GSM 850 / PCS 1900 : PLEASE HELP NEEDED

This is merely a historical archive of years 2008-2021, before the migration to mailman3.

A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/baseband-devel@lists.osmocom.org/.

rola roladunjoye at gmail.com
Wed Sep 21 01:26:35 UTC 2011


Hi All,

Thanks a lot Sylvain for your response. At least the SIM Reader  can read
the SIM information now. The Mobile outputs the following: IMEI, IMSI,
ICCID, MCC, MNC,LAC and the KEY. But, the process returnes failure for SIM
file at 0x6f40 and hangs while retrieving information for SIM file at to
retrieve information in location 0x6f30. However, after making sure that the
gsm-850 and pcs are enabled, running of the Osmocon without SIM still yield
the same output I posted earlier with DCS as the reference band of the
Mobile output.

Running Osmocon with SIM:

Osmocom Output:


rola at amira:~/test2-osmocom-bb/osmocom-bb/src/host/osmocon$ ./osmocon -p
/dev/ttyUSB0 -m c155
../../target/firmware/board/compal_e99/layer1.compalram.bin
got 7 bytes from modem, data looks like: 1b f6 02 00 41 01 40  ....A.@
Received PROMPT1 from phone, responding with CMD
read_file(../../target/firmware/board/compal_e99/layer1.compalram.bin):
file_size=53804, hdr_len=4, dnload_len=53811
got 1 bytes from modem, data looks like: 1b  .
got 1 bytes from modem, data looks like: f6  .
got 1 bytes from modem, data looks like: 02  .
got 1 bytes from modem, data looks like: 00  .
got 1 bytes from modem, data looks like: 41  A
got 1 bytes from modem, data looks like: 02  .
got 1 bytes from modem, data looks like: 43  C
Received PROMPT2 from phone, starting download
handle_write(): 4096 bytes (4096/53811)
handle_write(): 4096 bytes (8192/53811)
handle_write(): 4096 bytes (12288/53811)
handle_write(): 4096 bytes (16384/53811)
handle_write(): 4096 bytes (20480/53811)
handle_write(): 4096 bytes (24576/53811)
handle_write(): 4096 bytes (28672/53811)
handle_write(): 4096 bytes (32768/53811)
handle_write(): 4096 bytes (36864/53811)
handle_write(): 4096 bytes (40960/53811)
handle_write(): 4096 bytes (45056/53811)
handle_write(): 4096 bytes (49152/53811)
handle_write(): 4096 bytes (53248/53811)
handle_write(): 563 bytes (53811/53811)
handle_write(): finished
got 1 bytes from modem, data looks like: 1b  .
got 1 bytes from modem, data looks like: f6  .
got 1 bytes from modem, data looks like: 02  .
got 1 bytes from modem, data looks like: 00  .
got 1 bytes from modem, data looks like: 41  A
got 1 bytes from modem, data looks like: 03  .
got 1 bytes from modem, data looks like: 42  B
Received DOWNLOAD ACK from phone, your code is running now!


OSMOCOM Layer 1 (revision osmocon_v0.0.0-1111-ge838620)
======================================================================
Device ID code: 0xb4fb
Device Version code: 0x0000
ARM ID code: 0xfff3
cDSP ID code: 0x0128
Die ID code: 7e570d2eb10393bb
======================================================================
REG_DPLL=0x2413
CNTL_ARM_CLK=0xf0a1
CNTL_CLK=0xff91
CNTL_RST=0xfff3
CNTL_ARM_DIV=0xfff9
======================================================================
Power up simcard:
Assert DSP into Reset
Releasing DSP from Reset
Setting some dsp_api.ndb values
Setting API NDB parameters
DSP Download Status: 0x0001
DSP API Version: 0x0000 0x0000
Finishing download phase
DSP Download Status: 0x0002
DSP API Version: 0x3606 0x0000
LOST 7019!
SIM Request (7): a0 a4 00 00 02 3f 00 
Status 2: 9F 22
SIM Request (5): a0 c0 00 00 22 
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 2f e2 
Status 2: 9F 0F
SIM Request (5): a0 c0 00 00 0f 
Status 1: 90 00
SIM Request (5): a0 b0 00 00 0a 
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 7f 20 
Status 2: 9F 22
SIM Request (5): a0 c0 00 00 22 
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 07 
Status 2: 9F 0F
SIM Request (5): a0 c0 00 00 0f 
Status 1: 90 00
SIM Request (5): a0 b0 00 00 09 
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 7e 
Status 2: 9F 0F
SIM Request (5): a0 c0 00 00 0f 
Status 1: 90 00
SIM Request (5): a0 b0 00 00 0b 
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 3f 00 
Status 2: 9F 22
SIM Request (5): a0 c0 00 00 22 
Status 1: 90 00
LOST 1893!
LOST 1857!
SIM Request (7): a0 a4 00 00 02 7f 10 
Status 2: 9F 22
SIM Request (5): a0 c0 00 00 22 
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 40 
Status 2: 9F 0F
SIM Request (5): a0 c0 00 00 0f 
Status 1: 90 00
SIM Request (5): a0 b0 00 00 80 
Status 1: 94 08
SIM Request (7): a0 a4 00 00 02 3f 00 
Status 2: 9F 22
SIM Request (5): a0 c0 00 00 22 
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 7f 20 
Status 2: 9F 22
SIM Request (5): a0 c0 00 00 22 
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 20 
Status 2: 9F 0F
SIM Request (5): a0 c0 00 00 0f 
Status 1: 90 00
SIM Request (5): a0 b0 00 00 09 
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 30 
Status 2: 9F 0F
SIM Request (5): a0 c0 00 00 0f 
Status 1: 90 00
SIM Request (5): a0 b0 00 00 fc 

Osmocon hang at this point.

Mobile Output:



rola at amira:~/test2-osmocom-bb/osmocom-bb/src/host/layer23/src/mobile$
./mobile -i 127.0.0.1
Copyright (C) 2008-2010 ...
Contributions by ...

License GPLv2+: GNU GPL version 2 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

<000f> sim.c:1206 init SIM client
<0006> gsm48_cc.c:63 init Call Control
<0001> gsm48_rr.c:5100 init Radio Ressource process
<0005> gsm48_mm.c:1312 init Mobility Management process
<0005> gsm48_mm.c:1035 Selecting PLMN SEARCH state, because no SIM.
<0002> gsm322.c:5023 init PLMN process
<0003> gsm322.c:5024 init Cell Selection process
***
Warning: Mobile '1' has default IMEI: 000000000000000
This could relate your identitiy to other users with default IMEI.
***
Mobile '1' initialized, please start phone now!
VTY available on port 4247.
<0005> subscriber.c:567 Requesting SIM file 0x2fe2
<000f> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000f> sim.c:697 go MF
<000f> sim.c:241 SELECT (file=0x3f00)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000f> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x22)
<000f> sim.c:949 command successfull
<000f> sim.c:571 GET RESPONSE (len=34)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000f> sim.c:876 received APDU (len=34 sw1=0x90 sw2=0x00)
<000f> sim.c:949 command successfull
<000f> sim.c:241 SELECT (file=0x2fe2)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000f> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x0f)
<000f> sim.c:949 command successfull
<000f> sim.c:571 GET RESPONSE (len=15)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000f> sim.c:876 received APDU (len=15 sw1=0x90 sw2=0x00)
<000f> sim.c:949 command successfull
<000f> sim.c:277 READ BINARY (offset=0 len=10)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000f> sim.c:876 received APDU (len=10 sw1=0x90 sw2=0x00)
<000f> sim.c:949 command successfull
<000f> sim.c:151 sending result to callback function (type=0)
<0005> subscriber.c:236 received ICCID #################### from SIM
<0005> subscriber.c:567 Requesting SIM file 0x6f07
<000f> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000f> sim.c:706 requested path is longer, go child DFgsm
<000f> sim.c:241 SELECT (file=0x7f20)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000f> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x22)
<000f> sim.c:949 command successfull
<000f> sim.c:571 GET RESPONSE (len=34)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000f> sim.c:876 received APDU (len=34 sw1=0x90 sw2=0x00)
<000f> sim.c:949 command successfull
<000f> sim.c:241 SELECT (file=0x6f07)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000f> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x0f)
<000f> sim.c:949 command successfull
<000f> sim.c:571 GET RESPONSE (len=15)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000f> sim.c:876 received APDU (len=15 sw1=0x90 sw2=0x00)
<000f> sim.c:949 command successfull
<000f> sim.c:277 READ BINARY (offset=0 len=9)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000f> sim.c:876 received APDU (len=9 sw1=0x90 sw2=0x00)
<000f> sim.c:949 command successfull
<000f> sim.c:151 sending result to callback function (type=0)
<0005> subscriber.c:266 received IMSI ################ from SIM
<0005> subscriber.c:567 Requesting SIM file 0x6f7e
<000f> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000f> sim.c:241 SELECT (file=0x6f7e)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000f> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x0f)
<000f> sim.c:949 command successfull
<000f> sim.c:571 GET RESPONSE (len=15)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000f> sim.c:876 received APDU (len=15 sw1=0x90 sw2=0x00)
<000f> sim.c:949 command successfull
<000f> sim.c:277 READ BINARY (offset=0 len=11)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000f> sim.c:876 received APDU (len=11 sw1=0x90 sw2=0x00)
<000f> sim.c:949 command successfull
<000f> sim.c:151 sending result to callback function (type=0)
<0005> subscriber.c:302 received LOCI from SIM (mcc=### mnc=### lac=#####
##)
<0005> subscriber.c:567 Requesting SIM file 0x6f40
<000f> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000f> sim.c:697 go MF
<000f> sim.c:241 SELECT (file=0x3f00)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000f> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x22)
<000f> sim.c:949 command successfull
<000f> sim.c:571 GET RESPONSE (len=34)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000f> sim.c:876 received APDU (len=34 sw1=0x90 sw2=0x00)
<000f> sim.c:949 command successfull
<000f> sim.c:706 requested path is longer, go child DFtelecom
<000f> sim.c:241 SELECT (file=0x7f10)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000f> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x22)
<000f> sim.c:949 command successfull
<000f> sim.c:571 GET RESPONSE (len=34)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000f> sim.c:876 received APDU (len=34 sw1=0x90 sw2=0x00)
<000f> sim.c:949 command successfull
<000f> sim.c:241 SELECT (file=0x6f40)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000f> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x0f)
<000f> sim.c:949 command successfull
<000f> sim.c:571 GET RESPONSE (len=15)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000f> sim.c:876 received APDU (len=15 sw1=0x90 sw2=0x00)
<000f> sim.c:949 command successfull
<000f> sim.c:277 READ BINARY (offset=0 len=128)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000f> sim.c:876 received APDU (len=128 sw1=0x94 sw2=0x08)
<000f> sim.c:952 command failed
<000f> sim.c:151 sending result to callback function (type=1)
<0005> subscriber.c:620 SIM reading failed, ignoring!
<0005> subscriber.c:567 Requesting SIM file 0x6f20
<000f> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000f> sim.c:697 go MF
<000f> sim.c:241 SELECT (file=0x3f00)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000f> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x22)
<000f> sim.c:949 command successfull
<000f> sim.c:571 GET RESPONSE (len=34)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000f> sim.c:876 received APDU (len=34 sw1=0x90 sw2=0x00)
<000f> sim.c:949 command successfull
<000f> sim.c:706 requested path is longer, go child DFgsm
<000f> sim.c:241 SELECT (file=0x7f20)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000f> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x22)
<000f> sim.c:949 command successfull
<000f> sim.c:571 GET RESPONSE (len=34)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000f> sim.c:876 received APDU (len=34 sw1=0x90 sw2=0x00)
<000f> sim.c:949 command successfull
<000f> sim.c:241 SELECT (file=0x6f20)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000f> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x0f)
<000f> sim.c:949 command successfull
<000f> sim.c:571 GET RESPONSE (len=15)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000f> sim.c:876 received APDU (len=15 sw1=0x90 sw2=0x00)
<000f> sim.c:949 command successfull
<000f> sim.c:277 READ BINARY (offset=0 len=9)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000f> sim.c:876 received APDU (len=9 sw1=0x90 sw2=0x00)
<000f> sim.c:949 command successfull
<000f> sim.c:151 sending result to callback function (type=0)
<0005> subscriber.c:349 received KEY from SIM
<0005> subscriber.c:567 Requesting SIM file 0x6f30
<000f> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000f> sim.c:241 SELECT (file=0x6f30)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000f> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x0f)
<000f> sim.c:949 command successfull
<000f> sim.c:571 GET RESPONSE (len=15)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000f> sim.c:876 received APDU (len=15 sw1=0x90 sw2=0x00)
<000f> sim.c:949 command successfull
<000f> sim.c:277 READ BINARY (offset=0 len=252)
<000f> sim.c:187 sending APDU (class 0xa0, ins 0xb0)

###### are place holders for actual SIM information.

 Telnett Output:
OsmocomBB# show running-config

Current configuration:
!
!
line vty
 no login
!
gps device /dev/ttyACM0
gps baudrate default
no gps enable
!
no hide-default
!
ms 1
 layer2-socket /tmp/osmocom_l2
 sap-socket /tmp/osmocom_sap
 sim reader
 network-selection-mode auto
 imei 000000000000000 0
 imei-fixed
 no emergency-imsi
 no call-waiting
 no auto-answer
 no clip
 no clir
 tx-power auto
 no simulated-delay
 no stick
 location-updating
 neighbour-measurement
 codec full-speed prefer
 codec half-speed
 no abbrev
 support
  a5/1
  a5/2
  no p-gsm
  no e-gsm
  no r-gsm
  gsm-850
  no dcs
  pcs
  class-900 4
  class-850 4
  class-dcs 1
  class-pcs 1
  channel-capability sdcch+tchf+tchh
  full-speech-v1
  full-speech-v2
  half-speech-v1
  min-rxlev -106
  dsc-max 90
  no skip-max-per-band
 exit
 test-sim
  imsi 001010000000000
  ki xor 00 00 00 00 00 00 00 00 00 00 00 00 
  no barred-access
  no rplmn
  hplmn-search foreign-country
 exit
 no shutdown
exit
!
end
OsmocomBB# sim read 1
OsmocomBB# show ms 1
MS '1' is up, service is limited
  IMEI: 000000000000000
     IMEISV: 0000000000000000
     IMEI generation: fixed
  automatic network selection state: A6 no SIM inserted
  cell selection state: C6 any cell selection
  radio ressource layer state: idle
  mobility management layer state: MM idle, PLMN search
OsmocomBB# show support
Supported features of MS '1':
 Phase 2 mobile station
 R-GSM        : disabled
 E-GSM        : disabled
 P-GSM        : disabled
 DCS 1800     : disabled
 GSM 850      : yes
 GSM 850 Class: 4
 PCS 1900     : yes
 PCS Class    : 1
 GSM 480      : no
 GSM 450      : no
 CECS         : no
 VGCS         : no
 VBS          : no
 SMS          : no
 SS_IND       : yes
 PS_CAP       : no
 CMSP         : no
 SoLSA        : no
 LCSVA        : no
 LOC_SERV     : no
 A5/1         : yes
 A5/2         : yes
 A5/3         : no
 A5/4         : no
 A5/5         : no
 A5/6         : no
 A5/7         : no
 A5/1         : yes
 Channels     : SDCCH + TCH/F + TCH/H
 Full-Rate V1 : yes
 Full-Rate V2 : yes
 Full-Rate V3 : no
 Half-Rate V1 : yes
 Half-Rate V3 : no
 Min RXLEV    : -106

OsmocomBB# 
 I disabled every other band except gsm-850 and pcs.


I have been taken time reading through the source codes and tracking the
process from one section to another. And at the same digging for information
on techniques and protocols applied in the project. I hope I can just get
the application runs to a level where I can use it to establish a call.
Thanks to everyone.

Best regards,

Rasak

--
View this message in context: http://baseband-devel.722152.n3.nabble.com/GSM-850-PCS-1900-PLEASE-HELP-NEEDED-tp3350771p3354030.html
Sent from the baseband-devel mailing list archive at Nabble.com.




More information about the baseband-devel mailing list