Difference between revisions of "M68AP"

From The iPhone Wiki
Jump to: navigation, search
(Software)
Line 20: Line 20:
 
=== Software ===
 
=== Software ===
   
  +
==== Stack ====
Everything here pertains to the non-3G iPhone.
 
   
  +
No detailed information so far.
The iPhone has a Bluetooth daemon called BTServer that serves the little the iPhone currently does. It is launched by the /sbin/launchd process. On killing the BTServer process, launchd restart it almost instantly. One can observe that BTServer itself launches the BlueTool utility. If bluetooth was set inactive in the control panel BTServer call /usr/sbin/BlueTool -f /etc/bluetool/iPhone1,1.deepsleep.script. If bluetooth was set active in the control panel it rather calls the /etc/bluetool/iPhone1,1.init.script.
 
  +
  +
==== Some preliminary hacking ====
  +
  +
Everything experimented here was performed on a 16GB original iPhone running the 2.0 firmware.
  +
  +
The iPhone has a Bluetooth daemon called BTServer that serves the little the iPhone currently does. It is launched by the /sbin/launchd process. On killing the BTServer process, launchd restart it almost instantly. It is possible to catch BTServer itself launches the BlueTool utility by rapidly displaying processes right after killing BTServer. If bluetooth was set inactive in the control panel, BTServer call /usr/sbin/BlueTool -f /etc/bluetool/iPhone1,1.deepsleep.script. On the other hand, If bluetooth was set active in the control panel, BTServer calls the /etc/bluetool/iPhone1,1.init.script.
   
 
The '/etc/bluetooth/pcm-example.script' does not seem to be relevant to the iPhone as it uses COM1. To verify that the other 2 scripts were really used.
 
The '/etc/bluetooth/pcm-example.script' does not seem to be relevant to the iPhone as it uses COM1. To verify that the other 2 scripts were really used.
Line 48: Line 54:
   
 
ChipAnaVer = A06 (???)
 
ChipAnaVer = A06 (???)
 
   
 
== References ==
 
== References ==

Revision as of 06:37, 8 September 2008

This is the original iPhone. It was released on June 29, 2007 with a price tag of $499 for the 4GB and $599 for the 8GB. A $200 price drop followed the release of the phone. Later, the 4GB model was discontinued, with the 8GB model filling it's place and a new 16GB model filling the high end.

Internals

See: M68ap (Internals)[1]

Baseband

The iPhone uses the S-Gold 2 baseband chip

Application Processor

It makes use of the S5L8900 application processor. At the time, the iPhone, iPhone 3G, and iPod Touch all use this same processor.

Bluetooth

Chip

Uses the CSR BlueCore4 Chip (BC41B41) (see high resolution picture above)

Software

Stack

No detailed information so far.

Some preliminary hacking

Everything experimented here was performed on a 16GB original iPhone running the 2.0 firmware.

The iPhone has a Bluetooth daemon called BTServer that serves the little the iPhone currently does. It is launched by the /sbin/launchd process. On killing the BTServer process, launchd restart it almost instantly. It is possible to catch BTServer itself launches the BlueTool utility by rapidly displaying processes right after killing BTServer. If bluetooth was set inactive in the control panel, BTServer call /usr/sbin/BlueTool -f /etc/bluetool/iPhone1,1.deepsleep.script. On the other hand, If bluetooth was set active in the control panel, BTServer calls the /etc/bluetool/iPhone1,1.init.script.

The '/etc/bluetooth/pcm-example.script' does not seem to be relevant to the iPhone as it uses COM1. To verify that the other 2 scripts were really used.

In order to fool around with bluetooth it seems necessary to prevent the BTServer from being loaded. The System/Library/LaunchDaemons/com.apple.BTServer.plist file can be edited. There is a 'disabled' key set to false by default. Setting it true will prevent BTServer from being started. With that small change I kind of experienced that GUI was really irresponsive. With BTServer completely deactivated, the control panel bluetooth item should say 'inactive' and the toggle switch set inactive.

Output from iPhone built-in tools:

bluetool-> hci info

Radio Manufacturer: CSR Bluetooth HCI Specification: Version 2.0

Bluetooth Address: 00:02:5b:00:a5:a5

bluetool-> csr -V

CSR BlueCore Version 0x0003, Revision 0x0030, Build: A06

From CSR' BlueCore BCCMD Commands Document (bcore-sp-005Pe)

ChipVer = 0x03, BlueCore3-Multimedia, BlueCore3-ROM, BlueCore3-FLASH, BlueCore4-External, BlueCore4-ROM

ChipRev = 0x30, BlueCore4-ROM

ChipAnaVer = A06 (???)

References

[1] iPhone semiconductor components

Analysts crack open the iPhone, reveal chip suppliers

Apple's iPhone Dissected: We did it, so you don't have to

Hwb iPhone