driver: add uqmi backend #149
Conversation
This commit adds a backend to interface with an eUICC connected to a compatible modem using the uqmi application. This allows OpenWrt to manage an eUICC including the download and installation of SIM profiles. This was previously not possible with most modems, as the APDU operations were aborted due to exceeding the timeout imposed on the AT interface by the modem firmware. Tested-on: Quectel EC25 / Quectel EP06 / Quectel RG520N Signed-off-by: David Bauer <[email protected]>
There was a problem hiding this comment.
this is safe from command injection attacks?
see https://owasp.org/www-community/attacks/Command_Injection
|
@septs Where do you see the potential for Command injection? APDU data is generated by the existing lpac infrastructure and all binary data potentially landing in the system shell is formatted only in hex-chars here: The buffer is fixed-size 2048 byte long, which fits the maximum tansport size. However, it currently does not check if tx_len fits in there, I will fix this. To give a it of background: Still looking forward for your feedback! |
| return -1; | ||
| } | ||
|
|
||
| fp = popen(final_command, "r"); |
There was a problem hiding this comment.
We should avoid system(3) or popen(3) because they pass commandline to shell and then shell will do some extra things like wordsplit, glob expansion. It doesn't execute as what we write.
There was a problem hiding this comment.
plz use spawn(3)
see https://man7.org/linux/man-pages/man3/posix_spawn.3.html
| client_id, logic_channel, buf); | ||
| uqmi_execute_command(cmd, buf, sizeof(buf)); | ||
|
|
||
| json = strstr(buf, "{"); |
There was a problem hiding this comment.
I think it's unnecessary since it has been covered by cJSON_Parse().
| for (int i = 0; i < tx_len; i++) | ||
| { | ||
| snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), "%02X", (uint8_t)(tx[i] & 0xFF)); | ||
| } |
There was a problem hiding this comment.
builtin bin to hex string function, plz use euicc_hexutil_bin2hex
Lines 4 to 8 in 9e0612b
| set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DLPAC_WITH_APDU_UQMI") | ||
| target_sources(euicc-drivers PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/apdu/uqmi.c) | ||
|
|
There was a problem hiding this comment.
| set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DLPAC_WITH_APDU_UQMI") | |
| target_sources(euicc-drivers PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/apdu/uqmi.c) | |
| if(LPAC_WITH_APDU_UQMI) | |
| set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DLPAC_WITH_APDU_UQMI") | |
| target_sources(euicc-drivers PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/apdu/uqmi.c) | |
| endif() | |
uQMI is optional and not available on all platforms
|
Is there any difference to #131 apart from using uqmi instead of libqmi? The functionality should be the same, right? |
uQMI is OpenWrt specific |
This commit adds a backend to interface with an eUICC connected to a compatible modem using the uqmi application.
This allows OpenWrt to manage an eUICC including the download and installation of SIM profiles.
This was previously not possible with most modems, as the APDU operations were aborted due to exceeding the timeout imposed on the AT interface by the modem firmware.
Tested-on: Quectel EC25 / Quectel EP06 / Quectel RG520N