path: root/openbsc/src
diff options
authorJacob Erlbeck <jerlbeck@sysmocom.de>2014-11-06 15:43:10 +0100
committerHolger Hans Peter Freyther <holger@moiji-mobile.com>2014-11-14 10:19:29 +0100
commitf6e7d99d54cc75fdc19433011afb5eaaa8a2a002 (patch)
tree370d0bed4efcab87e3bb7ce734c5518f297e4487 /openbsc/src
parentc4f9bf3142f54b63174f653b07103dd6ab36b1ae (diff)
sgsn: Don't assign a new P-TMSI if one is pending
Currently every time an RA Update Req or an Attach Req is processed, a new P-TMSI is allocated. When an MS issues another of these messages before it has completed the first procedure, old_ptmsi is replaced by ptmsi (and thus lost) and ptmsi is replaced by the newly allocated P-TMSI. This can confuse the gbproxy, which can loose track of the logical link then. At least a Blackberry emits a double set of RA Upd Req messages from time to time which may be just 20ms apart. This patch adds a check whether mm->ptmsi or mm->old_ptmsi are set. If both are set, the P-TMSI is not re-allocated. This is only the case, when the Complete message has not been received yet, since that message will reset old_ptmsi. Sponsored-by: On-Waves ehf
Diffstat (limited to 'openbsc/src')
1 files changed, 10 insertions, 4 deletions
diff --git a/openbsc/src/gprs/gprs_gmm.c b/openbsc/src/gprs/gprs_gmm.c
index ac063afa1..afd3bbb06 100644
--- a/openbsc/src/gprs/gprs_gmm.c
+++ b/openbsc/src/gprs/gprs_gmm.c
@@ -911,8 +911,11 @@ static int gsm48_rx_gmm_att_req(struct sgsn_mm_ctx *ctx, struct msgb *msg,
/* Allocate a new P-TMSI (+ P-TMSI signature) and update TLLI */
- ctx->p_tmsi_old = ctx->p_tmsi;
- ctx->p_tmsi = sgsn_alloc_ptmsi();
+ /* Don't change the P-TMSI if a P-TMSI re-assignment is under way */
+ if (ctx->mm_state != GMM_COMMON_PROC_INIT) {
+ ctx->p_tmsi_old = ctx->p_tmsi;
+ ctx->p_tmsi = sgsn_alloc_ptmsi();
+ }
ctx->mm_state = GMM_COMMON_PROC_INIT;
/* Even if there is no P-TMSI allocated, the MS will switch from
@@ -1147,8 +1150,11 @@ static int gsm48_rx_gmm_ra_upd_req(struct sgsn_mm_ctx *mmctx, struct msgb *msg,
- mmctx->p_tmsi_old = mmctx->p_tmsi;
- mmctx->p_tmsi = sgsn_alloc_ptmsi();
+ /* Don't change the P-TMSI if a P-TMSI re-assignment is under way */
+ if (mmctx->mm_state != GMM_COMMON_PROC_INIT) {
+ mmctx->p_tmsi_old = mmctx->p_tmsi;
+ mmctx->p_tmsi = sgsn_alloc_ptmsi();
+ }
/* Start T3350 and re-transmit up to 5 times until ATTACH COMPLETE */
mmctx->t3350_mode = GMM_T3350_MODE_RAU;
mmctx_timer_start(mmctx, 3350, GSM0408_T3350_SECS);