EVK1000 and TREK1000 are Two-way Ranging Evaluation Kit for DecaWave’s UWB DW1000 chip. You can see and evaluate a ranging result on a screen of each of them. However, to see a positioning result, you need to connect one of them with a PC and use DecaWave’s dedicated software only on Windows. Here’s how to read data from EVK1000 without the dedicated software
Preparing a Driver
This kit has a COM (serial) port. But this port is wrapped with USB interface and operates with a virtual COM port driver
On Windows, a driver for this (STM32 Virtual ComPort in FS Mode v1.4.0) can be downloaded at here. After downloading and extracting the file, run <OS>/dpinst_<arch>.exe where <OS> and <arch> are your OS and architecture, respectively. A related thread can be found here
On Linux and macOS, when a board is connected, a driver will be automatically loaded
Configure anchors and a tag by flipping switches as instruction says, and connect an anchor or a tag with a PC. Since it uses a virtual COM port, serial communication parameters are automatically configured and you don’t need to worry about it
When connection is successful, you can see outputs on a serial port terminal as the following:
Wi-Fi regulation defines various restirctions such as transmission power, initial radiation, and dynamic frequency switching for Wi-Fi to operate in a certain country. Most OSs including Linux contain regulations in their kernels, and we can bypass them by modifying a regulation file or a kernel.
However, certain Wi-Fi cards such as Intel’s have their own regulations in their EEPROM, which takes precedence to kernel’s regulations. Here’s how to modify regulations in Intel Wi-Fi card’s EEPROM. In this article, Intel Ultimate N WiFi Link 5300 is used
Preparing a Tool
iwleeprom is a software to read and write content in an EEPROM. Clone, build and install it:
1 2 3 4
$ git clone [https://github.com/0x90/iwleeprom](https://github.com/0x90/iwleeprom) $ cd iwleeprom $ make $ [sudo] make install
Interpreting a Regulation Flag
First, let’s have a look at what EEPROM contains. To read regulations in EEPROM, type iwleeprom -s:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
$ iwleeprom -s Supported devices detected: [1] 0000:03:00.0 [RW] Ultimate N WiFi Link 5300 (8086:4236, 8086:1011) Select device [1-1] (or 0 to quit): 1 Using device 0000:03:00.0 [RW] Ultimate N WiFi Link 5300 No file names given or patch option selected! No EEPROM actions will be performed, just write-enable test Regulatory data from card EEPROM... Regulatory base: 0156 Channel 1: 0e6f Channel 2: 0f6f ... Channel 64: 0f31 ... Channel 1 (HT40): 0a6f Channel 2 (HT40): 0f6f ... Channel 157 (HT40): 0f61
What those 0e6f, 0f31 and other things mean? Those are flags defining regulations. So, which bit stands for what? When you are looking into Linux kernel source code, specifically, iwlwifi driver, you can see flag definition as below:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
/** * enum iwl_eeprom_channel_flags - channel flags in EEPROM * @EEPROM_CHANNEL_VALID: channel is usable for this SKU/geo * @EEPROM_CHANNEL_IBSS: usable as an IBSS channel * @EEPROM_CHANNEL_ACTIVE: active scanning allowed * @EEPROM_CHANNEL_RADAR: radar detection required * @EEPROM_CHANNEL_WIDE: 20 MHz channel okay (?) * @EEPROM_CHANNEL_DFS: dynamic freq selection candidate */ enumiwl_eeprom_channel_flags { EEPROM_CHANNEL_VALID = BIT(0), EEPROM_CHANNEL_IBSS = BIT(1), EEPROM_CHANNEL_ACTIVE = BIT(3), EEPROM_CHANNEL_RADAR = BIT(4), EEPROM_CHANNEL_WIDE = BIT(5), EEPROM_CHANNEL_DFS = BIT(7), };
For example, channel 1 has flags 0e6f, which is 1110 0110 1111 in binary. Its interpretation is:
1 2 3 4 5 6 7 8
1110 0110 1111 .............1 This channel is valid ............1. Not valid for IBSS ...........1.. (Unknown) ..........1... Active scanning is allowed ........0..... RADAR detection is not required .......1...... Supports wide band ......1....... Candidate for dynamic frequency selection
Reading EEPROM
To read and dump EEPROM, type iwleeprom -o <outfile>:
1 2 3 4 5 6 7 8 9 10 11 12
$ iwleeprom -b -o eeprom_dump Supported devices detected: [1] 0000:03:00.0 [RW] Ultimate N WiFi Link 5300 (8086:4236, 8086:1011) Select device [1-1] (or 0 to quit): 1 Using device 0000:03:00.0 [RW] Ultimate N WiFi Link 5300 Saving dump with byte order: BIG ENDIAN 0000 [................................................................] 0080 [................................................................] ... 0780 [................................................................]
EEPROM has been dumped to eeprom_dump
We can view the dumped EEPROM with xxd command or hex mode (:%!xxd) in vim, and can find channel flags. They are written in the same order of channels, but their offsets are not in linear relationships. You can manually locate an offset of each channel:
It is easy. Open the dumped EEPROM in vim and set to hex mode (:%!xxd). And change the content as you want. To save changes, reert hex mode (:%!xxd -r) and save it (:w)
Writing New Regulations in EEPROM
After finishing modification, rewrite EEPROM with iwleeprom -m -c -i <infile>:
1 2 3 4 5 6 7 8 9 10 11 12
$ iwleeprom -m -c -i eeprom_dump Supported devices detected: [1] 0000:03:00.0 [RW] Ultimate N WiFi Link 5300 (8086:4236, 8086:1011) Select device [1-1] (or 0 to quit): 1 Using device 0000:03:00.0 [RW] Ultimate N WiFi Link 5300 Dump file byte order: BIG ENDIAN 0000 [================================================================] 0080 [================================================================] ... 0780 [================================================================]
EEPROM has been written from eeprom_dump
Finally, you can check modification is applied via iw phy command