-
Notifications
You must be signed in to change notification settings - Fork 6
/
qmi_dissector_header.part
97 lines (68 loc) · 2.79 KB
/
qmi_dissector_header.part
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
--[[
Wireshark Dissector for Qualcomm MSM Interface (QMI) Protocol v0.2
Copyright (c) 2017 Daniele Palmas <dnlplm@gmail.com>
Based on:
- Wireshark Dissector for Qualcomm MSM Interface (QMI) Protocol v0.1
Copyright (c) 2012 Ilya Voronin <ivoronin@gmail.com>
found at: https://gist.github.com/ivoronin/2641557
- Code Aurora Forum's BSD/GPL licensed code:
http://www.codeaurora.org/contribute/projects/gobi/
- freedesktop.org libqmi
https://www.freedesktop.org/wiki/Software/libqmi/
How to use the dissector:
LINUX
1. Make sure to have usbmon support enabled
2. Find device in the lsusb output, e.g.:
$ lsusb
...
Bus 003 Device 022: ID 1bc7:1201 Telit Wireless Solutions
...
3. Run wireshark:
$ wireshark -X lua_script:qmi_dissector_gen.lua
4. Collect log in the appropriate usbmon device (3 in the example) and appply qmi filter
WINDOWS
1. Make sure to have usbpcap installed
2. Find device in USBPcapCMD.exe output, e.g.:
C:\Program Files\USBPcap\USBPcaCMD.exe
...
2 \\.\USBPcap4
\??\USB#ROOT_HUB20#4&244e1552&0#<f18a0e88-c30c-11d0-8815-00a0c906bed8>
[Port 2] Telit USB Composite Device 0x1201
3. Run wireshark:
"C:\Program Files\Wireshark\Wireshark.exe" -X lua_script:qmi_dissector_gen.lua
4. Collect log in the appropriate usbpcap device (4 in the example)
--]]
--- QMI-over-MBIM service UUID
qmi_over_mbim_service_uuid = ByteArray.new("d1 a3 0b c2 f9 7a 6e 43 bf 65 c7 e2 4f b0 f0 d3")
---
--- Proto declaration
---
qmi_proto = Proto("qmi", "Qualcomm MSM Interface")
--
-- Fields
--
-- Generic USB and MBIM fields for QMI-over-MBIM
usb_bInterfaceClass_f = Field.new("usb.bInterfaceClass")
mbim_control_header_message_type_f = Field.new("mbim.control.header.message_type")
-- QMI fields
local f = qmi_proto.fields
-- QMUX Header
f.tf = ProtoField.uint8("qmi.tf", "T/F", base.DEC)
f.len = ProtoField.uint16("qmi.len", "Length", base.DEC)
f.flag = ProtoField.uint8("qmi.flag", "Flag", base.HEX)
f.cid = ProtoField.uint8("qmi.cliend_id", "Client ID", base.HEX)
-- Transaction Header
f.resp_ctl = ProtoField.uint8("qmi.trans_response", "Transaction Response Bit",
base.DEC, nil, 1)
f.ind_ctl = ProtoField.uint8("qmi.trans_indication", "Transaction Indication Bit",
base.DEC, nil, 2)
f.comp_svc = ProtoField.uint8("qmi.trans_compound", "Transaction Compound Bit",
base.DEC, nil, 1)
f.resp_svc = ProtoField.uint8("qmi.trans_response", "Transaction Response Bit",
base.DEC, nil, 2)
f.ind_svc = ProtoField.uint8("qmi.trans_indication", "Transaction Indication Bit",
base.DEC, nil, 4)
f.tid_ctl = ProtoField.uint8("qmi.trans_id", "Transaction ID", base.HEX)
f.tid_svc = ProtoField.uint16("qmi.trans_id", "Transaction ID", base.HEX)
-- Message Header
f.msgid = ProtoField.uint16("qmi.message_id", "Message ID", base.HEX)