21 Dec
2017
21 Dec
'17
9:48 a.m.
Hi Harald!
* using phones that don't use secure/authenticated boot for the BBP, or
those where the certificates have leaked and/or exploits are known
<>> Do we currently have any candidates? Or list of potential
candidates? Are ie. Nexus devices friendlier ?
* finding the time to work on the protocol stack beyond classic 2G which
is currently implemented in OsmocomBB.
<>> Wild idea this might be, but do we need BBP with 2G stack ? Could we
settle for LTE-only open BBP ? I'm thinking about doing some chip works
and minimizing the software stack based on srsUE
Cheers :)
Marek
On 12/17/2017 01:33 PM, Harald Welte wrote:
Hi Marek!
On Sun, Dec 17, 2017 at 12:58:00PM +0100, Marek Sebera wrote:
Silly idea maybe, but would it be possible to
port osmocom-bb for
mediatek/intel/qualcomm BBP and replace the current firmware with open one?
theoretically possible, yes.
I presume it will be a tremendous amount of work,
no doubts, but apart from
that, is it theoretically and technically possible? Given root and/or
hardware acces of course, we do not need to preserve the old firmware or
exploit the update process (ie. if specific cert signature is needed for
bbp-soc firmware update)
The biggest challenges, from my point of view, are:
* using phones that don't use secure/authenticated boot for the BBP, or
those where the certificates have leaked and/or exploits are known
* finding significant enough amount of leaked sources or documentation
and/or doing the reverse engineering required to understand how to talk
to the DSP and/or related peripherals
* finding the time to work on the protocol stack beyond classic 2G which
is currently implemented in OsmocomBB.
Regards,
Harald