| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Currently old LLMEs and MM contexts that haven't been explicitly
detached or cancelled are not removed until another request with the
same IMSI is made. These stale entries may accumulate over time and
severely compromise the operation of the SGSN.
This patch implements age based LLME expiry, when the maximum age has
been reached, the corresponding MM context is removed. If such an MM
context doesn't exist, the LLME is unassigned directly.
TODO:
- split commit
- replace hard-coded values by real config
- Consider: age_timeout -> age,
timeout: age = (age == RESET ? 1 : age + TICK)
Ticket: OW#1364
Sponsored-by: On-Waves ehf
|
|
Currently an OSMO_ASSERT fails, if the message's and the mmctx's
TLLIs do not match.
This commit turns the assertion into an ERROR log message and uses
the default values for IMSI, DRX, and RA CAP instead of the MM
context values in this case.
TODO:
- find the real source for the problem
- add test cases derived from what is being described in the ticket
Ticket: OW#1322
Sponsored-by: On-Waves ehf
|
|
The osmo-sgsn sends Status messages (or nothing in case of non
GMM/GSM) when the TLLI is unknown. This prevents the MS from
reconnecting.
This patch adds the initiation of an MT detach procedure to force a
re-attach to set up a valid LLE context if an LLE or an MM context
cannot be found. Since this can also be triggered by non-GMM SAPI
messages, a GPRS application callback sgsn_force_reattach_oldmsg is
added which in turn calls the GMM layer to generate the GSM 04.08
specific messages.
Note that the MS can be left in REGISTERED state after initially
wanting to detach itself, since it will receive a Detach Req
(re-attach) when sending a DEACT PDP CTX REQ after the SGSN or
gbproxy (P-TMSI patching enabled) has been restarted. This same
behaviour has been observed with another SGSN.
Sponsored-by: On-Waves ehf
|
|
This has been re-produced using the "osmo-pcu emulator" code
and a ping to force segmented SNDCP messages. When the NS link
enters the DEAD/BLOCKED state the msgb would be freed twice.
Once inside gprs_ns_sendmsg and once by the caller. Based on the
return one can not see if the parameter has been deleted.
I changed libosmocore/libosmogb to always free the msgb in case
of an error on the way to gprs_ns_sendmsg. Catch up, avoid the
double free and fix some memory leaks. In case the sending fails
assume the entire segmented message is at end and free the
original input data.
This has been tested by posix suspending/resuming the emulator
process to have the GPRS-NS link go to dead/blocked to alive
and unblocked. The ping recovers and "SIGUSR1" to the SGSN does
not show active memory allocations.
The SGSN calls bssgp_tx_dl_ud at the lowest level and has the
following callchains. Most of them allocate the msgb and have
no early return and transfer ownership already:
<- gprs_llc_tx_u
<- gprs_llc_tx_ui
<- gsm48_gmm_sendmsg (all callers sane)
<- _tx_status
<- _tx_detach_req
<- gprs_llc_tx_xid (all callers sane)
<- sndcp_unitdata_req
<- sndcp_send_ud_frag
|
|
On an "unassignment" this code verifies that the LLME will vanish
from the list of LLMEs. We assume that this doesn't create a
memory leak.
|
|
Many log levels were DEBUG without any good reason. Also where possible
the details of the MM or PDP context are now logged with LOGMM/PDPCTXP.
|
|
Currently when gprs_llgmm_reset() is invoked an XID reset is sent but
the local LLC parameters (e.g. V(U)) are not cleared (see GSM 04.64,
8.5.3.1). This can lead to discarded messages on the SGSN side.
This patch modifies gprs_llgmm_reset to clear vu_send, vu_recv,
oc_ui_send, oc_ui_recv.
Sponsored-by: On-Waves ehf
|
|
Make the llc_default_params structure from which data is initialized
large enough. Otherwise address sanitizer complains with out-of-bounds
reads.
Only SAPIs 1, 2, 3, 5, 7, 8, 9, 11 are defined for GPRS but the
struct gprs_llc_llme includes NUM_SAPIS lle's and they are populated
from the llc_default_params structure.
|
|
Currently LLC parsing is part of gprs_llc.c which needs large parts
of the SGSN code parsing to fulfill its link dependencies.
This patch moves the functions that just do plain parsing, dumping,
and FCS computation to a different file to avoid these dependencies
if LLC stateful processing is not needed. It also exposes
struct gprs_llc_hdr_parsed and enum gprs_llc_cmd publically.
Sponsored-by: On-Waves ehf
|
|
CC gprs_llc.o
gprs_llc.c: In function ‘t200_expired’:
gprs_llc.c:322:2: warning: enumeration value ‘GPRS_LLES_UNASSIGNED’ not handled in switch [-Wswitch]
switch (lle->state) {
^
gprs_llc.c:322:2: warning: enumeration value ‘GPRS_LLES_ASSIGNED_ADM’ not handled in switch [-Wswitch]
gprs_llc.c:322:2: warning: enumeration value ‘GPRS_LLES_REMOTE_EST’ not handled in switch [-Wswitch]
gprs_llc.c:322:2: warning: enumeration value ‘GPRS_LLES_ABM’ not handled in switch [-Wswitch]
gprs_llc.c:322:2: warning: enumeration value ‘GPRS_LLES_TIMER_REC’ not handled in switch [-Wswitch]
gprs_llc.c: In function ‘gprs_llc_hdr_rx’:
gprs_llc.c:564:2: warning: enumeration value ‘GPRS_LLC_NULL’ not handled in switch [-Wswitch]
switch (gph->cmd) {
^
gprs_llc.c:564:2: warning: enumeration value ‘GPRS_LLC_RR’ not handled in switch [-Wswitch]
gprs_llc.c:564:2: warning: enumeration value ‘GPRS_LLC_ACK’ not handled in switch [-Wswitch]
gprs_llc.c:564:2: warning: enumeration value ‘GPRS_LLC_RNR’ not handled in switch [-Wswitch]
gprs_llc.c:564:2: warning: enumeration value ‘GPRS_LLC_SACK’ not handled in switch [-Wswitch]
gprs_llc.c: In function ‘gprs_llc_rcvmsg’:
gprs_llc.c:791:23: warning: unused variable ‘udh’ [-Wunused-variable]
struct bssgp_ud_hdr *udh = (struct bssgp_ud_hdr *) msgb_bssgph(msg);
^
gprs_llc.c: At top level:
gprs_llc.c:311:13: warning: ‘t200_expired’ defined but not used [-Wunused-function]
static void t200_expired(void *data)
^
gprs_llc.c:337:13: warning: ‘t201_expired’ defined but not used [-Wunused-function]
static void t201_expired(void *data)
|
|
Use old and new tlli as specified by the caller.
WIP
<000f> sgsn_libgtp.c:321 Received DELETE PDP CTX CONF, cause=128(Request accepted)
<0013> gprs_sndcp.c:320 SNSM-DEACTIVATE.ind (lle=0x8095d08, TLLI=e3ddd574, SAPI=11, NSAPI=5)
<0011> gprs_bssgp.c:376 BSSGP TLLI=0xe3ddd574 Rx UPLINK-UNITDATA
<0012> gprs_llc.c:551 LLC SAPI=1 C FCS=0xb85a96CMD=UI DATA
<0011> gprs_bssgp.c:376 BSSGP TLLI=0xe3ddd574 Rx UPLINK-UNITDATA
<0012> gprs_llc.c:551 LLC SAPI=1 C FCS=0xbe5a96CMD=UI DATA
<0002> gprs_gmm.c:214 Starting MM timer 3350 while old timer 3350 pending
<0012> gprs_llc.c:417 LLC TX: unknown TLLI 0xe3ddd574, creating LLME on the fly
Assert failed msgb_tlli(msg) == mmctx->llme->tlli || msgb_tlli(msg) == mmctx->llme->old_tlli || tlli_foreign2local(msgb_tlli(msg)) == mmctx->llme->tlli || tlli_foreign2local(msgb_tlli(msg)) == mmctx->llme->old_tlli gprs_llc.c:123
backtrace() returned 18 addresses
/home/ich/install/openbsc/lib/libosmocore.so.4(osmo_generate_backtrace+0x16) [0xb7bb6a36]
/home/ich/source/gsm/openbsc/openbsc/src/gprs/osmo-sgsn() [0x805224a]
/home/ich/source/gsm/openbsc/openbsc/src/gprs/osmo-sgsn() [0x804a2f6]
/home/ich/source/gsm/openbsc/openbsc/src/gprs/osmo-sgsn() [0x804b687]
/home/ich/source/gsm/openbsc/openbsc/src/gprs/osmo-sgsn() [0x804bc35]
/home/ich/source/gsm/openbsc/openbsc/src/gprs/osmo-sgsn() [0x804bd4e]
/home/ich/source/gsm/openbsc/openbsc/src/gprs/osmo-sgsn() [0x804d20c]
/home/ich/source/gsm/openbsc/openbsc/src/gprs/osmo-sgsn() [0x8052be4]
/home/ich/source/gsm/openbsc/openbsc/src/gprs/osmo-sgsn(bssgp_prim_cb+0x55) [0x804f5a4]
/home/ich/install/openbsc/lib/libosmogb.so.2(bssgp_rcvmsg+0x3b8) [0xb7b626b8]
/home/ich/source/gsm/openbsc/openbsc/src/gprs/osmo-sgsn() [0x804f4f1]
/home/ich/install/openbsc/lib/libosmogb.so.2(gprs_ns_rcvmsg+0x8c7) [0xb7b5ecf7]
/home/ich/install/openbsc/lib/libosmogb.so.2(+0x4311) [0xb7b5f311]
/home/ich/install/openbsc/lib/libosmocore.so.4(osmo_select_main+0x192) [0xb7bb2ed2]
/home/ich/source/gsm/openbsc/openbsc/src/gprs/osmo-sgsn() [0x804fbcd]
/lib/i386-linux-gnu/i686/cmov/libc.so.6(__libc_start_main+0xf5) [0xb796a8f5]
/home/ich/source/gsm/openbsc/openbsc/src/gprs/osmo-sgsn() [0x8049db1]
Program received signal SIGABRT, Aborted.
0xb7fde424 in __kernel_vsyscall ()
(gdb) bt
#0 0xb7fde424 in __kernel_vsyscall ()
#1 0xb797f83f in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#2 0xb7982cf3 in __GI_abort () at abort.c:90
#3 0x0805224f in _bssgp_tx_dl_ud (mmctx=0x80932d0, msg=0x80963a8) at gprs_llc.c:120
#4 gprs_llc_tx_ui (msg=0x80963a8, sapi=1 '\001', command=0, mmctx=0x80932d0)
at gprs_llc.c:496
#5 0x0804a2f6 in gsm48_gmm_sendmsg (msg=0x80963a8, command=0, mm=0x80932d0) at gprs_gmm.c:241
#6 0x0804b687 in gsm48_tx_gmm_ra_upd_ack (mm=0x80932d0) at gprs_gmm.c:851
#7 0x0804bc35 in gsm48_rx_gmm_ra_upd_req (mmctx=0x80932d0, msg=0x8091ce8, llme=0x8095630)
at gprs_gmm.c:1004
#8 0x0804bd4e in gsm0408_rcv_gmm (mmctx=0x80932d0, msg=0x8091ce8, llme=0x8095630)
at gprs_gmm.c:1036
#9 0x0804d20c in gsm0408_gprs_rcvmsg (msg=msg@entry=0x8091ce8, llme=0x8095630)
at gprs_gmm.c:1566
#10 0x08052be4 in gprs_llc_rcvmsg (msg=0x8091ce8, tv=0xbfffdcb0) at gprs_llc.c:882
#11 0x0804f5a4 in bssgp_prim_cb (oph=oph@entry=0xbfffdc8c, ctx=ctx@entry=0x0)
at sgsn_main.c:114
#12 0xb7b626b8 in bssgp_rx_ul_ud (tp=0xbfffdcb0, msg=0x8091ce8, ctx=<optimized out>)
at gprs_bssgp.c:398
#13 bssgp_rx_ptp (bctx=0x8091a08, tp=0xbfffdcb0, msg=0x8091ce8) at gprs_bssgp.c:820
#14 bssgp_rcvmsg (msg=0x8091ce8) at gprs_bssgp.c:1016
#15 0x0804f4f1 in sgsn_ns_cb (event=GPRS_NS_EVT_UNIT_DATA, nsvc=0x8090740, msg=0x8091ce8,
bvci=1801) at sgsn_main.c:92
#16 0xb7b5ecf7 in gprs_ns_rx_unitdata (msg=0x8091ce8, nsvc=0x8090740) at gprs_ns.c:616
#17 gprs_ns_rcvmsg (nsi=nsi@entry=0x807fd38, msg=msg@entry=0x8091ce8,
saddr=saddr@entry=0xbfffedc0, ll=ll@entry=GPRS_NS_LL_UDP) at gprs_ns.c:841
#18 0xb7b5f311 in handle_nsip_read (bfd=0x807fd58) at gprs_ns.c:991
#19 nsip_fd_cb (bfd=0x807fd58, what=1) at gprs_ns.c:1024
#20 0xb7bb2ed2 in osmo_select_main (polling=0) at select.c:158
#21 0x0804fbcd in main (argc=3, argv=0xbffff234) at sgsn_main.c:369
(gdb) frame 5
#5 0x0804a2f6 in gsm48_gmm_sendmsg (msg=0x80963a8, command=0, mm=0x80932d0) at gprs_gmm.c:241
241 return gprs_llc_tx_ui(msg, GPRS_SAPI_GMM, command, mm);
(gdb) p msgb_tlli(msg)
$1 = 3822966132
(gdb) frame 4
#4 gprs_llc_tx_ui (msg=0x80963a8, sapi=1 '\001', command=0, mmctx=0x80932d0)
at gprs_llc.c:496
496 return _bssgp_tx_dl_ud(msg, mmctx);
(gdb) p mmctx
$2 = (void *) 0x80932d0
(gdb) frame 3
#3 0x0805224f in _bssgp_tx_dl_ud (mmctx=0x80932d0, msg=0x80963a8) at gprs_llc.c:120
120 OSMO_ASSERT(msgb_tlli(msg) == mmctx->llme->tlli
(gdb) p mmctx
$3 = (struct sgsn_mm_ctx *) 0x80932d0
(gdb) p *mmctx
$4 = {list = {next = 0x8092e28, prev = 0x805c318 <sgsn_mm_ctxts>},
imsi = "901700000003094\000", mm_state = GMM_REGISTERED_NORMAL, p_tmsi = 296043751,
p_tmsi_old = 2075232571, p_tmsi_sig = 0, imei = "353943044782210\000",
msisdn = '\000' <repeats 14 times>, ra = {mnc = 70, mcc = 901, lac = 1, rac = 0 '\000'},
cell_id = 0, cell_id_age = 0, sac = 0, sac_age = 0, new_sgsn_addr = 0,
ciph_algo = GPRS_ALGO_GEA0, ms_radio_access_capa = {len = 11 '\v',
buf = "4\307\003*\240B|\255\341\030\v", '\000' <repeats 38 times>}, ms_network_capa = {
len = 2 '\002', buf = "\345\200\000\000\000\000\000"}, drx_parms = 3329, mnrg = 0,
ngaf = 0, ppf = 0, recovery = 0, radio_prio_sms = 0 '\000', pdp_list = {next = 0x8093390,
prev = 0x8093390}, llme = 0x8095630, tlli = 3822966132, tlli_new = 3517269223,
nsei = 1801, bvci = 1801, ctrg = 0x8096048, timer = {node = {rb_parent_color = 3082574944,
rb_right = 0x0, rb_left = 0x0}, list = {next = 0x80933b8, prev = 0x80933b8}, timeout = {
tv_sec = 1375260414, tv_usec = 864196}, active = 1, cb = 0x804bfd0 <mmctx_timer_cb>,
data = 0x80932d0}, T = 3350, num_T_exp = 0, t3350_mode = GMM_T3350_MODE_RAU,
t3370_id_type = 1 '\001'}
(gdb) p msgb_tlli(msg)
No symbol "msgb_tlli" in current context.
(gdb) frame 5
#5 0x0804a2f6 in gsm48_gmm_sendmsg (msg=0x80963a8, command=0, mm=0x80932d0) at gprs_gmm.c:241
241 return gprs_llc_tx_ui(msg, GPRS_SAPI_GMM, command, mm);
(gdb) frame 6
#6 0x0804b687 in gsm48_tx_gmm_ra_upd_ack (mm=0x80932d0) at gprs_gmm.c:851
851 return gsm48_gmm_sendmsg(msg, 0, mm);
(gdb) p msgb_tlli(msg)
$5 = 3822966132
(gdb) p mmctx->tlli
No symbol "mmctx" in current context.
(gdb) p mm->tlli
$6 = 3822966132
(gdb) p mm->tlli_new
$7 = 3517269223
(gdb) p mm->llme->tlli
$8 = 3517269223
(gdb) p mm->llme->tlli_old
There is no member named tlli_old.
(gdb) p mm->llme->old_tlli
$9 = 4222716219
(gdb) bt
#0 0xb7fde424 in __kernel_vsyscall ()
#1 0xb797f83f in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#2 0xb7982cf3 in __GI_abort () at abort.c:90
#3 0x0805224f in _bssgp_tx_dl_ud (mmctx=0x80932d0, msg=0x80963a8) at gprs_llc.c:120
#4 gprs_llc_tx_ui (msg=0x80963a8, sapi=1 '\001', command=0, mmctx=0x80932d0)
at gprs_llc.c:496
#5 0x0804a2f6 in gsm48_gmm_sendmsg (msg=0x80963a8, command=0, mm=0x80932d0) at gprs_gmm.c:241
#6 0x0804b687 in gsm48_tx_gmm_ra_upd_ack (mm=0x80932d0) at gprs_gmm.c:851
#7 0x0804bc35 in gsm48_rx_gmm_ra_upd_req (mmctx=0x80932d0, msg=0x8091ce8, llme=0x8095630)
at gprs_gmm.c:1004
#8 0x0804bd4e in gsm0408_rcv_gmm (mmctx=0x80932d0, msg=0x8091ce8, llme=0x8095630)
at gprs_gmm.c:1036
#9 0x0804d20c in gsm0408_gprs_rcvmsg (msg=msg@entry=0x8091ce8, llme=0x8095630)
at gprs_gmm.c:1566
#10 0x08052be4 in gprs_llc_rcvmsg (msg=0x8091ce8, tv=0xbfffdcb0) at gprs_llc.c:882
#11 0x0804f5a4 in bssgp_prim_cb (oph=oph@entry=0xbfffdc8c, ctx=ctx@entry=0x0)
at sgsn_main.c:114
#12 0xb7b626b8 in bssgp_rx_ul_ud (tp=0xbfffdcb0, msg=0x8091ce8, ctx=<optimized out>)
at gprs_bssgp.c:398
#13 bssgp_rx_ptp (bctx=0x8091a08, tp=0xbfffdcb0, msg=0x8091ce8) at gprs_bssgp.c:820
#14 bssgp_rcvmsg (msg=0x8091ce8) at gprs_bssgp.c:1016
#15 0x0804f4f1 in sgsn_ns_cb (event=GPRS_NS_EVT_UNIT_DATA, nsvc=0x8090740, msg=0x8091ce8,
bvci=1801) at sgsn_main.c:92
#16 0xb7b5ecf7 in gprs_ns_rx_unitdata (msg=0x8091ce8, nsvc=0x8090740) at gprs_ns.c:616
#17 gprs_ns_rcvmsg (nsi=nsi@entry=0x807fd38, msg=msg@entry=0x8091ce8,
saddr=saddr@entry=0xbfffedc0, ll=ll@entry=GPRS_NS_LL_UDP) at gprs_ns.c:841
#18 0xb7b5f311 in handle_nsip_read (bfd=0x807fd58) at gprs_ns.c:991
#19 nsip_fd_cb (bfd=0x807fd58, what=1) at gprs_ns.c:1024
#20 0xb7bb2ed2 in osmo_select_main (polling=0) at select.c:158
#21 0x0804fbcd in main (argc=3, argv=0xbffff234) at sgsn_main.c:369
(gdb) frame 3
#3 0x0805224f in _bssgp_tx_dl_ud (mmctx=0x80932d0, msg=0x80963a8) at gprs_llc.c:120
120 OSMO_ASSERT(msgb_tlli(msg) == mmctx->llme->tlli
(gdb) p msgb_tlli(msg)
No symbol "msgb_tlli" in current context.
(gdb) frame 4
#4 gprs_llc_tx_ui (msg=0x80963a8, sapi=1 '\001', command=0, mmctx=0x80932d0)
at gprs_llc.c:496
496 return _bssgp_tx_dl_ud(msg, mmctx);
(gdb) p msgb_tlli(msg)
No symbol "msgb_tlli" in current context.
(gdb) frame 5
#5 0x0804a2f6 in gsm48_gmm_sendmsg (msg=0x80963a8, command=0, mm=0x80932d0) at gprs_gmm.c:241
241 return gprs_llc_tx_ui(msg, GPRS_SAPI_GMM, command, mm);
(gdb) p msgb_tlli(msg)
$10 = 3822966132
(gdb) p mm->tlli
$11 = 3822966132
(gdb) p mm->tlli_new
$12 = 3517269223
(gdb) p mm->tlli_new
$13 = 3517269223
(gdb) p mm->llme->tlli
$14 = 3517269223
(gdb) p mm->llme->tlli_old
There is no member named tlli_old.
(gdb) p mm->llme->old_tlli
$15 = 4222716219
(gdb) p mm->llme->state
$16 = GPRS_LLMS_ASSIGNED
(gdb) q
|
|
In case we have access to the context verify that the selected
msgb_tlli is either the old_tlli or the tlli in either local or
foreign format. It is wrong to use any other TLLI.
|
|
Attempt to solve what f0901f0067e363c0ced6254db1b45a9771640412 tried to
solve without breaking the case of someone with a foreign TLLI from a
different network.
Lookup with the foreign TLLI converted to a local one in case we did
not find the TLLI and only then create a LLE/LLME on the fly for the
RX path.
|
|
During the GPRS Attach procedure we might have a foreign tlli and
in the RX create a LLME on the fly for this tlli. The GMM GPRS
Attach handling code will then assign a new TLLI and keep the
foreign tlli as the llme->old_tlli.
When the GMM is sending the identity request the msgb_tlli will
point to the foreign tlli. The GPRS LLC code will then try to find
that foreign tlli but due the conversion this will not be found.
Instead a new ad-hoc LLE/LLME will be created on the fly for
each message (this means there are duplicate LLE/LLMEs in the
list).
Make the code more strict and remove the tlli_foreign2local change
from the look-up routine. This will make the GPRS LLC code find
the right LLE/LLME and the N(U) will be handled correctly.
This partially reverts:
f0901f0067e363c0ced6254db1b45a9771640412
Addresses:
<0012> gprs_llc.c:773 LLC RX: unknown TLLI 0xadf11820, creating LLME on the fly
...
<0012> gprs_llc.c:357 LLC TX: unknown TLLI 0xedf11820, creating LLME on the fly
Reproducable:
Use pcu_emu (gprs attach) and observe with wireshark.
|
|
|
|
|
|
In some situations (like MS reboot without prior DETACH or SGSN reboot
without prior MS detach), the LLC sequence numbers for UI mode could
be different on both sides.
The LLC spec unfortunately doesn't permit us to send something like a
FRMR in this case, but instructs us to silently discard the frame. At
that time the remote LLC entity will re-transmit the frame with the same
seqeunce number over and over again, which we will drop again and again.
The mthod used now will keep track of the last received UI sequence
number. If that number is retransmitted for three times in a row, then
we accept this sequence number and recover from that point on.
|
|
|
|
We change the minority of functions employing the gprs_bssgp_ prefix to
match with the majority without gprs_ in front.
|
|
Instead of direct function calls to individual functions, we now
generate primitives (osmo_prim) and send them to one
application-provided function "bssgp_prim_cb()"
|
|
|
|
This also removes the dependency to osmo_sock() inside libcommon and
replaces it with osmo_sock_* from libosmocore
|
|
GSM 04.64 8.4.2 asks to ignore UI frames if the DLCI is not known,
or if the "(V(UR)- 32) <= N(U) < V(UR)". E.g. if we want to have
V(UR) == 511 and this frame is dropped, we would ignore N(U)'s
0 to 510. Calculate the delta.
The code is based on Jonathan Santos's "LLC UI window" fix but the
issue was discovered independly.
|
|
|
|
Using LLGMM-RESET.req, the GMM can request the LLC of the MS to reset
all its parameters, particularly the sequence numbers. We don't yet do
XID RESET retransmissions, and we don't yet generate a LLGMM-RESET.conf
primitive back to GMM.
|
|
|
|
|
|
libosmogsm is a new library that is distributed in the libosmocore.
Now, openbsc depends on it. This patch gets openbsc with this
change.
This patch also rewrites all include path to the new
osmocom/[gsm|core]
Signed-off-by: Pablo Neira Ayuso <pablo@gnumonks.org>
|
|
In case we get a RA UPD REQ on a new cell (both served by the same
SGSN), the LLC stack should not allocate a ne LLE/LLME, as the latter
would reset the V(u)sent / V(u)recv to zero and make the MS discard
our responses.
Instead, whenever the LLC stack sees a foreign TLLI, it should always
convert it to the local TLLI before doing any lookup for a LLE/LLME.
|
|
The reason for this is quite simple: We want to make sure anyone
running a customized version of OpenBSC to operate a network will
have to release all custom modifiations to the source code.
|
|
The FCS isn't computed yet (because of ciphering).
It _will_ be tested and reported as wrong later in the code
so we can just display it here and let the latter code report the
error if any.
Signed-off-by: Sylvain Munaut <tnt@246tNt.com>
|
|
The caller currently has set the Kc pointer to NULL, this fix avoids
crashing at the callee.
|
|
|
|
This adds the bits that call into libosmocore (and its plugins)
to implement GPRS (LLC) encryption.
|
|
|
|
Once The TLLI (or P-TMSI of which it is derived) change has been
confirmed by the MS, we need to unassign the old TLLI but keep
the new TLLI _without_ re-setting the LLC entity structure such
as VUsend /VUrecv counters.
|
|
|
|
|
|
|
|
This so far only works for UNIT-DATA and only if the N-PDU is not fragmented at
the SNDCP layer.
|
|
* separate the LLME and LLE state in the LLC layer
* introduce gprs_llgmm_assign() function for LLGMM-ASSIGN.req primitive
* change QoS profile to match 'real' SGSN
* Update the new TLLI when assigning a P-TMSI
The result now is that the LLC layer is notified of TLLI changes, which in turn
means it doesn't allocate a new LLE structure every TLLI change, which again
in turn means that the UI frame sequence number does not reset to zero.
As a result, MS should no longer ignore frames based on wrong UI sequence number.
|
|
When we send a downlink unit-data request via BSSGP, there is a lot
of information that needs to be copied from the mm context, such as
the IMSI, DRX parametes, MS radio access parameters, ...
This is a quite strange layering violation, since we now need to pass
a pointer to the MM ctx from GMM through LLC into BSSGP :(
|
|
|
|
We are assigning the header to non const methods... so make
the param non-const.
|
|
|
|
|
|
|
|
|
|
|
|
|
