WIP: introduce support for new ngff_cardem board

This adds support for the new ngff_cardem board, a board that
basically combines a ngff breakout board with a built-in SIMtrace2.

The firmware support added by this ptach is currently untested,
and serves as a basis for testing the ngff_cardem prototypes.

Change-Id: I9649c853271c22d5403cdf3a7ec9029c9cecfa32

.gitignore

@@ -18,7 +18,8 @@ tags
 *.bin
 *.p
 host/simtrace2-list
-host/simtrace2-remsim
-host/simtrace2-remsim-usb2udp
+host/simtrace2-cardem-pcsc
+host/contrib/simtrace2.spec
 usb_strings_generated.h
 firmware/usbstring/usbstring
+firmware/apps/*/usb_strings.txt.patched

README.md

@@ -5,9 +5,6 @@ This is the repository for the next-generation SIMtrace devices,
 providing abilities to trace the communication between (U)SIM card and
 phone, remote (U)SIM card forward, (U)SIM man-in-the-middle, and more.
 
-This is under heavy development, and right now it is not surprising if
-things still break on a daily basis.
-
 NOTE: Nothing in this repository applies to the SIMtrace v1.x hardware
 or its associated firmware.  SIMtrace v1.x is based on a different CPU /
 microcontroller architecture and uses a completely different software
@@ -16,12 +13,6 @@ stack and host software.
 Supported Hardware
 ------------------
 
-At this point, the primary development target is still the OWHW + sysmoQMOD
-device, but we expect to add support for a SAM3 based SIMtrace hardware
-board soon.
-
-The goal is to support the following devices:
-
 * Osmocom SIMtrace 1.x with SAM3 controller
 ** this is open hardware and schematics / PCB design is published
 * sysmocom sysmoQMOD (with 4 Modems,  4 SIM slots and 2 SAM3)
@@ -37,3 +28,11 @@ This repository contains several directory
 * firmware - the firmware to run on the actual devices
 * hardware - some information related to the hardware
 * host - Programs to use on the USB host to interface with the hardware
+
+
+The host software includes
+
+* libosmo-simtrace2 - a shared library to talk to devices running the simtrace2 firmware
+* simtrace2-list - list any USB-attached devices running simtrace2 firmware
+* simtrace2-sniff - interface the 'trace' firmware to obtain card protocol traces
+* simtrace2-cardem-pcsc - interface the 'cardem' fimrware to use a SIM in a PC/SC reader

TODO-RELEASE

@@ -0,0 +1,10 @@
+# When cleaning up this file: bump API version in corresponding Makefile.am and rename corresponding debian/lib*.install
+# according to https://osmocom.org/projects/cellular-infrastructure/wiki/Make_a_new_release
+# In short: https://www.gnu.org/software/libtool/manual/html_node/Updating-version-info.html#Updating-version-info
+# LIBVERSION=c:r:a
+# If the library source code has changed at all since the last update, then increment revision: c:r + 1:a.
+# If any interfaces have been added, removed, or changed since the last update: c + 1:0:0.
+# If any interfaces have been added since the last public release: c:r:a + 1.
+# If any interfaces have been removed or changed since the last public release: c:r:0.
+#library	what			description / commit summary line
+simtrace2	API/ABI change		osmo_st2_transport new member

contrib/flash.py

@@ -27,7 +27,9 @@ class Device(NamedTuple):
 DEVICE_SIMTRACE = Device(usb_vendor_id=0x1d50, usb_product_id=0x60e3, name="SIMtrace 2", url={"trace": "https://ftp.osmocom.org/binaries/simtrace2/firmware/latest/simtrace-trace-dfu-latest.bin", "cardem": "https://osmocom.org/attachments/download/3868/simtrace-cardem-dfu.bin"})
 DEVICE_QMOD = Device(usb_vendor_id=0x1d50, usb_product_id=0x4004, name="sysmoQMOD (Quad Modem)", url={"cardem": "https://ftp.osmocom.org/binaries/simtrace2/firmware/latest/qmod-cardem-dfu-latest.bin"})
 DEVICE_OWHW = Device(usb_vendor_id=0x1d50, usb_product_id=0x4001, name="OWHW", url={"cardem": "https://ftp.osmocom.org/binaries/simtrace2/firmware/latest/owhw-cardem-dfu-latest.bin"})
-DEVICES = [DEVICE_SIMTRACE, DEVICE_QMOD]
+DEVICE_OCTSIMTEST = Device(usb_vendor_id=0x1d50, usb_product_id=0x616d, name="OCTSIMTEST", url={"cardem": "https://ftp.osmocom.org/binaries/simtrace2/firmware/latest/octsimtest-cardem-dfu-latest.bin"})
+DEVICE_NGFF_CARDEM = Device(usb_vendor_id=0x1d50, usb_product_id=0x616e, name="ngff-cardem", url={"cardem": "https://ftp.osmocom.org/binaries/simtrace2/firmware/latest/ngff_cardem-cardem-dfu-latest.bin"})
+DEVICES = [DEVICE_SIMTRACE, DEVICE_QMOD, DEVICE_OCTSIMTEST, DEVICE_NGFF_CARDEM]
 
 # which firmware does the SIMtrace USN interface subclass correspond
 FIRMWARE_SUBCLASS = {1: "trace", 2: "cardem"}

contrib/jenkins.sh

@@ -28,9 +28,10 @@ export PKG_CONFIG_PATH="$inst/lib/pkgconfig:$PKG_CONFIG_PATH"
 export LD_LIBRARY_PATH="$inst/lib"
 
 BUILDS=""
-BUILDS+="simtrace/dfu simtrace/cardem simtrace/trace " # simtrace/triple_play
+BUILDS+="simtrace/dfu simtrace/trace simtrace/cardem "
 BUILDS+="qmod/dfu qmod/cardem "
 BUILDS+="owhw/dfu owhw/cardem "
+BUILDS+="octsimtest/cardem "
 
 cd $TOPDIR/firmware
 for build in $BUILDS; do
@@ -63,20 +64,19 @@ make dist
 #	make -C "$base/doc/manuals" publish
 #fi
 
-rm -rf $TOPDIR/firmware/bin/simtrace-cardem*
-
 if [ "x$publish" = "x--publish" ]; then
 	echo
 	echo "=============== UPLOAD BUILD  =============="
+	$TOPDIR/contrib/prepare_upload.sh
 
 	cat > "/build/known_hosts" <<EOF
-[rita.osmocom.org]:48 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDgQ9HntlpWNmh953a2Gc8NysKE4orOatVT1wQkyzhARnfYUerRuwyNr1GqMyBKdSI9amYVBXJIOUFcpV81niA7zQRUs66bpIMkE9/rHxBd81SkorEPOIS84W4vm3SZtuNqa+fADcqe88Hcb0ZdTzjKILuwi19gzrQyME2knHY71EOETe9Yow5RD2hTIpB5ecNxI0LUKDq+Ii8HfBvndPBIr0BWYDugckQ3Bocf+yn/tn2/GZieFEyFpBGF/MnLbAAfUKIdeyFRX7ufaiWWz5yKAfEhtziqdAGZaXNaLG6gkpy3EixOAy6ZXuTAk3b3Y0FUmDjhOHllbPmTOcKMry9
-[rita.osmocom.org]:48 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPdWn1kEousXuKsZ+qJEZTt/NSeASxCrUfNDW3LWtH+d8Ust7ZuKp/vuyG+5pe5pwpPOgFu7TjN+0lVjYJVXH54=
-[rita.osmocom.org]:48 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK8iivY70EiR5NiGChV39gRLjNpC8lvu1ZdHtdMw2zuX
+[ftp.osmocom.org]:48 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDgQ9HntlpWNmh953a2Gc8NysKE4orOatVT1wQkyzhARnfYUerRuwyNr1GqMyBKdSI9amYVBXJIOUFcpV81niA7zQRUs66bpIMkE9/rHxBd81SkorEPOIS84W4vm3SZtuNqa+fADcqe88Hcb0ZdTzjKILuwi19gzrQyME2knHY71EOETe9Yow5RD2hTIpB5ecNxI0LUKDq+Ii8HfBvndPBIr0BWYDugckQ3Bocf+yn/tn2/GZieFEyFpBGF/MnLbAAfUKIdeyFRX7ufaiWWz5yKAfEhtziqdAGZaXNaLG6gkpy3EixOAy6ZXuTAk3b3Y0FUmDjhOHllbPmTOcKMry9
+[ftp.osmocom.org]:48 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPdWn1kEousXuKsZ+qJEZTt/NSeASxCrUfNDW3LWtH+d8Ust7ZuKp/vuyG+5pe5pwpPOgFu7TjN+0lVjYJVXH54=
+[ftp.osmocom.org]:48 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK8iivY70EiR5NiGChV39gRLjNpC8lvu1ZdHtdMw2zuX
 EOF
 	SSH_COMMAND="ssh -o 'UserKnownHostsFile=/build/known_hosts' -p 48"
-	rsync --archive --verbose --compress --delete --rsh "$SSH_COMMAND" $TOPDIR/firmware/bin/*-latest.{bin,elf} binaries@rita.osmocom.org:web-files/simtrace2/firmware/latest/
-	rsync --archive --verbose --compress --rsh "$SSH_COMMAND" --exclude $TOPDIR/firmware/bin/*-latest.{bin,elf} $TOPDIR/firmware/bin/*-*-*-*.{bin,elf} binaries@rita.osmocom.org:web-files/simtrace2/firmware/all/
+	rsync --archive --verbose --compress --delete --rsh "$SSH_COMMAND" $TOPDIR/firmware/bin/*-latest.{bin,elf} binaries@ftp.osmocom.org:web-files/simtrace2/firmware/latest/
+	rsync --archive --verbose --compress --rsh "$SSH_COMMAND" --exclude $TOPDIR/firmware/bin/*-latest.{bin,elf} $TOPDIR/firmware/bin/*-*-*-*.{bin,elf} binaries@ftp.osmocom.org:web-files/simtrace2/firmware/all/
 fi
 
 echo

contrib/prepare_upload.sh

@@ -0,0 +1,16 @@
+#!/bin/sh -e
+# Create copies of binaries with -latest, -$GIT_VERSION (OS#4413, OS#3452)
+cd "$(dirname "$0")/.."
+
+GIT_VERSION="$(./git-version-gen .tarball-version)"
+
+echo "Copying binaries with "-latest" and "-$GIT_VERSION" appended..."
+
+cd firmware/bin
+for ext in bin elf; do
+	for file in *."$ext"; do
+		without_ext="${file%.*}"
+		cp -v "$file" "$without_ext-latest.$ext"
+		cp -v "$file" "$without_ext-$GIT_VERSION.$ext"
+	done
+done

contrib/simtrace.lua

@@ -0,0 +1,68 @@
+usb_simtrace_protocol = Proto("USB_simtrace",  "USB simtrace protocol")
+
+
+local control_commands = {
+-- /* SIMTRACE_MSGC_GENERIC */
+[0x0000] = "SIMTRACE_CMD_DO_ERROR",
+[0x0001] = "SIMTRACE_CMD_BD_BOARD_INFO",
+
+-- /* SIMTRACE_MSGC_CARDEM */
+[0x0101] = "SIMTRACE_MSGT_DT_CEMU_TX_DATA",
+[0x0102] = "SIMTRACE_MSGT_DT_CEMU_SET_ATR",
+[0x0103] = "SIMTRACE_MSGT_BD_CEMU_STATS",
+[0x0104] = "SIMTRACE_MSGT_BD_CEMU_STATUS",
+[0x0105] = "SIMTRACE_MSGT_DT_CEMU_CARDINSERT",
+[0x0106] = "SIMTRACE_MSGT_DO_CEMU_RX_DATA",
+[0x0107] = "SIMTRACE_MSGT_DO_CEMU_PTS",
+[0x0108] = "SIMTRACE_MSGT_BD_CEMU_CONFIG",
+
+-- /* SIMTRACE_MSGC_MODEM */
+[0x0201] = "SIMTRACE_MSGT_DT_MODEM_RESET",
+[0x0202] = "SIMTRACE_MSGT_DT_MODEM_SIM_SELECT",
+[0x0203] = "SIMTRACE_MSGT_BD_MODEM_STATUS",
+
+-- /* SIMTRACE_MSGC_SNIFF */
+[0x0300] = "SIMTRACE_MSGT_SNIFF_CHANGE",
+[0x0301] = "SIMTRACE_MSGT_SNIFF_FIDI",
+[0x0302] = "SIMTRACE_MSGT_SNIFF_ATR",
+[0x0304] = "SIMTRACE_MSGT_SNIFF_TPDU",
+[0x0303] = "SIMTRACE_MSGT_SNIFF_PPS"
+}
+
+local msgtype  = ProtoField.uint16("usb_simtrace.msgtype", "Message Type", base.HEX_DEC, control_commands)
+local seqnr  = ProtoField.uint8("usb_simtrace.seqnr", "Sequence Number", base.HEX_DEC)
+local slotnr  = ProtoField.uint8("usb_simtrace.slotnr", "Slot Number", base.HEX_DEC)
+local reserved  = ProtoField.uint16("usb_simtrace.reserved", "reserved", base.HEX_DEC)
+local payloadlen  = ProtoField.uint16("usb_simtrace.length", "length", base.HEX_DEC)
+local payload  = ProtoField.bytes("usb_simtrace.payload", "Data")
+
+usb_simtrace_protocol.fields = {
+  msgtype, seqnr, slotnr, reserved, payloadlen, payload
+}
+
+function usb_simtrace_protocol.dissector(buffer, pinfo, tree)
+  length = buffer:len()
+  if length == 0 then return end
+
+  pinfo.cols.protocol = usb_simtrace_protocol.name
+
+  local subtree = tree:add(usb_simtrace_protocol, buffer(), "USB simtrace Data")
+  local command = buffer(0,2):uint()
+
+  subtree:add(msgtype, command):set_generated()
+  subtree:add(seqnr, buffer(2,1))
+  subtree:add(slotnr, buffer(3,1))
+  subtree:add_le(payloadlen, buffer(6,2))
+  pinfo.cols.info = string.format("Cmd 0x%04X : %s", command, control_commands[command])
+  subtree:add(payload, buffer(8,length-8))
+
+end
+
+
+function usb_simtrace_protocol.init()
+local usb_product_dissectors = DissectorTable.get("usb.product")
+usb_product_dissectors:add(0x1d50616d, usb_simtrace_protocol)
+usb_product_dissectors:add(0x1d50616e, usb_simtrace_protocol)
+
+-- DissectorTable.get("usb.bulk"):add(0xffff, usb_simtrace_protocol)
+end

debian/source/format

@@ -0,0 +1 @@
+3.0 (native)

firmware/Makefile

@@ -28,11 +28,19 @@
 
 #   Makefile for compiling the Getting Started with SAM3S Microcontrollers project
 
-GIT_VERSION=$(shell $(TOP)/git-version-gen $(TOP)/.tarvers)
+GIT_VERSION=$(shell $(TOP)/git-version-gen $(TOP)/.tarball-version)
 #-------------------------------------------------------------------------------
 #        User-modifiable options
 #-------------------------------------------------------------------------------
 
+# verbosity
+V ?= 0
+ifneq ("$(V)","0")
+SILENT :=
+else
+SILENT := @
+endif
+
 # Chip & board used for compilation
 # (can be overriden by adding CHIP=chip and BOARD=board to the command-line)
 CHIP  ?= sam3s4
@@ -100,7 +108,7 @@ C_LIBUSB     = USBDescriptors.c USBRequests.c USBD.c USBDCallbacks.c USBDDriver.
 C_LIBUSB_RT  = dfu.c dfu_runtime.c
 C_LIBUSB_DFU = dfu.c dfu_desc.c dfu_driver.c
 C_LIBCOMMON  = string.c stdio.c fputs.c usb_buf.c ringbuffer.c pseudo_talloc.c host_communication.c \
-	       main_common.c
+	       main_common.c stack_check.c
 
 C_BOARD      = $(notdir $(wildcard libboard/common/source/*.c))
 C_BOARD     += $(notdir $(wildcard libboard/$(BOARD)/source/*.c))
@@ -164,14 +172,22 @@ CFLAGS += -Wno-suggest-attribute=noreturn
 # -mlong-calls  -Wall
 #CFLAGS += -save-temps -fverbose-asm
 #CFLAGS += -Wa,-a,-ad
-CFLAGS += -D__ARM
+CFLAGS += -D__ARM -fno-builtin
 CFLAGS += --param max-inline-insns-single=500 -mcpu=cortex-m3 -mthumb # -mfix-cortex-m3-ldrd
 CFLAGS += -ffunction-sections -g $(OPTIMIZATION) $(INCLUDES) -D$(CHIP) -DTRACE_LEVEL=$(TRACE_LEVEL) -DALLOW_PEER_ERASE=$(ALLOW_PEER_ERASE)
 CFLAGS += -DGIT_VERSION=\"$(GIT_VERSION)\"
 CFLAGS += -DBOARD=\"$(BOARD)\" -DBOARD_$(BOARD)
 CFLAGS += -DAPPLICATION=\"$(APP)\" -DAPPLICATION_$(APP)
+
+# Disable stack protector by default (OS#5081)
+ifeq ($(STACK_PROTECTOR), 1)
+CFLAGS += -fstack-protector
+else
+CFLAGS += -fno-stack-protector
+endif
+
 ASFLAGS = -mcpu=cortex-m3 -mthumb -Wall -g $(OPTIMIZATION) $(INCLUDES) -D$(CHIP) -D__ASSEMBLY__
-LDFLAGS = -mcpu=cortex-m3 -mthumb -Wl,--cref -Wl,--check-sections -Wl,--gc-sections -Wl,--entry=ResetException -Wl,--unresolved-symbols=report-all -Wl,--warn-common -Wl,--warn-section-align -Wl,--warn-unresolved-symbols -Wl,--print-memory-usage $(LIB)
+LDFLAGS = -mcpu=cortex-m3 -mthumb -Wl,--cref -Wl,--check-sections -Wl,--gc-sections -Wl,--entry=ResetException -Wl,--unresolved-symbols=report-all -Wl,--warn-common -Wl,--warn-section-align -Wl,--print-memory-usage -Wl,--no-undefined $(LIB)
 #LD_OPTIONAL=-Wl,--print-gc-sections -Wl,--stats
 
 # Append BIN directories to output filename
@@ -210,22 +226,18 @@ C_OBJECTS_$(1) = $(addprefix $(OBJ)/$(1)_, $(C_OBJECTS))
 ASM_OBJECTS_$(1) = $(addprefix $(OBJ)/$(1)_, $(ASM_OBJECTS))
 
 $(1): $$(ASM_OBJECTS_$(1)) $$(C_OBJECTS_$(1))
-	@$(CC) $(LDFLAGS) $(LD_OPTIONAL) -T"libboard/common/resources/$(CHIP)/$$@.ld" -Wl,-Map,$(OUTPUT)-$$@.map -o $(OUTPUT)-$$@.elf $$^ $(LIBS)
-	cp $(OUTPUT)-$$@.elf $(OUTPUT)-$$@-$(GIT_VERSION).elf
-	cp $(OUTPUT)-$$@.elf $(OUTPUT)-$$@-latest.elf
-	@$(NM) $(OUTPUT)-$$@.elf >$(OUTPUT)-$$@.elf.txt
-	@$(OBJCOPY) -O binary $(OUTPUT)-$$@.elf $(OUTPUT)-$$@.bin
-	cp $(OUTPUT)-$$@.bin $(OUTPUT)-$$@-$(GIT_VERSION).bin
-	cp $(OUTPUT)-$$@.bin $(OUTPUT)-$$@-latest.bin
-	@$(SIZE) $$^ $(OUTPUT)-$$@.elf
+	$(SILENT)$(CC) $(LDFLAGS) $(LD_OPTIONAL) -T"libboard/common/resources/$(CHIP)/$$@.ld" -Wl,-Map,$(OUTPUT)-$$@.map -o $(OUTPUT)-$$@.elf $$^ $(LIBS)
+	$(SILENT)$(NM) $(OUTPUT)-$$@.elf >$(OUTPUT)-$$@.elf.txt
+	$(SILENT)$(OBJCOPY) -O binary $(OUTPUT)-$$@.elf $(OUTPUT)-$$@.bin
+	$(SILENT)$(SIZE) $$^ $(OUTPUT)-$$@.elf
 
 $$(C_OBJECTS_$(1)): $(OBJ)/$(1)_%.o: %.c Makefile $(OBJ) $(BIN)
 	@echo [COMPILING $$<]
-	@$(CC) $(CFLAGS) -DENVIRONMENT_$(1) -DENVIRONMENT=\"$(1)\" -Wa,-ahlms=$(BIN)/$$*.lst -c -o $$@ $$<
+	$(SILENT)$(CC) $(CFLAGS) -DENVIRONMENT_$(1) -DENVIRONMENT=\"$(1)\" -Wa,-ahlms=$(BIN)/$$*.lst -c -o $$@ $$<
 
 $$(ASM_OBJECTS_$(1)): $(OBJ)/$(1)_%.o: %.S Makefile $(OBJ) $(BIN)
 	@echo [ASSEMBLING $$@]
-	@$(CC) $(ASFLAGS) -DENVIRONMENT_$(1) -DENVIRONMENT=\"$(1)\" -c -o $$@ $$<
+	$(SILENT)@$(CC) $(ASFLAGS) -DENVIRONMENT_$(1) -DENVIRONMENT=\"$(1)\" -c -o $$@ $$<
 
 debug_$(1): $(1)
 	$(GDB) -x "$(BOARD_LIB)/resources/gcc/$(BOARD)_$(1).gdb" -ex "reset" -readnow -se $(OUTPUT)-$(1).elf

firmware/apps/cardem/Makefile

@@ -1,3 +1,3 @@
 C_FILES += $(C_LIBUSB_RT)
 
-C_FILES += card_emu.c cciddriver.c iso7816_4.c iso7816_fidi.c mitm.c mode_cardemu.c mode_ccid.c simtrace_iso7816.c sniffer.c tc_etu.c usb.c
+C_FILES += card_emu.c cciddriver.c iso7816_4.c iso7816_fidi.c mitm.c mode_cardemu.c mode_ccid.c simtrace_iso7816.c sniffer.c usb.c

firmware/apps/cardem/main.c

@@ -147,7 +147,8 @@ extern int main(void)
 	unsigned int i = 0;
 
 	led_init();
-	led_blink(LED_RED, BLINK_3O_5F);
+	led_blink(LED_RED, BLINK_ALWAYS_ON);
+	led_blink(LED_GREEN, BLINK_ALWAYS_ON);
 
 	/* Enable watchdog for 2000ms, with no window */
 	WDT_Enable(WDT, WDT_MR_WDRSTEN | WDT_MR_WDDBGHLT | WDT_MR_WDIDLEHLT |

firmware/apps/dfu/main.c

@@ -243,6 +243,17 @@ static void check_exec_dbg_cmd(void)
 	//board_exec_dbg_cmd(ch);
 }
 
+/* print a horizontal line of '=' characters; Doing this in a loop vs. using a 'const'
+ * string saves us ~60 bytes of executable size (matters particularly for DFU loader) */
+static void print_line(void)
+{
+	int i;
+	for (i = 0; i < 78; i++)
+		fputc('=', stdout);
+	fputc('\n', stdout);
+	fputc('\r', stdout);
+}
+
 /*------------------------------------------------------------------------------
  *        Main
  *------------------------------------------------------------------------------*/
@@ -265,16 +276,14 @@ extern int main(void)
 	PIO_Clear(&pinsLeds[LED_NUM_GREEN]);
 #endif
 
-	PIO_InitializeInterrupts(0);
-
 	EEFC_ReadUniqueID(g_unique_id);
 
-	printf("\n\r\n\r"
-		"=============================================================================\n\r"
-		"DFU bootloader %s for board %s\n\r"
-		"(C) 2010-2017 by Harald Welte, 2018-2019 by Kevin Redon\n\r"
-		"=============================================================================\n\r",
+	printf("\n\r\n\r");
+	print_line();
+	printf("DFU bootloader %s for board %s\n\r"
+		"(C) 2010-2017 by Harald Welte, 2018-2019 by Kevin Redon\n\r",
 		manifest_revision, manifest_board);
+	print_line();
 
 #if (TRACE_LEVEL >= TRACE_LEVEL_INFO)
 	TRACE_INFO("Chip ID: 0x%08lx (Ext 0x%08lx)\n\r", CHIPID->CHIPID_CIDR, CHIPID->CHIPID_EXID);

firmware/apps/trace/Makefile

@@ -1,3 +1,3 @@
 C_FILES += $(C_LIBUSB_RT)
 
-C_FILES += card_emu.c cciddriver.c iso7816_4.c iso7816_fidi.c mitm.c mode_cardemu.c mode_ccid.c simtrace_iso7816.c sniffer.c tc_etu.c usb.c
+C_FILES += card_emu.c cciddriver.c iso7816_4.c iso7816_fidi.c mitm.c mode_cardemu.c mode_ccid.c simtrace_iso7816.c sniffer.c usb.c

firmware/apps/triple_play/Makefile

@@ -1,3 +1,3 @@
 C_FILES += $(C_LIBUSB_RT)
 
-C_FILES += card_emu.c iso7816_4.c iso7816_fidi.c mitm.c mode_cardemu.c mode_ccid.c simtrace_iso7816.c sniffer.c tc_etu.c usb.c
+C_FILES += card_emu.c iso7816_4.c iso7816_fidi.c mitm.c mode_cardemu.c mode_ccid.c simtrace_iso7816.c sniffer.c usb.c

firmware/atmel_softpack_libraries/libchip_sam3s/source/pio_it.c

@@ -211,6 +211,16 @@ extern void PIO_InitializeInterrupts( uint32_t dwPriority )
     NVIC_EnableIRQ( PIOC_IRQn ) ;
 }
 
+static InterruptSource *find_intsource4pin(const Pin *pPin)
+{
+    unsigned int i ;
+    for (i = 0; i < _dwNumSources; i++) {
+        if (_aIntSources[i].pPin == pPin)
+	    return &_aIntSources[i];
+    }
+    return NULL;
+}
+
 /**
  * Configures a PIO or a group of PIO to generate an interrupt on status
  * change. The provided interrupt handler will be called with the triggering
@@ -228,15 +238,17 @@ extern void PIO_ConfigureIt( const Pin *pPin, void (*handler)( const Pin* ) )
 
     assert( pPin ) ;
     pio = pPin->pio ;
-    assert( _dwNumSources < MAX_INTERRUPT_SOURCES ) ;
 
-    /* Define new source */
-    TRACE_DEBUG( "PIO_ConfigureIt: Defining new source #%" PRIu32 ".\n\r",  _dwNumSources ) ;
-
-    pSource = &(_aIntSources[_dwNumSources]) ;
-    pSource->pPin = pPin ;
+    pSource = find_intsource4pin(pPin);
+    if (!pSource) {
+        /* Define new source */
+        TRACE_DEBUG( "PIO_ConfigureIt: Defining new source #%" PRIu32 ".\n\r",  _dwNumSources ) ;
+        assert( _dwNumSources < MAX_INTERRUPT_SOURCES ) ;
+        pSource = &(_aIntSources[_dwNumSources]) ;
+        pSource->pPin = pPin ;
+        _dwNumSources++ ;
+    }
     pSource->handler = handler ;
-    _dwNumSources++ ;
 
     /* PIO3 with additional interrupt support
      * Configure additional interrupt mode registers */

firmware/atmel_softpack_libraries/usb/device/core/USBD.c

@@ -300,7 +300,7 @@ void USBD_SetConfiguration(uint8_t cfgnum)
     else {
         deviceState = USBD_STATE_ADDRESS;
         /* Reset all endpoints */
-        USBD_HAL_ResetEPs(0xFFFFFFFF, USBD_STATUS_RESET, 0);
+        USBD_HAL_ResetEPs(0xFFFFFFFE, USBD_STATUS_RESET, 0);
     }
 }
 

firmware/atmel_softpack_libraries/usb/device/dfu/dfu.h

@@ -39,8 +39,8 @@ struct dfu_desc {
 #define DFU_FUNC_DESC  {						\
 	.bLength		= USB_DT_DFU_SIZE,			\
 	.bDescriptorType	= USB_DT_DFU,				\
-	.bmAttributes		= USB_DFU_CAN_UPLOAD | USB_DFU_CAN_DOWNLOAD, \
-	.wDetachTimeOut		= 0xff00,				\
+	.bmAttributes		= USB_DFU_CAN_UPLOAD | USB_DFU_CAN_DOWNLOAD | USB_DFU_WILL_DETACH, \
+	.wDetachTimeOut		= 0x00,				\
 	.wTransferSize		= BOARD_DFU_PAGE_SIZE,			\
 	.bcdDFUVersion		= 0x0100,				\
 }

firmware/atmel_softpack_libraries/usb/device/dfu/dfu_runtime.c

@@ -165,6 +165,8 @@ void USBDFU_Runtime_RequestHandler(const USBGenericRequest *request)
 			 * will then trigger DFURT_SwitchToDFU() below */
 			TRACE_DEBUG("\r\n====dfu_detach\n\r");
 			g_dfu->state = DFU_STATE_appDETACH;
+			USBD_Write(0, 0, 0, 0, 0);
+			DFURT_SwitchToDFU();
 			ret = DFU_RET_ZLP;
 			goto out;
 			break;
@@ -209,13 +211,14 @@ out:
 
 void DFURT_SwitchToDFU(void)
 {
+	__disable_irq();
+
 	/* store the magic value that the DFU loader can detect and
 	 * activate itself, rather than boot into the application */
 	g_dfu->magic = USB_DFU_MAGIC;
-
+	__DMB();
 	/* Disconnect the USB by removing the pull-up */
 	USBD_Disconnect();
-	__disable_irq();
 
 	/* reset the processor, we will start execution with the
 	 * ResetVector of the bootloader */

firmware/libboard/common/include/sim_switch.h

@@ -14,5 +14,13 @@
  */
 #pragma once
 
+/** switch card lines to use physical or emulated card
+ *  @param[in] nr card interface number (i.e. slot)
+ *  @param[in] physical which physical interface to switch to (e.g. 0: physical, 1: virtual)
+ *  @return 0 on success, negative else
+ */
 int sim_switch_use_physical(unsigned int nr, int physical);
+/** initialise card switching capabilities
+ *  @return number of switchable card interfaces
+ */
 int sim_switch_init(void);

firmware/libboard/common/source/board_lowlevel.c

@@ -218,3 +218,8 @@ void mdelay(unsigned int msecs)
 	do {
 	} while ((jiffies - jiffies_start) < msecs);
 }
+
+void abort() {
+	NVIC_SystemReset();
+	while(1) {};
+}

firmware/libboard/ngff_cardem/include/board.h

@@ -0,0 +1,107 @@
+/* Osmocom ngff-cardem board definition
+ *
+ * (C) 2021 by Harald Welte <laforge@osmocom.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307, USA
+ */
+#pragma once
+#include "board_common.h"
+#include "simtrace_usb.h"
+
+/** Name of the board */
+#define BOARD_NAME "NGFF-CARDEM"
+/** Board definition */
+#define ngff_cardem
+
+/** oscillator used as main clock source (in Hz) */
+#define BOARD_MAINOSC 12000000
+/** desired main clock frequency (in Hz, based on BOARD_MAINOSC) */
+#define BOARD_MCK 58000000 // 12.000 * 29 / 6
+
+/** MCU pin connected to red LED */
+#define PIO_LED_RED     PIO_PA17
+/** MCU pin connected to green LED */
+#define PIO_LED_GREEN   PIO_PA18
+/** red LED pin definition */
+#define PIN_LED_RED     {PIO_LED_RED, PIOA, ID_PIOA, PIO_OUTPUT_1, PIO_DEFAULT}
+/** green LED pin definition */
+#define PIN_LED_GREEN   {PIO_LED_GREEN, PIOA, ID_PIOA, PIO_OUTPUT_1, PIO_DEFAULT}
+/** LEDs pin definition */
+#define PINS_LEDS       PIN_LED_RED, PIN_LED_GREEN 
+/** index for red LED in LEDs pin definition array */
+#define LED_NUM_RED     0
+/** index for green LED in LEDs pin definition array */
+#define LED_NUM_GREEN   1
+/** the green LED is actually red and used as indication for USIM1 */
+#define LED_USIM1	LED_GREEN
+
+/* USIM 2 interface (USART) */
+#define PIN_USIM2_CLK		{PIO_PA2, PIOA, ID_PIOA, PIO_PERIPH_B, PIO_DEFAULT}
+#define PIN_USIM2_IO		{PIO_PA6, PIOA, ID_PIOA, PIO_PERIPH_A, PIO_DEFAULT}
+#define PINS_ISO7816_USIM2	PIN_USIM2_CLK, PIN_USIM2_IO
+
+/* USIM 2 interface (TC) */
+#define PIN_USIM2_IO_TC		{PIO_PA1, PIOA, ID_PIOA, PIO_PERIPH_B, PIO_DEFAULT}
+#define PIN_USIM2_CLK_TC	{PIO_PA4, PIOA, ID_PIOA, PIO_PERIPH_B, PIO_DEFAULT}
+#define PINS_TC_USIM2		PIN_USIM2_IO_TC, PIN_USIM2_CLK_TC
+
+/* USIM 1 interface (USART) */
+#define PIN_USIM1_IO		{PIO_PA22, PIOA, ID_PIOA, PIO_PERIPH_A, PIO_DEFAULT}
+#define PIN_USIM1_CLK		{PIO_PA23, PIOA, ID_PIOA, PIO_PERIPH_A, PIO_DEFAULT}
+#define PINS_ISO7816_USIM1	PIN_USIM1_CLK, PIN_USIM1_IO
+
+/* USIM 1 interface (TC) */
+#define PIN_USIM1_IO_TC		{PIO_PA27, PIOA, ID_PIOA, PIO_PERIPH_B, PIO_DEFAULT}
+#define PIN_USIM1_CLK_TC	{PIO_PA29, PIOA, ID_PIOA, PIO_PERIPH_B, PIO_DEFAULT}
+#define PINS_TC_USIM1		PIN_USIM1_IO_TC, PIN_USIM1_CLK_TC
+
+#define PIN_USIM1_nRST		{PIO_PA24, PIOA, ID_PIOA, PIO_INPUT, PIO_DEFAULT}
+#define PIN_USIM1_VCC		{PIO_PB2, PIOB, ID_PIOB, PIO_INPUT, PIO_DEFAULT}
+
+#define PIN_USIM2_nRST		{PIO_PA7, PIOA, ID_PIOA, PIO_INPUT, PIO_DEFAULT}
+//#define PIN_USIM2_VCC		{PIO_PB2, PIOB, ID_PIOB, PIO_INPUT, PIO_DEFAULT}
+
+#define PINS_USIM1		PINS_TC_USIM1, PINS_ISO7816_USIM1, PIN_USIM1_nRST
+#define PINS_USIM2		PINS_TC_USIM2, PINS_ISO7816_USIM2, PIN_USIM2_nRST
+
+/* from v3 and onwards only (!) */
+#define PIN_DET_USIM1_PRES	{PIO_PA8, PIOA, ID_PIOA, PIO_INPUT, PIO_PULLUP | PIO_DEGLITCH | PIO_IT_EDGE}
+
+/* inputs reading the WWAN LED level */
+#define PIN_WWAN1		{PIO_PA15, PIOA, ID_PIOA, PIO_INPUT, PIO_PULLUP | PIO_DEGLITCH | PIO_IT_EDGE}
+#define PINS_WWAN_IN		{ PIN_WWAN1 }
+
+/* outputs controlling RESET input of modems */
+#define PIN_PERST1		{PIO_PA25, PIOA, ID_PIOA, PIO_OUTPUT_1, PIO_PULLUP}
+#define PINS_PERST		{ PIN_PERST1 }
+
+#define PIN_VERSION_DET		{PIO_PA19, PIOA, ID_PIOA, PIO_PERIPH_D, PIO_DEFAULT}
+
+/* GPIO towards SPDT switches between real SIM and SAM3 */
+//#define PIN_SIM_SWITCH1 {PIO_PA20, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT}
+//#define PIN_SIM_SWITCH2 {PIO_PA28, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT}
+
+#define BOARD_USB_BMATTRIBUTES	USBConfigurationDescriptor_SELFPOWERED_NORWAKEUP
+
+#define BOARD_USB_VENDOR_ID	USB_VENDOR_OPENMOKO
+#define BOARD_USB_PRODUCT_ID	USB_PRODUCT_NGFF_CARDEM
+#define BOARD_DFU_USB_PRODUCT_ID USB_PRODUCT_NGFF_CARDEM
+#define BOARD_USB_RELEASE	0x010
+
+#define DETECT_VCC_BY_ADC
+#define VCC_UV_THRESH_1V8	1500000
+#define VCC_UV_THRESH_3V	2500000
+
+#define HAVE_CARDEM

firmware/libboard/ngff_cardem/include/card_pres.h

@@ -0,0 +1,22 @@
+/* card presence utilities
+ *
+ * (C) 2016-2017 by Harald Welte <hwelte@hmw-consulting.de>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307, USA
+ */
+#pragma once
+
+int is_card_present(int port);
+int card_present_init(void);

firmware/libboard/ngff_cardem/include/wwan_led.h

@@ -0,0 +1,20 @@
+/* Code to read/track the status of the WWAN LEDs of attached modems
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307, USA
+ */
+#pragma once
+
+int wwan_led_active(int wwan);
+int wwan_led_init(void);

firmware/libboard/ngff_cardem/include/wwan_perst.h

@@ -0,0 +1,21 @@
+/* Code to control the PERST lines of attached modems
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307, USA
+ */
+#pragma once
+
+int wwan_perst_set(int modem_nr, int active);
+int wwan_perst_do_reset_pulse(int modem_nr, unsigned int duration_ms);
+int wwan_perst_init(void);

firmware/libboard/ngff_cardem/product_string.txt

@@ -0,0 +1 @@
+ngff-cardem

firmware/libboard/ngff_cardem/source/board_ngff_cardem.c

@@ -0,0 +1,152 @@
+/* sysmocom quad-modem sysmoQMOD application code
+ *
+ * (C) 2021 Harald Welte <laforge@osmocom.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307, USA
+ */
+#include "board.h"
+#include "simtrace.h"
+#include "utils.h"
+#include "led.h"
+#include "wwan_led.h"
+#include "wwan_perst.h"
+#include "sim_switch.h"
+#include "boardver_adc.h"
+#include "card_pres.h"
+#include <osmocom/core/timer.h>
+#include "usb_buf.h"
+
+/* array of generated USB Strings */
+extern unsigned char *usb_strings[];
+
+/* returns '1' in case we should break any endless loop */
+void board_exec_dbg_cmd(int ch)
+{
+	switch (ch) {
+	case '?':
+		printf("\t?\thelp\n\r");
+		printf("\tR\treset SAM3\n\r");
+		printf("\tl\tswitch off LED 1\n\r");
+		printf("\tL\tswitch on  LED 1\n\r");
+		printf("\tg\tswitch off LED 2\n\r");
+		printf("\tG\tswitch on  LED 2\n\r");
+		printf("\tU\tProceed to USB Initialization\n\r");
+		printf("\t1\tGenerate 1ms reset pulse on WWAN1\n\r");
+		printf("\t!\tSwitch Channel A from physical -> remote\n\r");
+		printf("\t@\tSwitch Channel B from physical -> remote\n\r");
+		printf("\tt\t(pseudo)talloc report\n\r");
+		break;
+	case 'R':
+		printf("Asking NVIC to reset us\n\r");
+		USBD_Disconnect();
+		NVIC_SystemReset();
+		break;
+	case 'l':
+		led_blink(LED_GREEN, BLINK_ALWAYS_OFF);
+		printf("LED 1 switched off\n\r");
+		break;
+	case 'L':
+		led_blink(LED_GREEN, BLINK_ALWAYS_ON);
+		printf("LED 1 switched on\n\r");
+		break;
+	case 'g':
+		led_blink(LED_RED, BLINK_ALWAYS_OFF);
+		printf("LED 2 switched off\n\r");
+		break;
+	case 'G':
+		led_blink(LED_RED, BLINK_ALWAYS_ON);
+		printf("LED 2 switched on\n\r");
+		break;
+	case '1':
+		printf("Resetting Modem\n\r");
+		wwan_perst_do_reset_pulse(0, 300);
+		break;
+	case '!':
+		sim_switch_use_physical(0, 0);
+		break;
+	case 't':
+		talloc_report(NULL, stdout);
+		break;
+	default:
+		printf("Unknown command '%c'\n\r", ch);
+		break;
+	}
+}
+
+void board_main_top(void)
+{
+#ifndef APPLICATION_dfu
+	usb_buf_init();
+
+	wwan_led_init();
+	wwan_perst_init();
+	sim_switch_init();
+#endif
+
+	/* Obtain the circuit board version (currently just prints voltage */
+	get_board_version_adc();
+#ifndef APPLICATION_dfu
+	/* Initialize checking for card insert/remove events */
+	card_present_init();
+#endif
+}
+
+static int uart_has_loopback_jumper(void)
+{
+	unsigned int i;
+	const Pin uart_loopback_pins[] = {
+		{PIO_PA9A_URXD0, PIOA, ID_PIOA, PIO_INPUT, PIO_DEFAULT},
+		{PIO_PA10A_UTXD0, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT}
+	};
+
+	/* Configure UART pins as I/O */
+	PIO_Configure(uart_loopback_pins, PIO_LISTSIZE(uart_loopback_pins));
+
+	/* Send pattern over UART TX and check if it is received on RX
+	 * If the loop doesn't get interrupted, RxD always follows TxD and thus a
+	 * loopback jumper has been placed on RxD/TxD, and we will boot
+	 * into DFU unconditionally
+	 */
+	int has_loopback_jumper = 1;
+	for (i = 0; i < 10; i++) {
+		/* Set TxD high; abort if RxD doesn't go high either */
+		PIO_Set(&uart_loopback_pins[1]);
+		if (!PIO_Get(&uart_loopback_pins[0])) {
+			has_loopback_jumper = 0;
+			break;
+		}
+		/* Set TxD low, abort if RxD doesn't go low either */
+		PIO_Clear(&uart_loopback_pins[1]);
+		if (PIO_Get(&uart_loopback_pins[0])) {
+			has_loopback_jumper = 0;
+			break;
+		}
+	}
+
+	/* Put pins back to UART mode */
+	const Pin uart_pins[] = {PINS_UART};
+	PIO_Configure(uart_pins, PIO_LISTSIZE(uart_pins));
+
+	return has_loopback_jumper;
+}
+
+int board_override_enter_dfu(void)
+{
+	/* If the loopback jumper is set, we enter DFU mode */
+	if (uart_has_loopback_jumper())
+		return 1;
+
+	return 0;
+}

firmware/libboard/ngff_cardem/source/card_pres.c

@@ -0,0 +1,76 @@
+/* card presence utilities
+ *
+ * (C) 2016-2021 by Harald Welte <hwelte@hmw-consulting.de>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307, USA
+ */
+#include <osmocom/core/timer.h>
+#include "board.h"
+#include "utils.h"
+#include "card_pres.h"
+
+#define NUM_CARDPRES	1
+
+#define TIMER_INTERVAL_MS	500
+
+static const Pin pin_cardpres[NUM_CARDPRES] = { PIN_DET_USIM1_PRES };
+static int last_state[NUM_CARDPRES] = { -1 };
+static struct osmo_timer_list cardpres_timer;
+
+/* Determine if a SIM card is present in the given slot */
+int is_card_present(int port)
+{
+	const Pin *pin;
+	int present;
+
+	if (port < 0 || port >= NUM_CARDPRES)
+		return -1;
+	pin = &pin_cardpres[port];
+
+	/* Card present signals are low-active, as we have a switch
+	 * against GND and an internal-pull-up in the SAM3 */
+	present = PIO_Get(pin) ? 0 : 1;
+
+	return present;
+}
+
+static void cardpres_tmr_cb(void *data)
+{
+	unsigned int i;
+
+	for (i = 0; i < ARRAY_SIZE(pin_cardpres); i++) {
+		int state = is_card_present(i);
+		if (state != last_state[i]) {
+			TRACE_INFO("%u: Card Detect Status %d -> %d\r\n", i, last_state[i], state);
+			/* FIXME: report to USB host */
+			last_state[i] = state;
+		}
+	}
+
+	osmo_timer_schedule(&cardpres_timer, 0, TIMER_INTERVAL_MS*1000);
+}
+
+int card_present_init(void)
+{
+	unsigned int i;
+
+	PIO_Configure(pin_cardpres, ARRAY_SIZE(pin_cardpres));
+
+	/* start timer */
+	cardpres_timer.cb = cardpres_tmr_cb;
+	osmo_timer_schedule(&cardpres_timer, 0, TIMER_INTERVAL_MS*1000);
+
+	return 2;
+}

firmware/libboard/ngff_cardem/source/wwan_led.c

@@ -0,0 +1,93 @@
+/* Code to read/track the status of the WWAN LEDs of attached modems
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307, USA
+ */
+/* Depending on the board this is running on,  it might be possible
+ * for the controller to read the status of the WWAN LED output lines of
+ * the cellular modem.  If the board supports this, it sets the
+ * PIN_WWAN1 and/or PIN_WWAN2 defines in its board.h file.
+ */
+#include "board.h"
+#include "wwan_led.h"
+
+#ifdef PIN_WWAN1
+static const Pin pin_wwan1 = PIN_WWAN1;
+
+static void wwan1_irqhandler(const Pin *pPin)
+{
+	int active = wwan_led_active(0);
+
+	TRACE_INFO("0: WWAN LED %u\r\n", active);
+
+	/* TODO: notify host via USB */
+}
+#endif
+
+#ifdef PIN_WWAN2
+static const Pin pin_wwan2 = PIN_WWAN2;
+
+static void wwan2_irqhandler(const Pin *pPin)
+{
+	int active = wwan_led_active(1);
+	TRACE_INFO("1: WWAN LED %u\r\n", active);
+
+	/* TODO: notify host via USB */
+}
+#endif
+
+/* determine if a tiven WWAN led is currently active or not */
+int wwan_led_active(int wwan)
+{
+	const Pin *pin;
+	int active;
+
+	switch (wwan) {
+#ifdef PIN_WWAN1
+	case 0:
+		pin = &pin_wwan1;
+		break;
+#endif
+#ifdef PIN_WWAN2
+	case 1:
+		pin = &pin_wwan2;
+		break;
+#endif
+	default:
+		return -1;
+	}
+
+	active = PIO_Get(pin) ? 0 : 1;
+	return active;
+}
+
+int wwan_led_init(void)
+{
+	int num_leds = 0;
+
+#ifdef PIN_WWAN1
+	PIO_Configure(&pin_wwan1, 1);
+	PIO_ConfigureIt(&pin_wwan1, wwan1_irqhandler);
+	PIO_EnableIt(&pin_wwan1);
+	num_leds++;
+#endif
+
+#ifdef PIN_WWAN2
+	PIO_Configure(&pin_wwan2, 1);
+	PIO_ConfigureIt(&pin_wwan2, wwan2_irqhandler);
+	PIO_EnableIt(&pin_wwan2);
+	num_leds++;
+#endif
+	return num_leds;
+}

firmware/libboard/ngff_cardem/source/wwan_perst.c

@@ -0,0 +1,127 @@
+/* Code to control the PERST lines of attached modems
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307, USA
+ */
+/* Depending on the board this is running on,  it might be possible
+ * for the controller to set the status of the PERST input line of
+ * the cellular modem.  If the board supports this, it sets the
+ * PIN_PERST1 and/or PIN_PERST2 defines in its board.h file.
+ */
+#include "board.h"
+#include "trace.h"
+#include "wwan_perst.h"
+#include <osmocom/core/timer.h>
+
+struct wwan_perst {
+	uint8_t idx;
+	const Pin pin;
+	struct osmo_timer_list timer;
+};
+
+#ifdef PIN_PERST1
+static struct wwan_perst perst1 = {
+	.idx = 0,
+	.pin = PIN_PERST1,
+};
+#endif
+
+#ifdef PIN_PERST2
+static struct wwan_perst perst2 = {
+	.idx = 1,
+	.pin = PIN_PERST2,
+};
+#endif
+
+static int initialized = 0;
+
+static void perst_tmr_cb(void *data)
+{
+	struct wwan_perst *perst = data;
+	/* release the (low-active) reset */
+	TRACE_INFO("%u: De-asserting modem reset\r\n", perst->idx);
+	PIO_Clear(&perst->pin);
+}
+
+static struct wwan_perst *get_perst_for_modem(int modem_nr)
+{
+	if (!initialized) {
+		TRACE_ERROR("Somebody forgot to call wwan_perst_init()\r\n");
+		wwan_perst_init();
+	}
+
+	switch (modem_nr) {
+#ifdef PIN_PERST1
+	case 0:
+		return &perst1;
+#endif
+#ifdef PIN_PERST2
+	case 1:
+		return &perst2;
+#endif
+	default:
+		return NULL;
+	}
+}
+
+int wwan_perst_do_reset_pulse(int modem_nr, unsigned int duration_ms)
+{
+	struct wwan_perst *perst = get_perst_for_modem(modem_nr);
+	if (!perst)
+		return -1;
+
+	TRACE_INFO("%u: Asserting modem reset\r\n", modem_nr);
+	PIO_Set(&perst->pin);
+	osmo_timer_schedule(&perst->timer, duration_ms/1000, (duration_ms%1000)*1000);
+
+	return 0;
+}
+
+int wwan_perst_set(int modem_nr, int active)
+{
+	struct wwan_perst *perst = get_perst_for_modem(modem_nr);
+	if (!perst)
+		return -1;
+
+	osmo_timer_del(&perst->timer);
+	if (active) {
+		TRACE_INFO("%u: Asserting modem reset\r\n", modem_nr);
+		PIO_Set(&perst->pin);
+	} else {
+		TRACE_INFO("%u: De-asserting modem reset\r\n", modem_nr);
+		PIO_Clear(&perst->pin);
+	}
+
+	return 0;
+}
+
+int wwan_perst_init(void)
+{
+	int num_perst = 0;
+#ifdef PIN_PERST1
+	PIO_Configure(&perst1.pin, 1);
+	perst1.timer.cb = perst_tmr_cb;
+	perst1.timer.data = (void *) &perst1;
+	num_perst++;
+#endif
+
+#ifdef PIN_PERST2
+	PIO_Configure(&perst2.pin, 1);
+	perst2.timer.cb = perst_tmr_cb;
+	perst2.timer.data = (void *) &perst2;
+	num_perst++;
+#endif
+	initialized = 1;
+	return num_perst;
+}

firmware/libboard/octsimtest/include/board.h

@@ -50,81 +50,28 @@
 /* Button to force bootloader start (shorted to ground when pressed */
 #define PIN_BOOTLOADER_SW      {PIO_PA5, PIOA, ID_PIOA, PIO_INPUT, PIO_PULLUP}
 
-//FIXME SIM_PWEN_PIN collides with PA5/bootloader_sw on octsimtest
-/* Enable powering the card using the second 3.3 V output of the LDO (active high) */
-#define SIM_PWEN_PIN           {PIO_PA12, PIOA, ID_PIOA, PIO_OUTPUT_1, PIO_DEFAULT}
-/* Enable powering the SIM card */
-#define PWR_PINS                SIM_PWEN_PIN
-
 // FIXME PA8 is 32khz xtal on octsimtest
-/* Card presence pin */
-#define SW_SIM                  PIO_PA11
 /* Pull card presence pin high (shorted to ground in card slot when card is present) */
-#define SMARTCARD_CONNECT_PIN  {SW_SIM, PIOA, ID_PIOA, PIO_INPUT, PIO_PULLUP | PIO_DEBOUNCE | PIO_DEGLITCH | PIO_IT_EDGE }
-
-/** Smart card connection **/
-//FIXME
-/* Card RST reset signal input (active low; RST_SIM in schematic) */
-#define PIN_SIM_RST            {PIO_PA13, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT}
-/* Card I/O data signal input/output (I/O_SIM in schematic) */
-#define PIN_SIM_IO             {PIO_PA6A_TXD0, PIOA, ID_PIOA, PIO_PERIPH_A, PIO_DEFAULT}
-/* Card CLK clock input (CLK_SIM in schematic) */
-#define PIN_SIM_CLK            {PIO_PA2B_SCK0, PIOA, ID_PIOA, PIO_PERIPH_B, PIO_DEFAULT}
-/* Pin to measure card I/O timing (to start measuring the ETU on I/O activity; connected I/O_SIM in schematic) */
-#define PIN_SIM_IO_INPUT       {PIO_PA1B_TIOB0, PIOA, ID_PIOA, PIO_PERIPH_B, PIO_DEFAULT}
-//FIXME PIO_PA4B_TCLK0 PA4 is LED on octsimtest
-/* Pin used as clock input (to measure the ETU duration; connected to CLK_SIM in schematic) */
-#define PIN_SIM_CLK_INPUT      {PIO_PA14, PIOA, ID_PIOA, PIO_PERIPH_B, PIO_DEFAULT}
-/* Pins used to measure ETU timing (using timer counter) */ 
-#define PINS_TC                 PIN_SIM_IO_INPUT, PIN_SIM_CLK_INPUT
 
 /** Phone connection **/
 /* Phone USIM slot 1 VCC pin (VCC_PHONE in schematic) */
 #define PIN_USIM1_VCC          {PIO_PA25, PIOA, ID_PIOA, PIO_INPUT, PIO_DEFAULT}
 /* Phone USIM slot 1 RST pin (active low; RST_PHONE in schematic) */
-#define PIN_USIM1_nRST         {PIO_PA24, PIOA, ID_PIOA, PIO_INPUT, PIO_IT_RISE_EDGE | PIO_DEGLITCH }
+#define PIN_USIM1_nRST         {PIO_PA24, PIOA, ID_PIOA, PIO_INPUT, PIO_IT_EDGE | PIO_DEGLITCH }
 /* Phone I/O data signal input/output (I/O_PHONE in schematic) */
 #define PIN_PHONE_IO           {PIO_PA22A_TXD1, PIOA, ID_PIOA, PIO_PERIPH_A, PIO_DEFAULT}
 /* Phone CLK clock input (CLK_PHONE in schematic) */
 #define PIN_PHONE_CLK          {PIO_PA23A_SCK1, PIOA, ID_PIOA, PIO_PERIPH_A, PIO_DEFAULT}
+/* Pin used to switch level shifter in I/O line between rx (0) and tx (1) */
+#define PIN_USIM1_IO_DIR	{PIO_PA26, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT}
 /* Pin used for phone USIM slot 1 communication */
-#define PINS_USIM1              PIN_PHONE_IO, PIN_PHONE_CLK, PIN_PHONE_CLK_INPUT, PIN_USIM1_VCC, PIN_PHONE_IO_INPUT, PIN_USIM1_nRST
+#define PINS_USIM1              PIN_PHONE_IO, PIN_PHONE_CLK, PIN_PHONE_CLK_INPUT, PIN_USIM1_VCC, PIN_PHONE_IO_INPUT, PIN_USIM1_nRST, PIN_USIM1_IO_DIR
 /* Phone I/O data signal input/output (unused USART RX input; connected to I/O_PHONE in schematic) */
 #define PIN_PHONE_IO_INPUT     {PIO_PA21A_RXD1, PIOA, ID_PIOA, PIO_PERIPH_A, PIO_DEFAULT}
 /* Pin used as clock input (to measure the ETU duration; connected to CLK_PHONE in schematic) */
 #define PIN_PHONE_CLK_INPUT    {PIO_PA29B_TCLK2, PIOA, ID_PIOA, PIO_PERIPH_B, PIO_DEFAULT}
 
 /** Default pin configuration **/
-/* Disconnect VPP, CLK, and RST lines between card and phone using bus switch (high sets bus switch to high-impedance) */
-#define PIN_SC_SW_DEFAULT      {PIO_PA20, PIOA, ID_PIOA, PIO_OUTPUT_1, PIO_DEFAULT}
-/* Disconnect I/O line between card and phone using bus switch (high sets bus switch to high-impedance) */
-#define PIN_IO_SW_DEFAULT      {PIO_PA19, PIOA, ID_PIOA, PIO_OUTPUT_1, PIO_DEFAULT}
-/* Disconnect all lines (VPP, CLK, RST, and I/O) between card and phone */
-#define PINS_BUS_DEFAULT        PIN_SC_SW_DEFAULT, PIN_IO_SW_DEFAULT
-
-/** Sniffer configuration **/
-/* Connect VPP, CLK, and RST lines between card and phone using bus switch (low connects signals on bus switch) */
-#define PIN_SC_SW_SNIFF        {PIO_PA20, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT}
-/* Connect I/O line between card and phone using bus switch (low connects signals on bus switch) */
-#define PIN_IO_SW_SNIFF        {PIO_PA19, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT}
-/* Connect all lines (VPP, CLK, RST, and I/O) between card and phone */
-#define PINS_BUS_SNIFF          PIN_SC_SW_SNIFF, PIN_IO_SW_SNIFF
-/* Card RST reset signal input (use as input since the phone will drive it) */
-#define PIN_SIM_RST_SNIFF      {PIO_PA7, PIOA, ID_PIOA, PIO_INPUT, PIO_DEGLITCH | PIO_IT_EDGE}
-/* Pins used to sniff phone-card communication */
-#define PINS_SIM_SNIFF          PIN_SIM_IO, PIN_SIM_CLK, PIN_SIM_RST_SNIFF
-/* Disable power converter 4.5-6V to 3.3V (active high) */
-#define PIN_SIM_PWEN_SNIFF     {SIM_PWEN, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT}
-/* Enable power switch to forward VCC_PHONE to VCC_SIM (active high) */
-#define PIN_VCC_FWD_SNIFF      {VCC_FWD, PIOA, ID_PIOA, PIO_OUTPUT_1, PIO_DEFAULT}
-/* Use phone VCC to power card */
-#define PINS_PWR_SNIFF          PIN_SIM_PWEN_SNIFF, PIN_VCC_FWD_SNIFF
-
-/** CCID configuration */
-/* Card RST reset signal input (active low; RST_SIM in schematic) */
-#define PIN_ISO7816_RSTMC      {PIO_PA7, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT}
-/* ISO7816-communication related pins */
-#define PINS_ISO7816            PIN_SIM_IO,  PIN_SIM_CLK,  PIN_ISO7816_RSTMC // SIM_PWEN_PIN, PIN_SIM_IO2, PIN_SIM_CLK2
 
 /** External SPI flash interface   **/
 /* SPI MISO pin definition */
@@ -149,21 +96,32 @@
 /* OpenMoko SIMtrace 2 USB vendor ID */
 #define BOARD_USB_VENDOR_ID	USB_VENDOR_OPENMOKO
 /* OpenMoko SIMtrace 2 USB product ID (main application/runtime mode) */
-#define BOARD_USB_PRODUCT_ID	USB_PRODUCT_SIMTRACE2
+#define BOARD_USB_PRODUCT_ID	USB_PRODUCT_OCTSIMTEST
 /* OpenMoko SIMtrace 2 DFU USB product ID (DFU bootloader/DFU mode) */
-#define BOARD_DFU_USB_PRODUCT_ID USB_PRODUCT_SIMTRACE2_DFU
+#define BOARD_DFU_USB_PRODUCT_ID USB_PRODUCT_OCTSIMTEST
 /* USB release number (bcdDevice, shown as 0.00) */
 #define BOARD_USB_RELEASE	0x000
 /* Indicate SIMtrace is bus power in USB attributes */
 #define BOARD_USB_BMATTRIBUTES	USBConfigurationDescriptor_BUSPOWERED_NORWAKEUP
 
+#define DETECT_VCC_BY_ADC
+/* we have a resistive voltage divider of 47 + 30 kOhms to also detect 5V supply power */
+#define VCC_UV_THRESH_1V8	(1500000*47)/(47+30)
+#define VCC_UV_THRESH_3V	(2500000*47)/(47+30)
+
+#define HAVE_SLOT_MUX
+
+#define HAVE_BOARD_CARDINSERT
+struct cardem_inst;
+void board_set_card_insert(struct cardem_inst *ci, bool card_insert);
+
 /** Supported modes */
 /* SIMtrace board supports sniffer mode */
 //#define HAVE_SNIFFER
 /* SIMtrace board supports CCID mode */
 //#define HAVE_CCID
 /* SIMtrace board supports card emulation mode */
-//#define HAVE_CARDEM
+#define HAVE_CARDEM
 /* SIMtrace board supports man-in-the-middle mode */
 //#define HAVE_MITM
 /* octsimtest board supports gpio_test mode */

firmware/libboard/octsimtest/include/mcp23017.h

@@ -18,8 +18,10 @@
 
 #define MCP23017_ADDRESS 0x20
 
-int mcp23017_init(uint8_t slave);
+int mcp23017_init(uint8_t slave, uint8_t iodira, uint8_t iodirb);
 int mcp23017_test(uint8_t slave);
 int mcp23017_toggle(uint8_t slave);
+int mcp23017_set_output_a(uint8_t slave, uint8_t val);
+int mcp23017_set_output_b(uint8_t slave, uint8_t val);
 //int mcp23017_write_byte(uint8_t slave, uint8_t addr, uint8_t byte);
 //int mcp23017_read_byte(uint8_t slave, uint8_t addr);

firmware/libboard/octsimtest/include/mux.h

@@ -0,0 +1,17 @@
+#pragma once
+
+void mux_init(void);
+int mux_set_slot(uint8_t s);
+int mux_get_slot(void);
+void mux_set_freq(uint8_t s);
+
+/* this reflects the wiring between U5 and U4 */
+#define MUX_FREQ_DIV_2		0
+#define MUX_FREQ_DIV_4		1
+#define MUX_FREQ_DIV_16		2
+#define MUX_FREQ_DIV_32		3
+#define MUX_FREQ_DIV_32		3
+#define MUX_FREQ_DIV_128	4
+#define MUX_FREQ_DIV_512	5
+#define MUX_FREQ_DIV_2048	6
+#define MUX_FREQ_DIV_4096	7

firmware/libboard/octsimtest/source/board_octsimtest.c

@@ -17,6 +17,7 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307, USA
  */
+#include <stdbool.h>
 #include "board.h"
 #include "simtrace.h"
 #include "utils.h"
@@ -25,16 +26,29 @@
 #include "usb_buf.h"
 #include "i2c.h"
 #include "mcp23017.h"
+#include "mux.h"
+
+static bool mcp2317_present = false;
 
 void board_exec_dbg_cmd(int ch)
 {
 	switch (ch) {
 	case '?':
 		printf("\t?\thelp\n\r");
+		printf("\t0-8\tselect physical SIM slot\n\r");
 		printf("\tR\treset SAM3\n\r");
 		printf("\tm\trun mcp23017 test\n\r");
-		printf("\tR\ttoggle MSB of gpio on mcp23017\n\r");
+		printf("\ti\tset card insert via I2C\n\r");
+		printf("\tI\tdisable card insert\n\r");
 		break;
+	case '0': mux_set_slot(0); break;
+	case '1': mux_set_slot(1); break;
+	case '2': mux_set_slot(2); break;
+	case '3': mux_set_slot(3); break;
+	case '4': mux_set_slot(4); break;
+	case '5': mux_set_slot(5); break;
+	case '6': mux_set_slot(6); break;
+	case '7': mux_set_slot(7); break;
 	case 'R':
 		printf("Asking NVIC to reset us\n\r");
 		USBD_Disconnect();
@@ -43,8 +57,13 @@ void board_exec_dbg_cmd(int ch)
 	case 'm':
 		mcp23017_test(MCP23017_ADDRESS);
 		break;
-	case 't':
-		mcp23017_toggle(MCP23017_ADDRESS);
+	case 'i':
+		printf("Setting card insert (slot=%u)\r\n", mux_get_slot());
+		mcp23017_set_output_a(MCP23017_ADDRESS, (1 << mux_get_slot()));
+		break;
+	case 'I':
+		printf("Releasing card insert (slot=%u)\r\n", mux_get_slot());
+		mcp23017_set_output_a(MCP23017_ADDRESS, 0);
 		break;
 	default:
 		printf("Unknown command '%c'\n\r", ch);
@@ -57,9 +76,13 @@ void board_main_top(void)
 #ifndef APPLICATION_dfu
 	usb_buf_init();
 
+	mux_init();
 	i2c_pin_init();
-	if (!mcp23017_init(MCP23017_ADDRESS))
-		printf("mcp23017 not found!\n\r");
+	/* PORT A: all outputs, Port B0 output, B1..B7 unused */
+	if (mcp23017_init(MCP23017_ADDRESS, 0x00, 0xfe) == 0) {
+		mcp2317_present = true;
+		mcp23017_set_output_a(MCP23017_ADDRESS, 0);
+	}
 	/* Initialize checking for card insert/remove events */
 	//card_present_init();
 #endif
@@ -79,3 +102,23 @@ int board_override_enter_dfu(void)
 	} else
 		return 0;
 }
+
+void board_set_card_insert(struct cardem_inst *ci, bool card_insert)
+{
+	int s = mux_get_slot();
+
+	/* A0 .. A7 of the MCP are each connected to the gate of a FET which closes
+	 * the sim-present signal of the respective slot */
+
+	if (mcp2317_present) {
+		if (card_insert) {
+			/* we must enable card-presence of the active slot and disable it on all others */
+			mcp23017_set_output_a(MCP23017_ADDRESS, (1 << s));
+		} else {
+			/* we disable all card insert signals */
+			mcp23017_set_output_a(MCP23017_ADDRESS, 0);
+		}
+	} else {
+		TRACE_WARNING("No MCP23017 present; cannot set CARD_INSERT\r\n");
+	}
+}

firmware/libboard/octsimtest/source/mcp23017.c

@@ -92,19 +92,25 @@ out_stop:
 		return 0;
 }
 
-int mcp23017_init(uint8_t slave)
+int mcp23017_init(uint8_t slave, uint8_t iodira, uint8_t iodirb)
 {
-	printf("mcp23017_init\n\r");
+	TRACE_DEBUG("mcp23017_init\n\r");
+
 	// all gpio input
-	if (mcp23017_write_byte(slave, MCP23017_IODIRA, 0xff))
-		return false;
+	if (mcp23017_write_byte(slave, MCP23017_IODIRA, iodira))
+		goto out_err;
 	// msb of portb output, rest input
-	if (mcp23017_write_byte(slave, MCP23017_IODIRB, 0x7f))
-		return false;
+	if (mcp23017_write_byte(slave, MCP23017_IODIRB, iodirb))
+		goto out_err;
 	if (mcp23017_write_byte(slave, MCP23017_IOCONA, 0x20)) //disable SEQOP (autoinc addressing)
-		return false;
-	printf("mcp23017 found\n\r");
-	return true;
+		goto out_err;
+
+	TRACE_DEBUG("mcp23017 found\n\r");
+	return 0;
+
+out_err:
+	TRACE_WARNING("mcp23017 NOT found!\n\r");
+	return -1;
 }
 
 int mcp23017_test(uint8_t slave)
@@ -120,6 +126,16 @@ int mcp23017_test(uint8_t slave)
 	return 0;
 }
 
+int mcp23017_set_output_a(uint8_t slave, uint8_t val)
+{
+	return mcp23017_write_byte(slave, MCP23017_OLATA, val);
+}
+
+int mcp23017_set_output_b(uint8_t slave, uint8_t val)
+{
+	return mcp23017_write_byte(slave, MCP23017_OLATB, val);
+}
+
 int mcp23017_toggle(uint8_t slave)
 {
 	// example writing MSB of gpio

firmware/libboard/octsimtest/source/mux.c

@@ -0,0 +1,113 @@
+/* sysmoOCTSIMTEST support for multiplexers
+ *
+ * (C) 2021 by Harald Welte <laforge@gnumonks.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307, USA
+ */
+
+#include "board.h"
+#include "mux.h"
+#include <stdbool.h>
+#include <errno.h>
+
+/* 3-bit S0..S2 signal for slot selection */
+static const Pin pin_in_sel[3] = {
+	{ PIO_PA1, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT },
+	{ PIO_PA2, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT },
+	{ PIO_PA3, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT },
+};
+
+/* 3-bit S0..S2 signal for frequency divider selection */
+static const Pin pin_freq_sel[3] = {
+	{ PIO_PA16, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT },
+	{ PIO_PA17, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT },
+	{ PIO_PA18, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT },
+};
+
+/* low-active output enable for all muxes */
+static const Pin pin_oe = { PIO_PA19, PIOA, ID_PIOA, PIO_OUTPUT_1, PIO_DEFAULT };
+
+static uint8_t g_mux_slot = 0;
+
+/* initialize the external 1:8 multiplexers */
+void mux_init(void)
+{
+	PIO_Configure(&pin_oe, PIO_LISTSIZE(pin_oe));
+	PIO_Configure(pin_in_sel, PIO_LISTSIZE(pin_in_sel));
+	PIO_Configure(pin_freq_sel, PIO_LISTSIZE(pin_freq_sel));
+
+	mux_set_slot(0);
+}
+
+/* set the slot selection mux */
+int mux_set_slot(uint8_t s)
+{
+	TRACE_INFO("%s(%u)\r\n", __func__, s);
+
+	if (s > 7)
+		return -EINVAL;
+
+	/* !OE = H: disconnect input and output of muxes */
+	PIO_Set(&pin_oe);
+
+	if (s & 1)
+		PIO_Set(&pin_in_sel[0]);
+	else
+		PIO_Clear(&pin_in_sel[0]);
+	if (s & 2)
+		PIO_Set(&pin_in_sel[1]);
+	else
+		PIO_Clear(&pin_in_sel[1]);
+	if (s & 4)
+		PIO_Set(&pin_in_sel[2]);
+	else
+		PIO_Clear(&pin_in_sel[2]);
+
+	/* !OE = L: (re-)enable the output of muxes */
+	PIO_Clear(&pin_oe);
+
+	g_mux_slot = s;
+	return s;
+}
+
+int mux_get_slot(void)
+{
+	return g_mux_slot;
+}
+
+/* set the frequency divider mux */
+void mux_set_freq(uint8_t s)
+{
+	TRACE_INFO("%s(%u)\r\n", __func__, s);
+
+	/* no need for 'break before make' here, this would also affect
+	 * the SIM card I/O signals which we don't want to disturb */
+
+	if (s & 1)
+		PIO_Set(&pin_freq_sel[0]);
+	else
+		PIO_Clear(&pin_freq_sel[0]);
+	if (s & 2)
+		PIO_Set(&pin_freq_sel[1]);
+	else
+		PIO_Clear(&pin_freq_sel[1]);
+	if (s & 4)
+		PIO_Set(&pin_freq_sel[2]);
+	else
+		PIO_Clear(&pin_freq_sel[2]);
+
+	/* !OE = L: ensure enable the output of muxes */
+	PIO_Clear(&pin_oe);
+}

firmware/libboard/octsimtest/source/sim_switch.c

@@ -0,0 +1,37 @@
+/* Code to switch between local (physical) and remote (emulated) SIM
+ *
+ * (C) 2021 by Harald Welte <hwelte@hmw-consulting.de>
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307, USA
+ */
+#include "board.h"
+#include "trace.h"
+#include "sim_switch.h"
+
+int sim_switch_use_physical(unsigned int nr, int physical)
+{
+	if (physical) {
+		TRACE_ERROR("%u: Use local/physical SIM - UNSUPPORTED!\r\n", nr);
+	} else {
+		TRACE_INFO("%u: Use remote/emulated SIM\r\n", nr);
+	}
+
+	return 0;
+}
+
+int sim_switch_init(void)
+{
+	return 1; // SIMtrace hardware has only one switchable interface
+}

firmware/libboard/owhw/source/sim_switch.c

@@ -0,0 +1,90 @@
+/* Code to switch between local (physical) and remote (emulated) SIM
+ *
+ * (C) 2015-2017 by Harald Welte <hwelte@hmw-consulting.de>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307, USA
+ */
+#include "board.h"
+#include "trace.h"
+#include "led.h"
+#include "sim_switch.h"
+
+#ifdef PIN_SIM_SWITCH1
+static const Pin pin_conn_usim1 = {PIO_PA20, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT};
+#endif
+#ifdef PIN_SIM_SWITCH2
+static const Pin pin_conn_usim2 = {PIO_PA28, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT};
+#endif
+
+static int initialized = 0;
+
+int sim_switch_use_physical(unsigned int nr, int physical)
+{
+	const Pin *pin;
+	enum led led;
+
+	if (!initialized) {
+		TRACE_ERROR("Somebody forgot to call sim_switch_init()\r\n");
+		sim_switch_init();
+	}
+
+	TRACE_INFO("Modem %d: %s SIM\n\r", nr,
+		   physical ? "physical" : "virtual");
+
+	switch (nr) {
+#ifdef PIN_SIM_SWITCH1
+	case 0:
+		pin = &pin_conn_usim1;
+		led = LED_USIM1;
+		break;
+#endif
+#ifdef PIN_SIM_SWITCH2
+	case 1:
+		pin = &pin_conn_usim2;
+		led = LED_USIM2;
+		break;
+#endif
+	default:
+		TRACE_ERROR("Invalid SIM%u\n\r", nr);
+		return -1;
+	}
+
+	if (physical) {
+		TRACE_INFO("%u: Use local/physical SIM\r\n", nr);
+		PIO_Clear(pin);
+		led_blink(led, BLINK_ALWAYS_ON);
+	} else {
+		TRACE_INFO("%u: Use remote/emulated SIM\r\n", nr);
+		PIO_Set(pin);
+		led_blink(led, BLINK_ALWAYS_OFF);
+	}
+
+	return 0;
+}
+
+int sim_switch_init(void)
+{
+	int num_switch = 0;
+#ifdef PIN_SIM_SWITCH1
+	PIO_Configure(&pin_conn_usim1, 1);
+	num_switch++;
+#endif
+#ifdef PIN_SIM_SWITCH2
+	PIO_Configure(&pin_conn_usim2, 1);
+	num_switch++;
+#endif
+	initialized = 1;
+	return num_switch;
+}

firmware/libboard/qmod/include/board.h

@@ -109,6 +109,9 @@
 #define BOARD_USB_RELEASE	0x010
 
 #define CARDEMU_SECOND_UART
+
 #define DETECT_VCC_BY_ADC
+#define VCC_UV_THRESH_1V8	1500000
+#define VCC_UV_THRESH_3V	2500000
 
 #define HAVE_CARDEM

firmware/libboard/qmod/source/sim_switch.c

@@ -0,0 +1,90 @@
+/* Code to switch between local (physical) and remote (emulated) SIM
+ *
+ * (C) 2015-2017 by Harald Welte <hwelte@hmw-consulting.de>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307, USA
+ */
+#include "board.h"
+#include "trace.h"
+#include "led.h"
+#include "sim_switch.h"
+
+#ifdef PIN_SIM_SWITCH1
+static const Pin pin_conn_usim1 = {PIO_PA20, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT};
+#endif
+#ifdef PIN_SIM_SWITCH2
+static const Pin pin_conn_usim2 = {PIO_PA28, PIOA, ID_PIOA, PIO_OUTPUT_0, PIO_DEFAULT};
+#endif
+
+static int initialized = 0;
+
+int sim_switch_use_physical(unsigned int nr, int physical)
+{
+	const Pin *pin;
+	enum led led;
+
+	if (!initialized) {
+		TRACE_ERROR("Somebody forgot to call sim_switch_init()\r\n");
+		sim_switch_init();
+	}
+
+	TRACE_INFO("Modem %d: %s SIM\n\r", nr,
+		   physical ? "physical" : "virtual");
+
+	switch (nr) {
+#ifdef PIN_SIM_SWITCH1
+	case 0:
+		pin = &pin_conn_usim1;
+		led = LED_USIM1;
+		break;
+#endif
+#ifdef PIN_SIM_SWITCH2
+	case 1:
+		pin = &pin_conn_usim2;
+		led = LED_USIM2;
+		break;
+#endif
+	default:
+		TRACE_ERROR("Invalid SIM%u\n\r", nr);
+		return -1;
+	}
+
+	if (physical) {
+		TRACE_INFO("%u: Use local/physical SIM\r\n", nr);
+		PIO_Clear(pin);
+		led_blink(led, BLINK_ALWAYS_ON);
+	} else {
+		TRACE_INFO("%u: Use remote/emulated SIM\r\n", nr);
+		PIO_Set(pin);
+		led_blink(led, BLINK_ALWAYS_OFF);
+	}
+
+	return 0;
+}
+
+int sim_switch_init(void)
+{
+	int num_switch = 0;
+#ifdef PIN_SIM_SWITCH1
+	PIO_Configure(&pin_conn_usim1, 1);
+	num_switch++;
+#endif
+#ifdef PIN_SIM_SWITCH2
+	PIO_Configure(&pin_conn_usim2, 1);
+	num_switch++;
+#endif
+	initialized = 1;
+	return num_switch;
+}

firmware/libboard/simtrace/include/board.h

@@ -78,11 +78,11 @@
 /* Phone USIM slot 1 RST pin (active low; RST_PHONE in schematic) */
 #define PIN_USIM1_nRST         {PIO_PA24, PIOA, ID_PIOA, PIO_INPUT, PIO_IT_EDGE | PIO_DEGLITCH }
 /* Phone I/O data signal input/output (I/O_PHONE in schematic) */
-#define PIN_PHONE_IO           {PIO_PA22A_TXD1, PIOA, ID_PIOA, PIO_PERIPH_A, PIO_DEFAULT}
+#define PIN_USIM1_IO           {PIO_PA22A_TXD1, PIOA, ID_PIOA, PIO_PERIPH_A, PIO_DEFAULT}
 /* Phone CLK clock input (CLK_PHONE in schematic) */
-#define PIN_PHONE_CLK          {PIO_PA23A_SCK1, PIOA, ID_PIOA, PIO_PERIPH_A, PIO_DEFAULT}
+#define PIN_USIM1_CLK          {PIO_PA23A_SCK1, PIOA, ID_PIOA, PIO_PERIPH_A, PIO_DEFAULT}
 /* Pin used for phone USIM slot 1 communication */
-#define PINS_USIM1              PIN_PHONE_IO, PIN_PHONE_CLK, PIN_PHONE_CLK_INPUT, PIN_USIM1_VCC, PIN_PHONE_IO_INPUT, PIN_USIM1_nRST
+#define PINS_USIM1              PIN_USIM1_IO, PIN_USIM1_CLK, PIN_PHONE_CLK_INPUT, PIN_USIM1_VCC, PIN_PHONE_IO_INPUT, PIN_USIM1_nRST
 /* Phone I/O data signal input/output (unused USART RX input; connected to I/O_PHONE in schematic) */
 #define PIN_PHONE_IO_INPUT     {PIO_PA21A_RXD1, PIOA, ID_PIOA, PIO_PERIPH_A, PIO_DEFAULT}
 /* Pin used as clock input (to measure the ETU duration; connected to CLK_PHONE in schematic) */
@@ -153,10 +153,14 @@
 
 /** Supported modes */
 /* SIMtrace board supports sniffer mode */
+#ifdef APPLICATION_trace
 #define HAVE_SNIFFER
+#endif
 /* SIMtrace board supports CCID mode */
 //#define HAVE_CCID
 /* SIMtrace board supports card emulation mode */
-//#define HAVE_CARDEM
+#ifdef APPLICATION_cardem
+#define HAVE_CARDEM
+#endif
 /* SIMtrace board supports man-in-the-middle mode */
 //#define HAVE_MITM

firmware/libboard/simtrace/source/sim_switch.c

@@ -0,0 +1,54 @@
+/* Code to switch between local (physical) and remote (emulated) SIM
+ *
+ * (C) 2015-2017 by Harald Welte <hwelte@hmw-consulting.de>
+ * (C) 2018, sysmocom -s.f.m.c. GmbH, Author: Kevin Redon <kredon@sysmocom.de>
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307, USA
+ */
+#include "board.h"
+#include "trace.h"
+#include "led.h"
+#include "sim_switch.h"
+
+int sim_switch_use_physical(unsigned int nr, int physical)
+{
+	const Pin pin_sc = PIN_SC_SW_DEFAULT; // pin to control bus switch for VCC/RST/CLK signals
+	const Pin pin_io = PIN_IO_SW_DEFAULT; // pin to control bus switch for I/O signal
+
+	if (nr > 0) {
+		TRACE_ERROR("SIM interface for Modem %d can't be switched\r\n", nr);
+		return -1;
+	}
+
+	TRACE_INFO("Modem %u: %s SIM\n\r", nr, physical ? "physical" : "virtual");
+
+	if (physical) {
+		TRACE_INFO("%u: Use local/physical SIM\r\n", nr);
+		PIO_Set(&pin_sc);
+		PIO_Set(&pin_io);
+	} else {
+		TRACE_INFO("%u: Use remote/emulated SIM\r\n", nr);
+		PIO_Clear(&pin_sc);
+		PIO_Clear(&pin_io);
+	}
+
+	return 0;
+}
+
+int sim_switch_init(void)
+{
+	// the bus switch is already initialised
+	return 1; // SIMtrace hardware has only one switchable interface
+}

firmware/libcommon/include/assert.h

@@ -89,7 +89,7 @@
 		/// \param condition  Condition to verify.
 		#define ASSERT(condition)  { \
 			if (!(condition)) { \
-				printf("-F- ASSERT: %s %s:%d\n\r", #condition, __BASE_FILE__, __LINE__); \
+				printf_sync("-F- ASSERT: %s %s:%d\n\r", #condition, __BASE_FILE__, __LINE__); \
 				while (1); \
 			} \
 		}

firmware/libcommon/include/card_emu.h

@@ -31,7 +31,6 @@ enum card_io {
 
 /** initialise card slot
  *  @param[in] slot_num slot number (arbitrary number)
- *  @param[in] tc_chan timer counter channel (to measure the ETU)
  *  @param[in] uart_chan UART peripheral channel
  *  @param[in] in_ep USB IN end point number
  *  @param[in] irq_ep USB INTerrupt end point number
@@ -40,7 +39,7 @@ enum card_io {
  *  @param[in] clocked initial CLK signat state (true = active)
  *  @return main card handle reference
  */
-struct card_handle *card_emu_init(uint8_t slot_num, uint8_t tc_chan, uint8_t uart_chan, uint8_t in_ep, uint8_t irq_ep, bool vcc_active, bool in_reset, bool clocked);
+struct card_handle *card_emu_init(uint8_t slot_num, uint8_t uart_chan, uint8_t in_ep, uint8_t irq_ep, bool vcc_active, bool in_reset, bool clocked);
 
 /* process a single byte received from the reader */
 void card_emu_process_rx_byte(struct card_handle *ch, uint8_t byte);
@@ -58,10 +57,17 @@ struct llist_head *card_emu_get_uart_tx_queue(struct card_handle *ch);
 void card_emu_have_new_uart_tx(struct card_handle *ch);
 void card_emu_report_status(struct card_handle *ch, bool report_on_irq);
 
-#define ENABLE_TX	0x01
-#define ENABLE_RX	0x02
+void card_emu_wtime_half_expired(void *ch);
+void card_emu_wtime_expired(void *ch);
+
+
+#define ENABLE_TX		0x01
+#define ENABLE_RX		0x02
+#define ENABLE_TX_TIMER_ONLY	0x03
 
 int card_emu_uart_update_fidi(uint8_t uart_chan, unsigned int fidi);
+void card_emu_uart_update_wt(uint8_t uart_chan, uint32_t wt);
+void card_emu_uart_reset_wt(uint8_t uart_chan);
 int card_emu_uart_tx(uint8_t uart_chan, uint8_t byte);
 void card_emu_uart_enable(uint8_t uart_chan, uint8_t rxtx);
 void card_emu_uart_wait_tx_idle(uint8_t uart_chan);

firmware/libcommon/include/iso7816_fidi.h

@@ -21,10 +21,10 @@
 #include <stdint.h>
 
 /* Table 7 of ISO 7816-3:2006 */
-extern const uint16_t fi_table[];
+extern const uint16_t iso7816_3_fi_table[16];
 
 /* Table 8 from ISO 7816-3:2006 */
-extern const uint8_t di_table[];
+extern const uint8_t iso7816_3_di_table[16];
 
-/* compute the F/D ratio based on Fi and Di values */
-int compute_fidi_ratio(uint8_t fi, uint8_t di);
+/* compute the F/D ratio based on F_index and D_index values */
+int iso7816_3_compute_fd_ratio(uint8_t f_index, uint8_t d_index);

firmware/libcommon/include/simtrace_prot.h

@@ -230,11 +230,17 @@ struct cardemu_usb_msg_status {
 	uint32_t flags;
 	/* phone-applied target voltage in mV */
 	uint16_t voltage_mv;
-	/* Fi/Di related information */
-	uint8_t fi;
-	uint8_t di;
-	uint8_t wi;
-	uint32_t waiting_time;
+	/* F/D related information. Not actual Fn/Dn values but indexes into tables! */
+	union {
+		uint8_t F_index;	/* <! Index to ISO7816-3 Table 7 (F and f_max values) */
+		uint8_t fi;		/* <! old, wrong name for API compatibility */
+	};
+	union {
+		uint8_t D_index;	/* <! Index to ISO7816-3 Table 8 (D value) */
+		uint8_t di;		/* <! old, wrong name for API compatibility */
+	};
+	uint8_t wi;		/* <! Waiting Integer as defined in ISO7816-3 Section 10.2 */
+	uint32_t waiting_time;	/* <! Waiting Time in etu as defined in ISO7816-3 Section 8.1 */
 } __attribute__ ((packed));
 
 /* CEMU_USB_MSGT_DO_PTS */
@@ -263,6 +269,8 @@ struct cardemu_usb_msg_error {
 struct cardemu_usb_msg_config {
 	/* bit-mask of CEMU_FEAT_F flags */
 	uint32_t features;
+	/* the selected slot number (if an external mux is present) */
+	uint8_t slot_mux_nr;
 } __attribute__ ((packed));
 
 /***********************************************************************

firmware/libcommon/include/simtrace_usb.h

@@ -25,6 +25,8 @@
 #define USB_PRODUCT_QMOD_SAM3		0x4004
 #define USB_PRODUCT_SIMTRACE2_DFU	0x60e3	/* was 0x60e2 */
 #define USB_PRODUCT_SIMTRACE2		0x60e3
+#define USB_PRODUCT_OCTSIMTEST		0x616d
+#define USB_PRODUCT_NGFF_CARDEM		0x616e
 
 /* USB proprietary class */
 #define USB_CLASS_PROPRIETARY			0xff

firmware/libcommon/source/card_emu.c

@@ -1,6 +1,6 @@
 /* ISO7816-3 state machine for the card side
  *
- * (C) 2010-2019 by Harald Welte <laforge@gnumonks.org>
+ * (C) 2010-2021 by Harald Welte <laforge@gnumonks.org>
  * (C) 2018 by sysmocom -s.f.m.c. GmbH, Author: Kevin Redon <kredon@sysmocom.de>
  *
  * This program is free software; you can redistribute it and/or modify
@@ -27,13 +27,15 @@
 #include "utils.h"
 #include "trace.h"
 #include "iso7816_fidi.h"
-#include "tc_etu.h"
 #include "card_emu.h"
 #include "simtrace_prot.h"
 #include "usb_buf.h"
 #include <osmocom/core/linuxlist.h>
 #include <osmocom/core/msgb.h>
 
+#ifdef HAVE_SLOT_MUX
+#include "mux.h"
+#endif
 
 #define NUM_SLOTS		2
 
@@ -154,19 +156,34 @@ struct card_handle {
 	bool in_reset;	/*< if card is in reset (true = RST low/asserted, false = RST high/ released) */
 	bool clocked;	/*< if clock is active ( true = active, false = inactive) */
 
-	/* timing parameters, from PTS */
-	uint8_t fi;
-	uint8_t di;
+	/* All below variables with _index suffix are indexes from 0..15 into Tables 7 + 8
+	 * of ISO7816-3. */
+
+	/*! Index to clock rate conversion integer Fi (ISO7816-3 Table 7).
+	 *  \note this represents the maximum value supported by the card, and can be indicated in TA1 */
+	uint8_t Fi_index;
+	/*! Current value of index to clock rate conversion integer F (ISO 7816-3 Section 7.1). */
+	uint8_t F_index;
+
+	/*! Index to baud rate adjustment factor Di (ISO7816-3 Table 8).
+	 *  \note this represents the maximum value supported by the card, and can be indicated in TA1 */
+	uint8_t Di_index;
+	/*! Current value of index to baud rate adjustment factor D (ISO 7816-3 Section 7.1). */
+	uint8_t D_index;
+
+	/*! Waiting Integer (ISO7816-3 Section 10.2).
+	 *  \note this value can be set in TA2 */
 	uint8_t wi;
 
-	uint8_t tc_chan;	/* TC channel number */
+	/*! Waiting Time, in ETU (ISO7816-3 Section 8.1).
+	 *  \note this depends on Fi, Di, and WI if T=0 is used */
+	uint32_t waiting_time;	/* in etu */
+
 	uint8_t uart_chan;	/* UART channel */
 
 	uint8_t in_ep;		/* USB IN EP */
 	uint8_t irq_ep;		/* USB IN EP */
 
-	uint32_t waiting_time;	/* in clocks */
-
 	/* ATR state machine */
 	struct {
 		uint8_t idx;
@@ -206,7 +223,7 @@ static void card_handle_reset(struct card_handle *ch)
 {
 	struct msgb *msg;
 
-	tc_etu_disable(ch->tc_chan);
+	card_emu_uart_update_wt(ch->uart_chan, 0);
 
 	/* release any buffers we may still own */
 	if (ch->uart_tx_msg) {
@@ -361,16 +378,14 @@ static void emu_update_fidi(struct card_handle *ch)
 {
 	int rc;
 
-	rc = compute_fidi_ratio(ch->fi, ch->di);
+	rc = iso7816_3_compute_fd_ratio(ch->F_index, ch->D_index);
 	if (rc > 0 && rc < 0x400) {
-		TRACE_INFO("%u: computed Fi(%u) Di(%u) ratio: %d\r\n",
-			    ch->num, ch->fi, ch->di, rc);
+		TRACE_INFO("%u: computed F(%u)/D(%u) ratio: %d\r\n", ch->num,
+			   ch->F_index, ch->D_index, rc);
 		/* make sure UART uses new F/D ratio */
 		card_emu_uart_update_fidi(ch->uart_chan, rc);
-		/* notify ETU timer about this */
-		tc_etu_set_etu(ch->tc_chan, rc);
 	} else
-		TRACE_INFO("%u: computed FiDi ration %d unsupported\r\n",
+		TRACE_INFO("%u: computed F/D ratio %d unsupported\r\n",
 			   ch->num, rc);
 }
 
@@ -392,19 +407,23 @@ static void card_set_state(struct card_handle *ch,
 	case ISO_S_WAIT_RST:
 		/* disable Rx and Tx of UART */
 		card_emu_uart_enable(ch->uart_chan, 0);
+		/* disable timeout */
+		card_emu_uart_update_wt(ch->uart_chan, 0);
 		break;
 	case ISO_S_WAIT_ATR:
 		/* Reset to initial Fi / Di ratio */
-		ch->fi = 1;
-		ch->di = 1;
+		ch->Fi_index = ch->F_index = 1;
+		ch->Di_index = ch->D_index = 1;
+		ch->wi = ISO7816_3_DEFAULT_WI;
+		ch->waiting_time = ISO7816_3_INIT_WTIME;
 		emu_update_fidi(ch);
+		/* enable TX to be able to use the timeout */
+		card_emu_uart_enable(ch->uart_chan, ENABLE_TX_TIMER_ONLY);
 		/* the ATR should only be sent 400 to 40k clock cycles after the RESET.
-		 * we use the tc_etu mechanism to wait this time.
+		 * we use the UART timeout mechanism to wait this time.
 		 * since the initial ETU is Fd=372/Dd=1 clock cycles long, we have to wait 2-107 ETU.
 		 */
-		tc_etu_set_wtime(ch->tc_chan, 2);
-		/* enable the TC/ETU counter once reset has been released */
-		tc_etu_enable(ch->tc_chan);
+		card_emu_uart_update_wt(ch->uart_chan, 2);
 		break;
 	case ISO_S_IN_ATR:
 		/* initialize to default WI, this will be overwritten if we
@@ -414,7 +433,7 @@ static void card_set_state(struct card_handle *ch,
 		/* update waiting time to initial waiting time */
 		ch->waiting_time = ISO7816_3_INIT_WTIME;
 		/* set initial waiting time */
-		tc_etu_set_wtime(ch->tc_chan, ch->waiting_time);
+		card_emu_uart_update_wt(ch->uart_chan, ch->waiting_time);
 		/* Set ATR sub-state to initial state */
 		ch->atr.idx = 0;
 		/* enable USART transmission to reader */
@@ -489,9 +508,11 @@ static int tx_byte_atr(struct card_handle *ch)
 				}
 			}
 		}
-		/* update waiting time (see ISO 7816-3 10.2) */
-		ch->waiting_time = ch->wi * 960 * ch->fi;
-		tc_etu_set_wtime(ch->tc_chan, ch->waiting_time);
+		/* update waiting time (see ISO 7816-3 10.2). We can drop the Fi
+		 * multiplier as we store the waiting time in units of 'etu', and
+		 * don't really care what the number of clock cycles or the absolute
+		 * wall clock time is */
+		ch->waiting_time = ch->wi * 960;
 		/* go to next state */
 		card_set_state(ch, ISO_S_WAIT_TPDU);
 		return 0;
@@ -626,10 +647,11 @@ static int tx_byte_pts(struct card_handle *ch)
 	case PTS_S_WAIT_RESP_PTS1:
 		byte = ch->pts.resp[_PTS1];
 		/* This must be TA1 */
-		ch->fi = byte >> 4;
-		ch->di = byte & 0xf;
-		TRACE_DEBUG("%u: found Fi=%u Di=%u\r\n", ch->num,
-			    ch->fi, ch->di);
+		ch->F_index = byte >> 4;
+		ch->D_index = byte & 0xf;
+		TRACE_DEBUG("%u: found F=%u D=%u\r\n", ch->num,
+			    iso7816_3_fi_table[ch->F_index], iso7816_3_di_table[ch->D_index]);
+		/* FIXME: if F or D are 0, become unresponsive to signal error condition */
 		break;
 	case PTS_S_WAIT_RESP_PTS2:
 		byte = ch->pts.resp[_PTS2];
@@ -654,10 +676,11 @@ static int tx_byte_pts(struct card_handle *ch)
 	switch (ch->pts.state) {
 	case PTS_S_WAIT_RESP_PCK:
 		card_emu_uart_wait_tx_idle(ch->uart_chan);
-		/* update baud rate generator with Fi/Di */
+		/* update baud rate generator with F/D */
 		emu_update_fidi(ch);
 		/* Wait for the next TPDU */
 		card_set_state(ch, ISO_S_WAIT_TPDU);
+		set_pts_state(ch, PTS_S_WAIT_REQ_PTSS);
 		break;
 	default:
 		/* calculate the next state and set it */
@@ -733,14 +756,28 @@ static void set_tpdu_state(struct card_handle *ch, enum tpdu_state new_ts)
 
 	switch (new_ts) {
 	case TPDU_S_WAIT_CLA:
-	case TPDU_S_WAIT_RX:
+		/* switch back to receiving mode */
 		card_emu_uart_enable(ch->uart_chan, ENABLE_RX);
+		/* disable waiting time since we don't expect any data */
+		card_emu_uart_update_wt(ch->uart_chan, 0);
+		break;
+	case TPDU_S_WAIT_INS:
+		/* start waiting for the rest of the header/body */
+		card_emu_uart_update_wt(ch->uart_chan, ch->waiting_time);
+		break;
+	case TPDU_S_WAIT_RX:
+		/* switch to receive mode to receive the body */
+		card_emu_uart_enable(ch->uart_chan, ENABLE_RX);
+		/* start waiting for the body */
+		card_emu_uart_update_wt(ch->uart_chan, ch->waiting_time);
 		break;
 	case TPDU_S_WAIT_PB:
 		/* we just completed the TPDU header from reader to card
 		 * and now need to disable the receiver, enable the
 		 * transmitter and transmit the procedure byte */
 		card_emu_uart_enable(ch->uart_chan, ENABLE_TX);
+		/* prepare to extend the waiting time once half of it is reached */
+		card_emu_uart_update_wt(ch->uart_chan, ch->waiting_time);
 		break;
 	default:
 		break;
@@ -1025,8 +1062,8 @@ void card_emu_report_status(struct card_handle *ch, bool report_on_irq)
 	if (ch->in_reset)
 		sts->flags |= CEMU_STATUS_F_RESET_ACTIVE;
 	/* FIXME: voltage + card insert */
-	sts->fi = ch->fi;
-	sts->di = ch->di;
+	sts->F_index = ch->F_index;
+	sts->D_index = ch->D_index;
 	sts->wi = ch->wi;
 	sts->waiting_time = ch->waiting_time;
 
@@ -1045,6 +1082,12 @@ static void card_emu_report_config(struct card_handle *ch)
 
 	cfg = (struct cardemu_usb_msg_config *) msgb_put(msg, sizeof(*cfg));
 	cfg->features = ch->features;
+#ifdef HAVE_SLOT_MUX
+	cfg->slot_mux_nr = mux_get_slot();
+#else
+	cfg->slot_mux_nr = 0;
+#endif
+
 
 	usb_buf_upd_len_and_submit(msg);
 }
@@ -1083,9 +1126,7 @@ void card_emu_io_statechg(struct card_handle *ch, enum card_io io, int active)
 	case CARD_IO_RST:
 		if (active == 0 && ch->in_reset) {
 			TRACE_INFO("%u: RST released\r\n", ch->num);
-			if (ch->vcc_active && ch->clocked) {
-				/* enable the TC/ETU counter once reset has been released */
-				tc_etu_enable(ch->tc_chan);
+			if (ch->vcc_active && ch->clocked && ch->state == ISO_S_WAIT_RST) {
 				/* prepare to send the ATR */
 				card_set_state(ch, ISO_S_WAIT_ATR);
 			}
@@ -1094,6 +1135,7 @@ void card_emu_io_statechg(struct card_handle *ch, enum card_io io, int active)
 			TRACE_INFO("%u: RST asserted\r\n", ch->num);
 			card_handle_reset(ch);
 			chg_mask |= CEMU_STATUS_F_RESET_ACTIVE;
+			card_set_state(ch, ISO_S_WAIT_RST);
 		}
 		ch->in_reset = active;
 		break;
@@ -1143,7 +1185,7 @@ int card_emu_set_atr(struct card_handle *ch, const uint8_t *atr, uint8_t len)
 }
 
 /* hardware driver informs us that one (more) ETU has expired */
-void tc_etu_wtime_half_expired(void *handle)
+void card_emu_wtime_half_expired(void *handle)
 {
 	struct card_handle *ch = handle;
 	/* transmit NULL procedure byte well before waiting time expires */
@@ -1153,7 +1195,10 @@ void tc_etu_wtime_half_expired(void *handle)
 		case TPDU_S_WAIT_PB:
 		case TPDU_S_WAIT_TX:
 			putchar('N');
+			/* we are waiting for data from the user. Send a procedure byte to ask the
+			 * reader to wait more time */
 			card_emu_uart_tx(ch->uart_chan, ISO7816_3_PB_NULL);
+			card_emu_uart_reset_wt(ch->uart_chan);
 			break;
 		default:
 			break;
@@ -1165,7 +1210,7 @@ void tc_etu_wtime_half_expired(void *handle)
 }
 
 /* hardware driver informs us that one (more) ETU has expired */
-void tc_etu_wtime_expired(void *handle)
+void card_emu_wtime_expired(void *handle)
 {
 	struct card_handle *ch = handle;
 	switch (ch->state) {
@@ -1179,8 +1224,23 @@ void tc_etu_wtime_expired(void *handle)
 	}
 }
 
-/* shortest ATR possible (uses default speed and no options) */
-static const uint8_t default_atr[] = { 0x3B, 0x00 };
+/* reasonable ATR offering all protocols and voltages
+ * smartphones might not care, but other readers do
+ *
+ * TS =		0x3B	Direct Convention
+ * T0 =		0x80	Y(1): b1000, K: 0 (historical bytes)
+ * TD(1) =	0x80	Y(i+1) = b1000, Protocol T=0
+ * ----
+ * TD(2) =	0x81	Y(i+1) = b1000, Protocol T=1
+ * ----
+ * TD(3) =	0x1F	Y(i+1) = b0001, Protocol T=15
+ * ----
+ * TA(4) =	0xC7	Clock stop: no preference - Class accepted by the card: (3G) A 5V B 3V C 1.8V
+ * ----
+ * Historical bytes
+ * TCK =	0x59 	correct checksum
+ */
+static const uint8_t default_atr[] = { 0x3B, 0x80, 0x80, 0x81 , 0x1F, 0xC7, 0x59 };
 
 static struct card_handle card_handles[NUM_SLOTS];
 
@@ -1190,13 +1250,19 @@ int card_emu_set_config(struct card_handle *ch, const struct cardemu_usb_msg_con
 	if (scfg_len >= sizeof(uint32_t))
 		ch->features = (scfg->features & SUPPORTED_FEATURES);
 
+#ifdef HAVE_SLOT_MUX
+	if (scfg_len >= sizeof(uint32_t)+sizeof(uint8_t)) {
+		mux_set_slot(scfg->slot_mux_nr);
+	}
+#endif
+
 	/* send back a report of our current configuration */
 	card_emu_report_config(ch);
 
 	return 0;
 }
 
-struct card_handle *card_emu_init(uint8_t slot_num, uint8_t tc_chan, uint8_t uart_chan, uint8_t in_ep, uint8_t irq_ep, bool vcc_active, bool in_reset, bool clocked)
+struct card_handle *card_emu_init(uint8_t slot_num, uint8_t uart_chan, uint8_t in_ep, uint8_t irq_ep, bool vcc_active, bool in_reset, bool clocked)
 {
 	struct card_handle *ch;
 
@@ -1217,11 +1283,10 @@ struct card_handle *card_emu_init(uint8_t slot_num, uint8_t tc_chan, uint8_t uar
 	ch->in_reset = in_reset;
 	ch->clocked = clocked;
 
-	ch->fi = 0;
-	ch->di = 1;
+	ch->Fi_index = ch->F_index = 1;
+	ch->Di_index = ch->D_index = 1;
 	ch->wi = ISO7816_3_DEFAULT_WI;
 
-	ch->tc_chan = tc_chan;
 	ch->uart_chan = uart_chan;
 	ch->waiting_time = ISO7816_3_INIT_WTIME;
 
@@ -1229,9 +1294,10 @@ struct card_handle *card_emu_init(uint8_t slot_num, uint8_t tc_chan, uint8_t uar
 	ch->atr.len = sizeof(default_atr);
 	memcpy(ch->atr.atr, default_atr, ch->atr.len);
 
-	card_handle_reset(ch);
+	ch->pts.state = PTS_S_WAIT_REQ_PTSS;
+	ch->tpdu.state = TPDU_S_WAIT_CLA;
 
-	tc_etu_init(ch->tc_chan, ch);
+	card_handle_reset(ch);
 
 	return ch;
 }

firmware/libcommon/source/iso7816_fidi.c

@@ -23,38 +23,38 @@
 #include "iso7816_fidi.h"
 
 /* Table 7 of ISO 7816-3:2006 */
-const uint16_t fi_table[] = {
+const uint16_t iso7816_3_fi_table[] = {
 	372, 372, 558, 744, 1116, 1488, 1860, 0,
 	0, 512, 768, 1024, 1536, 2048, 0, 0
 };
 
 /* Table 8 from ISO 7816-3:2006 */
-const uint8_t di_table[] = {
+const uint8_t iso7816_3_di_table[] = {
 	0, 1, 2, 4, 8, 16, 32, 64,
 	12, 20, 2, 4, 8, 16, 32, 64,
 };
 
 /* compute the F/D ratio based on Fi and Di values */
-int compute_fidi_ratio(uint8_t fi, uint8_t di)
+int iso7816_3_compute_fd_ratio(uint8_t f_index, uint8_t d_index)
 {
 	uint16_t f, d;
 	int ret;
 
-	if (fi >= ARRAY_SIZE(fi_table) ||
-	    di >= ARRAY_SIZE(di_table))
+	if (f_index >= ARRAY_SIZE(iso7816_3_fi_table) ||
+	    d_index >= ARRAY_SIZE(iso7816_3_di_table))
 		return -EINVAL;
 
-	f = fi_table[fi];
+	f = iso7816_3_fi_table[f_index];
 	if (f == 0)
 		return -EINVAL;
 
-	d = di_table[di];
+	d = iso7816_3_di_table[d_index];
 	if (d == 0)
 		return -EINVAL;
 
 	/* See table 7 of ISO 7816-3: From 1000 on we divide by 1/d,
 	 * which equals a multiplication by d */
-	if (di < 8)
+	if (d_index < 8)
 		ret = f / d;
 	else
 		ret = f * d;

firmware/libcommon/source/mode_cardemu.c

@@ -1,7 +1,7 @@
 /* card emulation mode
  *
  * (C) 2015-2017 by Harald Welte <laforge@gnumonks.org>
- * (C) 2018 by sysmocom -s.f.m.c. GmbH, Author: Kevin Redon <kredon@sysmocom.de>
+ * (C) 2018-2019 by sysmocom -s.f.m.c. GmbH, Author: Kevin Redon <kredon@sysmocom.de>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -42,6 +42,10 @@ static const Pin pins_cardsim[] = PINS_CARDSIM;
 static const Pin pins_usim1[]	= {PINS_USIM1};
 static const Pin pin_usim1_rst	= PIN_USIM1_nRST;
 static const Pin pin_usim1_vcc	= PIN_USIM1_VCC;
+#ifdef PIN_USIM1_IO_DIR
+static const Pin pin_io_dir 	= PIN_USIM1_IO_DIR;
+#endif
+
 
 #ifdef CARDEMU_SECOND_UART
 static const Pin pins_usim2[]	= {PINS_USIM2};
@@ -55,6 +59,14 @@ struct cardem_inst {
 	struct llist_head usb_out_queue;
 	struct ringbuf rb;
 	struct Usart_info usart_info;
+	struct {
+		/*! receiver waiting time to trigger timeout (0 to deactivate it) */
+		uint32_t total;
+		/*! remaining waiting time (we may need multiple timer runs to reach total */
+		uint32_t remaining;
+		/*! did we already notify about half the time having expired? */
+		bool half_time_notified;
+	} wt;
 	int usb_pending_old;
 	uint8_t ep_out;
 	uint8_t ep_in;
@@ -134,18 +146,44 @@ void card_emu_uart_wait_tx_idle(uint8_t uart_chan)
 	wait_tx_idle(usart);
 }
 
+static void card_emu_uart_set_direction(uint8_t uart_chan, bool tx)
+{
+	/* only on some boards (octsimtest) we hae an external level
+	 * shifter that requires us to switch the direction between RX and TX */
+#ifdef PIN_USIM1_IO_DIR
+	if (uart_chan == 0) {
+		if (tx)
+			PIO_Set(&pin_io_dir);
+		else
+			PIO_Clear(&pin_io_dir);
+	}
+#endif
+}
+
 /* call-back from card_emu.c to enable/disable transmit and/or receive */
 void card_emu_uart_enable(uint8_t uart_chan, uint8_t rxtx)
 {
 	Usart *usart = get_usart_by_chan(uart_chan);
 	switch (rxtx) {
 	case ENABLE_TX:
-		USART_DisableIt(usart, ~US_IER_TXRDY);
+		card_emu_uart_set_direction(uart_chan, true);
+		USART_DisableIt(usart, ~(US_IER_TXRDY | US_IER_TIMEOUT));
 		/* as irritating as it is, we actually want to keep the
 		 * receiver enabled during transmit */
 		USART_SetReceiverEnabled(usart, 1);
 		usart->US_CR = US_CR_RSTSTA | US_CR_RSTIT | US_CR_RSTNACK;
-		USART_EnableIt(usart, US_IER_TXRDY);
+		USART_EnableIt(usart, US_IER_TXRDY | US_IER_TIMEOUT);
+		USART_SetTransmitterEnabled(usart, 1);
+		break;
+	case ENABLE_TX_TIMER_ONLY:
+		/* enable the transmitter without generating TXRDY interrupts
+		 * just so that the timer can run */
+		USART_DisableIt(usart, ~US_IER_TIMEOUT);
+		/* as irritating as it is, we actually want to keep the
+		 * receiver enabled during transmit */
+		USART_SetReceiverEnabled(usart, 1);
+		usart->US_CR = US_CR_RSTSTA | US_CR_RSTIT | US_CR_RSTNACK;
+		USART_EnableIt(usart, US_IER_TIMEOUT);
 		USART_SetTransmitterEnabled(usart, 1);
 		break;
 	case ENABLE_RX:
@@ -154,6 +192,7 @@ void card_emu_uart_enable(uint8_t uart_chan, uint8_t rxtx)
 		 * transmitter enabled during receive */
 		USART_SetTransmitterEnabled(usart, 1);
 		wait_tx_idle(usart);
+		card_emu_uart_set_direction(uart_chan, false);;
 		usart->US_CR = US_CR_RSTSTA | US_CR_RSTIT | US_CR_RSTNACK;
 		USART_EnableIt(usart, US_IER_RXRDY);
 		USART_SetReceiverEnabled(usart, 1);
@@ -193,8 +232,25 @@ int card_emu_uart_tx(uint8_t uart_chan, uint8_t byte)
 	return 1;
 }
 
+static uint16_t compute_next_timeout(struct cardem_inst *ci)
+{
+	uint32_t want_to_expire;
 
-/* FIXME: integrate this with actual irq handler */
+	if (ci->wt.total == 0)
+		return 0;
+
+	if (!ci->wt.half_time_notified) {
+		/* we need to make sure to expire after half the total waiting time */
+		OSMO_ASSERT(ci->wt.remaining > (ci->wt.total / 2));
+		want_to_expire = ci->wt.remaining - (ci->wt.total / 2);
+	} else
+		want_to_expire = ci->wt.remaining;
+	/* if value exceeds the USART TO range, use the maximum possible value for one round */
+	return OSMO_MIN(want_to_expire, 0xffff);
+}
+
+/*! common handler if interrupt was received.
+ *  \param[in] inst_num Instance number, range 0..1 (some boards only '0' permitted) */
 static void usart_irq_rx(uint8_t inst_num)
 {
 	Usart *usart = get_usart_by_chan(inst_num);
@@ -202,32 +258,84 @@ static void usart_irq_rx(uint8_t inst_num)
 	uint32_t csr;
 	uint8_t byte = 0;
 
+	/* get one atomic snapshot of state/flags before they get changed */
 	csr = usart->US_CSR & usart->US_IMR;
 
+	/* check if one byte has been completely received and is now in the holding register */
 	if (csr & US_CSR_RXRDY) {
+		/* read the bye from the holding register */
 		byte = (usart->US_RHR) & 0xFF;
+		/* append it to the buffer */
 		if (rbuf_write(&ci->rb, byte) < 0)
 			TRACE_ERROR("rbuf overrun\r\n");
 	}
 
+	/* check if the transmitter is ready for the next byte */
 	if (csr & US_CSR_TXRDY) {
-		if (card_emu_tx_byte(ci->ch) == 0)
+		/* transmit next byte and check if more bytes are to be transmitted */
+		if (card_emu_tx_byte(ci->ch) == 0) {
+			/* stop the TX ready interrupt of no more bytes to transmit */
 			USART_DisableIt(usart, US_IER_TXRDY);
+		}
 	}
 
-	if (csr & (US_CSR_OVRE|US_CSR_FRAME|US_CSR_PARE|
-		   US_CSR_TIMEOUT|US_CSR_NACK|(1<<10))) {
+	/* check if any error flags are set */
+	if (csr & (US_CSR_OVRE|US_CSR_FRAME|US_CSR_PARE|US_CSR_NACK|(1<<10))) {
+		/* clear any error flags */
 		usart->US_CR = US_CR_RSTSTA | US_CR_RSTIT | US_CR_RSTNACK;
-		TRACE_ERROR("%u e 0x%x st: 0x%lx\n", ci->num, byte, csr);
+		TRACE_ERROR("%u USART error on 0x%x status: 0x%lx\n", ci->num, byte, csr);
+	}
+
+	/* check if the timeout has expired. We "abuse" the receive timer for tracking
+	 * how many etu have expired since we last sent a byte.  See section
+	 * 33.7.3.11 "Receiver Time-out" of the SAM3S8 Data Sheet */
+	if (csr & US_CSR_TIMEOUT) {
+		/* clear timeout flag (and stop timeout until next character is received) */
+		usart->US_CR |= US_CR_STTTO;
+
+		/* RX has been inactive for some time */
+		if (ci->wt.remaining <= (usart->US_RTOR & 0xffff)) {
+			/* waiting time is over; will stop the timer */
+			ci->wt.remaining = 0;
+		} else {
+			/* subtract the actual timeout since the new might not have been set and
+			 * reloaded yet */
+			ci->wt.remaining -= (usart->US_RTOR & 0xffff);
+		}
+		if (ci->wt.remaining == 0) {
+			/* let the FSM know that WT has expired */
+			card_emu_wtime_expired(ci->ch);
+			/* don't automatically re-start in this case */
+		} else {
+			bool half_time_just_reached = false;
+
+			if (ci->wt.remaining <= ci->wt.total / 2 && !ci->wt.half_time_notified) {
+				ci->wt.half_time_notified = true;
+				/* don't immediately call card_emu_wtime_half_expired(), as that
+				 * in turn may calls card_emu_uart_update_wt() which will change
+				 * the timeout but would be overridden 4 lines below */
+				half_time_just_reached = true;
+			}
+
+			/* update the counter no matter if we reached half time or not */
+			usart->US_RTOR = compute_next_timeout(ci);
+			/* restart the counter (if wt is 0, the timeout is not started) */
+			usart->US_CR |= US_CR_RETTO;
+
+			if (half_time_just_reached)
+				card_emu_wtime_half_expired(ci->ch);
+		}
 	}
 }
 
+/*! ISR called for USART0 */
 void mode_cardemu_usart0_irq(void)
 {
 	/* USART0 == Instance 1 == USIM 2 */
 	usart_irq_rx(1);
 }
 
+/*! ISR called for USART1 */
 void mode_cardemu_usart1_irq(void)
 {
 	/* USART1 == Instance 0 == USIM 1 */
@@ -246,6 +354,41 @@ int card_emu_uart_update_fidi(uint8_t uart_chan, unsigned int fidi)
 	return 0;
 }
 
+/*! Update WT on USART peripheral.  Will automatically re-start timer with new value.
+ *  \param[in] usart USART peripheral to configure
+ *  \param[in] wt inactivity Waiting Time before card_emu_wtime_expired is called (0 to disable) */
+void card_emu_uart_update_wt(uint8_t uart_chan, uint32_t wt)
+{
+	OSMO_ASSERT(uart_chan < ARRAY_SIZE(cardem_inst));
+	struct cardem_inst *ci = &cardem_inst[uart_chan];
+	Usart *usart = get_usart_by_chan(uart_chan);
+
+	if (ci->wt.total != wt) {
+		TRACE_DEBUG("%u: USART WT changed from %lu to %lu ETU\r\n", uart_chan,
+			    ci->wt.total, wt);
+	}
+
+	ci->wt.total = wt;
+	/* reset and start the timer */
+	card_emu_uart_reset_wt(uart_chan);
+}
+
+/*! Reset and re-start waiting timeout count down on USART peripheral.
+ *  \param[in] usart USART peripheral to configure */
+void card_emu_uart_reset_wt(uint8_t uart_chan)
+{
+	OSMO_ASSERT(uart_chan < ARRAY_SIZE(cardem_inst));
+	struct cardem_inst *ci = &cardem_inst[uart_chan];
+	Usart *usart = get_usart_by_chan(uart_chan);
+
+	/* FIXME: guard against race with interrupt handler */
+	ci->wt.remaining = ci->wt.total;
+	ci->wt.half_time_notified = false;
+	usart->US_RTOR = compute_next_timeout(ci);
+	/* restart the counter (if wt is 0, the timeout is not started) */
+	usart->US_CR |= US_CR_RETTO;
+}
+
 /* call-back from card_emu.c to force a USART interrupt */
 void card_emu_uart_interrupt(uint8_t uart_chan)
 {
@@ -265,6 +408,9 @@ void card_emu_uart_interrupt(uint8_t uart_chan)
  ***********************************************************************/
 
 #ifdef DETECT_VCC_BY_ADC
+#if !defined(VCC_UV_THRESH_1V8) || !defined(VCC_UV_THRESH_3V)
+#error "You must define VCC_UV_THRESH_{1V1,3V} if you use ADC VCC detection"
+#endif
 
 static volatile int adc_triggered = 0;
 static int adc_sam3s_reva_errata = 0;
@@ -313,12 +459,13 @@ static int card_vcc_adc_init(void)
 	return 0;
 }
 
-#define VCC_UV_THRESH_1V8	1500000
-#define VCC_UV_THRESH_3V	2500000
-
 static void process_vcc_adc(struct cardem_inst *ci)
 {
+#ifdef octsimtest
+	if (ci->vcc_uv >= VCC_UV_THRESH_1V8)
+#else
 	if (ci->vcc_uv >= VCC_UV_THRESH_3V)
+#endif
 		ci->vcc_active = true;
 	else
 		ci->vcc_active = false;
@@ -419,20 +566,26 @@ void mode_cardemu_init(void)
 	INIT_LLIST_HEAD(&cardem_inst[0].usb_out_queue);
 	rbuf_reset(&cardem_inst[0].rb);
 	PIO_Configure(pins_usim1, PIO_LISTSIZE(pins_usim1));
+
+	/* configure USART as ISO-7816 slave (e.g. card) */
 	ISO7816_Init(&cardem_inst[0].usart_info, CLK_SLAVE);
 	NVIC_EnableIRQ(USART1_IRQn);
 	PIO_ConfigureIt(&pin_usim1_rst, usim1_rst_irqhandler);
 	PIO_EnableIt(&pin_usim1_rst);
-	usim1_rst_irqhandler(&pin_usim1_rst); /* obtain current RST state */
+
+	/* obtain current RST state */
+	usim1_rst_irqhandler(&pin_usim1_rst);
 #ifndef DETECT_VCC_BY_ADC
 	PIO_ConfigureIt(&pin_usim1_vcc, usim1_vcc_irqhandler);
 	PIO_EnableIt(&pin_usim1_vcc);
-	usim1_vcc_irqhandler(&pin_usim1_vcc); /* obtain current VCC state */
+
+	/* obtain current VCC state */
+	usim1_vcc_irqhandler(&pin_usim1_vcc);
 #else
 	do {} while (!adc_triggered); /* wait for first ADC reading */
 #endif /* DETECT_VCC_BY_ADC */
 
-	cardem_inst[0].ch = card_emu_init(0, 2, 0, SIMTRACE_CARDEM_USB_EP_USIM1_DATAIN,
+	cardem_inst[0].ch = card_emu_init(0, 0, SIMTRACE_CARDEM_USB_EP_USIM1_DATAIN,
 					  SIMTRACE_CARDEM_USB_EP_USIM1_INT, cardem_inst[0].vcc_active,
 					  cardem_inst[0].rst_active, cardem_inst[0].vcc_active);
 	sim_switch_use_physical(0, 1);
@@ -442,6 +595,7 @@ void mode_cardemu_init(void)
 	rbuf_reset(&cardem_inst[1].rb);
 	PIO_Configure(pins_usim2, PIO_LISTSIZE(pins_usim2));
 	ISO7816_Init(&cardem_inst[1].usart_info, CLK_SLAVE);
+	/* TODO enable timeout */
 	NVIC_EnableIRQ(USART0_IRQn);
 	PIO_ConfigureIt(&pin_usim2_rst, usim2_rst_irqhandler);
 	PIO_EnableIt(&pin_usim2_rst);
@@ -454,10 +608,11 @@ void mode_cardemu_init(void)
 	do {} while (!adc_triggered); /* wait for first ADC reading */
 #endif /* DETECT_VCC_BY_ADC */
 
-	cardem_inst[1].ch = card_emu_init(1, 0, 1, SIMTRACE_CARDEM_USB_EP_USIM2_DATAIN,
+	cardem_inst[1].ch = card_emu_init(1, 1, SIMTRACE_CARDEM_USB_EP_USIM2_DATAIN,
 					  SIMTRACE_CARDEM_USB_EP_USIM2_INT, cardem_inst[1].vcc_active,
 					  cardem_inst[1].rst_active, cardem_inst[1].vcc_active);
 	sim_switch_use_physical(1, 1);
+	/* TODO check RST and VCC */
 #endif /* CARDEMU_SECOND_UART */
 }
 
@@ -501,6 +656,26 @@ static void dispatch_usb_command_generic(struct msgb *msg, struct cardem_inst *c
 	usb_buf_free(msg);
 }
 
+static void process_card_insert(struct cardem_inst *ci, bool card_insert)
+{
+	TRACE_INFO("%u: set card_insert to %s\r\n", ci->num, card_insert ? "INSERTED" : "REMOVED");
+
+#ifdef HAVE_BOARD_CARDINSERT
+	board_set_card_insert(ci, card_insert);
+#else
+	if (!ci->pin_insert.pio) {
+		TRACE_INFO("%u: skipping unsupported card_insert to %s\r\n",
+			   ci->num, card_insert ? "INSERTED" : "REMOVED");
+		return;
+	}
+
+	if (card_insert)
+		PIO_Set(&ci->pin_insert);
+	else
+		PIO_Clear(&ci->pin_insert);
+#endif
+}
+
 /* handle a single USB command as received from the USB host */
 static void dispatch_usb_command_cardem(struct msgb *msg, struct cardem_inst *ci)
 {
@@ -524,18 +699,7 @@ static void dispatch_usb_command_cardem(struct msgb *msg, struct cardem_inst *ci
 		break;
 	case SIMTRACE_MSGT_DT_CEMU_CARDINSERT:
 		cardins = (struct cardemu_usb_msg_cardinsert *) msg->l2h;
-		if (!ci->pin_insert.pio) {
-			TRACE_INFO("%u: skipping unsupported card_insert to %s\r\n",
-				   ci->num, cardins->card_insert ? "INSERTED" : "REMOVED");
-			usb_buf_free(msg);
-			break;
-		}
-		TRACE_INFO("%u: set card_insert to %s\r\n", ci->num,
-			   cardins->card_insert ? "INSERTED" : "REMOVED");
-		if (cardins->card_insert)
-			PIO_Set(&ci->pin_insert);
-		else
-			PIO_Clear(&ci->pin_insert);
+		process_card_insert(ci, cardins->card_insert);
 		usb_buf_free(msg);
 		break;
 	case SIMTRACE_MSGT_BD_CEMU_STATUS:
@@ -545,6 +709,7 @@ static void dispatch_usb_command_cardem(struct msgb *msg, struct cardem_inst *ci
 	case SIMTRACE_MSGT_BD_CEMU_CONFIG:
 		cfg = (struct cardemu_usb_msg_config *) msg->l2h;
 		card_emu_set_config(ci->ch, cfg, msgb_l2len(msg));
+		usb_buf_free(msg);
 		break;
 	case SIMTRACE_MSGT_BD_CEMU_STATS:
 	default:

firmware/libcommon/source/simtrace_iso7816.c

@@ -125,7 +125,7 @@ void update_fidi(Usart_info *usart, uint8_t fidi)
 
 	uint8_t fi = fidi >> 4;
 	uint8_t di = fidi & 0xf;
-	int ratio = compute_fidi_ratio(fi, di);
+	int ratio = iso7816_3_compute_fd_ratio(fi, di);
 
 	if (ratio > 0 && ratio < 0x8000) {
 		/* make sure USART uses new F/D ratio */

firmware/libcommon/source/sniffer.c

@@ -658,9 +658,10 @@ static void process_byte_pps(uint8_t byte)
 					fn = 1;
 					dn = 1;
 				}
-				TRACE_INFO("PPS negotiation successful: Fn=%u Dn=%u\n\r", fi_table[fn], di_table[dn]);
+				TRACE_INFO("PPS negotiation successful: Fn=%u Dn=%u\n\r",
+					   iso7816_3_fi_table[fn], iso7816_3_di_table[dn]);
 				update_fidi(&sniff_usart, pps_cur[2]);
-				update_wt(0, di_table[dn]);
+				update_wt(0, iso7816_3_di_table[dn]);
 				usb_send_fidi(pps_cur[2]); /* send Fi/Di change notification to host software over USB */
 			} else { /* checksum is invalid */
 				TRACE_INFO("PPS negotiation failed\n\r");

firmware/libcommon/source/stack_check.c

@@ -0,0 +1,14 @@
+#include <stdint.h>
+#include <osmocom/core/panic.h>
+
+/* This is what's minimally required to fix builds on Ubuntu 20.04,
+ * where stack smashing protection is enabled by default when using dpkg
+ * - even when cross-compiling: https://osmocom.org/issues/4687
+ */
+
+uintptr_t __stack_chk_guard = 0xdeadbeef;
+
+void __stack_chk_fail(void)
+{
+	osmo_panic("Stack smashing detected!\r\n");
+}

firmware/libosmocore/source/panic.c

@@ -46,7 +46,7 @@ static osmo_panic_handler_t osmo_panic_handler = (void*)0;
 __attribute__ ((format (printf, 1, 0)))
 static void osmo_panic_default(const char *fmt, va_list args)
 {
-	vfprintf(stderr, fmt, args);
+	vfprintf_sync(stderr, fmt, args);
 	osmo_generate_backtrace();
 	assert(0);
 }

firmware/test/card_emu_tests.c

@@ -13,6 +13,20 @@
 #define PHONE_INT	2
 #define PHONE_DATAOUT	3
 
+/* stub for stdio */
+signed int printf_sync(const char *pFormat, ...)
+{
+	va_list ap;
+	signed int result;
+
+	va_start(ap, pFormat);
+	result = vprintf(pFormat, ap);
+	va_end(ap);
+
+	return result;
+}
+
+
 /***********************************************************************
  * stub functions required by card_emu.c
  ***********************************************************************/
@@ -50,6 +64,9 @@ void card_emu_uart_enable(uint8_t uart_chan, uint8_t rxtx)
 	case ENABLE_TX:
 		rts = "TX";
 		break;
+	case ENABLE_TX_TIMER_ONLY:
+		rts = "TX-TIMER-ONLY";
+		break;
 	case ENABLE_RX:
 		rts = "RX";
 		break;
@@ -66,29 +83,14 @@ void card_emu_uart_interrupt(uint8_t uart_chan)
 	printf("uart_interrupt(uart_chan=%u)\n", uart_chan);
 }
 
-void tc_etu_set_wtime(uint8_t tc_chan, uint16_t wtime)
+void card_emu_uart_update_wt(uint8_t uart_chan, uint32_t wt)
 {
-	printf("tc_etu_set_wtime(tc_chan=%u, wtime=%u)\n", tc_chan, wtime);
+	printf("%s(uart_chan=%u, wtime=%u)\n", __func__, uart_chan, wt);
 }
 
-void tc_etu_set_etu(uint8_t tc_chan, uint16_t etu)
+void card_emu_uart_reset_wt(uint8_t uart_chan)
 {
-	printf("tc_etu_set_etu(tc_chan=%u, etu=%u)\n", tc_chan, etu);
-}
-
-void tc_etu_init(uint8_t chan_nr, void *handle)
-{
-	printf("tc_etu_init(tc_chan=%u)\n", chan_nr);
-}
-
-void tc_etu_enable(uint8_t chan_nr)
-{
-	printf("tc_etu_enable(tc_chan=%u)\n", chan_nr);
-}
-
-void tc_etu_disable(uint8_t chan_nr)
-{
-	printf("tc_etu_disable(tc_chan=%u)\n", chan_nr);
+	printf("%s(uart_chan=%u\n", __func__, uart_chan);
 }
 
 
@@ -136,7 +138,7 @@ static void io_start_card(struct card_handle *ch)
 	/* release from reset and verify th ATR */
 	card_emu_io_statechg(ch, CARD_IO_RST, 0);
 	/* simulate waiting time before ATR expired */
-	tc_etu_wtime_expired(ch);
+	card_emu_wtime_expired(ch);
 	verify_atr(ch);
 }
 
@@ -408,7 +410,7 @@ int main(int argc, char **argv)
 	struct card_handle *ch;
 	unsigned int i;
 
-	ch = card_emu_init(0, 23, 42, PHONE_DATAIN, PHONE_INT, false, true, false);
+	ch = card_emu_init(0, 42, PHONE_DATAIN, PHONE_INT, false, true, false);
 	assert(ch);
 
 	usb_buf_init();

host/.gitignore

@@ -34,5 +34,4 @@ libtool
 
 simtrace2-list
 simtrace2-sniff
-simtrace2-remsim
-simtrace2-remsim-usb2udp
+simtrace2-cardem-pcsc

host/Makefile.am

@@ -3,7 +3,7 @@ AUTOMAKE_OPTIONS = foreign dist-bzip2 1.6
 AM_CPPFLAGS = $(all_includes) -I$(top_srcdir)/include
 SUBDIRS = include lib src contrib #tests examples doc
 
-EXTRA_DIST = .version git-version-gen
+EXTRA_DIST = .version
 
 pkgconfigdir = $(libdir)/pkgconfig
 pkgconfig_DATA = libosmo-simtrace2.pc

host/Makefile.old

@@ -1,28 +0,0 @@
-LDFLAGS+=`pkg-config --libs libusb-1.0 libosmocore` -pthread
-CFLAGS=-Wall -g
-
-APPS=simtrace2-remsim simtrace2-remsim-usb2udp simtrace2-list simtrace2-sniff
-
-all: $(APPS)
-
-simtrace2-remsim: simtrace2-remsim.o apdu_dispatch.o simtrace2-discovery.o simtrace2_api.o libusb_util.o
-	$(CC) -o $@ $^ $(LDFLAGS) `pkg-config --libs libosmosim libpcsclite`
-
-simtrace2-remsim-usb2udp: usb2udp.o simtrace2-discovery.o
-	$(CC) -o $@ $^ $(LDFLAGS)
-
-simtrace2-list: simtrace2_usb.o libusb_util.o
-	$(CC) -o $@ $^ $(LDFLAGS)
-
-simtrace2-sniff: simtrace2-sniff.o simtrace2-discovery.o libusb_util.o
-	$(CC) -o $@ $^ $(LDFLAGS)
-
-%.o: %.c
-	$(CC) $(CFLAGS) `pkg-config --cflags libusb-1.0 libosmocore` -o $@ -c $^
-
-clean:
-	@rm -f *.o $(APPS)
-
-install: $(APPS)
-	mkdir -p $(DESTDIR)/usr/bin
-	cp $(APPS) $(DESTDIR)/usr/bin/

host/configure.ac

@@ -1,5 +1,5 @@
 AC_INIT([simtrace2],
-	m4_esyscmd([./git-version-gen .tarball-version]),
+	m4_esyscmd([../git-version-gen ../.tarball-version]),
 	[simtrace@lists.osmocom.org])
 
 dnl *This* is the root dir, even if an install-sh exists in ../ or ../../
@@ -100,4 +100,5 @@ AC_OUTPUT(
 	src/Makefile
 	lib/Makefile
 	contrib/Makefile
+	contrib/simtrace2.spec
 	Makefile)

host/contrib/99-simtrace2.rules

@@ -16,6 +16,10 @@ ATTRS{idVendor}=="1d50", ATTRS{idProduct}=="4002", GROUP="plugdev"
 # sysmocom QMOD SAM3 (DFU and runtime)
 ATTRS{idVendor}=="1d50", ATTRS{idProduct}=="4003", GROUP="plugdev"
 ATTRS{idVendor}=="1d50", ATTRS{idProduct}=="4004", GROUP="plugdev"
+# sysmocom OCTSIMTEST
+ATTRS{idVendor}=="1d50", ATTRS{idProduct}=="616d", GROUP="plugdev"
+# ngff-cardem
+ATTRS{idVendor}=="1d50", ATTRS{idProduct}=="616e", GROUP="plugdev"
 
 # All done
 LABEL="simtrace2_rules_end"

host/contrib/simtrace2.spec.in

@@ -0,0 +1,99 @@
+#
+# spec file for package simtrace2
+#
+# Copyright (c) 2018, Martin Hauke <mardnh@gmx.de>
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+Name:           simtrace2
+Version:        @VERSION@
+Release:        0
+Summary:        Osmocom SIMtrace host utility
+License:        GPL-2.0-or-later
+Group:          Productivity/Telephony/Utilities
+URL:            https://osmocom.org/projects/simtrace2/wiki
+Source:         %{name}-%{version}.tar.xz
+BuildRequires:  autoconf
+BuildRequires:  automake
+BuildRequires:  libtool
+BuildRequires:  pkgconfig
+BuildRequires:  pkgconfig(libosmocore)
+BuildRequires:  pkgconfig(libosmosim)
+BuildRequires:  pkgconfig(libpcsclite)
+BuildRequires:  pkgconfig(libusb-1.0)
+BuildRequires:  pkgconfig(libosmousb) >= 0.0.0
+BuildRequires:  pkgconfig(udev)
+
+%description
+Osmocom SIMtrace 2 is a software and hardware system for passively
+tracing SIM-ME communication between the SIM card and the mobile phone,
+and remote SIM operation.
+
+This package contains SIMtrace 2 host utility.
+
+%package -n libosmo-simtrace2-0
+Summary:        Shared Library part of libosmo-simtrace2
+Group:          System/Libraries
+
+%description -n libosmo-simtrace2-0
+This library contains core "driver" functionality to interface with the
+Osmocom SIMtrace2 (and compatible) USB device firmware.  It enables
+applications to implement SIM card / smart card tracing as well as
+SIM / smart card emulation functions.
+
+%package -n libosmo-simtrace2-devel
+Summary:        Development files for the Osmocom SIMtrace2 library
+Group:          Development/Libraries/C and C++
+Requires:       libosmo-simtrace2-0 = %{version}
+
+%description -n libosmo-simtrace2-devel
+Osmocom SIMtrace2 (and compatible) USB device firmware.  It enables
+applications to implement SIM card / smart card tracing as well as
+SIM / smart card emulation functions.
+
+This subpackage contains libraries and header files for developing
+applications that want to make use of libosmo-simtrace2.
+
+%prep
+%setup -q
+
+%build
+cd host
+echo "%{version}" >.tarball-version
+autoreconf -fiv
+%configure --disable-static
+make %{?_smp_mflags}
+
+%install
+%make_install -C host
+install -Dm0644 host/contrib/99-simtrace2.rules %{buildroot}/%{_udevrulesdir}/99-simtrace2.rules
+find %{buildroot} -type f -name "*.la" -delete -print
+
+%post   -n libosmo-simtrace2-0 -p /sbin/ldconfig
+%postun -n libosmo-simtrace2-0 -p /sbin/ldconfig
+
+%files
+%doc README.md
+%{_bindir}/simtrace2-cardem-pcsc
+%{_bindir}/simtrace2-list
+%{_bindir}/simtrace2-sniff
+%{_udevrulesdir}/99-simtrace2.rules
+
+%files -n libosmo-simtrace2-0
+%{_libdir}/libosmo-simtrace2.so.0*
+
+%files -n libosmo-simtrace2-devel
+%dir %{_includedir}/osmocom/
+%dir %{_includedir}/osmocom/simtrace2/
+%{_includedir}/osmocom/simtrace2/*.h
+%{_libdir}/libosmo-simtrace2.so
+%{_libdir}/pkgconfig/libosmo-simtrace2.pc
+
+%changelog

host/git-version-gen

@@ -1,151 +0,0 @@
-#!/bin/sh
-# Print a version string.
-scriptversion=2010-01-28.01
-
-# Copyright (C) 2007-2010 Free Software Foundation, Inc.
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-# This script is derived from GIT-VERSION-GEN from GIT: http://git.or.cz/.
-# It may be run two ways:
-# - from a git repository in which the "git describe" command below
-#   produces useful output (thus requiring at least one signed tag)
-# - from a non-git-repo directory containing a .tarball-version file, which
-#   presumes this script is invoked like "./git-version-gen .tarball-version".
-
-# In order to use intra-version strings in your project, you will need two
-# separate generated version string files:
-#
-# .tarball-version - present only in a distribution tarball, and not in
-#   a checked-out repository.  Created with contents that were learned at
-#   the last time autoconf was run, and used by git-version-gen.  Must not
-#   be present in either $(srcdir) or $(builddir) for git-version-gen to
-#   give accurate answers during normal development with a checked out tree,
-#   but must be present in a tarball when there is no version control system.
-#   Therefore, it cannot be used in any dependencies.  GNUmakefile has
-#   hooks to force a reconfigure at distribution time to get the value
-#   correct, without penalizing normal development with extra reconfigures.
-#
-# .version - present in a checked-out repository and in a distribution
-#   tarball.  Usable in dependencies, particularly for files that don't
-#   want to depend on config.h but do want to track version changes.
-#   Delete this file prior to any autoconf run where you want to rebuild
-#   files to pick up a version string change; and leave it stale to
-#   minimize rebuild time after unrelated changes to configure sources.
-#
-# It is probably wise to add these two files to .gitignore, so that you
-# don't accidentally commit either generated file.
-#
-# Use the following line in your configure.ac, so that $(VERSION) will
-# automatically be up-to-date each time configure is run (and note that
-# since configure.ac no longer includes a version string, Makefile rules
-# should not depend on configure.ac for version updates).
-#
-# AC_INIT([GNU project],
-#         m4_esyscmd([build-aux/git-version-gen .tarball-version]),
-#         [bug-project@example])
-#
-# Then use the following lines in your Makefile.am, so that .version
-# will be present for dependencies, and so that .tarball-version will
-# exist in distribution tarballs.
-#
-# BUILT_SOURCES = $(top_srcdir)/.version
-# $(top_srcdir)/.version:
-#	echo $(VERSION) > $@-t && mv $@-t $@
-# dist-hook:
-#	echo $(VERSION) > $(distdir)/.tarball-version
-
-case $# in
-    1) ;;
-    *) echo 1>&2 "Usage: $0 \$srcdir/.tarball-version"; exit 1;;
-esac
-
-tarball_version_file=$1
-nl='
-'
-
-# First see if there is a tarball-only version file.
-# then try "git describe", then default.
-if test -f $tarball_version_file
-then
-    v=`cat $tarball_version_file` || exit 1
-    case $v in
-	*$nl*) v= ;; # reject multi-line output
-	[0-9]*) ;;
-	*) v= ;;
-    esac
-    test -z "$v" \
-	&& echo "$0: WARNING: $tarball_version_file seems to be damaged" 1>&2
-fi
-
-if test -n "$v"
-then
-    : # use $v
-elif
-       v=`git describe --abbrev=4 --match='v*' HEAD 2>/dev/null \
-	  || git describe --abbrev=4 HEAD 2>/dev/null` \
-    && case $v in
-	 [0-9]*) ;;
-	 v[0-9]*) ;;
-	 *) (exit 1) ;;
-       esac
-then
-    # Is this a new git that lists number of commits since the last
-    # tag or the previous older version that did not?
-    #   Newer: v6.10-77-g0f8faeb
-    #   Older: v6.10-g0f8faeb
-    case $v in
-	*-*-*) : git describe is okay three part flavor ;;
-	*-*)
-	    : git describe is older two part flavor
-	    # Recreate the number of commits and rewrite such that the
-	    # result is the same as if we were using the newer version
-	    # of git describe.
-	    vtag=`echo "$v" | sed 's/-.*//'`
-	    numcommits=`git rev-list "$vtag"..HEAD | wc -l`
-	    v=`echo "$v" | sed "s/\(.*\)-\(.*\)/\1-$numcommits-\2/"`;
-	    ;;
-    esac
-
-    # Change the first '-' to a '.', so version-comparing tools work properly.
-    # Remove the "g" in git describe's output string, to save a byte.
-    v=`echo "$v" | sed 's/-/./;s/\(.*\)-g/\1-/'`;
-else
-    v=UNKNOWN
-fi
-
-v=`echo "$v" |sed 's/^v//'`
-
-# Don't declare a version "dirty" merely because a time stamp has changed.
-git status > /dev/null 2>&1
-
-dirty=`sh -c 'git diff-index --name-only HEAD' 2>/dev/null` || dirty=
-case "$dirty" in
-    '') ;;
-    *) # Append the suffix only if there isn't one already.
-	case $v in
-	  *-dirty) ;;
-	  *) v="$v-dirty" ;;
-	esac ;;
-esac
-
-# Omit the trailing newline, so that m4_esyscmd can use the result directly.
-echo "$v" | tr -d '\012'
-
-# Local variables:
-# eval: (add-hook 'write-file-hooks 'time-stamp)
-# time-stamp-start: "scriptversion="
-# time-stamp-format: "%:y-%02m-%02d.%02H"
-# time-stamp-end: "$"
-# End:

host/include/osmocom/simtrace2/simtrace2_api.h

@@ -12,6 +12,8 @@ struct osmo_st2_transport {
 		uint8_t out;
 		uint8_t irq_in;
 	} usb_ep;
+	/* use non-blocking / asynchronous libusb I/O */
+	bool usb_async;
 
 	/* UDP */
 	int udp_fd;
@@ -39,8 +41,6 @@ struct osmo_st2_cardem_inst {
 	void *priv;
 };
 
-int osmo_st2_transp_tx_msg(struct osmo_st2_transport *transp, struct msgb *msg);
-
 int osmo_st2_slot_tx_msg(struct osmo_st2_slot *slot, struct msgb *msg,
                          uint8_t msg_class, uint8_t msg_type);
 

host/lib/simtrace2_api.c

@@ -44,9 +44,13 @@
 #include <osmocom/core/utils.h>
 #include <osmocom/core/socket.h>
 #include <osmocom/core/msgb.h>
+#include <osmocom/core/logging.h>
 #include <osmocom/sim/class_tables.h>
 #include <osmocom/sim/sim.h>
 
+#define LOGSLOT(slot, lvl, fmt, args...) \
+	LOGP(DLINP, lvl, "[%u] " fmt, (slot)->slot_nr, ## args)
+
 /***********************************************************************
  * SIMTRACE core protocol
  ***********************************************************************/
@@ -57,23 +61,60 @@ static struct msgb *st_msgb_alloc(void)
 	return msgb_alloc_headroom(1024+32, 32, "SIMtrace");
 }
 
-/*! \brief Transmit a given command to the SIMtrace2 device */
-int osmo_st2_transp_tx_msg(struct osmo_st2_transport *transp, struct msgb *msg)
+
+static void usb_out_xfer_cb(struct libusb_transfer *xfer)
 {
-	int rc;
+	struct msgb *msg = xfer->user_data;
 
-	printf("<- %s\n", msgb_hexdump(msg));
-
-	if (transp->udp_fd < 0) {
-		int xfer_len;
-
-		rc = libusb_bulk_transfer(transp->usb_devh, transp->usb_ep.out,
-					  msgb_data(msg), msgb_length(msg),
-					  &xfer_len, 100000);
-	} else {
-		rc = write(transp->udp_fd, msgb_data(msg), msgb_length(msg));
+	switch (xfer->status) {
+	case LIBUSB_TRANSFER_COMPLETED:
+		break;
+	case LIBUSB_TRANSFER_NO_DEVICE:
+		fprintf(stderr, "USB device disappeared\n");
+		exit(1);
+		break;
+	default:
+		fprintf(stderr, "USB OUT transfer failed, status=%u\n", xfer->status);
+		exit(1);
+		break;
 	}
 
+	msgb_free(msg);
+	libusb_free_transfer(xfer);
+}
+
+
+static int st2_transp_tx_msg_usb_async(struct osmo_st2_transport *transp, struct msgb *msg)
+{
+	struct libusb_transfer *xfer;
+	int rc;
+
+	xfer = libusb_alloc_transfer(0);
+	OSMO_ASSERT(xfer);
+	xfer->dev_handle = transp->usb_devh;
+	xfer->flags = 0;
+	xfer->type = LIBUSB_TRANSFER_TYPE_BULK;
+	xfer->endpoint = transp->usb_ep.out;
+	xfer->timeout = 100000;
+	xfer->user_data = msg;
+	xfer->length = msgb_length(msg);
+	xfer->buffer = msgb_data(msg);
+	xfer->callback = usb_out_xfer_cb;
+
+	rc = libusb_submit_transfer(xfer);
+	OSMO_ASSERT(rc == 0);
+
+	return rc;
+}
+
+/*! \brief Transmit a given command to the SIMtrace2 device */
+static int st2_transp_tx_msg_usb_sync(struct osmo_st2_transport *transp, struct msgb *msg)
+{
+	int rc;
+	int xfer_len;
+	rc = libusb_bulk_transfer(transp->usb_devh, transp->usb_ep.out,
+				  msgb_data(msg), msgb_length(msg),
+				  &xfer_len, 100000);
 	msgb_free(msg);
 	return rc;
 }
@@ -98,9 +139,23 @@ static struct simtrace_msg_hdr *st_push_hdr(struct msgb *msg, uint8_t msg_class,
 int osmo_st2_slot_tx_msg(struct osmo_st2_slot *slot, struct msgb *msg,
 			 uint8_t msg_class, uint8_t msg_type)
 {
+	struct osmo_st2_transport *transp = slot->transp;
+	int rc;
+
+	OSMO_ASSERT(transp);
+
 	st_push_hdr(msg, msg_class, msg_type, slot->slot_nr);
 
-	return osmo_st2_transp_tx_msg(slot->transp, msg);
+	if (transp->udp_fd < 0) {
+		if (transp->usb_async)
+			rc = st2_transp_tx_msg_usb_async(transp, msg);
+		else
+			rc = st2_transp_tx_msg_usb_sync(transp, msg);
+	} else {
+		rc = write(transp->udp_fd, msgb_data(msg), msgb_length(msg));
+		msgb_free(msg);
+	}
+	return rc;
 }
 
 /***********************************************************************
@@ -114,6 +169,8 @@ int osmo_st2_cardem_request_card_insert(struct osmo_st2_cardem_inst *ci, bool in
 	struct msgb *msg = st_msgb_alloc();
 	struct cardemu_usb_msg_cardinsert *cins;
 
+	LOGSLOT(ci->slot, LOGL_NOTICE, "<= %s(inserted=%d)\n", __func__, inserted);
+
 	cins = (struct cardemu_usb_msg_cardinsert *) msgb_put(msg, sizeof(*cins));
 	memset(cins, 0, sizeof(*cins));
 	if (inserted)
@@ -129,7 +186,7 @@ int osmo_st2_cardem_request_pb_and_rx(struct osmo_st2_cardem_inst *ci, uint8_t p
 	struct cardemu_usb_msg_tx_data *txd;
 	txd = (struct cardemu_usb_msg_tx_data *) msgb_put(msg, sizeof(*txd));
 
-	printf("<= %s(%02x, %d)\n", __func__, pb, le);
+	LOGSLOT(ci->slot, LOGL_DEBUG, "<= %s(pb=%02x, le=%u)\n", __func__, pb, le);
 
 	memset(txd, 0, sizeof(*txd));
 	txd->data_len = 1;
@@ -150,7 +207,7 @@ int osmo_st2_cardem_request_pb_and_tx(struct osmo_st2_cardem_inst *ci, uint8_t p
 
 	txd = (struct cardemu_usb_msg_tx_data *) msgb_put(msg, sizeof(*txd));
 
-	printf("<= %s(%02x, %s, %d)\n", __func__, pb,
+	LOGSLOT(ci->slot, LOGL_DEBUG, "<= %s(pb=%02x, tx=%s, len=%d)\n", __func__, pb,
 		osmo_hexdump(data, data_len_in), data_len_in);
 
 	memset(txd, 0, sizeof(*txd));
@@ -174,7 +231,7 @@ int osmo_st2_cardem_request_sw_tx(struct osmo_st2_cardem_inst *ci, const uint8_t
 
 	txd = (struct cardemu_usb_msg_tx_data *) msgb_put(msg, sizeof(*txd));
 
-	printf("<= %s(%02x %02x)\n", __func__, sw[0], sw[1]);
+	LOGSLOT(ci->slot, LOGL_DEBUG, "<= %s(sw=%02x%02x)\n", __func__, sw[0], sw[1]);
 
 	memset(txd, 0, sizeof(*txd));
 	txd->data_len = 2;
@@ -194,7 +251,7 @@ int osmo_st2_cardem_request_set_atr(struct osmo_st2_cardem_inst *ci, const uint8
 
 	satr = (struct cardemu_usb_msg_set_atr *) msgb_put(msg, sizeof(*satr));
 
-	printf("<= %s(%s)\n", __func__, osmo_hexdump(atr, atr_len));
+	LOGSLOT(ci->slot, LOGL_NOTICE, "<= %s(%s)\n", __func__, osmo_hexdump(atr, atr_len));
 
 	memset(satr, 0, sizeof(*satr));
 	satr->atr_len = atr_len;
@@ -211,7 +268,7 @@ int osmo_st2_cardem_request_config(struct osmo_st2_cardem_inst *ci, uint32_t fea
 
 	cfg = (struct cardemu_usb_msg_config *) msgb_put(msg, sizeof(*cfg));
 
-	printf("<= %s(%08x)\n", __func__, features);
+	LOGSLOT(ci->slot, LOGL_NOTICE, "<= %s(features=%08x)\n", __func__, features);
 
 	memset(cfg, 0, sizeof(*cfg));
 	cfg->features = features;
@@ -228,6 +285,9 @@ static int _modem_reset(struct osmo_st2_slot *slot, uint8_t asserted, uint16_t p
 	struct msgb *msg = st_msgb_alloc();
 	struct st_modem_reset *sr ;
 
+	LOGSLOT(slot, LOGL_NOTICE, "<= %s(asserted=%u, pulse_ms=%u)\n", __func__,
+		asserted, pulse_ms);
+
 	sr = (struct st_modem_reset *) msgb_put(msg, sizeof(*sr));
 	sr->asserted = asserted;
 	sr->pulse_duration_msec = pulse_ms;
@@ -258,6 +318,8 @@ static int _modem_sim_select(struct osmo_st2_slot *slot, uint8_t remote_sim)
 	struct msgb *msg = st_msgb_alloc();
 	struct st_modem_sim_select *ss;
 
+	LOGSLOT(slot, LOGL_NOTICE, "<= %s(remote_sim=%u)\n", __func__, remote_sim);
+
 	ss = (struct st_modem_sim_select *) msgb_put(msg, sizeof(*ss));
 	ss->remote_sim = remote_sim;
 

host/lib/usb_util.c

@@ -32,5 +32,7 @@ const struct dev_id osmo_st2_compatible_dev_ids[] = {
 	{ USB_VENDOR_OPENMOKO, USB_PRODUCT_OWHW_SAM3 },
 	{ USB_VENDOR_OPENMOKO, USB_PRODUCT_QMOD_SAM3 },
 	{ USB_VENDOR_OPENMOKO, USB_PRODUCT_SIMTRACE2 },
+	{ USB_VENDOR_OPENMOKO, USB_PRODUCT_OCTSIMTEST },
+	{ USB_VENDOR_OPENMOKO, USB_PRODUCT_NGFF_CARDEM },
 	{ 0, 0 }
 };

host/src/Makefile.am

@@ -5,12 +5,12 @@ AM_LDFLAGS=$(COVERAGE_LDFLAGS)
 LDADD= $(top_builddir)/lib/libosmo-simtrace2.la \
        $(LIBOSMOCORE_LIBS) $(LIBOSMOSIM_LIBS) $(LIBOSMOUSB_LIBS) $(LIBUSB_LIBS)
 
-bin_PROGRAMS = simtrace2-remsim simtrace2-remsim-usb2udp simtrace2-list simtrace2-sniff
+bin_PROGRAMS = simtrace2-cardem-pcsc simtrace2-list simtrace2-sniff simtrace2-tool
 
-simtrace2_remsim_SOURCES = simtrace2-remsim.c
-
-simtrace2_remsim_usb2udp_SOURCES = usb2udp.c
+simtrace2_cardem_pcsc_SOURCES = simtrace2-cardem-pcsc.c
 
 simtrace2_list_SOURCES = simtrace2_usb.c
 
 simtrace2_sniff_SOURCES = simtrace2-sniff.c
+
+simtrace2_tool_SOURCES = simtrace2-tool.c

host/src/simtrace2-cardem-pcsc.c

@@ -1,7 +1,7 @@
-/* simtrace2-remsim - main program for the host PC to provide a remote SIM
+/* simtrace2-cardem-pcsc - main program for the host PC to provide a remote SIM
  * using the SIMtrace 2 firmware in card emulation mode
  *
- * (C) 2016-2017 by Harald Welte <hwelte@hmw-consulting.de>
+ * (C) 2016-2021 by Harald Welte <hwelte@hmw-consulting.de>
  * (C) 2018, sysmocom -s.f.m.c. GmbH, Author: Kevin Redon <kredon@sysmocom.de>
  *
  * This program is free software; you can redistribute it and/or
@@ -47,9 +47,14 @@
 #include <osmocom/core/utils.h>
 #include <osmocom/core/socket.h>
 #include <osmocom/core/msgb.h>
+#include <osmocom/core/select.h>
+#include <osmocom/core/logging.h>
+#include <osmocom/core/application.h>
 #include <osmocom/sim/class_tables.h>
 #include <osmocom/sim/sim.h>
 
+#define LOGCI(ci, lvl, fmt, args ...) printf(fmt, ## args)
+
 static void atr_update_csum(uint8_t *atr, unsigned int atr_len)
 {
 	uint8_t csum = 0;
@@ -61,6 +66,37 @@ static void atr_update_csum(uint8_t *atr, unsigned int atr_len)
 	atr[atr_len-1] = csum;
 }
 
+static void cemu_flags2str(char *out, unsigned int out_len, uint32_t flags)
+{
+	snprintf(out, out_len, "%s%s%s%s%s",
+		 flags & CEMU_STATUS_F_RESET_ACTIVE ? "RESET " : "",
+		 flags & CEMU_STATUS_F_VCC_PRESENT ? "VCC " : "",
+		 flags & CEMU_STATUS_F_CLK_ACTIVE ? "CLK " : "",
+		 flags & CEMU_STATUS_F_CARD_INSERT ? "CARD_PRES " : "",
+		 flags & CEMU_STATUS_F_RCEMU_ACTIVE ? "RCEMU " : "");
+}
+
+static uint32_t last_flags = 0;
+
+static void update_flags(struct osmo_st2_cardem_inst *ci, uint32_t flags)
+{
+	struct osim_card_hdl *card = ci->chan->card;
+
+	if ((flags & CEMU_STATUS_F_VCC_PRESENT) && (flags & CEMU_STATUS_F_CLK_ACTIVE) &&
+	    !(flags & CEMU_STATUS_F_RESET_ACTIVE)) {
+		if (last_flags & CEMU_STATUS_F_RESET_ACTIVE) {
+			/* a reset has just ended, forward it to the real card */
+			bool cold_reset = true;
+			if (last_flags & CEMU_STATUS_F_VCC_PRESENT)
+				cold_reset = false;
+			LOGCI(ci, LOGL_NOTICE, "%s Resetting card in reader...\n",
+				cold_reset ? "Cold" : "Warm");
+			osim_card_reset(card, cold_reset);
+		}
+	}
+	last_flags = flags;
+}
+
 /***********************************************************************
  * Incoming Messages
  ***********************************************************************/
@@ -68,12 +104,15 @@ static void atr_update_csum(uint8_t *atr, unsigned int atr_len)
 /*! \brief Process a STATUS message from the SIMtrace2 */
 static int process_do_status(struct osmo_st2_cardem_inst *ci, uint8_t *buf, int len)
 {
-	struct cardemu_usb_msg_status *status;
-	status = (struct cardemu_usb_msg_status *) buf;
+	struct cardemu_usb_msg_status *status = (struct cardemu_usb_msg_status *) buf;
+	char fbuf[80];
 
-	printf("=> STATUS: flags=0x%x, fi=%u, di=%u, wi=%u wtime=%u\n",
+	cemu_flags2str(fbuf, sizeof(fbuf), status->flags);
+	printf("=> STATUS: flags=0x%x, fi=%u, di=%u, wi=%u wtime=%u (%s)\n",
 		status->flags, status->fi, status->di, status->wi,
-		status->waiting_time);
+		status->waiting_time, fbuf);
+
+	update_flags(ci, status->flags);
 
 	return 0;
 }
@@ -158,6 +197,9 @@ static int process_usb_msg(struct osmo_st2_cardem_inst *ci, uint8_t *buf, int le
 	case SIMTRACE_MSGT_DO_CEMU_RX_DATA:
 		rc = process_do_rx_da(ci, buf, len);
 		break;
+	case SIMTRACE_MSGT_BD_CEMU_CONFIG:
+		/* firmware confirms configuration change; ignore */
+		break;
 	default:
 		printf("unknown simtrace msg type 0x%02x\n", sh->msg_type);
 		rc = -1;
@@ -167,20 +209,161 @@ static int process_usb_msg(struct osmo_st2_cardem_inst *ci, uint8_t *buf, int le
 	return rc;
 }
 
+/*! \brief Process a STATUS message on IRQ endpoint from the SIMtrace2 */
+static int process_irq_status(struct osmo_st2_cardem_inst *ci, const uint8_t *buf, int len)
+{
+	const struct cardemu_usb_msg_status *status = (struct cardemu_usb_msg_status *) buf;
+	char fbuf[80];
+
+	cemu_flags2str(fbuf, sizeof(fbuf), status->flags);
+	LOGCI(ci, LOGL_INFO, "SIMtrace IRQ STATUS: flags=0x%x, fi=%u, di=%u, wi=%u wtime=%u (%s)\n",
+		status->flags, status->fi, status->di, status->wi,
+		status->waiting_time, fbuf);
+
+	update_flags(ci, status->flags);
+
+	return 0;
+}
+
+static int process_usb_msg_irq(struct osmo_st2_cardem_inst *ci, const uint8_t *buf, unsigned int len)
+{
+	struct simtrace_msg_hdr *sh = (struct simtrace_msg_hdr *)buf;
+	int rc;
+
+	LOGCI(ci, LOGL_INFO, "SIMtrace IRQ %s\n", osmo_hexdump(buf, len));
+
+	buf += sizeof(*sh);
+
+	switch (sh->msg_type) {
+	case SIMTRACE_MSGT_BD_CEMU_STATUS:
+		rc = process_irq_status(ci, buf, len);
+		break;
+	default:
+		LOGCI(ci, LOGL_ERROR, "unknown simtrace msg type 0x%02x\n", sh->msg_type);
+		rc = -1;
+		break;
+	}
+
+	return rc;
+}
+
+static void usb_in_xfer_cb(struct libusb_transfer *xfer)
+{
+	struct osmo_st2_cardem_inst *ci = xfer->user_data;
+	int rc;
+
+	switch (xfer->status) {
+	case LIBUSB_TRANSFER_COMPLETED:
+		/* hand the message up the stack */
+		process_usb_msg(ci, xfer->buffer, xfer->actual_length);
+		break;
+	case LIBUSB_TRANSFER_NO_DEVICE:
+		LOGCI(ci, LOGL_FATAL, "USB device disappeared\n");
+		exit(1);
+		break;
+	default:
+		LOGCI(ci, LOGL_FATAL, "USB IN transfer failed, status=%u\n", xfer->status);
+		exit(1);
+		break;
+	}
+
+	/* re-submit the IN transfer */
+	rc = libusb_submit_transfer(xfer);
+	OSMO_ASSERT(rc == 0);
+}
+
+
+static void allocate_and_submit_in(struct osmo_st2_cardem_inst *ci)
+{
+	struct osmo_st2_transport *transp = ci->slot->transp;
+	struct libusb_transfer *xfer;
+	int rc;
+
+	xfer = libusb_alloc_transfer(0);
+	OSMO_ASSERT(xfer);
+	xfer->dev_handle = transp->usb_devh;
+	xfer->flags = 0;
+	xfer->type = LIBUSB_TRANSFER_TYPE_BULK;
+	xfer->endpoint = transp->usb_ep.in;
+	xfer->timeout = 0;
+	xfer->user_data = ci;
+	xfer->length = 16*256;
+
+	xfer->buffer = libusb_dev_mem_alloc(xfer->dev_handle, xfer->length);
+	OSMO_ASSERT(xfer->buffer);
+	xfer->callback = usb_in_xfer_cb;
+
+	/* submit the IN transfer */
+	rc = libusb_submit_transfer(xfer);
+	OSMO_ASSERT(rc == 0);
+}
+
+
+static void usb_irq_xfer_cb(struct libusb_transfer *xfer)
+{
+	struct osmo_st2_cardem_inst *ci = xfer->user_data;
+	int rc;
+
+	switch (xfer->status) {
+	case LIBUSB_TRANSFER_COMPLETED:
+		process_usb_msg_irq(ci, xfer->buffer, xfer->actual_length);
+		break;
+	case LIBUSB_TRANSFER_NO_DEVICE:
+		LOGCI(ci, LOGL_FATAL, "USB device disappeared\n");
+		exit(1);
+		break;
+	default:
+		LOGCI(ci, LOGL_FATAL, "USB IN transfer failed, status=%u\n", xfer->status);
+		exit(1);
+		break;
+	}
+
+	/* re-submit the IN transfer */
+	rc = libusb_submit_transfer(xfer);
+	OSMO_ASSERT(rc == 0);
+}
+
+
+static void allocate_and_submit_irq(struct osmo_st2_cardem_inst *ci)
+{
+	struct osmo_st2_transport *transp = ci->slot->transp;
+	struct libusb_transfer *xfer;
+	int rc;
+
+	xfer = libusb_alloc_transfer(0);
+	OSMO_ASSERT(xfer);
+	xfer->dev_handle = transp->usb_devh;
+	xfer->flags = 0;
+	xfer->type = LIBUSB_TRANSFER_TYPE_INTERRUPT;
+	xfer->endpoint = transp->usb_ep.irq_in;
+	xfer->timeout = 0;
+	xfer->user_data = ci;
+	xfer->length = 64;
+
+	xfer->buffer = libusb_dev_mem_alloc(xfer->dev_handle, xfer->length);
+	OSMO_ASSERT(xfer->buffer);
+	xfer->callback = usb_irq_xfer_cb;
+
+	/* submit the IN transfer */
+	rc = libusb_submit_transfer(xfer);
+	OSMO_ASSERT(rc == 0);
+}
+
+
+
 static void print_welcome(void)
 {
-	printf("simtrace2-remsim - Remote SIM card forwarding\n"
-	       "(C) 2010-2017, Harald Welte <laforge@gnumonks.org>\n"
+	printf("simtrace2-cardem-pcsc - Using PC/SC reader as SIM\n"
+	       "(C) 2010-2020, Harald Welte <laforge@gnumonks.org>\n"
 	       "(C) 2018, sysmocom -s.f.m.c. GmbH, Author: Kevin Redon <kredon@sysmocom.de>\n\n");
 }
 
 static void print_help(void)
 {
-	printf( "\t-r\t--remote-udp-host HOST\n"
-		"\t-p\t--remote-udp-port PORT\n"
-		"\t-h\t--help\n"
+	printf( "\t-h\t--help\n"
 		"\t-i\t--gsmtap-ip\tA.B.C.D\n"
 		"\t-a\t--skip-atr\n"
+		"\t-t\t--set-atr\tATR-STRING in HEX\n"
 		"\t-k\t--keep-running\n"
 		"\t-n\t--pcsc-reader-num\n"
 		"\t-V\t--usb-vendor\tVENDOR_ID\n"
@@ -195,10 +378,9 @@ static void print_help(void)
 }
 
 static const struct option opts[] = {
-	{ "remote-udp-host", 1, 0, 'r' },
-	{ "remote-udp-port", 1, 0, 'p' },
 	{ "gsmtap-ip", 1, 0, 'i' },
 	{ "skip-atr", 0, 0, 'a' },
+	{ "set-atr", 1, 0, 't' },
 	{ "help", 0, 0, 'h' },
 	{ "keep-running", 0, 0, 'k' },
 	{ "pcsc-reader-num", 1, 0, 'n' },
@@ -214,40 +396,9 @@ static const struct option opts[] = {
 
 static void run_mainloop(struct osmo_st2_cardem_inst *ci)
 {
-	struct osmo_st2_transport *transp = ci->slot->transp;
-	unsigned int msg_count, byte_count = 0;
-	uint8_t buf[16*265];
-	int xfer_len;
-	int rc;
-
 	printf("Entering main loop\n");
-
 	while (1) {
-		/* read data from SIMtrace2 device (local or via USB) */
-		if (transp->udp_fd < 0) {
-			rc = libusb_bulk_transfer(transp->usb_devh, transp->usb_ep.in,
-						  buf, sizeof(buf), &xfer_len, 100);
-			if (rc < 0 && rc != LIBUSB_ERROR_TIMEOUT &&
-				      rc != LIBUSB_ERROR_INTERRUPTED &&
-				      rc != LIBUSB_ERROR_IO) {
-				fprintf(stderr, "BULK IN transfer error; rc=%d\n", rc);
-				return;
-			}
-		} else {
-			rc = read(transp->udp_fd, buf, sizeof(buf));
-			if (rc <= 0) {
-				fprintf(stderr, "shor read from UDP\n");
-				return;
-			}
-			xfer_len = rc;
-		}
-		/* dispatch any incoming data */
-		if (xfer_len > 0) {
-			printf("URB: %s\n", osmo_hexdump(buf, xfer_len));
-			process_usb_msg(ci, buf, xfer_len);
-			msg_count++;
-			byte_count += xfer_len;
-		}
+		osmo_select_main(0);
 	}
 }
 
@@ -276,6 +427,8 @@ static void signal_handler(int signal)
 	}
 }
 
+static struct log_info log_info = {};
+
 int main(int argc, char **argv)
 {
 	struct osmo_st2_transport *transp = ci->slot->transp;
@@ -283,31 +436,34 @@ int main(int argc, char **argv)
 	int rc;
 	int c, ret = 1;
 	int skip_atr = 0;
+	char *atr = NULL;
+	uint8_t override_atr[OSIM_MAX_ATR_LEN];
+	int override_atr_len = 0;
 	int keep_running = 0;
-	int remote_udp_port = 52342;
 	int if_num = 0, vendor_id = -1, product_id = -1;
 	int config_id = -1, altsetting = 0, addr = -1;
 	int reader_num = 0;
-	char *remote_udp_host = NULL;
 	char *path = NULL;
 	struct osim_reader_hdl *reader;
 	struct osim_card_hdl *card;
 
 	print_welcome();
 
+	rc = osmo_libusb_init(NULL);
+	if (rc < 0) {
+		fprintf(stderr, "libusb initialization failed\n");
+		return rc;
+	}
+
+	osmo_init_logging2(NULL, &log_info);
+
 	while (1) {
 		int option_index = 0;
 
-		c = getopt_long(argc, argv, "r:p:hi:V:P:C:I:S:A:H:akn:", opts, &option_index);
+		c = getopt_long(argc, argv, "hi:V:P:C:I:S:A:H:akn:t:", opts, &option_index);
 		if (c == -1)
 			break;
 		switch (c) {
-		case 'r':
-			remote_udp_host = optarg;
-			break;
-		case 'p':
-			remote_udp_port = atoi(optarg);
-			break;
 		case 'h':
 			print_help();
 			exit(0);
@@ -318,6 +474,9 @@ int main(int argc, char **argv)
 		case 'a':
 			skip_atr = 1;
 			break;
+		case 't':
+		        atr = optarg;
+			break;
 		case 'k':
 			keep_running = 1;
 			break;
@@ -348,29 +507,26 @@ int main(int argc, char **argv)
 		}
 	}
 
-	if (!remote_udp_host && (vendor_id < 0 || product_id < 0)) {
+	if (atr) {
+		override_atr_len = osmo_hexparse(atr, override_atr, sizeof(override_atr));
+		if (override_atr_len < 2) {
+			fprintf(stderr, "Invalid ATR - please omit a leading 0x and only use valid hex "
+				"digits and whitespace. ATRs need to be between 2 and 33 bytes long.\n");
+			goto do_exit;
+		}
+	}
+
+	if (vendor_id < 0 || product_id < 0) {
 		fprintf(stderr, "You have to specify the vendor and product ID\n");
 		goto do_exit;
 	}
 
-	transp->udp_fd = -1;
-
 	ci->card_prof = &osim_uicc_sim_cic_profile;
 
-	if (!remote_udp_host) {
-		rc = libusb_init(NULL);
-		if (rc < 0) {
-			fprintf(stderr, "libusb initialization failed\n");
-			goto do_exit;
-		}
-	} else {
-		transp->udp_fd = osmo_sock_init(AF_INET, SOCK_DGRAM, IPPROTO_UDP,
-						remote_udp_host, remote_udp_port+if_num,
-						OSMO_SOCK_F_CONNECT);
-		if (transp->udp_fd < 0) {
-			fprintf(stderr, "error binding UDP port\n");
-			goto do_exit;
-		}
+	rc = libusb_init(NULL);
+	if (rc < 0) {
+		fprintf(stderr, "libusb initialization failed\n");
+		goto do_exit;
 	}
 
 	rc = osmo_st2_gsmtap_init(gsmtap_host);
@@ -400,36 +556,43 @@ int main(int argc, char **argv)
 	signal(SIGINT, &signal_handler);
 
 	do {
-		if (transp->udp_fd < 0) {
-			struct usb_interface_match _ifm, *ifm = &_ifm;
-			ifm->vendor = vendor_id;
-			ifm->product = product_id;
-			ifm->configuration = config_id;
-			ifm->interface = if_num;
-			ifm->altsetting = altsetting;
-			ifm->addr = addr;
-			if (path)
-				osmo_strlcpy(ifm->path, path, sizeof(ifm->path));
-			transp->usb_devh = osmo_libusb_open_claim_interface(NULL, NULL, ifm);
-			if (!transp->usb_devh) {
-				fprintf(stderr, "can't open USB device\n");
-				goto close_exit;
-			}
-
-			rc = libusb_claim_interface(transp->usb_devh, if_num);
-			if (rc < 0) {
-				fprintf(stderr, "can't claim interface %d; rc=%d\n", if_num, rc);
-				goto close_exit;
-			}
-
-			rc = osmo_libusb_get_ep_addrs(transp->usb_devh, if_num, &transp->usb_ep.out,
-					      &transp->usb_ep.in, &transp->usb_ep.irq_in);
-			if (rc < 0) {
-				fprintf(stderr, "can't obtain EP addrs; rc=%d\n", rc);
-				goto close_exit;
-			}
+		struct usb_interface_match _ifm, *ifm = &_ifm;
+		ifm->vendor = vendor_id;
+		ifm->product = product_id;
+		ifm->configuration = config_id;
+		ifm->interface = if_num;
+		ifm->altsetting = altsetting;
+		ifm->addr = addr;
+		if (path)
+			osmo_strlcpy(ifm->path, path, sizeof(ifm->path));
+		transp->udp_fd = -1;
+		transp->usb_async = true;
+		transp->usb_devh = osmo_libusb_open_claim_interface(NULL, NULL, ifm);
+		if (!transp->usb_devh) {
+			fprintf(stderr, "can't open USB device\n");
+			goto close;
 		}
 
+		rc = libusb_claim_interface(transp->usb_devh, if_num);
+		if (rc < 0) {
+			fprintf(stderr, "can't claim interface %d; rc=%d\n", if_num, rc);
+			goto close;
+		}
+
+		rc = osmo_libusb_get_ep_addrs(transp->usb_devh, if_num, &transp->usb_ep.out,
+				      &transp->usb_ep.in, &transp->usb_ep.irq_in);
+		if (rc < 0) {
+			fprintf(stderr, "can't obtain EP addrs; rc=%d\n", rc);
+			goto close;
+		}
+
+		allocate_and_submit_irq(ci);
+		for (int i = 0; i < 4; i++)
+			allocate_and_submit_in(ci);
+
+		/* request firmware to generate STATUS on IRQ endpoint */
+		osmo_st2_cardem_request_config(ci, CEMU_FEAT_F_STATUS_IRQ);
+
 		/* simulate card-insert to modem (owhw, not qmod) */
 		osmo_st2_cardem_request_card_insert(ci, true);
 
@@ -438,9 +601,14 @@ int main(int argc, char **argv)
 
 		if (!skip_atr) {
 			/* set the ATR */
-			uint8_t real_atr[] = {  0x3B, 0x00 }; // the simplest ATR
-			atr_update_csum(real_atr, sizeof(real_atr));
-			osmo_st2_cardem_request_set_atr(ci, real_atr, sizeof(real_atr));
+			if (override_atr_len) {
+				/* user has specified an override-ATR */
+				atr_update_csum(override_atr, override_atr_len);
+				osmo_st2_cardem_request_set_atr(ci, override_atr, override_atr_len);
+			} else {
+				/* use the real ATR of the card */
+				osmo_st2_cardem_request_set_atr(ci, card->atr, card->atr_len);
+			}
 		}
 
 		/* select remote (forwarded) SIM */
@@ -449,17 +617,22 @@ int main(int argc, char **argv)
 		run_mainloop(ci);
 		ret = 0;
 
-		if (transp->udp_fd < 0)
-			libusb_release_interface(transp->usb_devh, 0);
-close_exit:
-		if (transp->usb_devh)
+		libusb_release_interface(transp->usb_devh, 0);
+
+close:
+		if (transp->usb_devh) {
 			libusb_close(transp->usb_devh);
+			transp->usb_devh = NULL;
+		}
 		if (keep_running)
 			sleep(1);
 	} while (keep_running);
 
-	if (transp->udp_fd < 0)
-		libusb_exit(NULL);
+close_exit:
+	if (transp->usb_devh)
+		libusb_close(transp->usb_devh);
+
+	libusb_exit(NULL);
 do_exit:
 	return ret;
 }

host/src/simtrace2-sniff.c

@@ -342,7 +342,7 @@ int main(int argc, char **argv)
 	while (1) {
 		int option_index = 0;
 
-		char c = getopt_long(argc, argv, "hi:kV:P:C:I:S:A:", opts, &option_index);
+		int c = getopt_long(argc, argv, "hi:kV:P:C:I:S:A:", opts, &option_index);
 		if (c == -1)
 			break;
 		switch (c) {

host/src/simtrace2-tool.c

@@ -0,0 +1,338 @@
+/* simtrace2-tool - main program for the host PC to provide a remote SIM
+ * using the SIMtrace 2 firmware in card emulation mode
+ *
+ * (C) 2019 by Harald Welte <hwelte@hmw-consulting.de>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+
+#include <errno.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdint.h>
+#include <signal.h>
+#define _GNU_SOURCE
+#include <getopt.h>
+
+#include <sys/types.h>
+
+#include <libusb.h>
+
+#include <osmocom/usb/libusb.h>
+#include <osmocom/simtrace2/simtrace2_api.h>
+#include <osmocom/simtrace2/simtrace_prot.h>
+#include <osmocom/simtrace2/gsmtap.h>
+
+#include <osmocom/core/utils.h>
+#include <osmocom/core/msgb.h>
+
+/***********************************************************************
+ * Incoming Messages
+ ***********************************************************************/
+
+static void print_welcome(void)
+{
+	printf("simtrace2-tool\n"
+	       "(C) 2019 Harald Welte <laforge@gnumonks.org>\n");
+}
+
+static void print_help(void)
+{
+	printf( "simtrace2-tool [OPTIONS] COMMAND\n\n");
+	printf( "Options:\n"
+		"\t-h\t--help\n"
+		"\t-V\t--usb-vendor\tVENDOR_ID\n"
+		"\t-P\t--usb-product\tPRODUCT_ID\n"
+		"\t-C\t--usb-config\tCONFIG_ID\n"
+		"\t-I\t--usb-interface\tINTERFACE_ID\n"
+		"\t-S\t--usb-altsetting ALTSETTING_ID\n"
+		"\t-A\t--usb-address\tADDRESS\n"
+		"\t-H\t--usb-path\tPATH\n"
+		"\n"
+		);
+	printf( "Commands:\n"
+		"\tmodem reset (enable|disable|cycle)\n"
+		"\tmodem sim-switch (local|remote)\n"
+		"\n");
+}
+
+static const struct option opts[] = {
+	{ "help", 0, 0, 'h' },
+	{ "usb-vendor", 1, 0, 'V' },
+	{ "usb-product", 1, 0, 'P' },
+	{ "usb-config", 1, 0, 'C' },
+	{ "usb-interface", 1, 0, 'I' },
+	{ "usb-altsetting", 1, 0, 'S' },
+	{ "usb-address", 1, 0, 'A' },
+	{ "usb-path", 1, 0, 'H' },
+	{ NULL, 0, 0, 0 }
+};
+
+static void run_mainloop(struct osmo_st2_cardem_inst *ci)
+{
+	struct osmo_st2_transport *transp = ci->slot->transp;
+	uint8_t buf[16*265];
+	int xfer_len;
+	int rc;
+
+	while (1) {
+		/* read data from SIMtrace2 device */
+		rc = libusb_bulk_transfer(transp->usb_devh, transp->usb_ep.in,
+					  buf, sizeof(buf), &xfer_len, 100);
+		if (rc < 0 && rc != LIBUSB_ERROR_TIMEOUT &&
+			      rc != LIBUSB_ERROR_INTERRUPTED &&
+			      rc != LIBUSB_ERROR_IO) {
+			fprintf(stderr, "BULK IN transfer error; rc=%d\n", rc);
+			return;
+		}
+		/* break the loop if no new messages arrive within 100ms */
+		if (rc == LIBUSB_ERROR_TIMEOUT)
+			return;
+	}
+}
+
+static struct osmo_st2_transport _transp;
+
+static struct osmo_st2_slot _slot = {
+	.transp = &_transp,
+	.slot_nr = 0,
+};
+
+struct osmo_st2_cardem_inst _ci = {
+	.slot = &_slot,
+};
+
+struct osmo_st2_cardem_inst *ci = &_ci;
+
+/* perform a modem reset */
+static int do_modem_reset(int argc, char **argv)
+{
+	char *command;
+	if (argc < 1)
+		command = "cycle";
+	else {
+		command = argv[0];
+		argc--;
+		argv++;
+	}
+
+	if (!strcmp(command, "enable")) {
+		printf("Activating Modem RESET\n");
+		return osmo_st2_modem_reset_active(ci->slot);
+	} else if (!strcmp(command, "disable")) {
+		printf("Deactivating Modem RESET\n");
+		return osmo_st2_modem_reset_inactive(ci->slot);
+	} else if (!strcmp(command, "cycle")) {
+		printf("Pulsing Modem RESET (1s)\n");
+		return osmo_st2_modem_reset_pulse(ci->slot, 1000);
+	} else {
+		fprintf(stderr, "Unsupported modem reset command: '%s'\n", command);
+		return -EINVAL;
+	}
+	return 0;
+}
+
+/* switch between local and remote (emulated) SIM */
+static int do_modem_sim_switch(int argc, char **argv)
+{
+	char *command;
+	if (argc < 1)
+		return -EINVAL;
+	command = argv[0];
+	argc--;
+	argv++;
+
+	if (!strcmp(command, "local")) {
+		printf("Setting SIM=LOCAL; Modem reset recommended\n");
+		return osmo_st2_modem_sim_select_local(ci->slot);
+	} else if (!strcmp(command, "remote")) {
+		printf("Setting SIM=REMOTE; Modem reset recommended\n");
+		return osmo_st2_modem_sim_select_remote(ci->slot);
+	} else {
+		fprintf(stderr, "Unsupported modem sim-switch command: '%s'\n", command);
+		return -EINVAL;
+	}
+	return 0;
+}
+
+static int do_subsys_modem(int argc, char **argv)
+{
+	char *command;
+	int rc;
+
+	if (argc < 1)
+		return -EINVAL;
+	command = argv[0];
+	argc--;
+	argv++;
+
+	if (!strcmp(command, "reset")) {
+		rc = do_modem_reset(argc, argv);
+	} else if (!strcmp(command, "sim-switch")) {
+		rc = do_modem_sim_switch(argc, argv);
+	} else {
+		fprintf(stderr, "Unsupported command for subsystem modem: '%s'\n", command);
+		return -EINVAL;
+	}
+
+	return rc;
+}
+
+static int do_command(int argc, char **argv)
+{
+	char *subsys;
+	int rc;
+
+	if (argc < 1)
+		return -EINVAL;
+	subsys = argv[0];
+	argc--;
+	argv++;
+
+	if (!strcmp(subsys, "modem"))
+		rc = do_subsys_modem(argc, argv);
+	else {
+		fprintf(stderr, "Unsupported subsystem '%s'\n", subsys);
+		rc = -EINVAL;
+	}
+
+	return rc;
+}
+
+
+int main(int argc, char **argv)
+{
+	struct osmo_st2_transport *transp = ci->slot->transp;
+	int rc;
+	int c, ret = 1;
+	int if_num = 0, vendor_id = -1, product_id = -1;
+	int config_id = -1, altsetting = 0, addr = -1;
+	char *path = NULL;
+
+	while (1) {
+		int option_index = 0;
+
+		c = getopt_long(argc, argv, "hV:P:C:I:S:A:H:", opts, &option_index);
+		if (c == -1)
+			break;
+		switch (c) {
+		case 'h':
+			print_help();
+			exit(0);
+			break;
+		case 'V':
+			vendor_id = strtol(optarg, NULL, 16);
+			break;
+		case 'P':
+			product_id = strtol(optarg, NULL, 16);
+			break;
+		case 'C':
+			config_id = atoi(optarg);
+			break;
+		case 'I':
+			if_num = atoi(optarg);
+			break;
+		case 'S':
+			altsetting = atoi(optarg);
+			break;
+		case 'A':
+			addr = atoi(optarg);
+			break;
+		case 'H':
+			path = optarg;
+			break;
+		}
+	}
+
+	if ((vendor_id < 0 || product_id < 0)) {
+		fprintf(stderr, "You have to specify the vendor and product ID\n");
+		goto do_exit;
+	}
+
+	transp->udp_fd = -1;
+
+	rc = libusb_init(NULL);
+	if (rc < 0) {
+		fprintf(stderr, "libusb initialization failed\n");
+		goto do_exit;
+	}
+
+	print_welcome();
+
+	do {
+		if (transp->udp_fd < 0) {
+			struct usb_interface_match _ifm, *ifm = &_ifm;
+			ifm->vendor = vendor_id;
+			ifm->product = product_id;
+			ifm->configuration = config_id;
+			ifm->interface = if_num;
+			ifm->altsetting = altsetting;
+			ifm->addr = addr;
+			if (path)
+				osmo_strlcpy(ifm->path, path, sizeof(ifm->path));
+			transp->usb_devh = osmo_libusb_open_claim_interface(NULL, NULL, ifm);
+			if (!transp->usb_devh) {
+				fprintf(stderr, "can't open USB device\n");
+				goto close_exit;
+			}
+
+			rc = libusb_claim_interface(transp->usb_devh, if_num);
+			if (rc < 0) {
+				fprintf(stderr, "can't claim interface %d; rc=%d\n", if_num, rc);
+				goto close_exit;
+			}
+
+			rc = osmo_libusb_get_ep_addrs(transp->usb_devh, if_num, &transp->usb_ep.out,
+					      &transp->usb_ep.in, &transp->usb_ep.irq_in);
+			if (rc < 0) {
+				fprintf(stderr, "can't obtain EP addrs; rc=%d\n", rc);
+				goto close_exit;
+			}
+		}
+
+		if (argc - optind <= 0) {
+			fprintf(stderr, "You have to specify a command to execute\n");
+			exit(1);
+		}
+
+		rc = do_command(argc-optind, argv+optind);
+		switch (rc) {
+		case 0:
+			break;
+		case -EINVAL:
+			fprintf(stderr, "Error: Invalid command/syntax\n");
+			exit(1);
+			break;
+		default:
+			fprintf(stderr, "Error executing command: %d\n", rc);
+			exit(1);
+			break;
+		}
+
+		run_mainloop(ci);
+		ret = 0;
+
+		libusb_release_interface(transp->usb_devh, 0);
+close_exit:
+		if (transp->usb_devh)
+			libusb_close(transp->usb_devh);
+	} while (0);
+
+	libusb_exit(NULL);
+do_exit:
+	return ret;
+}

host/src/simtrace2_usb.c

@@ -25,13 +25,7 @@
 
 #include <osmocom/usb/libusb.h>
 #include <osmocom/simtrace2/simtrace_usb.h>
-
-static const struct dev_id compatible_dev_ids[] = {
-	{ USB_VENDOR_OPENMOKO, USB_PRODUCT_OWHW_SAM3 },
-	{ USB_VENDOR_OPENMOKO, USB_PRODUCT_QMOD_SAM3 },
-	{ USB_VENDOR_OPENMOKO, USB_PRODUCT_SIMTRACE2 },
-	{ 0, 0 }
-};
+#include <osmocom/simtrace2/usb_util.h>
 
 static int find_devices(void)
 {
@@ -39,7 +33,7 @@ static int find_devices(void)
 	int rc, i, num_interfaces;
 
 	/* scan for USB devices matching SIMtrace USB ID with proprietary class */
-	rc = osmo_libusb_find_matching_interfaces(NULL, compatible_dev_ids,
+	rc = osmo_libusb_find_matching_interfaces(NULL, osmo_st2_compatible_dev_ids,
 						  USB_CLASS_PROPRIETARY, -1, -1, ifm, ARRAY_SIZE(ifm));
 	printf("USB matches: %d\n", rc);
 	if (rc < 0)

host/src/usb2udp.c

@@ -1,285 +0,0 @@
-/* simtrace - main program for the host PC
- *
- * (C) 2010-2016 by Harald Welte <hwelte@hmw-consulting.de>
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- */
-#include <errno.h>
-#include <unistd.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <stdint.h>
-#include <time.h>
-#define _GNU_SOURCE
-#include <getopt.h>
-#include <poll.h>
-
-#include <sys/time.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-
-#include <libusb.h>
-
-#include <osmocom/usb/libusb.h>
-#include <osmocom/simtrace2/simtrace_usb.h>
-#include <osmocom/simtrace2/simtrace_prot.h>
-
-#include <osmocom/core/utils.h>
-#include <osmocom/core/socket.h>
-#include <osmocom/core/select.h>
-
-struct libusb_device_handle *g_devh;
-static struct sockaddr_in g_sa_remote;
-static struct osmo_fd g_udp_ofd;
-
-static void print_welcome(void)
-{
-	printf("usb2udp - UDP/IP forwarding of SIMtrace card emulation\n"
-	       "(C) 2016 by Harald Welte <laforge@gnumonks.org>\n\n");
-}
-
-static void print_help(void)
-{
-	printf( "\t-h\t--help\n"
-		"\t-i\t--interface <0-255>\n"
-		"\n"
-		);
-}
-
-struct ep_buf {
-	uint8_t ep;
-	uint8_t buf[1024];
-	struct libusb_transfer *xfer;
-};
-static struct ep_buf g_buf_in;
-static struct ep_buf g_buf_out;
-
-static void usb_in_xfer_cb(struct libusb_transfer *xfer)
-{
-	int rc;
-
-	printf("xfer_cb(ep=%02x): status=%d, flags=0x%x, type=%u, len=%u, act_len=%u\n",
-		xfer->endpoint, xfer->status, xfer->flags, xfer->type, xfer->length, xfer->actual_length);
-	switch (xfer->status) {
-	case LIBUSB_TRANSFER_COMPLETED:
-		if (xfer->endpoint == g_buf_in.ep) {
-			/* process the data */
-			printf("read %d bytes from SIMTRACE, forwarding to UDP\n", xfer->actual_length);
-			rc = sendto(g_udp_ofd.fd, xfer->buffer, xfer->actual_length, 0, (struct sockaddr *)&g_sa_remote, sizeof(g_sa_remote));
-			if (rc <= 0) {
-				fprintf(stderr, "error writing to UDP\n");
-			}
-			/* and re-submit the URB */
-			libusb_submit_transfer(xfer);
-		} else if (xfer->endpoint == g_buf_out.ep) {
-			/* re-enable reading from the UDP side */
-			g_udp_ofd.when |= BSC_FD_READ;
-		}
-		break;
-	default:
-		fprintf(stderr, "xfer_cb(ERROR '%s')\n", osmo_hexdump_nospc(xfer->buffer, xfer->actual_length));
-		break;
-	}
-}
-
-static void init_ep_buf(struct ep_buf *epb)
-{
-	if (!epb->xfer)
-		epb->xfer = libusb_alloc_transfer(0);
-
-	epb->xfer->flags = 0;
-
-	libusb_fill_bulk_transfer(epb->xfer, g_devh, epb->ep, epb->buf, sizeof(epb->buf), usb_in_xfer_cb, NULL, 0);
-}
-
-/***********************************************************************
- * libosmocore main loop integration of libusb async I/O
- ***********************************************************************/
-
-static int g_libusb_pending = 0;
-
-static int ofd_libusb_cb(struct osmo_fd *ofd, unsigned int what)
-{
-	/* FIXME */
-	g_libusb_pending = 1;
-
-	return 0;
-}
-
-/* call-back when libusb adds a FD */
-static void libusb_fd_added_cb(int fd, short events, void *user_data)
-{
-	struct osmo_fd *ofd = talloc_zero(NULL, struct osmo_fd);
-
-	printf("%s(%u, %x)\n", __func__, fd, events);
-
-	ofd->fd = fd;
-	ofd->cb = &ofd_libusb_cb;
-	if (events & POLLIN)
-		ofd->when |= BSC_FD_READ;
-	if (events & POLLOUT)
-		ofd->when |= BSC_FD_WRITE;
-
-	osmo_fd_register(ofd);
-}
-
-/* call-back when libusb removes a FD */
-static void libusb_fd_removed_cb(int fd, void *user_data)
-{
-
-	printf("%s(%u)\n", __func__, fd);
-#if 0
-	struct osmo_fd *ofd;
-	/* FIXME: This needs new export in libosmocore! */
-	ofd = osmo_fd_get_by_fd(fd);
-
-	if (ofd) {
-		osmo_fd_unregister(ofd);
-		talloc_free(ofd);
-	}
-#endif
-}
-
-/* call-back when the UDP socket is readable */
-static int ofd_udp_cb(struct osmo_fd *ofd, unsigned int what)
-{
-	int rc;
-	socklen_t addrlen = sizeof(g_sa_remote);
-
-	rc = recvfrom(ofd->fd, g_buf_out.buf, sizeof(g_buf_out.buf), 0,
-			(struct sockaddr *)&g_sa_remote, &addrlen);
-	if (rc <= 0) {
-		fprintf(stderr, "error reading from UDP\n");
-		return 0;
-	}
-	printf("read %d bytes from UDP, forwarding to SIMTRACE\n", rc);
-	g_buf_out.xfer->length = rc;
-
-	/* disable further READ interest for the UDP socket */
-	ofd->when &= ~BSC_FD_READ;
-
-	/* submit the URB on the OUT end point */
-	libusb_submit_transfer(g_buf_out.xfer);
-
-	return 0;
-}
-
-static void run_mainloop(void)
-{
-	int rc;
-
-	printf("Entering main loop\n");
-
-	while (1) {
-		osmo_select_main(0);
-		if (g_libusb_pending) {
-			struct timeval tv;
-			memset(&tv, 0, sizeof(tv));
-			rc = libusb_handle_events_timeout_completed(NULL, &tv, NULL);
-			if (rc != 0) {
-				fprintf(stderr, "handle_events_timeout_completed == %d\n", rc);
-				break;
-			}
-		}
-	}
-}
-
-int main(int argc, char **argv)
-{
-	int rc;
-	int c, ret = 1;
-	int local_udp_port = 52342;
-	unsigned int if_num = 0;
-
-	print_welcome();
-
-	while (1) {
-		int option_index = 0;
-		static const struct option opts[] = {
-			{ "udp-port", 1, 0, 'u' },
-			{ "interface", 1, 0, 'I' },
-			{ "help", 0, 0, 'h' },
-			{ NULL, 0, 0, 0 }
-		};
-
-		c = getopt_long(argc, argv, "u:I:h", opts, &option_index);
-		if (c == -1)
-			break;
-		switch (c) {
-		case 'u':
-			local_udp_port = atoi(optarg);
-			break;
-		case 'I':
-			if_num = atoi(optarg);
-			break;
-		case 'h':
-			print_help();
-			exit(0);
-			break;
-		}
-	}
-
-	rc = libusb_init(NULL);
-	if (rc < 0) {
-		fprintf(stderr, "libusb initialization failed\n");
-		goto close_exit;
-	}
-
-	libusb_set_pollfd_notifiers(NULL, &libusb_fd_added_cb, &libusb_fd_removed_cb, NULL);
-
-	g_devh = libusb_open_device_with_vid_pid(NULL, USB_VENDOR_OPENMOKO, USB_PRODUCT_OWHW_SAM3);
-	if (!g_devh) {
-		fprintf(stderr, "can't open USB device\n");
-		goto close_exit;
-	}
-
-	rc = libusb_claim_interface(g_devh, if_num);
-	if (rc < 0) {
-		fprintf(stderr, "can't claim interface %u; rc=%d\n", if_num, rc);
-		goto close_exit;
-	}
-
-	/* open UDP socket, register with select handling and mark it
-	 * readable */
-	g_udp_ofd.cb = ofd_udp_cb;
-	osmo_sock_init_ofd(&g_udp_ofd, AF_INET, SOCK_DGRAM, IPPROTO_UDP, NULL, local_udp_port + if_num, OSMO_SOCK_F_BIND);
-
-	rc = osmo_libusb_get_ep_addrs(g_devh, if_num, &g_buf_out.ep, &g_buf_in.ep, NULL);
-	if (rc < 0) {
-		fprintf(stderr, "couldn't find enpdoint addresses; rc=%d\n", rc);
-		goto close_exit;
-	}
-	/* initialize USB buffers / transfers */
-	init_ep_buf(&g_buf_out);
-	init_ep_buf(&g_buf_in);
-
-	/* submit the first transfer for the IN endpoint */
-	libusb_submit_transfer(g_buf_in.xfer);
-
-	run_mainloop();
-
-	ret = 0;
-
-	libusb_release_interface(g_devh, 0);
-close_exit:
-	if (g_devh)
-		libusb_close(g_devh);
-
-	libusb_exit(NULL);
-	return ret;
-}