MUSBLAN Customer Kit Configuration

September 1, 2020

Belcarra’s MUSBLAN for MacOS is a Driverkit Extension that implements Networking over USB.

Installation of the MUSBLAN Driverkit Extension is done from the MUSBLAN Installation program. The Application bundle for the installation program contains the Driver Extensions required to implement the driver.

The configuration of the installation program requires:
1.    Customer Name for the installation program
2.    The customer USB Vendor ID and list of Product ID’s to match
3.    Two provisioning profiles.
a.    Installation application
b.    DriverKit extension

Provisioning profiles are generated by using an Apple Developer Account. They contain the Team Identifier for the Developer Account, the public keys for the codesigning certificate that will be used to codesign bundles that use the provisioning profile, and the specific entitlements that the bundle is requesting.

Belcarra can provide the profiles and codesign the resulting Application Bundle.

Optionally if the customer needs to codesign the Application Bundle, they must provide the provisioning profiles because the certificate that will be used for codesigning is specified in the provisioning profile.

Entitlements

The creation of the required provisioning profiles requires specific entitlements and certificates.

Customers that need to generate their own provisioning profiles will need to request these entitlements from Apple, and approved by Apple for the specific Developer account they will be using:
     System Extension - used by the Installation application
     DriverKit USB Transport - VendorID - used by the DriverKit extensions

N.B. The USB Transport entitlement will be granted for a specific USB Vendor ID. The DriverKit extension cannot be used for any Vendor ID not specifically called out in the provisioning file.

N.B. It is not clear at this time if Application Bundles containing DriverKit Extensions can be distributed in the Mac App Store.

 Entitlements can be requested from Apple at this page: https://developer.apple.com/contact/request/system-extension/

Tools for configuring and working with Linux Gadget available on GitHub



https://github.com/Belcarra/gadgetconfig

We have made the above available as part of our ongoing efforts to assist developers who want to implement USB devices. This package contains tools for configuring Gadget USB Devices and integrating with systemd.
It relies on the Gadget ConfigFS module libcomposite to create and manage Gadget USB Devices.

Microchip PIC32MZ Network over USB Demo Kit available on GitHub

https://github.com/Belcarra/pic32mz_usblan_harmony3_demo


This is a demonstration kit for the Belcarra PIC32MZ USBLAN Driver using either of Microchip's PIC32MZ EF Starter Kit or PIC32MZ EF Curiosity Board.

The kit demonstrates how Networking over USB can be used as an alternative to Ethernet or WiFi and provide lower cost networking to a Microchip PIC32MZ based board with performance that is close to Ethernet at over 80Mbps per second.

Networking over USB allows a point to point network connection to be used between the PIC32MZ board and a Windows, Mac or Linux host.

This kit is based on the Microchip Harmony 3 Framework demonstration project however it is not necessary to have the Harmony 3 Framework or the MPLAB Code Configurator installed.

MUSBLAN: USBLAN for MacOS

Introduction

MUSBLAN is an adaptation of Belcarra Technologies USBLAN for Windows to the MacOS (10.11.1 and later) environment.

MUSBLAN focuses on three protocols for networking over USB: Microsoft RNDIS, CDC-EEM and CDC-ECM subset. Kits are protocol-specific.

Parameters of a kit

An MUSBLAN kit has the following parameters:

  • USB Vendor/Product ID/Interface triples (driver personality information). 
  • IP address of a Virtual Network Interface in MacOS which is bridged to the attached USB device(s). 
  • Protocol: CDC-ECM subset, EEM or RNDIS. Other protocols (ECM, NCM) on request.

Automatic system configuration

The MUSBLAN system offers a DHCP service to both the MacOS host and one or more attached devices, forming a network segment of those network nodes.  The host IP address is a kit parameter, always ending in 1, e.g. 192.168.200.1.  This address is mapped to a Virtual Network Interface in the System Preferences Network pane on the Mac. Attached devices take sequential positions, e.g. 192.168.200.2, 192.168.200.3.  In this way both ends of the link can be DHCP clients and yet know the IP address of the remote end of the link.

Contents of a Kit

MUSBLAN is provided as a "Kext", kernel extension package, including preinstall and postinstall scripts which first remove previous instances, unload possible conflicting extensions, install the new kernel extension, and then load it.

MacOS Security Policy

MacOS security policy now requires that kernel extensions from third parties be approved by the user in the Security&Privacy pane of System Preferences or during system boot immediately after installation.

DemoDriver

An evaluation version of MUSBLAN  is available to OEM's upon request

Windows 7 Unpatched

Installing Belcarra USBLAN on a Windows 7 system that is not up to date with security patches may fail.

Running the setup.bat file which uses DPInst.exe to preinstall the driver will work correctly, but after plugging your device in you may see the following or similar dialog boxes.


















In the Device manager you will see an error icon next to the network driver associated with your device. These indicate that the target Windows 7 system does not have the current set of root certificates and security patches.

USBLAN 2.4.11 and later installation kits will have an additional win7up directory containing drivers signed according to the requirements for an unpatched version of Windows 7.

NDIS 6.3 - InstantGo Developer Notes

Network Device Interface Specification (NDIS) 6.3, included with Windows 8 and newer Microsoft Operating Systems implement new power management capabilities especially for devices such as tablets and 2 in 1 systems..

The following engineering notes (Stuart Lynne) addresses a particular feature known 
variously as:
  • InstantGo
  • AOAC (Always On / Always Connected)
  • Connected Standby
InstantGo capable devices (aka Windows on Tablets) are designed to minimize power consumption and extend battery life. If Windows determines that a connected device is not being actively used it will attempt to suspend it.

Favourites