baseband-devel February 2010

baseband-devel@lists.osmocom.org

24 participants
27 discussions

Re: Phone acting as a BTS
by Dieter Spaar 24 Feb '10

24 Feb '10

Hello Sylvain, On Wed, 24 Feb 2010 00:06:54 +0100, "Sylvain Munaut" <246tnt(a)gmail.com> wrote: > > Since the beginning, I'm wondering if it would be possible to turn one > of those cheap phone into a BTS. I'm n ot talking a full featured BTS > and the mod will involve hardwares changes obviously. > The more I look at it and the more I think it might work. No, I'm not > crazy, please bear with me until the end of this post :) No, you are not crazy, to be true I thought about it for a while too ;-) It all depends on what you want to do. Just transmitting a C0 so that other phones nearby would recognize the new BTS should be rather easy. You can synhronize on an offical network to adjust the clock, the clock should be stable enough for a while so that other phones can detect the new BTS. There should also be no severe limitations from any filter when transmitting. You are probably out of the specification for the transceiver and maybe the power amplifier but the power should still be good enough to cover an area large enough for experiments. Transmitting the required SBs and FBs should not be too difficult, the DSP cannot generate them, however its rather easy to programm the ABB with the raw bits of a burst. Receiving is more difficult. The filters will influence the signal quite a lot, however it should be still possible to receive strong signals without the requirement for a hardware modification. I already did a few experiments to find out how far the transceiver could be tuned out of range, for GSM-900 I was able to detect the frequency bursts of a 840 Mhz signal with about 40 dBm less strength than receiving a similar signal inside the GSM-900 band. 840 Mhz would be more than enough for receiving uplink signals in GSM-900. I did not yet tried it for the transmitter, however I expect that it can be used to transmit downlink frequencies too. Just as an example for the influence of the filter: The Openmoko Freerunner uses a Calypso based Tri-Band GSM modem, its available for GSM-900 or GSM-850, the difference is mainly a different filter in the RX path. However you can still use the GSM-850 variant with GSM-900 if you are close enough to the BTS. One real problem for the "phone as a BTS" idea is the detection of the RACH bursts. You most certainly cannot use the DSP "as is" for this task because it does not know about the special RACH burst. It would probably require some modification (patches) to the DSP if you want to detect and handle them. Best regards, Dieter -- Dieter Spaar, Germany spaar(a)mirider.augusta.de

1 0

Phone acting as a BTS
by Sylvain Munaut 24 Feb '10

24 Feb '10

Hi, Since the beginning, I'm wondering if it would be possible to turn one of those cheap phone into a BTS. I'm n ot talking a full featured BTS and the mod will involve hardwares changes obviously. The more I look at it and the more I think it might work. No, I'm not crazy, please bear with me until the end of this post :) So, what are the obstacles (taking the C118 as an example): * RX filters : Obviously you would need to remove one and replace it with one for the good band. I would only replace one of them so that you can use the 900 band for BTS and the 1800 band for MS for example (so that you can still listen to a official bts and calibrate the clock). * RX/TX switch Those have ports that have frequency bands ... but .. do they really filter that much ? * MS can't TX/RX simultaneously. I think you can take advantage of the fact. Imagine that you only ever allocate channels on TS0,1 & 2. ( BCCH+SDCCH/4 + 2*TCH/F ), you could divide your time like this : TS0 - Capture FCCH of a nearby station to calibrate local vcxo TS1 - Our BTS TS0 TX TS2 - Our BTS TS1 TX TS3 - Our BTS TS2 TX TS4 - Our BTS TS0 RX TS5 - Our BTS TS1 RX TS6 - Our BTS TS2 RX TS7 - nothing ... But this can still be a battery powered handheld BTS :) Sylvain

2 1

Calypso status update
by Harald Welte 23 Feb '10

23 Feb '10

Hi! I've done a day of bugfixing today, mostly regarding the timing and sequencing of the TPU window during receive (and transmit). The biggest new feature is the #define TPU_DEBUG which will transfer the content of the TPU RAM to the host PC every time tpu_enable(1) is called. There's a TPU debugger (tpu_debug.c) as part of osmocon which receives, decodes and prints the TPU instructions. This way you can clearly see the exact sequence (and timing) of the commands that are executed by the TPU. What turned out to be the major problem that I was hunting most of the day: Whe first did the downlink calibration (BLDCAL), then waited for a specific time, and then enabled the downlink path (BDLENA). This worked fine so far. I then added code to disable the TRF6151 after the downlink path is closed (twl3025_downlink(0)). Suddenly not a single burst was received anymore. Now the sequence of events seems correct, at least in the little testing I did. Regards, Harald -- - Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

3 3

introduce myself
by Andreas.Eversberg 23 Feb '10

23 Feb '10

hi there, my name is andreas eversberg. i worked for the mISDN and openbsc project before. after joining the openbsc project, i mainly worked on the call control protocol and the application interface, as well as E1 kernel driver improvements for openbsc. i expanded my linux-call-router application to be able to link with openbsc, so both become a mobile network, as used on the 26c3. i like to put my experience into the osmocomBB project. therfore i started working on the layer 3 "call control" (network layer, mobile side) already. (TS 04.08) the application interface is almost identical, so osmocomBB can be used with linux-call-router also. the next goal is to implement "radio ressource" protocol and "mobility management" protocol (real state machine), and i hope to get help with that. all three protocols are required to do voice calls. my motivations for joining the project are at the moment: - having a cool (graphical) network monitor - backup line for PBX, PBX in a car. - attaching (virtual) test SIM via phone's menu - changing IMEI via phone's menu i hope this project make as much phun as openbsc. andreas

2 1

Re: Memory Leaking. _talloc_zero panics
by Harald Welte 21 Feb '10

21 Feb '10

On Sun, Feb 21, 2010 at 06:03:08PM +0100, Sylvain Munaut wrote: > > I will think about how to solve this. Either we introduce some busy-waiting > > until more space is available, or I will try to fill existing buffers even > > beyond the end-of-line. > > I've seen the commit to fill up the msgb more. But this exposed > another bug in msgb I think. > The headroom allocation doesn't work AFAICT. In msgb.h there is : > > static inline int msgb_tailroom(const struct msgb *msgb) > { > return (msgb->data + msgb->data_len) - msgb->tail; > } you are right, it should be msgb->head + msgb->data_len, I've fixed that now. I've also changed to busy-wait until we have msgb's available again. dsp_dump and hello_world as well as l1test seem to work again now. It's all still a big hack and later we need to determine if we're called from a context that supports busy-waiting at all. Imagine this code being executed from the FIQ context, while new memory will always only be available from IRQ context (UART Tx FIFO interrupt): We will deadlock. Cheers, Harald -- - Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)

1 0

SIM
by azrael01 21 Feb '10

21 Feb '10

Hi, I'm new at this project and I've no experience to program a complete SIM card. But I've experience to implement the ISO-7816 standard on a ARM-Cortex-M3, so that you have a SIM-interface (SIM emulation) between the PC an the Mobile equipment. However, if I can help I'll be pleased to hear from you. cheers, Carsten

2 1

some questions
by Ilya Petrov 21 Feb '10

21 Feb '10

Hi! I read few pages at http://bb.osmocom.org but didnt find answer for some little questions. What this code is based on? Is this a port of some rtos to calypso? -- wbr, Ilya ICQ: none, Jabber: ilya.muromec(a)jabber.ru

3 4

Memory Leaking. _talloc_zero panics
by Sylvain Munaut 21 Feb '10

21 Feb '10

Hi, I've noticed that hello_world and compal_dsp_dump now crash pretty early. I've traced it down to talloc_zero panicing by running out of free msgb. Augmenting the number to 64 makes the software go a little further but they still crash in the end. I'm hoping that the person who wrote this part will see an obvious place where the problem lies :) Sylvain

2 2

Sim
by Sébastien Lorquet 21 Feb '10

21 Feb '10

Hi all, congrats for your awesome research and work, this is truly impressive. The little ant that I am (compared to you) was interested in helping you with the SIM aspects of the project. I think I know javacard sufficiently to implement a basic sim card that can be totally controlled. I already started to think on how to do that. This will include making host side tools, too. If javacard is not open enough, we can also look at native cards using PIC, for example. In our previous discussions, the main problem was the availability of SIM sized cards, be them javacards or not. pros and cons - javacard is an industry standard, coupled with GlobalPlatform specs this is a portable way to put an application on a card without being locked with a card manufacturer. - native PIC cards benefit from a lot of open tools such as the gp* PIC tools, asm, sdcc for compiler and gpsim for simulation. - some projects exists already, I don't know them well, maybe they can be used, forked, improved. - availability must be checked. I'd like to request precisions on how the things should be done, what are the minimal requirements (files, etc) and when the openSim project will be needed regarding to your progress. Regards Sebastien

3 3

Links to schematics in the wiki ?
by Sylvain Munaut 21 Feb '10

21 Feb '10

Hi, I'm wondering if it's ok or not to put links (and only links obviously) to schematics of GSM in the Wiki ? IANAL so I'm not sure exactly what the situation is ... and I'd rather ask before I start adding too much of them :) Cheers, Sylvain

2 1

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

baseband-devel February 2010