comparison doc/PLMN-list-commands @ 200:bca0f86d9efe

doc/PLMN-list-commands article written
author Mychaela Falconia <falcon@freecalypso.org>
date Sun, 07 Mar 2021 03:41:06 +0000
parents
children
comparison
equal deleted inserted replaced
199:7ecc08e55d39 200:bca0f86d9efe
1 GSM SIM specs define EF_PLMNsel and EF_FPLMN as containing lists of preferred
2 and forbidden PLMNs, respectively. Both files are defined as writable by
3 ordinary users, requiring only CHV1 access for both reading and writing - and
4 both files are indeed user-writable on Grcard and Sysmocom SIMs. However, some
5 operator-issued SIMs (specifically T-Mobile USA) implement an underhanded trick:
6 whenever we try to write anything to either of these two files, the write
7 operation appears to succeed (SW 0x9000), but the byte content of the SIM file
8 remains unchanged. Therefore, writability of these files by ordinary end users
9 on regular operator-issued SIMs should be regarded as questionable.
10
11 fc-simtool provides high-level commands for both dumping (reading) and writing
12 both EF_PLMNsel and EF_FPLMN. Here are the commands for EF_PLMNsel:
13
14 plmnsel-dump
15
16 This command dumps the full content of EF_PLMNsel.
17
18 plmnsel-write index mcc-mnc
19
20 This command writes a single entry into EF_PLMNsel. The first argument is the
21 0-based index of the entry position to write into, and the second argument is
22 the PLMN code as in MCC-MNC.
23
24 plmnsel-write-list plmn-list-file
25
26 This command overwrites the entire EF_PLMNsel SIM file with a user-specified
27 PLMN list given in an ASCII data file. The file must contain PLMN codes
28 (MCC-MNC) separated by white space; any lines or line tails beginning with '#'
29 are treated as comments. Output from a previous plmnsel-dump is acceptable
30 input to plmnsel-write-list. PLMN codes are written into EF_PLMNsel from index
31 0 onward; any unused space at the end is filled with FF bytes.
32
33 plmnsel-erase start-index [end-index]
34
35 This command erases a single entry position or a range of entry positions in
36 EF_PLMNsel. Because EF_PLMNsel is a transparent EF (not record-based) at the
37 SIM protocol level, our numbering of entry positions in this file is 0-based,
38 rather than the 1-based convention used for record-based SIM files. Keyword
39 "end" may be specified instead of the final index, meaning erase to the end of
40 the file.
41
42 plmnsel-erase-all
43
44 This command overwrites the entire EF_PLMNsel SIM file with FF bytes,
45 corresponding to fully erased state. This command is more efficient than
46 'plmnsel-erase 0 end', as the operation is performed with a single UPDATE BINARY
47 SIM protocol command.
48
49 The commands for EF_FPLMN parallel those for EF_PLMNsel: simply replace
50 plmnsel-* with fplmn-*; all arguments are the same.