diff options
author | Jacob Erlbeck <jerlbeck@sysmocom.de> | 2014-11-06 15:43:10 +0100 |
---|---|---|
committer | Holger Hans Peter Freyther <holger@moiji-mobile.com> | 2014-11-14 10:19:29 +0100 |
commit | f6e7d99d54cc75fdc19433011afb5eaaa8a2a002 (patch) | |
tree | 370d0bed4efcab87e3bb7ce734c5518f297e4487 /openbsc/src/gprs/gprs_gmm.c | |
parent | c4f9bf3142f54b63174f653b07103dd6ab36b1ae (diff) |
sgsn: Don't assign a new P-TMSI if one is pending
Currently every time an RA Update Req or an Attach Req is processed, a
new P-TMSI is allocated. When an MS issues another of these messages
before it has completed the first procedure, old_ptmsi is replaced by
ptmsi (and thus lost) and ptmsi is replaced by the newly allocated
P-TMSI. This can confuse the gbproxy, which can loose track of the
logical link then. At least a Blackberry emits a double set of RA Upd
Req messages from time to time which may be just 20ms apart.
This patch adds a check whether mm->ptmsi or mm->old_ptmsi are set.
If both are set, the P-TMSI is not re-allocated. This is only the
case, when the Complete message has not been received yet, since that
message will reset old_ptmsi.
Sponsored-by: On-Waves ehf
Diffstat (limited to 'openbsc/src/gprs/gprs_gmm.c')
-rw-r--r-- | openbsc/src/gprs/gprs_gmm.c | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/openbsc/src/gprs/gprs_gmm.c b/openbsc/src/gprs/gprs_gmm.c index ac063afa1..afd3bbb06 100644 --- a/openbsc/src/gprs/gprs_gmm.c +++ b/openbsc/src/gprs/gprs_gmm.c @@ -911,8 +911,11 @@ static int gsm48_rx_gmm_att_req(struct sgsn_mm_ctx *ctx, struct msgb *msg, #ifdef PTMSI_ALLOC /* Allocate a new P-TMSI (+ P-TMSI signature) and update TLLI */ - ctx->p_tmsi_old = ctx->p_tmsi; - ctx->p_tmsi = sgsn_alloc_ptmsi(); + /* Don't change the P-TMSI if a P-TMSI re-assignment is under way */ + if (ctx->mm_state != GMM_COMMON_PROC_INIT) { + ctx->p_tmsi_old = ctx->p_tmsi; + ctx->p_tmsi = sgsn_alloc_ptmsi(); + } ctx->mm_state = GMM_COMMON_PROC_INIT; #endif /* Even if there is no P-TMSI allocated, the MS will switch from @@ -1147,8 +1150,11 @@ static int gsm48_rx_gmm_ra_upd_req(struct sgsn_mm_ctx *mmctx, struct msgb *msg, rate_ctr_inc(&mmctx->ctrg->ctr[GMM_CTR_RA_UPDATE]); #ifdef PTMSI_ALLOC - mmctx->p_tmsi_old = mmctx->p_tmsi; - mmctx->p_tmsi = sgsn_alloc_ptmsi(); + /* Don't change the P-TMSI if a P-TMSI re-assignment is under way */ + if (mmctx->mm_state != GMM_COMMON_PROC_INIT) { + mmctx->p_tmsi_old = mmctx->p_tmsi; + mmctx->p_tmsi = sgsn_alloc_ptmsi(); + } /* Start T3350 and re-transmit up to 5 times until ATTACH COMPLETE */ mmctx->t3350_mode = GMM_T3350_MODE_RAU; mmctx_timer_start(mmctx, 3350, GSM0408_T3350_SECS); |