From tom at zwizwa.be Wed Sep 4 16:24:15 2013 From: tom at zwizwa.be (Tom Schouten) Date: Wed, 04 Sep 2013 12:24:15 -0400 Subject: INS=STATUS + car reset question Message-ID: <52275EAF.2010602@zwizwa.be> Hi List, I'm running into the following command sequence in a Nexus One Android 2.3 phone: C-APDU:80F20001FF (STATUS) R-APDU:6C12 (Incorrect Parameter P3) After which the phone power-cycles the card. I'm wondering whether this is is desired behavior, or if it's a bug in the new MITM code. Phone seems to reset the card quite often when in USIM mode. Running the card in SIM mode, this doesn't happen. Cheers Tom From ml at mail.tsaitgaist.info Wed Sep 4 20:47:07 2013 From: ml at mail.tsaitgaist.info (Kevin Redon) Date: Wed, 04 Sep 2013 22:47:07 +0200 Subject: INS=STATUS + car reset question In-Reply-To: <52275EAF.2010602@zwizwa.be> References: <52275EAF.2010602@zwizwa.be> Message-ID: <1378327327-sup-3789@dennou> Excerpts from Tom Schouten's message of 2013-09-04 18:24:15 +0200: > Hi List, > > I'm running into the following command sequence in a Nexus One Android > 2.3 phone: A bit of context might help. How is SIMtrace used in this experiment? > > C-APDU:80F20001FF (STATUS) > R-APDU:6C12 (Incorrect Parameter P3) you used FF as P3 (length of expected data). if you don't know the length, you should put 00 (if I remember right), else you should put the real size of the expected data length which the card indicated previously (e.g. in the previous select response) because P2=01, you just want the name of the application, is that right? > > After which the phone power-cycles the card. That is weird. Can you check if it's a proper reset, or if the phone just powers down the card and start again? > > > I'm wondering whether this is is desired behavior, or if it's a bug in > the new MITM code. I can't comment on that, as I did not test the MITM code. How does it behave with the git code (where mitm is not implemented)? > Phone seems to reset the card quite often when in USIM mode. Does this also happen without SIMtrace? If SIMtrace is used, can you see the freq and PPS procedure? > Running the card in SIM mode, this doesn't happen. In SIM the previous command would not be accepted. kevin From tom at zwizwa.be Wed Sep 4 21:38:29 2013 From: tom at zwizwa.be (Tom Schouten) Date: Wed, 04 Sep 2013 17:38:29 -0400 Subject: INS=STATUS + car reset question In-Reply-To: <1378327327-sup-3789@dennou> References: <52275EAF.2010602@zwizwa.be> <1378327327-sup-3789@dennou> Message-ID: <5227A855.2030700@zwizwa.be> Hi Kevin, On 09/04/2013 04:47 PM, Kevin Redon wrote: > Excerpts from Tom Schouten's message of 2013-09-04 18:24:15 +0200: >> Hi List, >> >> I'm running into the following command sequence in a Nexus One Android >> 2.3 phone: > A bit of context might help. > How is SIMtrace used in this experiment? As APDU forwarder using new MITM firmware. > >> C-APDU:80F20001FF (STATUS) >> R-APDU:6C12 (Incorrect Parameter P3) > you used FF as P3 (length of expected data). > if you don't know the length, you should put 00 (if I remember right), else you should put the real size of the expected data length which the card indicated previously (e.g. in the previous select response) > because P2=01, you just want the name of the application, is that right? My conclusion also. However, this c-apdu is sent by the phone. The cause of the reset is a bug in the APDU fw code which I just noticed. I was sending a procedure byte (copy of INS) back to the phone in response to 80F20001FF, which is not legal if the status code is 6xxx. Upon reception of this protocol error, the phone power-cycles the card. Looks like this bug is more general. It might explain some other resets. With workaround, the sequence sent by the phone is now: C-APDU:80F20001FF R-APDU:6712 C-APDU:80F2000112 R-APDU:8410A0000000871002FFFFFFFF89030200009000 Thanks for your reply. Getting there.. slowly :) From ml at mail.tsaitgaist.info Wed Sep 4 22:27:11 2013 From: ml at mail.tsaitgaist.info (Kevin Redon) Date: Thu, 05 Sep 2013 00:27:11 +0200 Subject: INS=STATUS + car reset question In-Reply-To: <5227A855.2030700@zwizwa.be> References: <52275EAF.2010602@zwizwa.be> <1378327327-sup-3789@dennou> <5227A855.2030700@zwizwa.be> Message-ID: <1378333136-sup-8293@dennou> Excerpts from Tom Schouten's message of 2013-09-04 23:38:29 +0200: > Hi Kevin, > > On 09/04/2013 04:47 PM, Kevin Redon wrote: > > Excerpts from Tom Schouten's message of 2013-09-04 18:24:15 +0200: > >> Hi List, > >> > >> I'm running into the following command sequence in a Nexus One Android > >> 2.3 phone: > > A bit of context might help. > > How is SIMtrace used in this experiment? > As APDU forwarder using new MITM firmware. > > > > >> C-APDU:80F20001FF (STATUS) > >> R-APDU:6C12 (Incorrect Parameter P3) > > you used FF as P3 (length of expected data). > > if you don't know the length, you should put 00 (if I remember right), else you should put the real size of the expected data length which the card indicated previously (e.g. in the previous select response) > > because P2=01, you just want the name of the application, is that right? > My conclusion also. > However, this c-apdu is sent by the phone. > > The cause of the reset is a bug in the APDU fw code which I just noticed. > I was sending a procedure byte (copy of INS) back to the phone in > response to 80F20001FF, which is not legal if the status code is 6xxx. > Upon reception of this protocol error, the phone power-cycles the card. > > Looks like this bug is more general. It might explain some other resets. > > With workaround, the sequence sent by the phone is now: > > C-APDU:80F20001FF > R-APDU:6712 > > C-APDU:80F2000112 > R-APDU:8410A0000000871002FFFFFFFF89030200009000 > I think I've also seen this behavior where the phone doesn't know/use the length and expects the SIM to tell it using 67xx (xx!=00) (for SIM/USIM) or 6cxx (for 7816-4) > Thanks for your reply. > Getting there.. slowly :) is there a git somewhere where you put the code which I could have a look at later? From tom at zwizwa.be Wed Sep 4 23:30:18 2013 From: tom at zwizwa.be (Tom Schouten) Date: Wed, 04 Sep 2013 19:30:18 -0400 Subject: INS=STATUS + car reset question In-Reply-To: <1378333136-sup-8293@dennou> References: <52275EAF.2010602@zwizwa.be> <1378327327-sup-3789@dennou> <5227A855.2030700@zwizwa.be> <1378333136-sup-8293@dennou> Message-ID: <5227C28A.8060201@zwizwa.be> On 09/04/2013 06:27 PM, Kevin Redon wrote: > is there a git somewhere where you put the code which I could have a look at later? > > https://github.com/zwizwa/at91work/tree/apdu_phone entry points: # device make -C at91work/usb-device-cdc-serial-project # host cd at91work/src ; ./mim.py ( The CDC serial part is just a skeleton; USB control request code should be moved to CCID driver later. I'm still using a USB PC card reader for the card side. ) From mxu at sanjole.com Thu Sep 5 05:47:46 2013 From: mxu at sanjole.com (Min Xu) Date: Wed, 4 Sep 2013 19:47:46 -1000 Subject: Incomplete trace (due to high-speed SIM?) In-Reply-To: <20130824140553.GF16941@nataraja.gnumonks.org> References: <20130809075847.GA4254@xiaoyu.lan> <20130824140553.GF16941@nataraja.gnumonks.org> Message-ID: Hi Harald I made a bunch of changes that significantly improved my test scenario: Before the changes, the LTE SIM card being traced on a USB modem would fairly consistently "restart" the simtrace board (I later found out that the WDT was kicking in). And the same sim card on a Galaxy SII phone would get corrupted data (ie., wireshark would no longer be able to follow the conversation) The changes are as follow: 1) The req_ctx are loaded into a double-linked list for consistency (FIFO manner). Previously, in the old code when multiple req_ctx are ready for transmit to USB, the lowered numbered (which may be the most recently filled req_ctx) would always be transmitted first. Additionally, to simplify the queue, there is only a single sized req_ctx now, 1 kb. There are 19 of them allocated. 2) The debug ring buffer is now transmitted using Peripheral DMA. Receive is left alone. Also, the append/flush and AT..._PrintFrame is written to allow for re-entrance (via Interrupt handler). Additionally, debugp will always prefix a line number to help / assist in debugging. 3) The watch dog (wdt.c) is modified so I can see when the watch dog is activated (which it no longer does in my current test, so you can comment out the #define WDT_DEBUG line...) 4) Both the usb interrupt and the uart interrupt handlers first enable core interrupt so that the AIC can do interrupt nesting (I observed at least 1 uart overrun per DEBUGPCR prior to these changes) 5) Minor additional debugpcr in req_ctx_init and in udp_refill_ep to indicate where the req_ctx are and containing what data to assist debug Please review and comment Issues I will work on further: 1) The first APDU after the ATR is almost always broken up (I don't think it's due to my changes). And occasionally, the length byte (p3?) sometimes is missing (ONLY on this LTE sim card / MODEM). 2) I need the simtrace to transmit a complete APDU as soon as possible. It seems not consistent on when it sends out received data to the USB. Sometimes, I would see GSM AUTHENTICATE apdu without a response for quiet a while... ---- I would like to have an additional field (2 byte short) in the simtrace header (the beginning of the req_ctx to indicate the position of the first byte of an APDU, so that in the event the synchronization is lost, the pc side can recover, because it appears the firmware code tracks the state of the APDU so it should be able to indicate it. Thanks Best Regards On Sat, Aug 24, 2013 at 4:05 AM, Harald Welte wrote: > Hi Min Xu, > > On Fri, Aug 09, 2013 at 10:54:28AM -1000, Min Xu wrote: > > Thanks for getting back to me. After analyzing the issue, I believe the > > issue is the overrun error the USART reports. The issue appear to stem > > from the fact that each byte received by the USART is handled in the > > interrupt handler, but the USB sending code locks out the interrupt for > the > > entirety of its call. > > Thanks again for analyzing the problem. I was pondering to apply your > patch, but think a different approach might be better: Use the USART > DMA mode. Thiss way we don't get one interrupt per character, but one > interrupt every 'dma buffer size' characters. Using double buffering we > should be able to always process one particular dma buffer, while the > other buffer is being filled by the hardware without interrupts. > > Processing of the DMA buffer could happen either in an interrupt handler > of the PDC (dma controller) or even in the main loop. > > Unfortunately the SAM7S USB controller does not support DMA, so it is > impossible to improve on that side. > > I will give this some more thought. If I'm unable to implement this > within short time, I might merge your patch anyway as a interim fix. > > Regards, > Harald > -- > - Harald Welte > http://laforge.gnumonks.org/ > > ============================================================================ > "Privacy in residential applications is a desirable marketing option." > (ETSI EN 300 175-7 Ch. > A6) > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: simtrace.diff Type: application/octet-stream Size: 36201 bytes Desc: not available URL: From laforge at gnumonks.org Thu Sep 5 07:31:04 2013 From: laforge at gnumonks.org (Harald Welte) Date: Thu, 5 Sep 2013 09:31:04 +0200 Subject: Incomplete trace (due to high-speed SIM?) In-Reply-To: References: <20130809075847.GA4254@xiaoyu.lan> <20130824140553.GF16941@nataraja.gnumonks.org> Message-ID: <20130905073104.GG20992@nataraja.gnumonks.org> Dear Min Xu, On Wed, Sep 04, 2013 at 07:47:46PM -1000, Min Xu wrote: > I made a bunch of changes that significantly improved my test scenario: I _really_ appreciate your excellent technical work. However, I would like you to go the little extra effort it takes to 'properly' interact with community based Free Software projects, where there are rules like * only one feature / logical change per patch, resulting in a series of incremental patches, each taking us one step further, each rendering a compile-able and functional build after being applied. * no re-formatting of code (whitespace changes) * no patch for local changes like different compiler name in Makefile * stick to coding style of the project (tab-wide indent, ...) for consistency * remove old/dead code rather than comment it out (RCTX_STATE_...) * avoid asm() statements whenever possible. If you need them, please wrap them in an inline C function with descriptive name. Some quesetions: * why did the numberic values of RCTX_STATE_* have t be changed rather than amended by your new values, keeping the old ones as-is? * interrupt nesting _should_ have been active all the time, see IRQ_Handler_Entry in Cstartup.S, where we first save SPSR and then un-set the IRQ and FIQ bits _before_ branching to the interrupt handler function: /*- Enable Interrupt and Switch in Supervisor Mode */ msr CPSR_c, #ARM_MODE_SVC Where ARM_MODE_SVC is set to 0x13, i.e. without 0x40 or 0x80. So if there's something wrong with the existing code, it should be fixed there rather than two copies of inline-asm in the USART and USB IRQ handler routines. So I do want to merge this very much, but I think it needs clean-up before it can be merged. I don't expect to have much time for this in the next couple of weeks, so I would be happy if either you or somebody else on the list could work on this. Regarding your comment about changing the USB protocol: This would lead to host / firmware version incompatibilities, and I'd like to avoid that if possible in any way. We already have the simtrace_hdr.flags structure member, which contains things like SIMTRACE_FLAG_ATR. I'm not sure if I understand your request fully, but why not simply add flags like: * First fragment of a fragmented APDU * More fragments to follow for this APDU This way a new APDU still has to start at the beginning of a USB transfer, but no changes to the simtrace_hdr are required. Thanks again, Harald -- - Harald Welte http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6) From mxu at sanjole.com Thu Sep 5 08:37:40 2013 From: mxu at sanjole.com (Min Xu) Date: Wed, 4 Sep 2013 22:37:40 -1000 Subject: Incomplete trace (due to high-speed SIM?) In-Reply-To: <20130905073104.GG20992@nataraja.gnumonks.org> References: <20130809075847.GA4254@xiaoyu.lan> <20130824140553.GF16941@nataraja.gnumonks.org> <20130905073104.GG20992@nataraja.gnumonks.org> Message-ID: Hi Harald Thank you for getting back to me so quickly. I am using Emacs on an Ubuntu netbook to do the edits, which likes to reformat sections as I move (copy/paste section around) and I haven't figured out a command to undo those changes. It'd be nice if there is a .emacsrc or something that automatically formats the code to the project standard? (presumably someone has one? ..) I started only wanted to make one change and submit (was initially the req_ctx), but couldn't reliably verify it until the debugp was working better without affecting the system, so the changes ballooned up to this stage. So I wanted to submit the changes before I change the code further. I will try limit the scope of changes in my future updates. To your questions: 1) The numerical values of the RCTX_STATE are changed to facilitate the choosing of the FIFO/double linked list of req_ctx to use. An array of FIFO, using the state to index into the array to get the FIFO is simplest. When I looked how the reqctx_find / ... functions are used, I found all callers use the constant name rather than any specific numeric value. 2) I will look at this tomorrow. But I was under the impression on how the lib_Atmel?? (sorry, can't access the source at the moment) was invoked to install the irq handler, that the entry point to the interrupt would be directly the function passed in. I looked at the sysirq_handler.c?? more closely than the other so I wasn't aware of the Cstartup.c file Since I increased the req_ctx buffer size to 1kb each, most req_ctx that are transferred to pc contain many many apdus but very often, the req_ctx do not begin at the start of an apdu. So I would like to have an offset (2 byte, since it could be > 256) to indicate the position of the first start of an apdu. After thinking about it more, I would also like to add a sequence number into the header (making the header 8 bytes then?) to better allow for detecting dropped req_ctx (if there are any..). The offset would be 8 for a req_ctx that starts with a new APDU, and would be 0 for an req_ctx that only contains a middle or last fragment of an APDU. I have already modified the host software to run on Windows (currently using Windows 7 x64), so I will probably make those changes locally only to help me detect any problem I might still be facing. Again, thank you very much for getting back so quickly, and I appreciate your product very much. Best Regards On Wed, Sep 4, 2013 at 9:31 PM, Harald Welte wrote: > Dear Min Xu, > > On Wed, Sep 04, 2013 at 07:47:46PM -1000, Min Xu wrote: > > I made a bunch of changes that significantly improved my test scenario: > > I _really_ appreciate your excellent technical work. However, I would > like you to go the little extra effort it takes to 'properly' interact > with community based Free Software projects, where there are rules like > > * only one feature / logical change per patch, resulting in a series > of incremental patches, each taking us one step further, each > rendering a compile-able and functional build after being applied. > * no re-formatting of code (whitespace changes) > * no patch for local changes like different compiler name in Makefile > * stick to coding style of the project (tab-wide indent, ...) for > consistency > * remove old/dead code rather than comment it out (RCTX_STATE_...) > * avoid asm() statements whenever possible. If you need them, please > wrap them in an inline C function with descriptive name. > > Some quesetions: > * why did the numberic values of RCTX_STATE_* have t be changed rather > than amended by your new values, keeping the old ones as-is? > > * interrupt nesting _should_ have been active all the time, see > IRQ_Handler_Entry in Cstartup.S, where we first save SPSR and then > un-set the IRQ and FIQ bits _before_ branching to the interrupt > handler function: > > /*- Enable Interrupt and Switch in Supervisor Mode */ > msr CPSR_c, #ARM_MODE_SVC > > Where ARM_MODE_SVC is set to 0x13, i.e. without 0x40 or 0x80. > > So if there's something wrong with the existing code, it should be > fixed there rather than two copies of inline-asm in the USART and USB > IRQ handler routines. > > So I do want to merge this very much, but I think it needs clean-up > before it can be merged. I don't expect to have much time for this in > the next couple of weeks, so I would be happy if either you or somebody > else on the list could work on this. > > Regarding your comment about changing the USB protocol: This would lead > to host / firmware version incompatibilities, and I'd like to avoid that > if possible in any way. We already have the simtrace_hdr.flags > structure member, which contains things like SIMTRACE_FLAG_ATR. I'm not > sure if I understand your request fully, but why not simply add flags > like: > > * First fragment of a fragmented APDU > * More fragments to follow for this APDU > > This way a new APDU still has to start at the beginning of a USB > transfer, but no changes to the simtrace_hdr are required. > > > Thanks again, > Harald > > > -- > - Harald Welte > http://laforge.gnumonks.org/ > > ============================================================================ > "Privacy in residential applications is a desirable marketing option." > (ETSI EN 300 175-7 Ch. > A6) > -------------- next part -------------- An HTML attachment was scrubbed... URL: From tom at zwizwa.be Tue Sep 10 16:11:00 2013 From: tom at zwizwa.be (Tom Schouten) Date: Tue, 10 Sep 2013 12:11:00 -0400 Subject: MITM voltage fix using ATR Message-ID: <522F4494.4060907@zwizwa.be> Hi List, When using MITM it is possible to set the SIMtrace<->phone voltage levels using ATR, giving a clear-cut way to solve the incorrect I/O level problem: See byte TA(3) C7->C2 orig ATR from card: http://smartcard-atr.appspot.com/parse?ATR=3B9F95801FC78031E073FE2113574A330530323402A3 modded to select only 3V: http://smartcard-atr.appspot.com/parse?ATR=3B9F95801FC28031E073FE2113574A330530323402A6 Cheers, Tom From mxu at sanjole.com Wed Sep 11 00:19:05 2013 From: mxu at sanjole.com (Min Xu) Date: Tue, 10 Sep 2013 14:19:05 -1000 Subject: Incomplete trace (due to high-speed SIM?) In-Reply-To: References: <20130809075847.GA4254@xiaoyu.lan> <20130824140553.GF16941@nataraja.gnumonks.org> <20130905073104.GG20992@nataraja.gnumonks.org> Message-ID: Hi All I have been debugging some usb errors that I have been encountering and here are my conclusions: -- The error is a BULK IN transfer error, after adding further code to display the internal message: BULK IN transfer error; rc=-5 : libusb0-dll:err [_usb_reap_async] reaping request failed, win error: A device attached to the system is not functioning. -- BUT when I used USBLyzer to analyze the underlying problem, it's actually a [buffer overflow] problem. 1) According to usb specification, USB full speed device maximum data packet payload size is 1023 http://www.usb.org/developers/docs/usb_20_070113.zip 2) According to the AT91SAM7S device specification, its USB endpoint size is 64 bytes. 3) According to libusb api description, bulk transfer overflow is caused by too small buffer ( http://libusb.sourceforge.net/api-1.0/packetoverflow.html ). Should use multiple of the device payload size. 4) Since we don't have a size indicator in our USB protocol (our header is 4 bytes, indicating ATR, wait timeout flag etc), the client software must not see more than 1 req_ctx per bulk_usb_transfer call Therefore, we SHOULD: >> A << Use a multiple of 64 bytes as req_ctx size, and must be <= 1023 [per USB specification]. I chose 960. Consequently, there is only ONE size for req_ctx, no more large / small) >> B << Desktop/Host software MUST use the same size in static void run_mainloop(struct usb_dev_handle *devh). Otherwise, multiple req_ctx WILL be combined by the usb driver / libusb and the additional req_ctx header in the middle will confuse the apdu_splitter On Wed, Sep 4, 2013 at 10:37 PM, Min Xu wrote: > Hi Harald > > Thank you for getting back to me so quickly. I am using Emacs on an > Ubuntu netbook to do the edits, which likes to reformat sections as I move > (copy/paste section around) and I haven't figured out a command to undo > those changes. It'd be nice if there is a .emacsrc or something that > automatically formats the code to the project standard? (presumably someone > has one? ..) > > I started only wanted to make one change and submit (was initially the > req_ctx), but couldn't reliably verify it until the debugp was working > better without affecting the system, so the changes ballooned up to this > stage. So I wanted to submit the changes before I change the code > further. I will try limit the scope of changes in my future updates. > > To your questions: > > 1) The numerical values of the RCTX_STATE are changed to facilitate the > choosing of the FIFO/double linked list of req_ctx to use. An array of > FIFO, using the state to index into the array to get the FIFO is simplest. > When I looked how the reqctx_find / ... functions are used, I found all > callers use the constant name rather than any specific numeric value. > > 2) I will look at this tomorrow. But I was under the impression on how > the lib_Atmel?? (sorry, can't access the source at the moment) was invoked > to install the irq handler, that the entry point to the interrupt would be > directly the function passed in. I looked at the sysirq_handler.c?? more > closely than the other so I wasn't aware of the Cstartup.c file > > Since I increased the req_ctx buffer size to 1kb each, most req_ctx that > are transferred to pc contain many many apdus but very often, the req_ctx > do not begin at the start of an apdu. So I would like to have an offset (2 > byte, since it could be > 256) to indicate the position of the first start > of an apdu. After thinking about it more, I would also like to add a > sequence number into the header (making the header 8 bytes then?) to better > allow for detecting dropped req_ctx (if there are any..). The offset would > be 8 for a req_ctx that starts with a new APDU, and would be 0 for an > req_ctx that only contains a middle or last fragment of an APDU. > > I have already modified the host software to run on Windows (currently > using Windows 7 x64), so I will probably make those changes locally only to > help me detect any problem I might still be facing. > > Again, thank you very much for getting back so quickly, and I appreciate > your product very much. > > Best Regards > > On Wed, Sep 4, 2013 at 9:31 PM, Harald Welte wrote: > >> Dear Min Xu, >> >> On Wed, Sep 04, 2013 at 07:47:46PM -1000, Min Xu wrote: >> > I made a bunch of changes that significantly improved my test scenario: >> >> I _really_ appreciate your excellent technical work. However, I would >> like you to go the little extra effort it takes to 'properly' interact >> with community based Free Software projects, where there are rules like >> >> * only one feature / logical change per patch, resulting in a series >> of incremental patches, each taking us one step further, each >> rendering a compile-able and functional build after being applied. >> * no re-formatting of code (whitespace changes) >> * no patch for local changes like different compiler name in Makefile >> * stick to coding style of the project (tab-wide indent, ...) for >> consistency >> * remove old/dead code rather than comment it out (RCTX_STATE_...) >> * avoid asm() statements whenever possible. If you need them, please >> wrap them in an inline C function with descriptive name. >> >> Some quesetions: >> * why did the numberic values of RCTX_STATE_* have t be changed rather >> than amended by your new values, keeping the old ones as-is? >> >> * interrupt nesting _should_ have been active all the time, see >> IRQ_Handler_Entry in Cstartup.S, where we first save SPSR and then >> un-set the IRQ and FIQ bits _before_ branching to the interrupt >> handler function: >> >> /*- Enable Interrupt and Switch in Supervisor Mode */ >> msr CPSR_c, #ARM_MODE_SVC >> >> Where ARM_MODE_SVC is set to 0x13, i.e. without 0x40 or 0x80. >> >> So if there's something wrong with the existing code, it should be >> fixed there rather than two copies of inline-asm in the USART and USB >> IRQ handler routines. >> >> So I do want to merge this very much, but I think it needs clean-up >> before it can be merged. I don't expect to have much time for this in >> the next couple of weeks, so I would be happy if either you or somebody >> else on the list could work on this. >> >> Regarding your comment about changing the USB protocol: This would lead >> to host / firmware version incompatibilities, and I'd like to avoid that >> if possible in any way. We already have the simtrace_hdr.flags >> structure member, which contains things like SIMTRACE_FLAG_ATR. I'm not >> sure if I understand your request fully, but why not simply add flags >> like: >> >> * First fragment of a fragmented APDU >> * More fragments to follow for this APDU >> >> This way a new APDU still has to start at the beginning of a USB >> transfer, but no changes to the simtrace_hdr are required. >> >> >> Thanks again, >> Harald >> >> >> -- >> - Harald Welte >> http://laforge.gnumonks.org/ >> >> ============================================================================ >> "Privacy in residential applications is a desirable marketing option." >> (ETSI EN 300 175-7 Ch. >> A6) >> > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From mxu at sanjole.com Wed Sep 11 02:51:15 2013 From: mxu at sanjole.com (Min Xu) Date: Tue, 10 Sep 2013 16:51:15 -1000 Subject: Incomplete trace (due to high-speed SIM?) In-Reply-To: References: <20130809075847.GA4254@xiaoyu.lan> <20130824140553.GF16941@nataraja.gnumonks.org> <20130905073104.GG20992@nataraja.gnumonks.org> Message-ID: Hi All Further runs (after the check in) shows that there is still a chance for the req_ctx being transmitted by the atmel chip to be broken up (and consequently, also combined with a later req_ctx). From what I have read in the usb specification, there isn't anything to signal an end of stream other than the device stop transmitting for a little while. So I firmly believe we must expand the USB protocol header to add a length field (and I would also recommend adding some additional fields for housekeeping to ease future debug, e.g., address of the req_ctx, and offset of the first byte of an apdu). If this is not agreeable, I will refrain from further check-in, but I believe this change is a requirement to keep in-sync ----------- ============================ HOST SOFTWARE ============================ [[ OMITTED ]] [000078] USBT(D=002049E8, L=0738, P=02) H4/T4: B2 43 05 84 / B2 01 04 B0 >>>>>>>>>>>>>>>>> USB IN [0738] <<<<<<<<<<<<<<< 01 00 09 07 B2 43 05 84 D2 77 B8 0D FF FF FF FF FF FF FF FF FF FF FF FF FF 90 00 00 A4 00 0C 02 .... FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 90 00 00 A4 00 0C 02 A4 6F 3C 90 00 00 B2 01 04 B0 >>>>>>>>>>>>>>>>> USB IN [0064] <<<<<<<<<<<<<<< 01 00 09 07 B2 00 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF *NOTICE the next USB in does not start with a USB header where as the bytes IMMEDIATELY * *FOLLOWING the highlited bytes are the req_ctx header * >>>>>>>>>>>>>>>>> USB IN [0960] <<<<<<<<<<<<<<< 00 00 B2 05 04 14 B2 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF 90 00 00 A4 08 [[ OMITTED ]] B2 01 04 08 B2 00 00 00 00 00 00 00 00 90 00 00 A4 08 0C 04 A4 7F FF 6F C6 90 00 00 B2 05 04 08 01 00 09 07 B2 FF FF FF FF FF FF FF FF 90 00 01 A4 00 04 02 A4 6F 3C 61 24 01 C0 00 00 24 C0 62 [[ OMITTED ]] 07 81 02 00 19 88 01 68 90 00 01 B0 00 01 06 B0 unknown simtrace msg type 0x00 <<== BAD header indicator ============================ SERIAL OUTPUT ============================== [000000] [000001] (C) 2006-2011 by Harald Welte This software is FREE SOFTWARE licensed under GNU GPL [000002] Version 0.5.7-8d17-dirty compiled 20130910-155033 by min at Min-Toshiba [000003] DEBUG Interface: 0) Set Pull-up 1) Clear Pull-up 2) Toggle LED1 3) Toggle LED2 9) Reset [000004] RSTC_SR=0x00010000 [000005] LARGE req_ctx[00] initialized at 002055B0, Data: 00200A28 => 00200DE8 [000006] LARGE req_ctx[01] initialized at 002055C4, Data: 00200DE8 => 002011A8 [000007] LARGE req_ctx[02] initialized at 002055D8, Data: 002011A8 => 00201568 [000008] LARGE req_ctx[03] initialized at 002055EC, Data: 00201568 => 00201928 [000009] LARGE req_ctx[04] initialized at 00205600, Data: 00201928 => 00201CE8 [00000A] LARGE req_ctx[05] initialized at 00205614, Data: 00201CE8 => 002020A8 [00000B] LARGE req_ctx[06] initialized at 00205628, Data: 002020A8 => 00202468 [00000C] LARGE req_ctx[07] initialized at 0020563C, Data: 00202468 => 00202828 [00000D] LARGE req_ctx[08] initialized at 00205650, Data: 00202828 => 00202BE8 [00000E] LARGE req_ctx[09] initialized at 00205664, Data: 00202BE8 => 00202FA8 [00000F] LARGE req_ctx[10] initialized at 00205678, Data: 00202FA8 => 00203368 [000010] LARGE req_ctx[11] initialized at 0020568C, Data: 00203368 => 00203728 [000011] LARGE req_ctx[12] initialized at 002056A0, Data: 00203728 => 00203AE8 [000012] LARGE req_ctx[13] initialized at 002056B4, Data: 00203AE8 => 00203EA8 [000013] LARGE req_ctx[14] initialized at 002056C8, Data: 00203EA8 => 00204268 [000014] LARGE req_ctx[15] initialized at 002056DC, Data: 00204268 => 00204628 [000015] LARGE req_ctx[16] initialized at 002056F0, Data: 00204628 => 002049E8 [000016] LARGE req_ctx[17] initialized at 00205704, Data: 002049E8 => 00204DA8 [000017] LARGE req_ctx[18] initialized at 00205718, Data: 00204DA8 => 00205168 [000018] LARGE req_ctx[19] initialized at 0020572C, Data: 00205168 => 00205528 [000019] Inititalizing usbcmd_gen_init [00001A] udp_open(425): entering [00001B] USART Initializing [00001C] pio_irq_register(109): registering handler 001078d8 for PIOA 7 [00001D] RST [00001E] computed Fi(1) Di(1) ratio: 372 [00001F] ISO_SW Initializing [000020] pio_irq_register(109): registering handler 00107cfc for PIOA 8 [000021] pio_irq_register(109): registering handler 00107d28 for PIOA 25 [000022] USART Entering Rx Mode [000023] RST [000024] computed Fi(1) Di(1) ratio: 372 [000025] MODE: SNIFFER [000026] RST [000027] computed Fi(1) Di(1) ratio: 372 [000028] main(76): entering main (idle) loop [000029] Heart beat 00000000 [00002A] VCC_PHONE off [00002B] Heart beat 00000001 [00002C] Heart beat 00000002 [00002D] Heart beat 00000003 [00002E] Heart beat 00000004 [00002F] Heart beat 00000005 [000030] Heart beat 00000006 [000031] Heart beat 00000007 [000032] VCC_PHONE on [000033] RST [000034] computed Fi(1) Di(1) ratio: 372 [000035] Heart beat 00000008 [000036] USBT(D=00200DE8, L=0027, P=00) H4/T4: 3B 9F 97 C0 / 22 81 00 F2 [000037] found Fi=9 Di=7 [000038] computed Fi(9) Di(7) ratio: 8 [000039] USBT(D=002011A8, L=0004, P=00) H4/T4: 00 00 00 00 / 01 0C 09 07 [00003A] USBT(D=00201568, L=0009, P=00) H4/T4: 00 A4 00 04 / A4 00 04 02 [00003B] USBT(D=00201928, L=0008, P=00) H4/T4: 60 A4 3F 00 / 60 A4 3F 00 [00003C] USBT(D=00201CE8, L=0137, P=00) H4/T4: 61 38 00 C0 / 09 62 90 00 [00003D] Heart beat 00000009 [00003E] Heart beat 0000000A [00003F] Heart beat 0000000B [000040] USBT(D=002020A8, L=0290, P=00) H4/T4: 00 A4 08 04 / 00 00 00 00 [000041] USBT(D=00202468, L=0281, P=00) H4/T4: 91 10 00 A4 / FF FF 91 10 [000042] USBT(D=00202828, L=0021, P=00) H4/T4: 80 C2 00 00 / 03 13 01 84 [000043] USBT(D=00202BE8, L=0028, P=00) H4/T4: 93 00 00 A4 / 08 00 00 FF [000044] Heart beat 0000000C [000045] USBT(D=00202FA8, L=0388, P=00) H4/T4: 61 3F 00 C0 / 03 13 01 84 [000046] USBT(D=00203368, L=0024, P=00) H4/T4: 93 00 80 14 / 81 03 01 00 [000047] USBT(D=00203728, L=0061, P=01) H4/T4: 91 0F 80 12 / FF 00 90 00 [000048] USBT(D=00203AE8, L=0021, P=00) H4/T4: 80 C2 00 00 / 03 13 01 84 [000049] USBT(D=00203EA8, L=0050, P=00) H4/T4: 93 00 00 B2 / 04 02 01 1E [00004A] USBT(D=00204268, L=0118, P=00) H4/T4: 91 2B 80 12 / 03 13 01 84 [00004B] USBT(D=00204628, L=0054, P=00) H4/T4: 93 00 00 B2 / 39 02 05 8E [00004C] USBT(D=002049E8, L=0235, P=00) H4/T4: 91 13 80 12 / 02 00 00 FF [00004D] USBT(D=00204DA8, L=0472, P=00) H4/T4: 61 3F 01 C0 / 02 A4 6F B7 [00004E] USBT(D=00205168, L=0371, P=00) H4/T4: 6A 82 01 A4 / A4 00 0C 02 [00004F] USBT(D=00200A28, L=0280, P=00) H4/T4: A4 7F 10 90 / 08 00 00 FF [000050] USBT(D=00200DE8, L=0506, P=00) H4/T4: 90 00 00 A4 / FF FF 90 00 [000051] Heart beat 0000000D [000052] USBT(D=002011A8, L=0503, P=00) H4/T4: 00 A4 00 0C / B0 00 00 00 [000053] USBT(D=00201568, L=0960, P=00) H4/T4: B0 32 F4 51 / C0 00 00 22 [000054] USBT(D=00201928, L=0540, P=00) H4/T4: C0 62 20 82 / A4 08 04 06 [000055] USBT(D=00201CE8, L=0548, P=00) H4/T4: A4 7F FF 5F / B2 06 04 3F [000056] USBT(D=002020A8, L=0190, P=00) H4/T4: B2 80 01 01 / 08 00 00 FF [000057] USBT(D=00202468, L=0582, P=00) H4/T4: 90 00 01 2C / 02 A4 6F 06 [000058] USBT(D=00202828, L=0688, P=00) H4/T4: 61 24 01 C0 / 46 00 00 99 [000059] USBT(D=00202BE8, L=0642, P=00) H4/T4: 61 01 01 C0 / 02 A4 6F 2C [00005A] USBT(D=00202FA8, L=0960, P=00) H4/T4: 61 22 01 C0 / 06 12 61 F4 [00005B] USBT(D=00203368, L=0960, P=00) H4/T4: 47 E9 61 38 / 85 00 00 40 [00005C] Heart beat 0000000E [00005D] USBT(D=00203728, L=0960, P=01) H4/T4: 60 08 00 6A / 81 02 00 40 [00005E] USBT(D=00203AE8, L=0960, P=02) H4/T4: 60 D0 04 20 / 30 60 08 10 [00005F] USBT(D=00203EA8, L=0960, P=04) H4/T4: BA 84 30 60 / 00 03 70 81 [000060] USBT(D=00204268, L=0960, P=05) H4/T4: 0F 00 40 60 / 20 80 30 70 [000061] USBT(D=00204628, L=0960, P=06) H4/T4: 00 0F A8 88 / 36 45 FF FF [000062] USBT(D=002049E8, L=0960, P=06) H4/T4: 36 3D FF FF / 3E 31 FF FF [000063] USBT(D=00204DA8, L=0960, P=06) H4/T4: 44 00 69 C0 / 44 80 80 B1 [000064] USBT(D=00205168, L=0960, P=06) H4/T4: E0 02 30 2F / FF 36 6F FF [000065] USBT(D=00200A28, L=0960, P=06) H4/T4: FF 36 6E FF / FF FF FF FF [000066] USBT(D=00200DE8, L=0960, P=06) H4/T4: FF FF FF FF / FF FF FF FF [000067] USBT(D=002011A8, L=0960, P=06) H4/T4: FF FF FF FF / B0 2D 00 00 [000068] Heart beat 0000000F [000069] USBT(D=00201568, L=0960, P=06) H4/T4: B0 FF FF FF / 00 90 00 01 [00006A] USBT(D=00201928, L=0140, P=05) H4/T4: B2 13 04 42 / FF FF 90 00 [00006B] USBT(D=00201CE8, L=0270, P=06) H4/T4: 00 A4 00 04 / A4 00 0C 02 [00006C] USBT(D=002020A8, L=0246, P=05) H4/T4: A4 7F FF 90 / 02 00 00 FF [00006D] USBT(D=00202468, L=0088, P=05) H4/T4: 91 0B 80 12 / 03 02 20 04 [00006E] USBT(D=00202828, L=0156, P=05) H4/T4: 90 00 00 A4 / FF FF 90 00 [00006F] USBT(D=00202BE8, L=0289, P=04) H4/T4: 00 B2 0B 04 / FF FF 90 00 [000070] USBT(D=00202FA8, L=0890, P=03) H4/T4: 01 A4 00 04 / 61 6F 90 00 [000071] USBT(D=00203368, L=0960, P=03) H4/T4: 00 B0 02 00 / FF FF FF FF [000072] USBT(D=00203728, L=0960, P=03) H4/T4: FF FF FF FF / 01 08 80 01 [000073] USBT(D=00203AE8, L=0607, P=03) H4/T4: 40 A4 06 83 / 00 17 88 00 [000074] USBT(D=00203EA8, L=0545, P=03) H4/T4: 90 00 01 B0 / 7F FF 6F 42 [000075] USBT(D=00204268, L=0412, P=02) H4/T4: 90 00 00 B2 / 7F FF 6F 42 [000076] Heart beat 00000010 [000077] USBT(D=00204628, L=0450, P=02) H4/T4: 90 00 00 B2 / B2 03 04 14 [000078] USBT(D=002049E8, L=0738, P=02) H4/T4: B2 43 05 84 / B2 01 04 B0 [000079] USBT(D=00204DA8, L=0576, P=02) H4/T4: B2 00 FF FF / B2 05 04 08 [00007A] USBT(D=00205168, L=0869, P=02) H4/T4: B2 FF FF FF / A4 00 0C 02 [00007B] USBT(D=00200A28, L=0503, P=01) H4/T4: A4 6F 3C 90 / 02 A4 6F 3C [00007C] USBT(D=00200DE8, L=0960, P=00) H4/T4: 61 24 01 C0 / FF FF FF FF [00007D] USBT(D=002011A8, L=0502, P=00) H4/T4: FF FF FF FF / B2 06 04 B0 [00007E] USBT(D=00201568, L=0888, P=00) H4/T4: B2 00 FF FF / 5F 3A 4F 11 [00007F] USBT(D=00201928, L=0834, P=00) H4/T4: 61 25 00 C0 / FF FF 90 00 [000080] USBT(D=00201CE8, L=0960, P=00) H4/T4: 00 A4 08 0C / FF FF FF FF [000081] USBT(D=002020A8, L=0398, P=00) H4/T4: FF FF FF FF / B2 0E 04 08 [000082] USBT(D=00202468, L=0960, P=00) H4/T4: B2 FF FF FF / FF FF FF FF [000083] Heart beat 00000011 [000084] USBT(D=00202828, L=0421, P=00) H4/T4: FF FF FF FF / FF FF 90 00 [000085] USBT(D=00202BE8, L=0960, P=00) H4/T4: 01 A4 00 04 / FF FF FF FF [000086] USBT(D=00202FA8, L=0441, P=00) H4/T4: FF FF FF FF / 02 A4 6F 28 [000087] USBT(D=00203368, L=0658, P=00) H4/T4: 61 25 01 C0 / 02 A4 6F 06 [000088] USBT(D=00203728, L=0495, P=00) H4/T4: 90 00 00 B2 / B2 02 04 1E [000089] USBT(D=00203AE8, L=0485, P=00) H4/T4: B2 00 FF FF / FF FF 90 00 [00008A] USBT(D=00203EA8, L=0209, P=00) H4/T4: 00 A4 00 0C / FF FF FF FF [00008B] USBT(D=00204268, L=0440, P=00) H4/T4: 61 0A 00 C0 / FF FF FF FF [00008C] USBT(D=00204628, L=0435, P=00) H4/T4: 61 0A 00 C0 / FF FF FF FF [00008D] Heart beat 00000012 [00008E] USBT(D=002049E8, L=0389, P=00) H4/T4: 61 04 00 C0 / B2 02 04 22 [00008F] USBT(D=00204DA8, L=0454, P=00) H4/T4: B2 23 4D 49 / A4 08 0C 04 [000090] USBT(D=00205168, L=0414, P=00) H4/T4: A4 7F FF 6F / A4 08 0C 04 [000091] USBT(D=00200A28, L=0458, P=00) H4/T4: A4 7F FF 6F / 00 00 FF FF [000092] USBT(D=00200DE8, L=0385, P=00) H4/T4: 90 00 01 B2 / B0 00 90 00 [000093] USBT(D=002011A8, L=0271, P=00) H4/T4: 00 A4 00 0C / 02 A2 00 00 [000094] USBT(D=00201568, L=0271, P=00) H4/T4: 61 64 00 C0 / 02 A2 00 00 [000095] USBT(D=00201928, L=0472, P=00) H4/T4: 61 64 00 C0 / B2 2B 04 08 [000096] USBT(D=00201CE8, L=0082, P=00) H4/T4: B2 FF FF FF / 02 A2 00 00 [000097] USBT(D=002020A8, L=0270, P=00) H4/T4: 61 64 00 C0 / 02 A2 00 00 [000098] Heart beat 00000013 [000099] USBT(D=00202468, L=0436, P=00) H4/T4: 61 64 00 C0 / 00 C0 00 00 [00009A] USBT(D=00202828, L=0091, P=00) H4/T4: 25 C0 62 23 / FF FF FF FF [00009B] USBT(D=00202BE8, L=0383, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF [00009C] USBT(D=00202FA8, L=0358, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF [00009D] USBT(D=00203368, L=0326, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF [00009E] USBT(D=00203728, L=0264, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF [00009F] USBT(D=00203AE8, L=0264, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF [0000A0] USBT(D=00203EA8, L=0239, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF [0000A1] USBT(D=00204268, L=0239, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF [0000A2] USBT(D=00204628, L=0263, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF [0000A3] USBT(D=002049E8, L=0172, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF [0000A4] Heart beat 00000014 [0000A5] USBT(D=00204DA8, L=0261, P=00) H4/T4: 61 64 00 C0 / 00 00 90 00 [0000A6] USBT(D=00205168, L=0311, P=00) H4/T4: 01 A4 00 04 / B2 14 04 05 [0000A7] USBT(D=00200A28, L=0108, P=00) H4/T4: B2 00 00 00 / B0 00 00 0A [0000A8] USBT(D=00200DE8, L=0017, P=00) H4/T4: B0 98 41 08 / 09 62 90 00 [0000A9] USBT(D=002011A8, L=0010, P=00) H4/T4: 80 F2 00 0C / 00 0C 00 FF [0000AA] Heart beat 00000015 [0000AB] RST [0000AC] computed Fi(1) Di(1) ratio: 372 [0000AD] VCC_PHONE off [0000AE] VCC_PHONE on [0000AF] RST [0000B0] computed Fi(1) Di(1) ratio: 372 [0000B1] USBT(D=00201568, L=0027, P=00) H4/T4: 3B 9F 97 C0 / 22 81 00 F2 [0000B2] found Fi=9 Di=7 [0000B3] computed Fi(9) Di(7) ratio: 8 [0000B4] USBT(D=00201928, L=0009, P=00) H4/T4: 00 A4 00 04 / A4 00 04 02 [0000B5] Heart beat 00000016 [0000B6] USBT(D=00201CE8, L=0008, P=00) H4/T4: 60 A4 3F 00 / 60 A4 3F 00 [0000B7] USBT(D=002020A8, L=0182, P=00) H4/T4: 61 38 00 C0 / 00 00 00 00 [0000B8] UART parity error: 1 [0000B9] UART parity error: 2 [0000BA] USBT(D=00202468, L=0006, P=00) H4/T4: F0 FF 00 C0 / 09 07 F0 FF [0000BB] Heart beat 00000017 [0000BC] RST [0000BD] computed Fi(1) Di(1) ratio: 372 [0000BE] VCC_PHONE off [0000BF] VCC_PHONE on [0000C0] RST [0000C1] computed Fi(1) Di(1) ratio: 372 [0000C2] USBT(D=00202828, L=0027, P=00) H4/T4: 3B 9F 97 C0 / 22 81 00 F2 [0000C3] found Fi=9 Di=7 [0000C4] computed Fi(9) Di(7) ratio: 8 [0000C5] USBT(D=00202BE8, L=0009, P=00) H4/T4: 00 A4 00 04 / A4 00 04 02 [0000C6] USBT(D=00202FA8, L=0007, P=00) H4/T4: A4 3F 00 C0 / 07 A4 3F 00 [0000C7] Heart beat 00000018 [0000C8] USBT(D=00203368, L=0182, P=00) H4/T4: 61 38 00 C0 / 00 00 00 00 [0000C9] USBT(D=00203728, L=0006, P=00) H4/T4: 91 10 00 C0 / 09 07 91 10 [0000CA] Heart beat 00000019 [0000CB] Heart beat 0000001A [0000CC] Heart beat 0000001B [0000CD] Heart beat 0000001C [0000CE] Heart beat 0000001D [0000CF] Heart beat 0000001E [0000D0] UART parity error: 3 [0000D1] USBT(D=00203AE8, L=0007, P=00) H4/T4: EF FF FD C0 / 07 EF FF FD [0000D2] Heart beat 0000001F [0000D3] Heart beat 00000020 [0000D4] Heart beat 00000021 [0000D5] Heart beat 00000022 [0000D6] Heart beat 00000023 [0000D7] Heart beat 00000024 [0000D8] Heart beat 00000025 [0000D9] Heart beat 00000026 [0000DA] Heart beat 00000027 [0000DB] Heart beat 00000028 [0000DC] Heart beat 00000029 [0000DD] Heart beat 0000002A [0000DE] Heart beat 0000002B [0000DF] Heart beat 0000002C [0000E0] Heart beat 0000002D [0000E1] Heart beat 0000002E On Tue, Sep 10, 2013 at 2:19 PM, Min Xu wrote: > Hi All > > I have been debugging some usb errors that I have been encountering and > here are my conclusions: > > -- The error is a BULK IN transfer error, after adding further code to > display the internal message: > > BULK IN transfer error; rc=-5 : libusb0-dll:err [_usb_reap_async] reaping > request failed, win error: A device attached to the system is not > functioning. > > -- BUT when I used USBLyzer to analyze the underlying problem, it's > actually a [buffer overflow] problem. > > 1) According to usb specification, USB full speed device maximum data > packet payload size is 1023 > > http://www.usb.org/developers/docs/usb_20_070113.zip > > 2) According to the AT91SAM7S device specification, its USB endpoint size > is 64 bytes. > > 3) According to libusb api description, bulk transfer overflow is caused > by too small buffer ( > http://libusb.sourceforge.net/api-1.0/packetoverflow.html ). Should use > multiple of the device payload size. > > 4) Since we don't have a size indicator in our USB protocol (our header > is 4 bytes, indicating ATR, wait timeout flag etc), the client software > must not see more than 1 req_ctx per bulk_usb_transfer call > > Therefore, we SHOULD: > > >> A << Use a multiple of 64 bytes as req_ctx size, and must be <= 1023 > [per USB specification]. I chose 960. Consequently, there is only ONE > size for req_ctx, no more large / small) > > >> B << Desktop/Host software MUST use the same size in static void > run_mainloop(struct usb_dev_handle *devh). Otherwise, multiple req_ctx > WILL be combined by the usb driver / libusb and the additional req_ctx > header in the middle will confuse the apdu_splitter > > > > > On Wed, Sep 4, 2013 at 10:37 PM, Min Xu wrote: > >> Hi Harald >> >> Thank you for getting back to me so quickly. I am using Emacs on an >> Ubuntu netbook to do the edits, which likes to reformat sections as I move >> (copy/paste section around) and I haven't figured out a command to undo >> those changes. It'd be nice if there is a .emacsrc or something that >> automatically formats the code to the project standard? (presumably someone >> has one? ..) >> >> I started only wanted to make one change and submit (was initially the >> req_ctx), but couldn't reliably verify it until the debugp was working >> better without affecting the system, so the changes ballooned up to this >> stage. So I wanted to submit the changes before I change the code >> further. I will try limit the scope of changes in my future updates. >> >> To your questions: >> >> 1) The numerical values of the RCTX_STATE are changed to facilitate the >> choosing of the FIFO/double linked list of req_ctx to use. An array of >> FIFO, using the state to index into the array to get the FIFO is simplest. >> When I looked how the reqctx_find / ... functions are used, I found all >> callers use the constant name rather than any specific numeric value. >> >> 2) I will look at this tomorrow. But I was under the impression on how >> the lib_Atmel?? (sorry, can't access the source at the moment) was invoked >> to install the irq handler, that the entry point to the interrupt would be >> directly the function passed in. I looked at the sysirq_handler.c?? more >> closely than the other so I wasn't aware of the Cstartup.c file >> >> Since I increased the req_ctx buffer size to 1kb each, most req_ctx that >> are transferred to pc contain many many apdus but very often, the req_ctx >> do not begin at the start of an apdu. So I would like to have an offset (2 >> byte, since it could be > 256) to indicate the position of the first start >> of an apdu. After thinking about it more, I would also like to add a >> sequence number into the header (making the header 8 bytes then?) to better >> allow for detecting dropped req_ctx (if there are any..). The offset would >> be 8 for a req_ctx that starts with a new APDU, and would be 0 for an >> req_ctx that only contains a middle or last fragment of an APDU. >> >> I have already modified the host software to run on Windows (currently >> using Windows 7 x64), so I will probably make those changes locally only to >> help me detect any problem I might still be facing. >> >> Again, thank you very much for getting back so quickly, and I appreciate >> your product very much. >> >> Best Regards >> >> On Wed, Sep 4, 2013 at 9:31 PM, Harald Welte wrote: >> >>> Dear Min Xu, >>> >>> On Wed, Sep 04, 2013 at 07:47:46PM -1000, Min Xu wrote: >>> > I made a bunch of changes that significantly improved my test scenario: >>> >>> I _really_ appreciate your excellent technical work. However, I would >>> like you to go the little extra effort it takes to 'properly' interact >>> with community based Free Software projects, where there are rules like >>> >>> * only one feature / logical change per patch, resulting in a series >>> of incremental patches, each taking us one step further, each >>> rendering a compile-able and functional build after being applied. >>> * no re-formatting of code (whitespace changes) >>> * no patch for local changes like different compiler name in Makefile >>> * stick to coding style of the project (tab-wide indent, ...) for >>> consistency >>> * remove old/dead code rather than comment it out (RCTX_STATE_...) >>> * avoid asm() statements whenever possible. If you need them, please >>> wrap them in an inline C function with descriptive name. >>> >>> Some quesetions: >>> * why did the numberic values of RCTX_STATE_* have t be changed rather >>> than amended by your new values, keeping the old ones as-is? >>> >>> * interrupt nesting _should_ have been active all the time, see >>> IRQ_Handler_Entry in Cstartup.S, where we first save SPSR and then >>> un-set the IRQ and FIQ bits _before_ branching to the interrupt >>> handler function: >>> >>> /*- Enable Interrupt and Switch in Supervisor Mode */ >>> msr CPSR_c, #ARM_MODE_SVC >>> >>> Where ARM_MODE_SVC is set to 0x13, i.e. without 0x40 or 0x80. >>> >>> So if there's something wrong with the existing code, it should be >>> fixed there rather than two copies of inline-asm in the USART and USB >>> IRQ handler routines. >>> >>> So I do want to merge this very much, but I think it needs clean-up >>> before it can be merged. I don't expect to have much time for this in >>> the next couple of weeks, so I would be happy if either you or somebody >>> else on the list could work on this. >>> >>> Regarding your comment about changing the USB protocol: This would lead >>> to host / firmware version incompatibilities, and I'd like to avoid that >>> if possible in any way. We already have the simtrace_hdr.flags >>> structure member, which contains things like SIMTRACE_FLAG_ATR. I'm not >>> sure if I understand your request fully, but why not simply add flags >>> like: >>> >>> * First fragment of a fragmented APDU >>> * More fragments to follow for this APDU >>> >>> This way a new APDU still has to start at the beginning of a USB >>> transfer, but no changes to the simtrace_hdr are required. >>> >>> >>> Thanks again, >>> Harald >>> >>> >>> -- >>> - Harald Welte >>> http://laforge.gnumonks.org/ >>> >>> ============================================================================ >>> "Privacy in residential applications is a desirable marketing option." >>> (ETSI EN 300 175-7 Ch. >>> A6) >>> >> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From mxu at sanjole.com Wed Sep 11 02:54:08 2013 From: mxu at sanjole.com (Min Xu) Date: Tue, 10 Sep 2013 16:54:08 -1000 Subject: Incomplete trace (due to high-speed SIM?) In-Reply-To: References: <20130809075847.GA4254@xiaoyu.lan> <20130824140553.GF16941@nataraja.gnumonks.org> <20130905073104.GG20992@nataraja.gnumonks.org> Message-ID: I forgot one more thing: In my SERIAL OUTPUT section quoted earlier, please note there were some UART parity error ( there were 3 errors total, cumulative report ) Does anyone have any input on how to fix that? Do we need shielded cable or is it something we should fix in software? Best Regards On Tue, Sep 10, 2013 at 4:51 PM, Min Xu wrote: > Hi All > > Further runs (after the check in) shows that there is still a chance for > the req_ctx being transmitted by the atmel chip to be broken up (and > consequently, also combined with a later req_ctx). From what I have read > in the usb specification, there isn't anything to signal an end of stream > other than the device stop transmitting for a little while. > > So I firmly believe we must expand the USB protocol header to add a length > field (and I would also recommend adding some additional fields for > housekeeping to ease future debug, e.g., address of the req_ctx, and offset > of the first byte of an apdu). If this is not agreeable, I will refrain > from further check-in, but I believe this change is a requirement to keep > in-sync > ----------- > > > ============================ HOST SOFTWARE ============================ > [[ OMITTED ]] > > [000078] USBT(D=002049E8, L=0738, P=02) H4/T4: B2 43 05 84 / B2 01 04 B0 > >>>>>>>>>>>>>>>>> USB IN [0738] <<<<<<<<<<<<<<< > 01 00 09 07 B2 43 05 84 D2 77 B8 0D FF FF FF FF > FF FF FF FF FF FF FF FF FF 90 00 00 A4 00 0C 02 > .... > FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF > FF 90 00 00 A4 00 0C 02 A4 6F 3C 90 00 00 B2 01 > 04 B0 > > >>>>>>>>>>>>>>>>> USB IN [0064] <<<<<<<<<<<<<<< > 01 00 09 07 B2 00 FF FF FF FF FF FF FF FF FF FF > FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF > FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF > FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF > > *NOTICE the next USB in does not start with a USB header where as the > bytes IMMEDIATELY > * > *FOLLOWING the highlited bytes are the req_ctx header * > >>>>>>>>>>>>>>>>> USB IN [0960] <<<<<<<<<<<<<<< > 00 00 B2 05 04 14 B2 FF FF FF FF FF FF FF FF FF > FF FF FF FF FF FF FF FF FF FF FF 90 00 00 A4 08 > [[ OMITTED ]] > B2 01 04 08 B2 00 00 00 00 00 00 00 00 90 00 00 > A4 08 0C 04 A4 7F FF 6F C6 90 00 00 B2 05 04 08 > 01 00 09 07 B2 FF FF FF FF FF FF FF FF 90 00 01 > A4 00 04 02 A4 6F 3C 61 24 01 C0 00 00 24 C0 62 > [[ OMITTED ]] > 07 81 02 00 19 88 01 68 90 00 01 B0 00 01 06 B0 > unknown simtrace msg type 0x00 <<== BAD header indicator > > > ============================ SERIAL OUTPUT ============================== > > [000000] > [000001] (C) 2006-2011 by Harald Welte > This software is FREE SOFTWARE licensed under GNU GPL > [000002] Version 0.5.7-8d17-dirty compiled 20130910-155033 by > min at Min-Toshiba > > [000003] > DEBUG Interface: > 0) Set Pull-up 1) Clear Pull-up 2) Toggle LED1 3) Toggle LED2 > 9) Reset > [000004] RSTC_SR=0x00010000 > [000005] LARGE req_ctx[00] initialized at 002055B0, Data: 00200A28 => > 00200DE8 > [000006] LARGE req_ctx[01] initialized at 002055C4, Data: 00200DE8 => > 002011A8 > [000007] LARGE req_ctx[02] initialized at 002055D8, Data: 002011A8 => > 00201568 > [000008] LARGE req_ctx[03] initialized at 002055EC, Data: 00201568 => > 00201928 > [000009] LARGE req_ctx[04] initialized at 00205600, Data: 00201928 => > 00201CE8 > [00000A] LARGE req_ctx[05] initialized at 00205614, Data: 00201CE8 => > 002020A8 > [00000B] LARGE req_ctx[06] initialized at 00205628, Data: 002020A8 => > 00202468 > [00000C] LARGE req_ctx[07] initialized at 0020563C, Data: 00202468 => > 00202828 > [00000D] LARGE req_ctx[08] initialized at 00205650, Data: 00202828 => > 00202BE8 > [00000E] LARGE req_ctx[09] initialized at 00205664, Data: 00202BE8 => > 00202FA8 > [00000F] LARGE req_ctx[10] initialized at 00205678, Data: 00202FA8 => > 00203368 > [000010] LARGE req_ctx[11] initialized at 0020568C, Data: 00203368 => > 00203728 > [000011] LARGE req_ctx[12] initialized at 002056A0, Data: 00203728 => > 00203AE8 > [000012] LARGE req_ctx[13] initialized at 002056B4, Data: 00203AE8 => > 00203EA8 > [000013] LARGE req_ctx[14] initialized at 002056C8, Data: 00203EA8 => > 00204268 > [000014] LARGE req_ctx[15] initialized at 002056DC, Data: 00204268 => > 00204628 > [000015] LARGE req_ctx[16] initialized at 002056F0, Data: 00204628 => > 002049E8 > [000016] LARGE req_ctx[17] initialized at 00205704, Data: 002049E8 => > 00204DA8 > [000017] LARGE req_ctx[18] initialized at 00205718, Data: 00204DA8 => > 00205168 > [000018] LARGE req_ctx[19] initialized at 0020572C, Data: 00205168 => > 00205528 > [000019] Inititalizing usbcmd_gen_init > [00001A] udp_open(425): entering > [00001B] USART Initializing > [00001C] pio_irq_register(109): registering handler 001078d8 for PIOA 7 > [00001D] RST > [00001E] computed Fi(1) Di(1) ratio: 372 > [00001F] ISO_SW Initializing > [000020] pio_irq_register(109): registering handler 00107cfc for PIOA 8 > [000021] pio_irq_register(109): registering handler 00107d28 for PIOA 25 > [000022] USART Entering Rx Mode > [000023] RST > [000024] computed Fi(1) Di(1) ratio: 372 > [000025] MODE: SNIFFER > > [000026] RST > [000027] computed Fi(1) Di(1) ratio: 372 > [000028] main(76): entering main (idle) loop > [000029] Heart beat 00000000 > [00002A] VCC_PHONE off > [00002B] Heart beat 00000001 > [00002C] Heart beat 00000002 > [00002D] Heart beat 00000003 > [00002E] Heart beat 00000004 > [00002F] Heart beat 00000005 > [000030] Heart beat 00000006 > [000031] Heart beat 00000007 > [000032] VCC_PHONE on > [000033] RST > [000034] computed Fi(1) Di(1) ratio: 372 > [000035] Heart beat 00000008 > [000036] USBT(D=00200DE8, L=0027, P=00) H4/T4: 3B 9F 97 C0 / 22 81 00 F2 > [000037] found Fi=9 Di=7 > [000038] computed Fi(9) Di(7) ratio: 8 > [000039] USBT(D=002011A8, L=0004, P=00) H4/T4: 00 00 00 00 / 01 0C 09 07 > [00003A] USBT(D=00201568, L=0009, P=00) H4/T4: 00 A4 00 04 / A4 00 04 02 > [00003B] USBT(D=00201928, L=0008, P=00) H4/T4: 60 A4 3F 00 / 60 A4 3F 00 > [00003C] USBT(D=00201CE8, L=0137, P=00) H4/T4: 61 38 00 C0 / 09 62 90 00 > [00003D] Heart beat 00000009 > [00003E] Heart beat 0000000A > [00003F] Heart beat 0000000B > [000040] USBT(D=002020A8, L=0290, P=00) H4/T4: 00 A4 08 04 / 00 00 00 00 > [000041] USBT(D=00202468, L=0281, P=00) H4/T4: 91 10 00 A4 / FF FF 91 10 > [000042] USBT(D=00202828, L=0021, P=00) H4/T4: 80 C2 00 00 / 03 13 01 84 > [000043] USBT(D=00202BE8, L=0028, P=00) H4/T4: 93 00 00 A4 / 08 00 00 FF > [000044] Heart beat 0000000C > [000045] USBT(D=00202FA8, L=0388, P=00) H4/T4: 61 3F 00 C0 / 03 13 01 84 > [000046] USBT(D=00203368, L=0024, P=00) H4/T4: 93 00 80 14 / 81 03 01 00 > [000047] USBT(D=00203728, L=0061, P=01) H4/T4: 91 0F 80 12 / FF 00 90 00 > [000048] USBT(D=00203AE8, L=0021, P=00) H4/T4: 80 C2 00 00 / 03 13 01 84 > [000049] USBT(D=00203EA8, L=0050, P=00) H4/T4: 93 00 00 B2 / 04 02 01 1E > [00004A] USBT(D=00204268, L=0118, P=00) H4/T4: 91 2B 80 12 / 03 13 01 84 > [00004B] USBT(D=00204628, L=0054, P=00) H4/T4: 93 00 00 B2 / 39 02 05 8E > [00004C] USBT(D=002049E8, L=0235, P=00) H4/T4: 91 13 80 12 / 02 00 00 FF > [00004D] USBT(D=00204DA8, L=0472, P=00) H4/T4: 61 3F 01 C0 / 02 A4 6F B7 > [00004E] USBT(D=00205168, L=0371, P=00) H4/T4: 6A 82 01 A4 / A4 00 0C 02 > [00004F] USBT(D=00200A28, L=0280, P=00) H4/T4: A4 7F 10 90 / 08 00 00 FF > [000050] USBT(D=00200DE8, L=0506, P=00) H4/T4: 90 00 00 A4 / FF FF 90 00 > [000051] Heart beat 0000000D > [000052] USBT(D=002011A8, L=0503, P=00) H4/T4: 00 A4 00 0C / B0 00 00 00 > [000053] USBT(D=00201568, L=0960, P=00) H4/T4: B0 32 F4 51 / C0 00 00 22 > [000054] USBT(D=00201928, L=0540, P=00) H4/T4: C0 62 20 82 / A4 08 04 06 > [000055] USBT(D=00201CE8, L=0548, P=00) H4/T4: A4 7F FF 5F / B2 06 04 3F > [000056] USBT(D=002020A8, L=0190, P=00) H4/T4: B2 80 01 01 / 08 00 00 FF > [000057] USBT(D=00202468, L=0582, P=00) H4/T4: 90 00 01 2C / 02 A4 6F 06 > [000058] USBT(D=00202828, L=0688, P=00) H4/T4: 61 24 01 C0 / 46 00 00 99 > [000059] USBT(D=00202BE8, L=0642, P=00) H4/T4: 61 01 01 C0 / 02 A4 6F 2C > [00005A] USBT(D=00202FA8, L=0960, P=00) H4/T4: 61 22 01 C0 / 06 12 61 F4 > [00005B] USBT(D=00203368, L=0960, P=00) H4/T4: 47 E9 61 38 / 85 00 00 40 > [00005C] Heart beat 0000000E > [00005D] USBT(D=00203728, L=0960, P=01) H4/T4: 60 08 00 6A / 81 02 00 40 > [00005E] USBT(D=00203AE8, L=0960, P=02) H4/T4: 60 D0 04 20 / 30 60 08 10 > [00005F] USBT(D=00203EA8, L=0960, P=04) H4/T4: BA 84 30 60 / 00 03 70 81 > [000060] USBT(D=00204268, L=0960, P=05) H4/T4: 0F 00 40 60 / 20 80 30 70 > [000061] USBT(D=00204628, L=0960, P=06) H4/T4: 00 0F A8 88 / 36 45 FF FF > [000062] USBT(D=002049E8, L=0960, P=06) H4/T4: 36 3D FF FF / 3E 31 FF FF > [000063] USBT(D=00204DA8, L=0960, P=06) H4/T4: 44 00 69 C0 / 44 80 80 B1 > [000064] USBT(D=00205168, L=0960, P=06) H4/T4: E0 02 30 2F / FF 36 6F FF > [000065] USBT(D=00200A28, L=0960, P=06) H4/T4: FF 36 6E FF / FF FF FF FF > [000066] USBT(D=00200DE8, L=0960, P=06) H4/T4: FF FF FF FF / FF FF FF FF > [000067] USBT(D=002011A8, L=0960, P=06) H4/T4: FF FF FF FF / B0 2D 00 00 > [000068] Heart beat 0000000F > [000069] USBT(D=00201568, L=0960, P=06) H4/T4: B0 FF FF FF / 00 90 00 01 > [00006A] USBT(D=00201928, L=0140, P=05) H4/T4: B2 13 04 42 / FF FF 90 00 > [00006B] USBT(D=00201CE8, L=0270, P=06) H4/T4: 00 A4 00 04 / A4 00 0C 02 > [00006C] USBT(D=002020A8, L=0246, P=05) H4/T4: A4 7F FF 90 / 02 00 00 FF > [00006D] USBT(D=00202468, L=0088, P=05) H4/T4: 91 0B 80 12 / 03 02 20 04 > [00006E] USBT(D=00202828, L=0156, P=05) H4/T4: 90 00 00 A4 / FF FF 90 00 > [00006F] USBT(D=00202BE8, L=0289, P=04) H4/T4: 00 B2 0B 04 / FF FF 90 00 > [000070] USBT(D=00202FA8, L=0890, P=03) H4/T4: 01 A4 00 04 / 61 6F 90 00 > [000071] USBT(D=00203368, L=0960, P=03) H4/T4: 00 B0 02 00 / FF FF FF FF > [000072] USBT(D=00203728, L=0960, P=03) H4/T4: FF FF FF FF / 01 08 80 01 > [000073] USBT(D=00203AE8, L=0607, P=03) H4/T4: 40 A4 06 83 / 00 17 88 00 > [000074] USBT(D=00203EA8, L=0545, P=03) H4/T4: 90 00 01 B0 / 7F FF 6F 42 > [000075] USBT(D=00204268, L=0412, P=02) H4/T4: 90 00 00 B2 / 7F FF 6F 42 > [000076] Heart beat 00000010 > [000077] USBT(D=00204628, L=0450, P=02) H4/T4: 90 00 00 B2 / B2 03 04 14 > [000078] USBT(D=002049E8, L=0738, P=02) H4/T4: B2 43 05 84 / B2 01 04 B0 > [000079] USBT(D=00204DA8, L=0576, P=02) H4/T4: B2 00 FF FF / B2 05 04 08 > [00007A] USBT(D=00205168, L=0869, P=02) H4/T4: B2 FF FF FF / A4 00 0C 02 > [00007B] USBT(D=00200A28, L=0503, P=01) H4/T4: A4 6F 3C 90 / 02 A4 6F 3C > [00007C] USBT(D=00200DE8, L=0960, P=00) H4/T4: 61 24 01 C0 / FF FF FF FF > [00007D] USBT(D=002011A8, L=0502, P=00) H4/T4: FF FF FF FF / B2 06 04 B0 > [00007E] USBT(D=00201568, L=0888, P=00) H4/T4: B2 00 FF FF / 5F 3A 4F 11 > [00007F] USBT(D=00201928, L=0834, P=00) H4/T4: 61 25 00 C0 / FF FF 90 00 > [000080] USBT(D=00201CE8, L=0960, P=00) H4/T4: 00 A4 08 0C / FF FF FF FF > [000081] USBT(D=002020A8, L=0398, P=00) H4/T4: FF FF FF FF / B2 0E 04 08 > [000082] USBT(D=00202468, L=0960, P=00) H4/T4: B2 FF FF FF / FF FF FF FF > [000083] Heart beat 00000011 > [000084] USBT(D=00202828, L=0421, P=00) H4/T4: FF FF FF FF / FF FF 90 00 > [000085] USBT(D=00202BE8, L=0960, P=00) H4/T4: 01 A4 00 04 / FF FF FF FF > [000086] USBT(D=00202FA8, L=0441, P=00) H4/T4: FF FF FF FF / 02 A4 6F 28 > [000087] USBT(D=00203368, L=0658, P=00) H4/T4: 61 25 01 C0 / 02 A4 6F 06 > [000088] USBT(D=00203728, L=0495, P=00) H4/T4: 90 00 00 B2 / B2 02 04 1E > [000089] USBT(D=00203AE8, L=0485, P=00) H4/T4: B2 00 FF FF / FF FF 90 00 > [00008A] USBT(D=00203EA8, L=0209, P=00) H4/T4: 00 A4 00 0C / FF FF FF FF > [00008B] USBT(D=00204268, L=0440, P=00) H4/T4: 61 0A 00 C0 / FF FF FF FF > [00008C] USBT(D=00204628, L=0435, P=00) H4/T4: 61 0A 00 C0 / FF FF FF FF > [00008D] Heart beat 00000012 > [00008E] USBT(D=002049E8, L=0389, P=00) H4/T4: 61 04 00 C0 / B2 02 04 22 > [00008F] USBT(D=00204DA8, L=0454, P=00) H4/T4: B2 23 4D 49 / A4 08 0C 04 > [000090] USBT(D=00205168, L=0414, P=00) H4/T4: A4 7F FF 6F / A4 08 0C 04 > [000091] USBT(D=00200A28, L=0458, P=00) H4/T4: A4 7F FF 6F / 00 00 FF FF > [000092] USBT(D=00200DE8, L=0385, P=00) H4/T4: 90 00 01 B2 / B0 00 90 00 > [000093] USBT(D=002011A8, L=0271, P=00) H4/T4: 00 A4 00 0C / 02 A2 00 00 > [000094] USBT(D=00201568, L=0271, P=00) H4/T4: 61 64 00 C0 / 02 A2 00 00 > [000095] USBT(D=00201928, L=0472, P=00) H4/T4: 61 64 00 C0 / B2 2B 04 08 > [000096] USBT(D=00201CE8, L=0082, P=00) H4/T4: B2 FF FF FF / 02 A2 00 00 > [000097] USBT(D=002020A8, L=0270, P=00) H4/T4: 61 64 00 C0 / 02 A2 00 00 > [000098] Heart beat 00000013 > [000099] USBT(D=00202468, L=0436, P=00) H4/T4: 61 64 00 C0 / 00 C0 00 00 > [00009A] USBT(D=00202828, L=0091, P=00) H4/T4: 25 C0 62 23 / FF FF FF FF > [00009B] USBT(D=00202BE8, L=0383, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF > [00009C] USBT(D=00202FA8, L=0358, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF > [00009D] USBT(D=00203368, L=0326, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF > [00009E] USBT(D=00203728, L=0264, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF > [00009F] USBT(D=00203AE8, L=0264, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF > [0000A0] USBT(D=00203EA8, L=0239, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF > [0000A1] USBT(D=00204268, L=0239, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF > [0000A2] USBT(D=00204628, L=0263, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF > [0000A3] USBT(D=002049E8, L=0172, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF > [0000A4] Heart beat 00000014 > [0000A5] USBT(D=00204DA8, L=0261, P=00) H4/T4: 61 64 00 C0 / 00 00 90 00 > [0000A6] USBT(D=00205168, L=0311, P=00) H4/T4: 01 A4 00 04 / B2 14 04 05 > [0000A7] USBT(D=00200A28, L=0108, P=00) H4/T4: B2 00 00 00 / B0 00 00 0A > [0000A8] USBT(D=00200DE8, L=0017, P=00) H4/T4: B0 98 41 08 / 09 62 90 00 > [0000A9] USBT(D=002011A8, L=0010, P=00) H4/T4: 80 F2 00 0C / 00 0C 00 FF > [0000AA] Heart beat 00000015 > [0000AB] RST > [0000AC] computed Fi(1) Di(1) ratio: 372 > [0000AD] VCC_PHONE off > [0000AE] VCC_PHONE on > [0000AF] RST > [0000B0] computed Fi(1) Di(1) ratio: 372 > [0000B1] USBT(D=00201568, L=0027, P=00) H4/T4: 3B 9F 97 C0 / 22 81 00 F2 > [0000B2] found Fi=9 Di=7 > [0000B3] computed Fi(9) Di(7) ratio: 8 > [0000B4] USBT(D=00201928, L=0009, P=00) H4/T4: 00 A4 00 04 / A4 00 04 02 > [0000B5] Heart beat 00000016 > [0000B6] USBT(D=00201CE8, L=0008, P=00) H4/T4: 60 A4 3F 00 / 60 A4 3F 00 > [0000B7] USBT(D=002020A8, L=0182, P=00) H4/T4: 61 38 00 C0 / 00 00 00 00 > [0000B8] UART parity error: 1 > [0000B9] UART parity error: 2 > [0000BA] USBT(D=00202468, L=0006, P=00) H4/T4: F0 FF 00 C0 / 09 07 F0 FF > [0000BB] Heart beat 00000017 > [0000BC] RST > [0000BD] computed Fi(1) Di(1) ratio: 372 > [0000BE] VCC_PHONE off > [0000BF] VCC_PHONE on > [0000C0] RST > [0000C1] computed Fi(1) Di(1) ratio: 372 > [0000C2] USBT(D=00202828, L=0027, P=00) H4/T4: 3B 9F 97 C0 / 22 81 00 F2 > [0000C3] found Fi=9 Di=7 > [0000C4] computed Fi(9) Di(7) ratio: 8 > [0000C5] USBT(D=00202BE8, L=0009, P=00) H4/T4: 00 A4 00 04 / A4 00 04 02 > [0000C6] USBT(D=00202FA8, L=0007, P=00) H4/T4: A4 3F 00 C0 / 07 A4 3F 00 > [0000C7] Heart beat 00000018 > [0000C8] USBT(D=00203368, L=0182, P=00) H4/T4: 61 38 00 C0 / 00 00 00 00 > [0000C9] USBT(D=00203728, L=0006, P=00) H4/T4: 91 10 00 C0 / 09 07 91 10 > [0000CA] Heart beat 00000019 > [0000CB] Heart beat 0000001A > [0000CC] Heart beat 0000001B > [0000CD] Heart beat 0000001C > [0000CE] Heart beat 0000001D > [0000CF] Heart beat 0000001E > [0000D0] UART parity error: 3 > [0000D1] USBT(D=00203AE8, L=0007, P=00) H4/T4: EF FF FD C0 / 07 EF FF FD > [0000D2] Heart beat 0000001F > [0000D3] Heart beat 00000020 > [0000D4] Heart beat 00000021 > [0000D5] Heart beat 00000022 > [0000D6] Heart beat 00000023 > [0000D7] Heart beat 00000024 > [0000D8] Heart beat 00000025 > [0000D9] Heart beat 00000026 > [0000DA] Heart beat 00000027 > [0000DB] Heart beat 00000028 > [0000DC] Heart beat 00000029 > [0000DD] Heart beat 0000002A > [0000DE] Heart beat 0000002B > [0000DF] Heart beat 0000002C > [0000E0] Heart beat 0000002D > [0000E1] Heart beat 0000002E > > > On Tue, Sep 10, 2013 at 2:19 PM, Min Xu wrote: > >> Hi All >> >> I have been debugging some usb errors that I have been encountering and >> here are my conclusions: >> >> -- The error is a BULK IN transfer error, after adding further code to >> display the internal message: >> >> BULK IN transfer error; rc=-5 : libusb0-dll:err [_usb_reap_async] reaping >> request failed, win error: A device attached to the system is not >> functioning. >> >> -- BUT when I used USBLyzer to analyze the underlying problem, it's >> actually a [buffer overflow] problem. >> >> 1) According to usb specification, USB full speed device maximum data >> packet payload size is 1023 >> >> http://www.usb.org/developers/docs/usb_20_070113.zip >> >> 2) According to the AT91SAM7S device specification, its USB endpoint >> size is 64 bytes. >> >> 3) According to libusb api description, bulk transfer overflow is caused >> by too small buffer ( >> http://libusb.sourceforge.net/api-1.0/packetoverflow.html ). Should use >> multiple of the device payload size. >> >> 4) Since we don't have a size indicator in our USB protocol (our header >> is 4 bytes, indicating ATR, wait timeout flag etc), the client software >> must not see more than 1 req_ctx per bulk_usb_transfer call >> >> Therefore, we SHOULD: >> >> >> A << Use a multiple of 64 bytes as req_ctx size, and must be <= 1023 >> [per USB specification]. I chose 960. Consequently, there is only ONE >> size for req_ctx, no more large / small) >> >> >> B << Desktop/Host software MUST use the same size in static void >> run_mainloop(struct usb_dev_handle *devh). Otherwise, multiple req_ctx >> WILL be combined by the usb driver / libusb and the additional req_ctx >> header in the middle will confuse the apdu_splitter >> >> >> >> >> On Wed, Sep 4, 2013 at 10:37 PM, Min Xu wrote: >> >>> Hi Harald >>> >>> Thank you for getting back to me so quickly. I am using Emacs on an >>> Ubuntu netbook to do the edits, which likes to reformat sections as I move >>> (copy/paste section around) and I haven't figured out a command to undo >>> those changes. It'd be nice if there is a .emacsrc or something that >>> automatically formats the code to the project standard? (presumably someone >>> has one? ..) >>> >>> I started only wanted to make one change and submit (was initially the >>> req_ctx), but couldn't reliably verify it until the debugp was working >>> better without affecting the system, so the changes ballooned up to this >>> stage. So I wanted to submit the changes before I change the code >>> further. I will try limit the scope of changes in my future updates. >>> >>> To your questions: >>> >>> 1) The numerical values of the RCTX_STATE are changed to facilitate the >>> choosing of the FIFO/double linked list of req_ctx to use. An array of >>> FIFO, using the state to index into the array to get the FIFO is simplest. >>> When I looked how the reqctx_find / ... functions are used, I found all >>> callers use the constant name rather than any specific numeric value. >>> >>> 2) I will look at this tomorrow. But I was under the impression on how >>> the lib_Atmel?? (sorry, can't access the source at the moment) was invoked >>> to install the irq handler, that the entry point to the interrupt would be >>> directly the function passed in. I looked at the sysirq_handler.c?? more >>> closely than the other so I wasn't aware of the Cstartup.c file >>> >>> Since I increased the req_ctx buffer size to 1kb each, most req_ctx that >>> are transferred to pc contain many many apdus but very often, the req_ctx >>> do not begin at the start of an apdu. So I would like to have an offset (2 >>> byte, since it could be > 256) to indicate the position of the first start >>> of an apdu. After thinking about it more, I would also like to add a >>> sequence number into the header (making the header 8 bytes then?) to better >>> allow for detecting dropped req_ctx (if there are any..). The offset would >>> be 8 for a req_ctx that starts with a new APDU, and would be 0 for an >>> req_ctx that only contains a middle or last fragment of an APDU. >>> >>> I have already modified the host software to run on Windows (currently >>> using Windows 7 x64), so I will probably make those changes locally only to >>> help me detect any problem I might still be facing. >>> >>> Again, thank you very much for getting back so quickly, and I appreciate >>> your product very much. >>> >>> Best Regards >>> >>> On Wed, Sep 4, 2013 at 9:31 PM, Harald Welte wrote: >>> >>>> Dear Min Xu, >>>> >>>> On Wed, Sep 04, 2013 at 07:47:46PM -1000, Min Xu wrote: >>>> > I made a bunch of changes that significantly improved my test >>>> scenario: >>>> >>>> I _really_ appreciate your excellent technical work. However, I would >>>> like you to go the little extra effort it takes to 'properly' interact >>>> with community based Free Software projects, where there are rules like >>>> >>>> * only one feature / logical change per patch, resulting in a series >>>> of incremental patches, each taking us one step further, each >>>> rendering a compile-able and functional build after being applied. >>>> * no re-formatting of code (whitespace changes) >>>> * no patch for local changes like different compiler name in Makefile >>>> * stick to coding style of the project (tab-wide indent, ...) for >>>> consistency >>>> * remove old/dead code rather than comment it out (RCTX_STATE_...) >>>> * avoid asm() statements whenever possible. If you need them, please >>>> wrap them in an inline C function with descriptive name. >>>> >>>> Some quesetions: >>>> * why did the numberic values of RCTX_STATE_* have t be changed rather >>>> than amended by your new values, keeping the old ones as-is? >>>> >>>> * interrupt nesting _should_ have been active all the time, see >>>> IRQ_Handler_Entry in Cstartup.S, where we first save SPSR and then >>>> un-set the IRQ and FIQ bits _before_ branching to the interrupt >>>> handler function: >>>> >>>> /*- Enable Interrupt and Switch in Supervisor Mode */ >>>> msr CPSR_c, #ARM_MODE_SVC >>>> >>>> Where ARM_MODE_SVC is set to 0x13, i.e. without 0x40 or 0x80. >>>> >>>> So if there's something wrong with the existing code, it should be >>>> fixed there rather than two copies of inline-asm in the USART and USB >>>> IRQ handler routines. >>>> >>>> So I do want to merge this very much, but I think it needs clean-up >>>> before it can be merged. I don't expect to have much time for this in >>>> the next couple of weeks, so I would be happy if either you or somebody >>>> else on the list could work on this. >>>> >>>> Regarding your comment about changing the USB protocol: This would lead >>>> to host / firmware version incompatibilities, and I'd like to avoid that >>>> if possible in any way. We already have the simtrace_hdr.flags >>>> structure member, which contains things like SIMTRACE_FLAG_ATR. I'm not >>>> sure if I understand your request fully, but why not simply add flags >>>> like: >>>> >>>> * First fragment of a fragmented APDU >>>> * More fragments to follow for this APDU >>>> >>>> This way a new APDU still has to start at the beginning of a USB >>>> transfer, but no changes to the simtrace_hdr are required. >>>> >>>> >>>> Thanks again, >>>> Harald >>>> >>>> >>>> -- >>>> - Harald Welte >>>> http://laforge.gnumonks.org/ >>>> >>>> ============================================================================ >>>> "Privacy in residential applications is a desirable marketing option." >>>> (ETSI EN 300 175-7 >>>> Ch. A6) >>>> >>> >>> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From mxu at sanjole.com Thu Sep 12 03:04:07 2013 From: mxu at sanjole.com (Min Xu) Date: Wed, 11 Sep 2013 17:04:07 -1000 Subject: Incomplete trace (due to high-speed SIM?) In-Reply-To: References: <20130809075847.GA4254@xiaoyu.lan> <20130824140553.GF16941@nataraja.gnumonks.org> <20130905073104.GG20992@nataraja.gnumonks.org> Message-ID: After adding the length field, the host software can now follow the SIMTrace req_ctx, sufficiently enough for 4 minutes. Below is the serial port output from the debug port. Regarding the USBT() line, D is the hex address of the Data field. S is the sequence number (hex, short), L is the decimal length of the tot_len of the req_ctx, P is the number of req_ctx pending in USB_EP2 output queue. [000000] [000001] (C) 2006-2011 by Harald Welte This software is FREE SOFTWARE licensed under GNU GPL [000002] Version 0.5.8-e8eb-dirty compiled 20130911-162549 by min at Min-Toshiba [000003] DEBUG Interface: 0) Set Pull-up 1) Clear Pull-up 2) Toggle LED1 3) Toggle LED2 9) Reset [000004] RSTC_SR=0x00010000 [000005] LARGE req_ctx[00] initialized at 002055B0, Data: 00200A28 => 00200DE8 [000006] LARGE req_ctx[01] initialized at 002055C4, Data: 00200DE8 => 002011A8 [000007] LARGE req_ctx[02] initialized at 002055D8, Data: 002011A8 => 00201568 [000008] LARGE req_ctx[03] initialized at 002055EC, Data: 00201568 => 00201928 [000009] LARGE req_ctx[04] initialized at 00205600, Data: 00201928 => 00201CE8 [00000A] LARGE req_ctx[05] initialized at 00205614, Data: 00201CE8 => 002020A8 [00000B] LARGE req_ctx[06] initialized at 00205628, Data: 002020A8 => 00202468 [00000C] LARGE req_ctx[07] initialized at 0020563C, Data: 00202468 => 00202828 [00000D] LARGE req_ctx[08] initialized at 00205650, Data: 00202828 => 00202BE8 [00000E] LARGE req_ctx[09] initialized at 00205664, Data: 00202BE8 => 00202FA8 [00000F] LARGE req_ctx[10] initialized at 00205678, Data: 00202FA8 => 00203368 [000010] LARGE req_ctx[11] initialized at 0020568C, Data: 00203368 => 00203728 [000011] LARGE req_ctx[12] initialized at 002056A0, Data: 00203728 => 00203AE8 [000012] LARGE req_ctx[13] initialized at 002056B4, Data: 00203AE8 => 00203EA8 [000013] LARGE req_ctx[14] initialized at 002056C8, Data: 00203EA8 => 00204268 [000014] LARGE req_ctx[15] initialized at 002056DC, Data: 00204268 => 00204628 [000015] LARGE req_ctx[16] initialized at 002056F0, Data: 00204628 => 002049E8 [000016] LARGE req_ctx[17] initialized at 00205704, Data: 002049E8 => 00204DA8 [000017] LARGE req_ctx[18] initialized at 00205718, Data: 00204DA8 => 00205168 [000018] LARGE req_ctx[19] initialized at 0020572C, Data: 00205168 => 00205528 [000019] Inititalizing usbcmd_gen_init [00001A] udp_open(426): entering [00001B] USART Initializing [00001C] pio_irq_register(109): registering handler 00107960 for PIOA 7 [00001D] RST [00001E] computed Fi(1) Di(1) ratio: 372 [00001F] ISO_SW Initializing [000020] pio_irq_register(109): registering handler 00107da4 for PIOA 8 [000021] pio_irq_register(109): registering handler 00107dd0 for PIOA 25 [000022] USART Entering Rx Mode [000023] RST [000024] computed Fi(1) Di(1) ratio: 372 [000025] MODE: SNIFFER [000026] RST [000027] computed Fi(1) Di(1) ratio: 372 [000028] main(76): entering main (idle) loop [000029] Heart beat 00000000 [00002A] VCC_PHONE off [00002B] Heart beat 00000001 [00002C] Heart beat 00000002 [00002D] Heart beat 00000003 [00002E] Heart beat 00000004 [00002F] Heart beat 00000005 [000030] Heart beat 00000006 [000031] Heart beat 00000007 [000032] Heart beat 00000008 [000033] Heart beat 00000009 [000034] Heart beat 0000000A [000035] Heart beat 0000000B [000036] Heart beat 0000000C [000037] Heart beat 0000000D [000038] Heart beat 0000000E [000039] Heart beat 0000000F [00003A] Heart beat 00000010 [00003B] Heart beat 00000011 [00003C] Heart beat 00000012 [00003D] Heart beat 00000013 [00003E] Heart beat 00000014 [00003F] Heart beat 00000015 [000040] Heart beat 00000016 [000041] Heart beat 00000017 [000042] VCC_PHONE on [000043] RST [000044] computed Fi(1) Di(1) ratio: 372 [000045] USBT(D=00200DE8, S=0001, L=0033, P=00) H4/T4: 3B 9F 97 C0 / 22 81 00 F2 [000046] found Fi=9 Di=7 [000047] computed Fi(9) Di(7) ratio: 8 [000048] USBT(D=002011A8, S=0002, L=0010, P=00) H4/T4: 00 00 00 00 / 00 00 0A 00 [000049] USBT(D=00201568, S=0003, L=0015, P=00) H4/T4: 00 A4 00 04 / A4 00 04 02 [00004A] Heart beat 00000018 [00004B] USBT(D=00201928, S=0004, L=0013, P=00) H4/T4: A4 3F 00 00 / 00 A4 3F 00 [00004C] USBT(D=00201CE8, S=0005, L=0143, P=00) H4/T4: 61 38 00 C0 / 09 62 90 00 [00004D] Heart beat 00000019 [00004E] Heart beat 0000001A [00004F] Heart beat 0000001B [000050] USBT(D=002020A8, S=0006, L=0261, P=00) H4/T4: 00 A4 08 04 / 01 F0 90 00 [000051] USBT(D=00202468, S=0007, L=0045, P=00) H4/T4: 80 10 00 00 / 00 00 00 00 [000052] USBT(D=00202828, S=0008, L=0287, P=00) H4/T4: 91 10 00 A4 / FF FF 91 10 [000053] USBT(D=00202BE8, S=0009, L=0027, P=00) H4/T4: 80 C2 00 00 / 03 13 01 84 [000054] USBT(D=00202FA8, S=000A, L=0034, P=00) H4/T4: 93 00 00 A4 / 08 00 00 FF [000055] USBT(D=00203368, S=000B, L=0394, P=00) H4/T4: 61 3F 00 C0 / 03 13 01 84 [000056] USBT(D=00203728, S=000C, L=0030, P=00) H4/T4: 93 00 80 14 / 81 03 01 00 [000057] USBT(D=00203AE8, S=000D, L=0067, P=00) H4/T4: 91 0F 80 12 / FF 00 90 00 [000058] USBT(D=00203EA8, S=000E, L=0027, P=00) H4/T4: 80 C2 00 00 / 03 13 01 84 [000059] USBT(D=00204268, S=000F, L=0056, P=00) H4/T4: 93 00 00 B2 / 04 02 01 1E [00005A] USBT(D=00204628, S=0010, L=0124, P=00) H4/T4: 91 2B 80 12 / 03 13 01 84 [00005B] Heart beat 0000001C [00005C] USBT(D=002049E8, S=0011, L=0060, P=00) H4/T4: 93 00 00 B2 / 39 02 05 8E [00005D] USBT(D=00204DA8, S=0012, L=0241, P=00) H4/T4: 91 13 80 12 / 02 00 00 FF [00005E] USBT(D=00205168, S=0013, L=0960, P=00) H4/T4: 61 3F 01 C0 / FF FF FF FF [00005F] USBT(D=00200A28, S=0014, L=0171, P=00) H4/T4: FF FF FF FF / 08 00 00 FF [000060] USBT(D=00200DE8, S=0015, L=0960, P=00) H4/T4: 90 00 00 A4 / A4 06 83 01 [000061] USBT(D=002011A8, S=0016, L=0960, P=00) H4/T4: 0A 95 01 08 / FF FF FF FF [000062] USBT(D=00201568, S=0017, L=0960, P=00) H4/T4: FF FF FF FF / 03 C0 01 00 [000063] Heart beat 0000001D [000064] USBT(D=00201928, S=0018, L=0383, P=00) H4/T4: 8A 01 05 8B / 08 00 00 FF [000065] USBT(D=00201CE8, S=0019, L=0960, P=00) H4/T4: 90 00 01 2C / 43 61 22 01 [000066] USBT(D=002020A8, S=001A, L=0960, P=00) H4/T4: C0 00 00 22 / 02 A4 6F 2C [000067] USBT(D=00202468, S=001B, L=0960, P=00) H4/T4: 61 22 01 C0 / 25 DE 0D 14 [000068] USBT(D=00202828, S=001C, L=0960, P=00) H4/T4: 58 66 06 12 / 0B B6 85 01 [000069] USBT(D=00202BE8, S=001D, L=0960, P=00) H4/T4: 00 50 60 09 / 0C 18 81 00 [00006A] Heart beat 0000001E [00006B] USBT(D=00202FA8, S=001E, L=0960, P=10) H4/T4: 00 40 60 00 / 30 60 08 0A [00006C] USBT(D=00203368, S=001F, L=0960, P=09) H4/T4: F6 84 30 60 / 9A 81 0F 00 [00006D] USBT(D=00203728, S=0020, L=0960, P=08) H4/T4: 40 60 70 01 / 48 1A 00 90 [00006E] USBT(D=00203AE8, S=0021, L=0960, P=07) H4/T4: 00 11 20 00 / 36 28 FF FF [00006F] USBT(D=00203EA8, S=0022, L=0960, P=08) H4/T4: 36 2B FF FF / 4F FF 01 7B [000070] USBT(D=00204268, S=0023, L=0960, P=07) H4/T4: 00 FF FF 44 / 70 00 0F A8 [000071] USBT(D=00204628, S=0024, L=0960, P=06) H4/T4: 88 30 70 08 / 41 FF FF 44 [000072] USBT(D=002049E8, S=0025, L=0960, P=05) H4/T4: 00 E9 E0 EA / FF FF FF FF [000073] Heart beat 0000001F [000074] USBT(D=00204DA8, S=0026, L=0960, P=07) H4/T4: FF FF FF FF / FF FF FF FF [000075] USBT(D=00205168, S=0027, L=0960, P=06) H4/T4: FF FF FF FF / FF FF FF FF [000076] USBT(D=00200A28, S=0028, L=0960, P=05) H4/T4: FF FF FF FF / 82 02 41 21 [000077] USBT(D=00200DE8, S=0029, L=0738, P=04) H4/T4: 83 02 6F 76 / 02 00 00 FF [000078] USBT(D=002011A8, S=002A, L=0094, P=03) H4/T4: 91 0B 80 12 / 03 02 20 04 [000079] USBT(D=00201568, S=002B, L=0960, P=05) H4/T4: 90 00 00 A4 / FF FF FF FF [00007A] USBT(D=00201928, S=002C, L=0960, P=04) H4/T4: FF FF FF FF / 8F FF 04 03 [00007B] USBT(D=00201CE8, S=002D, L=0960, P=03) H4/T4: 63 6F FF 04 / FF FF FF FF [00007C] USBT(D=002020A8, S=002E, L=0960, P=02) H4/T4: FF FF FF FF / 3E C0 7F 60 [00007D] USBT(D=00202468, S=002F, L=0960, P=01) H4/T4: 11 B0 08 28 / 05 8B 03 6F [00007E] Heart beat 00000020 [00007F] USBT(D=00202828, S=0030, L=0960, P=03) H4/T4: 06 02 80 02 / 0A 64 88 00 [000080] USBT(D=00202BE8, S=0031, L=0960, P=02) H4/T4: 90 00 00 A4 / FF FF FF FF [000081] USBT(D=00202FA8, S=0032, L=0960, P=01) H4/T4: FF FF FF FF / 06 04 80 02 [000082] USBT(D=00203368, S=0033, L=0960, P=00) H4/T4: 00 04 81 02 / 00 90 00 01 [000083] USBT(D=00203728, S=0034, L=0960, P=03) H4/T4: B2 06 04 C0 / FF FF FF FF [000084] USBT(D=00203AE8, S=0035, L=0960, P=02) H4/T4: FF FF FF FF / 6F 06 90 00 [000085] USBT(D=00203EA8, S=0036, L=0960, P=01) H4/T4: 00 B2 08 04 / FF FF FF FF [000086] USBT(D=00204268, S=0037, L=0960, P=00) H4/T4: FF FF FF FF / A4 6F 06 90 [000087] Heart beat 00000021 [000088] USBT(D=00204628, S=0038, L=0960, P=03) H4/T4: 00 00 B2 04 / FF FF FF FF [000089] USBT(D=002049E8, S=0039, L=0960, P=02) H4/T4: FF FF FF FF / FF FF FF FF [00008A] USBT(D=00204DA8, S=003A, L=0960, P=01) H4/T4: FF FF FF FF / FF FF FF FF [00008B] USBT(D=00205168, S=003B, L=0960, P=00) H4/T4: FF FF FF FF / 3A 4F 21 61 [00008C] USBT(D=00200A28, S=003C, L=0868, P=00) H4/T4: 25 00 C0 00 / FF FF FF FF [00008D] Heart beat 00000022 [00008E] USBT(D=00200DE8, S=003D, L=0394, P=01) H4/T4: 61 0A 00 C0 / FF FF FF FF [00008F] USBT(D=002011A8, S=003E, L=0960, P=00) H4/T4: 61 0A 00 C0 / FF FF FF FF [000090] USBT(D=00201568, S=003F, L=0960, P=00) H4/T4: FF FF FF FF / FF FF FF FF [000091] USBT(D=00201928, S=0040, L=0516, P=00) H4/T4: FF FF 00 00 / 02 A2 00 00 [000092] USBT(D=00201CE8, S=0041, L=0337, P=00) H4/T4: 61 64 00 C0 / 02 A2 00 00 [000093] USBT(D=002020A8, S=0042, L=0496, P=00) H4/T4: 61 64 00 C0 / 02 A2 00 00 [000094] USBT(D=00202468, S=0043, L=0318, P=00) H4/T4: 61 64 00 C0 / 02 A2 00 00 [000095] Heart beat 00000023 [000096] USBT(D=00202828, S=0044, L=0492, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF [000097] USBT(D=00202BE8, S=0045, L=0478, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF [000098] USBT(D=00202FA8, S=0046, L=0364, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF [000099] USBT(D=00203368, S=0047, L=0364, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF [00009A] USBT(D=00203728, S=0048, L=0389, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF [00009B] USBT(D=00203AE8, S=0049, L=0389, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF [00009C] USBT(D=00203EA8, S=004A, L=0364, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF [00009D] USBT(D=00204268, S=004B, L=0364, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF [00009E] USBT(D=00204628, S=004C, L=0388, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF [00009F] Heart beat 00000024 [0000A0] USBT(D=002049E8, S=004D, L=0265, P=00) H4/T4: 61 64 00 C0 / FF FF FF FF [0000A1] USBT(D=00204DA8, S=004E, L=0803, P=00) H4/T4: 61 64 00 C0 / 00 00 90 00 [0000A2] USBT(D=00205168, S=004F, L=0119, P=00) H4/T4: 00 A4 08 0C / 09 62 90 00 [0000A3] USBT(D=00200A28, S=0050, L=0131, P=00) H4/T4: 00 A4 08 04 / 11 DC F6 EE [0000A4] USBT(D=00200DE8, S=0051, L=0067, P=00) H4/T4: 61 31 00 C0 / DE 9D 9B 15 [0000A5] USBT(D=002011A8, S=0052, L=0012, P=00) H4/T4: 90 00 00 C0 / 0C 00 90 00 [0000A6] Heart beat 00000025 [0000A7] USBT(D=00201568, S=0053, L=0041, P=00) H4/T4: 80 F2 00 01 / 08 00 00 FF [0000A8] USBT(D=00201928, S=0054, L=0041, P=00) H4/T4: 90 00 80 C2 / 01 BA E0 2F [0000A9] USBT(D=00201CE8, S=0055, L=0130, P=00) H4/T4: 91 0B 80 12 / 81 03 01 00 [0000AA] USBT(D=002020A8, S=0056, L=0191, P=00) H4/T4: 90 00 00 A4 / 08 00 00 FF [0000AB] USBT(D=00202468, S=0057, L=0656, P=00) H4/T4: 61 3C 02 C0 / FF FF 90 00 [0000AC] Heart beat 00000026 [0000AD] USBT(D=00202828, S=0058, L=0050, P=00) H4/T4: 02 88 00 81 / 0B 08 E4 32 [0000AE] USBT(D=00202BE8, S=0059, L=0058, P=00) H4/T4: 61 28 02 C0 / 16 51 A6 1B [0000AF] USBT(D=00202FA8, S=005A, L=0012, P=00) H4/T4: 90 00 00 C0 / 0C 00 90 00 [0000B0] Heart beat 00000027 [0000B1] Heart beat 00000028 [0000B2] Heart beat 00000029 [0000B3] Heart beat 0000002A [0000B4] Heart beat 0000002B [0000B5] Heart beat 0000002C [0000B6] Heart beat 0000002D [0000B7] Heart beat 0000002E [0000B8] Heart beat 0000002F [0000B9] Heart beat 00000030 [0000BA] Heart beat 00000031 [0000BB] Heart beat 00000032 [0000BC] Heart beat 00000033 [0000BD] Heart beat 00000034 [0000BE] Heart beat 00000035 [0000BF] USBT(D=00203368, S=005B, L=0030, P=00) H4/T4: 80 C2 00 00 / 03 00 00 34 [0000C0] USBT(D=00203728, S=005C, L=0063, P=00) H4/T4: 91 2B 80 12 / 5A 57 90 00 [0000C1] USBT(D=00203AE8, S=005D, L=0015, P=00) H4/T4: 80 F2 00 0C / F2 00 0C 00 [0000C2] Heart beat 00000036 [0000C3] USBT(D=00203EA8, S=005E, L=0012, P=00) H4/T4: 90 00 00 C0 / 0C 00 90 00 [0000C4] USBT(D=00204268, S=005F, L=0036, P=00) H4/T4: 80 14 00 00 / 39 02 05 8E [0000C5] USBT(D=00204628, S=0060, L=0063, P=00) H4/T4: 91 2B 80 12 / 82 E7 90 00 [0000C6] USBT(D=002049E8, S=0061, L=0015, P=00) H4/T4: 80 F2 00 0C / F2 00 0C 00 [0000C7] USBT(D=00204DA8, S=0062, L=0038, P=00) H4/T4: 90 00 80 14 / 39 02 05 8E [0000C8] USBT(D=00205168, S=0063, L=0062, P=00) H4/T4: 91 13 80 12 / 01 01 90 00 [0000C9] Heart beat 00000037 [0000CA] Heart beat 00000038 [0000CB] Heart beat 00000039 [0000CC] Heart beat 0000003A [0000CD] Heart beat 0000003B [0000CE] Heart beat 0000003C [0000CF] Heart beat 0000003D [0000D0] Heart beat 0000003E [0000D1] Heart beat 0000003F [0000D2] Heart beat 00000040 [0000D3] Heart beat 00000041 [0000D4] Heart beat 00000042 [0000D5] Heart beat 00000043 [0000D6] Heart beat 00000044 [0000D7] Heart beat 00000045 [0000D8] Heart beat 00000046 [0000D9] Heart beat 00000047 [0000DA] USBT(D=00200A28, S=0064, L=0041, P=00) H4/T4: 80 F2 00 01 / 08 00 00 FF [0000DB] USBT(D=00200DE8, S=0065, L=0050, P=00) H4/T4: 91 0B 80 12 / 03 02 20 00 [0000DC] USBT(D=002011A8, S=0066, L=0059, P=00) H4/T4: 91 0B 80 12 / 06 58 93 06 [0000DD] USBT(D=00201568, S=0067, L=0012, P=00) H4/T4: 90 00 00 01 / 0C 00 90 00 [0000DE] Heart beat 00000048 [0000DF] Heart beat 00000049 [0000E0] Heart beat 0000004A [0000E1] Heart beat 0000004B [0000E2] Heart beat 0000004C [0000E3] Heart beat 0000004D [0000E4] Heart beat 0000004E [0000E5] Heart beat 0000004F [0000E6] Heart beat 00000050 [0000E7] USBT(D=00201928, S=0068, L=0030, P=00) H4/T4: 80 C2 00 00 / 03 00 00 34 [0000E8] USBT(D=00201CE8, S=0069, L=0063, P=00) H4/T4: 91 2B 80 12 / 82 E7 90 00 [0000E9] Heart beat 00000051 [0000EA] USBT(D=002020A8, S=006A, L=0015, P=00) H4/T4: 80 F2 00 0C / F2 00 0C 00 [0000EB] USBT(D=00202468, S=006B, L=0041, P=00) H4/T4: 90 00 80 14 / 39 02 05 8E [0000EC] USBT(D=00202828, S=006C, L=0115, P=00) H4/T4: 91 4A 80 12 / 00 37 01 FF [0000ED] USBT(D=00202BE8, S=006D, L=0012, P=00) H4/T4: 90 00 02 C0 / 0C 00 90 00 [0000EE] USBT(D=00202FA8, S=006E, L=0032, P=00) H4/T4: 80 C2 00 00 / 00 37 01 5F [0000EF] USBT(D=00203368, S=006F, L=0154, P=00) H4/T4: 91 10 80 12 / 00 37 01 00 [0000F0] USBT(D=00203728, S=0070, L=0200, P=00) H4/T4: 91 9F 80 12 / 00 37 01 FF [0000F1] USBT(D=00203AE8, S=0071, L=0034, P=00) H4/T4: 90 00 80 C2 / 00 37 01 3B [0000F2] USBT(D=00203EA8, S=0072, L=0118, P=00) H4/T4: 91 10 80 12 / 8B 37 01 00 [0000F3] Heart beat 00000052 [0000F4] USBT(D=00204268, S=0073, L=0285, P=00) H4/T4: 91 F4 80 12 / 00 37 01 FF [0000F5] USBT(D=00204628, S=0074, L=0155, P=00) H4/T4: 91 72 80 12 / 00 37 01 FF [0000F6] USBT(D=002049E8, S=0075, L=0012, P=00) H4/T4: 90 00 00 0C / 0C 00 90 00 [0000F7] USBT(D=00204DA8, S=0076, L=0032, P=00) H4/T4: 80 C2 00 00 / 00 37 01 E5 [0000F8] USBT(D=00205168, S=0077, L=0289, P=00) H4/T4: 91 10 80 12 / A5 37 01 00 [0000F9] USBT(D=00200A28, S=0078, L=0034, P=00) H4/T4: 91 32 80 C2 / 00 37 01 25 [0000FA] USBT(D=00200DE8, S=0079, L=0091, P=00) H4/T4: 91 32 80 12 / 00 37 01 FF [0000FB] USBT(D=002011A8, S=007A, L=0031, P=00) H4/T4: 91 0B 80 12 / 81 21 90 00 [0000FC] USBT(D=00201568, S=007B, L=0041, P=00) H4/T4: 80 F2 00 01 / 08 00 00 FF [0000FD] Heart beat 00000053 [0000FE] USBT(D=00201928, S=007C, L=0012, P=00) H4/T4: 90 00 00 00 / 0C 00 90 00 [0000FF] Heart beat 00000054 [000100] Heart beat 00000055 [000101] USBT(D=00201CE8, S=007D, L=0028, P=00) H4/T4: 80 14 00 00 / 81 03 01 00 [000102] USBT(D=002020A8, S=007E, L=0058, P=00) H4/T4: 91 0B 80 12 / 20 92 30 00 [000103] Heart beat 00000056 [000104] USBT(D=00202468, S=007F, L=0060, P=00) H4/T4: 91 13 80 12 / 00 24 01 02 [000105] USBT(D=00202828, S=0080, L=0063, P=00) H4/T4: 91 2B 80 12 / 5A 57 90 00 [000106] USBT(D=00202BE8, S=0081, L=0015, P=00) H4/T4: 80 F2 00 0C / F2 00 0C 00 [000107] USBT(D=00202FA8, S=0082, L=0038, P=00) H4/T4: 90 00 80 14 / 39 02 05 8E [000108] Heart beat 00000057 [000109] USBT(D=00203368, S=0083, L=0062, P=00) H4/T4: 91 13 80 12 / 01 01 90 00 [00010A] USBT(D=00203728, S=0084, L=0041, P=00) H4/T4: 80 F2 00 01 / 08 00 00 FF [00010B] USBT(D=00203AE8, S=0085, L=0012, P=00) H4/T4: 90 00 80 C2 / 0C 00 90 00 [00010C] Heart beat 00000058 [00010D] Heart beat 00000059 [00010E] Heart beat 0000005A [00010F] Heart beat 0000005B [000110] Heart beat 0000005C [000111] Heart beat 0000005D [000112] Heart beat 0000005E [000113] Heart beat 0000005F [000114] Heart beat 00000060 [000115] Heart beat 00000061 [000116] Heart beat 00000062 [000117] Heart beat 00000063 [000118] Heart beat 00000064 [000119] Heart beat 00000065 [00011A] Heart beat 00000066 [00011B] Heart beat 00000067 [00011C] Heart beat 00000068 [00011D] USBT(D=00203EA8, S=0086, L=0041, P=00) H4/T4: 80 F2 00 01 / 08 00 00 FF [00011E] USBT(D=00204268, S=0087, L=0012, P=00) H4/T4: 90 00 80 12 / 0C 00 90 00 [00011F] Heart beat 00000069 [000120] Heart beat 0000006A [000121] Heart beat 0000006B [000122] Heart beat 0000006C [000123] Heart beat 0000006D [000124] Heart beat 0000006E [000125] Heart beat 0000006F [000126] Heart beat 00000070 [000127] Heart beat 00000071 [000128] USBT(D=00204628, S=0088, L=0030, P=00) H4/T4: 80 C2 00 00 / 03 00 00 34 [000129] USBT(D=002049E8, S=0089, L=0063, P=00) H4/T4: 91 2B 80 12 / 5A 57 90 00 [00012A] USBT(D=00204DA8, S=008A, L=0015, P=00) H4/T4: 80 F2 00 0C / F2 00 0C 00 [00012B] USBT(D=00205168, S=008B, L=0012, P=00) H4/T4: 90 00 80 12 / 0C 00 90 00 [00012C] USBT(D=00200A28, S=008C, L=0036, P=00) H4/T4: 80 14 00 00 / 39 02 05 8E [00012D] USBT(D=00200DE8, S=008D, L=0063, P=00) H4/T4: 91 2B 80 12 / 82 E7 90 00 [00012E] Heart beat 00000072 [00012F] USBT(D=002011A8, S=008E, L=0015, P=00) H4/T4: 80 F2 00 0C / F2 00 0C 00 [000130] USBT(D=00201568, S=008F, L=0038, P=00) H4/T4: 90 00 80 14 / 39 02 05 8E [000131] USBT(D=00201928, S=0090, L=0062, P=00) H4/T4: 91 13 80 12 / 01 01 90 00 [000132] Heart beat 00000073 [000133] Heart beat 00000074 [000134] Heart beat 00000075 [000135] Heart beat 00000076 [000136] Heart beat 00000077 [000137] Heart beat 00000078 [000138] Heart beat 00000079 [000139] Heart beat 0000007A [00013A] Heart beat 0000007B [00013B] Heart beat 0000007C [00013C] Heart beat 0000007D [00013D] Heart beat 0000007E [00013E] Heart beat 0000007F [00013F] Heart beat 00000080 [000140] Heart beat 00000081 [000141] Heart beat 00000082 [000142] Heart beat 00000083 [000143] USBT(D=00201CE8, S=0091, L=0041, P=00) H4/T4: 80 F2 00 01 / 08 00 00 FF [000144] USBT(D=002020A8, S=0092, L=0012, P=00) H4/T4: 90 00 80 12 / 0C 00 90 00 [000145] Heart beat 00000084 [000146] Heart beat 00000085 [000147] Heart beat 00000086 [000148] Heart beat 00000087 [000149] Heart beat 00000088 [00014A] Heart beat 00000089 [00014B] Heart beat 0000008A [00014C] Heart beat 0000008B [00014D] Heart beat 0000008C [00014E] USBT(D=00202468, S=0093, L=0030, P=00) H4/T4: 80 C2 00 00 / 03 00 00 34 [00014F] USBT(D=00202828, S=0094, L=0063, P=00) H4/T4: 91 2B 80 12 / 82 E7 90 00 [000150] USBT(D=00202BE8, S=0095, L=0015, P=00) H4/T4: 80 F2 00 0C / F2 00 0C 00 [000151] USBT(D=00202FA8, S=0096, L=0041, P=00) H4/T4: 90 00 80 14 / 39 02 05 8E [000152] Heart beat 0000008D [000153] USBT(D=00203368, S=0097, L=0115, P=00) H4/T4: 91 4A 80 12 / 00 37 01 FF [000154] USBT(D=00203728, S=0098, L=0012, P=00) H4/T4: 90 00 00 01 / 0C 00 90 00 [000155] USBT(D=00203AE8, S=0099, L=0032, P=00) H4/T4: 80 C2 00 00 / 00 37 01 5F [000156] USBT(D=00203EA8, S=009A, L=0154, P=00) H4/T4: 91 10 80 12 / 00 37 01 00 [000157] USBT(D=00204268, S=009B, L=0200, P=00) H4/T4: 91 9F 80 12 / 00 37 01 FF [000158] USBT(D=00204628, S=009C, L=0034, P=00) H4/T4: 90 00 80 C2 / 00 37 01 3B [000159] USBT(D=002049E8, S=009D, L=0118, P=00) H4/T4: 91 10 80 12 / 09 37 01 00 [00015A] USBT(D=00204DA8, S=009E, L=0285, P=00) H4/T4: 91 F4 80 12 / 00 37 01 FF [00015B] USBT(D=00205168, S=009F, L=0107, P=00) H4/T4: 91 42 80 12 / 00 37 01 FF [00015C] USBT(D=00200A28, S=00A0, L=0012, P=00) H4/T4: 90 00 00 00 / 0C 00 90 00 [00015D] USBT(D=00200DE8, S=00A1, L=0032, P=00) H4/T4: 80 C2 00 00 / 00 37 01 E5 [00015E] USBT(D=002011A8, S=00A2, L=0289, P=00) H4/T4: 91 10 80 12 / B8 37 01 00 [00015F] Heart beat 0000008E [000160] USBT(D=00201568, S=00A3, L=0034, P=00) H4/T4: 91 32 80 C2 / 00 37 01 25 [000161] USBT(D=00201928, S=00A4, L=0091, P=00) H4/T4: 91 32 80 12 / 00 37 01 FF [000162] USBT(D=00201CE8, S=00A5, L=0031, P=00) H4/T4: 91 0B 80 12 / 81 21 90 00 [000163] USBT(D=002020A8, S=00A6, L=0041, P=00) H4/T4: 80 F2 00 01 / 08 00 00 FF [000164] USBT(D=00202468, S=00A7, L=0012, P=00) H4/T4: 90 00 00 00 / 0C 00 90 00 [000165] Heart beat 0000008F [000166] Heart beat 00000090 [000167] Heart beat 00000091 [000168] USBT(D=00202828, S=00A8, L=0028, P=00) H4/T4: 80 14 00 00 / 81 03 01 00 [000169] USBT(D=00202BE8, S=00A9, L=0063, P=00) H4/T4: 91 2B 80 12 / 5A 57 90 00 [00016A] USBT(D=00202FA8, S=00AA, L=0015, P=00) H4/T4: 80 F2 00 0C / F2 00 0C 00 [00016B] USBT(D=00203368, S=00AB, L=0038, P=00) H4/T4: 90 00 80 14 / 39 02 05 8E [00016C] Heart beat 00000092 [00016D] USBT(D=00203728, S=00AC, L=0062, P=00) H4/T4: 91 13 80 12 / 01 01 90 00 [00016E] USBT(D=00203AE8, S=00AD, L=0041, P=00) H4/T4: 80 F2 00 01 / 08 00 00 FF [00016F] USBT(D=00203EA8, S=00AE, L=0012, P=00) H4/T4: 90 00 80 12 / 0C 00 90 00 [000170] Heart beat 00000093 [000171] Heart beat 00000094 [000172] Heart beat 00000095 [000173] Heart beat 00000096 [000174] Heart beat 00000097 [000175] Heart beat 00000098 [000176] Heart beat 00000099 [000177] Heart beat 0000009A [000178] Heart beat 0000009B [000179] Heart beat 0000009C [00017A] Heart beat 0000009D [00017B] Heart beat 0000009E [00017C] Heart beat 0000009F [00017D] Heart beat 000000A0 [00017E] Heart beat 000000A1 [00017F] Heart beat 000000A2 [000180] Heart beat 000000A3 [000181] USBT(D=00204268, S=00AF, L=0041, P=00) H4/T4: 80 F2 00 01 / 08 00 00 FF [000182] USBT(D=00204628, S=00B0, L=0012, P=00) H4/T4: 90 00 80 C2 / 0C 00 90 00 [000183] Heart beat 000000A4 [000184] Heart beat 000000A5 [000185] Heart beat 000000A6 [000186] Heart beat 000000A7 [000187] Heart beat 000000A8 [000188] Heart beat 000000A9 [000189] Heart beat 000000AA [00018A] Heart beat 000000AB [00018B] Heart beat 000000AC [00018C] USBT(D=002049E8, S=00B1, L=0030, P=00) H4/T4: 80 C2 00 00 / 03 00 00 34 [00018D] USBT(D=00204DA8, S=00B2, L=0063, P=00) H4/T4: 91 2B 80 12 / 5A 57 90 00 [00018E] USBT(D=00205168, S=00B3, L=0015, P=00) H4/T4: 80 F2 00 0C / F2 00 0C 00 [00018F] USBT(D=00200A28, S=00B4, L=0038, P=00) H4/T4: 90 00 80 14 / 39 02 05 8E [000190] Heart beat 000000AD [000191] USBT(D=00200DE8, S=00B5, L=0063, P=00) H4/T4: 91 2B 80 12 / 82 E7 90 00 [000192] USBT(D=002011A8, S=00B6, L=0015, P=00) H4/T4: 80 F2 00 0C / F2 00 0C 00 [000193] USBT(D=00201568, S=00B7, L=0038, P=00) H4/T4: 90 00 80 14 / 39 02 05 8E [000194] USBT(D=00201928, S=00B8, L=0062, P=00) H4/T4: 91 13 80 12 / 01 01 90 00 [000195] Heart beat 000000AE [000196] Heart beat 000000AF [000197] Heart beat 000000B0 [000198] Heart beat 000000B1 [000199] Heart beat 000000B2 [00019A] Heart beat 000000B3 [00019B] Heart beat 000000B4 [00019C] Heart beat 000000B5 [00019D] Heart beat 000000B6 [00019E] Heart beat 000000B7 [00019F] Heart beat 000000B8 [0001A0] Heart beat 000000B9 [0001A1] Heart beat 000000BA [0001A2] Heart beat 000000BB [0001A3] Heart beat 000000BC [0001A4] Heart beat 000000BD [0001A5] Heart beat 000000BE [0001A6] USBT(D=00201CE8, S=00B9, L=0041, P=00) H4/T4: 80 F2 00 01 / 08 00 00 FF [0001A7] USBT(D=002020A8, S=00BA, L=0012, P=00) H4/T4: 90 00 00 01 / 0C 00 90 00 [0001A8] Heart beat 000000BF [0001A9] Heart beat 000000C0 [0001AA] Heart beat 000000C1 [0001AB] Heart beat 000000C2 [0001AC] Heart beat 000000C3 [0001AD] Heart beat 000000C4 [0001AE] Heart beat 000000C5 [0001AF] Heart beat 000000C6 [0001B0] Heart beat 000000C7 [0001B1] USBT(D=00202468, S=00BB, L=0030, P=00) H4/T4: 80 C2 00 00 / 03 00 00 34 [0001B2] USBT(D=00202828, S=00BC, L=0063, P=00) H4/T4: 91 2B 80 12 / 82 E7 90 00 [0001B3] Heart beat 000000C8 [0001B4] USBT(D=00202BE8, S=00BD, L=0015, P=00) H4/T4: 80 F2 00 0C / F2 00 0C 00 [0001B5] USBT(D=00202FA8, S=00BE, L=0041, P=00) H4/T4: 90 00 80 14 / 39 02 05 8E [0001B6] USBT(D=00203368, S=00BF, L=0115, P=00) H4/T4: 91 4A 80 12 / 00 37 01 FF [0001B7] USBT(D=00203728, S=00C0, L=0034, P=00) H4/T4: 90 00 80 C2 / 00 37 01 5F [0001B8] USBT(D=00203AE8, S=00C1, L=0154, P=00) H4/T4: 91 10 80 12 / 00 37 01 00 [0001B9] USBT(D=00203EA8, S=00C2, L=0200, P=00) H4/T4: 91 9F 80 12 / 00 37 01 FF [0001BA] USBT(D=00204268, S=00C3, L=0012, P=00) H4/T4: 90 00 00 01 / 0C 00 90 00 [0001BB] USBT(D=00204628, S=00C4, L=0032, P=00) H4/T4: 80 C2 00 00 / 00 37 01 3B [0001BC] USBT(D=002049E8, S=00C5, L=0118, P=00) H4/T4: 91 10 80 12 / 16 37 01 00 [0001BD] USBT(D=00204DA8, S=00C6, L=0285, P=00) H4/T4: 91 F4 80 12 / 00 37 01 FF [0001BE] USBT(D=00205168, S=00C7, L=0107, P=00) H4/T4: 91 42 80 12 / 00 37 01 FF [0001BF] Heart beat 000000C9 [0001C0] USBT(D=00200A28, S=00C8, L=0012, P=00) H4/T4: 90 00 80 14 / 0C 00 90 00 [0001C1] USBT(D=00200DE8, S=00C9, L=0032, P=00) H4/T4: 80 C2 00 00 / 00 37 01 E5 [0001C2] USBT(D=002011A8, S=00CA, L=0289, P=00) H4/T4: 91 10 80 12 / 90 37 01 00 [0001C3] USBT(D=00201568, S=00CB, L=0034, P=00) H4/T4: 91 32 80 C2 / 00 37 01 25 [0001C4] USBT(D=00201928, S=00CC, L=0091, P=00) H4/T4: 91 32 80 12 / 00 37 01 FF [0001C5] USBT(D=00201CE8, S=00CD, L=0031, P=00) H4/T4: 91 0B 80 12 / 81 21 90 00 [0001C6] Heart beat 000000CA [0001C7] USBT(D=002020A8, S=00CE, L=0041, P=00) H4/T4: 80 F2 00 01 / 08 00 00 FF [0001C8] USBT(D=00202468, S=00CF, L=0012, P=00) H4/T4: 90 00 00 00 / 0C 00 90 00 [0001C9] Heart beat 000000CB [0001CA] Heart beat 000000CC [0001CB] USBT(D=00202828, S=00D0, L=0028, P=00) H4/T4: 80 14 00 00 / 81 03 01 00 [0001CC] USBT(D=00202BE8, S=00D1, L=0012, P=00) H4/T4: 90 00 00 0C / 0C 00 90 00 [0001CD] Heart beat 000000CD [0001CE] Heart beat 000000CE [0001CF] Heart beat 000000CF [0001D0] Heart beat 000000D0 [0001D1] Heart beat 000000D1 [0001D2] Heart beat 000000D2 [0001D3] Heart beat 000000D3 [0001D4] Heart beat 000000D4 [0001D5] Heart beat 000000D5 [0001D6] Heart beat 000000D6 [0001D7] Heart beat 000000D7 [0001D8] Heart beat 000000D8 [0001D9] Heart beat 000000D9 [0001DA] Heart beat 000000DA [0001DB] Heart beat 000000DB [0001DC] USBT(D=00202FA8, S=00D2, L=0041, P=00) H4/T4: 80 F2 00 01 / 08 00 00 FF [0001DD] USBT(D=00203368, S=00D3, L=0012, P=00) H4/T4: 90 00 80 12 / 0C 00 90 00 [0001DE] Heart beat 000000DC [0001DF] Heart beat 000000DD [0001E0] Heart beat 000000DE [0001E1] Heart beat 000000DF [0001E2] Heart beat 000000E0 [0001E3] Heart beat 000000E1 [0001E4] Heart beat 000000E2 [0001E5] Heart beat 000000E3 [0001E6] Heart beat 000000E4 [0001E7] Heart beat 000000E5 [0001E8] Heart beat 000000E6 [0001E9] Heart beat 000000E7 [0001EA] Heart beat 000000E8 [0001EB] Heart beat 000000E9 [0001EC] Heart beat 000000EA [0001ED] Heart beat 000000EB [0001EE] Heart beat 000000EC [0001EF] USBT(D=00203728, S=00D4, L=0041, P=00) H4/T4: 80 F2 00 01 / 08 00 00 FF [0001F0] USBT(D=00203AE8, S=00D5, L=0012, P=00) H4/T4: 90 00 80 12 / 0C 00 90 00 [0001F1] Heart beat 000000ED [0001F2] Heart beat 000000EE [0001F3] Heart beat 000000EF [0001F4] Heart beat 000000F0 [0001F5] Heart beat 000000F1 [0001F6] Heart beat 000000F2 [0001F7] Heart beat 000000F3 [0001F8] Heart beat 000000F4 [0001F9] Heart beat 000000F5 [0001FA] Heart beat 000000F6 [0001FB] Heart beat 000000F7 [0001FC] Heart beat 000000F8 [0001FD] Heart beat 000000F9 [0001FE] Heart beat 000000FA [0001FF] Heart beat 000000FB [000200] Heart beat 000000FC [000201] RST [000202] computed Fi(1) Di(1) ratio: 372 [000203] VCC_PHONE off [000204] Heart beat 000000FD [000205] Heart beat 000000FE From sixonefourb at gmail.com Wed Sep 18 17:32:21 2013 From: sixonefourb at gmail.com (Matt S) Date: Wed, 18 Sep 2013 13:32:21 -0400 Subject: iPhone Terminal Profile Message-ID: Does anyone have a Terminal Profile handy for an iPhone 4 or 4S? I dont' have the microSIM SimTrace adapter, and the database here: https://terminal-profile.osmocom.org/ doesn't appear to have been updated in a while. Thanks! From ml at mail.tsaitgaist.info Thu Sep 19 09:47:23 2013 From: ml at mail.tsaitgaist.info (Kevin Redon) Date: Thu, 19 Sep 2013 11:47:23 +0200 Subject: iPhone Terminal Profile In-Reply-To: References: Message-ID: <1379583687-sup-8276@dennou> Excerpts from Matt S's message of 2013-09-18 19:32:21 +0200: > Does anyone have a Terminal Profile handy for an iPhone 4 or 4S? I > dont' have the microSIM SimTrace adapter, and the database here: > https://terminal-profile.osmocom.org/ doesn't appear to have been > updated in a while. I do have this adapter, but no iPhones. If someone has both of them, or just any unlisted phone, feel free to contributes to the database (the script to do so is on the webpage) kevin