OsmocomBB Firmware » History » Version 2
nion, 02/19/2016 10:48 PM
1 | 1 | ||
---|---|---|---|
2 | [[PageOutline]] |
||
3 | |||
4 | 2 | nion | = Background = |
5 | The OsmocomBB source code comes with several applications for various purposes. |
||
6 | Those applications can be devided into two separate classes, applications: |
||
7 | * running on the baseband chip of the phone |
||
8 | * running on a PC, communicating with the baseband firmware over serial |
||
9 | 1 | ||
10 | 2 | nion | Applications running on the PC can further be partitioned into: |
11 | * Firmware management software (loading, flashing, ...) |
||
12 | * GSM Layer 3 applications |
||
13 | 1 | ||
14 | 2 | nion | The following will provide you a rough overview of the most commonly used software pieces. |
15 | 1 | ||
16 | |||
17 | |||
18 | 2 | nion | = Baseband firmware = |
19 | |||
20 | Binary location: src/target/firmware/board/*/*.bin |
||
21 | Source locations: src/target/firmware/, particularly apps and layer1 |
||
22 | |||
23 | 1 | == layer1 == |
|
24 | |||
25 | A simple GSM layer 1 proxy, communicating over the [wiki:L1A_L23_Interface]. |
||
26 | |||
27 | This allows you to run a full-blown GSM implementation on your host machine, communicating through the phones radio interface. |
||
28 | |||
29 | == l1test == |
||
30 | |||
31 | Layer 1 development application. |
||
32 | |||
33 | This application does what layer1 does, but automatically tunes to the strongest ARFCN it can find. |
||
34 | |||
35 | It can be used for stand-alone-testing of the phones radio. |
||
36 | |||
37 | == loader == |
||
38 | |||
39 | Our [wiki:Bootloader], available in various build configurations. |
||
40 | |||
41 | == compal_dsp_dump == |
||
42 | |||
43 | Application for dumping the contents of the DSP in the Calypso chip. |
||
44 | |||
45 | == compal_dumper == |
||
46 | |||
47 | The old compal device dumper. Use [wiki:Bootloader] instead once it is available. |
||
48 | |||
49 | == hello_world == |
||
50 | |||
51 | The initial obligatory "Hello, world!" application. |
||
52 | |||
53 | Currently, this does more than say hello. Intended as a template for new applications. |
||
54 | 2 | nion | |
55 | == rssi == |
||
56 | |||
57 | The [blog:rssi-firmware] can be used to monitor the received signal indication (RSSI) of ARFCNs or the entire spectrum. |
||
58 | |||
59 | |||
60 | |||
61 | = Firmware management software = |
||
62 | Location (source and binary): src/host/osmocon |
||
63 | |||
64 | == osmocon == |
||
65 | [wiki:osmocon] is a console tool for interfacing our baseband firmware on the phone with applications on the host PC. |
||
66 | It is responsible for downloading a baseband firmware or bootloader into the phone and relay communication between Layer 3 applications and baseband firmwares over serial. |
||
67 | |||
68 | == osmoload == |
||
69 | [wiki:osmoload] is used to write, dump and examine flash memory of supported phones |
||
70 | You will need this program for example if you intent [wiki:flashing] an application to the phone (the software is usually loaded into RAM). |
||
71 | |||
72 | |||
73 | |||
74 | = GSM Layer 3 applications = |
||
75 | Location (source and binary): src/host/layer23/* |
||
76 | |||
77 | Layer 3 applications implement various functionality based on GSM Layer 3. |
||
78 | |||
79 | == mobile == |
||
80 | [wiki:mobile] is the most sophisticated OsmocomBB application so far. |
||
81 | It implements most of the behavior of a regular GSM telephone, but is extended in many ways with features interesting to researchers. |
||
82 | |||
83 | == cell_log == |
||
84 | The cell_log application scans through valid available carrier frequencies, attempts to sync to them and dumps information gathered from the BCCH. |
||
85 | It is usually used to create a list of used ARFCNs and information such as their reception levels, MNC, MCC, and System Information. |
||
86 | |||
87 | == ccch_scan == |
||
88 | The ccch_scan application can sync to a carrier ARFCN and logs power measurement and CCCH information (paging requests and Immediate Assignments). |
||
89 | |||
90 | == bcch_scan == |
||
91 | bcch_scan is basically a predecessor of cell_log and logs information as observed on the BCCH (System Information). |
||
92 | |||
93 | == cbch_sniff == |
||
94 | cbch_sniff dumps cell broadcast channel information such as, e.g., GPS location of the cell. |