annotate README @ 40:58d50d1f238d

band-aid fix in ETM for the crash on boot (race condition)
author Mychaela Falconia <falcon@ivan.Harhan.ORG>
date Thu, 05 Nov 2015 01:31:02 +0000
parents 132b3e230631
children 52325cb524a8
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
29
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
1 This semi-source tree contains a hacked version of TI's TCS211 firmware that
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
2 has been made to run on the Motorola C139. The UI part of TI's reference fw
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
3 has not been ported over yet, hence the version presented here currently builds
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
4 and works only in the modem-like ACI configuration, i.e., control via AT
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
5 commands only.
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
6
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
7 TI's original fw was/is designed to make use of two UARTs, one for the classic
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
8 AT command interface and the other for their RVTMUX debug/calibration/etc
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
9 interface. Unfortunately though, our present target hw has only one UART
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
10 practically accessible (Calypso's MODEM UART brought out on the headset jack),
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
11 thus the classic AT command interface had to be sacrificed. Instead the AT
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
12 command interface (which is currently the only way to control the GSM
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
13 functionality in the absence of a UI ported to the present target) needs to be
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
14 accessed through the RVTMUX binary packet interface using FreeCalypso host
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
15 tools rvinterf and fc-shell.
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
16
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
17 The present fw has been built from a semi-src (half source, half binary objects)
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
18 TI firmware release which was made for some manufacturer that made GSM/GPRS
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
19 modems, rather than voice handsets, hence the present configuration is
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
20 unfortunately highly suboptimal for our use case. The entire mass of code
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
21 supporting CSD, fax and GPRS data services is included and cannot be removed
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
22 because that part of the fw is in binary blobs, but all this code is pure dead
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
23 weight in the present configuration: the phone UI layer (when we get around to
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
24 porting it) won't make any use of data functionality (nowhere near enough
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
25 resources on this hw to implement a WAP browser or MMS), and because we had to
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
26 give up the standard AT command channel, the option of having the phone dual-
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
27 function as a laptop-tethered modem is not available either.
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
28
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
29 Building the present firmware from semi-source requires using a Wine environment
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
30 to run TI's proprietary compiler toolchain and other build tools which exist
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
31 only as M$ Windows binaries. The necessary environment can be downloaded here:
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
32
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
33 ftp://ftp.freecalypso.org/pub/GSM/TI_src/wine/
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
34
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
35 You will also need the mokosrec2bin utility, which is needed for one of the
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
36 finishing steps in generating an image that can be usefully flashed into a C139:
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
37
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
38 ftp://ftp.freecalypso.org/pub/GSM/GTA02/gsm-fw/mokosrec2bin.c
12
da79bf85bd73 README added
Space Falcon <falcon@ivan.Harhan.ORG>
parents:
diff changeset
39
29
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
40 Once you have the necessary build tools installed, you should be able to
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
41 compile the present fw by running first winebuild.sh, then copyout.sh in the
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
42 g23m subdirectory. Then you can flash this firmware you just built into an
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
43 actual C139 phone with FreeCalypso host tool fc-loadtool. Flash sector 0 (the
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
44 brickable boot sector) needs to contain our patched bootloader version
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
45 compal-flash-boot-for-fc.bin (this brickable sector only needs to be rewritten
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
46 once when first installing some FreeCalypso fw on the phone; no need to touch
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
47 this dangerous sector on subsequent updates from one FC fw version to another),
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
48 and the main fw image needs to be flashed starting at 0x10000. The image to
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
49 flash is aci-build.progbin - it has TI's bootloader code stripped off, as we
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
50 are using compal-flash-boot-for-fc instead.
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
51
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
52 The phones in question have a data structure in flash at 0x3FC000 (in an 8 KiB
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
53 short sector) that must contain factory programming, including each phone's
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
54 unique IMEI and RF calibration values. However, we don't understand how to
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
55 grok this data structure. Therefore, our firmware features the following
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
56 points of inconvenience:
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
57
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
58 * You have to set your own IMEI. It's entirely up to you whether you set the
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
59 same IMEI as the phone had originally or a different one, but our fw has no
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
60 way of reading the original from Mot/Compal's factory flash programming.
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
61 You probably won't be able to connect to a live commercial GSM network until
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
62 you set some IMEISV which the network will accept as valid.
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
63
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
64 * Because Mot/Compal stored their RF calibration values in some format
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
65 (different from TI's) which we can't grok, a phone running our aftermarket fw
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
66 will run UNCALIBRATED. It may have difficulty connecting to networks if it
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
67 can't acquire the frequency burst lacking VCXO calibration, and the Tx power
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
68 levels are almost certainly wrong (out of spec) - BEWARE!
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
69
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
70 * Our fw does not even know whether your C139 is the 900+1800 MHz version or
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
71 850+1900 MHz. You will need to set the correct rfcap configuration at the
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
72 same time when you set your IMEISV.
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
73
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
74 Flashing and usage instructions
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
75 ===============================
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
76
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
77 If you are not scared off by all of the above and you still wish to try this
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
78 experimental fw on your C139, you can install it as follows:
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
79
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
80 1. Connect to the phone with fc-loadtool, preceded by tfc139 if necessary -
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
81 see loadtools documentation.
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
82
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
83 2. If the C139 in question does not already have some other FreeCalypso fw
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
84 version in its flash, replace the bootloader:
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
85
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
86 loadtool> flash erase-program-boot compal-flash-boot-for-fc.bin
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
87
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
88 3. Flash the main fw image:
12
da79bf85bd73 README added
Space Falcon <falcon@ivan.Harhan.ORG>
parents:
diff changeset
89
29
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
90 loadtool> flash erase 10000 220000
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
91 loadtool> flash program-bin 10000 aci-build.progbin
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
92
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
93 (If your serial cable setup supports the special GSM high baud rates,
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
94 you can speed the process up by issuing a baud 406250 or baud 812500
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
95 command first.)
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
96
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
97 4. Erase the sectors where our firmware's non-volatile flash file system
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
98 (aftermarket FFS configuration) will reside:
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
99
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
100 loadtool> flash erase 3C0000 30000
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
101
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
102 5. Cleanly end your fc-loadtool session, which will power the phone off:
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
103
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
104 loadtool> exit
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
105
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
106 Now your phone has FreeCalypso firmware in its flash, but it no longer works
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
107 as a "normal" phone. Gotchas to be aware of:
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
108
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
109 * Mot/Compal's original firmwares (like all other production phone fws)
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
110 implement on a guard on the power-on button: you have to hold it down for a
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
111 little while to confirm that you really mean to power the phone on; a
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
112 momentary press of the power-on button is interpreted as spurious by standard
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
113 fws, and they power the phone back off. However, the present hack-fw has no
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
114 such guard, hence even a momentary press of the power-on button will launch
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
115 the firmware into full boot.
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
116
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
117 * Because our present fw has no UI, the LCD will remain dark and the buttons
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
118 won't do anything. A momentary press of the power button will turn the phone
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
119 on, but you won't know that it's on - it will just silently and invisibly eat
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
120 the battery. Furthermore, the only way to power it off (aside from yanking
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
121 the battery) is to connect a serial cable and send a poweroff command via
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
122 fc-shell - there is no way to command a power-off from the keypad. (Pressing
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
123 and holding the power button produces some kind of hang or crash - to be
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
124 investigated - instead of a proper power-off.)
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
125
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
126 * The present fw includes TI's LCC (low-cost charger) code that came with
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
127 TCS211, but it is not clear whether or not this code drives the charging
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
128 circuitry correctly for Mot/Compal's hardware. Therefore, plan on having
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
129 the phone with FC firmware draining batteries only, and have another phone
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
130 running official fw (or a standalone charger) to charge them back up.
12
da79bf85bd73 README added
Space Falcon <falcon@ivan.Harhan.ORG>
parents:
diff changeset
131
29
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
132 What all of these gotchas practically mean is that the phone with FC fw in it
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
133 should not have a battery inserted on a regular basis; instead you should use
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
134 it as follows:
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
135
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
136 1. Begin each FC hacking session by inserting the SIM you wish to use, then
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
137 inserting the battery - but don't touch the power button yet.
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
138
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
139 2. Connect the serial cable and run rvinterf on your host.
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
140
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
141 3. Press the power button, and see the firmware boot output in the rvinterf
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
142 window.
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
143
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
144 4. Run fc-shell, fc-fsio, fc-tmsh etc as desired during your hacking session.
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
145
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
146 5. End the session by yanking the battery, killing rvinterf and stowing away
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
147 your serial cable.
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
148
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
149 First session
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
150 =============
13
3e89489a43b3 using patched version of frame_na7_db_ir.lib:
Space Falcon <falcon@ivan.Harhan.ORG>
parents: 12
diff changeset
151
29
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
152 Remember the notes above regarding this fw not being able to read the factory
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
153 IMEI record? That's right, you'll need to set your own IMEISV. Furthermore,
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
154 because we are using our own "aftermarket" FFS configuration for non-volatile
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
155 data storage (you erased the flash sectors to be used for this FFS when you
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
156 flashed the fw with fc-loadtool, or at least you should have), this FFS needs
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
157 to be initialized before the fw can function correctly.
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
158
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
159 Initialize your FFS as follows:
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
160
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
161 1. Connect the serial cable, run rvinterf and boot the fw as above.
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
162
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
163 2. Before you try issuing any AT commands via fc-shell, run fc-fsio first.
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
164
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
165 3. Initialize the FFS via fc-fsio as follows:
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
166
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
167 fsio> format /
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
168 fsio> mk-std-dirs
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
169 fsio> set-imeisv fc XXXXXXXX-YYYYYY-ZZ (punctuation optional, place anywhere)
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
170 fsio> set-rfcap dual-eu (if you have 900+1800 MHz hardware)
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
171 or
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
172 fsio> set-rfcap dual-us (if you have 850+1900 MHz hardware)
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
173
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
174 After the above steps, you can exit fc-fsio (or leave it running), run fc-shell
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
175 and exercise the GSM MS via AT commands - try connecting to a network! With my
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
176 US band C139 (former Tracfone, now a Crackfone) on Operator 310260's network,
132b3e230631 README written for tcs211-c139
Mychaela Falconia <falcon@ivan.Harhan.ORG>
parents: 13
diff changeset
177 both voice calls and SMS work like a charm. YMMV.