diff options
Diffstat (limited to 'Replicant_contributors_meeting_27_28_July_2019_Paris_France/modems/Replicant_and_modems_Introduction.tex')
| -rw-r--r-- | Replicant_contributors_meeting_27_28_July_2019_Paris_France/modems/Replicant_and_modems_Introduction.tex | 522 |
1 files changed, 522 insertions, 0 deletions
diff --git a/Replicant_contributors_meeting_27_28_July_2019_Paris_France/modems/Replicant_and_modems_Introduction.tex b/Replicant_contributors_meeting_27_28_July_2019_Paris_France/modems/Replicant_and_modems_Introduction.tex new file mode 100644 index 0000000..17463d4 --- /dev/null +++ b/Replicant_contributors_meeting_27_28_July_2019_Paris_France/modems/Replicant_and_modems_Introduction.tex @@ -0,0 +1,522 @@ +\documentclass{beamer} +\usepackage[english]{babel} +\usepackage{color} +\usepackage{graphicx} +\usepackage{ifthen} +\usepackage[utf8]{inputenc} +\usepackage{listings} +\usepackage{pdfpages} + +\lstdefinestyle{terminal}{ + backgroundcolor=\color{black}, + basicstyle=\scriptsize\color{green}, +} + +%% Based on: +%% https://tex.stackexchange.com/questions/136900/insert-a-full-page-image +\newcommand{\pictureframe}[1] { + { + \begin{frame} + \noindent + \resizebox{\textwidth}{\textheight} + {\includegraphics{#1}} + \hspace*{-\textwidth} + \end{frame} + } +} + +\usetheme{Singapore} + +\title{Modems support in Replicant} +\author{Denis 'GNUtoo' Carikli} +\date{\today} + +\begin{document} + +\maketitle + +%% TODO: Using \itemize{} fails to compile +%% TODO: convert \center frames to chapter title + +\begin{frame} + \center{In this presentation:} + \begin{itemize} + \item The hardware + \item Android Reference implementation (More simple) + \item Questions and/or Pause + \item Replicant's Samsung IPC implementation (More complex) + \end{itemize} +\end{frame} + +\begin{frame} + \center{The hardware} +\end{frame} + +\pictureframe{../../external_resources/replicant_website/images/freedom-privacy-security-issues/hardware.png} +\pictureframe{../../external_resources/replicant_website/images/freedom-privacy-security-issues/good-modem-isolation.png} + +\pictureframe{output/example_modem.png} + +\begin{frame} + \center{Why do we look at android reference implementation first?} + \begin{itemize} + \item The hardware is more simple + \item The protocol is way easier to understand + \item Has good enough documentation (standard, reference implentation) + \item It also explains why we got protocols like samsung-ipc + \item Relevant for devices with free software bootloaders + \end{itemize} +\end{frame} + +\begin{frame} + \center{Example: Openmoko} + \begin{itemize} + \item Simple + \item But very strongly outdated + \end{itemize} +\end{frame} + +\pictureframe{output/serial_modem_hardware.png} + +\begin{frame} + \center{AT commands} + \begin{itemize} + \item The good parts: + \begin{itemize} + \item Standard (ETSI GSM 07.07 / 3GPP TS 27.007) + \item Publically available, no registration + \item pdf versions: git://git.osmocom.org/3gpp-etsi-pdf-links.git + \end{itemize} + \item The bad parts: More on that later... + \end{itemize} +\end{frame} + +\begin{frame} + \center{Examples based on the specification (07.07)} +\end{frame} + +\begin{lstlisting}[style=terminal] + # use verbose error values, report registration + > AT+CMEE=2;+CREG=1 + < OK + > AT + < OK + > AT+CFUN=1 + < OK +\end{lstlisting} + +\begin{lstlisting}[style=terminal] + # use verbose error values, report registration + > AT+CMEE=2;+CREG=1 + < OK + > AT+CFUN=1 + < +CME ERROR: SIM PIN required + > AT+CPIN="1234" + < +CME ERROR: incorrect password (user entered wrong PIN) + > AT+CPIN="4321" + < OK + > AT+COPS=0,0 + < OK + < +CREG: 1 + > AT+COPS? + < +COPS: 0,0,"SFR" + > OK +\end{lstlisting} + +\begin{frame} + \center{AT commands: The bad parts:} + \begin{itemize} + \item Syncronous + \item difficult to write parsers (need to keep state) + \item Slow + \item Vendors extensions + \end{itemize} +\end{frame} + +\begin{frame} + \center{More realistic example} +\end{frame} + +\begin{lstlisting}[style=terminal] + # 0707: +CSQ: <rssi>,<ber> + # MDM6200/6600: +CSQ: <N> + # 0707: 31 = -51dbm + # MDM6200/6600: 31 = -75dbm + > +CSQ: 31 + < +CRING: VOICE/06050403002 +\end{lstlisting} + +\begin{lstlisting}[style=terminal] + # Enable noise cancelation on the OpenMoko + > AT%N0105 + < OK +\end{lstlisting} + +\begin{frame} + \center{Example of issues} + \begin{itemize} + \item What if the answer doesn't come back? + \item What if there is some noise on the serial port? + \item What if I need to run another commands while waiting for the answer of the previous one? + \item More modern modems with AT protocol (Example: GTA04): + \begin{itemize} + \item Modem connected over USB + \item Serveral "virtual serial" interfaces + \end{itemize} + \end{itemize} +\end{frame} + +\begin{frame} + \center{The bad parts:} + \begin{itemize} + \item $\rightarrow$This lead vendor to make their own protocol. + \item $\rightarrow$Very similar issues with GPS (NMEA not meant for GPS). + \end{itemize} +\end{frame} + +\begin{frame} + \center{AT commands are still in use:} + \begin{itemize} + \item GTA04 + \item Optimus black + \item Usually (also) available on modems available at low quantity orders. + \item $\rightarrow$Often in use on devices made for the free software community . + \item Sometimes vendor documentation is even publically available for specific modems. + \end{itemize} +\end{frame} + +\begin{frame} + \center{Handling AT command set in Android} +\end{frame} + +\pictureframe{output/serial_modem_software.png} + +\begin{frame} + \center{rild} +\end{frame} + +\begin{frame} + \center{finding libril implementation} + + \raggedright + finding libril implementation: + \begin{verse} + vendor ril lib path either passed in as -l parameter, or read from rild.libpath property + \end{verse} + \begin{verse} + ril arguments either passed in as - - parameter, or read from rild.libargs property + \end{verse} +\end{frame} + +\begin{frame} +\center{finding libril implementation} +\end{frame} + +\begin{lstlisting}[style=terminal] + $ cd device/samsung/i9300 + $ git grep rild + system.prop:rild.libpath=/system/lib/hw/libsamsung-ril.so + system.prop:rild.libargs=-d /dev/ttyS0 +\end{lstlisting} + +\begin{frame} + \center{In the code: hardware/ril/rild/rild.c} +\end{frame} + +\lstset{language=C} +\begin{lstlisting} +int main(int argc, char **argv) { + // [...] + const RIL_RadioFunctions *(*rilInit)( + const struct RIL_Env *, int, char **); + // [...] + dlHandle = dlopen(rilLibPath, RTLD_NOW); + // [...] + RIL_startEventLoop(); + // [...] + rilInit = (const RIL_RadioFunctions *(*)( + const struct RIL_Env *, int, char **)) + dlsym(dlHandle, "RIL_Init"); + funcs = rilInit(&s_rilEnv, argc, rilArgv); + // [...] + RIL_register(funcs); + // [...] +} +\end{lstlisting} + +\begin{frame} + \center{reference-ril} + \begin{itemize} + \item Implements libril, like libsamsung-ril + \item Same git repository than rild + \item AT commands, very basic (only one channel) + \item Beware of CaMeL Case Code and \_ mix (RIL\_Init, not RIL\_init) + \end{itemize} +\end{frame} + +\lstset{language=C} +\begin{lstlisting} +const RIL_RadioFunctions *RIL_Init( + const struct RIL_Env *env, + int argc, char **argv) { + while ( -1 != (opt = getopt(argc, argv, + "p:d:s:c:"))) { + // [...] + switch (opt) { + // [...] + case 'd': + s_device_path = optarg; + RLOGI("Opening tty device %s\n", + s_device_path); + break; + // [...] + } + } // [...] +} +\end{lstlisting} + +\lstset{language=C} +\begin{lstlisting} + static const RIL_RadioFunctions s_callbacks = { + RIL_VERSION, + onRequest, + currentState, + onSupports, + onCancel, + getVersion + }; + // [...] + + const RIL_RadioFunctions *RIL_Init( + const struct RIL_Env *env, + int argc, char **argv) { + // [...] + return &s_callbacks; + } +\end{lstlisting} + +\begin{frame} + \center{Calling} +\end{frame} + +\lstset{language=C} +\begin{lstlisting} + static void onRequest (int request, void *data, + size_t datalen, RIL_Token t) { + // [...] + switch (request) { + // [...] + case RIL_REQUEST_DIAL: + requestDial(data, datalen, t); + break; + // case [...] + } +\end{lstlisting} + +\begin{frame} + \center{requestDial} +\end{frame} + +\lstset{language=C} +\begin{lstlisting} + static void requestDial(void *data, + size_t datalen __unused, RIL_Token t) { + // [...] + ret = at_send_command(cmd, NULL); + + free(cmd); + // [...] + RIL_onRequestComplete(t, RIL_E_SUCCESS, + NULL, 0); + } +\end{lstlisting} + +\begin{frame} + \center{Incomming call} +\end{frame} + +\begin{frame} + \center{onUnsolicited} +\end{frame} +\lstset{language=C} +\begin{lstlisting} + static void onUnsolicited (const char *s, + const char *sms_pdu) { + // [...] + if (strStartsWith(s,"+CRING:") + || strStartsWith(s,"RING") + || strStartsWith(s,"NO CARRIER") + || strStartsWith(s,"+CCWA") ) { + RIL_onUnsolicitedResponse ( + RIL_UNSOL_RESPONSE_CALL_STATE_CHANGED, + NULL, 0); + // [...] + } + // [...] + } +\end{lstlisting} + +\begin{frame} + \center{RIL\_Init} +\end{frame} +\lstset{language=C} +\begin{lstlisting} + const RIL_RadioFunctions *RIL_Init( + const struct RIL_Env *env, + int argc, char **argv) { + // [...] + ret = pthread_create(&s_tid_mainloop, &attr, + mainLoop, NULL); + // [...] + } +\end{lstlisting} + +\begin{frame} + \center{MainLoop} +\end{frame} +\lstset{language=C} +\begin{lstlisting} + static void * mainLoop(void *param __unused) { + // [...] + ret = at_open(fd, onUnsolicited); + // [...] + } +\end{lstlisting} + +\begin{frame} + \center{at\_open} +\end{frame} +\lstset{language=C} +\begin{lstlisting} + static ATUnsolHandler s_unsolHandler; + // [...] + + int at_open(int fd, ATUnsolHandler h) + { + // [...] + s_unsolHandler = h; + // [...] + ret = pthread_create(&s_tid_reader, &attr, + readerLoop, &attr); + // [...] + } +\end{lstlisting} + +\begin{frame} + \center{readerLoop} +\end{frame} + +\lstset{language=C} +\begin{lstlisting} + +static void *readerLoop(void *arg __unused) +{ + for (;;) { + // [...] + processLine(line); + // [...] + } + // [...] +} +\end{lstlisting} + +\begin{frame} + \center{processLine} +\end{frame} +\lstset{language=C} +\begin{lstlisting} + static void processLine(const char *line) { + pthread_mutex_lock(&s_commandmutex); + if (sp_response == NULL) { + /* no command pending */ + handleUnsolicited(line); + } // [...] +} +\end{lstlisting} + +\lstset{language=C} +\begin{lstlisting} + static void handleUnsolicited(const char *line) + { + if (s_unsolHandler != NULL) { + s_unsolHandler(line, NULL); + } + } +\end{lstlisting} + +\begin{frame} + \center{Other protocols} +\end{frame} + +\begin{frame} + \center{Other protocols: status} + \begin{itemize} + \item "samsung-ipc" + \begin{itemize} + \item Implemented in libsamsung-ipc + \item Usable on Android and GNU/Linux + \item Incomplete + \item No wireshark dissectror + \item No upstream Linux driver yet + \end{itemize} + \item QMI + \begin{itemize} + \item Implemented in libqmi, other? + \item Usable with upstream Linux and in GNU/Linux + \end{itemize} + \item ISI (Nokia: N900, N9, etc) + \begin{itemize} + \item Implemented in Ofono, Freesmartphone.org, other? + \item Wireshark dissector + \item Upstream Linux drivers + \end{itemize} + \item "Palm Pre" + \begin{itemize} + \item Implemented in msmcomm + \item Was usable in GNU/Linux through Freesmartphone.org + \item Code lost? Michael Lauer should push it again soon. + \end{itemize} + \end{itemize} +\end{frame} + +\begin{frame} + \center{Other protocols: characteristics} + \begin{itemize} + \item Like a network protocol + \begin{itemize} + \item sequence number to match query and response + \item Asyncronous + \end{itemize} + \item Free software implementation not always available + \item Or incomplete (samsung-ipc) + \end{itemize} +\end{frame} + +\begin{frame} + \center{Use a supported protocol} + \begin{itemize} + \item Example with the Palm pre + \begin{itemize} + \item Had an unknown protocol that was used by the nonfree default implementation + \item Also had AT commands + \item People implemented the AT commands + \item No ring indication if my memory is correct + \item At the end they implemented the unknown vendor protocol in msmcommd + \end{itemize} + \end{itemize} +\end{frame} + +\begin{frame} +\center{Questions?} + \begin{itemize} + \item Next part is about Samsung IPC + \item Increasing level of complexity + \item Increasing level of complexity + \item $\rightarrow$ Questions on the first part before continuing. + \end{itemize} +\end{frame} + +\begin{thebibliography}{99} +\end{thebibliography} + +\end{document} |