BCM4751 » History » Revision 7
Revision 6 (Paul Kocialkowski, 02/18/2012 12:50 AM) → Revision 7/33 (Denis 'GNUtoo' Carikli, 08/13/2012 01:28 AM)
h1. Broadcom4751GPS
h2. Files
The non-free files holding the GPS infos/code are the following:
<pre>
/system/vendor/bin/gpsd
/system/vendor/lib/hw/gps.s5pc110.so
/system/vendor/etc/gps.xml
/system/etc/gps.conf
</pre>
h2. Protocol
Apparently, the protocol that is used by the chip to provide the GPS infos is MEIF. The GPSD component is in charge of translating that to standard NMEA that is sent to the gps.s5pc110.so lib via the /dev/socket/gps Unix socket, created by GPSD.
h2. Attempts
We have written code to read data from the correct serial interface: https://gitorious.org/replicant/crespo-gps-utils
It currently doesn't work: it fails to somehow boot the chip. Though, it works after starting gpsd once and stopping it. It must be doing some kind of magic code to start the chip.
h3. Related gps.xml parameters
We have tried to change some parameters in gps.xml to see how it behaves:
|_. Parameter |_. Original |_. Changed to |_. Result |
| acPortName | /dev/s3c2410_serial1 | /dev/s3c2410_serial42 | The chip wasn't "booted" |
| gpioNStdbyPath | /sys/class/sec/gps/GPS_PWR_EN/value | /sys/class/sec/gps/GPS_PWR_EN/value2 | The chip was booted |
| gpioNResetPath | /sys/class/sec/gps/GPS_nRST/value | /sys/class/sec/gps/GPS_nRST/value2 | The chip was booted |
After all, it seems that when the gpsd binary is running without the gps.s5pc110.so library, the chip isn't started (our test utility doesn't work) whereas when the library is running and connects to the socket when it is created by starting gpsd, the chip is booted. The init code is probably in gps.s5pc110.so then.
Things to try:
* intercept what is going on through the /dev/socket/gps socket
* emulate gpsd to the lib
h3. Tracing the HAL that will run the library
Piece of the trace that actually makes the gps chip available:
<pre>
536 syscall_983045(0x100fff00, 0xa798, 0, 0x40, 0x100fff00, 0x80003b51, 0x800082e0, 0xf0005, 0x10000000, 0x80003b51, 0x100000, 0x1, 0, 0x100ffee8, 0xafd11e24, 0xafd0c81c, 0x60000010, 0x100fff00, 0x2f028, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0) = 0
536 ipc_subcall(0x2, 0xa798, 0, 0x40) = 12
536 fcntl64(5, F_GETFL) = 0x2 (flags O_RDWR)
536 fcntl64(5, F_SETFL, O_RDWR|O_NONBLOCK) = 0
536 semop(0xc, 0x1, 0x5, 0x100ffe70) = 0
536 fcntl64(3, F_GETFL) = 0x2 (flags O_RDWR)
536 fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
536 semop(0xc, 0x1, 0x3, 0x100ffe70) = 0
536 semget(0xc, 0x100ffea0, 0x2, 0xffffffff <unfinished ...>
</pre>
syscall_983045 = __NR_ARM_set_tls
the function to use is: __set_tls
h3. Random notes with the new utility program
<pre>
echo -n "ab" > /dev/s3c2410_serial1
</pre>
produces:
<pre>
Read 14 bytes:
[0000] 49 27 01 00 10 00 40 00 07 00 58 00 49 D0 I....... ..X.I.
Read 14 bytes:
[0000] 49 27 01 00 10 00 41 00 07 00 59 00 49 D0 I.....A. ..Y.I.
</pre>
* The only thing that changes seem to be the 40->41 and the 58->59, so theses seem to be something like a sequence number....