Project Evil ------------ What is it? ---------- Every time a new network adapter hits the market, it includes driver support for Windows(R) and very little else. This support is usually in the form of an NDIS 5.x 'miniport' driver. While it would be nice to have native driver support for these cards for FreeBSD, this is sometimes not possible: we can't write the drivers without hardware documentation, and many vendors foolishy refuse to provide this information without NDA restrictions that prohibit distribution of driver source, if at all. The goal of Project Evil is to provide just enough emulation of the Windows(R) NDIS API that you can use binary miniport drivers with FreeBSD/x86, thereby allowing FreeBSD to leverage existing Windows(R) drivers for its own nefarious purposes. How does it work? ---------------- Project Evil provides two main facilities: a PE (Portable Execution) file loader, and a native implementation of the NDIS API built on top of the existing BSD networking architecture. The PE loader has just enough brains to be able to identify a valid .SYS file, relocate it and perform dynamic linking on it, thereby allowing the NDIS driver to call out to native FreeBSD kernel routines. The NDIS API library provides all of the necessary functions that a given .SYS module might reference. Project Evil also simulates a small number of other Windows(R) kernel modules commonly used by NDIS miniport drivers, namely HAL.dll and ntoskrnl.exe. A small if_ndis driver module uses the NDIS library API to make the underlying NDIS miniport driver appear to BSD as a native 'ifnet' interface. Where did it come from? ---------------------- My ass. And you thought the goatse guy had it rough. Ok, seriously. Project Evil was largely inspired by the DriverLoader product available for Linux from LinuxAnt.com. After reading about it, it dawned on me that there was very little stopping me from implementing the same functionality for FreeBSD. At the very least, it seemed like an interesting learning experience, and at the most, it might make a lot of peoples' lives easier, especially my own. Note however that Project Evil has nothing whatsoever to do with DriverLoader or LinuxAnt. What's the catch? ---------------- Windows(R) NDIS miniport drivers are only available for the Intel x86 processor family (and clones). This means Project Evil only works on FreeBSD/x86 as well, and you can't take advantage of your spiffy new network card on FreeBSD/sparc64, FreeBSD/alpha or FreeBSD/ppc. What drivers will work with it? ------------------------------ Ideally, any Windows(R) NDIS 5.0 or 5.1 miniport ethernet driver should work, although it may take some time to reach that stage. Ultimately, wireless drivers should work too. Is it done yet? -------------- Not quite. The PE file loader is done, and I can call a driver's init routine and have it read the PCI bus, I can reset the adapter, call the query info routine (i.e. learn the ethernet address), handle interrupts, and recenve and transmit packets. I'm at the point now where I can successfully ssh into the test machine through the ndis0 interface. I still need to fill in more NDIS routines used by other drivers. I don't expect start checking in code until after the freeze for FreeBSD 5.2-RELEASE is lifted. I'm currently using a LinkSys LNE100TX v4 10/100 PCI ethernet card (ADMtek Centaur chipset) for testing. (It's a simple chip, and there's already a FreeBSD native driver and readily available documentation for debugging. What else do you have to do? --------------------------- - Handle multicast filter setup - Finish setting up ifmedia stuff (change/report media, report link state) - Rummage around through more NDIS drivers and fill in additional NDIS, HAL and ntoskrnl routines that the sample one I'm using now doesn't happen to need - Rig up a better conversion program to take both a foo.sys and foo.inf file and create a foo.h file with both the foo.sys image in it, and a bunch of sturctures based on the driver-specific registry keys defined in the .inf file - Set up if_ndis.c to create per-interface sysctl nodes for the registry data stored in foo.h Where can I learn more? ---------------------- The following materials will be of immense help to anyone interested in doing similar work in this area: - The Wine source code, specifically the ntdll library (http://winehq.org) - The mplayer source code, which has a .dll loader (http://mplayerhq.hu) - The freely available PE disassembler utility pedisassm (http://www.woodmann.com/fravia/zipped/dsasmsrc.zip, among other places) - The Windows 2000 or XP DDK header files (http://www.microsoft.com) - MSDN articles on PE file format: http://msdn.microsoft.com/msdnmag/issues/02/02/PE/default.aspx http://msdn.microsoft.com/msdnmag/issues/02/03/PE2/default.aspx - FreeBSD ethernet driver source code - FreeBSD bus_dma man pages - _TCP/IP Illustrated_ Vol. 2 Why are you calling it Project Evil? ----------------------------------- Because this is probably the most evil thing I've ever done. What can I do to help? --------------------- Stay the hell out of my way. If I need help from anyone, I'll ask.