Hi,
> I have been looking around in the source code a lot, and there many functions that are used for transmit and receive.
Yes there are ... The actual submission of L2 packets for TX to the DSP is in prim_tx_nb.c.
This is what gives the DSP the command. But if _all_ the rest of the environment (basically all the rest of L1) is not in the exact right state ... it won't do what you ask.
There is no way around it, you have to see L1 in its globality to understand.
Now if you want the higher function (from the host side), then it's the L1CTL_DATA_REQ message you must look at.
> Which are the right few to use?
Well they all have their role to play. It's not at all like network where you have 'send a packet' ... here there is a whole context that matters.
> Is there any way to send a text message to a different phone by simulating a base station?
No.
> Do I need two phones or one phone to transmit and receive as a base station?
You need much more than that. And before you even think about this, get more familiar about of a phone works as designed before trying to make it do stuff it's not designed to do.
> Is there any way to make a half duplex base station on a BCCH channel with only one subscriber phone at a time, and what would that entail code-wise?
There is no way to make a 'half duplex' base station, it just won't work. It's been tried with a modified OpenBTS and without a continuous RF power signal on C0, the phones won't lock to it.
> Would it be legal to run a very low power base station in the USA on a different unused cellular band/frequency?
No.
And since the phone can blast > 1W of RF power, you can easily disrupt stuff so be careful.
For any testing of undesigned functions you should connect the phone in a closed loop to some testing equipement (network analyzer / MS testers / spectum analyzers ...).
Or at the very least disconnect the antenna, put a dummy load in its place and test in a deep basement or something.
Cheers,
Sylvain