SIMLock锁卡功能解析

SIMLock锁卡功能解析 - 桀骜不驯24 - 博客园

一、锁卡背景介绍

  锁卡即SIMLock,当手机开机启动或者插入SIM卡时,手机modem侧预置在NV项中的配置信息会与SIM卡中的信息做比对,检测是否匹配。若匹配,则SIM卡可以正常使用。若不匹配,则SIM卡相关功能均无法正常使用,例如拨打电话、发送短信及上网等;或者是只能注册2G网,不能注册4G。

  锁卡的目的:一些运营商会要求控制某一类卡的使用,从而保护自己的利益(运营商定制机)

  SIMLock锁和图案锁,数字密码锁,PIN码锁,PUK锁一样,是Keyguard模块中的一种锁。

二、锁卡的需求

  锁卡的需求方式有7种之多,常见的有NP锁,NS锁,CP锁,SP锁等

  从安卓机器来看,目前最常用的是SP锁(MCC/MNC),本文将解析SP锁的加锁流程

三、锁卡流程解析

  1.首先modem侧检测SIM卡的配置信息并与之作比对,若匹配则继续加载SIM卡,若不匹配,则上报加锁信息

  2.RIL层检测到modem上报的加锁信息,然后发送给framework层,最终在AP层监测到事件:

  3.AP层显示出锁卡界面,要求用户输入解锁码进行解锁

四、相关流程图

1.加锁流程图

2.解锁流程图

五、代码解析

  MTK平台已经支持SIMLock功能,但只能在代码中写固定的MCC/MNC,不能灵活配置。即一套代码只能对应一套对应的锁卡配置信息,对于手机厂商来说,显然不满足需求,发货国家遍布全球,锁卡配置信息均不同,代码版本太多无法管理,故肯定要废弃MTK的这套SIMLock功能。

(1)modem侧客制化

  涉及的代码文件:



  1. custom/modem/common/ps/custom_nvram_extra.c
    2. 

  2. custom/modem/common/ps/customer_at_command.c
    3. 

  3. custom/service/nvram/custom_nvram_sec.c
    4. 

  4. custom/service/nvram/custom_nvram_sec.h
    5. 

  5. interface/service/nvram/nvram_data_items.h
    6. 

  6. service/nvram/src/nvram_factory_config.c
    7. 

  7. service/nvram/src/nvram_main.c


a.扩展锁卡配置信息的组数


  custom_nvram_sec.h


  #define SML_MAX_SUPPORT_CAT_N       50

      初始化数组的时候,需要添加对应的默认配置信息




  • const nvram_sml_context_struct NVRAM_EF_SML_DEFAULT =
    • 

  • { SML_MAGIC_HEAD_VALUE,
    • 

  • {{SML_STATE_UNLOCK,SML_RETRY_COUNT_N_CAT,0,0}, /* Category N */
    • 

  • {SML_STATE_UNLOCK,SML_RETRY_COUNT_NS_CAT ,0,0}, /* Category NS */
    • 

  • {SML_STATE_UNLOCK,SML_RETRY_COUNT_SP_CAT ,0,0}, /* Category SP */
    • 

  • {SML_STATE_UNLOCK,SML_RETRY_COUNT_C_CAT ,0,0}, /* Category C */
    • 

  • {SML_STATE_UNLOCK,SML_RETRY_COUNT_SIM_CAT ,0,0}, /* Category SIM */
    • 

  • {SML_STATE_UNLOCK,SML_RETRY_COUNT_NS_CAT ,0,0}, /* Link NS-SP */
    • 

  • {SML_STATE_UNLOCK,SML_RETRY_COUNT_C_CAT ,0,0}}, /* Link SIM-C */
    • 

  • {{SML_KEY_SET,{0x21,0x43,0x65,0x87,0xFF,0xFF,0xFF,0xFF}},
    • 

  • {SML_KEY_SET,{0x65,0x87,0x21,0x43,0xFF,0xFF,0xFF,0xFF}},
    • 

  • {SML_KEY_SET,{0x11,0x22,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}},
    • 

  • {SML_KEY_EMPTY,{0x33,0x44,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}},
    • 

  • {SML_KEY_EMPTY,{0x55,0x66,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}},
    • 

  • {SML_KEY_SET,{0x77,0x88,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}},
    • 

  • {SML_KEY_SET,{0x99,0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}}},
    • 

  • /* Category N code */
    • 

  • {0x73,0x00,0x1F,0x73,0x00,0x2F,0x73,0x00,0x3F,0x73,0x00,0x4F,0x73,0x00,0x5F,
    • 

  • 0x73,0x00,0x6F,0x73,0x00,0x7F,0x73,0x00,0x8F,0x73,0x00,0x9F,0x73,0x01,0x0F,
    • 

  • 0x73,0x01,0x1F,0x73,0x09,0x9F,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00},
    • 

  • /* Category NS code */
    • 

  • {0xc2,0xc2,0xc2,0xc2,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00},
    • 

  • /* Category SP code */
    • 

  • {0xc3,0xc3,0xc3,0xc3,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00},
    • 

  • /* Category C code */
    • 

  • {0xc4,0xc4,0xc4,0xc4,0xc4,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x00},
    • 

  • /* Category SIM code */
    • 

  • {0xc5,0xc5,0xc5,0xc5,0xc5,0xc5,0xc5,0xc5,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
    • 

  • /* Link Category NS-SP */
    • 

  • {0xc6,0xc6,0xc6,0xc6,0xc6,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x00},
    • 

  • /* Link Category SIM-C */
    • 

  • {0xc7,0xc7,0xc7,0xc7,0xc7,0xc7,0xc7,0xc7,0xc7,0xc7,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    • 

  • 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
    • 

  • {0xFF,0xFF},
    • 

  • SML_MAGIC_TAIL_VALUE
    • 

  • };
												


											

SIMLock锁卡功能解析相关推荐
	

    
								
  1. 机器视觉系统图像采集卡功能解析
		
    机器视觉技术是目前工业生产检测.医疗检测等领域为实现自动化.智能化而采取的应用.整个机器视觉系统分为图像采集与图像处理两大板块,采用模拟工业相机的图像采集系统中,图像采集卡就是连接这两大板块的重要组件 ...
    
		
    2. 
						
  2. 线程同步锁 java_java多线程同步之重入锁,详细解析
		
    上次已经为大家介绍过java多线程同步,Volatile详解的主要内容了.今天再来为大家介绍一些相关的内容,也就是java多线程同步之重入锁,一起来了解一下吧. 使用重入锁实现线程同步 在JavaSE ...
    
		
    3. 
						
  3. 【学习】PCF8563芯片资料和相关功能解析
		
    [学习]PCF8563芯片资料和相关功能解析 PCF8563芯片是以I2C通讯方式的实时时钟/日历芯片.它提供一个可编程时钟输出,一个中断输出和掉电检测器,所有的地址和数据通过 I2C 总线接口串行传 ...
    
		
    4. 
						
  4. 基于高德地图JsAPI进行浏览器精确定位,实现手机端考勤打卡功能
		
    前言: 由于项目需求需要在项目中实现手机端(基于网页)考勤打卡功能,最初考虑使用H5自身定位功能,但尝试过后,效果很不稳定.然后尝试使用百度地图JsAPI,百度家的稳定倒是很稳定,没想到的是定位位置和 ...
    
		
    5. 
						
  5. Android自定义实现按周签到打卡功能
		
    之前实现过<Android可签到的日历控件>的功能,跟这篇一样都是实现签到打卡功能,这篇实现的是按月进行打卡做标识,本篇内容实现的按周进行签到打卡. 实现签到规则如下: 1.连续签到7天, ...
    
		
    6. 
						
  6. MCCMNC是6位时锁卡失败 - MTK物联网在线解答 -  技术论坛
		
    MCCMNC是6位时锁卡失败 如果锁卡的目标合法 MCC-MNC 是 :738002, 可是锁卡后目标卡 ( 即 738002 的卡 ) 进不到待机界面. ( 提示:EnterNP/SP 等等 Cod ...
    
		
    7. 
						
  7. 【Springboot】集成百度地图实现定位打卡功能
		
    目录 第一章 需求分析 第二章 概要设计 第三章 详细设计 3.1 环境搭建 3.1.1 获取百度地图ak 3.1.2 创建springboot项目 3.2 配置application.propert ...
    
		
    8. 
						
  8. SD卡安全加密之锁卡与解除、写保护以及内设密码
		
    上一篇介绍了SD卡底层驱动程序的调试手段和时序过程,适合初学者学习,但是在汽车级的涉及安全的大型项目中就需要一些数据安全保护.现在介绍一下SD卡的保护与解除方面的知识点. SD卡官方英文资料中(可在该 ...
    
		
    9. 
						
  9. 不小心被锁!物联卡锁卡机制与解锁方法,你不准备了解一下?
		
    不少人有个疑问,如果有人把共享单车.自动贩卖机.售货机.智能手表.共享充电宝.移动POS机里的物联卡拿下来,换到另一个设备上使用这样还可以吗? 毫无疑问,当然不行!! 根据运营商政策,目前移动.联通. ...
    
		
    10. 
		


					

最新文章
	

    
						
  1. Go语言字典树定义及实现
		
    2. 
						
  2. js 中的[] {}是什么意思
		
    3. 
						
  3. linux系统 opt扩容,Linux系统扩容根目录磁盘空间的操作方法
		
    4. 
						
  4. dayjs也可回显AntD DatePicker的值
		
    5. 
						
  5. hive 常用UDF
		
    6. 
						
  6. oracle 地市 区县分组,oracle分组写法 - 挣扎在陌生城市ITMAN的个人空间 - OSCHINA - 中文开源技术交流社区...
		
    7. 
						
  7. 2020-08-17每日一句
		
    8. 
						
  8. 北大清华人大中关村周围二手书店淘书全攻略
		
    9. 
						
  9. 罗马音平假名中文可复制_怎么记也记不住? 轻松打好日文50音基础的4个方法...
		
    10. 
						
  10. Learn OpenGL 笔记5.11 Anti Aliasing(抗锯齿)
		
    11. 
						
  11. 数据挖掘-朴素贝叶斯算法
		
    12. 
						
  12. Python-Flask开发微电影网站(九)
		
    13. 
						
  13. QQ圈子降级为“应用”后应关注其隐私设置
		
    14. 
						
  14. 如何用CSS实现百度浏览器官网的北极熊奔跑动画
		
    15. 
						
  15. linux 版本介绍
		
    16. 
						
  16. oauth0 oauth2_通过OAuth(第1部分)访问社交网站,构建启用OAuth的桌面Twitter客户端
		
    17. 
						
  17. 数据挖掘导论 复习一(介绍+数据预处理方法+定性归纳)
		
    18. 
						
  18. Python打包成exe,文件太大问题解决办法
		
    19. 
						
  19. allegro导出3D文件
		
    20. 
						
  20. 卡西欧科学计算机app,卡西欧CASIO计算器
		
    21. 
		

	


热门文章
	

    
									
  1. 【中国大学MOOC】java程序设计-week10-做一个窗体应用程序“体重指数计算器”
			
    2. 
						
  2. linux 端如何修改移动硬盘的名称
			
    3. 
						
  3. python模拟用户登录注册定义函数user_python模拟登录通达信
			
    4. 
						
  4. Hadoop学习与使用
			
    5. 
						
  5. c语言如何找到进程基址,从0开始学模拟挂(一)--找内存基址,包含原理 _ 脚本
			
    6. 
						
  6. 带你学MySQL系列 | 什么是数据定义语言(DDL)呢?
			
    7. 
						
  7. 男生vs女生,谁更加适合做软件测试?
			
    8. 
						
  8. mysql怎么避免缩表_如何避免MySQL死锁(二)
			
    9. 
						
  9. 言简意赅之二进制运算符口诀
			
    10. 
						
  10. 粉丝问我,写CSDN博客到底为了什么?
			
    11.