[Gsmmap] snoopsnitch Logging filters

Luca Melette luca at srlabs.de
Wed Feb 25 01:22:42 CET 2015


Hi E:V:A,

> To that end, it would be very helpful if someone could better explain
> the contents of the filtering mechanism. In particular the meaning and
> use of the hex strings in the file:
> 
> /SnoopSnitch/src/de/srlabs/snoopsnitch/qdmon/SetupLoggingCmds.java
> 
> 1) Are they QMI sub-service commands, just filters or something else?
> 2) What is the relationship of this file to the binary helpers
> diag_import.c and diag-helper.c
> 3) I think we might be able to extend some of this to the XMM BPs, via
> OEM_HOOK_RAW as the format is very similar... Any thoughts on this?

1)
What you see in that file is what we could sniff on the USB cable,
after enabling the interesting debug features on the mobile.
I don't know exactly what these commands do, I just see some long
initialization vectors for the debug subsystem, all generated by
Qualcomm tools. I wouldn't edit this file anyway, it works :)

2)
diag_import (and the library behind it) fetches the output of dev/diag
and does some filtering on the message types (reverse engineered).
We receive many messages from the baseband, but we discard most of
them and focus only on the ones that contain radio payloads.

3)
I'm not the right person to talk about Android, but I know that the
OEM_HOOK_RAW was reliable for us.

Cheers,

LM



More information about the Gsmmap mailing list