1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
|
#include "secril-shim.h"
/* A copy of the original RIL function table. */
static const RIL_RadioFunctions *origRilFunctions;
/* A copy of the ril environment passed to RIL_Init. */
static const struct RIL_Env *rilEnv;
static void onRequestDial(int request, void *data, size_t datalen, RIL_Token t) {
RIL_Dial *dial = malloc(sizeof(RIL_Dial));
RIL_UUS_Info *uusInfo = malloc(sizeof(RIL_UUS_Info));
memcpy(dial, data, datalen);
if (dial->uusInfo == NULL) {
memset(uusInfo, 0, sizeof(RIL_UUS_Info));
uusInfo->uusType = (RIL_UUS_Type) 0;
uusInfo->uusDcs = (RIL_UUS_DCS) 0;
uusInfo->uusData = NULL;
uusInfo->uusLength = 0;
dial->uusInfo = uusInfo;
}
origRilFunctions->onRequest(request, dial, sizeof(RIL_Dial), t);
free(uusInfo);
free(dial);
}
static void onRequestShim(int request, void *data, size_t datalen, RIL_Token t)
{
switch (request) {
/* The Samsung RIL crashes if uusInfo is NULL... */
case RIL_REQUEST_DIAL:
if (datalen == sizeof(RIL_Dial) && data != NULL) {
onRequestDial(request, data, datalen, t);
return;
}
break;
/* Necessary; RILJ may fake this for us if we reply not supported, but we can just implement it. */
case RIL_REQUEST_GET_RADIO_CAPABILITY:
; /* lol C standard */
RIL_RadioCapability rc[1] =
{
{ /* rc[0] */
RIL_RADIO_CAPABILITY_VERSION, /* version */
0, /* session */
RC_PHASE_CONFIGURED, /* phase */
RAF_GSM | RAF_GPRS | RAF_EDGE | RAF_HSUPA | RAF_HSDPA | RAF_HSPA | RAF_HSPAP | RAF_UMTS, /* rat */
{ /* logicalModemUuid */
0,
},
RC_STATUS_SUCCESS /* status */
}
};
RLOGW("%s: got request %s: replied with our implementation!\n", __func__, requestToString(request));
rilEnv->OnRequestComplete(t, RIL_E_SUCCESS, rc, sizeof(rc));
return;
/* The following requests were introduced post-4.3. */
case RIL_REQUEST_SIM_TRANSMIT_APDU_BASIC:
case RIL_REQUEST_SIM_OPEN_CHANNEL: /* !!! */
case RIL_REQUEST_SIM_CLOSE_CHANNEL:
case RIL_REQUEST_SIM_TRANSMIT_APDU_CHANNEL:
case RIL_REQUEST_NV_READ_ITEM:
case RIL_REQUEST_NV_WRITE_ITEM:
case RIL_REQUEST_NV_WRITE_CDMA_PRL:
case RIL_REQUEST_NV_RESET_CONFIG:
case RIL_REQUEST_SET_UICC_SUBSCRIPTION:
case RIL_REQUEST_ALLOW_DATA:
case RIL_REQUEST_GET_HARDWARE_CONFIG:
case RIL_REQUEST_SIM_AUTHENTICATION:
case RIL_REQUEST_GET_DC_RT_INFO:
case RIL_REQUEST_SET_DC_RT_INFO_RATE:
case RIL_REQUEST_SET_DATA_PROFILE:
case RIL_REQUEST_SHUTDOWN: /* TODO: Is there something we can do for RIL_REQUEST_SHUTDOWN ? */
case RIL_REQUEST_SET_RADIO_CAPABILITY:
case RIL_REQUEST_START_LCE:
case RIL_REQUEST_STOP_LCE:
case RIL_REQUEST_PULL_LCEDATA:
RLOGW("%s: got request %s: replied with REQUEST_NOT_SUPPPORTED.\n", __func__, requestToString(request));
rilEnv->OnRequestComplete(t, RIL_E_REQUEST_NOT_SUPPORTED, NULL, 0);
return;
}
RLOGD("%s: got request %s: forwarded to RIL.\n", __func__, requestToString(request));
origRilFunctions->onRequest(request, data, datalen, t);
}
static void onCompleteRequestGetSimStatus(RIL_Token t, RIL_Errno e, void *response, size_t responselen) {
/* While at it, upgrade the response to RIL_CardStatus_v6 */
RIL_CardStatus_v5_samsung *p_cur = ((RIL_CardStatus_v5_samsung *) response);
RIL_CardStatus_v6 *v6response = malloc(sizeof(RIL_CardStatus_v6));
v6response->card_state = p_cur->card_state;
v6response->universal_pin_state = p_cur->universal_pin_state;
v6response->gsm_umts_subscription_app_index = p_cur->gsm_umts_subscription_app_index;
v6response->cdma_subscription_app_index = p_cur->cdma_subscription_app_index;
v6response->ims_subscription_app_index = -1;
v6response->num_applications = p_cur->num_applications;
int i;
for (i = 0; i < RIL_CARD_MAX_APPS; ++i)
memcpy(&v6response->applications[i], &p_cur->applications[i], sizeof(RIL_AppStatus));
/* Send the fixed response to libril */
rilEnv->OnRequestComplete(t, e, v6response, sizeof(RIL_CardStatus_v6));
free(v6response);
}
static void fixupDataCallList(void *response, size_t responselen) {
RIL_Data_Call_Response_v6 *p_cur = (RIL_Data_Call_Response_v6 *) response;
int num = responselen / sizeof(RIL_Data_Call_Response_v6);
int i;
for (i = 0; i < num; ++i)
p_cur[i].gateways = p_cur[i].addresses;
}
static void onCompleteQueryAvailableNetworks(RIL_Token t, RIL_Errno e, void *response, size_t responselen) {
/* Response is a char **, pointing to an array of char *'s */
size_t numStrings = responselen / sizeof(char *);
size_t newResponseLen = (numStrings - (numStrings / 3)) * sizeof(char *);
void *newResponse = malloc(newResponseLen);
/* Remove every 5th and 6th strings (qan elements) */
char **p_cur = (char **) response;
char **p_new = (char **) newResponse;
size_t i, j;
for (i = 0, j = 0; i < numStrings; i += 6) {
p_new[j++] = p_cur[i];
p_new[j++] = p_cur[i + 1];
p_new[j++] = p_cur[i + 2];
p_new[j++] = p_cur[i + 3];
}
/* Send the fixed response to libril */
rilEnv->OnRequestComplete(t, e, newResponse, newResponseLen);
free(newResponse);
}
static void fixupSignalStrength(void *response, size_t responselen) {
int gsmSignalStrength;
RIL_SignalStrength_v10 *p_cur = ((RIL_SignalStrength_v10 *) response);
gsmSignalStrength = p_cur->GW_SignalStrength.signalStrength & 0xFF;
if (gsmSignalStrength < 0 ||
(gsmSignalStrength > 31 && p_cur->GW_SignalStrength.signalStrength != 99)) {
gsmSignalStrength = p_cur->CDMA_SignalStrength.dbm;
}
/* Fix GSM signal strength */
p_cur->GW_SignalStrength.signalStrength = gsmSignalStrength;
/* We don't support LTE - values should be set to INT_MAX */
p_cur->LTE_SignalStrength.cqi = INT_MAX;
p_cur->LTE_SignalStrength.rsrp = INT_MAX;
p_cur->LTE_SignalStrength.rsrq = INT_MAX;
p_cur->LTE_SignalStrength.rssnr = INT_MAX;
}
static void onRequestCompleteShim(RIL_Token t, RIL_Errno e, void *response, size_t responselen) {
int request;
RequestInfo *pRI;
pRI = (RequestInfo *)t;
/* If pRI is null, this entire function is useless. */
if (pRI == NULL)
goto null_token_exit;
request = pRI->pCI->requestNumber;
switch (request) {
case RIL_REQUEST_GET_SIM_STATUS:
/* Remove unused extra elements from RIL_AppStatus */
if (response != NULL && responselen == sizeof(RIL_CardStatus_v5_samsung)) {
onCompleteRequestGetSimStatus(t, e, response, responselen);
return;
}
break;
case RIL_REQUEST_LAST_CALL_FAIL_CAUSE:
/* Remove extra element (ignored on pre-M, now crashing the framework) */
if (responselen > sizeof(int)) {
rilEnv->OnRequestComplete(t, e, response, sizeof(int));
return;
}
break;
case RIL_REQUEST_DATA_CALL_LIST:
case RIL_REQUEST_SETUP_DATA_CALL:
/* According to the Samsung RIL, the addresses are the gateways?
* This fixes mobile data. */
if (response != NULL && responselen != 0 && (responselen % sizeof(RIL_Data_Call_Response_v6) == 0)) {
fixupDataCallList(response, responselen);
rilEnv->OnRequestComplete(t, e, response, responselen);
return;
}
break;
case RIL_REQUEST_QUERY_AVAILABLE_NETWORKS:
/* Remove the extra (unused) elements from the operator info, freaking out the framework.
* Formerly, this is know as the mQANElements override. */
if (response != NULL && responselen != 0 && (responselen % sizeof(char *) == 0)) {
onCompleteQueryAvailableNetworks(t, e, response, responselen);
return;
}
break;
case RIL_REQUEST_SIGNAL_STRENGTH:
/* The Samsung RIL reports the signal strength in a strange way... */
if (response != NULL && responselen >= sizeof(RIL_SignalStrength_v5)) {
fixupSignalStrength(response, responselen);
rilEnv->OnRequestComplete(t, e, response, responselen);
return;
}
break;
}
RLOGD("%s: got request %s: forwarded to libril.\n", __func__, requestToString(request));
null_token_exit:
rilEnv->OnRequestComplete(t, e, response, responselen);
}
static void onUnsolicitedResponseShim(int unsolResponse, const void *data, size_t datalen)
{
switch (unsolResponse) {
case RIL_UNSOL_DATA_CALL_LIST_CHANGED:
/* According to the Samsung RIL, the addresses are the gateways?
* This fixes mobile data. */
if (data != NULL && datalen != 0 && (datalen % sizeof(RIL_Data_Call_Response_v6) == 0))
fixupDataCallList((void*) data, datalen);
break;
case RIL_UNSOL_SIGNAL_STRENGTH:
/* The Samsung RIL reports the signal strength in a strange way... */
if (data != NULL && datalen >= sizeof(RIL_SignalStrength_v5))
fixupSignalStrength((void*) data, datalen);
break;
}
rilEnv->OnUnsolicitedResponse(unsolResponse, data, datalen);
}
const RIL_RadioFunctions* RIL_Init(const struct RIL_Env *env, int argc, char **argv)
{
RIL_RadioFunctions const* (*origRilInit)(const struct RIL_Env *env, int argc, char **argv);
static RIL_RadioFunctions shimmedFunctions;
static struct RIL_Env shimmedEnv;
void *origRil;
/* Shim the RIL_Env passed to the real RIL, saving a copy of the original */
rilEnv = env;
shimmedEnv = *env;
shimmedEnv.OnRequestComplete = onRequestCompleteShim;
shimmedEnv.OnUnsolicitedResponse = onUnsolicitedResponseShim;
/* Open and Init the original RIL. */
origRil = dlopen(RIL_LIB_PATH, RTLD_LOCAL);
if (CC_UNLIKELY(!origRil)) {
RLOGE("%s: failed to load '" RIL_LIB_PATH "': %s\n", __func__, dlerror());
return NULL;
}
origRilInit = dlsym(origRil, "RIL_Init");
if (CC_UNLIKELY(!origRilInit)) {
RLOGE("%s: couldn't find original RIL_Init!\n", __func__);
goto fail_after_dlopen;
}
origRilFunctions = origRilInit(&shimmedEnv, argc, argv);
if (CC_UNLIKELY(!origRilFunctions)) {
RLOGE("%s: the original RIL_Init derped.\n", __func__);
goto fail_after_dlopen;
}
/* Shim functions as needed. */
shimmedFunctions = *origRilFunctions;
shimmedFunctions.onRequest = onRequestShim;
return &shimmedFunctions;
fail_after_dlopen:
dlclose(origRil);
return NULL;
}
|
