Hey there,
Since i had many requests about SBK because i had to stop my webserver, i decided to write a small Windows tool to generate easilly your SBK if you already have your CPUID. (Infos about getting your CPUID -> http://forum.xda-developers.com/showthread.php?t=1624645)
Easy to use :
Extract both exe and dll in the same folder.
Launch SBCalc.exe, type your CPUID, clic "Generate", and it will return your SBK.
Update :
v1.1 : Support 15 or 16 digits for CPUID
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
vache said:
Hey there,
Since i had many requests about SBK because i had to stop my webserver, i decided to write a small Windows tool to generate easilly your SBK if you already have your CPUID. (Infos about getting your CPUID -> http://forum.xda-developers.com/showthread.php?t=1624645)]
Click to expand...
Click to collapse
You're the man (or woman, sorry, I don't actually know you)! TY much!
Hi Guy,
Thanks for this great tool !
Cheers.
vache said:
Hey there,
Since i had many requests about SBK because i had to stop my webserver, i decided to write a small Windows tool to generate easilly your SBK if you already have your CPUID. (Infos about getting your CPUID -> http://forum.xda-developers.com/showthread.php?t=1624645)
Easy to use :
Extract both exe and dll in the same folder.
Launch SBCalc.exe, type your CPUID, clic "Generate", and it will return your SBK.
Click to expand...
Click to collapse
For Linux fans, the following piece of code (adapted from Skrilax_CZ's boot menu) seems to work too:
Code:
#include <stdio.h>
#include <stdint.h>
#include <string.h>
#include <ctype.h>
#include <stdlib.h>
#include <arpa/inet.h>
int
main (int argc, char *argv[])
{
char uid[16], *p;
uint32_t sbk[4];
int i, j, mult;
while (--argc)
{
p = argv[argc];
if (p[0] == '0' && p[1] == 'x')
p += 2;
if (strlen (p) != 16)
continue;
strncpy (uid, p + 8, 8);
strncpy (uid + 8, p, 8);
for (i = 0; i < 16; i++)
uid[i] = toupper (uid[i]);
memset (sbk, 0, sizeof (sbk));
for (i = 0; i < 4; i++)
{
sbk[i] = 0;
mult = 1;
for (j = 3; j >= 0; j--)
{
sbk[i] += uid[4*i+j] * mult;
mult *= 100;
}
}
for (i = 0; i < 4; i++)
sbk[i] ^= sbk[3 - i];
printf ("0x%08X 0x%08X 0x%08X 0x%08X\n",
htonl (sbk[0]), htonl (sbk[1]), htonl (sbk[2]), htonl (sbk[3]));
}
exit (0);
}
Same thing in Perl:
Code:
#! /usr/bin/perl
sub chunk
{
my ($mult, $res);
$mult = 1;
$res = 0;
for (reverse unpack 'C4', uc shift)
{
$res += $_ * $mult;
$mult *= 100;
}
$res;
}
for (@ARGV)
{
my (@sbk, $i);
s/^0x//;
next
if (! m/^[[:xdigit:]]{16}$/);
@sbk = map { chunk $_ } unpack 'x8 (A4)4', $_ . $_;
for ($i = 0; $i < @sbk; $i++)
{ $sbk[$i] ^= $sbk[-$i-1]; }
@sbk = map { unpack 'N', pack 'L', $_ } @sbk;
print +(join ' ', map { sprintf '0x%08X', $_ } @sbk), "\n";
}
Yes, I reverse engineered the SBK generating function in Pica_Func.dll, no need to use it anymore.
lcd047 said:
For Linux fans, the following piece of code (adapted from Skrilax_CZ's boot menu) seems to work too:
Code:
#include <stdio.h>
#include <stdint.h>
#include <string.h>
#include <ctype.h>
#include <stdlib.h>
uint32_t
swab32 (uint32_t src)
{
uint32_t dst;
int i;
dst = 0;
for (i = 0; i < 4; i++)
{
dst = (dst << 8) + (src & 0xFF);
src >>= 8;
}
return dst;
}
int
main (int argc, char *argv[])
{
char uid[16], *p;
uint32_t sbk[4];
int i, j, mult;
while (--argc)
{
p = argv[argc];
if (p[0] == '0' && p[1] == 'x')
p += 2;
if (strlen (p) != 16)
continue;
strncpy (uid, p + 8, 8);
strncpy (uid + 8, p, 8);
for (i = 0; i < 16; i++)
uid[i] = toupper (uid[i]);
memset (sbk, 0, sizeof (sbk));
for (i = 0; i < 4; i++)
{
sbk[i] = 0;
mult = 1;
for (j = 3; j >= 0; j--)
{
sbk[i] += uid[4*i+j] * mult;
mult *= 100;
}
}
for (i = 0; i < 4; i++)
sbk[i] ^= sbk[3 - i];
printf ("0x%08X 0x%08X 0x%08X 0x%08X\n",
swab32 (sbk[0]), swab32 (sbk[1]), swab32 (sbk[2]), swab32 (sbk[3]));
}
exit (0);
}
Same thing in Perl:
Code:
#! /usr/bin/perl
sub chunk
{
my ($mult, $res);
$mult = 1;
$res = 0;
for (reverse unpack 'C4', uc shift)
{
$res += $_ * $mult;
$mult *= 100;
}
$res;
}
for (@ARGV)
{
my (@sbk, $i);
s/^0x//;
next
if (! m/^[[:xdigit:]]{16}$/);
@sbk = map { chunk $_ } unpack 'x8 (A4)4', $_ . $_;
for ($i = 0; $i < @sbk; $i++)
{ $sbk[$i] ^= $sbk[-$i-1]; }
@sbk = map { unpack 'N', pack 'V', $_ } @sbk;
print +(join ' ', map { sprintf '0x%08X', $_ } @sbk), "\n";
}
Click to expand...
Click to collapse
Thanks so much for the Perl code! You can see it in action at my new SBK Calculator site: http://a500bootloaderflash.tk/sbkcalc/
I hope you don't mind me using it in the true spirit of Open Source!
blackthund3r said:
Thanks so much for the Perl code! You can see it in action at my new SBK Calculator site: http://a500bootloaderflash.tk/sbkcalc/
I hope you don't mind me using it in the true spirit of Open Source!
Click to expand...
Click to collapse
By all means, I posted it for people to use it.
lcd047 said:
By all means, I posted it for people to use it.
Click to expand...
Click to collapse
Thank you!
Thank you Vache! Works great!
vache said:
Hey there,
Since i had many requests about SBK because i had to stop my webserver, i decided to write a small Windows tool to generate easilly your SBK if you already have your CPUID. (Infos about getting your CPUID -> http://forum.xda-developers.com/showthread.php?t=1624645)
Easy to use :
Extract both exe and dll in the same folder.
Launch SBCalc.exe, type your CPUID, clic "Generate", and it will return your SBK.
Click to expand...
Click to collapse
Thank you Vache, works great!
:good:
Hello vache,
great tool, but i've got a problem...
if i get my cpuid with "adb devices" it is just 11 digits long...
your tool said that it have to be 15 digits.
and if i use your a500 manager there are 16 digits and characters in my serial number
IncredibleHero said:
Hello vache,
great tool, but i've got a problem...
if i get my cpuid with "adb devices" it is just 11 digits long...
your tool said that it have to be 15 digits.
and if i use your a500 manager there are 16 digits and characters in my serial number
Click to expand...
Click to collapse
Remove the 1st digit if it's a zero.
vache said:
Remove the 1st digit if it's a zero.
Click to expand...
Click to collapse
CPUID can be 16 digits long - mine is and it generates valid SBKs. In fact I usually add a zero to the beginning if it's only 15 to make it 16, although my CPUID starts with a 1
Mine is 16 char long - extracted via backup from cwm. But SBCalc, http://a500bootloaderflash.tk/sbkcalc/ and A500Manager1.1 all says my cpuid is invalid any ideas
can u help me sir
i have my cpuid but when i use this tool i got the warning "please check your cpuid"....can u help get sbk code from my cpuid???here my cpuid no (0xa74420244808057)
cyclone77 said:
i have my cpuid but when i use this tool i got the warning "please check your cpuid"....can u help get sbk code from my cpuid???here my cpuid no (0xa74420244808057)
Click to expand...
Click to collapse
not sure if it is correct but try: 0x42530000 0x2B89BB01 0xEBE55D03 0x507A2103
cyclone77 said:
i have my cpuid but when i use this tool i got the warning "please check your cpuid"....can u help get sbk code from my cpuid???here my cpuid no (0xa74420244808057)
Click to expand...
Click to collapse
Try this: 0xA0ABC201 0x1B34BE01 0xEBE55D03 0x507A2103
Related
Hi,
GoodDay. I am using O2 XDAII, I am want to send some data through GSM. For that I want to know, GSM is situated in Which Port ?.......
So that i can Open the port(COM1 or Com2) and send the some AT commands into it.
or is there any there way to Open the GSM and send data
Kindly Let me know..
Thanks
regards,
Rajesh. S
Over GSM, you have two options; dial-up and GPRS..
None of these uses COM ports in the way that you are thinking..
GSM is located at COM2. But to enable communication with it on XDA2 you'll need to send IOCTL to RIL. Here is a code from one of my test applications.
Code:
#include "stdafx.h"
int HexToInt(char R)
{
if(R>='0' && R<='9')
return R-'0';
if(R>='a' && R<='f')
return R-'a'+10;
if(R>='A' && R<='F')
return R-'A'+10;
return 15;
}
int Hex2ToInt(char *R)
{
return ((HexToInt(R[0])<<4)|HexToInt(R[1]))&255;
}
bool IsHex(char C)
{
if(C>='0' && C<='9')
return true;
if(C>='A' && C<='F')
return true;
return false;
}
int WINAPI WinMain( HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPTSTR lpCmdLine,
int nCmdShow)
{
HANDLE hCom;
char * xpos;
char rsltstr[5];
DWORD CellId;
int bufpos;
DCB dcb;
COMMTIMEOUTS to;
DWORD nWritten;
DWORD event;
DWORD nRead;
static char outbuf[65536], buf[65536];
BYTE comdevcmd[2]= {0x84, 0x00};
FILE *F=fopen("\\Storage Card\\dump.bin","r+bc");
if(F==0)
F=fopen("\\Storage Card\\dump.bin","w+bc");
hCom= CreateFile(L"COM2:",GENERIC_READ|GENERIC_WRITE,0,0,OPEN_EXISTING,0,0);
if (hCom==NULL || hCom==INVALID_HANDLE_VALUE)
{
hCom= NULL;
return -1;
}
HANDLE hRil= CreateFile(L"RIL1:",GENERIC_READ|GENERIC_WRITE,0,0,OPEN_EXISTING,0,0);
if (hRil==NULL || hRil==INVALID_HANDLE_VALUE)
{
hRil= NULL;
return -1;
}
if (!GetCommState(hCom, &dcb))
{
return -2;
}
dcb.BaudRate= CBR_115200;
dcb.ByteSize= 8;
dcb.fParity= false;
dcb.StopBits= ONESTOPBIT;
if (!SetCommState(hCom, &dcb))
{
return -3;
}
if (!EscapeCommFunction(hCom, SETDTR))
{
return -4;
}
if (!EscapeCommFunction(hCom, SETRTS))
{
// return -5;
}
if (!GetCommTimeouts(hCom, &to))
{
return -6;
}
to.ReadIntervalTimeout= 5;
to.ReadTotalTimeoutConstant= 5;
to.ReadTotalTimeoutMultiplier= 5;
to.WriteTotalTimeoutConstant= 20000;
to.WriteTotalTimeoutMultiplier= 0;
if (!SetCommTimeouts(hCom, &to))
{
return -7;
}
if (!SetCommMask(hCom, EV_RXCHAR))
{
return -8;
}
DWORD rildevresult=0,nReturned=0;
// DeviceIoControl(hRil, 0x03000314L,0,0, &rildevresult, sizeof(DWORD), &nReturned,0);
// HANDLE Ev=CreateEvent(NULL,TRUE,0,L"RILDrv_DataMode");
// SetEvent(Ev);
if (!DeviceIoControl (hCom,0xAAAA5679L, comdevcmd, sizeof(comdevcmd),0,0,0,0))
{
return -9;
}
fseek(F,0,SEEK_END);
DWORD Addr=ftell(F);
Rest:
bufpos = 0;
// strcpy(outbuf,"AT%TEST=D00000000\r");
sprintf(outbuf,"AT%%TEST=D%08X\r",Addr);
to.ReadIntervalTimeout= MAXDWORD;
to.ReadTotalTimeoutConstant= 0;
to.ReadTotalTimeoutMultiplier= 0;
to.WriteTotalTimeoutConstant= 20000;
to.WriteTotalTimeoutMultiplier= 0;
if (!SetCommTimeouts(hCom, &to))
{
return -7;
}
ReadFile(hCom, buf, 65536 , &nRead, NULL);
to.ReadIntervalTimeout= 5;
to.ReadTotalTimeoutConstant= 5;
to.ReadTotalTimeoutMultiplier= 5;
to.WriteTotalTimeoutConstant= 20000;
to.WriteTotalTimeoutMultiplier= 0;
if (!SetCommTimeouts(hCom, &to))
{
return -7;
}
if (!WriteFile(hCom, outbuf, strlen(outbuf), &nWritten, NULL))
{
return -10;
}
if (!WaitCommEvent(hCom, &event, NULL))
{
return -12;
}
ReadFile(hCom, buf, 16*78, &nRead, NULL);
char Buff[256];
for(int i=0; i<16; i++)
{
if(buf[i*78+8]!=':' || buf[i*78+9]!=' ')
goto Rest;
for(int j=0; j<16; j++)
{
if(!IsHex(buf[i*78+10+j*3]))
goto Rest;
if(!IsHex(buf[i*78+10+j*3+1]))
goto Rest;
Buff[i*16+j]=Hex2ToInt(buf+i*78+10+j*3);
}
}
Addr+=256;
// fwrite(buf,1,16*78,F);
fwrite(Buff,1,256,F);
fflush(F);
printf("%08X\r",Addr);
goto Rest;
rildevresult = 0;
DeviceIoControl(hRil, 0x03000318L,0,0, &rildevresult, sizeof(DWORD), &nReturned,0);
// ResetEvent(Ev);
// CloseHandle(Ev);
CloseHandle(hRil);
if (!EscapeCommFunction(hCom, CLRDTR))
{
return -4;
}
if (hCom!=NULL)
{
CloseHandle(hCom);
hCom= NULL;
}
return CellId;
}
Hi,
Good Day.. I got your code..... First of all i convey my thanks to you.
I need some more clarification from your side.
Kindly let me know in details
I am not able understand
Why we need to use RIL & IOCTL Funct?
how your sending "AT" Commands in your Code?( explain to me in details) If i want to add some more AT commands like( AT+CSQ or AT^SCKS?) means how do i add these command and where?...
if you have sample code kindly send to [email protected]
anticipating your reply,
Thanks & regards,
Rajesh. S
Sorry !! Mail ID is : [email protected]
Using COM port GSM access to change outgoing line
Is it possible to alter the outgoing number (read from the SIM card) on the GSM by accessing the COM port?
Is there a utility that already does this? Is there a way of altering settings/phone to be able to change the outgoing number? Or a ROM image that allows you to do this?
I have no understanding whatsoever of the radio stack, so I wouldn't know where to start if I were to write a utility to do so.
Cheers,
Jason
jman said:
Is it possible to alter the outgoing number (read from the SIM card) on the GSM by accessing the COM port?
Is there a utility that already does this? Is there a way of altering settings/phone to be able to change the outgoing number? Or a ROM image that allows you to do this?
I have no understanding whatsoever of the radio stack, so I wouldn't know where to start if I were to write a utility to do so.
Cheers,
Jason
Click to expand...
Click to collapse
@jman,
No that is not possible. The reason is that the phone does not send its caller ID over the air. What happens is that a pseudo random number (called TMSI) is assigned to the mobile phone. The mobile phone sends its TMSI for identification and the MSC (Mobile Switching Centre) does the mapping for the TMSI to calling MSISDN (techno term for mobile phone number).
However, if you are a really good programmer and know your phone internal GSM functioning very well. Then you can spoof the TMSI. Meaning, you should listen to the Paging Messages that are being received on the PCH and get the TMSI from them and then generate a CHAN_REQ based on one of those TMSI. If you want to know more about it, then I suggest that you read a document called GSM04.08 from www.3gpp.org .
Please note that whatever I have written above is valid for a GSM/GPRS/EDGE network only.
Regards,
Save me from madness!!!
I have a several smartphone devices with windows CE
CE 6.0 - hp IPAQ 500 series
CE 5.0 - Samsung i600
I need to inject DLL into the process "home.exe". I use method with performcallback4 function. This method works successfully for all processes ("device.exe", "service.exe", etc.) except process "home.exe". In what a problem?
source code : InjectDLL.exe link with toolhelp.lib
#include <windows.h>
#include <Tlhelp32.h>
typedef struct _CALLBACKINFO {
HANDLE hProc;
FARPROC pfn;
PVOID pvArg0;
} CALLBACKINFO;
extern "C"
{
DWORD PerformCallBack4(CALLBACKINFO *pcbi,...);
LPVOID MapPtrToProcess(LPVOID lpv, HANDLE hProc);
BOOL SetKMode(BOOL fMode);
DWORD SetProcPermissions(DWORD newperms);
};
DWORD GetProcessId(WCHAR *wszProcessName)
{
HANDLE hTH= CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
PROCESSENTRY32 pe;
pe.dwSize= sizeof(PROCESSENTRY32);
DWORD PID=0;
if (Process32First(hTH, &pe))
{
do {
if (wcsicmp(wszProcessName, pe.szExeFile)==0)
{
PID=pe.th32ProcessID;
}
} while (Process32Next(hTH, &pe));
}
CloseToolhelp32Snapshot(hTH);
return PID;
}
HMODULE GetDllHandle(DWORD ProcessId,WCHAR* ModuleName)
{
HANDLE ToolHelp=CreateToolhelp32Snapshot(TH32CS_SNAPMODULE,ProcessId);
if (ToolHelp!=INVALID_HANDLE_VALUE)
{
MODULEENTRY32 ModuleEntry={sizeof MODULEENTRY32};
if (Module32First(ToolHelp,&ModuleEntry))
do
{
if (wcsicmp(ModuleEntry.szModule, ModuleName)==0)
return ModuleEntry.hModule;
}
while(Module32Next(ToolHelp,&ModuleEntry));
CloseToolhelp32Snapshot(ToolHelp);
}
return NULL;
}
BOOL InjectDll(WCHAR* ProcessName,WCHAR* ModuleName)
{
DWORD ProcessId=GetProcessId(ProcessName);
HMODULE ModuleHandle=GetDllHandle(ProcessId,ModuleName);
if (ModuleHandle!=NULL)
return TRUE;
HANDLE Process=OpenProcess(0,0,ProcessId);
if (Process==NULL)
return FALSE;
void* ModuleNamePtr=MapPtrToProcess(ModuleName,GetCurrentProcess());
if (ModuleNamePtr==NULL)
return FALSE;
CALLBACKINFO ci;
ci.hProc=Process;
void* LoadLibraryPtr=MapPtrToProcess(GetProcAddress(GetModuleHandle(L"coredll.dll"),L"LoadLibraryW"),Process);
if (LoadLibraryPtr==NULL)
return FALSE;
ci.pfn=(FARPROC)LoadLibraryPtr;
ci.pvArg0=ModuleNamePtr;
PerformCallBack4(&ci); in this place process exit. visual studio output message : "process exit with code 0xc0000030"
Sleep(500);
CloseHandle(Process);
return GetDllHandle(ProcessId,ModuleName)!=NULL;
}
extern "C"
{
BOOL SetKMode(BOOL fMode);
DWORD SetProcPermissions(DWORD newperms);
};
#define DLLNAME L"MyDll.dll"
int WINAPI WinMain(HINSTANCE hInstance,HINSTANCE hPrevInstance,LPWSTR lpCmdLine,int nShowCmd)
{
WCHAR Path[MAX_PATH];
GetModuleFileName(NULL,Path,MAX_PATH);
wcscpy(wcsrchr(Path,L'\\')+1,DLLNAME);
WCHAR NewPath[MAX_PATH]=L"\\Windows\\";
wcscat(NewPath,DLLNAME);
CopyFile(Path,NewPath,FALSE);
BOOL Res=InjectDll(L"home.exe",L"MyDll.dll");
return 0;
}
the error code is
#define STATUS_INVALID_PARAMETER_MIX 0xC0000030
(maybe too fast for getting the thread infos?)
try to make the "Sleep(500);" before "PerformCallBack4(&ci);"
I have tried, a problem not in it. Any ideas?
I have not found the reason.... I Use other method without performcallback4
Problem with injection dll to cprog.exe process?
I want to inject dll to cprog.exe process. but it doesn't work.
source code.
Code:
VOID
InjectDllToCprog()
{
WCHAR DllPath[MAX_PATH] = L"";
CallbackInfo ci;
GetModuleFileName(NULL, DllPath, MAX_PATH);
PWCHAR p = wcsrchr(DllPath, L'\\');
DllPath[p - DllPath] = '\0';
wcscat(DllPath, L"\\CprogInject.dll");
ZeroMemory(&ci, sizeof(ci));
g_hCprog = FindCprogProcess(L"Cprog.exe"); // the handle is right.
if(g_hCprog != NULL)
{
DWORD dwMode = SetKMode(TRUE);
DWORD dwPerm = SetProcPermissions(0xFFFFFFFF);
FARPROC pFunc = GetProcAddress(GetModuleHandle(L"Coredll.dll"), L"LoadLibraryW");
ci.ProcId = (HANDLE)g_hCprog;
ci.pFunc = (FARPROC)MapPtrToProcess(pFunc, g_hCprog);
ci.pvArg0 = MapPtrToProcess(DllPath, GetCurrentProcess());
g_InjectCprog = (HINSTANCE)PerformCallBack4(&ci, 0, 0, 0);
if(GetLastError() != 0) // GetLastError() = 5
DbgError(L"PerformCallBack 执行失败", GetLastError());
SetKMode(dwMode);
SetProcPermissions(dwPerm);
}
}
GetLastError() return 0x00000005(Access is denied)
Anyone can help me? Sorry for my poor english.
Hello everyone,
This topic is not new however i never see any thread that has the solution for WM6. In my case, i want to create an smartphone app send AT Command to the gsm modem of my HTC HD.
Apparently there's no port COM2 or COM9 open in the device (everytime i tried CreateFile there's error 55, i also checked in the active device registry, no COM2 or COM9), so i use RIL_Initialize and RIL_GetSerialPortHandle to get the port. The openning and writing steps works very well, however there's no data in return, seems that the modem doesn't respond.
Below is the code:
Code:
RIL_Initialize(1,
ResultCallback,
NotifyCallback,
dwNotifications,
dwParam,
&RilHandle);
HANDLE hCom = NULL;
char * xpos;
char rsltstr[5];
DWORD returnValue;
DWORD LAC;
DWORD CellId;
int bufpos;
DCB dcb;
COMMTIMEOUTS to;
DWORD nWritten;
DWORD event1;
DWORD nRead;
char outbuf[20], buf[256];
BYTE comdevcmd[2]= {0x84, 0x00};
GetSerialPortHandleResult = RIL_GetSerialPortHandle(RilHandle,&hCom);
if (FAILED(GetSerialPortHandleResult))
{
TCHAR szString[256];
wsprintf(szString, L"Error GetSerialPortHandle, result= %d",GetSerialPortHandleResult);
MessageBox(NULL, szString, L"Error", MB_OK | MB_ICONERROR);
return 0;
}
if (hCom==NULL || hCom==INVALID_HANDLE_VALUE)
{
TCHAR szBuf[80];
DWORD dw = GetLastError();
// get the most uptodate cells
_stprintf(szBuf, TEXT("CreateFile failed with error %d."), dw);
MessageBox(0, szBuf, TEXT("Error"), MB_OK);
hCom= NULL;
return -1;
}
if (!GetCommState(hCom, &dcb))
{
return -2;
}
dcb.BaudRate= CBR_115200;
dcb.ByteSize= 8;
dcb.fParity= false;
dcb.StopBits= ONESTOPBIT;
if (!SetCommState(hCom, &dcb))
{
return -3;
}
if (!EscapeCommFunction(hCom, SETDTR))
{
return -4;
}
if (!GetCommTimeouts(hCom, &to))
{
return -6;
}
to.ReadIntervalTimeout= 0;
to.ReadTotalTimeoutConstant= 200;
to.ReadTotalTimeoutMultiplier= 0;
to.WriteTotalTimeoutConstant= 20000;
to.WriteTotalTimeoutMultiplier= 0;
if (!SetCommTimeouts(hCom, &to))
{
return -7;
}
if (!SetCommMask(hCom, EV_RXCHAR))
{
return -8;
}
if (!DeviceIoControl (hCom,0xAAAA5679L, comdevcmd,sizeof(comdevcmd),0,0,0,0))
{
TCHAR szBuf[80];
DWORD dw = GetLastError();
// get the most uptodate cells
_stprintf(szBuf, TEXT("DeviceIoControl failed with error %d."), dw);
MessageBox(NULL,szBuf, TEXT("Error"), MB_OK);
return -9;
}
bufpos = 0;
strcpy(outbuf,"AT+creg=2\r");
if (!WriteFile(hCom, outbuf, strlen(outbuf), &nWritten, NULL))
{
return -10;
}
if (nWritten != strlen(outbuf))
{
return -11;
}
/*if (!WaitCommEvent(hCom, &event1, NULL)) // ALWAYS BLOCKED !!!
{
return -12;
}*/Sleep(500);
while(1)
{
if (!ReadFile(hCom, buf+bufpos, 256 - bufpos, &nRead, NULL))
{
return -13;
}
if (nRead == 0) // ALWAYS BREAKS !!!
break;
bufpos += nRead;
if (bufpos >= 256)
break;
}
strcpy(outbuf,"AT+creg?\r");
... // Continue to write and read
As i said above, there's no return error, just that the buffer read is empty...
Any ideas ?
Thanks!
I don't know why it always gets nRead = 0, all the other steps work very well, no error return ...
I saw several discussions about this, so i do believe that someone have tried once this dev in WM5 or 6...
Therefore could anyone please share some point ?
no one has an idea ?
There's something a little bit interesting that i found out directly in the memory.
There's a sequence of responses to AT Command writing in ASCII:
@HTCCSQ:3
@HTCCSQ:4
@HTCCSQ:2
+CREG: 1,"000C","9F60" (here we has current LAC + Cell ID)
+CREG: 1,"000C","9BC7" (another LAC + Cell ID, i think it's the previous one)
+COPS: 0,2,"20820",3 (inside the "" are MCC MNC)
@HTCCSQ:3 .... (there's plenty of @HTCCSQ: coming next )
Look like some kind of log of the querries of RIL driver to the modem (i'm not sure)
So i think the gsm modem is available for answering to the commands, just haven't figured out how to make a stream connection to it (in WM6).
Any ideas ?
Thanks.
TAPI
I heard somewhere that we can use TAPI to send some AT Command, my question is to know if we can send a custom command (for example AT+CCED) by using TAPI ?
hi,I met the same problem.Do you find the answer?
Thanks.
I want to add to HKLM\init an all purpose application launcher (CE 6.0 device has persistent registry):
Code:
[HKEY_LOCAL_MACHINE\Init]
"Depend199"=hex:00,14,00,1e,00,60
[HKEY_LOCAL_MACHINE\Init]
"Launch199"="\NandFlash\CeLaunchAppsAtBootTime.exe"
[HKEY_CURRENT_USER\Startup]
"Process1"="\NandFlash\SetBackLight.exe"
"Process1Delay"=dword:0
The launcher's code is
Code:
#include <Windows.h>
#if defined(OutputDebugString)
#undef OutputDebugString
void OutputDebugString(LPTSTR lpText)
{}
#endif
BOOL IsAPIReady(DWORD hAPI);
void WalkStartupKeys(void);
DWORD WINAPI ProcessThread(LPVOID lpParameter);
#define MAX_APPSTART_KEYNAME 256
typedef struct _ProcessStruct {
WCHAR szName[MAX_APPSTART_KEYNAME];
DWORD dwDelay;
} PROCESS_STRUCT,*LPPROCESS_STRUCT;
int WINAPI _tWinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPTSTR lpCmdLine, int nCmdShow)
{
int nLaunchCode = -1;
// Quick check to see whether we were called from within HKLM\init -> by default HKLM\init passes the lauch code
if(lpCmdLine && *lpCmdLine)
{
// MessageBox(NULL, lpCmdLine ,NULL,MB_OK);
nLaunchCode = _ttoi( (const TCHAR *) lpCmdLine);
}
else
{
// MessageBox(NULL, _T("No argumets passed"),NULL,MB_OK);
}
//Wait for system has completely initialized
BOOL success = FALSE;
int i = 0;
while((!IsAPIReady(SH_FILESYS_APIS)) && (i++ < 50))
{
Sleep(200);
}
success = (i < 50);
if(success)
{
i = 0;
while((!IsAPIReady(SH_DEVMGR_APIS))&& (i++ < 50))
{
Sleep(200);
}
success = (i < 50);
if(success)
{
i = 0;
while((!IsAPIReady(SH_SHELL))&& (i++ < 50))
{
Sleep(200);
}
success = (i < 50);
if(success)
{
i = 0;
while((!IsAPIReady(SH_WMGR))&& (i++ < 50))
{
Sleep(200);
}
success = (i < 50);
if(success)
{
i = 0;
while((!IsAPIReady(SH_GDI))&& (i++ < 50))
{
Sleep(200);
}
success = (i < 50);
}
}
}
}
if(nLaunchCode != -1)
{
// Since this is application is launched through the registry HKLM\Init we need to call SignalStarted passing in the command line parameter
SignalStarted((DWORD) nLaunchCode);
}
//If system has completely initialized
if( success)
{
WalkStartupKeys();
}
return (0);
}
void WalkStartupKeys(void)
{
HKEY hKey;
WCHAR szName[MAX_APPSTART_KEYNAME];
WCHAR szVal[MAX_APPSTART_KEYNAME];
WCHAR szDelay[MAX_APPSTART_KEYNAME];
DWORD dwType, dwNameSize, dwValSize, i,dwDelay;
DWORD dwMaxTimeout=0;
HANDLE hWaitThread=NULL;
HANDLE ThreadHandles[100];
int iThreadCount=0;
if (RegOpenKeyEx(HKEY_CURRENT_USER, TEXT("Startup"), 0, KEY_READ, &hKey) != ERROR_SUCCESS) {
return;
}
dwNameSize = MAX_APPSTART_KEYNAME;
dwValSize = MAX_APPSTART_KEYNAME * sizeof(WCHAR);
i = 0;
while (RegEnumValue(hKey, i, szName, &dwNameSize, 0, &dwType,(LPBYTE)szVal, &dwValSize) == ERROR_SUCCESS) {
if ((dwType == REG_SZ) && !wcsncmp(szName, TEXT("Process"), 7)) { // 7 for "Process"
// szval
wsprintf(szDelay,L"%sDelay",szName);
dwValSize=sizeof(dwDelay);
if (ERROR_SUCCESS == RegQueryValueEx(hKey,szDelay,0,&dwType,(LPBYTE)&dwDelay,&dwValSize)) {
// we now have the process name and the process delay - spawn a thread to "Sleep" and then create the process.
LPPROCESS_STRUCT ps=(LPPROCESS_STRUCT) LocalAlloc( LMEM_FIXED , sizeof( PROCESS_STRUCT));
ps->dwDelay=dwDelay;
wcscpy(ps->szName,szVal);
DWORD dwThreadID;
OutputDebugString(L"Creating Thread...\n");
HANDLE hThread=CreateThread(NULL,0,ProcessThread,(LPVOID)ps,0,&dwThreadID);
ThreadHandles[iThreadCount++]=hThread;
if (dwDelay > dwMaxTimeout) {
hWaitThread=hThread;
dwMaxTimeout=dwDelay;
}
LocalFree((HLOCAL) ps);
}
}
dwNameSize = MAX_APPSTART_KEYNAME;
dwValSize = MAX_APPSTART_KEYNAME * sizeof(WCHAR);
i++;
}
// wait on the thread with the longest delay.
DWORD dwWait=WaitForSingleObject(hWaitThread,INFINITE);
if (WAIT_FAILED == dwWait) {
OutputDebugString(L"Wait Failed!\n");
}
for(int x=0;x < iThreadCount;x++) {
CloseHandle(ThreadHandles[x]);
}
RegCloseKey(hKey);
}
DWORD WINAPI ProcessThread(LPVOID lpParameter)
{
TCHAR tcModuleName[MAX_APPSTART_KEYNAME];
OutputDebugString(L"Thread Created... Sleeping\n");
LPPROCESS_STRUCT ps=(LPPROCESS_STRUCT)lpParameter;
Sleep(ps->dwDelay); // Wait for delay period
OutputDebugString(L"Done Sleeping...\n");
PROCESS_INFORMATION pi;
STARTUPINFO si;
si.cb=sizeof(si);
OutputDebugString(L"Creating Process ");
OutputDebugString(ps->szName);
OutputDebugString(L"\n");
wcscpy(tcModuleName,ps->szName);
TCHAR *tcPtrSpace=wcsrchr(ps->szName,L' '); // Launch command has a space, assume command line.
if (NULL != tcPtrSpace) {
tcModuleName[lstrlen(ps->szName)-lstrlen(tcPtrSpace)]=0x00; // overwrite the space with null, break the app and cmd line.
tcPtrSpace++; // move past space character.
}
CreateProcess( tcModuleName, // Module Name
tcPtrSpace, // Command line -- NULL or PTR to command line
NULL, // Process handle not inheritable
NULL, // Thread handle not inheritable
FALSE, // Set handle inheritance to FALSE
0, // No creation flags
NULL, // Use parent's environment block
NULL, // Use parent's starting directory
&si, // Pointer to STARTUPINFO structure
&pi ); // Pointer to PROCESS_INFORMATION structure
OutputDebugString(L"Thread Exiting...\n");
return 0;
}
which compiled errorfree
Added the registry entries as shown above, copied the launcher's exe in default location, rebootet device. Nothing happened, means executable defined as
Code:
[HKEY_CURRENT_USER\Startup]
"Process1"="\NandFlash\SetBackLight.exe"
wasn't run at all.
Does anybody have an idea, where the error is? Any help appreciated. Thanks for reading.
I installed CWM 6.0.3.6. But it show this message when I enter recovery. I tried to disregard. But it is annoying.
So what does mean that, guys?
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
It happens to me too... duuno why is that...
Have you tried to wipe dalvik cache? Sometimes FAIL's to me ._.
DevastatingTech said:
I installed CWM 6.0.3.6. But it show this message when I enter recovery. I tried to disregard. But it is annoying.
So what does mean that, guys?
Click to expand...
Click to collapse
found this on github
This is not a bug, it's a simple warning after some CM SELinux changes. Nothing should break by this message
Click to expand...
Click to collapse
and this on xda
_alp1ne said:
This happened to me also, but it has nothing to do with flashing or anything. It is best to ignore as it only means some file it is reading has no context.
Click to expand...
Click to collapse
and it started after flashing CWM 6.0.3.6 from CM10.1 thread ...(for me)
so basically we're safe....
is nothing to worry about, but , if you want to be 100% sure, add a durex
copy from CyanogenMod Forum:
it looks like the error is related to SELinux. But it seems safe to ignore.
------------------------------------------------------------------------------
/*
* Copyright (C) 2009 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include "edify/expr.h"
#include "updater.h"
#include "install.h"
#include "minzip/Zip.h"
// Generated by the makefile, this function defines the
// RegisterDeviceExtensions() function, which calls all the
// registration functions for device-specific extensions.
#include "register.inc"
// Where in the package we expect to find the edify script to execute.
// (Note it's "updateR-script", not the older "update-script".)
#define SCRIPT_NAME "META-INF/com/google/android/updater-script"
struct selabel_handle *sehandle;
int main(int argc, char** argv) {
// Various things log information to stdout or stderr more or less
// at random. The log file makes more sense if buffering is
// turned off so things appear in the right order.
setbuf(stdout, NULL);
setbuf(stderr, NULL);
if (argc != 4) {
fprintf(stderr, "unexpected number of arguments (%d)\n", argc);
return 1;
}
char* version = argv[1];
if ((version[0] != '1' && version[0] != '2' && version[0] != '3') ||
version[1] != '\0') {
// We support version 1, 2, or 3.
fprintf(stderr, "wrong updater binary API; expected 1, 2, or 3; "
"got %s\n",
argv[1]);
return 2;
}
// Set up the pipe for sending commands back to the parent process.
int fd = atoi(argv[2]);
FILE* cmd_pipe = fdopen(fd, "wb");
setlinebuf(cmd_pipe);
// Extract the script from the package.
char* package_data = argv[3];
ZipArchive za;
int err;
err = mzOpenZipArchive(package_data, &za);
if (err != 0) {
fprintf(stderr, "failed to open package %s: %s\n",
package_data, strerror(err));
return 3;
}
const ZipEntry* script_entry = mzFindZipEntry(&za, SCRIPT_NAME);
if (script_entry == NULL) {
fprintf(stderr, "failed to find %s in %s\n", SCRIPT_NAME, package_data);
return 4;
}
char* script = malloc(script_entry->uncompLen+1);
if (!mzReadZipEntry(&za, script_entry, script, script_entry->uncompLen)) {
fprintf(stderr, "failed to read script from package\n");
return 5;
}
script[script_entry->uncompLen] = '\0';
// Configure edify's functions.
RegisterBuiltins();
RegisterInstallFunctions();
RegisterDeviceExtensions();
FinishRegistration();
// Parse the script.
Expr* root;
int error_count = 0;
yy_scan_string(script);
int error = yyparse(&root, &error_count);
if (error != 0 || error_count > 0) {
fprintf(stderr, "%d parse errors\n", error_count);
return 6;
}
struct selinux_opt seopts[] = {
{ SELABEL_OPT_PATH, "/file_contexts" }
};
sehandle = selabel_open(SELABEL_CTX_FILE, seopts, 1);
if (!sehandle) {
fprintf(stderr, "Warning: No file_contexts\n");
fprintf(cmd_pipe, "ui_print Warning: No file_contexts\n");
}
// Evaluate the parsed script.
UpdaterInfo updater_info;
updater_info.cmd_pipe = cmd_pipe;
updater_info.package_zip = &za;
updater_info.version = atoi(version);
State state;
state.cookie = &updater_info;
state.script = script;
state.errmsg = NULL;
char* result = Evaluate(&state, root);
if (result == NULL) {
if (state.errmsg == NULL) {
fprintf(stderr, "script aborted (no error message)\n");
fprintf(cmd_pipe, "ui_print script aborted (no error message)\n");
} else {
fprintf(stderr, "script aborted: %s\n", state.errmsg);
char* line = strtok(state.errmsg, "\n");
while (line) {
fprintf(cmd_pipe, "ui_print %s\n", line);
line = strtok(NULL, "\n");
}
fprintf(cmd_pipe, "ui_print\n");
}
free(state.errmsg);
return 7;
} else {
fprintf(stderr, "script result was [%s]\n", result);
free(result);
}
if (updater_info.package_zip) {
mzCloseZipArchive(updater_info.package_zip);
}
free(script);
return 0;
}
http://forum.cyanogenmod.com/topic/75956-cwm-on-nexus-4-after-43-update/
Okay guys, I will ignore this. Already, I hadn't any error. Thanks.