TLLI 0x00000000 is a valid TLLI, use 0xffffffff instead

The assumption that TLLI 0x00000000 is invalid and can be used as the initializer is wrong. Similar to TMSI, 0x00000000 is a perfectly valid value, while 0xffffffff is reserved - use it. According to 3GPP TS 23.003, section 2.4, a TMSI/P-TMSI with all 32 bits equal to 1 is special and shall not be allocated by the network. The reason is that it must be stored on the SIM, where 'ff'O represents the erased state. According to section 2.6 of the same document, a local/foreign TLLI is derived from P-TMSI, so the same rule applies to TLLI. I manually checked and corrected all occurances of 'tlli' in the code. The test expectations have been adjusted with this command: $ find tests/ -name "*.err" | xargs sed -i "s/0x00000000/0xffffffff/g" so there should be no behavior change. The only exception is the 'TypesTest', where TLLI 0xffffffff is being encoded and expected in the hexdump, so I regenerated the test output. Change-Id: Ie89fab75ecc1d8b5e238d3ff214ea7ac830b68b5 Related: OS#4844
author: Vadim Yanitskiy <vyanitskiy@sysmocom.de> 2020-11-08 13:27:35 +0700
committer: fixeria <vyanitskiy@sysmocom.de> 2020-11-10 17:06:39 +0000
commit: cb98894eb1d9dfa8a2b040224a0a5605db38a2cf (patch)
tree: 64091d033624e58fde52c61a3e17eba0bb5cf8c7 /src
parent: 305763dc6f63feada8636f05e9ce22b8d880e152 (diff)
9 files changed, 35 insertions, 25 deletions
diff --git a/src/bts.h b/src/bts.h
index 4d5d0dfd..6f757158 100644
--- a/src/bts.h
+++ b/src/bts.h
@@ -29,6 +29,7 @@ extern "C" {
 #include <osmocom/core/tdef.h>
 #include <osmocom/gsm/l1sap.h>
 #include <osmocom/gsm/protocol/gsm_04_08.h>
+#include <osmocom/gsm/gsm48.h>
 #include "mslot_class.h"
 #include "gsm_rlcmac.h"
 }
@@ -340,7 +341,7 @@ public:
 	void set_max_mcs_ul(uint8_t mcs_ul);
 
 	GprsMsStorage &ms_store();
-	GprsMs *ms_by_tlli(uint32_t tlli, uint32_t old_tlli = 0);
+	GprsMs *ms_by_tlli(uint32_t tlli, uint32_t old_tlli = GSM_RESERVED_TMSI);
 	GprsMs *ms_by_imsi(const char *imsi);
 	GprsMs *ms_alloc(uint8_t ms_class, uint8_t egprs_ms_class = 0);
 
diff --git a/src/gprs_bssgp_pcu.cpp b/src/gprs_bssgp_pcu.cpp
index 48652114..05fc0d36 100644
--- a/src/gprs_bssgp_pcu.cpp
+++ b/src/gprs_bssgp_pcu.cpp
@@ -32,6 +32,7 @@ extern "C" {
 	#include <osmocom/gsm/protocol/gsm_23_003.h>
 	#include <osmocom/gprs/protocol/gsm_08_16.h>
 	#include <osmocom/core/utils.h>
+	#include <osmocom/gsm/gsm48.h>
 	#include "coding_scheme.h"
 }
 
@@ -84,7 +85,7 @@ static int gprs_bssgp_pcu_rx_dl_ud(struct msgb *msg, struct tlv_parsed *tp)
 	struct bssgp_ud_hdr *budh;
 
 	uint32_t tlli;
-	uint32_t tlli_old = 0;
+	uint32_t tlli_old = GSM_RESERVED_TMSI;
 	uint8_t *data;
 	uint16_t len;
 	uint8_t ms_class = 0;
diff --git a/src/gprs_ms.cpp b/src/gprs_ms.cpp
index 8eb23d98..c891cdfd 100644
--- a/src/gprs_ms.cpp
+++ b/src/gprs_ms.cpp
@@ -34,6 +34,7 @@ extern "C" {
 	#include <osmocom/core/utils.h>
 	#include <osmocom/core/timer.h>
 	#include <osmocom/gsm/protocol/gsm_04_08.h>
+	#include <osmocom/gsm/gsm48.h>
 	#include <osmocom/core/logging.h>
 	#include "coding_scheme.h"
 }
@@ -97,8 +98,8 @@ GprsMs::GprsMs(BTS *bts, uint32_t tlli) :
 	m_ul_tbf(NULL),
 	m_dl_tbf(NULL),
 	m_tlli(tlli),
-	m_new_ul_tlli(0),
-	m_new_dl_tlli(0),
+	m_new_ul_tlli(GSM_RESERVED_TMSI),
+	m_new_dl_tlli(GSM_RESERVED_TMSI),
 	m_ta(GSM48_TA_INVALID),
 	m_ms_class(0),
 	m_egprs_ms_class(0),
@@ -369,9 +370,9 @@ void GprsMs::reset()
 
 	stop_timer();
 
-	m_tlli = 0;
-	m_new_dl_tlli = 0;
-	m_new_ul_tlli = 0;
+	m_tlli = GSM_RESERVED_TMSI;
+	m_new_dl_tlli = m_tlli;
+	m_new_ul_tlli = m_tlli;
 	m_imsi[0] = '\0';
 }
 
@@ -429,8 +430,8 @@ void GprsMs::set_tlli(uint32_t tlli)
 		m_tlli, tlli);
 
 	m_tlli = tlli;
-	m_new_dl_tlli = 0;
-	m_new_ul_tlli = 0;
+	m_new_dl_tlli = GSM_RESERVED_TMSI;
+	m_new_ul_tlli = GSM_RESERVED_TMSI;
 }
 
 bool GprsMs::confirm_tlli(uint32_t tlli)
@@ -455,8 +456,8 @@ bool GprsMs::confirm_tlli(uint32_t tlli)
 		"Modifying MS object, TLLI: 0x%08x confirmed\n", tlli);
 
 	m_tlli = tlli;
-	m_new_dl_tlli = 0;
-	m_new_ul_tlli = 0;
+	m_new_dl_tlli = GSM_RESERVED_TMSI;
+	m_new_ul_tlli = GSM_RESERVED_TMSI;
 
 	return true;
 }
diff --git a/src/gprs_ms.h b/src/gprs_ms.h
index fbb46f6b..8b8940bb 100644
--- a/src/gprs_ms.h
+++ b/src/gprs_ms.h
@@ -34,6 +34,7 @@ extern "C" {
 	#include <osmocom/core/linuxlist.h>
 
 	#include <osmocom/gsm/protocol/gsm_23_003.h>
+	#include <osmocom/gsm/gsm48.h>
 
 	#include "coding_scheme.h"
 }
@@ -209,14 +210,17 @@ inline bool GprsMs::need_dl_tbf() const
 
 inline uint32_t GprsMs::tlli() const
 {
-	return m_new_ul_tlli ? m_new_ul_tlli :
-	       m_tlli        ? m_tlli :
-			       m_new_dl_tlli;
+	if (m_new_ul_tlli != GSM_RESERVED_TMSI)
+		return m_new_ul_tlli;
+	if (m_tlli != GSM_RESERVED_TMSI)
+		return m_tlli;
+
+	return m_new_dl_tlli;
 }
 
 inline bool GprsMs::check_tlli(uint32_t tlli)
 {
-	return tlli != 0 &&
+	return tlli != GSM_RESERVED_TMSI &&
 		(tlli == m_tlli || tlli == m_new_ul_tlli || tlli == m_new_dl_tlli);
 }
 
diff --git a/src/gprs_ms_storage.cpp b/src/gprs_ms_storage.cpp
index 19b6e1c2..73570b3a 100644
--- a/src/gprs_ms_storage.cpp
+++ b/src/gprs_ms_storage.cpp
@@ -26,6 +26,7 @@
 
 extern "C" {
 	#include <osmocom/core/linuxlist.h>
+	#include <osmocom/gsm/gsm48.h>
 }
 
 #define GPRS_UNDEFINED_IMSI "000"
@@ -70,7 +71,7 @@ GprsMs *GprsMsStorage::get_ms(uint32_t tlli, uint32_t old_tlli, const char *imsi
 	GprsMs *ms;
 	LListHead<GprsMs> *pos;
 
-	if (tlli || old_tlli) {
+	if (tlli != GSM_RESERVED_TMSI || old_tlli != GSM_RESERVED_TMSI) {
 		llist_for_each(pos, &m_list) {
 			ms = pos->entry();
 			if (ms->check_tlli(tlli))
@@ -97,7 +98,7 @@ GprsMs *GprsMsStorage::create_ms()
 {
 	GprsMs *ms;
 
-	ms = new GprsMs(m_bts, 0);
+	ms = new GprsMs(m_bts, GSM_RESERVED_TMSI);
 
 	ms->set_callback(this);
 	llist_add(&ms->list(), &m_list);
diff --git a/src/gprs_ms_storage.h b/src/gprs_ms_storage.h
index abd9eaa5..35062f3d 100644
--- a/src/gprs_ms_storage.h
+++ b/src/gprs_ms_storage.h
@@ -38,7 +38,7 @@ public:
 	virtual void ms_idle(class GprsMs *);
 	virtual void ms_active(class GprsMs *);
 
-	GprsMs *get_ms(uint32_t tlli, uint32_t old_tlli = 0, const char *imsi = NULL) const;
+	GprsMs *get_ms(uint32_t tlli, uint32_t old_tlli = GSM_RESERVED_TMSI, const char *imsi = NULL) const;
 	GprsMs *create_ms();
 
 	const LListHead<GprsMs>& ms_list() const {return m_list;}
diff --git a/src/tbf.cpp b/src/tbf.cpp
index 2371aedb..d57c5376 100644
--- a/src/tbf.cpp
+++ b/src/tbf.cpp
@@ -171,7 +171,7 @@ gprs_rlcmac_bts *gprs_rlcmac_tbf::bts_data() const
 
 uint32_t gprs_rlcmac_tbf::tlli() const
 {
-	return m_ms ? m_ms->tlli() : 0;
+	return m_ms ? m_ms->tlli() : GSM_RESERVED_TMSI;
 }
 
 const char *gprs_rlcmac_tbf::imsi() const
@@ -240,7 +240,7 @@ void gprs_rlcmac_tbf::set_ms(GprsMs *ms)
 
 void gprs_rlcmac_tbf::update_ms(uint32_t tlli, enum gprs_rlcmac_tbf_direction dir)
 {
-	if (!tlli)
+	if (tlli == GSM_RESERVED_TMSI)
 		return;
 
 	/* TODO: When the TLLI does not match the ms, check if there is another
diff --git a/src/tbf.h b/src/tbf.h
index 549b7075..c97477bc 100644
--- a/src/tbf.h
+++ b/src/tbf.h
@@ -34,6 +34,7 @@ extern "C" {
 #include <osmocom/core/linuxlist.h>
 #include <osmocom/core/logging.h>
 #include <osmocom/core/timer.h>
+#include <osmocom/gsm/gsm48.h>
 
 #include "coding_scheme.h"
 }
@@ -535,7 +536,7 @@ inline GprsMs *gprs_rlcmac_tbf::ms() const
 
 inline bool gprs_rlcmac_tbf::is_tlli_valid() const
 {
-	return tlli() != 0;
+	return tlli() != GSM_RESERVED_TMSI;
 }
 
 inline bool gprs_rlcmac_tbf::is_tfi_assigned() const
diff --git a/src/tbf_ul.cpp b/src/tbf_ul.cpp
index 57da02a6..80a8eaa4 100644
--- a/src/tbf_ul.cpp
+++ b/src/tbf_ul.cpp
@@ -359,7 +359,7 @@ int gprs_rlcmac_ul_tbf::rcv_data_block_acknowledged(
 	if (ms())
 		ms()->update_l1_meas(meas);
 
-	uint32_t new_tlli = 0;
+	uint32_t new_tlli = GSM_RESERVED_TMSI;
 	unsigned int block_idx;
 
 	/* restart T3169 */
@@ -448,9 +448,10 @@ int gprs_rlcmac_ul_tbf::rcv_data_block_acknowledged(
 				continue;
 			}
 			if (!this->is_tlli_valid()) {
-				if (!new_tlli) {
+				if (new_tlli == GSM_RESERVED_TMSI) {
 					LOGPTBFUL(this, LOGL_NOTICE,
-						  "TLLI = 0 within UL DATA.\n");
+						  "TLLI is 0x%08x within UL DATA?!?\n",
+						  new_tlli);
 					m_window.invalidate_bsn(rdbi->bsn);
 					continue;
 				}
@@ -458,7 +459,7 @@ int gprs_rlcmac_ul_tbf::rcv_data_block_acknowledged(
 					  "Decoded premier TLLI=0x%08x of UL DATA TFI=%d.\n",
 					  new_tlli, rlc->tfi);
 				update_ms(new_tlli, GPRS_RLCMAC_UL_TBF);
-			} else if (new_tlli && new_tlli != tlli()) {
+			} else if (new_tlli != GSM_RESERVED_TMSI && new_tlli != tlli()) {
 				LOGPTBFUL(this, LOGL_NOTICE,
 					  "Decoded TLLI=%08x mismatch on UL DATA TFI=%d. (Ignoring due to contention resolution)\n",
 					  new_tlli, rlc->tfi);
author	Vadim Yanitskiy <vyanitskiy@sysmocom.de>	2020-11-08 13:27:35 +0700
committer	fixeria <vyanitskiy@sysmocom.de>	2020-11-10 17:06:39 +0000
commit	cb98894eb1d9dfa8a2b040224a0a5605db38a2cf (patch)
tree	64091d033624e58fde52c61a3e17eba0bb5cf8c7 /src
parent	305763dc6f63feada8636f05e9ce22b8d880e152 (diff)