QMI(Qualcomm MSM Interface,官方名称应该是Qualcomm Message Interface)是高通用来替代OneRPC/DM的协议,用来与modem通信。

QMI协议定义了多个服务: DMS(设备管理Device Management) 提供载入 设备信息的功能 NAS(网络访问Network Access)提供欧冠你注册网络的动作 WDS(数据连接) PDS(GPS定位报告) UIM(管理User Identity Module) CTL(控制服务:用户发起其他服务请求前,必须先申请 ClientID, 这个ID就是由控制服务分配的, 这个服务永远在线)

协议里的每个服务都定义了 请求和响应 (也叫做 Indication) 每个请求响应都有一个匹配的ID,这样用户可以一次发出多个请求。并且响应也不必严格按照请求的顺序进行回应。

Indication作为主动提供的消息, 要么发送给某个特定的客户端, 要么是广播消息(广播给所有使用这个服务的客户)。 通常情况下,用户需要通过一些请求/响应 来打开indication

协议中的每条消息都定义了一系列输入(在请求中才有输入)参数,或者输出(在响应或者indications中才有输出)参数。 这些参数,我们命名为TLV

QMI协议可以通过Linux kernels (>= 3.4)来访问。载入cdc-wdm和qmi_wwan之后即可

$ lsmod

...

qmi_wwan               20971  0

cdc_wdm                17427  1 qmi_wwan

...

usbnet                 30844  3 rndis_host,qmi_wwan,cdc_ether

usbcore               195340  14 rndis_host,rt2x00usb,usb_storage,rt2800usb,ehci_hcd,ehci_pci,qmi_wwan,usbhid,usbnet,cdc_wdm,xhci_hcd,cdc_ether

https://packages.debian.org/sid/libqmi-glib1 (/usr/lib/x86_64-linux-gnu/libqmi-glib.so.1) https://packages.debian.org/jessie/libqmi-utils (/usr/bin/qmi-network) (/usr/bin/qmicli) https://packages.debian.org/sid/libqmi-glib-dev

设置适当的usb模式

# setprop sys.usb.config diag,serial_smd,serial_tty,rmnet_bam,mass_storage,adb

在PC上可以看到

$ ls -la /dev/cdc*

crw------- 1 root root 180, 0 10月 12 20:29 /dev/cdc-wdm0

演示

# qmicli -d /dev/cdc-wdm0 --dms-get-revision

[/dev/cdc-wdm0] Device revision retrieved:

	Revision: 'M8626A-AAAANAZM-1.1.00759  1  [Dec 31 2013 03:00:00]'

# qmicli -d /dev/cdc-wdm0 --dms-uim-get-imsi

[/dev/cdc-wdm0] UIM IMSI retrieved:

	IMSI: '204043154974997'

# qmicli -d /dev/cdc-wdm0 --dms-uim-get-iccid

[/dev/cdc-wdm0] UIM ICCID retrieved:

	ICCID: '89860313100205205744'

# qmicli -d /dev/cdc-wdm0 --dms-get-capabilities

[/dev/cdc-wdm0] Device capabilities retrieved:

	Max TX channel rate: '1800000'

	Max RX channel rate: '3100000'

	       Data Service: 'non-simultaneous-cs-ps'

	                SIM: 'supported'

	           Networks: 'cdma20001x, evdo, gsm'

# qmicli -d /dev/cdc-wdm0 --dms-get-ids

[/dev/cdc-wdm0] Device IDs retrieved:

	 ESN: 'C33BA980'

	IMEI: '355991020927480'

	MEID: 'A1000051CA0BE1'

# qmicli -d /dev/cdc-wdm0 --dms-get-band-capabilities

[/dev/cdc-wdm0] Device band capabilities retrieved:

	Bands: 'bc-0-a-system, bc-0-b-system, gsm-dcs-1800, gsm-900-extended, gsm-850, gsm-pcs-1900'

	LTE bands: '(null)'

v# qmicli -d /dev/cdc-wdm0 --nas-get-system-selection-preference

[/dev/cdc-wdm0] Successfully got system selection preference

	Emergency mode: 'no'

	Mode preference: 'cdma-1x, cdma-1xevdo, gsm'

	Band preference: 'bc-0-a-system, bc-0-b-system, bc-1-all-blocks, bc-2, bc-3-a-system, bc-4-all-blocks, bc-5-all-blocks, gsm-dcs-1800, gsm-900-extended, gsm-900-primary, bc-6, bc-7, bc-8, bc-9, bc-10, bc-11, gsm-450, gsm-480, gsm-750, gsm-850, gsm-900-railways, gsm-pcs-1900, wcdma-2100, wcdma-pcs-1900, wcdma-dcs-1800, wcdma-1700-us, wcdma-850-us, wcdma-800, bc-12, bc-14, wcdma-2600, wcdma-900, wcdma-1700-japan, bc-16, bc-17, bc-18, bc-19'

	LTE band preference: '(null)'

	TD-SCDMA band preference: 'a, b, c, d, e, f'

	CDMA PRL preference: 'any'

	Roaming preference: 'any'

	Network selection preference: 'automatic'

	Service domain preference: 'cs-ps'

	Service selection preference: 'wcdma'

代码  http://cgit.freedesktop.org/libqmi

详细调试信息

v# qmicli -d /dev/cdc-wdm0 -v  --dms-get-ids

[12 10月 2014, 20:55:31] [Debug] [/dev/cdc-wdm0] Opening device with flags 'none'...

[12 10月 2014, 20:55:31] [Debug] QMI Device at '/dev/cdc-wdm0' ready

[12 10月 2014, 20:55:31] [Debug] [/dev/cdc-wdm0] Assuming service 'dms' is supported...

[12 10月 2014, 20:55:31] [Debug] [/dev/cdc-wdm0] Allocating new client ID...

[12 10月 2014, 20:55:31] [Debug] [/dev/cdc-wdm0] Sent message...

<<<<<< RAW:

<<<<<<   length = 16

<<<<<<   data   = 01:0F:00:00:00:00:00:01:22:00:04:00:01:01:00:02

[12 10月 2014, 20:55:31] [Debug] [/dev/cdc-wdm0] Sent message (translated)...

<<<<<< QMUX:

<<<<<<   length  = 15

<<<<<<   flags   = 0x00

<<<<<<   service = "ctl"

<<<<<<   client  = 0

<<<<<< QMI:

<<<<<<   flags       = "none"

<<<<<<   transaction = 1

<<<<<<   tlv_length  = 4

<<<<<<   message     = "Allocate CID" (0x0022)

<<<<<< TLV:

<<<<<<   type       = "Service" (0x01)

<<<<<<   length     = 1

<<<<<<   value      = 02

<<<<<<   translated = dms

[12 10月 2014, 20:55:31] [Debug] [/dev/cdc-wdm0] Received message...

>>>>>> RAW:

>>>>>>   length = 24

>>>>>>   data   = 01:17:00:80:00:00:01:01:22:00:0C:00:02:04:00:00:00:00:00:01:02:00:02:03

[12 10月 2014, 20:55:31] [Debug] [/dev/cdc-wdm0] Received message (translated)...

>>>>>> QMUX:

>>>>>>   length  = 23

>>>>>>   flags   = 0x80

>>>>>>   service = "ctl"

>>>>>>   client  = 0

>>>>>> QMI:

>>>>>>   flags       = "response"

>>>>>>   transaction = 1

>>>>>>   tlv_length  = 12

>>>>>>   message     = "Allocate CID" (0x0022)

>>>>>> TLV:

>>>>>>   type       = "Result" (0x02)

>>>>>>   length     = 4

>>>>>>   value      = 00:00:00:00

>>>>>>   translated = SUCCESS

>>>>>> TLV:

>>>>>>   type       = "Allocation Info" (0x01)

>>>>>>   length     = 2

>>>>>>   value      = 02:03

>>>>>>   translated = [ service = 'dms' cid = '3' ]

[12 10月 2014, 20:55:31] [Debug] [/dev/cdc-wdm0] Registered 'dms' (version unknown) client with ID '3'

[12 10月 2014, 20:55:31] [Debug] Asynchronously getting IDs...

[12 10月 2014, 20:55:31] [Debug] [/dev/cdc-wdm0] Sent message...

<<<<<< RAW:

<<<<<<   length = 13

<<<<<<   data   = 01:0C:00:00:02:03:00:01:00:25:00:00:00

[12 10月 2014, 20:55:31] [Debug] [/dev/cdc-wdm0] Sent message (translated)...

<<<<<< QMUX:

<<<<<<   length  = 12

<<<<<<   flags   = 0x00

<<<<<<   service = "dms"

<<<<<<   client  = 3

<<<<<< QMI:

<<<<<<   flags       = "none"

<<<<<<   transaction = 1

<<<<<<   tlv_length  = 0

<<<<<<   message     = "Get IDs" (0x0025)

[12 10月 2014, 20:55:31] [Debug] [/dev/cdc-wdm0] Received message...

>>>>>> RAW:

>>>>>>   length = 66

>>>>>>   data   = 01:41:00:80:02:03:02:01:00:25:00:35:00:02:04:00:00:00:00:00:12:0E:00:41:31:30:30:30:30:35:31:43:41:30:42:45:31:10:08:00:43:33:33:42:41:39:38:30:11:0F:00:33:35:35:39:39:31:30:32:30:39:32:37:34:38:30

[12 10月 2014, 20:55:31] [Debug] [/dev/cdc-wdm0] Received message (translated)...

>>>>>> QMUX:

>>>>>>   length  = 65

>>>>>>   flags   = 0x80

>>>>>>   service = "dms"

>>>>>>   client  = 3

>>>>>> QMI:

>>>>>>   flags       = "response"

>>>>>>   transaction = 1

>>>>>>   tlv_length  = 53

>>>>>>   message     = "Get IDs" (0x0025)

>>>>>> TLV:

>>>>>>   type       = "Result" (0x02)

>>>>>>   length     = 4

>>>>>>   value      = 00:00:00:00

>>>>>>   translated = SUCCESS

>>>>>> TLV:

>>>>>>   type       = "Meid" (0x12)

>>>>>>   length     = 14

>>>>>>   value      = 41:31:30:30:30:30:35:31:43:41:30:42:45:31

>>>>>>   translated = A1000051CA0BE1

>>>>>> TLV:

>>>>>>   type       = "Esn" (0x10)

>>>>>>   length     = 8

>>>>>>   value      = 43:33:33:42:41:39:38:30

>>>>>>   translated = C33BA980

>>>>>> TLV:

>>>>>>   type       = "Imei" (0x11)

>>>>>>   length     = 15

>>>>>>   value      = 33:35:35:39:39:31:30:32:30:39:32:37:34:38:30

>>>>>>   translated = 355991020927480

[/dev/cdc-wdm0] Device IDs retrieved:

	 ESN: 'C33BA980'

	IMEI: '355991020927480'

	MEID: 'A1000051CA0BE1'

[12 10月 2014, 20:55:31] [Debug] [/dev/cdc-wdm0] Releasing 'dms' client with flags 'release-cid'...

[12 10月 2014, 20:55:31] [Debug] [/dev/cdc-wdm0] Unregistered 'dms' client with ID '3'

[12 10月 2014, 20:55:31] [Debug] [/dev/cdc-wdm0] Sent message...

<<<<<< RAW:

<<<<<<   length = 17

<<<<<<   data   = 01:10:00:00:00:00:00:02:23:00:05:00:01:02:00:02:03

[12 10月 2014, 20:55:31] [Debug] [/dev/cdc-wdm0] Sent message (translated)...

<<<<<< QMUX:

<<<<<<   length  = 16

<<<<<<   flags   = 0x00

<<<<<<   service = "ctl"

<<<<<<   client  = 0

<<<<<< QMI:

<<<<<<   flags       = "none"

<<<<<<   transaction = 2

<<<<<<   tlv_length  = 5

<<<<<<   message     = "Release CID" (0x0023)

<<<<<< TLV:

<<<<<<   type       = "Release Info" (0x01)

<<<<<<   length     = 2

<<<<<<   value      = 02:03

<<<<<<   translated = [ service = 'dms' cid = '3' ]

[12 10月 2014, 20:55:31] [Debug] [/dev/cdc-wdm0] Received message...

>>>>>> RAW:

>>>>>>   length = 24

>>>>>>   data   = 01:17:00:80:00:00:01:02:23:00:0C:00:02:04:00:00:00:00:00:01:02:00:02:03

[12 10月 2014, 20:55:31] [Debug] [/dev/cdc-wdm0] Received message (translated)...

>>>>>> QMUX:

>>>>>>   length  = 23

>>>>>>   flags   = 0x80

>>>>>>   service = "ctl"

>>>>>>   client  = 0

>>>>>> QMI:

>>>>>>   flags       = "response"

>>>>>>   transaction = 2

>>>>>>   tlv_length  = 12

>>>>>>   message     = "Release CID" (0x0023)

>>>>>> TLV:

>>>>>>   type       = "Result" (0x02)

>>>>>>   length     = 4

>>>>>>   value      = 00:00:00:00

>>>>>>   translated = SUCCESS

>>>>>> TLV:

>>>>>>   type       = "Release Info" (0x01)

>>>>>>   length     = 2

>>>>>>   value      = 02:03

>>>>>>   translated = [ service = 'dms' cid = '3' ]

[12 10月 2014, 20:55:31] [Debug] Client released

参考资料 http://sigquit.wordpress.com/2012/08/20/an-introduction-to-libqmi/ http://www.lanedo.com/users/amorgado/talks/FOSDEM2013%20-%20Mobile%20broadband%20modem%20control%20protocols.pdf http://blogs.gnome.org/dcbw/2010/04/15/mobile-broadband-and-qualcomm-proprietary-protocols/

usb网络接口 ECM: Ethernet Control Model       802.3 ethernet frames 以太网控制模型

NCM: Network Control Model

MBIM协议 (由高通,爱立信,微软等开发, USB论坛发布) 内核驱动是 cdc_mbim (Linux Kernel >= 3.8) 设备是  /dev/cdc-wdm libmbim mbimcli(libmbim-utils)

 mbimcli

 -d /dev/cdc-wdm1

 --basic-connect-query-subscriber-ready-status

在ChromiumOS上也实现了部分QMI协议 https://chromium.googlesource.com/chromiumos/platform/libqmi/+/master/src/

高通QMI协议的更多相关文章

  1. 高通 QC协议 谷歌 PD协议

    高通  QC协议  谷歌  PD协议 上述协议是两款充电协议 现在已经应用于智能设备的充电中了 https://jingyan.baidu.com/article/7908e85cb04b1baf48 ...

  2. 高通9X07模块QMI架构使用入门

    QMI(Qualcomm Message Interface) 高通用来替代OneRPC/DM的协议,用来与modem通信.本文是摸索高通QMI机制一点经验,重点解读了如果建立拨号连接,仅供参考.qm ...

  3. android 6.0 高通平台sensor 工作机制及流程(原创)

    最近工作上有碰到sensor的相关问题,正好分析下其流程作个笔记. 这个笔记分三个部分: sensor硬件和驱动的工作机制 sensor 上层app如何使用 从驱动到上层app这中间的流程是如何 Se ...

  4. 高通HAL层之Sensor HAL

    高通的HAL层其实分为两种,一种是直接从kernel这边报数据上来的,由sensor HAL层来监听,另一种是走ADSP的模式,HAL层是通过qmi的形式进行监听的: 走ADSP架构的可以看下面的博客 ...

  5. 高通 MSM8K bootloader : SBL1 .

    一. MSM8K Boot Flow 图1: 高通MSM8K平台bootloader启动流程基本类似,但具体各平台,比如MSM8974.MSM8916.MSM8994等,会有微小区别. 从上图,可以看 ...

  6. 高通 MSM8K bootloader之一: SBL1

    MSM8K Boot Flow  转自:http://www.cnblogs.com/liang123/p/6325257.html            http://blog.csdn.net/F ...

  7. 高通LCD的pwm背光驱动

    发生异常的现象: msm8953 lcd在快速亮灭的情况下背光概率性休眠不灭:测量高通pwm,发现正常的时候pwm的管脚LCM_BL_PWM为低电平,失败的时候为高电平: 根据原理图: mpp是什么? ...

  8. 高通camera结构【转】

    本文转载自:http://www.cnblogs.com/whw19818/p/5853407.html 摄像头基础介绍 一.摄像头结构和工作原理. 拍摄景物通过镜头,将生成的光学图像投射到传感器上, ...

  9. 高通camera结构(摄像头基础介绍)

    摄像头基础介绍 一.摄像头结构和工作原理. 拍摄景物通过镜头,将生成的光学图像投射到传感器上,然后光学图像被转换成电信号,电信号再经过模数转换变为数字信号,数字信号经过DSP加工处理,再被送到电脑中进 ...

随机推荐

  1. 高并发下linux ulimit优化

    系统性能一直是一个受关注的话题,如何通过最简单的设置来实现最有效的性能调优,如何在有限资源的条件下保证程序的运作,ulimit 是我们在处理这些问题时,经常使用的一种简单手段.ulimit 是一种 l ...

  2. 算法训练 P1103

      算法训练 P1103   时间限制:1.0s   内存限制:256.0MB      编程实现两个复数的运算.设有两个复数 和 ,则他们的运算公式为: 要求:(1)定义一个结构体类型来描述复数. ...

  3. Eclipse之NDK编译-- Type 'jint' could not be resolved, and JNIEnv, jclass错误解决办法

    最近在研究面部识别美白相关的功能.使用的是opencv,就去研究了.今天正好有空就把安装了ndk,安装完成之后就试图去编译demo程序,hellow-jni c代码,一开始编辑就报错了3个错误信息: ...

  4. zookeeper 入门指导

      zookeeper数据模型 zookeeper有一个层级命名空间,和一个分布式文件系统非常相似 .唯一的不同是每个节点可以有关联的数据,子节点也是.就像有一个文件系统,并且允许文件可以是一个目录. ...

  5. each遍历 的原理

    <!DOCTYPE html><html> <head> <meta charset="UTF-8"> <title>& ...

  6. StyleCop 是什么,可以帮助团队带来什么价值?

    StyleCop 本质上是一个 C# 源代码规则分析器,可以帮助团队成员强制执行一组代码样式和一致性规则. 本文将简述 StyleCop 以及它能为团队带来的价值. 本文内容 StyleCop 是什么 ...

  7. Windows 10中更新Anaconda和第三方包

    =============================== 作为专业的Python开发者,Anaconda包肯定很熟悉 下面总结一下Anaconda的升级和维护 步骤一: 打开cmd,切换到Ana ...

  8. C# NPOI导出Excel和EPPlus导出Excel

    转自:http://www.cnblogs.com/tanpeng/p/6155749.html 系统中经常会使用导出Excel的功能.之前使用的是NPOI,但是导出数据行数多就报内存溢出. 最近看到 ...

  9. 移动端 元素外面使用伪类after加边框 导致其内部元素无法选中

    解决方法:给内部元素增加属性 position: relative; z-index: 3; 这样就能选中其内部元素了.

  10. /etc/inittab 学习

    1.文件内容 2.内容讲解 http://www.2cto.com/os/201108/98426.html init的进程号是1(ps -aux | less),从这一点就能看出,init进程是系统 ...