diff options
| author | Harald Welte <laforge@gnumonks.org> | 2018-02-03 21:08:26 +0100 |
|---|---|---|
| committer | Harald Welte <laforge@gnumonks.org> | 2018-02-03 20:30:03 +0000 |
| commit | c2007855cebd240cf2868ce0d2dd90ba42ddfa8a (patch) | |
| tree | aceefffcb4f3dfb71f0dd440ec66302ee9e62b5f /src/libmsc/gsm_04_08.c | |
| parent | 6d28981912d90cb37b43f850710bc7674106542e (diff) | |
Implement checks for duplicate uplink UL L3 message
According to TS 24.007 Section 11.2.3.2.3, it is possible that uplink L3
messages are duplicated in some scenarios, particularly during
assignment/handover procedure.
To avoid L3 entities from seeing duplicated messages, there's a modulo-2
or modulo-4 message sequence counter, based on which the MSC can detect
and suppress such duplicate messages.
It appears that even our unit tests were wrong in that regard so far.
Rather than manually adjusting each and every message, let's make sure
that the sequence number generation always increments as expected, and
that during matching of incoming messages, sequence numbers are masked
out.
Note: the tests will only pass from libosmocore Change-Id
Iec875a77f5458322dfbef174f5abfc0e8c09d464 onwards, due to
gsm48_hdr_msg_type() being broken in earlier versions.
Change-Id: Id15e399ab7e1b05dcd426b292886fa19d36082b1
Closes: #2908
Diffstat (limited to 'src/libmsc/gsm_04_08.c')
| -rw-r--r-- | src/libmsc/gsm_04_08.c | 94 |
1 files changed, 94 insertions, 0 deletions
diff --git a/src/libmsc/gsm_04_08.c b/src/libmsc/gsm_04_08.c index c9ea2c8fb..5acc4e445 100644 --- a/src/libmsc/gsm_04_08.c +++ b/src/libmsc/gsm_04_08.c @@ -3302,6 +3302,94 @@ void cm_service_request_concludes(struct gsm_subscriber_connection *conn, conn->received_cm_service_request = false; } +/* TS 24.007 11.2.3.2.3 Message Type Octet / Duplicate Detection */ +int gsm0407_pdisc_ctr_bin(uint8_t pdisc) +{ + switch (pdisc) { + case GSM48_PDISC_MM: + case GSM48_PDISC_CC: + case GSM48_PDISC_NC_SS: + return 0; + case GSM48_PDISC_GROUP_CC: + return 1; + case GSM48_PDISC_BCAST_CC: + return 2; + case GSM48_PDISC_LOC: + return 3; + default: + return -1; + } +} + +/* extract the N(SD) and return the modulo value for a R98 message */ +static uint8_t gsm0407_determine_nsd_ret_modulo_r99(uint8_t pdisc, uint8_t msg_type, uint8_t *n_sd) +{ + switch (pdisc) { + case GSM48_PDISC_MM: + case GSM48_PDISC_CC: + case GSM48_PDISC_NC_SS: + *n_sd = (msg_type >> 6) & 0x3; + return 4; + case GSM48_PDISC_GROUP_CC: + case GSM48_PDISC_BCAST_CC: + case GSM48_PDISC_LOC: + *n_sd = (msg_type >> 6) & 0x1; + return 2; + default: + /* no sequence number, we cannot detect dups */ + return 0; + } +} + +/* extract the N(SD) and return the modulo value for a R99 message */ +static uint8_t gsm0407_determine_nsd_ret_modulo_r98(uint8_t pdisc, uint8_t msg_type, uint8_t *n_sd) +{ + switch (pdisc) { + case GSM48_PDISC_MM: + case GSM48_PDISC_CC: + case GSM48_PDISC_NC_SS: + case GSM48_PDISC_GROUP_CC: + case GSM48_PDISC_BCAST_CC: + case GSM48_PDISC_LOC: + *n_sd = (msg_type >> 6) & 0x1; + return 2; + default: + /* no sequence number, we cannot detect dups */ + return 0; + } +} + +/* TS 24.007 11.2.3.2 Message Type Octet / Duplicate Detection */ +static bool gsm0407_is_duplicate(struct gsm_subscriber_connection *conn, struct msgb *msg) +{ + struct gsm48_hdr *gh; + uint8_t pdisc; + uint8_t n_sd, modulo, bin; + + gh = msgb_l3(msg); + pdisc = gsm48_hdr_pdisc(gh); + + if (conn->classmark.classmark1_set && conn->classmark.classmark1.rev_lev < 2) { + modulo = gsm0407_determine_nsd_ret_modulo_r98(pdisc, gh->msg_type, &n_sd); + } else { /* R99 */ + modulo = gsm0407_determine_nsd_ret_modulo_r99(pdisc, gh->msg_type, &n_sd); + } + if (modulo == 0) + return false; + bin = gsm0407_pdisc_ctr_bin(pdisc); + if (bin < 0) + return false; + + OSMO_ASSERT(bin < ARRAY_SIZE(conn->n_sd_next)); + if (n_sd != conn->n_sd_next[bin]) { + /* not what we expected: duplicate */ + return true; + } else { + /* as expected: no dup; update expected counter for next message */ + conn->n_sd_next[bin] = (n_sd + 1) % modulo; + return false; + } +} /* Main entry point for GSM 04.08/44.008 Layer 3 data (e.g. from the BSC). */ int gsm0408_dispatch(struct gsm_subscriber_connection *conn, struct msgb *msg) @@ -3317,6 +3405,12 @@ int gsm0408_dispatch(struct gsm_subscriber_connection *conn, struct msgb *msg) gh = msgb_l3(msg); pdisc = gsm48_hdr_pdisc(gh); + if (gsm0407_is_duplicate(conn, msg)) { + LOGP(DRLL, LOGL_NOTICE, "%s: Discarding duplicate L3 message\n", + (conn && conn->vsub) ? vlr_subscr_name(conn->vsub) : "UNKNOWN"); + return 0; + } + LOGP(DRLL, LOGL_DEBUG, "Dispatching 04.08 message %s (0x%x:0x%x)\n", gsm48_pdisc_msgtype_name(pdisc, gsm48_hdr_msg_type(gh)), pdisc, gsm48_hdr_msg_type(gh)); |