BCM4751 » History » Revision 8
« Previous |
Revision 8/33
(diff)
| Next »
Denis 'GNUtoo' Carikli, 08/13/2012 01:28 AM
Broadcom4751GPS¶
Files¶
The non-free files holding the GPS infos/code are the following:
/system/vendor/bin/gpsd /system/vendor/lib/hw/gps.s5pc110.so /system/vendor/etc/gps.xml /system/etc/gps.conf
Protocol¶
Apparently, the protocol that is used by the chip to provide the GPS infos is MEIF. The GPSD component is in charge of translating that to standard NMEA that is sent to the gps.s5pc110.so lib via the /dev/socket/gps Unix socket, created by GPSD.
Attempts¶
We have written code to read data from the correct serial interface: https://gitorious.org/replicant/crespo-gps-utils
It currently doesn't work: it fails to somehow boot the chip. Though, it works after starting gpsd once and stopping it. It must be doing some kind of magic code to start the chip.
Related gps.xml parameters¶
We have tried to change some parameters in gps.xml to see how it behaves:
Parameter | Original | Changed to | Result |
---|---|---|---|
acPortName | /dev/s3c2410_serial1 | /dev/s3c2410_serial42 | The chip wasn't "booted" |
gpioNStdbyPath | /sys/class/sec/gps/GPS_PWR_EN/value | /sys/class/sec/gps/GPS_PWR_EN/value2 | The chip was booted |
gpioNResetPath | /sys/class/sec/gps/GPS_nRST/value | /sys/class/sec/gps/GPS_nRST/value2 | The chip was booted |
After all, it seems that when the gpsd binary is running without the gps.s5pc110.so library, the chip isn't started (our test utility doesn't work) whereas when the library is running and connects to the socket when it is created by starting gpsd, the chip is booted. The init code is probably in gps.s5pc110.so then.
Things to try:- intercept what is going on through the /dev/socket/gps socket
- emulate gpsd to the lib
Tracing the HAL that will run the library¶
Piece of the trace that actually makes the gps chip available:
536 syscall_983045(0x100fff00, 0xa798, 0, 0x40, 0x100fff00, 0x80003b51, 0x800082e0, 0xf0005, 0x10000000, 0x80003b51, 0x100000, 0x1, 0, 0x100ffee8, 0xafd11e24, 0xafd0c81c, 0x60000010, 0x100fff00, 0x2f028, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0) = 0 536 ipc_subcall(0x2, 0xa798, 0, 0x40) = 12 536 fcntl64(5, F_GETFL) = 0x2 (flags O_RDWR) 536 fcntl64(5, F_SETFL, O_RDWR|O_NONBLOCK) = 0 536 semop(0xc, 0x1, 0x5, 0x100ffe70) = 0 536 fcntl64(3, F_GETFL) = 0x2 (flags O_RDWR) 536 fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0 536 semop(0xc, 0x1, 0x3, 0x100ffe70) = 0 536 semget(0xc, 0x100ffea0, 0x2, 0xffffffff <unfinished ...>
syscall_983045 = __NR_ARM_set_tls
the function to use is: __set_tls
Random notes with the new utility program¶
echo -n "ab" > /dev/s3c2410_serial1
produces:
Read 14 bytes: [0000] 49 27 01 00 10 00 40 00 07 00 58 00 49 D0 I....... ..X.I. Read 14 bytes: [0000] 49 27 01 00 10 00 41 00 07 00 59 00 49 D0 I.....A. ..Y.I.* The only thing that changes seem to be the 40->41 and the 58->59, so theses seem to be something like a sequence number....
Updated by Denis 'GNUtoo' Carikli about 12 years ago · 8 revisions