From: "Joshua Peisach" <jpeisach@ubuntu.com>
To: <b43-dev@lists.infradead.org>, <linux-wireless@vger.kernel.org>
Subject: Firmware for reverse engineering b43?
Date: Mon, 13 Apr 2026 08:44:07 -0400 [thread overview]
Message-ID: <DHS1BJ5XFYRC.GCF9PXS0OSRI@ubuntu.com> (raw)
Hi all,
As I've been getting into kernel development, I found the b43 driver
as a suitable place for me to work in, given its status as orphan and
my access to it having an old iMac.
When it comes to figuring out what code to write and how to implement
functions, I see that there has been a mix of answers across the driver.
Lots of functions refer to specs RE'd from the 4.x firmware[1], but
my own install uses 5.x firmware. Additionally, the 6.x firmware is
available.
For my reverse engineering process, I opened the firmware in Ghidra
and basically try to map the functionality to the driver, which appears
to be what was done with the 4.x specs?
But, as I compare to the newer firmware, some functions have been moved
or replaced. And sometimes, the newer firmware functions contradict the
RE'd 4.x specs, or have extra steps in its process.
Take b43_nphy_perical, or as known in the v4 firmware,
wlc_phy_perical_nphy. I got to this function because wlc_nphy_init calls
it. But actually, the RE'd version says init calls
wlc_phy_perical_nphy_run, which the firmware says is not the case
(it goes through wlc_phy_perical_nphy first, which has its own
conditions).
So, which is the best source of truth(s) for this driver? The v4.x
specs, the v5 firmware, or the v6 firmware? Which one should be used,
and which has a higher priority level over the other?
Keep in mind the v4 specs came before the release of Ghidra; now that
it exists, we can refer to it instead of manually probing functionality.
I've even seen Ghidra show different instructions than the 4.x spec.
Thanks,
-Josh
[1]: https://bcm-v4.sipsolutions.net
next reply other threads:[~2026-04-14 0:13 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-13 12:44 Joshua Peisach [this message]
2026-04-14 9:14 ` Firmware for reverse engineering b43? Johannes Berg
2026-04-14 11:30 ` Joshua Peisach
2026-04-14 12:24 ` Jonas Gorski
2026-04-15 11:44 ` Joshua Peisach
2026-04-15 11:54 ` Jonas Gorski
2026-04-15 15:57 ` Michael Büsch
2026-04-15 17:04 ` Joshua Peisach
2026-04-15 17:41 ` Michael Büsch
2026-04-15 18:58 ` Joshua Peisach
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DHS1BJ5XFYRC.GCF9PXS0OSRI@ubuntu.com \
--to=jpeisach@ubuntu.com \
--cc=b43-dev@lists.infradead.org \
--cc=linux-wireless@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox