Introduction
The ESP32-Open-MAC project seeks to reverse engineer the proprietary WiFi stack of the ESP32, along with PHY. The goal is to create a free and open source WiFi MAC implementation for the ESP32.
Architecture
Hardware
flowchart TD
bb["Baseband (BB)"]
rf["Radio (RF)"]
bb <-- "I/Q Signals" --> rf
The above diagram is a simplified guess of the hardware structure of ESP32 wireless communication hardware. The air interface on the device consists conceptually of two main parts represented above.
The first part is the RF (Radio) frontend, which is in charge of everything analog and the conversion from analog to digital and vice-versa.
The second part is the BB (Baseband), which implement the physical layer for WiFi and Bluetooth.
Data is shared between these two, in the form of a digital I/Q signal (In-phase and Quadrature signal) samples.
Software
The hardware on the ESP32 is controlled by proprietary blobs, which are interfaced with through a shallow API.
The mentioned blobs range in complexity depending on the peripheral they control. WiFi baseband seems to be comprised from a couple of FreeRTOS tasks while Bluetooth baseband appears to include an scheduler, events, many tasks and message echange mechanisms.
Radio
Wireless communications on the ESP32 chip are interfaced via an RF (Radio Frequency) peripheral designed by Riviera-Waves (now Ceva-Waves).
The diagram below ilustrates the main hardware components of the RF frontend of the chip.
block-beta
columns 2
iface<["I/Q Signal Interface "]>(up, down):2
adcs["ADCs"]:1
dacs["DACs"]:1
rfsynth["RF Synthesizer"]:1
rfmixer["RF Mixer"]:1
balun["Balun"]:2
antenna["Antenna"]:2
The RF frontend contains a balun, RF synthesizer, RF mixer, RF switch and an analog/digital frontend consisting of two ADCs and two DACs.
The reason there are two is, that the ESP32 uses complex/IQ sampling. When a signal arrives from one of the basebands, it passes through the DACs and gets converted to an IQ signal, which then passes through the RF switch and enters the mixer, where it's converted to RF. For receiving it's the whole processes in reverse.
The purpose of the RF switch is to select between the TX and RX paths inside the chip. It can also be set to bridge TX and RX which is used for calibrating the IQ imbalance caused by manufacturing inaccuracies.
Baseband
ESP32 basebands implement the PHY (Physical Layer) of WiFi and Bluetooth. Each baseband is it's own peripheral and is controlled individually.
WiFi
The WiFi peripheral on the ES32 is controlled by two FreeRTOS tasks, one of which handles the MAC (Medium Access Control) and the other one the PHY (Physical Layer).
They interface with each other through a number of message queues, on top of which an ioctl-interface exists.
Espressif chose a mostly SoftMAC architecture for the ESP32, with ACKing and MAC address filtering implemented in hardware.
Glossary
| Short term | Meaning | Notes |
|---|---|---|
| BLE/BTLE | Bluetooth Low Energy | |
| BT | Bluetooth | |
| ISM Band | Industrial Scientific and Medical Band | The frequency band, in which WiFi, BT and IEEE 802.15.4 operate, is the 2.4GHz ISM BAND |
| MAC | Medium Access Control | This is context dependent |
| PHY | Physical Layer | |
| RF | Radio frequency | |
| WiFi | Expensive certification for IEEE 802.11 compliance; No direct meaning | The WiFi Alliance specifies the different WiFi revisions like WiFi4-7, which are a subset of the IEEE 802.11 in the sense, that they specify which features are required and which are optional for certification. WLAN and WiFi can in practice be used interchangeably. |
| WLAN | Wireless Local Area Network | This is defined in IEEE 802.11 |