Undefined Instruction while communicating with modem (Quectel EC25)

tomasz-lisowski / swsim

A software SIM card.

BSD 3-Clause "New" or "Revised" License

300 stars 34 forks source link

Undefined Instruction while communicating with modem (Quectel EC25) #15

Closed mike0609king closed 4 months ago

mike0609king commented 4 months ago

Setup

swSIM is used with simtrace2, which forwards the traffic to the Quectel EC25.

Problem

I am tring to lock onto a LTE cell with the modem (using the AT+QNWLOCK command). The modem doesn't lock onto the cell. It looks like the modem sends commands to the swSIM that are not defined. I have attached the output of simtrace and the recorded PCAP (in a zip-file).

Questions

Is this a bug or is the functionality not implemented?
It it isn't implemented: Do you have the time to do so?
If you don't have the time to do so: Do you have suggestions about how one can implement it?

tomasz-lisowski commented 4 months ago

I added the missing UPDATE RECORD instruction in d828304d9676fdf449135dd2d38ae01c268a160d. This might solve your problem.

mike0609king commented 4 months ago

UPDATE RECORD seems to work perfectly now, but ENVELOPE Call Control also seems to be undefined. Could this cause a problem too?

tomasz-lisowski commented 4 months ago

I doubt the call control instruction is mandatory for it to work. Please keep me posted though, I could be wrong.

mike0609king commented 4 months ago

I also thought that the ENVELOPE command as a whole is optional. I managed to modify swSIM such that it would return the status code 9000, when the program sees the ENVELOPE command. This fixes the issue, but I don't know why :(.

Is it possible for you to return 9000 whenever an ENVELOPE command is given or would it cause some weird bugs?

tomasz-lisowski commented 4 months ago

CAT (i.e. card application toolkit) is normally optional since not all SIM cards support the proactive features of CAT as described in ETSI TS 102 223.

I incorrectly set the "call control" service as supported in the UST (USIM service table). Call control service has number 30 in the EF.UST (FID=6F38) per ETSI TS 131 102. If you want the modem to not send any CAT commands, it is best to set all related services to unsupported (=0). Old UST with call control: BEFFBF9DE73E0408400170730000002E00000000 New UST without call control: BEFFBF99E73E0408400170730000002E00000000

I will do a deeper look at the UST to see how it should look given the features of swSIM. Most of the files in data/usim.json have been copied directly from an existing Sysmocom card and may not contain exactly the right data. I will look into generating these files in the future, right now I don't have enough time to manually check every single bit of every single file. :/

Hope this helps.

tomasz-lisowski commented 4 months ago

In regards to if sending 9000 in response to the call control ENVELOPE:

In your case, since this is a call control message, it forces the modem to send all dialled numbers, USSD, etc. to pass through the SIM, allowing the card to modify, bar, or allow the call to happen. More details are described in ETSI TS 131 111.

Per ETSI TS 131 111 clause 7.3.1.6, It is permissible for the UICC to provide no response data, by responding with SW1/SW2 = '90 00'. So no, sending 9000 will not cause any problems.

Just remember that not all ENVELOPE commands are for call control, so not all of them allow a plain 9000 response. You'll need to monitor the commands in case some other ENVELOPE is sent.

mike0609king commented 4 months ago

Thanks a lot! Your comments were extremely helpful :D