调制解调器代码如何与 Android 代码通信 [英] How does Modem code talk to Android code
问题描述
我想知道 Android 调制解调器代码如何调用/传递消息到 Android 应用程序层的高级概念.假设我们以短信为例.如果网络发送短信和Modem(比如高通C代码解析)它是如何传输到Android应用层的?
是否总是有 JNI 调用发生?作为调制解调器和 Android 之间的接口?能否请您与我们分享信息.谢谢
在 AOSP/CAF/CM 源(分别为 Android 开源项目、CodeAurora 论坛、Cyanogenmod)中找到的几乎所有 android 源代码库中,都会有 C 代码称为 rild,(无线电接口层守护进程).这通常在源代码树的 /hardware/ril 中找到.
这个守护进程从 Android 启动的那一刻开始运行,并创建一个名为 /dev/socket/rild 和 /dev/socket/rild-debug 的套接字.将有一个来自高通公司、HTC 的专有库,它会在启动时在运行时动态加载.正是该专有库反过来与无线电固件进行通信.然后在那里建立rild用于回调到专有库的钩子.
在 rild 层,通过上述套接字,是 Android 层(在源树中找到,frameworks/base/telephony/com/android/internal/telephony/RIL.java) 进行通信.
在 Java 端,它打开套接字以进行读/写,同时建立意图并设置通过此套接字广播/接收事件的委托.
例如,传入呼叫(专有库)会调用由 rild 设置的回调挂钩.rild 将标准通用 AT Hayes 调制解调器命令写入套接字,在 Java 端,它读取和解释调制解调器命令,然后PhoneManager 广播CALL_STATE_RINGING,其中 Phone 应用程序(在源 packages/apps/Phone 中找到)已注册接收器并启动用户界面,这就是您的方式接听电话.
另一个例子,拨打电话,你在 Android 上拨打一个号码,意图被创建,然后 PhoneManager(这是一切的根源,在这里,记不清我的头顶,认为它在源树中的 frameworks/base/core/java 某处)接收意图,将其转换为序列AT Hayes 调制解调器命令,将其写入套接字,rild 然后调用对专有库的回调,专有库又委托给无线电固件.
最后一个例子,从 Messaging(在 packages/apps/Mms 源树中找到)应用程序发送文本消息,你输入的文本被推到一个意图中,PhoneManager 接收到意图,将文本转换为使用 7 位 GSM 字母 (IIRC) 的 GSM 编码,写入套接字,rild 依次调用对专有库的回调,专有库又委托给无线电固件,文本现在已经离开手机域并在某处的无线电波中...... :) 随着在 Android 本身内发送广播消息,提供在 AndroidManifest.xml 中使用并指定了 READ_PHONE_STATE 权限.
同样地,当接收到一个文本消息时,它是相反的,无线电固件接收一些字节,专有库调用对rild的回调,从而将字节写出到套接字.在 Java 端,它从中读取,并解码字节序列,将其转换为我们所知道的文本,使用收到的消息通知触发广播.Messaging 应用程序依次为上述广播注册了接收者,并向通知栏发送一个 Intent 来表示从 +xxxxxx 收到的新消息">
意图位于 frameworks/base/telephony/java/com/android/internal/telephony/TelephonyIntents.java
这就是电话系统工作原理的要点,真正的美妙之处在于它使用通用的 AT Hayes 调制解调器命令,从而简化和隐藏了真正的专有机制.
至于 Qualcomm、HTC 之类的公司,忘记它吧,因为他们曾经将相关库开源,因为无线电话层嵌入在 S-o-C(片上系统)电路中!
这也是,作为旁注,为什么刷无线电固件有风险,有些手机提供这样做的能力,刷错固件(例如不兼容或不适合手机),亲吻手机好-再见,把它用作门塞或镇纸!:)
应该注意的是,涉及的 JNI 机制为零.
这是我对它工作原理的理解,据我所知,无线电固件被加载到某个内存地址中,Linux内核保留了地址空间并且不接触它,就像回到在 DOS 启动的旧 PC 时代,BIOS 使用了保留地址,我认为,在这里类似,标记为保留的地址被固件占用,其中专有无线电库与之对话 - 并且由于库运行在内核拥有的地址空间中,一个由具有 root 权限的 root 拥有的 lá,它可以与它交谈",如果你想到使用旧的 BASIC 方言 peek 和 poke,我猜你不会离目标很远,通过向该地址写入一定的字节序列,无线电固件对其进行操作,几乎就像有一个中断向量表......我在这里猜测它是如何工作的.:)
I would like to know high level idea of how Android Modem code will call/pass message to Android application layer. Say we take SMS for example. If network sends SMS and Modem (say Qualcomm C code parses it) how is it transmitted to Android Application layer?
Is there always a JNI call happening? as interface between modem and Android? Can you please share the information with us. Thanks
In almost all android source base as found in the AOSP/CAF/CM source (Android Open Source Project, CodeAurora Forum, Cyanogenmod respectively), will have C code called the rild, (Radio Interface Layer Daemon). This is commonly found within the /hardware/ril of the source tree.
This daemon runs from the moment Android boots up, and creates a socket called /dev/socket/rild and /dev/socket/rild-debug. There will be a proprietary library coming from Qualcomm, HTC, that gets dynamically loaded at run time upon boot. It is that proprietary library that in turn, communicates to the radio firmware. And the rild's hooks for the call-backs into the proprietary library is established there and then.
At the rild layer, via the aforementioned socket, is how the Android layer (found in the source tree, frameworks/base/telephony/com/android/internal/telephony/RIL.java) communicates.
On the Java side, it opens the socket for reading/writing, along with establishing intents and setting up delegates for broadcasting/receiving events via this socket.
For example, an incoming call, the proprietary library, invokes a callback hook as set up by rild. The rild writes standard generic AT Hayes modem commands to the socket, on the Java side, it reads and interprets the modem commands, and from there, the PhoneManager broadcasts CALL_STATE_RINGING, in which Phone application (found in the source packages/apps/Phone) has registered a receiver and kickstarts the User interface, and that is how you get to answer the call.
Another example, making an outgoing call, you dial a number on Android, the intent gets created and which in turn the PhoneManager (This is the root of it all, here, cannot remember top of my head, think its in frameworks/base/core/java somewhere in the source tree) receives the intent, convert it into either a sequence of AT Hayes modem commands, write it out to the socket, the rild then invokes a callback to the proprietary library, the proprietary library in turn delegates to the radio firmware.
Final example, sending text messages, from the Messaging (found in packages/apps/Mms source tree) application, the text you type, gets shoved into an intent, the PhoneManager receives the intent, converts the text into GSM-encoded using 7-bit GSM letters (IIRC), gets written out to the socket, the rild in turn invokes a callback to the proprietary library, the proprietary library in turn delegates to the radio firmware and the text has now left the domain of the handset and is in the airwaves somewhere... :) Along with sending a broadcast message within Android itself, provided that READ_PHONE_STATE permission is used and specified in the AndroidManifest.xml.
Likewise conversely, when receiving a text message, it is in the reverse, radio firmware receives some bytes, the proprietary library invokes the callback to the rild, and thus writes out the bytes to the socket. On the Java side, it reads from it, and decodes the sequence of bytes, converts it to text as we know of, fires a broadcast with a message received notification. The Messaging application in turn, has registered receivers for the said broadcast, and sends an intent to the notification bar to say something like "New message received from +xxxxxx"
The intents are found in frameworks/base/telephony/java/com/android/internal/telephony/TelephonyIntents.java
That is the gist of how the telephony system works, the real beauty is, that it uses generic AT Hayes modem commands thusly simplifying and hiding the real proprietary mechanisms.
As for the likes of Qualcomm, HTC, forget about it in thinking they'd ever open source the library in question because the radio telephony layer is embedded within the S-o-C (System on a Chip) circuitry!
Which is also, as a side note, why its risky to flash radio firmware, some handsets provide the capability to do it, flash the wrong firmware (such as an incompatible or not suitable for handset), kiss the handset good-bye and use that as a door stopper or paper-weight! :)
It should be noted, that there is zero JNI mechanisms involved.
This is from my understanding of how it works, from what I can tell is this, the radio firmware is loaded into a memory address somewhere where the linux kernel has reserved the address space and does not touch it, something like back in the old PC days when DOS booted up, there was reserved addresses used by the BIOS, I think, its similar here, the addresses marked as reserved are occupied by the firmware, in which the proprietary radio library talks to it - and since the library is running in the address space owned by the kernel, a lá owned by root with root privileges, it can "talk" to it, if you think of using the old BASIC dialect of peek and poke, I'd guess you would not be far off the mark there, by writing a certain sequence of bytes to that address, the radio firmware acts on it, almost like having a interrupt vector table... this am guessing here how it works exactly. :)
这篇关于调制解调器代码如何与 Android 代码通信的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
