summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPhilipp Maier <pmaier@sysmocom.de>2017-01-17 14:46:56 +0100
committerPhilipp Maier <pmaier@sysmocom.de>2017-02-24 15:18:22 +0100
commit0cb1d2180d4ad59e02fa362f019262163abf95d5 (patch)
tree2b2e7710f955f621b6aef27d72fc7f7f93559fc2
parentee1649292d0516fd64562ef4dd2a5c9d62520566 (diff)
pcu_sock: Fix broken paging command
The pcu sends us an already made up MAC-Block that contains the paging request. pcu_sock.c is parsing this paging request wrongly and fails silently, which results into a dropping of the request. This commit fixes the parsing problems.
-rw-r--r--openbsc/src/libbsc/pcu_sock.c29
1 files changed, 21 insertions, 8 deletions
diff --git a/openbsc/src/libbsc/pcu_sock.c b/openbsc/src/libbsc/pcu_sock.c
index ec6b9d6..418f2a0 100644
--- a/openbsc/src/libbsc/pcu_sock.c
+++ b/openbsc/src/libbsc/pcu_sock.c
@@ -313,26 +313,39 @@ int pcu_tx_imm_ass_sent(struct gsm_bts *bts, uint32_t tlli)
static int pcu_rx_rr_paging(struct gsm_bts *bts, uint8_t paging_group,
const uint8_t *raw_rr_msg)
{
- struct gsm48_hdr *gsmh = (struct gsm48_hdr *) raw_rr_msg;
- struct gsm48_paging1 *p1 = (struct gsm48_paging1 *) gsmh;
- uint8_t chan_needed;
+ struct gsm48_paging1 *p1 = (struct gsm48_paging1 *) raw_rr_msg;
+ uint8_t chan_needed?;
unsigned int mi_len;
uint8_t *mi;
int rc;
- switch (gsmh->msg_type) {
+ switch (p1->msg_type) {
case GSM48_MT_RR_PAG_REQ_1:
chan_needed = (p1->cneed2 << 2) | p1->cneed1;
mi_len = p1->data[0];
mi = p1->data+1;
- /* FIXME: why does rsl_paging_cmd add 2 to mi? */
- rc = rsl_paging_cmd(bts, paging_group, mi_len, mi,
+ LOGP(DPCU, LOGL_ERROR, "PCU Sends paging "
+ "request type %02x (chan_needed=%02x, mi_len=%u, mi=%s)\n",
+ p1->msg_type, chan_needed, mi_len,
+ osmo_hexdump_nospc(mi,mi_len));
+ /* NOTE: We will have to add 2 to mi_len and subtract 2 from
+ * the mi pointer because rsl_paging_cmd() will perform the
+ * reverse operations. This is because rsl_paging_cmd() is
+ * normally expected to chop off the element identifier (0xC0)
+ * and the length field. In our parameter, we do not have
+ * those fields included. */
+ rc = rsl_paging_cmd(bts, paging_group, mi_len+2, mi-2,
chan_needed, true);
break;
case GSM48_MT_RR_PAG_REQ_2:
case GSM48_MT_RR_PAG_REQ_3:
LOGP(DPCU, LOGL_ERROR, "PCU Sends unsupported paging "
- "request type\n");
+ "request type %02x\n", p1->msg_type);
+ rc = -EINVAL;
+ break;
+ default:
+ LOGP(DPCU, LOGL_ERROR, "PCU Sends unknown paging "
+ "request type %02x\n", p1->msg_type);
rc = -EINVAL;
break;
}
@@ -365,7 +378,7 @@ static int pcu_rx_data_req(struct gsm_bts *bts, uint8_t msg_type,
imsi_digit_buf[1] = data_req->data[1];
imsi_digit_buf[2] = data_req->data[2];
imsi_digit_buf[3] = '\0';
- LOGP(DPCU, LOGL_DEBUG, "SAPI PCH imsi %s", imsi_digit_buf);
+ LOGP(DPCU, LOGL_DEBUG, "SAPI PCH imsi %s\n", imsi_digit_buf);
pag_grp = gsm0502_calc_paging_group(&bts->si_common.chan_desc,
str_to_imsi(imsi_digit_buf));
pcu_rx_rr_paging(bts, pag_grp, data_req->data+3);