Add api call osmo_st2_cardem_request_config2(struct cardemu_usb_msg_config *)
which contains a full cardemu_usb_msg_config.
Related: SYS#6946
Change-Id: Iacde63e667472a85a5f18cb4ca99dcfa1a84dd59
The sim presence pin allows the simtrace2 to inform the modem
about the presence of the simcard. On a generic simcard slot a
button is pressed by the simcard which generate a high or low voltage level.
Even though there are specifications of minipcie or ngff defining this signal, certain
modems behave different.
Certain modems require different signals from the specification.
Extend the usb protocol to set the behaviour at runtime.
Related: SYS#6946
Change-Id: I77118114ba873fdf0778137402888b40f2442456
Set CFLAGS on top of the Makefile, to avoid using the distribution's
default CFLAGS. In debian testing and unstable, -fcf-protection was
recently added to the default CFLAGS, but it cannot be used with the
cross compiler:
[COMPILING libosmocore/source/backtrace.c]
cc1: error: '-fcf-protection=full' is not supported for this target
make[2]: *** [Makefile:270: obj/simtrace/flash_backtrace.o] Error 1
Change-Id: I5f7cd0402f9bb85dd600204fdf8855773ddbeb70
At the moment only APDUs are logged to GSMTAP. It is not uncommon that a
card is resetted by the UE multiple times during normal operation. When
the trace lacks the reset events (ATR) it becomes difficult to follow in
which state the card actually is. Let't mark reset events by sending the
ATR via GSMTAP (like simtrace2_sniff already does it)
Related: OS#6094
Change-Id: I6b4d82b6ee369c95eeca8f7d59478452395fbe54
Move the logic down to where make gets called, so we don't need the
variable. Print whether we use CLANG or GCC.
Don't put /opt/llvm-arm/bin infront of PATH unless building with CLANG.
Right now it doesn't seem to have e.g. an override for gcc, but the
files in that path may change when we update
LLVM-embedded-toolchain-for-Arm.
Related: OS#6026
Change-Id: Id768e0dbed9265f042b942e6699683723ca40a7c
Set --no-parallel, as in v10 debhelper defaults to parallel building.
This is apparently not supported by simtrace2's Makefile, it leads to
multiple non-trivial build errors. In contrib/jenkins.sh we also don't
build multiple firmwares in parallel.
Related: OS#5958
Related: https://manpages.debian.org/testing/debhelper/debhelper-compat-upgrade-checklist.7.en.html
Change-Id: I49fcc4fe9d3e795f8c3514d35ff3e2beca2917d1
The Makefile already runs autoreconf -fi in the "utils" target:
utils:
(cd host && \
autoreconf -fi && \
./configure --prefix=/usr --disable-werror && \
make)
The override is not useful, as it leads to debhelper running autoreconf
as well, but without running ./configure and make in the host directory
afterwards. So autoreconf just runs twice.
I've also considered to change debian/rules to only run the "fw"
target, and not the "utils" target of the Makefile. But that only makes
it more complex, as debhelper would then need to run make twice, once in
the root directory (as "make fw"), and once in the host directory. We
would need to add several lines to debian/rules to do effectively the
same thing.
Make this change now, as "cd host && dh_autoreconf" doesn't work with
debhelper compat level v10 anymore (--sourcedir could be used instead,
but as mentioned above, it's not useful).
Related: OS#5958
Change-Id: I12f379b4ec2de6adc86557d89319ab1d04ed5e73
* Fix UTF-8 encoding. This caused the endianness check to fail, which
reads all .c and .h files.
* Add .checkpatch.conf to skip linting for:
firmware/atmel_softpack_libraries
Change-Id: Ibb2e42e9b4307275a33e4000c201847a6bd60137
We so far didn't have interrupts enabled for those, and just caught
them "by accident" if a byte was received or if a timeout happened.
Let's explicitly enable those interrupts so we also catch those
conditions by themselves.
Change-Id: Ia27f537706b9a6252dd18175545c6f27a7d17d0e
Before this patch, all UART characters went through a fifo/ringbuffer
of depth 512, while events like timeout were delivered directly via
a global flags variable from ISR to main code. This means that one or
more correct/complete TPDUs could theoretically still be in the FIFO,
but the "Fast path" of the timeout handling is pre-empting that and
messing with the state machines.
All events from the UART should be delivered via the ring-buffer to make
sure they arrive in order at the main function.
The old "report timeout via change flags in separate USB message" code
is left in place. On the USB protocol we should keep it for
compatibility. Internally we should probably also migrate that over
to the new ring-buffer method in a second step.
Change-Id: I4434c6fcd59d1a425e9ded734bbc8b0411a0a0d8
those kind of errors should be passed to the main loop for further
processing, in-order together with the byte stream received from the
USART.
Change-Id: Iebd9bbc97c2a5a0c402e7a2711520299a1ade568
So far, we use a uint8_t ring buffer as "FIFO" between USART Rx
interrupt and main context. That's fine for expressing the bytes we
receive. However, if we also want to report USART errors synchronously
in that stream, we actually need more bits to express those.
Reporting USART errors via the ring buffer is the only way how the
sniffer code can know in which TPDU the error occurred. Reporting them
any other way (global variable, ...) would loose the timing relationship
where in the received stream the error occurred.
This change just changes the ringbuffer from 1024-entry 8bit to
512-entry 16bit and doesn't add any error reporting.
Change-Id: Ifde054fbfe7f753b61e7d3409c56eca6e0faeb4b
Not critical (we disable the USART interrupts in NVIC anyway), but
if Sniffer_init() enables this flag, it's good style for Sniffer_exit()
to disable it.
Change-Id: I92e16a160d60fcab33c81e0cf074088b9f20b9ae
It's a bad idea to have a two-character global variable which might
easily clash with local variable names.
Change-Id: Ic2fac64129d2772a1923f35e48582be3b130a0f2
This is a purely cosmetic change that groups PPS, TPDU and ATR related
global variables into structs. The structs get g_ prefixes to indicate
a global variable. This avoids confusion between very short/generic
variable names that might clash with local variables.
Change-Id: I3e02f6c6b063ebc860b7a2a54dfc6051f1ea584f
process_byte_pps() would never enter the error path in which the
first byte would be != 0xff. However, the caller already verified
this before calling process_byte_pps() so the error path should
never be hit anyway.
Change-Id: Ia74b6338219a6965e6bd35a6efcf369890e02d81
rbuf_write() will tell us in the return value if the buffer was full
(error) or not (success). Let's use that return value rather than a
theoretically race-y call to rbuf_is_full() before.
It's theoretical as the write happens from IRQ context and the read from
normal process context, so the fill-level cannot really change while
we're in the USART interrupt. So it doesn't fix a bug, just improves
coding style and also avoids an extra function call + irq-disable/re-enable.
Change-Id: Icf570d0aa48d67a19e63c6e2b6caa14438fe88e3
In low-level debugging it might be useful to trace the TPDU state
changes, so let's factor-out the state-setting as a function that
can be amended with printf() or GPIO toggles or the like.
No logical change is introduced here, just assignments replaced with
calling a function that does the assignment. compiler should inline
that.
Change-Id: Ie61321404f3686234c61c68a07d6cb9f5830ddc1
Reading of code + datasheet showed that we did enable parity checking
but never actually checked if the USART has the PARE bit in CSR set.
Let's change that. Plus also avoid possible race conditions due to
multiple status resets via US_CR_RSTSTA. Let's only reset that once
per interrupt handler.
TODO: actually do something useful at that point. We currently don't
report those to the host, nor do we attempt to recover in any way. The
data sheet also doesn't tell us what it actually does in such
situations; it appears the character is *not* returned from the USART,
so we're missing one byte in the stream at that point.
Change-Id: I5f012d86c61a2377d355396e7b95d078952bee7c
Related: OS#5464
Due to popular demand people want elf files that can be loaded to get
debug symbols, so publish the elf file, but not the stub-less bin file.
This elf file can ONLY be used to look up symbols, it should NOT be
"load"ed into flash, because the preceding crc stub has to match. Mixing
older crc stubs that are still in flash and newer elf files means the
device will end up in DFU mode upon reset.
Change-Id: Ifceb16d385388356ac1bf8b13f5df62c643bebf8
In the function set_tpdu_state(), there is a missing transition to
WAIT_TX state. This is fine if you are coming from the WAIT_PB state,
which has already restarted the waiting timer via
card_emu_uart_update_wt(), but if you are coming from the WAIT_RX
state, then card_emu_uart_update_wt() is never called and the USART
timer is never restarted. (Because the transmitter is left enabled in
WAIT_RX, the response is still sent to the modem; it is just the
half-wait timeouts that are missing).
Change-Id: Ib4eb964c073192e8f067004625af818ba2caf003
- improves trace diagnostic output by moving cursor back over the
the rotor before a diagnostic message has a chance to be printed.
there is still a race condition, but it is much better.
Change-Id: Iad7767f2a5dbbd67b0f33b9bfc2c3864ce308990
As the bootloader goes beyond partition size in modern gcc, use clang
instead.
Depends: docker-playground Ib82a53fa7edc62d21e772efbb9b2c049d1b50c4d
Related: OS#5260
Change-Id: I2aa2e20e75e334560dbe1f6db9fd1491873ff91f
This fixes the firmware USB interface somehow getting stuck
after a USB disconnect/reconnect without power cycle.
Right now there are a number of things we only execute the first time we
reach USBD_STATE_CONFIGURED, but not at any subsequent such event.
It's also rather clear that this doesn't really show in simtrace2 as it
is bus-powered. And it doesn't show on OWHW as we don't have any USB
unplug situations of the USB between the on-board traces of USB host and
SAM3S. So this really only is relevant to QMOD.
A cheap and dirty work-around is to simply reset the entire uC every
time a USB unplug happens.
Change-Id: I6678bb2192c1419ed388b46c4ae7aa1ce18dc7ee
Related: OS#5578
osmo_apdu_segment_in() may return a negative number on receipt of
"unknown APDU case", and that would crash simtrace2-cardem-pcsc:
msgb(0x55d2cf7aa8a0): Not enough tailroom msgb_put
(allocated 920, head at 0, len 7, tailroom 1017 < want tailroom 65534)
backtrace() returned 19 addresses
Whenever osmo_apdu_segment_in() fails to recognize an APDU, the
communication is broken, because we don't know if we should continue
transmitting or receiving. Only a successful return value by would
allow us to know this. Do not crash, exit() gracefully.
Change-Id: I9e97b955a28ec886a429d744f9316e7e71be4481
Related: OS#5600
Previously, only simtrace2-sniff generated GSMTAP protocol traces.
Let's add the same functionality to simtrace2-cardem-pcsc.
Change-Id: Iba6adf41b480d127bf11ee361c66d80fe8296313
Closes: OS#5494
This change prevents contention on the ISO7816 bus by disabling the card emulation state machine when the SIM switch is in the local mode. Without this change, the card emulation firmware can clobber ISO7816 communications and cause contention with certain (but not all) SIM cards.
Changes:
- Add 'enabled' flag to cardemu instance that is set/cleared by usb_command_sim_select() (the only place where sim switch occurs).
- Flag is initialized as false (disabled) by default, to match local SIM mode default.
- When card emulation is disabled, force SIM VCC to be "OFF", SIM RESET as "not in RESET", and drop bytes bytes received on the ISO7816 interface (but do service buffers).
Change-Id: I4010f988712eac4a6af8568ccd60062f9de62449
The firmware doesn't recover from a OSMO_ASSERT() which direct reset the board.
After the reset the firmware will waits forever for the USBD state USBD_STATE_CONFIGURED.
By adding the explicit USBD_HAL_DISCONNECT the board always recovers.
Fixes: OS#5478
Related: SYS#5752
Change-Id: I600a26025166d20b6b27c191f24e4023efdaadf6
Particularly the VCC/RST/CLK changes can happen quite frequent, and
we were seeing quite a number of overflows of the usb_buf queue for EP06
(interrupt endpoint) in cardem.
I first tried increasing the maximum queue size to up to 10, but that
still didn't resolve those EP06 overflow error log messages.
Reducing the bInterval from 16 to 1 made them go away in all my
tests.
Change-Id: I5c272c31983de7201cfbd445c4484f6832d878ab
this provides an esy way to understand more without looking at the
detailed decode for each packet.
Change-Id: I0aa3d68172022907fbe8371aaca6538df0649dfe
Sometimes I get LIBUSB_TRANSFER_ERROR particularly when the USB bus
is very busy. We shouldn't terminate the program, but simply resubmit
it. That's what we have multiple transfers for...
Change-Id: I77d7bc636c21171fcff7e70e87c0109cbaee9b51
We initialize a local variable to -1, and if the user specifies
no address from the command line, we use this in the interface match
struct, which uses a uint8_t. This means 255 ends up in there, and
as a result no usb interface ever matches unless the user explicitly
specifies the -A command line argument.
With this patch any absent -A argument will result in ifm.addr == 0,
which means "don't match on address", and which is what we want here.
Change-Id: Iffb5fa406ddef00c7c15570ffca2c109b98d7a2d
In some readers (at least CardMan 3121), the simtrace2-cardem firmware
claims there are power-up sequences where RESET is released before VCC
becomes active. Let's detect such spec-incompliant power-up sequences
and use them to trigger a cold reset of the card.
Change-Id: I682ac3d0c2b98749a6ed44f9a73e4b39354a4284
Closes: OS#5421
* drop log statements that are already in libosmo-simtrace2
* don't printf directly, but go via LOGCI
* make LOGCI use libosmocore logging
* configure libosmocore logging in a 'convenient' way
Change-Id: I6fa0da966e6d8e723c187404c17e90cfb3f3dd9f
This avoids related ASSERTs or error messages in case any of the
libosmocore / libosmousb API functions internally tries to log
something.
Change-Id: I611c435516856c5c8928d7810fd9a9b831adc199
the ISO7816 UARTs have highest priority, while console has lowest.
remaining sources (USB, ADC, GPIO) are in between.
Change-Id: Ie6c97d61d8da3990b6e44144f36cb6d37d194307
This is what we do in all other functions, not sure why this one
wants to silently ignore any such programming errors.
Change-Id: I022eee86a5a3b5077abe59897161578ed960f1b1
The SIMtrace2 protocol alwasy contained a field for the VCC voltage,
the cardem firmware just never populated that field, even on those
boards that use the ADC to determine its voltage.
Change-Id: Idcecad553fb36380e916378e1420488acbbfa8e3
this is redundant. We care about *which* message type, and not about
wasting horizontal screen real-estate.
Change-Id: I98f90561b39401f1c2339f79a3cb40574bb03b2d
This can lead to some fields not properly zero-initialized, fooling
our matching code into the application having requested certain
fields to match ('0' is usually assumed to be unspecified).
Change-Id: I304d55b584e37d9dccb75b24057bb682f799beb2
Add new board.h definition BOARD_MAINOSC_BYPASS to configure the clock module to use an external oscillator rather than a crystal. The qmod board is one such board.
Change-Id: If62f55cd4c8b0cf758534f09d25a9bcb028814a7
Add a new command to request that the simtrace2 firmware manipulate the
card detect signal, causing the downstream cellular modem to believe
that the SIM card has been inserted or removed, respectfully.
Change-Id: I8c79eb29379a789d9d0d21495e30d66ddbdfb022
DFU flashing of apps sometimes aborts, and although rare this leads to
broken devices if no boot button or serial/jtag access exists, because
the bootloader will keep trying to start a half-flashed app that then
crashes at some point.
The easiest fix that works with existing bootloaders is to prepend a
small 512 byte stub that calculcates the crc and compares it with the
crc calculated at build time, and then either starts the actual app, or
sets the dfu flag and resets. This ensures we either have a working,
running app, or end up in the bootloader, ready to flash again.
For obvious reasons this only applies to dfu apps, and not to flash
targets like the actual bootloader itself.
Change-Id: Id6df0486c8b779889d21800dc2441b3aa9af8a5f
Remove the paragraph about writing to the Free Software Foundation's
mailing address. The FSF has changed addresses in the past, and may do
so again. In 2021 this is not useful, let's rather have a bit less
boilerplate at the start of source files.
Change-Id: Ie0a3b2273383adbb3303faffd6ff96be7f4cae99
Apply various improvements from Martin Hauke, thanks!
* Put sover into a variable
* Sync BuildRequires with configure.ac
* Update libosmo-simtrace2 summary
* Use %make_build instead of make %{?_smp_mflags}
Change-Id: I35ce3865702f72365b38b0eaa8b28f332dabcd1f
Adjust the soname in the rpm recipe too, to fix:
error: File not found: /home/abuild/rpmbuild/BUILDROOT/simtrace2-0.8.0.202112100026-1.1.x86_64/usr/lib64/libosmo-simtrace2.so.0*
Change-Id: I748f44409ac736abbd5c18e31ae02d025dee2c77
The previous value was way too low and led to reenumeration issues when
switching from app to bl because the hosts are fairly lenient and
feature long delays until they accept disappearing devices as gone for
good instead of ignoring a presuambly flaky usb cable or connection.
Related: SYS5061
Change-Id: I9b8c8bf794ad5b94fc7ea2a01d1ebf4e36862c36
All the parts are DNP and never existed on the simtrace2 with sam3; the
sam3 has internal pullups that are part of the usb peripheral.
Change-Id: I04a703a2eba6ff1dc64692c089213389d0c1066d
This bl updater can be flashed as app and will update the bootloader and
then
delete itself before resetting the sam3, so the device will end up in
the newly
updated dfu bootloader afterwards, without having to press the
bootloader button
or requring any other manual interaction, ready to receive a new
application image.
Building the blupdater requires a previously built dfu-flash bootloader
bin file that
will then be embedded into the app during building.
Related: OS#1704
Related: SYS5061
Change-Id: I53dea57bba790a2ab3245d9483e0ff1c8d19d5e3
This led to occasional crashes for targets with leds since it was
introduced 3 years ago
The interesting thing is that most of the time it didn't crash...
Change-Id: Ia6a1b1fc0e44a301b4fb1d9c9fdbc27d61dcab97
Supposed to be used with https://github.com/ARM-software/LLVM-embedded-toolchain-for-Arm
+ distro provided binutils-arm-none-eabi package, might provide better and more reliable
binary sizes, especially for the bootloader.
Just run USE_CLANG=1 make
Change-Id: I1a19f40d44797efad5c46121e73115ed738a095b
This avoids
ERROR: osmo_log_info == NULL! You must call log_init() before using logging in log_check_level()
Change-Id: Id355ef33e10164f8e8eb40c2fd0b606bc8e9b6f7
This code already calls osmo_libusb_init further above in the top
of the main() function, so there's no use of calling libusb_init()
directly in the same function lines below.
Change-Id: I2e0c7446aaa644c5aae1059ce91ff9f729903cbc
We use other osmo_libusb_* functions later in the code, so it is best
to initialize the library via libosmousb, and not directly.
Change-Id: I2fd981935e1420e529f5dd8a98edd347c317284c
Let's create and publish binary builds for 'trace' on BOARD=ngff_carde.
According to SYS#5525 this is verified working since two months ago, so
there's no reason to withhold the binary builds for it.
Change-Id: I8a98002ef5aa58e5a3d49627323fe11505508bc8
Related: SYS#5525
This reverts commit e6a76c7bf4.
Might or might not cause weird issues depending on gcc and binutils
versions, let's see if this helps.
Change-Id: I2f593fd5e0f1494aae6b9fcfb2160a6c9168f5b8
We keep running out of rom space, so reduce tracing to nothing for alle
dfu targets, and let's hope newer gcc versions stop producing more
code...
Change-Id: I7d2947c84097035bed00ad489a175d614b4c388e
It does fit with some compiler versions, while others overflow the bl region,
so just reduce the trace level a bit to make it fits all the time.
Change-Id: I168a847da8dfc585aaeef0030f95fc225a713147
This makes sure downloads.osmocom.org will get cardem images
for the new ngff_cardem board.
The dfu loader was not enabled as it currently overflows the ROM
region by 200 bytes, see OS#5210.
Change-Id: Id2b7925c823fb19f880e06a205764d2b19de4ad4
Related: OS#5210
The "wait time extension timer" was apparently not being reset during
normal tx operations, which led to occasional NULL (0x60) bytes getting
injected into transfers, which in turn led to more tx bytes than what
the reader side expects...
The odd thing is that this was only noticeable with high baud rates,
probably due to the very long default WT of 9600 ETU, and even then only
because it led to weird ngff modem resets after benign transfers.
Change-Id: I15b0b83b7d93b8e5589f3640bd6eb2fc82f93394
Related: SYS#5553
There is no obvious reason why the st should be stuck in cardem mode
without a working running util on the host side since there is no state
that is being kept, so switch back to using the local sim upon reset.
Change-Id: Ib622af0027d40b4e8afbb0fa0d3689f0dbfcac92
Single threaded evaluation is (assumed to be!) left to right, depth
first - but with concurrent make using -j this breaks, because the
actual usb string header is generated after the attempt to concurrently
compile the code that needs it, since there is no explicit order among
the all: dependencies.
This is fixed by properly adding a dependency on that header.
Change-Id: I0bdf915deabeda861f6398e654764918e58a64c2
This adds support for the new ngff_cardem board, a board that
basically combines a ngff breakout board with a built-in SIMtrace2.
Cardem works, but depending on the modem it might need a adjusted ATR to
ensure a lower baud rate is used by the modem, high rates might lead
to weird power cycling of the card after a few transfers.
Trace was also tested and appears to work as expected.
Change-Id: Ia96124fbe8a752c98e7fd4096d542a3b2b9bc255
The simtrace-tool is a command line tool which can be used to e.g.
manually request a modem reset.
Change-Id: I3a8896ac2b3caef7590b51118359e5caed820a40
we shouldn't use a local copy of the device id list, which is already
outdated now that OCTSIMTEST support has been added to libosmo-st2
Change-Id: I2231006b94c33fe3b28ce37b0d54c67206751058
The tester has shifters, while the original simtrace relies upon the
reader restarting the powerup attempt with > 1v8 after not respondig due
to a lack of shifters and therefore 1v8 support.
Change-Id: I520aa26c6e0fb34568a4f632943efa59a0da831c
See Help->About Wireshark->Folders tab,the usual place this should go is
~/.local/lib/wireshark/plugins
Hot reload possible after editing using Analyze->Reload Lua Plugins
Change-Id: I360ab522dabc3a378969df36efd3b48fc4cade3c
Back in I8c9b0c3d862a967832134b24252577739182da62 we added support
for enabling the card_insert signal, but not for explicit disable
of it. Let's fix that.
Change-Id: I6f32bde60674119c9912e51059a53b5ee74d074a
The octsimtest board can control the card-insert contact of the OCTSIM
under test via an external I2C gpio multiplexer; let's add support for
that.
Change-Id: I8c9b0c3d862a967832134b24252577739182da62
* driver should not have hard-coded understanding about I/O directions
* board code should pass the I/O direction to driver
* board code should use the correct I/O directions (A0..7, B0: output)
Change-Id: Id4a8e012a33cee01bb489e612e17920760b9be59
octsimtest has a resistive voltage divider in front of the VCC ADC
in order to also detect 5V. We must make the thresholds board-specific
and adjust them for octsimtest.
Change-Id: I9e4adb4f349d2d838ea4100eb49271f3a0e7a2a5
Contrary to other hardware designs, octsimtest has a level-shifter in
the I/O line to support testing with 1.8, 3 and 5V. This level shifter
is bi-directional, but the direction needs to be explicitly specified
via the SIM_IO_DIR signal attached to PA26.
Change-Id: I44171363b5bd69d6049b12c86f8143be83557cb2
* code for controlling the Card slot + frequencyt divider muxes
* put everything in place to build cardem application for it
Change-Id: I7e03e0c0f2999a1ce2dad966d98e22033fa58465
The octsimtest board only supports cardem mode, not 'ccid'
nor 'sniffer'. Remove related GPIO pin #defines from board.h
Change-Id: I43e8631d945ba183a1e5b1e37dd4565adb377154
When the cardem detects a reset from the phone/modem, pass this on
to the actual card via the PC/SC reader. This is important to
reset the card state whenever requested by the stack/driver on the
phone/modem.
Change-Id: I7056476c5f81e8aa8f550afb86bf2380d1497ebb
Depends: libosmocore 20199da02d37a6d284915a27ec12641e79b8781c
This reverts commit baa62777c8 which
deleted simtrace-cardem builds to prevent them from being published.
Change-Id: I63fd4bea2985fcc87f202d8b69a4f24661858185
likewise, enable HAVE_SNIFFER currently only if we build the sniffer
firmware.
It's been many years too long to finally get those all merged in one
firmware :(
Change-Id: Ib433f180746f75458a44f4988643465bd846b04b
Before this patch, we would always use either a hard-coded default
ATR from the source code, or we would use one that the user specified
on the command line.
The more sane default is to pass-through the real ATR of the card.
Change-Id: I75bf618a6b0d983727de4c2f19b4b48ec3e12af8
Closes: OS#5107
Requires: libosmocore.git 22117a7164012d6d88fc202cd63df79c6068484d
There's some code that wasnts to goto within the while loop, and there's
some other code that wants to goto after the while loop. Don't jump
from outside the while loop into the while loop.
Change-Id: Ic2a94ad034dd259f15712687443b569f0d18ff3f
We should use service-aliases and not the primary host name, as
that makes migration between machines hard.
Change-Id: I34b18457268ae6f8ae3a053c5424210074a4d52e
As we store the waiting time (WT) in 'etu', we must adjust the formula
from ISO 7816-3. The 'Fi' component in the formula only exists to
compute clock cycles from the etu, which we don't need here.
Without this patch, the waiting time would be way too large (by a factor
of 372 in the default case).
Change-Id: Ia21bc7303f9b38834b5b1753983ed2a99bfc7d95
Related: OS#1704
The existing code started the timer once (and expired once) but didn't
properly handle re-starting of the timer. Neither did it handle
the 'half time expiration' case. If we want to call a function after
half the WT expiring, we must of course program the hardware for half
the timeout, and not the full timeout...
Change-Id: Ia999d97f835c27597fcd1cf7ac78bac0ab9c98c1
Related: OS#1704
Instead of using the timer/counter peripheral to handle the waiting time
and corresponding timeout, the USART peripheral internal timeout
mechanism is used.
This is particularly important for the SIMtrace board since there
(contrary to other boards) the I/O signal is not wired to a TIO pin
of the timer/counter block, and hence Rx/Tx data cannot reset that
timer/counter.
As a result of this migration, cardem is now supported not only on
owhw + qmod, but also on the simtrace board.
The guts of this change have been lifted out of Change-Id
Ibcb2c8cace9137695adf5fb3de43566f7cfb93b5 by Kevin Redon, which was
unfortunately touching various different topics at the same time and
hence was split up. Some improvements are the introduction of the
ENABLE_TX_TIMER_ONLY mode, which avoids the USART interrupt handler
getting hammered with TXRDY between release of RST and start of the ATR.
Change-Id: Ibcb2c8cace9137695adf5fb3de43566f7cfb93b5
Related: OS#1704
Those are already initialized at various transitions of the master
7816 FSM, but let's properly initialize them at start-up, too.
Change-Id: I81b2a8ef3284559164700d94717e4ccf008f53df
* enter ISO_S_WAIT_RST when RST is asserted
* enter ISO_S_WAIT_ATR only when we RST is released while in state ISO_S_WAIT_RST
Change-Id: I620333aa8d45561a8028b948955a27f667b58406
Fi/Di are not the index into the table, but the contents of the table
as resolved by Fi_index / Di_index. Let's clarify the terminology.
Change-Id: If364e08e7c9a3a9707e6d54b9267c6a7c088e415
The ISO7816 spec terms are well-defined, let's not abuse them. We used
to consider "Fi" as the "index into the table of F values", while the
spec actually considers Fi as the initial value for F.
Let's make sure we use the terms quite clearly:
* Fi and Di are the initial values for F and D
* F*_index and D*_index are the indexes into the ISO7816-3 Tables
Furthermore, let's track Fi separately from F, as e.g. the waiting
time definition only considers Fi as indicated in the ATR, despite
an actually different F value might have been negotiated via PTS
meanwhile.
Change-Id: Ieb2425e8380a81b79df7b2bd072902994e9c3ee7
Related: OS##1704
As we will soon introduce the distinction between Fi and F, we should
use uppercase letters, as lower-case 'f' is defined in ISO7816-3 as
the frequency, which is different from the upper-case 'F'.
Change-Id: Iaede621551520576e9b9af878fa46fbc88e59c2a
the simtrace board uses a bus switch not used on qmod and owhw to
switch the SIM between physical and virtual
Change-Id: Ieaf2ed4761fc3e04f33f9aac5c04a768c9a6f71e
Related: OS#1704
The comment didn't reflect the source. I checked all users and
the code consistently stores the waiting time in units of 'etu'.
Change-Id: I2bc4a7c19cee5fb487ad639ee48ecaea706f6172
Disable stack protector for all boards/apps by default, not only
qmod-dfu. Use 'make STACK_PROTECTOR=1' to enable.
This was recommened by Eric:
"I'd argue that we do not want this in general, since it adds canaries
to all functions that deal with buffers, and therefore impacts the
overall timing in a non determinstic way depending on inlining and
optimizations, while contributing nothing in non debug builds."
Related: OS#5081
Change-Id: I30ad97f231ea5b401def650bc9adc7e9f2770df0
Prevent build failure on debian 9, ubuntu 20.04, 20.10, where
bin/qmod-dfu-flash.elf does not fit the ROM.
Fixes: OS#5081
Change-Id: I9fffe4c323094679062428f41a4246b1c1b30ca2
This reverts commit 4a29f64cbe.
The code replicates to a large extent what is already present in iso7816_fidi.c
and I have serious doubts about the correctness of the computation in
its iso7816_3_calculate_wt() function.
Change-Id: I80dab4401d13306d573a6a35ce8729d2acc141e4
This reverts commit 4a58c08d67.
The code replicates to a large extent what is already present in iso7816_fidi.c
and I have serious doubts about the correctness of the computation in
its iso7816_3_calculate_wt() function.
Change-Id: I3f26da4e9aa8d7b0f4b4b7992269cf365a643ec7
* support Interrupt STATUS notifications
* use osmocom libusb abstraction
* use asynchronous URBs for interrupt + bulk
Change-Id: Ib04798572295f25477719124530b6584780c5b75
While this differs from tha naming in the schematics ({CLK,IO}_PHONE),
this matches the naming scheme used for USIM2 and the naming on other
boards.
Change-Id: I486b14260faec897e8c8698c4b7987bf36492497
this will become part of libosmocore since it it common to smart
card related projects (such as osmo-ccid-firmware)
Change-Id: I3d4c65d137fc4555fcb256443feadd1c695de73d
the SIMtrace board does not support the current card emulation
application because this uses a timer counter to handle the
timeouts, but on the SIMtrace board this is not connected to the
CLK signal
Change-Id: Idd09ea534179f0ede705573e1373dbd045c9828a
make V=1 can be used to echo all compilation commands, which is useful
because it allows IDEs to parse the gcc output in oder to properly index
the source files using the actual defines passed to the compiler.
Change-Id: I25c41dff89302a73ddd2a4aaba7cb14912fac3b8
For some reason undefined symbols were downgraded to warnings, which
means building a firmware that calls missing functions (= address zero)
was perfectly fine, which of course made development more exciting....
This applies to builtins, too, printf of one char gets downgraded to
putchar, which we don't have, so disable builtins.
Change-Id: I492f41ad4162b9d07b1881ae4aed019db2dff8b5
Call the script from the proper directory, and cd into the topdir on top
of the script. Fixes:
/build/contrib/jenkins.sh: line 71: contrib/prepare_upload.sh: No such file or directory
Related: OS#4413
Change-Id: Icbfaa5579aab887830ca90b24a2e322df8d98f4f
Don't create copies of firmware files with version strings appended in
the normal build. Only do this before uploading the firmware files.
I have verified that "make" before this change and
"make; contrib/prepare_upload.sh" after produce the same files.
Close: OS#4413
Change-Id: I118a4ff397a178281c26a6b98112fa66b6f049ab
Use .tarball-version from the topdir, because it only gets written there
when generating the OBS package. Remove the duplicate git-version-gen
script and use the one from the topdir to generate a version string if
building from the git tree.
Related: OS#4413
Change-Id: I4b197a218ab44632ff182ffbd72e15c2b20db341
Fix having the version set to UNKNOWN in all packages built by OBS. The
osmo-ci.git scripts generating the source packages to be built by OBS
generate a ".tarball-version" file with a version string like
"0.7.0.70-657c", but it did not get used because the path was wrong.
Related: OS#4413
Related: https://osmocom.org/projects/cellular-infrastructure/wiki/Git-version-gen
Change-Id: Ic0b06011a604beec7c1c907c2c6e4ae927456e2e
Fixes:
dpkg-source: warning: no source format specified in debian/source/format, see dpkg-source(1)
Related: OS#4413
Change-Id: I4c474547233ebb87a1246b01fbd7ff8879921c21
dfu flashing the ST12 was easy, but i was never able to
get ST34 into dfu mode. Changing the firmware so it resets
itself just like the octsim instead of starting a timer and
waiting for a reset from the host made it work every time for me.
Change-Id: Ida636ec925f40d6d56551f170150181350d03bbd
This renaming is to avoid any confusion with the osmo-remsim
project, living in its separate git repository.
The simtrace2-cardem-pcsc doesn't feature any 'remote' part. Rather,
it emulates the SIM card interface towards the device/phone/modem,
and forwards it to a local PC/SC card reader.
Change-Id: Ic15f0a89964a72fe3ab7a5145a073720f6207e24
The UDP based forwarding really only ever was a quick hack to
demonstrate the capabilities.
Meanwhile, we've had the proper osmo-remsim project implemented,
which provides a much more reliable and comprehensive way of
managing SIM card emulation devices (SIMtrace2, sysmoQMOD, ...)
and collection of card readers (sysmoOCTSIM or any other PC/SC
supported readers).
Hence, remove the "UDP forwarding part.
Change-Id: Ia4b9447b95872b6e0dda6dca644f1ed4a87355a0
We are not using any PIO interrupts from DFU mode. It's only used in
the main application firmware (verified by "git grep PIO_ConfigureIt")
Change-Id: Id1447af519df3183061f3d3f156a8dd84789af16
On Ubuntu 20.04 when builiding dpkg packages, even when cross-compiling
firmware, gcc stack smashing protection is enabled. Let's provide what
is minimally required in order to sucessfully complete builds on such
platforms.
Change-Id: Ic2f68f16b0730e7b5db17c30effc29a2909d1997
Closes: OS#4687
libosmo-simtrace2 traditionally had only supported blocking, synchronous
I/O, while other osmocom programs such as remsim-client used
asynchronous USB I/O.
Using async USB I/O for IRQ + IN transfers while using blocking I/O for
OUT transfers doesn't seem to work reliably, so we have to offer a way
to perform the OUT transfers generated within libosmo-simtrace2 in async
mode.
Change-Id: Ib8939bdb7f533cd20a34a30a97f12b782b9816c2
Remove OpenSUSE bug report link, set version to 0.0.0, make it build with CentOS 8 etc.
Related: OS#4550
Change-Id: I8595642bc07bf3044720942a0f1802448920cb50
This may be causing unwanted behavior while parsing the command
line arguments, as reported by some Raspi users.
Change-Id: I5b7db0795d16ab071e255c2c689e3b4872a933bb
Related: OS#4223
The original code assumes that calls to PIO_ConfigureIt() are only
made once e.g. during board start-up. Hoewever, we call those
at USB SetConfiguration time, when we know which particular hardware
function we are supposed to perform. This means that after the host
has issued SetConfiguration more than a given number of times, the
code will assert() due to overflow of the static array.
Let's check if we already have allocated an array slot for a given pin
and reuse that allocated array bucket rather than allocating new ones
for the same pin.
Change-Id: I0c46d4b51eeebd58a8786d65e31e7a84e65b6a8e
Related: OS#4454
If we do this, the resulting USB code will fail on any of the
USB-IF Chapter 9 tests. EP0 should not be reset.
Change-Id: I070faf4cb7029d3ccfa6c63f8f04aa0f02657536
In dispatch_received_usb_msg(), we ran into an infinite loop if a
too long messages was received on the OUT EP. Let's break the loop.
Change-Id: I5325ed15d3dd79a42f8dac34d618e86b9334c301
Closes: OS#4429
Reading the Unique ID from flash is a rather tricky procedure: After the
STUI command has been issued, we cannot read normal flash anymore.
Rather, the unique ID is mapped at 0x00000000. This is unfortuantely
also where the exception vector table is stored.
EEFC_ReadUniqueID() is already linked to RAM, which is good. Hoewver,
if an Interrupt happens between STUI and SPUI, then we try to access
the vector table and code from flash, which is illegal. We run into
a hardfault and stay there until the watchdog resets the processor.
Change-Id: I3c4fad55b47e9013f6615a331983b3989ca805a7
Closes: OS#4428
In Change-Id I7cdd3f9171dbed45de0089defe29d2b59044bd84 we introduced
firmware support for SIMTRACE_MSGT_BD_CEMU_CONFIG. The respective
host part was so far only implemented in osmo-remsim-client-st2,
but not in libosmo-simtrace2. Let's fix that.
Change-Id: Ia4822d360a271d2ce9725f761cb95de58663ac3b
cardem on the st2 has been broken forever and still does not work, so
stop uploading cardem binaries
Change-Id: I33828f799d41386afb3f8dcd9bb510902877e03f
As reported in https://osmocom.org/issues/4335, there appear to
be some cards / use cases in which the 512 byte sized ringbuffer is
insufficient. As we do have free RAM available, we can easily
increase the buffer size, despite not entirely knowing yet why
it needs to be *that* large.
Change-Id: Ie713d614ec5b334e9058d5d430e4bb660f5b8b69
Closes: OS#4335
this python script lists the SIMtrace 2 devices connected to USB
and will flash the latest version of the application (if necessary).
it requires pyusb and dfu-util.
it is intended for end users so they don't need to read the length
and error-prone instructions provided in the wiki.
TODO:
- support updating bootloader (once dfu-ram image exists)
- use python implementation of dfu-util to be python only
Change-Id: I3ebe0f54b6e3b7b45478603cc0a5b56e87b1f461
this adds the DFU as application, allowing to flash the bootloader.
a USB DFU alternative is added to flash the bootloader partition.
when the DFU is started as bootloader, the partition/alternative
to flash the bootloader is marked as "not available", and
ineffective.
the same happens for the application partition when DFU is started
as application.
this distinction is make at compile time, not at runtime, because
of size restrictions (the bootloader was already close to the
16 kB limit).
*_dfu_flash.bin should not be mixed with *_dfu_dfu.bin.
*_dfu_dfu.bin should be flashed as application using the already
existing DFU bootloader.
once this images is started (as application), the *_dfu_flash.bin
should be flashed as bootloader using the DFU application.
once the DFU bootloader has been flashed, soft resetting
(not re-powering) will cause the bootloader to start, allowing to
flash the application with a normal image (e.g. not DFU),
replacing the DFU application.
this switch to DFU only happens after downloading (e.g. flashing).
it is planned to have the DFU application erase itself after
flashing, but this is currently not implemented.
Change-Id: Ic273bb593a7669111b0219fe301d7897419167c8
In the end we want to share most of this, irrespective of the "APP".
Let's avoid unnecessary differences.
Change-Id: Icf063d4ca79edf66ffbe8e87a915deb77dec478a
This unifies the printing of the welcome banner, and it also ensures
that all modes print all information (serial number, reset cause).
Furthermore the APP and BOARD #defines from the make environment are
also printed.
Change-Id: I7e6bc05cee4b9ec0fd9a05dc90ce0b26a5763e5a
the code we used to have in libusb_util.c has been migrated to
libosmousb, a new part of libosmocore.git. Let's remove our historic
copy and use the new shared library instead.
Change-Id: Ib588c08f873c4da8f3a02815ee2767674a6a5061
The printing was always only done at the end of osmo_apdu_segment_in(),
so let's leave the decision up to the user if he wants to print the
state at every iteration or not.
We now provide osmo_apdu_dump_context_buf() to the user so he can obtain
a string representation of the internal state for logging at any time he
requires.
Change-Id: Id3e3cf1605dec84077b158c1c5715f8eef2641d5
This is a purely cosmetic change in terms of coding style, but it
fixes an [invalid] detection for unterminated value_string arrays
by our verify_value_string_arrays_are_terminated.py script:
Change-Id: I2f2370a673074f6bf5380106b6254b4aa1e8a792
ERROR: file contains unterminated value_string 'struct value_string iso7816_3_card_state_names[]': './deps/simtrace2/firmware/libcommon/source/card_emu.c'
ERROR: file contains unterminated value_string 'struct value_string tpdu_state_names[]': './deps/simtrace2/firmware/libcommon/source/card_emu.c'
This is a purely cosmetic change in terms of coding style, but it
fixes an [invalid] detection for unterminated value_string arrays
by our verify_value_string_arrays_are_terminated.py script:
Change-Id: Iee905c744065df1dc54f04be752a65700897a92c
ERROR: file contains unterminated value_string 'struct value_string change_flags[]': './deps/simtrace2/host/src/simtrace2-sniff.c'
ERROR: file contains unterminated value_string 'struct value_string data_flags[]': './deps/simtrace2/host/src/simtrace2-sniff.c'
If this feature flag is set by the host application, we will start
generating SIMTRACE_MSGT_BD_CEMU_STATUS towards the interrupt endpoint
on any changes to the SIM card status, such as change of VCC/CLK/RST
Change-Id: I832b4ac4aeb6152195d985067ffdd64fa5a7d4cc
Related: OS#4330
The new SIMTRACE_MSGT_BD_CEMU_CONFIG command can be used to set/change
a bitmask of optional features that can be enabled in the simtrace
by the host software. This is useful for enabling features in the
firmware which are not supported by older host utilities.
The firmware will return the actually set/configured features in
response.
The feature bitmask is not yet used anywhere; it will be by subequent
patches.
Change-Id: I7cdd3f9171dbed45de0089defe29d2b59044bd84
ch->pts.state is initialized every time we enter ISO_S_WAIT_TPDU
state, so there's no need to reset it at other locations. KISS.
Change-Id: I5ff8b2671c3c893cc5f6542d48b65487ae8c5be1
card_set_state(ch, ISO_S_WAIT_ATR) internally calls tc_etu_enable(),
so there's no need for the caller to do the same, too.
Change-Id: I2a2b4d64c40264623313a867957ffcefe57748f9
A function that is called to set the state should not in itself
contain logic to issue further state changes.
Let's shift the related block out to the end of card_emu_io_statechg(),
which is the only source of card_set_state() calls for the
WAIT_{POWER,CLK,RST} states anyway.
As an added benefit, the block of statements is now also executed if
there's no state change - something that was prevented by the
"if old == new" state guard at the top of card_set_state(). I believe
this may help us to cover more (non-standard) card activation sequences.
Change-Id: Ieefa1807099eb234cfd994bca83caaa0dcc919b6
We need to send zero-length packets on bulk endpoints whenever the
transfer size is exactly a multiple of the wMaxPacketSize.
See USB 2.0 Specification Section 5.8.3 titled "Bulk Transfer Packet
Size constraints."
Change-Id: Ice3842399d5a5c4a18383860f81074497c6e7c9b
Closes: OS#4331
When the Modem is asserting RST, the emulated card should set all
of its state back to default/initial values and release any buffers
it may still hold in its state.
Change-Id: I66eca6afe4ff7d900c5b75df1e3ec6d52f6ef214
Related: OS#4251
So far, we called card_emu_io_statechg() from interrupt context, which
was safe with the current code. However, as we want to trigger a more
comprehensive reset of data structures, including the flushing of
message queues, it is best to shift this processing from interrupt
context to main loop context.
Change-Id: I3983078396538f32bdff55611c41d2163be4d796
Related: OS#4251
Let's move all initialization of state that may change at runtime
to a separate function: card_handle_reset().
This has the advantage that the related function may also be called
at later/other instances, not just during initialization of card_emu.
Change-Id: I0954d192d001a3af5592010cc84a3a22aaf4b030
Related: OS#4251
We need at least one per IN/IRQ endpoint, as well as at least 3 for
every OUT endpoint. Plus some more depending on the application,
in case of cardem there could be one in uart_tx and one in uart_rx.
So for cardem, it should be 7 per slot, resulting 14 for dual-slot
devices like OWHW and QMOD.
Given that we have plenty of RAM available (utilization up from 49%
to 56% with this change), we can be on the comfortable size and
easily have 20 buffers for now.
Future MITM / triple-play applications likely need more.
Change-Id: I022ba3bb3e1f5fd0c364aafe1a23f8fd9b2d8499
Related: OS#4251
In Change-ID Ie15183f16b22193ffdaf01845db2eae4c7f43c17 we wanted
to limit the number of queue elements to 3, but actually implemented 4.
Change-Id: Ic5fb164f2dfd1c293c51bee8184fc34552267a54
Some boards like QMOD cannot simulate a virtual card insert signal
towards the modem (as the mPCIe connector doesn't have that signal).
In these situations, we were aborting processing of the related OUT
endpoint command and forgot to release the related memory.
Change-Id: I489097b7e332004e0f2beca0b22fa36d5d1d31b5
Related: OS#4251
This helps when debugging the firmware, as it shows the current
utliization of the 10-msgb-talloc pool.
Change-Id: Ib10c4396cd4c9c4a6257cf45886e367214787927
Related: OS#4251
As of Change-Id I1c8cca2f7f0f0070d7bf1ade676e035c45e4d5ab, a firmware
compiled without ALLOW_PEER_ERASE will not support resetting the hub or
writing to its EEPROM. Let's make sure to remove those options also
from the menu.
Change-Id: I3071332d85e6168947384ddc230298d3293e4668
If there are already three elements in the to-be-transmitted queue
for the EP, let's free the first element of the queue. This is a
clear indication that the USB host is not polling the endpoint
regularly. Maybe there's no host application running at all?
This should obsolete Change-Id Ie9ebdd2ff966f67c9afd1ed760f106558f0091ad
Change-Id: Ie15183f16b22193ffdaf01845db2eae4c7f43c17
Closes: OS#4251
the USB trace now respects the global setting.
the verbosity is also decreased, not showing USB activity unless
debugging.
this also saves some space.
the reset cause is now printed.
the strings increase the bootloader size, but it already exceeded
the 16 kB limit when trace level is set to info.
Change-Id: I9ba08d4bb4f188f6e7a202ea86acb7a42a2054f3
now both partitions (bootloader and application) use a commonly
defined memory location to shared the DFU state (which includes
the magic value to know which part to start), instead of using
a hard coded value.
the bootloader size has now also been restricted to 16 kB.
this limitation is enforced so to not be able to create larger
images, which could be corrupted when flashing the application.
bootloader and application flashing have been successfully tested
on qmod st12 and st34.
Change-Id: I204bed7e9391602672ed894decec1fc12e879275
this will help seeing how much free space is available for the
bootloader (which is restricted to 16 kB)
Change-Id: Ie74a1480c2f340765046be9bdfc3a8c4ba851e9b
There's no point in building a DFU loeader that is to be flashed
via DFU - nor is there really any need for regular cardem/trace
that can be flahsed directly without DFU. If anyone needs those,
they can still build them - but let's not confuse the average other
user.
Change-Id: I0abe86c6a942a59e5b2417d0532dffae654d7a18
Closes: OS#4087
"SIMtrace 2 compatible device" is pretty generic. Let's have the
actual board name inside the string descriptors, giving a more
user friendly experience in case users are issuing 'lsusb' and the
like.
Change-Id: Ibcc338b504bd2a1605e31d7f5eadb7161f547c6a
This string dates back to some very early naming; let's reflect how
we have been calling this in reality for quite some time now.
Change-Id: I5a7497188385706a1e924784073c619fa9bfdd60
The code in board_main_top() for QMOD blindly re-assigned some
members of the usb_strings[] array, writing to index 7 and 8.
However, that array only has those entries in the main firmware,
while in DFU that array has only 6 entries. Depending on whatever
the linker has decided to put in the next memory location after
that array, we would overwrite that very early during boot-up.
Change-Id: I59e4e1a54e819808d5a8259a6d14f4b970a90020
Related: OS#4302
when starting the DFU bootloader, but USB configuration (e.g.
enumeration) failed, the MCU restarted in the main application.
this occured after a DFU detach and were the USB host missed the
USB reset.
now after MCU reset, the bootloader is started again, since this
is what was requested to begin with.
the bootloader will always restart in the bootloader until USB
enumeration succeeded.
this boot loop can be stopped by unplugging/removing power from
the device.
Change-Id: I4062a7d8a7934af2119c169759b614dc45990651
the specification requires a reset duration of at least 10 ms.
reset is indicated by the device to the host by removing the
pull-up on D+ (host to device reset is a USB packet).
we used 20 ms, but on some setups (USB host, stack, hub, and load
dependent), this does not seem to be enough (no USB enumeration
was performed afterward, at least for the DFU bootloader).
increasing to 50 ms solved the issue on the affected setups.
instead of USB suspend, the more proper USB disconnect is used.
this mainly disables the pull-up provided by the USB peripheral.
USB activate is not required since the follow up initialisation
takes care of it.
Change-Id: If5ceb3b8f7a8f134d4439fdd138dd12b46589f97
This is the shortest and simplest ATR possible according to the
ISO 7816-3 spec.
It does not offer any non-default parameters (F, D, WI, ...)
Change-Id: I4ff41b5120bcadca652296f9d3691f7606be2bd2
this ATR does not encode any data and uses all defaults.
the lower default speed is also better handled by the hardware.
handling faster speeds is upcoming.
Change-Id: I5a4f2f94bea1a15aedbef5a6f2f49344387dc11d
monitoring the state changes of the VCC and nRST lines is required
to correctly detect warm and cold reset
Change-Id: I72099956332724f84226e1495fdc5a5b1a034695
else it's too nosy while debugging other components, not often
used, and break the flow since it does not and a line.
Change-Id: I8920ff7c33b4c9fb174bb31a29334a63fcbede43
the longer output is to fast and often incomplete.
the shorter version is enough to view the progress when not
debugging.
Change-Id: I97bb84da68d1f3bc14fb7c05400edf1748f55460
Make building the debian packages work again. I've verified that it
works in my own OBS namespace.
This patch also adds missing pkgconf variables in host/Makefile.am, so
libosmo-simtrace2.pc installs properly.
Related: OS#4283
Fixes: 964cda309d ("host: use autotools and split shared code to libosmo-simtrace2")
Change-Id: I2377de1e8b149520922217a1ab16f6e22fe6462a
Fixes:
simtrace2-sniff.c:113:4: error: format not a string literal and no format arguments [-Werror=format-security]
printf(flag_meanings[i].str);
Change-Id: I9793c680f070e724ce89272e9e489963c7516d52
on the QMOD board the VCC signal from the modem is measured using
an ADC (SIMtrace board just use card detect).
the threshold to consider VCC as activated was set to 2.8V, which
gives a bit of margin for the expected 3.0V.
still, we had one board where the voltage was 2.8V.
to be resilient against lower than expected voltages from
modems (or boards), we lowered the threshold to 2.5V.
this is still save for the SAM3S to correctly identify high/low
levels.
Change-Id: Iac2778903690045e4e63fef29f812205d00c28ed
when the reader sends APDU headers (e.g. after multiple reset),
messages are queued for USB transmission.
but if no host software is connected to SIMtrace in card emulation
mode, the USB message queue is not emptied, leading to the memory
getting full and preventing allocation for newer messages (e.g.
more recent APDU).
in this case the oldest queued message is now dropped to free some
memory.
Change-Id: Ie9ebdd2ff966f67c9afd1ed760f106558f0091ad
in case flashing the main application firmware using DFU failed,
the main application might be broken and not allow to switch again
to DFU mode to re-flash it correctly.
the other board have a way to force entering (e.g. staying in) the
bootloader using an external signal (e.g. a switch on the SIMtrace
board).
the OWHW DFU firmware did not have this functionality implemented.
the design (e.g. schematic) already has the SIMTRACE_BOOTLOADER
signal (on PA31) for this purpose.
now the DFU bootloader will start the DFU mode when the
SIMTRACE_BOOTLOADER is high.
this change has been tested on OWHWv2.
Change-Id: Iefff51a811ad0f3bf3a46b8e256b905d11344bea
as for the main application firmware, the DFU bootloader firmware
now also has the unique chip ID as iSerial in the USB description,
and an additional empty USB configuration indicates the firmware
version (e.g. DFU bootloader version).
these are only visible when the device is in DFU mode.
Change-Id: I11a2cd8079fda374d816da180f39f1c33d10af60
ISO-7816 specifies a card activation sequence: VCC on, CLK active, then RST
release.
we now check for the end state at every state of the activation in case the
reader does not strictly follows the sequence.
change has been tested on OWHW slot 1.
Change-Id: Ie55505ab3a70cbd64281af40af53d5e120313228
previously the card RST, VCC, and CLK signal states have been initialized with
default values corresponding to an inactive reader.
this worked fine for actual inactive readers since the default values match
and would be updated when the signal changes (edge detection).
but if the reader is in another state, card activation detection could fail.
this is fixed since the actual signal values are now used during initialisation.
at the same time I changed the variable type from uint8_t to boolean since they
have only two possible states, and understanding the actual state when coding
is simpler (no need to check which integer corresponds to which state).
this change has been successfully tested on the 2 slots of OWHW board.
Change-Id: Ie9245d75d48ae93d16f97897d4fa5ad6cd402e73
the OctSIM tester has only one amber LED.
this is now mapped to the normally green LED, used for activity.
because the LED is driven by an NPN transistor (as open collector)
instead of being directly connected to the pin (as open collector)
like on the other boards, the logic is inverted.
since normally the LED is on on idle and blinks during activity,
it will now be off on idle an only blink on activity (unless the
code is extended to cope with the possible inverted logic).
because there is no second LED but the current code requires one,
I mapped is to an unused pin.
the octosimtest target still does not compile completely, but at
least the LED issue is fixed.
Change-Id: I1296833bef2804c611640fcf4756e47905660e7b
the LEDs (2 of them) were connected to the same pins on all
boards, up to the octsim-tester.
to be able to have board specific LEDs the definitions have moved
from common to the each board.
at the same time I added a bit of documentation what the LEDs are
used for.
Change-Id: I3226a9187a8d0b657ccf5dcd8f3586b2578f96d2
SIM_PWEN and VCC_FWD are signals specific to the simtrace boards.
the corresponding pins PA5 and PA26 are used for other signal
on the octsim-tester.
Change-Id: I51f37dd112cf681f4b1dbb3d2320ff9a697eaa08
previously the version string was in the iConfiguration field of a
dedicated USB configuration.
this configuration had no interface, but the USB specification
requires at least one interface.
an interface has been added to this configuration.
the version string is now in the iInterface field, and the
iConfiguration field contains "firmware version".
the USB specification does not require an end-point, and none are
present.
Change-Id: I99361e313979711f4f45ad424a52faa3ddd7c558
disabling the ERASE pin prevents accidental erase for the flash
memory while the board is powered on (e.g. in case the user
overcomes the weak 100 kOhm pull-down for more than 220 ms by
touching or shorting the pin).
the flash is still erasable using the ERASE pin during power up.
it is only disabled after boot completed.
Change-Id: Ic3332eb1d4247a07988b2fd841f40e79862d06a7
The most recent commits introduced 'C99' syntax by declaring variables
inside the 'for' statement itself, rather than before.
This resulted in compile failures in the Ubuntu 16.04 builds on
build.opensuse.org:
[ 105s] libcommon/source/usb.c: In function 'SIMtrace_USB_Initialize':
[ 105s] libcommon/source/usb.c:679:2: error: 'for' loop initial declarations are only allowed in C99 or C11 mode
[ 105s] for (uint8_t i = 0; i < ARRAY_SIZE(device_id_string) - 1; i++) {
[ 105s] ^
[ 105s] libcommon/source/usb.c:679:2: note: use option -std=c99, -std=gnu99, -std=c11 or -std=gnu11 to compile your code
[ 105s] libcommon/source/usb.c:686:15: error: redefinition of 'i'
[ 105s] for (uint8_t i = 0; i < ARRAY_SIZE(git_version) - 1; i++) {
[ 105s] ^
[ 105s] libcommon/source/usb.c:679:15: note: previous definition of 'i' was here
[ 105s] for (uint8_t i = 0; i < ARRAY_SIZE(device_id_string) - 1; i++) {
[ 105s] ^
[ 105s] libcommon/source/usb.c:686:2: error: 'for' loop initial declarations are only allowed in C99 or C11 mode
[ 105s] for (uint8_t i = 0; i < ARRAY_SIZE(git_version) - 1; i++) {
[ 105s] ^
[ 105s] libcommon/source/usb.c:692:15: error: redefinition of 'i'
[ 105s] for (uint8_t i = 0; i < ARRAY_SIZE(usb_strings) && i < ARRAY_SIZE(usb_strings_extended); i++) {
[ 105s] ^
[ 105s] libcommon/source/usb.c:686:15: note: previous definition of 'i' was here
[ 105s] for (uint8_t i = 0; i < ARRAY_SIZE(git_version) - 1; i++) {
[ 105s] ^
[ 105s] libcommon/source/usb.c:692:2: error: 'for' loop initial declarations are only allowed in C99 or C11 mode
[ 105s] for (uint8_t i = 0; i < ARRAY_SIZE(usb_strings) && i < ARRAY_SIZE(usb_strings_extended); i++) {
[ 105s] ^
[ 105s] Makefile:227: recipe for target 'obj/simtrace/flash_usb.o' faile
Change-Id: Ibdb837ac105664484b10873c2c0d9561051b1c2a
the device ID (unique to the micro-controller) is now displayed in
the USB iSerial descriptor.
the git version is now also displayed in iConfiguration in an
additional (empty) configuration descriptor.
this allows the user to quickly get the device hardware serial and
firmware version just by using lsusb (no need for a custom USB
software).
Change-Id: If9fadecc097ca3e006990160936bf11b22eae4e0
the jenkins script will now upload the versioned output to the
all directory, and a copy named "latest" in the latest directory.
Change-Id: I70114ef8414779e369da5cbf945854c9ace3464e
We recently introduced ALLOW_PEER_ERASE to control if the firmware
should contain code for the SAM3 to reset each other on QMOD.
Let's use the same define to also remove code for putting the USB
hub into reset as well as code for erasing + writing the hub EEPROM.
This is needed only during production, but it shouldn't be enabled
during normal operation of the product at the end user.
Change-Id: I1c8cca2f7f0f0070d7bf1ade676e035c45e4d5ab
adds command 'a' to allow setting/asserting the peer SAM3S ERASE
line on the next command.
this prevents against accidental erase since only the command 'y'
was required, without confirmation.
this could happen not only through accidental user input, but
noise on the serial line (noise would still cause other issues,
but at least now it will not "brick" the device).
now the sequence 'ay' is required, as any other command following
'a' would clear the permission again.
note: since ERASE is only setting a GPIO within this command
parsing function, not accidental function pointer problem calling
'board_exec_dbg_cmd' should cause accidental ERASE since it would
need to be called two times with the exact sequence
Change-Id: I06bfeaef09a397bd554bec84321e0dd64ccc3aac
The freq_ctr app is a small application that is implementing a
simplistic direct-mode frequency counter using the internal 32.768kHz
oscillator and two TC blocks. One of them is used to generate a 1Hz
signal, which is then subsequently used by the other TC to trigger
a counter read after exactly 1s.
This is in itself not something useful on a simtrace2 device. However,
it is a separate 'app' and I prefer to have the code here in master
over some obscure branch that's easy to forget about.
Change-Id: I2249bfb8dd6a88d85d406f3b33537377133d0939
This is a general purpose evaluation board, and it makes sense to
support it particularly for the DFU bootloader.
Change-Id: I85aea8f1441158f991493c5fc767fdcad405545e
this just adds the name of the TPDU state on top of the state number.
the ISO state is cleaned up accordingly
Change-Id: Id5104a2c3579dedb092c179748e9ed525673841c
the TDPU response data size can be up to 256.
this length cannot be stored in a uint8_t, which would cause the
length to become 0, no data being send, and the reader reset the
card because of misbehaviour of the card (i.e. no/malformed
response leading to the timeout of the waiting time).
Change-Id: Iae7671085aaa3115a02d82530dd7a0e7e2d4155e
RPM post-build-checks found some issue and marks these as error:
[ 61s] I: Program returns random data in a function
[ 61s] E: simtrace2 no-return-in-nonvoid-function simtrace2_usb.c:88
Change-Id: Id16fb7fc4f13176b2b6443af02a5848d8fcfb069
What we're doing is actually legal: We copy the full size of the
destination array, and then overwrite the last byte with NUL. However,
gcc isn't smart enough to see that:
libusb_util.c:162:5: warning: ‘strncpy’ specified bound 20 equals destination size [-Wstringop-truncation]
strncpy(out[out_idx].path, path, sizeof(out[out_idx].path));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Let's copy one byte less to make it happy.
Change-Id: I30ddacdc73e5245c7c38b92d1e94e39b13fae7d3
The host utilities use libpcsclite, and the missing build dependency
causes build failures in our nightly OBS builds since commit
faf1e88e48 was merged:
[ 131s] cc -o simtrace2-remsim simtrace2-remsim.o apdu_dispatch.o simtrace2-discovery.o libusb_util.o -Wl,-z,relro `pkg-config --libs libusb-1.0 libosmocore` -pthread `pkg-config --libs libosmosim libpcsclite`
[ 131s] Package libpcsclite was not found in the pkg-config search path.
[ 131s] Perhaps you should add the directory containing `libpcsclite.pc'
[ 131s] to the PKG_CONFIG_PATH environment variable
[ 131s] No package 'libpcsclite' found
Change-Id: I29adfc629e5e4ffd0bf8b9035ef9138fe7693d96
remsim also needs libpcsclite
`pkg-config --libs libosmocore` and -losmocore are duplicates
`pkg-config --libs libosmosim` is equivalent to -losmosim
pthread it needed (by most applications) for static compilation
LDFLAGS+= allows static compilation when running
LDFLAGS="-static" make
Change-Id: Ic7bd6f2be074d6f652d4f84f4996c8588ea5f851
the EEPROM byte output was causing data loss on the serial output,
resulting is automatic tests failing.
instead an end text will be output to detect the end of the procedure.
Change-Id: Ib8d3cbd01d0e34432d424355f4fafb24bc5273a1
the error code returned by vsnprintf was ignored,
resulting in printing the string from a previous print.
Change-Id: I8506b05d56da55d1357a1234917adf341b46e1db
Wformat requires uint32_t to be used in format string with the 'l'
qualifier (l = long = at least 32 bits).
this qualifier was not handled before.
since on ARM 32-bit int == long we can simply ignore it (stdio
already does not support 64-bit data).
Change-Id: Ib506a66f68712c6b3eeb5129a39abf47ec86a2a7
the higher baud rate allows for more debugging (without dropping
data) and is well supported by USB for UART adapters (this
standard baud rate is 8 x 115200).
the closest matching integer value is calculated for UART CR.
no floating point calculation can be used since this would
increase the size of the resulting binary by ~ 2kB (for the
softfp). this is not possible for the DFU since it already is
close to the maximum size of 16 kB.
Change-Id: I82b74f697342d580ccb79ada4715f35f4e8cca86
UART baud rate is main clock (MCK) divided by CR*16.
The MCK values are chosen >= 48 MHz and <= 64 MHz to have a near
integer value CR for a baud rate of 921600 bps.
The end MCK frequency between simtrace and qmod differ slightly
but are close to 58 MHz.
Change-Id: Iaa4a97fc68494c93b9d128503515d88049de506c
There's still no released libosmocore defining the GSMTAP_TYPE_SIM
sub-types (Change-Id: I5bd0dff5a4a90cfe96d9c4f3dec6657e1d85bf7a
dated Jul 26, 2018).
Let's make sure users don't need an unreleased version of the library
if it's only about a few #defines that we can just copy here for
backwards compatibility.
Change-Id: I2fd9e14873711d60f194bb404420bbfbb0a00f48
This reverts commit 77ff745cca.
libosmocore 0.12.1 is not recent enough, I misread the 'gitk' output.
Change-Id: I87a8e5bbb4aea0c991abe5372f840d76f17378eb
This fixes a bug, identified by the below compiler warning:
libboard/owhw/source/owhw.c: In function 'cardsim_gpio_init':
libboard/owhw/source/owhw.c:39:16: warning: passing argument 1 of 'PIO_Configure' from incompatible pointer type [-Wincompatible-pointer-types]
PIO_Configure(&pins_cardsim, ARRAY_SIZE(pins_cardsim));
^
In file included from ./atmel_softpack_libraries/libchip_sam3s/chip.h:45:0,
from libboard/owhw/source/owhw.c:20:
./atmel_softpack_libraries/libchip_sam3s/include/pio.h:189:16: note: expected 'const Pin * {aka const struct _Pin *}' but argument is of type 'const Pin (*)[2] {aka const struct _Pin (*)[2]}'
extern uint8_t PIO_Configure( const Pin *list, uint32_t size ) ;
^~~~~~~~~~~~~
Change-Id: I4c1de66c0b8475bb355b1d128f6ec88b2f2a7fcf
There have been tons of format-string related bugs in our code which
we never discovered due to disabling -Wformat. Let's fix that.
Change-Id: I5ec466361bcc526fac1f4897673264ee5af3458b
the upload failed because after the firmware were built (make),
they where removed (make clean).
now they are removed only after the upload.
Change-Id: Ie4421a6fa9207eb541107de9c14f265626f6be96
repeating the EEPROM erase (byte write) in case of byte write failure
could lead in an infinite loop.
log the error an return error code instead.
Change-Id: Id6f3654d877ca772ba04237da91a6e86e3f441ec
the script argument was not saved in the publish variable used later
to decide if publishing/uploading is needed.
Change-Id: Ic768a8e96e5e4d72acf3979da1412d683f79ec55
USB reset can be signaled by pulling low USB D+ for at least 10 ms,
according to the USB specification. This force a re-enumeration.
This time is increased to 20 ms to work with more USB HUBs.
Some SAM3S based board have external D+ pull-up mechanism (such as
SIMtrace) which needs to be used to pull D+ low.
This is a legacy mechanism from SAM7S history.
This mechanism is not required anymore on the SAM3S, and the qmod
does not use it. When the USB HAL is suspended, the transceiver is
disabled, causing D+ and D- to be pulled low. Then the HAL is activated
again. This is particularly required when DFU is started (and
enumerated), and after flashing the SAM3S switched to the main
application (without reset), so it can properly re-enumerate.
This board difference is now defined on the board header.
Change-Id: I9b58d8101c2fcf5595026b675728826af26127a3
moving the define after the header fixes the following warning:
from ./atmel_softpack_libraries/libchip_sam3s/source/exceptions.c:46:
libcommon/include/stdio.h:63:12: warning: redundant redeclaration of 'printf_sync' [-Wredundant-decls]
signed int printf_sync(const char *pFormat, ...);
^~~~~~~~~~~
./atmel_softpack_libraries/libchip_sam3s/source/exceptions.c:45:16: note: previous declaration of 'printf_sync' was here
#define printf printf_sync
^~~~~~~~~~~
libcommon/include/stdio.h:51:12: note: in expansion of macro 'printf'
signed int printf(const char *pFormat, ...);
Change-Id: I21a8de325e8f8b91297dd157f2d6a0f64434bb28
firmware binaries should be uploaded to
https://ftp.osmocom.org/binaries/simtrace2/firmware/
this directory wiki be documented in the SIMtrace 2 wiki for users
to get the latest firmware images without having to cross-compile
themselves.
Change-Id: I589531f59e54a0997b012bdd91e3bef9f847f517
After a couple of seconds of USB data exchange between remsim and
cardem, the USB transfer hangs.
On host side (remsim) I can see the USB BULK IN request.
On device side (cardem) I see that data has been submitted and
"sent" over USB, but on wireshark with USBmon I don't see the
corresponding USB BULK IN response.
When exiting remsim or just after powering of qmod (causing an
error in remsim) the USB BULK IN is show in wireshark. Thus it
must have been in a buffer, but not read by libusb_bulk_transfer.
By shortening the timeout a new libusb_bulk_transfer is made more
frequently, and the data gets read successfully.
T;his change also fixes the URB data display.
Change-Id: I1d124a41cc90893506933f6d76dc7331e52a74f9
osmo_hexdump is particularly useful.
previously it was only defined, but not implemented.
this cause random behaviour upon call, often resulting in
memory corruption.
Change-Id: Ifd9120fa951f41693903fb657d10826959f1599f
The default ISR (particularly the HardFault handler) print information,
but this information was not displayed on the console because the UART
IRQ is lower than some default blocking IRQ.
Allowing to set synchronous transfer corrects this.
The underlying Atmel exception library had to be modified to use the
synchronous output.
Making UART_PutChar always synchronous when called from an ISR is not
desired because we use TRACE_ macros is some ISR. The synchronous
output must be set explicitly.
Change-Id: I1b4ace5185cf2dc32684934ed12bf6a8682e9bad
The slot number is in the header, and correctly set in st_push_hdr.
Setting the slot in st_slot_tx_msg will overwrite the payload data.
This caused bytes three of the ATR to be changed from 0x96 to 0x00,
corrupting the ATR. This corruption is caught by the ATR checksum,
and the modem would reset the card (2 additional times) to try to
get correct ATR.
Change-Id: If971699993617fc50557d20582c344ea06645a3f
this changes how ATR is handled.
the ATR is also printed when set (as important debug information).
the test is also updated to correspond to the new mechanism (
simulating the timeout before sending the ATR)
Change-Id: I69df797e2feadffa9f5f977cb71b69386cee7cd0
a lot of the procedures are done in ISRs, but the watchdog is only
reset in the main loop.
this causes frequent reset, particularly at the beginning were
states have to the initialized.
Change-Id: Iad364444fca9d18f9a8cf47d5e0840ccd7bac2ef
In case of error it also ensures the returned value is NULL.
Else a segfault would occur because the caller (e.g. remsim)
continued on with a free handler.
Change-Id: Ie7f20e3eff03acf77eb08283747ca8e032b9b4c8
The previous mechanism of retrying a failed write could become a
infinite blocking loop (until watchdog tiemout).
Also the array size is used to know how much data to write and verify
instead of a constant.
Change-Id: I8d2d090c5f4d1195f4c7eb29b3958a7bb05f56ec
The Atmel AT24C02 defines a maximum tWR waiting time after a byte
write of 5 ms before a next write.
Enforcing this wait time also fixed the failed verification in qmod,
where it was reading 0xffff instead of the written value.
Change-Id: I42c90b8d0329e425f275067e87d584212a43a90b
the msg->l2h pointer was not set but used later on, e.g. in
dispatch_usb_command_cardem, case SIMTRACE_MSGT_DT_CEMU_SET_ATR):
> case SIMTRACE_MSGT_DT_CEMU_SET_ATR:
> > atr = (struct cardemu_usb_msg_set_atr *) msg->l2h;
> > card_emu_set_atr(ci->ch, atr->atr, atr->atr_len);
l2h is by default 0, thus not pointing to the actual message l2h.
I wonder how cardem worked worked before with this issue though.
Change-Id: Ifbb53dbf478d8dade82251f769e78e1306e77434
when building the cardem application GCC would output the following warning:
libcommon/source/card_emu.c: In function 'card_emu_process_rx_byte':
libcommon/source/card_emu.c:764:2: warning: enumeration value 'ISO_S_IN_ATR' not handled in switch [-Wswitch]
switch (ch->state) {
^~~~~~
in card emulation the reader should not send data while the card is
sending its ATR.
this is true for other states already handled (RESET, ...). in
these cases an error message is output.
this behaviour is now the default case as data from the reader is
only expected in 3 cases: ISO_S_WAIT_TPDU, ISO_S_IN_TPDU, and
ISO_S_IN_PTS.
Change-Id: Ifbc8dbe1c9f176343304f211c7e6068fb977961e
when building the trace app for the simtrace board gcc was outputing
the following error:
libboard/common/source/boardver_adc.c:20:17: warning: 'adc2uv' defined but not used [-Wunused-function]
static uint32_t adc2uv(uint16_t adc)
adc2uv is used by qmod, and defined in two places:
in boardver_adc.c and mode_cardemu.c.
this change will have adc2uv only defined in boardver_adc.c and make
available in the header to be used by mode_cardemu.c.
Change-Id: I8a772638fa8dd02d8bc8b7631de5af5a22647c55
When the host does not retrieved the USB messages, they keep getting
queue in the firmware, filling the RAM, and preventing further memory
to be allocated.
Change-Id: I0e447acdf757dcb5dc5c4d8b84a4235866914cad
linker warning:
obj/simtrace/dfu_sniffer.o: In function `usb_send_data':
/media/data/work/simtrace2/simtrace2/firmware/libcommon/source/sniffer.c:338: warning: undefined reference to `putchar'
Change-Id: I934f3fcb474d4046e921511a024c3a0b8533c782
The red and green LEDs are now used as follows:
- red on = power (firmware is running)
- red blink = error detected (e.g. during ISO-7816 parsing)
- green on = running (sniffer mode is running)
- green blink = activity (e.g. USB message sent)
Change-Id: Ib1b6ff87fb92d6ed3ecae4bc89386206aaab508e
when the host software does not retrieve the USB messages the memory
is filled and no new USB messages can be allocated, preventing the
following code to print the message
Change-Id: Ie8946894a84cb853b45555f7abb1ca6f32111425
TRACE_INFO will also provide the DFU start reason, but TRACE_INFO
(TRACE_LEVEL >= 4) should only be used for debugging.
WARNING: With TRACE_LEVEL >= 4 the DFU binary is over the maximum of
16 kiB allocated for the DFU bootloader.
Thus make combined will not boot the main application because its
start if after the expecte 16 kiB address; and flashing using DFU
will overwrite the DFU bootloader itself.
Change-Id: I82323e0f76c03f67df7dc8f2b6783166cc25f3aa
The qmod does not have a separate force button as simtrace has.
Instead it check is TX and RX of UART are shorted using PIO.
If the pins are not set back to the UART peripheral, the TRACE/debug
console output will not work anymore.
Change-Id: Id434b49909d6395a2f93a00f39d2d770a5725466
The DFU uses the UART peripheral (with IRQ/ISR) for the debug output
console. Before starting the main application we should make sure
this configuration is reset to avoid interference (particularly the
IRQ/ISR).
This is not too important though since the main application
reconfigures the UART for console output.
Other peripheral could also be disabled (e.g. all other PIO used
by DFU), but most of them also get configured by the main application.
Change-Id: I8234d1b85938ad6393094c08183f613ad09ee01b
The stack size is fixed. The linker script puts the stack section
after the bss section. The initial stack pointer is not at the
end of the RAM (as often seen).
Thus the initial stack pointer address of the main application
is different than the one from DFU. When starting the main
application the stack pointer needs to be set to the new value.
If this is not done the main application stack may overwrite the
data in bss, even without exceeding the fixed stack size.
Change-Id: Ie354d603fe302d3d5bdfa9c31575411de722323b
In the SIMtrace and QMOD schematics the LEDs are connected to +3.3V.
Thus to switch the LED on we need to set the pin low.
Change-Id: Id8cc27e6f0b6556ba5e7ea4d254dd0fe59042a0c
the waiting time (WT) is used to detect timeouts (e.g. for
unresponsive card or just to signal an error/NAK). it is essential
to detect to timeout to end current data transfer (e.g. change state).
by default (after a reset) to timeout is 9600 ETU, but this can change
at two places:
- after the ATR using the value of TC2 (if present)
- after a PPS (only F is used, and not D)
because the timeout value can be larger than the 16-bit of the USART
TO register, an external variable needs to be used for the count down.
Change-Id: I9735660ffce161cec8d4e63fa60a66fc8ef57525
Handling the USB message queue is done in an ISR and take quite some time.
This can cause a USART/SIM sniffing buffer overrun, resulting in data loss.
By setting the USB IRQ lower than the USART IRQ, the USB ISR can be
interrupted (for short) and no data gets lost.
Change-Id: I870a0aa8e251bbb53249c54bfcaa45de5b5a9486
don't wait for space to be available in the buffer since since would
prevent from processing non-console (e.g. debug) more important data
Change-Id: Ia625b09eb30bb7b43edd3989f697d8ef33200f28
Use USART 0 connected to the SIM card side to sniff the communication.
The card side can also measure ETU times.
Do proper pin initialization.
This code can already capture the ATR communication between phone and card.
Change-Id: I0597ec723cb2225540c89c3821b91d8a45adfcd6
because the applications share the board capabilities defined in
libboard/*/include/board.h and USB configurations are enabled according
to the previously defined capabilities in libcommon/source.usb.c, all
applications actually offer the same functions.
thus creating the trace application is only mainly a cosmetic change, as the
sniffer function will also be present and enabled in the cardem application.
Change-Id: I24b3500a0905cbd622507722280b3c7e7f188bde
In commit eac1bec428 we start to use the
ringbuffer inside the console printing code. As a result, we must not
use TRACE_*() or printf() from within ringbuffer.c code to avoid
infinite recursion.
Instead, let rbuf_write() return a negative return value in case the
ring buffer overflows. This way, the callers (outside the
console/stdout code) can print an error message themselves.
Change-Id: Ib009f013be119dbad22fa2b7d60ec8dee59baee5
This is required to make python pexpect.fdexpect happy, as it
requires that all characters are echo-ed back in order to detect
when the output of a given command starts.
Change-Id: I73b24e43f6c8b86a2766aba67d8307c184448aa0
the curent local copies of libosmocore headers + source is a temporary
hack anyway. We should instead rely on a system-wide install of
libosmocore cross-compiled for arm-none-eabi. But leave that as a
second (later) step beyond this patch.
Change-Id: Ia63fd842d45a2b404233b4326050e7eda0604cf0
This fixes the following compile error:
apps/dfu/main.c:73:3: error: 'for' loop initial declarations are only allowed in C99 or C11 mode
for (unsigned int i=0; i<len; i++) {
^
apps/dfu/main.c:73:3: note: use option -std=c99, -std=gnu99, -std=c11 or -std=gnu11 to compile your code
which was recently introduced in b73f0a00bc
Sometimes descriptor string 0xee is requested.
This is a mechanism used by Microsoft Windows to further identify the USB device.
Instead of stalling, as is the original code, leading to an USB reset, we send an empty packet.
I am not sure if sending an empty string would be better, but an empty packet seems sufficient.
During DFU download the destination start address is checked to not exceed the
RAM or flash end address, but it is also necessary to check if the end of the
data to be downloaded is also within the allowed range.
When downloading to RAM it is also necessary to check if the data to be
downloaded does not overwrite (i.e. corrupt) the stack.
fixes following warning:
libboard/common/source/board_cstartup_gnu.c:137:11: warning: assignment to 'void (*)(void)' from 'unsigned int' makes pointer from integer without a cast [-Wint-conversion]
appReset = pSrc[1];
the __attribute__ ((format (printf, 1, 0))) declaration remove the following
compilation warning:
warning: function 'osmo_panic' might be a candidate for 'gnu_printf' format
attribute [-Wsuggest-attribute=format]
osmo_panic_default(fmt, args);
The original board startup script is provided by Atmel.
It has been modified to handle application or DFU booting.
The copyright notice has been updated to reflect this change.
e.g. in CCID mode we need to treat class-specific control requests,
and we want to do this in a way how the CCID code doesn't need to
understand about DFU.
Each board can define its own conditions on which the controller should
boot into DFU mode rather than normal application mode. Let's move the
"UART loopback jumper" to QMOD specific part. For SIMtrace we have an
actual button and can use that in a future patch.
The logic to detect if the respective module is already initialized
or not was broken. When performing initialization, we of course need
to set initialized=1.
the */usb_strings.txt files always assumed that the first line is the
manufacturer string, followed by the product string in the second line.
However, the enum strDescNum had it the other way around. Let's fix it
by adjusting the enum to reality.
Fixes: SYS#3591
USB addresses change every time the device re-enumerates, while the path
reflects the physical topology of USB connections and stays persistent
unless the usb cabling is changed. Let's allow the user to specify the
path instead of the address to uniquely identify a given slot.
It seems that sometimes we get even an LIBUSB_ERROR_IO and failing on
errors breaks the application, while ignoring it works. Not sure why
that really is, but for now it increases reliability.
as soon as simtrace2-remotesim is started, we issue the command to
instruct the use of the remote SIM card and ask the modem to reset
itself (to start using the new remote sim).
msg->l2h should always point at the first byte of the header after the
generic simtrace header. For some reason this doesn't work if used
globally, but it is required for the MSGC_MODEM messages to be
interpreted correctly.
In current implementations, we have one interface (with it's own
separate set of USB end-points) per slot. However, the USB protocol
already includes a slot-number in the header to be able to remove that
restriction in future versions.
Also, if the USB protocol is used remotely over a network, then we could
multiplex differnt slots from different USB interfaces into one stream
on the network side.
In order to prepare the data structures in the host program, let's
introduce that logical split there, too. Might seem a bit like
overkill, but I don't want to rewrite all code later...
We want to be able to use some code irrespective of the application
(emulation, tracing, ...), so let's split the transport struct out of
the cardem_instance.
The current protocol was card-emulation specific. The new protocol is
generic/flexible enough to accommodate both tracing and card emulation,
as well as modem control and other future extensions.
We now generalize the USB communiction and abandon the 'req_ctx'
structure inherited from openpcd. Instead we use the libosmocore 'msgb'
structure to handle incoming and outgoing USB tranfers. We also use
linuxlist-based msgb-queues for each endpoint.
This was introduced for interoperability with operating systems that
might prefer such setup (I heard that Windows prefers this about a
decade ago, but I don't have any personal experience with it).
However, using different VID/PID between DFU and RT breaks usability of
dfu-util, and I really think this matters much more to our users and
developers.
the default boot state should be to use the local SIM, until the user
changes it (currently only possible via entering '!' or '@' on the
serial console). The code so far had this completely inverted.
We cannoy simply use the DFU runtime descriptor of the DFU mode, but we
have to use the descriptor of the specific currently-selected runtime
configuration. Let's iterate over the descriptors of a configuration
and find the DFU runtime descriptor in it.
At power-up we need to initialize g_dfu once, to ensure a consistent
state. Afterwards we want to keep it across (software) reset, but on
power-up the memory would otherwise be filled with random data, causing
issues with detection of DFU/Runtime switching.
Rather than using the first available interface on the first available
device, we now have a "simtrace2-list" program that lists all compatible
interfaces on all configurations of all devices on the system
When we want to run multiple instances of the card-emulator (e.g. for
multi-modem/multi-card versions of the hardware), the code shouldn't be
using any global variables but have them per-instance.
This way, host code can dynamically detect which interface supports
which functionality.
The related #defines should be moved to a header file that's shared with
the host application code.
Actually, at device level we want to specify 0, so we can select
individual Class/Subclass values at Interface values.
Table 9-8 of the USB2 Specification is quite clear about this.
This software is supposed to support a SIMTRACE1 with SAM#, as well
ast the OWHW and QMOD hardware. Let's compare the GPIO/Pin assignments
of the SAM3 in one shared spreadsheet.
When initializing the TC blocks, let's only configure the GPIO pins TCLK
and TIOB, and not the unused TIOA pin. That pin is actually used for
(separate) different functions in both qmod and owhw.
The port mapping is now as follows:
* port 1: ST12
* port 2: modem 1
* port 3: modem 2
* port 4: ST34
* port 5: modem 3
* port 6: modem 4
* port 7: daisy-chaining port
Using the USBDFU_OverrideEnterDFU() function, a board/application can
define extra conditions when the system should boot in DFU mode, even if
it was not explicitly switched to DFU mode from the application.
The app/dfu/main.c uses this mechanism to boot into DFU mode if the
stack + reset vector addresses are not plausible (i.e. some random junk
appears to be flashed in the application partition) or if the user
places a jumper accross the RxD+TxD lines of the debug UART. The idea
is that the system can be recovered by placing this jumper and then
re-installing the application from DFU.
Sometimes there is some leakage current via some I/O that's sufficient
to power up the SAM3S. Use the supply monitor to make sure the CPU
will be reset (and kept in reset) if the supply voltage is below 3.0V.
This makes sure that we'll re-enumerate on the USB, as a CPU reset
apparently doesn't automatically release the pull-up and notify the hub
that we were gone?
For some strange reason my output is garbled in both the 'screen' and
'cu' teerminal programs and 'raw' terminal (stty) mode. I fail to
understand why, but let's simply adjust the code as needed for now.
It is utterly unacceptable that Atmel is shipping example code in 2011,
which doesn't support parts that are shipped still in 2016. They would
have had five years to fix their code to implement the chip errata :(
We need to refer to g_dfu as a pointer from all code. In DFU mode, it
gets assigned to the address of _g_dfu, which is placed by the linker
script at the start of RAM. In runtime mode, the pointer is statically
defined to point at the start of RAM. The linker script for the runtime
(dfu environment) is adjusted to save the first 32 bytes for the _g_dfu
structure.
* we now actually route the EP0 control requests in DFU mode to the
correct handler (weak linker symbols are tricky)
* we now actually call code to read/write data from/to RAM/FLASH
This way we can easily check with 'diff' for differences in our code and
Atmel softpack. Also, this layout is more suitable for building various
different firmware images (e.g. factory-test, dfu-loader, main
application) for a variety of different boards (simtrace, owhw, qmod).
The signals are driving an external NPN transistor, so the default state
must be low at reset to en sure that !PERST on the modem input is
de-asserted by default.
It seems like a lot of modems have rather long (100ms!) minimum reset
durations. Makes me wonder if it's an actual reset line or rather juts
some GPIO that they poll/sample every so often. Then there are other
modems that state the reset *must not* be longer than 1s. So let's
choose 300ms as a value in-between.
The PLL setting doesn't depend on the 'qmod' board type but on the
combination of the BOARD_MAINOSC and BOARD_MCK #defines. So let's
remove the '#ifdef qmod' from the equation.
The only 'qmod' specific part is whether or not to use the internal xtal
oscillator or not.
Table 42-31 ofd DOC6500 states that the minimum output frequency of the
PLL is 60 MHz. The existing qmod code violated this by configuring the
PLL multiplier output to 12*4 = 48 MHz. Let's use 12*8 = 96 and then
divide that by two to get to the desired 48 MHz.
This might help to resolve the non-working USB on the qmod so far.
* move it out of the function so it actually is present in .rodata,
rather than having a long sequence of stores into a stack buffer
* use 16 bytes per line so it is easier to find + change bits in there
The firmware we used for testing contained some local changes which were
not committed. They primarily relate to the port re-ordering feature as
well as the amount of power (0x32 = 100mA) is now used consequently.
When we reset the hub, the hub will actively drvie the PRTPWR signal of
the SITMRACE12 low, resulting in the SAM3 being shut off. If we want to
"survive" this, we need to set the OVERRIDE before we go into reset.
Right now, we never release the signal again, keeping ST12 enabled
permanently, which is of course not what we want in general.
You can compile the firmware for this new target using 'make
BOARD=qmod'.
The QMOD differs from simtrace+owhw in terms of low-level
initialization, as it has an external 12MHz clock at XIN, thus bypasses
the main oscillator and needs different PLL configuration.
At higher speeds, it seems we are turning off the transmitter before we
are enabling the receiver. Unfortunately the TXEN bit in the uart mode
register is read-only, so we don't really know if the transmitter is
enabled or not. It seems we can simply keep transmitter + reciver
running at the same time, and use the TXEMPTY bit as reliable means to
determine if we're busy transmtting.
We can now enable CARDEMU_SECOND_UART in owhw/board.h, as it no
longer interferes with operation of the first port (USIM1). Whether
the second port actuall works still remains to be tested at this point.
We now auto-discover the end-point addresses based on the interface
descriptor. The user can also use the new "--interface" command line
argument to set a non-zero intrerface. In combination, this should
enable support for the remote-sim functionality on the second UART
on OWHW.
UDP end-points are streams, so when we receive data on the OUT
endpoint callback, the buffer might contain several commands. When
dispatching the messages, split (segment) them again before dispatching
them to their respective handlers.
we want to ensure that the length of every (current or future) message
can be determined by looking at cardemu_usb_msg_hdr.msg_len, rather than
having a length that is relative to the respective specific command.
When iterating over the queue of req_ctx, make sure to unlink each
buffer before processing it. And during processing, ensure all buffers
are reelased back to the memory management.
This way the application on the USB host can control whether the
emulator should emulate that the card be inserted or not. We change the
reset-default back to 'not inserted' (GPIO output 0) and wait for the
application to explicitly request this by issuing
CEMU_USB_MSGT_DT_CARDINSERT.
Depending on which features (and thus USB configurations) are included
in the firmware, we need to re-define the ordering of the configuration
numbers, as the Atmel USBD driver simply assumes that configurations are
numbered 1..N without any gaps in the sequence.
... among those is a rotor (\|/-) that is printed by the main loop,
so one can observe if the main loop is still executing or the system
is somehow stuck.
So far we have only been working with a single UART/USIM. Let's
make things more data structure driven and pass around handles to
the data structures rather than hardcoding...
In order to handle other USB commands like GET_STATUS, SET_ATR
or GET_STATS, we introduce an intermediary queue. The USB receive
completion call-back puts the command on that intermediate 'main'
queue. From that intermediate queue, the are further
dispatched/processed according to their mesage type.
* ensure the PB8/PB9 pins are actually not in GPIO mode, which they
apparently are on boot-up
* ensure that neither pull-up nor pull-down are enabled on PB8/PB9
* ensure we first start the oscillator, before selecting it
The sum of the above changes seems to make oscillator start-up much more
reliable than before. The time needed for initialization is now pretty
stable, and the occasional 15-20second clock stabiliziation has not been
observed with this change.
When the ISO7816 state machine requires us to transmit something, but
we don't have data ready to transmit, we should switch off TXRDY
interrupt generation.
What's missing is of course the other part that re-enabls TXRDY
generation once new data is available
This also removes the actual queuing code from req_ctx, and
leaves this to the caller. Only tw out of the existing states actually
required the ordering requirement enforced by the qeue, and in the
future we will need to have per-endpoint queues anyway. Both means it
is better to manage queues outside the req_ctx, and leve that as a pure
memory allocator.
We don't want to call into the bulk of card_emu.c from interrupt
context, so let's introduce a ring buffer as a softwre-FIFO between
the USART receiving a byte and the processing of that byte in
card_emu.c, which is then performed from the main loop outside
interrupt context.
The caller might not have edge triggering and just gives us the
current state. we have to use that informtaion to determine the
edges when something is actually switched on or off.
when the emulator has received some data, don't just check that
we see it coming up on teh USB side, but actually also check
the content of those messages
We don't want the tc_etu to call into card_emu at all times,
e.g. while clock is applied, but RST is not yet present.
Rather, we want to explicitly enable it once RST is released
we cannot first chage the state and then transmit the byte
asynchronously later, this introduces race conditions. Do it
in-line by explicit calls to the UART Tx function.
* don't enter a state we are already in
* enable the UART receiver not only when waiting for CLA, but also
generally when we're waiting for more data from the reader
When the USB host software sets this flag, we terminate the
TPDU transmission after the last character in this frame and
transition again to the WAIT_TPDU state.
I couldn't help but to spend my sunday on working towards card
emulation, including
* various state machines in the target about ISO7816 states
* tc_etu timer import from simtrace1
* req_ctx import from simtrace1 (needs renaming and simplifiation)
* USB protocol description as cardemu_prot.h
* some host-based testing code to test the state machines
The code seems to work fine throughout card reset, sending ATR and
receiving the TPDU header of the first APDU, up to the point where it
marks the TPDU header as to-be-transmitted over th bulk-in endpoint.
Sending the ATR must be done inside the firmware for timing
requirements.
From that point onwards, the host needs to respond at the very least
with a procedure byte, and some indication whether or not the card
emulator should continue to transmit data (card->reader), or receive
data (reader->card).
The code is intentionally not hooked up yet with the USB logic nor with
the UART. I want host-based testing completed before doing that.
we shouldn't re-use the vendor/device ID usd by simtrace1, as the
protocol is incompatible and applications for simtrace 1 don't work with
simtrace2. Also, there's a different processor architecutre in the
hardware.
The SIMtrace software together with the corresponding hardware provides a means to trace the communication between a SIM card and a mobile phone, and intercept it starting with SIMtrace software version 2.0 (together with SIMtrace board version 1.5).
Furthermore, it provides a SIM card emulation and CCID reader mode.
SIMtrace v2.0
=============
## How to compile
A Makefile is provided. It created an image under bin/project-flash.bin, which can directly be flashed on the board (see section "How to flash").
This is the repository for the next-generation SIMtrace devices,
providing abilities to trace the communication between (U)SIM card and
phone, remote (U)SIM card forward, (U)SIM man-in-the-middle, and more.
The level of debug messages can be altered at compile time:
```
$ make TRACE_LEVEL=4
```
Accepted values: 0 (NO_TRACE) to 5 (DEBUG)
NOTE: Nothing in this repository applies to the SIMtrace v1.x hardware
or its associated firmware. SIMtrace v1.x is based on a different CPU /
microcontroller architecture and uses a completely different software
stack and host software.
## How to flash
For flashing the firmware, there are at least two options.
The first one is using openocd and a JTAG key.
For this option, a JTAG connector has to be soldered onto the board, which is not attached per default.
After reloading the udev rules, SIMtrace should be recognized by the operating system.
## How to use
After flashing the firmware and defining the udev rules, the python program simtrace.py can be used in order to command the board.
First, the configuration has to be set using the -C option, which has to be passed a number determining the mode:
1: Sniffer mode
2: CCID reader mode
3: Mobile phone emulation mode
4: MITM mode
For example, setting the device into MITM mode can be achieved with the following command:
```
$ simtrace.py -C4
```
After setting the configuration, one of the following functionalities can be started:
```
-s, --sniff Sniff communication!
-S, --select_file Transmit SELECT cmd!
-p, --phone Emulates simcard
-m, --mitm Intercept communication (MITM)
```
For example, in order to use simtrace in sniffer mode, the following command can be executed:
```
$ simtrace.py -C1 -s
```
For more information, execute the following command:
```
$ simtrace.py -h
```
* firmware - the firmware to run on the actual devices
* hardware - some information related to the hardware
* host - Programs to use on the USB host to interface with the hardware
## Logging
The Makefile furthermore provides an easy option for reading the log messages.
SIMtrace sends out log messages over the serial interface, using a connector with a 2.5mm jack.
Using a serial to USB converter, the log messages can be read using the following command:
The host software includes
```
$ make log SERIAL=/dev/ttyUSB*
```
If no SERIAL is defined, /dev/ttyUSB0 is taken by default.
* libosmo-simtrace2 - a shared library to talk to devices running the simtrace2 firmware
* simtrace2-list - list any USB-attached devices running simtrace2 firmware
* simtrace2-sniff - interface the 'trace' firmware to obtain card protocol traces
* simtrace2-cardem-pcsc - interface the 'cardem' fimrware to use a SIM in a PC/SC reader
## Known issues
* If there is an error, it might result from a missing instruction byte in the list of instructions that expect data from the simcard.
It can be updated in the file in apdu_split.py
Especially, if the sniffer mode works well, but the mitm mode fails, that's a good place to start looking.
The array is of the following form:
`INS_data_expected = [0xC0, 0xB0, 0x12]`
Do not expect SIMtrace2 to work in VMs
--------------------------------------
* For interacting with the SIM card (CCID reader and MITM mode), pcscd has to be
started on the computer.
* The maximum operating frequency of the device and hardware is not determined yet.
The function for changing the FIDI is not tested yet because no device could be obtained, which would change the FIDI in the middle of the communication.
Most devices stick with the default FIDI.
* The software assumes a master-slave-protocol: The master sends a command, the slave answers this.
If this premise is not met, the software will not operate properly.
This should be taken into account when programming the Mobile phone emulator or MITM mode.
We only support running SIMtrace2 together with a Linux system running
"bare iron" on actual hardware (x86, x86_64, arm, ...). **using VMs
with USB pass-through for things with critical timing like SIMtrace2 is
calling for trouble** and we will not accept related bug reports or
support you if you do. If you still want to use VMs: Feel free to do
so, but understand that it's unsupported and you are on your own.
# which firmware does the SIMtrace USN interface subclass correspond
FIRMWARE_SUBCLASS={1:"trace",2:"cardem"}
defprint_help():
print("this script will flash SIMtrace 2 - based devices")
print("when no argument is provided, it will try to flash the application firmware of all SIMtrace 2 devices connected to USB with the latest version")
print("to flash a specific firmware, provide the name as argument")
print("the possible firmwares are: trace, cardem")
print("to list all devices connected to USB, provide the argument \"list\"")
Note: The SAM3S is now not recommended for new designs.
It can be replaced by the pin-compatible SAM4S.
The MCU can be specified using the environment variable `CHIP` (set to `sam3s4` per default) for future MCU support.
== Boards
The SIMtrace 2 firmware supports multiple boards.
A board defines a given circuit board.
While compiling the firmware, set the target board using the `BOARD` environment variable (set to `qmod` per default).
The supported boards correspond to sub-folders under `libboard`.
Current boards supported are:
* `simtrace`: The good old Osmocom SIMtrace PCB with SAM3 instead of SAM7, open hardware.
* `qmod`: A sysmocom-proprietary quad mPCIe carrier board, publicly available
* `owhw`: An undisclosed sysmocom-internal board, not publicly available
* `octsimtest`: A sysmocom-proprietary production testing board, not publicly available
= Firmware
== Library
The firmware uses the manufacturer provided Software Package (SoftPack) micro-controller library.
The original library is available at https://www.microchip.com/design-centers/32-bit/softpacks/legacy-softpacks .
Version 2.1 from 2001 is used: http://ww1.microchip.com/downloads/en/DeviceDoc/SAM3S_softpack_2.1_for_CodeSourcery_2010q1.zip
The SIMtrace 2 project uses the `libboard_sam3s-ek`, `libchip_sam3s`, and `usb` sub-libraries, saved in `atmel_softpack_libraries` (with local modifications).
Note: SoftPack is the legacy micro-controller library.
This library is now replaced by the Advanced Software Framework (ASF): https://www.microchip.com/avr-support/advanced-software-framework-(asf) .
The SAM3S ASF documentation is available at http://asf.atmel.com/docs/latest/sam3s/html/index.html .
== Applications
An application is a specific piece of software with given functionality.
While compiling the firmware, set the target application using the `APP` environment variable (set to `dfu` per default).
The supported applications correspond to sub-folder under `apps`.
Current applications supported are:
* `dfu`: The USB DFU bootloader to flash further main appliction firmwares.
* `ccid`: To use SIMtrace 2 as USB CCID smartcard reader.
* `cardem`: To provide remote SIM operation capabilities.
* `trace`: To monitor the communication between a SIM card and a phone (corresponds to the functionality provide by the first SIMtrace)
* `triple_play`: To support the three previous functionalities, using USB configurations.
* `gpio_test`: internal test code
== Memories
Firmwares can be run from several memory locations:
* flash: Run natively from start of flash memory
* dfu: Run after a DFU bootloader from an offset after the first 16k of flash (the first 16k are reserved for the bootloader)
* ram: Run from within the RAM of the chip, downloaded via JTAG/SWD
== Building
A given firmware build is made for a specific combination of an application `APP` running in a certain memory `MEM` on a given board `BOARD`.
When building using `make`, set the target application using the `APP` environment variable and target board using the `BOARD` environment variable, e.g.:
* make APP=cardem BOARD=qmod
* make APP=dfu BOARD=qmod
The Makefile will create output files in the format: `bin/$(BOARD)-$(APP)-$(MEM).{elf,bin}`
The level of debug messages can be altered at compile time:
```
$ make TRACE_LEVEL=4
```
Accepted values: 0 (NO_TRACE) to 5 (DEBUG)
The qmod specific option `ALLOW_PEER_ERASE` controls if the UART debug command to assert the peer SAM3S ERASE line is present in the code.
Per default this is set to 0 to prevent accidentally erasing all firmware, including the DFU bootloader, which would then need to be flashed using SAM-BA or JTAG/SWD.
Setting `ALLOW_PEER_ERASE` to 1 enables back the debug command and should be used only for debugging or development purposes.
= Flashing
To flash a firmware image follow the instructions provided in the [wiki](https://projects.osmocom.org/projects/simtrace2/wiki/).
/* we must make sure the .dfudata is linked to start of RAM */
*(.dfudata .dfudata.*);
*(.ramfunc .ramfunc.*);
*(.data .data.*);
. = ALIGN(4);
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
