket(*id);
 

diff --git a/lib/libpax/libpax.h b/lib/libpax/libpax.h
@@ -39,10 +39,8 @@ int libpax_ble_counter_count();
 void libpax_counter_reset();
 
 void reset_bucket();
-int mac_add(uint8_t *paddr, snifftype_t sniff_type);
-int add_to_bucket(uint16_t id);
-
-extern void IRAM_ATTR libpax_wifi_counter_add_mac_IRAM(uint32_t mac_input);
+IRAM_ATTR int mac_add(uint8_t *paddr, snifftype_t sniff_type);
+IRAM_ATTR int add_to_bucket(uint16_t id);
 
 void wifiDefaultConfig();
 #endif
diff --git a/lib/libpax/wifiscan.cpp b/lib/libpax/wifiscan.cpp
@@ -38,8 +38,7 @@ Which in turn is based of Łukasz Marcin Podkalicki's ESP32/016 WiFi Sniffer
 TimerHandle_t WifiChanTimer;
 int initialized_wifi = 0;
 int wifi_rssi_threshold = 0;
-
-// configData_t cfg_pax;
+uint16_t channels_map = WIFI_CHANNEL_ALL;
 
 #define WIFI_CHANNEL_MAX 13
 // default values for country configuration
@@ -58,20 +57,11 @@ wifi_sniffer_packet_handler(void* buff, wifi_promiscuous_pkt_type_t type) {
 
   if ((wifi_rssi_threshold) &&
       (ppkt->rx_ctrl.rssi < wifi_rssi_threshold))  // rssi is negative value
-  {
-    return;
-  }
-
-  int universal_bit = hdr->addr2[0] & 0b10;
-
-  if(!universal_bit) {
      return;
-  }
-
-  mac_add((uint8_t *)hdr->addr2, MAC_SNIFF_WIFI);
+  else 
+     mac_add((uint8_t *)hdr->addr2, MAC_SNIFF_WIFI);
 }
 
-uint16_t channels_map;
 // Software-timer driven Wifi channel rotation callback function
 void switchWifiChannel(TimerHandle_t xTimer) {
   configASSERT(xTimer);
@@ -125,8 +115,6 @@ void wifi_sniffer_init(uint16_t wifi_channel_switch_interval) {
       esp_wifi_set_promiscuous(true));  // now switch on monitor mode
 
   // setup wifi channel rotation timer
-
-
   if(wifi_channel_switch_interval > 0) {
     WifiChanTimer = xTimerCreate("WifiChannelTimer", pdMS_TO_TICKS(wifi_channel_switch_interval * 10),
                                 pdTRUE, (void*)0, switchWifiChannel);

diff --git a/lib/libpax/wifiscan.h b/lib/libpax/wifiscan.h
@@ -18,16 +18,11 @@ typedef struct {
   uint8_t payload[0];  // network data ended with 4 bytes csum (CRC32)
 } wifi_ieee80211_packet_t;
 
-// extern const wifi_ieee80211_mac_hdr_t *hdr;
-
 void set_wifi_country(uint8_t country_code);
 void set_wifi_channels(uint16_t channels_map);
 void set_wifi_rssi_filter(int set_rssi_threshold);
 
 void wifi_sniffer_init(uint16_t wifi_channel_switch_interval);
 void wifi_sniffer_stop();
 
-extern int run_count;
-extern int timeback_delta;
-
 #endif
diff --git a/test/libpax_test_cases.cpp b/test/libpax_test_cases.cpp
@@ -10,7 +10,7 @@
 */
 void test_mac_add_bytes() {
   libpax_counter_reset();
-  uint8_t test_mac_addr[6] = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0};
+  uint8_t test_mac_addr[6] = {0x0b, 0x01, 0x0, 0x0, 0x0, 0x0};
   test_mac_addr[4] = 0x01;
   test_mac_addr[5] = 0x01;
   mac_add(test_mac_addr, MAC_SNIFF_WIFI);
@@ -38,6 +38,8 @@ void test_mac_add_bytes() {
 void test_collision_add() {
   libpax_counter_reset();
   uint8_t test_mac_addr[6];
+  test_mac_addr[0] = 0x0b;
+  test_mac_addr[1] = 0x10;
 
   uint16_t *test_mac_addr_p = (uint16_t *)(test_mac_addr + 4);
   *test_mac_addr_p = 1;
@@ -66,7 +68,7 @@ void test_counter_reset() {
   libpax_counter_reset();
   TEST_ASSERT_EQUAL(0, libpax_wifi_counter_count());
 
-  uint8_t test_mac_addr[6] = {1, 1, 1, 1, 1, 1};
+  uint8_t test_mac_addr[6] = {0x0b, 0x01, 1, 1, 1, 1};
   mac_add(test_mac_addr, MAC_SNIFF_WIFI);
   TEST_ASSERT_EQUAL(1, libpax_wifi_counter_count());