First small steps toward free GSM firmware

[Michael Spacefalcon]

Hello Om community,

I am very pleased to announce that after many years of searching, I
have finally found a copy of TI's firmware deliverable package for
their Leonardo development board, i.e., for their Calypso/Iota/Rita
chipset reference platform.  It is the package which TI must have
given to all of their chipset customers including Nokia, Motorola,
Compal, FIC/Openmoko, LG, BenQ and many others, and which was used by
all of these companies as the starting point for making their unique
proprietary firmwares.  This Leonardo firmware source can be found
here:

ftp://ftp.ifctf.org/pub/GSM/TI_src/Sotovik/

It is a source with some object blobs unfortunately (but that was
expected), but it is complete in that one can build a functional fw
image from the included sources and object libraries.  This original
code will NOT run on a GTA0x modem; it runs on the Leonardo board
instead.  If you are curious as to what the Leonardo board looks
like, you can see a picture of it on page 10 of this TI document:

ftp://ftp.ifctf.org/pub/GSM/Calypso/chipsets+refdesigns.pdf

However, I have known for a long time that Om's GSM modem is actually
very close to the Leonardo board in terms of how the Calypso/Iota/RF
chip interconnections are wired.  (I already knew this fact ~2y ago
when I first saw the doc/calypso-signals.txt file in the OsmocomBB git
tree - read that text file and judge for yourselves.)  The implication
from this hardware similarity is that it should be quite easy to take
firmware code that runs on the Leonardo board and port it to run on
the GTA0x modem instead.

I have just proven the above hypothesis by producing a leo2moko port,
i.e., a port from Leonardo to moko.  You can find the Wine-buildable
source here:

ftp://ftp.ifctf.org/pub/GSM/FreeCalypso/

You can build that source under Wine (see instructions in the README
file inside the tarball) and produce an S-record image which you can
then flash into your GTA0x GSM modem with fc-loadtool - the latter is
my free replacement for TI's proprietary FLUID.

My own limited experiments indicate that this firmware is able to dial
voice calls (makes the other party's phone ring), receive voice calls
(I dial the number of the test SIM card in my GTA02 and see RING
messages appearing in the AT command channel), and even make CSD
(circuit-switched data) calls successfully - being the outlaw that I
am, I take great joy in playing with CSD (which I plan on using for
encrypted voice further down the road) and thereby showing my middle
finger to the NSA etc.  However, I have NOT fully tested the "normal"
voice call operation: I have only verified that the fw places and
answers these calls, but I haven't tested the actual voice audio.  The
latter omission exists because I have very poor understanding of the
Linux-based software that needs to run on the GTA0x AP, and on my test
GTA02 I run a very minimal buildroot environment on the AP.  I have
not yet figured out how to configure the AP-controlled audio system to
pass the voice path between the GSM modem and the physical earpiece
and mic, hence my current inability to test this voice path.

Therefore, I encourage other community members to play with this
firmware and see if it actually works end-to-end for voice calls.

Viva la Revolucion,
SF