https://redmine.replicant.us/https://redmine.replicant.us/favicon.ico?15984615062021-03-17T13:45:13ZReplicantReplicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=86812021-03-17T13:45:13ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul><li><strong>Type of work</strong> <i>Any programming languages (scripts, C, etc), C programming</i> added</li></ul><p>I've moved that bug here as this way I'll be able to upload logs here</p> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=86822021-03-17T14:27:50ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul></ul><p>On GNU/Linux I run the following Makefile (with <code>xxxxxxxxxx</code> replaced by my phone number):<br /><pre>
.PHONY: all
all:
test -f /efs/nv_data.bin || mount /dev/disk/by-partlabel/EFS /efs/
make -C libsamsung-ipc install
ipc-modem --debug --call xxxxxxxxxx start
</pre></p> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=86832021-03-17T14:52:52ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul><li><strong>File</strong> <a href="/attachments/1693">ipc-modem-gnulinux.log</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/1693/ipc-modem-gnulinux.log">ipc-modem-gnulinux.log</a> added</li></ul> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=86842021-03-18T14:42:25ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul><li><strong>File</strong> <a href="/attachments/1694">ipc-modem-replicant.log</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/1694/ipc-modem-replicant.log">ipc-modem-replicant.log</a> added</li></ul> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=86852021-03-18T14:43:28ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul></ul><p>On Replicant I did the following:<br /><pre>
modem.sh off # it then rebooted
ipc-modem --debug --call XXXXXXXXXX start
</pre></p>
<p>In both cases I tried to make ipc-modem be the first program that boots the modem after the device boot.</p> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=86862021-03-18T15:04:47ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul></ul><p>In the case of Replicant 6, the modem is booted somehow, then IPC_SMS_DEVICE_READY is received, then it proced to set the modem to normal/full power:<br /><pre>
void modem_response_sms(struct ipc_client *client, struct ipc_message *resp)
{
switch (resp->command) {
case IPC_SMS_DEVICE_READY:
if (state == MODEM_STATE_LPM) {
printf("[4] "
"Modem is ready, requesting normal power mode"
"\n");
modem_exec_power_normal(client);
} else if (state == MODEM_STATE_SIM_OK) {
printf("[5] Modem is fully ready\n");
modem_set_sms_device_ready(client);
}
break;
}
}
</pre></p>
<p>With the Replicant 11 kernel (under GNU/Linux) IPC_SMS_DEVICE_READY is not received.</p> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=86892021-03-19T16:02:42ZVictor Shilin
<ul></ul><p><a class="user active" href="https://redmine.replicant.us/users/27">Denis 'GNUtoo' Carikli</a>, by any chance, did anyone test the modem on the original dev branch of the kernel / libsamsung-ipc by Simon Shields? <br />(<a class="external" href="https://github.com/fourkbomb/linux/commits/modem">https://github.com/fourkbomb/linux/commits/modem</a> and <a class="external" href="https://github.com/fourkbomb/android_external_libsamsung-ipc/commit/7009453083f1b769f6c2a2dc31bc2f9a8a2d3c36">https://github.com/fourkbomb/android_external_libsamsung-ipc/commit/7009453083f1b769f6c2a2dc31bc2f9a8a2d3c36</a>).<br />I don't currently have a Linux distro installed on my devices, just was curious if any of this is worth checking.</p> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=88602021-03-24T18:42:43ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul></ul><blockquote>
<p>Denis 'GNUtoo' Carikli, by any chance, did anyone test the modem on the original dev branch of the kernel / libsamsung-ipc by Simon Shields?<br />(<a class="external" href="https://github.com/fourkbomb/linux/commits/modem">https://github.com/fourkbomb/linux/commits/modem</a> and <a class="external" href="https://github.com/fourkbomb/android_external_libsamsung-ipc/commit/7009453083f1b769f6c2a2dc31bc2f9a8a2d3c36">https://github.com/fourkbomb/android_external_libsamsung-ipc/commit/7009453083f1b769f6c2a2dc31bc2f9a8a2d3c36</a>).<br />I don't currently have a Linux distro installed on my devices, just was curious if any of this is worth checking.</p>
</blockquote>
<p>It's definitely worth checking, I've made so many change since then, including some changes on the GPIOs API.</p>
<p>I also plan to check that. I've already started looking into the differences GPIO wise.</p> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=88652021-03-25T13:16:30ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul></ul><p>I will also look into the state after booting the modem and document it below.</p>
<p>It is also being updated as tests and implementations progress.</p>
<table>
<tr>
<td rowspan="3">Type </td>
<td colspan="6">Kernel </td>
<td rowspan="3">Comments </td>
</tr>
<tr>
<td colspan="3">SMDK 4412 </td>
<td colspan="3">Replicant 11 </td>
</tr>
<tr>
<td> Name </td>
<td> definition </td>
<td> State after modem boot </td>
<td> Name </td>
<td> definition </td>
<td> State after modem boot </td>
</tr>
<tr>
<td> dummy function </td>
<td> Link LDO Enable? </td>
<td colspan="2">TODO: find the real imeplementation </td>
</tr>
<tr>
<td rowspan="14">GPIO </td>
<td> CP_ON </td>
<td> </td>
<td> out low </td>
<td> cp-on </td>
<td> out low </td>
</tr>
<tr>
<td> CP_RST </td>
<td> </td>
<td> out high </td>
<td> cp-reset </td>
<td> out high </td>
</tr>
<tr>
<td> RESET_REQ_N </td>
<td> </td>
<td> out high </td>
<td> reset-req? </td>
<td> out high </td>
</tr>
<tr>
<td> PDA_ACTIVE </td>
<td> </td>
<td> out high </td>
<td> pda-active </td>
<td> out high </td>
</tr>
<tr>
<td> PHONE_ACTIVE </td>
<td> </td>
<td> out high </td>
<td> phone-active </td>
<td> in high IRQ </td>
</tr>
<tr>
<td> LINK_ACTIVE </td>
<td> </td>
<td> out high </td>
<td> link-active </td>
<td> out high </td>
</tr>
<tr>
<td> HOSTWAKE </td>
<td> </td>
<td> out high </td>
<td> link-hostwake </td>
<td> in high IRQ </td>
<td> </td>
<td> implementation WIP, replaced with sleep </td>
</tr>
<tr>
<td> SLAVEWAKE </td>
<td> </td>
<td> out low </td>
<td> link-slavewake </td>
<td> out high </td>
</tr>
<tr>
<td> AP_DUMP_INT </td>
<td> EXYNOS4212_GPJ0(1) </td>
<td> out low </td>
<td> ap-dump </td>
<td> out low </td>
</tr>
<tr>
<td> CP_DUMP_INT </td>
<td> </td>
<td> in low </td>
<td> cp-dump </td>
<td> in low </td>
</tr>
<tr>
<td> SUS_REQ </td>
<td> EXYNOS4212_GPM2(4) </td>
<td> out low </td>
<td> suspend-req </td>
<td> out high </td>
</tr>
<tr>
<td> Reverse Bias clear </td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
<td> Find what it is used for </td>
</tr>
<tr>
<td> Reverse Bias restore </td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
<td> Find what it is used for </td>
</tr>
</table> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=88662021-03-25T13:34:14ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul><li><strong>File</strong> <a href="/attachments/1695">gpio-smdk4412.txt</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/1695/gpio-smdk4412.txt">gpio-smdk4412.txt</a> added</li></ul> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=88672021-03-25T13:52:30ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul><li><strong>File</strong> <i>gpio-replicant-11-kernel.txt</i> added</li></ul> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=88682021-03-25T13:52:57ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul><li><strong>File</strong> deleted (<del><i>gpio-replicant-11-kernel.txt</i></del>)</li></ul> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=88692021-03-25T13:54:12ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul><li><strong>File</strong> <a href="/attachments/1697">gpio-replicant-11-kernel.txt</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/1697/gpio-replicant-11-kernel.txt">gpio-replicant-11-kernel.txt</a> added</li></ul> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=88722021-03-25T16:19:05ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul></ul><p>For some reasons setting suspend-req to low fails, it become high during the modem boot process (like around the last modem power on).</p>
<p>That's even with the gpiohack driver modified to never set it high.</p>
<p>Even forcing it to low from userspace make it stay high at the end.</p>
<p>Even modifying the dts with:<br /><pre>
- PIN_SLP(gpm2-4, INPUT, DOWN)
+ PIN_SLP(gpm2-4, OUTPUT, DOWN)
</pre><br />produces the same result.</p>
<p>Instead on Replicant 6 it indeed stays low during/after the modem boot...</p> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=88732021-03-25T16:22:08ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul></ul><p>For the modem branch of forkbomb, it doesn't build and I got the same error after rebasing it on v4.16.18:<br /><pre>
HOSTCC scripts/selinux/genheaders/genheaders
In file included from scripts/selinux/genheaders/genheaders.c:19:
./security/selinux/include/classmap.h:247:2: error: #error New address family defined, please update secclass_map.
247 | #error New address family defined, please update secclass_map.
| ^~~~~
make[3]: *** [scripts/Makefile.host:90: scripts/selinux/genheaders/genheaders] Error 1
make[3]: Target '__build' not remade because of errors.
make[2]: *** [scripts/Makefile.build:583: scripts/selinux/genheaders] Error 2
HOSTCC scripts/selinux/mdp/mdp
In file included from scripts/selinux/mdp/mdp.c:49:
./security/selinux/include/classmap.h:247:2: error: #error New address family defined, please update secclass_map.
247 | #error New address family defined, please update secclass_map.
| ^~~~~
make[3]: *** [scripts/Makefile.host:90: scripts/selinux/mdp/mdp] Error 1
make[3]: Target '__build' not remade because of errors.
make[2]: *** [scripts/Makefile.build:583: scripts/selinux/mdp] Error 2
make[2]: Target '__build' not remade because of errors.
make[1]: *** [scripts/Makefile.build:583: scripts/selinux] Error 2
HOSTCC scripts/kallsyms
</pre><br />I'll also try to look into it, probably disabling selinux would fix that. Since I've a device with GNU/Linux that should be easy to run.</p> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=88742021-03-25T16:27:41ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul></ul><p>And I've also that error:<br /><pre>
HOSTLD scripts/dtc/dtc
/usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x4): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here
collect2: error: ld returned 1 exit status
</pre></p>
<p>This looks harder to fix. Though builds works with the Replicant kernel, so maybe using the host dtc compiler or updating it in Linux or rebasing would fix it.</p> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=91082021-05-05T14:25:38ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul></ul><p>Ah I didn't notice before but <br /><pre>
- PIN_SLP(gpm2-4, INPUT, DOWN)
+ PIN_SLP(gpm2-4, OUTPUT, DOWN)
</pre><br />didn't compile.</p>
<p>OUTPUT isn't valid, it's rather something like OUT0, OUT1, etc.</p> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=91192021-05-12T22:57:51ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul></ul><p>Changing PIN_SLP doesn't seem to change anything.</p>
<p>Also I've tried to change the state (high->low or low->high) of that GPIO both in userspace and in the kernel in both kernel (smdk and replicant-11) and it didn't change anything in /sys/kernel/debug/gpio.</p>
<p>I've also tried to compile the ubuntu 3.18 kernel from ChronoMonoChrome and so far I identified the commit that broke compilation: <code>e33a814e772c scripts/dtc: Remove redundant YYLOC global declaration</code>, but the issue is that it depends on <code>e039139be8c2 scripts/dtc: generate lexer and parser during build instead of shipping</code> which then depends on other commits. So I've not yet manage to backport that to 3.18.</p>
<p>I'll also try to find the oldest forkbomb kernel / modem branch and backport theses fixes there to try that.</p>
<p>In the meantime I've also started to work on the libsamsung-ipc part to move the GPIOs handling there (at least temporarily) to have a common code between the smdk i9300 driver and the one that works with the replicant 11 kernel, and I've been experimenting a bit with a driver model like the one in Linux while I was at it, in order to have more similar code between the two libsamsung-ipc device drivers.</p>
<p>Also after disabling the aat1290 dts node I've found that the following makes the flash blink once (in Parabola, with the Replicant 11 kernel):<br /><pre>
gpioset gpj1 2=0
gpioset gpj1 1=0
gpioset gpj1 1=1
</pre></p>
<p>So I'll be able to test code to change GPIO status, dump their status (and possibly the pinmux status as well) more easily with that.</p> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=91202021-05-13T16:56:36ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul></ul>With the following commits:
<ul>
<li><code>bae66dc midas: print if it booted the modem succesfuly</code> in my <a href="https://git.replicant.us/contrib/GNUtoo/hardware_replicant_libsamsung-ipc.git" class="external">libsamsung-ipc</a> work repo</li>
<li><code>963989e4aa5f Move Samsung modem driver as builtin</code> in my <a href="https://git.replicant.us/contrib/GNUtoo/kernel_replicant_linux.git" class="external">kernel_replicant_linux</a> work repo</li>
</ul>
<p>We got:<br /><pre>
ipc-modem --debug --call=XXXXXXXXXX start
[I] Debug enabled
[I] Got call number!
[0] Starting modem on FMT client
[D] Starting n7100 modem boot
[D] Opened modem image device
[D] Mapped modem image data to memory
[D] Turned the modem off
0
0
[D] Turned the modem on
[D] Opened modem boot device
[D] Wrote ATAT in ASCII
[D] Read chip id (0x16)
[D] Wrote PSI header
[D] Wrote PSI, CRC is 0xc8
[D] Wrote PSI CRC (0xc8)
[D] Read PSI CRC ACK
[D] Read PSI ACK
[D] Sent XMM626 HSIC PSI
[D] Wrote EBL size
[D] Wrote EBL, CRC is 0xb5
[D] Wrote EBL CRC (0xb5)
[D] Sent XMM626 HSIC EBL
[D] Read port config
[D] Sent XMM626 HSIC port config
[D] Sent XMM626 HSIC SEC start
[D] Sent XMM626 HSIC firmware
[D] Checked nv_data path
[D] Checked nv_data md5 path
[D] Calculated nv_data md5: 50e04bd1ae13445977f3aec356ada08d
[D] Read nv_data md5: 50e04bd1ae13445977f3aec356ada08d
[D] Checked nv_data backup path
[D] Loaded nv_data
[D] Sent XMM626 HSIC nv_data
[D] Sent XMM626 HSIC SEC end
[D] Sent XMM626 HSIC HW reset
[D] Waiting for host wake failed
[D] Waited for host wake
[D] Waited for link connected
[D] (null) completed succesfully
/dev/umts_ipc: -1 2
/dev/umts_ipc: -1 19
/dev/umts_ipc: -1 19
/dev/umts_ipc: -1 19
/dev/umts_ipc: -1 19
/dev/umts_ipc: -1 19
/dev/umts_ipc: -1 19
/dev/umts_ipc: -1 19
[1] Starting modem_read_loop on FMT client
poll returns 1
[D] xmm626_sec_modem_fmt_recv: Received FMT message
[D] xmm626_sec_modem_fmt_recv: Message: aseq=0xff, command=IPC_PWR_PHONE_PWR_UP, type=IPC_TYPE_NOTI, size=0
[2] Phone is powered up (LPM)!
poll returns 1
[D] xmm626_sec_modem_fmt_recv: Received FMT message
[D] xmm626_sec_modem_fmt_recv: Message: aseq=0x00, command=IPC_MISC_ME_IMSI, type=IPC_TYPE_NOTI, size=16
[D] ================================= IPC FMT data =================================
[D] [0000] XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XX XXXXXXXX XXXXXXXX
</pre></p>
<p>So no calls and the device is still in LPM mode...</p>
<p>Since forkbomb's 4.16 doesn't work out of the box we need to investigate more the pads and GPIOs.</p>
<p>I wonder if both code could work in a single kernel somehow.</p>
<p>Maybe it could be possible to backport the 4.16 modem stack to ChronoMonoChrome 3.18 kernel, or maybe I need to instead diff all the GPIO and pad configs at the hardware level.</p> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=91212021-05-15T12:50:11ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul></ul><p>When enabling /dev/(k)mem without any restrictions, with Parabola we can easily see the GPIOs changes:<br /><pre>
# devmem2 0x11400260 w
/dev/mem opened.
Memory mapped at address 0xb6f56000.
Value at address 0x11400260 (0xb6f56260): 0x2000
# gpioset gpj1 1=1
# devmem2 0x11400260 w
/dev/mem opened.
Memory mapped at address 0xb6fea000.
Value at address 0x11400260 (0xb6fea260): 0x2010
</pre></p>
<p>And we can decode the value:<br /><pre>
$ python
Python 3.9.4 (default, Apr 25 2021, 17:06:22)
[GCC 10.2.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> (0x2010 & 0b111111110000) >> 4
1
>>>
</pre></p>
<p>And in the Exynos 4412 manual we have:</p>
<h3>GPJ1CON
<ul>
<li>Base Address: 0x1140_0000</li>
<li>Address = Base Address + 0x0260, Reset Value = 0x0000_0000
<table>
<tr>
<th>Name </th>
<th>Bit </th>
<th>Type </th>
<th>Description </th>
<th>Reset Value </th>
</tr>
<tr>
<td colspan="5">[...] </td>
</tr>
<tr>
<td> GPJ1CON<sup><a href="#fn1">1</a></sup> </td>
<td> [7:4] </td>
<td> RW </td>
<td> 0x0 = Input <br /> 0x1 = Output<br /> [...] </td>
<td> 0x00 </td>
</tr>
</table></li>
</ul></h3>
<p>PS: it was edited short after to fix the table formating</p> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=91482021-06-09T18:00:22ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul></ul><p>I've finally managed to finish the test tool (by repurposing devmem2.c for the memory access).</p>
<p>Here's what I have on Replicant 6 when calling a number that didn't hangup nor pick up yet:<br /><pre>
root@i9300:/ # exynos-gpio-tool modem
dump_modem_gpio_infos: dump_gpio_infos: cp-on
dump_gpio_infos: gpl2[5]: {
GPIO_OUTPUT
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
}
dump_modem_gpio_infos: dump_gpio_infos: cd-reset
dump_gpio_infos: gpx3[2]: {
GPIO_OUTPUT
GPIO_VALUE_HIGH
GPIO_RESISTORS_PULLDOWN_DISABLE
GPIO_DRIVE_1X
}
dump_modem_gpio_infos: dump_gpio_infos: cd-dump
dump_gpio_infos: gpx1[2]: {
GPIO_INPUT
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
}
dump_modem_gpio_infos: dump_gpio_infos: phone-active
dump_gpio_infos: gpx1[6]: {
0xf
GPIO_VALUE_HIGH
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
}
dump_modem_gpio_infos: dump_gpio_infos: reset-req
dump_gpio_infos: gpm3[3]: {
GPIO_OUTPUT
GPIO_VALUE_HIGH
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
}
dump_modem_gpio_infos: dump_gpio_infos: pda-active
dump_gpio_infos: gpf1[6]: {
GPIO_OUTPUT
GPIO_VALUE_HIGH
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
}
dump_modem_gpio_infos: dump_gpio_infos: link-active
dump_gpio_infos: gpf1[1]: {
GPIO_OUTPUT
GPIO_VALUE_HIGH
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
}
dump_modem_gpio_infos: dump_gpio_infos: link-hostwake
dump_gpio_infos: gpx1[1]: {
0xf
GPIO_VALUE_HIGH
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
}
dump_modem_gpio_infos: dump_gpio_infos: link-slavewake
dump_gpio_infos: gpx1[0]: {
GPIO_OUTPUT
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
}
dump_modem_gpio_infos: dump_gpio_infos: suspend-req
dump_gpio_infos: gpm2[4]: {
GPIO_OUTPUT
GPIO_VALUE_LOW
GPIO_RESISTORS_PULLDOWN_DISABLE
GPIO_DRIVE_1X
}
</pre></p> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=91492021-06-10T13:00:26ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul></ul><p>With GNU/Linux and a kernel based on forkbomb's source code we have:<br /><pre>
dump_modem_gpio_infos: dump_gpio_infos: cp-on
dump_gpio_infos: gpl2[5]: {
GPIO_OUTPUT
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
}
dump_modem_gpio_infos: dump_gpio_infos: cd-reset
dump_gpio_infos: gpx3[2]: {
GPIO_OUTPUT
GPIO_VALUE_HIGH
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
}
dump_modem_gpio_infos: dump_gpio_infos: cd-dump
dump_gpio_infos: gpx1[2]: {
GPIO_INPUT
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
}
dump_modem_gpio_infos: dump_gpio_infos: phone-active
dump_gpio_infos: gpx1[6]: {
0xf
GPIO_VALUE_HIGH
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
}
dump_modem_gpio_infos: dump_gpio_infos: reset-req
dump_gpio_infos: gpm3[3]: {
GPIO_OUTPUT
GPIO_VALUE_HIGH
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
}
dump_modem_gpio_infos: dump_gpio_infos: pda-active
dump_gpio_infos: gpf1[6]: {
GPIO_OUTPUT
GPIO_VALUE_HIGH
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
}
dump_modem_gpio_infos: dump_gpio_infos: link-active
dump_gpio_infos: gpf1[1]: {
GPIO_OUTPUT
GPIO_VALUE_HIGH
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
}
dump_modem_gpio_infos: dump_gpio_infos: link-hostwake
dump_gpio_infos: gpx1[1]: {
0xf
GPIO_VALUE_HIGH
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
}
dump_modem_gpio_infos: dump_gpio_infos: link-slavewake
dump_gpio_infos: gpx1[0]: {
GPIO_OUTPUT
GPIO_VALUE_HIGH
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
}
dump_modem_gpio_infos: dump_gpio_infos: suspend-req
dump_gpio_infos: gpm2[4]: {
GPIO_OUTPUT
GPIO_VALUE_HIGH
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
}</pre></p> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=91502021-06-10T13:04:03ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul></ul>I used meld between both captures and we have:
<table>
<tr>
<th> GPIO </th>
<th>Replicant 6 </th>
<th>Parabola </th>
</tr>
<tr>
<td> cd-reset </td>
<td> GPIO_RESISTORS_PULLDOWN_DISABLE </td>
<td> GPIO_RESISTORS_ENABLE_PULL_DOWN </td>
</tr>
<tr>
<td> link-slavewake </td>
<td> GPIO_VALUE_LOW </td>
<td> GPIO_VALUE_HIGH </td>
</tr>
<tr>
<td rowspan="2">suspend-req </td>
<td> GPIO_VALUE_LOW </td>
<td> GPIO_VALUE_HIGH </td>
</tr>
<tr>
<td> GPIO_RESISTORS_PULLDOWN_DISABLE </td>
<td> GPIO_RESISTORS_ENABLE_PULL_DOWN </td>
</tr>
</table>
<p>Note that I didn't implement yet dumping the sleep states of the pins.</p> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=91542021-06-17T15:46:30ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul></ul><p>With the modem disabled on Replicant 6.0 0004 rc5, adding a SIM and a battery and booting we have that:<br /><pre>
dump_modem_gpio_infos: dump_gpio_infos: cp-on
dump_gpio_infos: gpl2[5]: {
GPIO_OUTPUT
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
GPIO_POWER_DOWN_OUTPUT_LOW
GPIO_RESISTORS_PULLUP_PULLDOWN_DISABLE
}
dump_modem_gpio_infos: dump_gpio_infos: cp-reset
dump_gpio_infos: gpx3[2]: {
GPIO_OUTPUT
GPIO_VALUE_LOW
GPIO_RESISTORS_PULLUP_PULLDOWN_DISABLE
GPIO_DRIVE_1X
GPIO_POWER_DOWN_OUTPUT_LOW
GPIO_RESISTORS_PULLUP_PULLDOWN_DISABLE
}
dump_modem_gpio_infos: dump_gpio_infos: ap-dump
dump_gpio_infos: gpj0[1]: {
GPIO_OUTPUT
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
GPIO_POWER_DOWN_OUTPUT_LOW
GPIO_RESISTORS_PULLUP_PULLDOWN_DISABLE
}
dump_modem_gpio_infos: dump_gpio_infos: cp-dump
dump_gpio_infos: gpx1[2]: {
GPIO_INPUT
GPIO_VALUE_HIGH
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
GPIO_POWER_DOWN_OUTPUT_LOW
GPIO_RESISTORS_PULLUP_PULLDOWN_DISABLE
}
dump_modem_gpio_infos: dump_gpio_infos: phone-active
dump_gpio_infos: gpx1[6]: {
0xf
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
GPIO_POWER_DOWN_OUTPUT_LOW
GPIO_RESISTORS_PULLUP_PULLDOWN_DISABLE
}
dump_modem_gpio_infos: dump_gpio_infos: reset-req
dump_gpio_infos: gpm3[3]: {
GPIO_OUTPUT
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
GPIO_POWER_DOWN_OUTPUT_HIGH
GPIO_RESISTORS_PULLUP_PULLDOWN_DISABLE
}
dump_modem_gpio_infos: dump_gpio_infos: pda-active
dump_gpio_infos: gpf1[6]: {
GPIO_OUTPUT
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
GPIO_POWER_DOWN_OUTPUT_LOW
GPIO_RESISTORS_PULLUP_PULLDOWN_DISABLE
}
dump_modem_gpio_infos: dump_gpio_infos: link-active
dump_gpio_infos: gpf1[1]: {
GPIO_OUTPUT
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
GPIO_POWER_DOWN_OUTPUT_LOW
GPIO_RESISTORS_PULLUP_PULLDOWN_DISABLE
}
dump_modem_gpio_infos: dump_gpio_infos: link-hostwake
dump_gpio_infos: gpx1[1]: {
0xf
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
GPIO_POWER_DOWN_OUTPUT_LOW
GPIO_RESISTORS_PULLUP_PULLDOWN_DISABLE
}
dump_modem_gpio_infos: dump_gpio_infos: link-slavewake
dump_gpio_infos: gpx1[0]: {
GPIO_OUTPUT
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
GPIO_POWER_DOWN_OUTPUT_LOW
GPIO_RESISTORS_PULLUP_PULLDOWN_DISABLE
}
dump_modem_gpio_infos: dump_gpio_infos: suspend-req
dump_gpio_infos: gpm2[4]: {
GPIO_OUTPUT
GPIO_VALUE_HIGH
GPIO_RESISTORS_PULLUP_PULLDOWN_DISABLE
GPIO_DRIVE_1X
GPIO_POWER_DOWN_OUTPUT_LOW
GPIO_RESISTORS_PULLUP_PULLDOWN_DISABLE
}
</pre></p>
<p>Whereas on Parabola we have that:<br /><pre>
dump_modem_gpio_infos: dump_gpio_infos: cp-on
dump_gpio_infos: gpl2[5]: {
GPIO_OUTPUT
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
GPIO_POWER_DOWN_INPUT
GPIO_RESISTORS_ENABLE_PULL_DOWN
}
dump_modem_gpio_infos: dump_gpio_infos: cp-reset
dump_gpio_infos: gpx3[2]: {
GPIO_OUTPUT
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
GPIO_POWER_DOWN_OUTPUT_LOW
GPIO_RESISTORS_PULLUP_PULLDOWN_DISABLE
}
dump_modem_gpio_infos: dump_gpio_infos: ap-dump
dump_gpio_infos: gpj0[1]: {
GPIO_OUTPUT
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
GPIO_POWER_DOWN_PREVIOUS_STATE
GPIO_RESISTORS_PULLUP_PULLDOWN_DISABLE
}
dump_modem_gpio_infos: dump_gpio_infos: cp-dump
dump_gpio_infos: gpx1[2]: {
GPIO_INPUT
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
GPIO_POWER_DOWN_OUTPUT_LOW
GPIO_RESISTORS_PULLUP_PULLDOWN_DISABLE
}
dump_modem_gpio_infos: dump_gpio_infos: phone-active
dump_gpio_infos: gpx1[6]: {
0xf
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
GPIO_POWER_DOWN_OUTPUT_LOW
GPIO_RESISTORS_PULLUP_PULLDOWN_DISABLE
}
dump_modem_gpio_infos: dump_gpio_infos: reset-req
dump_gpio_infos: gpm3[3]: {
GPIO_OUTPUT
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
GPIO_POWER_DOWN_OUTPUT_HIGH
GPIO_RESISTORS_PULLUP_PULLDOWN_DISABLE
}
dump_modem_gpio_infos: dump_gpio_infos: pda-active
dump_gpio_infos: gpf1[6]: {
GPIO_OUTPUT
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
GPIO_POWER_DOWN_INPUT
GPIO_RESISTORS_ENABLE_PULL_DOWN
}
dump_modem_gpio_infos: dump_gpio_infos: link-active
dump_gpio_infos: gpf1[1]: {
GPIO_OUTPUT
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
GPIO_POWER_DOWN_INPUT
GPIO_RESISTORS_ENABLE_PULL_DOWN
}
dump_modem_gpio_infos: dump_gpio_infos: link-hostwake
dump_gpio_infos: gpx1[1]: {
0xf
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
GPIO_POWER_DOWN_OUTPUT_LOW
GPIO_RESISTORS_PULLUP_PULLDOWN_DISABLE
}
dump_modem_gpio_infos: dump_gpio_infos: link-slavewake
dump_gpio_infos: gpx1[0]: {
GPIO_OUTPUT
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
GPIO_POWER_DOWN_OUTPUT_LOW
GPIO_RESISTORS_PULLUP_PULLDOWN_DISABLE
}
dump_modem_gpio_infos: dump_gpio_infos: suspend-req
dump_gpio_infos: gpm2[4]: {
GPIO_OUTPUT
GPIO_VALUE_LOW
GPIO_RESISTORS_ENABLE_PULL_DOWN
GPIO_DRIVE_1X
GPIO_POWER_DOWN_OUTPUT_LOW
GPIO_RESISTORS_PULLUP_PULLDOWN_DISABLE
}
</pre></p>
<p>In the case of Replicant 6, the modem is then able to call, and in Parabola to boot and retrieve the imei.</p> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=91552021-06-17T15:48:45ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul></ul><p>The issue is that for some reason we can't change the gmp2-4:<br /><pre>
[root@u-boot-i9300 ~]# devmem2 0x110002a4 w
/dev/mem opened.
Memory mapped at address 0xb6f8f000.
Value at address 0x110002A4 (0xb6f8f2a4): 0x3
[root@u-boot-i9300 ~]# devmem2 0x110002a4 w
/dev/mem opened.
Memory mapped at address 0xb6fd1000.
Value at address 0x110002A4 (0xb6fd12a4): 0x3
[root@u-boot-i9300 ~]# devmem2 0x110002a4 w 0x11
/dev/mem opened.
Memory mapped at address 0xb6fb2000.
Value at address 0x110002A4 (0xb6fb22a4): 0x3
Written 0x11; readback 0x3
</pre></p>
<p>0x11 is 0b10001, so it's the bit <a class="issue tracker-3 status-27 priority-39 priority-highest closed" title="Issue: unknown: make US/ADP phones work with the ril (Closed)" href="https://redmine.replicant.us/issues/4">#4</a>. and 0x110002a4 is GPM2DAT</p> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=91562021-06-17T15:52:49ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul></ul><p>I've the same issue with u-boot:<br /><pre>
=> mw
mw - memory write (fill)
Usage:
mw [.b, .w, .l] address value [count]
=> md
md - memory display
Usage:
md [.b, .w, .l] address [# of objects]
=> md.w 0x110002a4
110002a4: 0003 0000 0155 0000 0000 0000 0000 0000 ....U...........
110002b4: 0000 0000 0155 0000 0000 0000 0000 0000 ....U...........
110002c4: 0000 0000 5555 0000 0000 0000 0000 0000 ....UU..........
110002d4: 0000 0000 5555 0000 0000 0000 0000 0000 ....UU..........
110002e4: 0000 0000 5555 0000 0000 0000 0000 0000 ....UU..........
110002f4: 0000 0000 5555 0000 0000 0000 0000 0000 ....UU..........
11000304: 0030 0000 0000 0000 0000 0000 0000 0000 0...............
11000314: 0000 0000 0000 0000 0000 0000 0000 0000 ................
=> md.w 0x110002a4 1
110002a4: 0003 ..
=> mw.w 0x110002a4 0x11 1
=> md.w 0x110002a4 1
110002a4: 0001 ..
=>
</pre></p> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=91572021-06-17T16:01:17ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul></ul><p>I can change the pull-up configuration in u-boot to match the Replicant 6 one (pullup / pulldown disabled) though:<br /><pre>
=> md.w 0x110002a8 1
110002a8: 0155 U.
=> mw.w 0x110002a8 0x55 1
=> md.w 0x110002a8 1
110002a8: 0055 U.
</pre><br />But then it still doesn't let me change that GPIO to HIGH:<br /><pre>
=> md.w 0x110002a4 1
110002a4: 0001 ..
=> mw.w 0x110002a4 0x11 1
=> md.w 0x110002a4 1
110002a4: 0001 ..
=>
</pre></p>
I should probably do tests with the nonfree bootloader as well:
<ul>
<li>I can boot Parabola in this configuration too</li>
<li>I can even execute code inside the nonfree bootloader through an exploit but the size of the code is quite limited</li>
</ul> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=91622021-07-02T16:05:39ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul></ul><p>I've also dumped that GPIO in the stock bootloader in download mode.</p>
<p>To do that I've written <a href="https://git.replicant.us/contrib/GNUtoo/s-boot_usb_exploit/commit/?h=dump-exynos4412-modem-gpios&id=92d0505c88b56a13a1f98bb931c7cb0f9d0b3966" class="external">a program that runs inside sboot when in download mode</a></p>
<pre>
$ make -C exploit
$ exploit/sboot_exploit.py \
--shellcode shellcode/dump-exynos4412-modem-gpios.bin
[+] Shellcode started
[*] gpm2-4 INPUT
[*] gpm2-4 LOW
[+] Shellcode is done! Rebooting...
INFO:root:Shellcode is done. Device should be restarting soon
</pre>
<p>In that mode we can see that the suspend-req GPIO is low and configured as input.</p> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=91632021-07-02T16:12:57ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul></ul><p>To summarize the suspend-req state, we have:</p>
<table>
<tr>
<th>Device state </th>
<th>Modem state </th>
<th>Direction </th>
<td> Value </td>
</tr>
<tr>
<td> s-boot download mode </td>
<td> Off, not booted </td>
<td> INPUT </td>
<td> LOW </td>
</tr>
<tr>
<td> u-boot </td>
<td> Off, not booted </td>
<td> </td>
<td> LOW </td>
</tr>
<tr>
<td> Replicant 6 </td>
<td> Off, not booted </td>
<td> OUTPUT </td>
<td> HIGH </td>
</tr>
<tr>
<td> Parabola with u-boot </td>
<td> Off, not booted </td>
<td> OUTPUT </td>
<td> LOW </td>
</tr>
<tr>
<td> Parabola with s-boot </td>
<td> Off, not booted </td>
<td> OUTPUT </td>
<td> LOW </td>
</tr>
</table> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=93092022-02-03T13:12:54ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul></ul><p>I finally got it working (though it's not reliable at 100%, sometimes I've to try more than once).</p>
<table>
<tr>
<td> Component </td>
<td> commit </td>
<td> Compilation options </td>
</tr>
<tr>
<td> libsamsung-ipc </td>
<td> 5b5d6a2941de8c37fdc46b786fc9c61703ea0013 [1] </td>
<td> ./configure --enable-debug </td>
</tr>
<tr>
<td> kernel_replicant_linux </td>
<td> 2f5a453af3fc4ac189caa6bac7c7a0a3bb23b9b2 [2] </td>
<td> ./build.sh i9300 s-boot GNU/Linux ../external_wirelessr-regdb </td>
</tr>
</table>
<p><strong>Command to test</strong>: ipc-modem start --pin=1234 --debug --call=06xxxxxxxx</p>
State of the phone:
<ul>
<li>Stock nonfree s-boot 4.0 bootloader</li>
<li>PIN on the SIM card</li>
<li>It boots on Parabola (I installed on /dev/mmcblk2p13 as microSD are caped around 25MiB/s and the internal eMMC is much faster)</li>
<li>The kernel in on the BOOT partition</li>
</ul>
<p>It probably also has race conditions that need to be investigated.</p>
<p id="fn1" class="footnote"><sup>1</sup> <a class="external" href="https://git.replicant.us/replicant-next/hardware_replicant_libsamsung-ipc/commit/?h=GNUtoo/history/02-02-2022-working&id=5b5d6a2941de8c37fdc46b786fc9c61703ea0013">https://git.replicant.us/replicant-next/hardware_replicant_libsamsung-ipc/commit/?h=GNUtoo/history/02-02-2022-working&id=5b5d6a2941de8c37fdc46b786fc9c61703ea0013</a></p>
<p id="fn2" class="footnote"><sup>2</sup> <a class="external" href="https://git.replicant.us/replicant-next/kernel_replicant_linux/commit/?h=replicant-11&id=2f5a453af3fc4ac189caa6bac7c7a0a3bb23b9b2">https://git.replicant.us/replicant-next/kernel_replicant_linux/commit/?h=replicant-11&id=2f5a453af3fc4ac189caa6bac7c7a0a3bb23b9b2</a></p> Replicant - Issue #2234: ipc-modem doesn't call with the replicant 11 kernelhttps://redmine.replicant.us/issues/2234?journal_id=93102022-02-03T13:13:33ZDenis 'GNUtoo' CarikliGNUtoo@cyberdimension.org
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Closed</i></li><li><strong>% Done</strong> changed from <i>0</i> to <i>100</i></li><li><strong>Resolution</strong> set to <i>fixed</i></li></ul>