Sunday, April 26, 2009

0xlab grand opening!

yup! 0xlab is opening now!!

Thursday, April 23, 2009

watch youtube in android

From Android supported media page, we can see they don't support FLV files. It means we cannot watch youtube videos in Android SDK 1.5 version. Therefore, here is a easy way and it allows you to download MP4 video file from youtube website. These are steps you need to do in Android.

1. open browser to youtube web site and search the video you want

2. before you click the video to play, press menu and select 'Go'

3. modify the current URL and insert 'pwn' to 'youtube'
eg. ==>

4. it would transfer to 'pwnyoutube' website

5. click to 'Download High Quality Video (MP4)'

6. this file is mp4 video format and android allows to play this format

Another way to see youtube in Android, here is a hint from olv's blog. Since he can run a cairo program via frame buffer, i believe we can run a mplayer program via frame buffer too. Therefore, we should be able to run any video formats that mplayer can support. Here is a video 'mplayer on Android' in YouTube.

Thursday, April 9, 2009

[android] trace radio interface layer (RIL) by two emulators

I study android from this week and my entry point is based on my related GSM network experiences. Yeah! Let's start it from code tracing: how to register to the network, how to receive/dial a phone call, how to send/receive a SMS message...etc...

A. Set up the working environment: my machine is ubuntu 8.10, kernel is 2.6.27-11-generic.

1. download Android SDK
unzip the file, and you will see theses two tools ( emulator & adb) we need.

2. download Android source code
just follow the steps, and type 'make', then i get it all done. (yes, i'm a lucky person!)

B. Let's have fun with multiple emulator:
1. prepare two terminals:

terminal A: $emulator -skin HVGA-P -data lib/images/userdata.img -debug modem,radio -scale 0.5
terminal B: $emulator -skin HVGA-L -data lib/images/userdata2.img -debug modem,radio -scale 0.5

2. it would come out with two emulators: (I changed one of them to use iPhone skin!)

3. When both of them camp to the 'Android' network, use Dialer in emulator-5554 and dial '5556', then it would display an incoming call in emulator-5556. (5554 and 5556 are their port number)

4. Answer the incoming call in emulator-5556 and then hang up in emulator-5554. (You will receive different events if you hang up in emulator-5556.)

5. DONE! Let's get the log date from both of them.

$adb -s emulator-5554 logcat -b radio -d > radio.5554
$adb -s emulator-5556 logcat -b radio -d > radio.5556
$adb -s emulator-5554 logcat *:D -d > debugall.5554
$adb -s emulator-5556 logcat *:D -d > debugall.5556

C. Check the RIL process by these photos

D. How to dial out a call in Android? I traced the radio log and make sure the whole procedure and the source code.
DIAL out a phone call: (MO call)

from top UI to bottom,
[App] Phone Application ---> [App Framework] Telephony Manager (GSM) --->
[App Framework] Telephony Manager (RIL) ---> [Libraries] Telephony Manager
---> [Libraries] rild ---> [Libraries] ---> [Kernel Driver] Baseband

RIL: /hardware/ril/reference-ril/refereince-ril.c
AT: /hardware/ril/reference-ril/atchannel.c
RILD: /hardware/ril/rild/rild.c
RILC: /hardware/ril/libril/ril.cpp
RILJ: /frameworks/base/telephony/java/com/android/internal/telephony/gsm/
GSM: /frameworks/base/telephony/java/com/android/internal/telephony/gsm/

D/RILJ ( 85): [0053]> DIAL
D/RIL ( 22): onRequest: DIAL
D/AT ( 22): AT> ATD5556;
D/AT ( 22): AT< OK

D/GSM ( 85): [GSMConn] update: parent=DIALING, hasNewParent=false, wasConnectingInOrOut=true,
wasHolding=false, isConnectingInOrOut=true, changed=false
D/AT ( 22): AT< RING
D/RILJ ( 85): [0059]> SET_MUTE false
D/RIL ( 22): onRequest: SET_MUTE
D/RILJ ( 85): [0059]< SET_MUTE error:
D/RIL ( 22): onRequest: GET_CURRENT_CALLS
D/AT ( 22): AT> AT+CLCC
D/AT ( 22): AT< +CLCC: 1,0,3,0,0,"5556",129
D/AT ( 22): AT< OK

D/RILJ ( 85): [0124]< GET_CURRENT_CALLS [id=1,mo,ACTIVE,voice,norm,129,0]
D/GSM ( 85): [GSMConn] update: parent=ACTIVE, hasNewParent=false, wasConnectingInOrOut=
false, wasHolding=false, isConnectingInOrOut=false, changed=false
D/RILJ ( 85): WAKE_LOCK_TIMEOUT mReqPending=0 mRequestList=1
D/GSM ( 85): [CallTracker] hangupForegroundResumeBackground
D/AT ( 22): AT> AT+CHLD=1
D/AT ( 22): AT< OK

PS. Above logs are all from emulator-5554! ATD: dial command in modem, AT+CLCC: List current calls, AT+CHLD: Releases all active calls