Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

S24Ultra with Qualcomm baseband unable to parse LTE MAC PDU to pcap #98

Open
alexjiao2021 opened this issue Apr 20, 2024 · 7 comments
Open

S24Ultra with Qualcomm baseband unable to parse LTE MAC PDU to pcap #98

alexjiao2021 opened this issue Apr 20, 2024 · 7 comments

Comments

@alexjiao2021
Copy link

alexjiao2021 commented Apr 20, 2024
edited
Loading

Hi,
With latest code, I tried below command to parse LTE MAC PDU to pcap file:
sudo scat -t qc -u -a 002:004 -i 0 -L mac -F s24u_lte_mac.pcap
But there are no packets in the pcap file.
Below is stdout with lots of warnings:
s24u_lte_mac.txt
@peremen
Copy link
Member

peremen commented Apr 21, 2024

In short there are 3 missing versions:

2024-04-20 16:22:32,441 scat.qualcommparser (parse_lte_ml1_scell_meas_response) WARNING: Unknown LTE ML1 Serving Cell Meas Serving Cell Measurement Result subpacket version 60
2024-04-20 16:22:32,718 scat.qualcommparser (parse_lte_mac_subpkt_v1) WARNING: Unexpected MAC UL Subpacket version 5
2024-04-20 16:22:33,088 scat.qualcommparser (parse_lte_mac_dl_block) WARNING: Unknown LTE MAC DL transport block packet version 0x32

For the mentioned packet version I don't have devices and log samples yet. If you can capture the logs to QMDL file (use --qmdl option) I can take a look on it later. Please also keep in mind that MAC/PDCP decoding is still in early phase.

@alexjiao2021
Copy link
Author

@peremen Thanks for reply.
Here is QMDL log:
s24u_lte.zip
BTW do you have plans to add NR MAC PDU support?

@jstys
Copy link

jstys commented Apr 22, 2024

@alexjiao2021 I assume this is on an unrooted S24 Ultra? My rooted S928B gets stuck at "Starting Diag" and doesn't report chipset either.

2024-04-22 14:01:10,452 scat.qualcommparser (stop_diag) INFO: Stopping diag
2024-04-22 14:01:10,461 scat.qualcommparser (init_diag) INFO: Initializing diag
Radio 0: Compile: /, Release: /, Chipset: 
Radio 0: Build ID: OEDB410
Radio 0: Log Config: Retrieve ID ranges: 1: 3632, 4: 2320, 5: 1056, 7: 1279, 10: 906, 11: 2559, 13: 511, 
Radio 0: Extended message range: 0-142, 500-506, 1000-1007, 2000-2008, 3000-3014, 4000-4010, 4500-4584, 4600-4616, 5000-5037, 5500-5517, 6000-6082, 6500-6521, 7000-7003, 7100-7111, 7200-7201, 8000-8000, 8500-8532, 9000-9008, 9500-9521, 10200-10210, 10251-10255, 10300-10300, 10350-10377, 10400-10416, 10500-10505, 10600-10620, 10801-10821, 11057-11073, 49152-49251, 
2024-04-22 14:01:11,493 scat.qualcommparser (prepare_diag) INFO: Starting diag

@peremen
Copy link
Member

peremen commented Apr 22, 2024

@peremen Thanks for reply. Here is QMDL log: s24u_lte.zip BTW do you have plans to add NR MAC PDU support?

From my initial analysis, the packet format across versions had been largely changed, it will take some time to analyze it.

And not yet for NR MAC, support is planned after finalizing GSMTAPv3 which is scheduled within 1H 2024.

@alexjiao2021
Copy link
Author

@alexjiao2021 I assume this is on an unrooted S24 Ultra? My rooted S928B gets stuck at "Starting Diag" and doesn't report chipset either.


2024-04-22 14:01:10,452 scat.qualcommparser (stop_diag) INFO: Stopping diag

2024-04-22 14:01:10,461 scat.qualcommparser (init_diag) INFO: Initializing diag

Radio 0: Compile: /, Release: /, Chipset: 

Radio 0: Build ID: OEDB410

Radio 0: Log Config: Retrieve ID ranges: 1: 3632, 4: 2320, 5: 1056, 7: 1279, 10: 906, 11: 2559, 13: 511, 

Radio 0: Extended message range: 0-142, 500-506, 1000-1007, 2000-2008, 3000-3014, 4000-4010, 4500-4584, 4600-4616, 5000-5037, 5500-5517, 6000-6082, 6500-6521, 7000-7003, 7100-7111, 7200-7201, 8000-8000, 8500-8532, 9000-9008, 9500-9521, 10200-10210, 10251-10255, 10300-10300, 10350-10377, 10400-10416, 10500-10505, 10600-10620, 10801-10821, 11057-11073, 49152-49251, 

2024-04-22 14:01:11,493 scat.qualcommparser (prepare_diag) INFO: Starting diag

@jstys Yes, it's unrooted.

@domi007
Copy link

domi007 commented Aug 2, 2024
edited
Loading

@jstys Maybe try if this trick works for you to turn on DM (DIAG mode) for the USB:

  • Enable USB debugging
  • Enable USB menu/diag mode in phone by dialling *#0808# for Samsung and *#8011# for Oneplus
  • Select option RMNET+DM+MODEM+ADPL+ADB

@jstys
Copy link

jstys commented Aug 2, 2024

@jstys Maybe try if this trick works for you to turn on DM (DIAG mode) for the USB:

* Enable USB debugging

* Enable USB menu/diag mode in phone by dialling *#0808# for Samsung and *#8011# for Oneplus

* Select option RMNET+DM+MODEM+ADPL+ADB

Appreciate the feedback but this wasn't my issue. The only way I got it working was to flash a zip that disables system encryption because on rooted S24 Ultra (SM-S928B model), rooting the device broke diag functionality altogether and this was the only way to revive it. (Even unrooting the device / flashing stock did not fix it so probably related to bootloader unlocking / encryption in some way)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@peremen @domi007 @jstys @alexjiao2021