Age | Commit message (Collapse) | Author | Files | Lines |
|
Previously the MNCC socket path was generated automatically,
using concatenation of the '/tmp/ms_mncc_' prefix and MS name.
Let's allow user to specify this manually, keeping a similar
generation method for default value.
Change-Id: I643356ac579bc5e765f668265ec803b22a73739c
|
|
In some conditions it's required to maintain continuous burst
transmission (e.g. on C0). If there is nothing to transmit at
a given moment, either a LAPDm func=UI fill frame,
or a "dummy" Paging Request is used.
In case of 'ccch_scan' application, they are useless.
Let's detect and omit them.
Change-Id: I6ccecb1a78bdac3e467bdc14b7a01afbe17aa53c
|
|
Change-Id: I81d6558525e7f68c4fcd6c6272224d58532e2efb
|
|
Change-Id: Ic88f5d4b263610a376bbb9729e882097393ef2be
|
|
Change-Id: I8c2594920fcad8a3e346b938bd0c20409f4d01c9
|
|
Change-Id: I03da1329501ce9b3c5cca49a1654ba68e9bb6a98
|
|
By definition, 'ccch_scan' application is intended to be used for
monitoring of CCCH channels on C0/TS0. There is no need to send
RACH requests, therefore there is no need to care about the
mobile allocation from SI1 message.
Most likely, this "dead" code was copy-pasted from mobile
application. Let's clean it up!
Change-Id: I7c2f47cbc825a5e5a50863d842729d3d8408b9dd
|
|
Change-Id: I863fb668500b2010dfef7a63217255fd010c06d7
|
|
Change-Id: I02bc581afb5a76c51fdef50ed40e2669c3eb3f2e
|
|
Same as the "network search" VTY command but implemented as primitive
and exposed to LUA.
Change-Id: I096233a2ca9dd7daa358cebed0523cb8c0dbf593
|
|
Despite the correct range of Timing Advance value is [0..63],
there is a special feature in OsmocomBB which allows one to
simulate the distance between both MS and a BTS by playing
with the signal delay.
It was discovered that l1ctl_tx_param_req() is using an unsigned
'uint8_t' type for Timing Advance value, while other code and
L1CTL protocol is using signed 'int8_t'. This may result in
distortion of negative values, so let's fix this!
Change-Id: I6ee42b5fa2ca9ebe187f0b933465c49f840a55c2
|
|
We don't need to hand-code unix domain socket initialization but
can simply use our library function for it. As an added benefit,
the library code already contains corner case handling for non-NUL
terminated unix domain socket path.
Change-Id: I57c724c78dbbbce0546ebe914e370f32c8c89703
|
|
To have bi-directional communication we can pass credentials to the
registry server and now we can register a callback when the registry
is sending data to us.
The callback needs to return if the fd should continue to be selected
as I found no way to push the userdata as parameter on the stack. Lua
code will look like:
local host, port = "www.osmocom.org", 80
local tcp = socket.tcp()
tcp:connect(host, port);
tcp:send("GET / HTTP/1.0\r\n\r\n");
local cb = function()
local s, status, partial = tcp:receive()
print(s)
if status == 'closed' then
tcp:close()
return 0
end
return 1
end
local foo = osmo.register_fd(tcp:getfd(), cb)
Change-Id: I8254bdda1df2f8fe0a5eac894b931e7de5b426df
|
|
Don't try to unref something else after we have given up our
spot in the table.
Change-Id: I4e8db297e816d3d07a46147d5d3bdc0e8fae6c9a
|
|
This gives us working/safe zero termination without overflowing
the destination string size.
Change-Id: Ica6098ceba2bd01ce3b216085442cc5eed0ca507
|
|
settings.c: In function ‘gsm_random_imei’:
settings.c:188:26: warning: ‘sprintf’ may write a terminating nul past the end of the destination [-Wformat-overflow=]
sprintf(rand + 8, "%07ld", random() % 10000000);
^
settings.c:188:2: note: ‘sprintf’ output between 8 and 9 bytes into a destination of size 8
sprintf(rand + 8, "%07ld", random() % 10000000);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Change-Id: Id949487111235cd4af5ff068f1dce2f4b0801480
|
|
settings.c:191:2: warning: ‘strncpy’ output may be truncated copying 15 bytes from a string of length 15 -Wstringop-truncation]
strncpy(set->imeisv, set->imei, 15);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CC subscriber.o
CC support.o
CC transaction.o
CC vty_interface.o
CC voice.o
CC mncc_sock.o
CC primitives.o
mncc_sock.c: In function ‘osmo_unixsock_listen’:
mncc_sock.c:318:2: warning: ‘strncpy’ specified bound 108 equals destination size [-Wstringop-truncation]
strncpy(local.sun_path, path, sizeof(local.sun_path));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CC script_lua.o
vty_interface.c: In function ‘cfg_gps_device’:
vty_interface.c:1144:2: warning: ‘strncpy’ specified bound 32 equals destination size [-Wstringop-truncation]
strncpy(g.device, argv[0], sizeof(g.device));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
AR libmobile.a
Change-Id: Id52978f3bf7a8abea62237d7c32f8f87e1bb34a1
|
|
This fixes the below warnings:
gsm322.c: In function ‘gsm322_cs_ba_range’:
gsm322.c:3480:3: warning: ‘strncpy’ specified bound 10 equals destination size [-Wstringop-truncation]
strncpy(lower_text, gsm_print_arfcn(index2arfcn(lower)), ARFCN_TEXT_LEN);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gsm322.c:3480:3: warning: ‘strncpy’ specified bound 10 equals destination size [-Wstringop-truncation]
gsm322.c:3480:3: warning: ‘strncpy’ specified bound 10 equals destination size [-Wstringop-truncation]
gsm322.c:3480:3: warning: ‘strncpy’ specified bound 10 equals destination size [-Wstringop-truncation]
gsm322.c:3481:3: warning: ‘strncpy’ specified bound 10 equals destination size [-Wstringop-truncation]
strncpy(higher_text, gsm_print_arfcn(index2arfcn(higher)), ARFCN_TEXT_LEN);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gsm322.c: In function ‘gsm322_cs_powerscan’:
gsm322.c:2862:2: warning: ‘strncpy’ specified bound 10 equals destination size [-Wstringop-truncation]
strncpy(s_text, gsm_print_arfcn(index2arfcn(s)), ARFCN_TEXT_LEN);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gsm322.c:2863:2: warning: ‘strncpy’ specified bound 10 equals destination size [-Wstringop-truncation]
strncpy(e_text, gsm_print_arfcn(index2arfcn(e)), ARFCN_TEXT_LEN);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Change-Id: I08f938cfb2589574e90d5831a00c0140f71d5bfe
|
|
gsm322.c:366:22: warning: ‘sprintf’ may write a terminating nul past the end of the destination [-Wformat-overflow=]
sprintf(string, "-%d", 110 - rxlev);
^
gsm322.c:366:2: note: ‘sprintf’ output between 3 and 6 bytes into a destination of size 5
sprintf(string, "-%d", 110 - rxlev);
Change-Id: I7b19fef89ba0cb0c1edbdd62c46ad8395e44145b
|
|
This fixes the following alignment issue uncovered by asan:
l1l2_interface.c:169:7: runtime error: store to misaligned address 0x61600001ab99 for type 'uint16_t', which requires 2 byte alignment
0x61600001ab99: note: pointer points here
00 00 00 00 00 00 06 0a 01 19 19 40 18 00 07 00 01 03 49 06 15 00 40 01 c0 00 00 00 00 00 00 00
^
Change-Id: Ie65b428107d35bac99bc870fdbc4dc509ca2f33c
|
|
When starting multiple mobile in the same second, the libc random number
generator will be seeded to exactly the same value.
The random bits inside the RACH request(s) will be exactly the same
across multiple mobile and when the channel fails they all pick the same
randomized back-off timing.
Use stronger random numbers and replace all calls to random(2) with
osmo_get_rand_id. Add a fallback to try random().
[v2: Add helper to make sure the result is int and between 0 and
RAND_MAX]
Change-Id: Icdd4be88c62bba1e9d954568e48f0c12a67ac182
|
|
Change-Id: I231ac9987ff3c13fafcd272b7d9aae3938ab5972
|
|
It was decided to migrate to osmo_get_rand_id() and use random()
as a fall-back. But there is a critical difference between both
functions: osmo_get_rand_id() fills an input buffer with random
bytes (0x00 - 0xff), while *random() returns a value in range
between 0 and RAND_MAX.
osmo_get_rand_id() was used in a wrong way, so in some cases we
could get a negative value (how about IMEI starting from '-'?),
what isn't expected in many cases and could lead to unexpected
behaviour and segmentation faults...
This reverts commit 6d49b049ee304f1ea0e4801df61e69713b01f0f8.
Change-Id: I7b2a8a5c63cf64360a824926a2219fd7e419b1bb
|
|
When starting multiple mobile in the same second, the libc random number
generator will be seeded to exactly the same value.
The random bits inside the RACH request(s) will be exactly the same
across multiple mobile and when the channel fails they all pick the same
randomized back-off timing.
Use stronger random numbers and replace all calls to random(2) with
osmo_get_rand_id. Add a fallback to try random().
Change-Id: Ie0cc64663cd4b90c027b79545dc5d3ac9d87b9dd
|
|
This can be useful to have bidirectional communication between the
mobile lua script an external control script.
Change-Id: Ib4a5eef611f524f5d21cb6a7f4eace22b8ba60d0
|
|
Disable storing the SMS on disk. This is useful when scripting mobile.
Keep the default of attempting to store it to disk.
Change-Id: I6353447343d98ebaa5e12ab63f995750f81c8500
|
|
It seems the original code didn't allocate \0 for the string. Just use
talloc_asprintf and get a new string...
Change-Id: I8ffb50b04d2d6196caf0231711f3467abc8c5ea5
|
|
Before jumping to the failure handling code free the sms_file.
Change-Id: Ifce2bc130fe3a5bd49ad457ee61002952dd496ba
|
|
When no cell was found during the PLMN search the camp on any cell
state will be entered. LUs are prevented in this state and it will be
left after the start_any_timer has timedout. Even if camping on the
home network the state will not be left before the expiry of the timer.
For systematic tests this is producing a too high upper bound. Make it
configurable so we can succeed with a UL more quickly.
Change-Id: I25bc985cd4360d5e37d05a7b16b39eefb75ce20f
|
|
Previously, TCH frames coming from L1 were reordered to the RTP
format. Moreover, the implementation had a few problems:
- L1CTL is not the best place for such manipulations;
- payloads with other than FR codec were corrupted.
Let's use RTP-ordered payloads on the L1CTL interface,
performing TCH frame reordering at the firmware.
Please note, that actual FR reordering was moved to the firmware
as is, without any codec determination. This could be fixed in
a separate change.
Change-Id: I81ec8ed3c9e72a62b22c1720c299cdc68b733cf1
|
|
Previously, the L1CTL_CRYPTO_REQ message contained only a ciphering
algorithm and actual Kc key to be used. The key length was
calculated manually using the MSGB API.
Let's avoid manual calculations here, as it may cause unexpected
behavior if the message structure is changed. Also, let's fill
the UL header with minimal information about a channel, which
is going to be encrypted.
Change-Id: I5fab079907c5276322d3ec2b46cab81f10c7ed09
|
|
The primitives are still allocated and dispatched but there was
no script handler to delete them. Change the ownership to delete
it at the end of the dispatch.
Change-Id: I510af13bcbb46f73a0a289f26a4921cc90bd986a
Fixes: OS#2925
|
|
The recent LUA integration code introduced the following
compiler warnings (on GCC 4.8.5):
primitives.c: In function ‘create_timer’:
primitives.c:90:2: warning: format ‘%llu’ expects argument of
type ‘long long unsigned int’,
but argument 7 has type ‘uint64_t’ [-Wformat=]
primitives.c: In function ‘cancel_timer’:
primitives.c:166:3: warning: format ‘%llu’ expects argument of
type ‘long long unsigned int’,
but argument 7 has type ‘uint64_t’ [-Wformat=]
The recommended and portable way of printing an 'uint64_t'
is to use the corresponding macros 'PRIu64'.
Change-Id: Ic7f54063a35a89ad54dfa63868f43009cbe469bb
|
|
When '/var/log/osmocom.log' does not exist the cell_log
app cannot start normally, because it has no permissions
to create a new file. Furthermore, logfile is optional now.
Change-Id: I2a9982f221871c78c5c9a73b7b7a1787ff07a86c
|
|
If we fail to initialize the VTY, print an error mesage instead of
failing silently. For example:
"Cannot init VTY on 127.0.0.1 port 4247: Address already in use"
Change-Id: I24161f53fa621ae1c8b1916bd0c8055c494b531e
|
|
When reloading a script go through script_lua_close. Get the
primitive first. Then destruct the lua environment which will
lead to GC (e.g. cancellation of timers) and then delete the
primitive code.
Change-Id: I5bb4fa9e7c5010f3ad50b258dcb14956eea8822a
|
|
Make this symmetric and send the SMS through the primitive
interface. Construct and copy the sms into the prim, store
the SCA in the prim as well. In 04.11 we see we can store
2*10 digits in the destination address and a NUL.
Change-Id: I91d7537f4f6ce5ba00218c58f3456947ec7bc662
|
|
Change-Id: I0c08e071ffaac9b8e7c4af6a7be2bd8125145842
|
|
Nothing is actually being skipped in this function.
Change-Id: I9d5a33cf3a1dd7a75f9769d3c5ba85c59594b8f4
|
|
According to GSM 04.08, the System Information messages, such as
SI5, SI5ter, SI5bis and SI6 (described in sections 9.1.37-40),
have no the 'L2 Pseudo Length' (10.5.2.19) field, unlike others.
So, previously the ACCH SI messages were ignored due to an
implementation error - the gsm48_system_information_type_header
struct isn't applicable here, because it assumes the 'l2_plen'.
Since there is no (yet?) equivalent struct for the ACCH SI, this
change replaces the wrong struct by the 'gsm48_hdr', which
satisfies described requirements.
Moreover, this change cleans up some gsm48_rr_rx_sysinfo*
functions, getting rid of meaningless pionter shifting.
Change-Id: I9166996f146af7973bf02a8a1c965581dc58a4a5
|
|
In lua osmo.ms():name() will print the name/number of the MS. This
can be used by scripting code to use in events and then be analyzed.
Change-Id: I881d3e87daa19f4e6f4f5bd30fe95906129e60ef
|
|
Change parameters and check if the cb_ref is valid or not.
Change-Id: I74fbcd7e853e24b1225ecc4c19304134b8467c9b
|
|
We need continuation to avoid printing the logging category
again. E.g. when print(one, two, three) is called.
Change-Id: Id8491fa949768f170a8c74ab554cb1166afda1b7
|
|
Make the MS the script is associated with accessible to lua. Provide
access to IMSI and IMEI. The IMSI might not be available at the given
time and just return an empty string.
Example lua usage:
print(osmo.ms():imsi());
print(osmo.ms():imei());
print(osmo.ms():shutdown_state())
print(osmo.ms():started())
function ms_started_cb(started)
print("MS started", started)
end
function ms_shutdown_cb(old_state, new_state)
print("MS shutdown", old_state, "->", new_state)
end
function sms_cb(sms, cause, valid)
print("SMS data cb", sms, cause, valid)
for i, v in pairs(sms) do
print(i, v)
end
end
function mm_cb(new_state, new_substate, old_substate)
if new_state == 19 and new_substate == 1 then
osmo.ms():sms_send_simple("1234", "21321324", "fooooooo", 23)
end
end
local cbs = {
Started=ms_started_cb,
Shutdown=ms_shutdown_cb,
Sms=sms_cb,
Mm=mm_cb
}
timer = osmo.timeout(20, function()
print("Timeout occurred after 20s")
end)
osmo.ms():register(cbs)
# Can fail. Best to wait for state changes...
print(osmo.ms().start())
print(osmo.ms().stop(true))
Change-Id: Ia3ace33d6ba4e904b1ff8e271a02d67777334a58
|
|
Allow to callback into lua code after a user configured timeout. Make
it only work on seconds (truncate double to int).
Change-Id: I355d2f8d15aeaa13abb1c5e4a8e0c958e5faf7f3
|
|
Right now the script will be executed once it is loaded. Make sure
to write it into the config file last. Expose various log commands
for logging. Jump through some hoops and get the filename and line
number from lua.
Change-Id: I456f6b6b5e1a14ed6c8cb0dcc5140093d3c61ef6
|
|
Change-Id: Id2d266c48d30c06dfdc3b8c84d875038b43f2ad8
|
|
I will be adding a high-level async scripting interface to the
mobile application. The initial implementation will use Lua 5.3.
This version was released in January 2015 and is the latest version
at the time the commit was made. Lua as extension and extensible
language seems well suited for scripting.
The plan is to attach a script to a ms and be able to trigger high
level operations (send SMS, attach to network, detach).
Change-Id: Ic649e49a22c878585a6c20b5b80108909f2374eb
|
|
Notify once the mm state has been changed. Unfortunaley one state
transition can immediately trigger more transitions (recursively).
In the mid-term it might be best to force all primitives to be
async to avoid unpredictable behavior (e.g. make a shutdown while
being a recursion down?)
Change-Id: I8e9dcf7fd9116985aa060ba027ba74107a19223a
|
|
Inform the layer about new SMS and inform about the cause of
it. In both cases pass the SMS.
Change-Id: Ib7ab34b1b85b62ef0e8fff347adccbc5dc414161
|