summaryrefslogtreecommitdiffstats
path: root/src/host/layer23
AgeCommit message (Collapse)AuthorFilesLines
2021-03-25mobile/vty: add a command to trigger LURfixeria/researchVadim Yanitskiy2-2/+25
Change-Id: I98ff3fb2611785a897723ea1edca8d8b4b3b5ec2
2021-03-25mobile/vty: add Key Sequence number change commandVadim Yanitskiy1-0/+24
Change-Id: I2400a80c9804159dfe1faa26b84e33776d30a79f
2021-03-25mobile/vty: add IMSI/TMSI clone commandVadim Yanitskiy1-0/+52
Change-Id: I03ff86995199746d86904505b5e78ad4055e607b
2020-11-25mobile: generate coredump and exit upon SIGABRT receivedPau Espin Pedrol1-2/+9
Previous code relied on abort() switching sigaction to SIG_FDL + retriggering SIGABRT in case the signal handler returns, which would then generate the coredump + terminate the process. However, if a SIGABRT is received from somewhere else (kill -SIGABRT), then the process would print the talloc report and continue running, which is not desired. Change-Id: Ied0f47378a5d348b857424adb5c874c1c093b485 Fixes: OS#4865
2020-11-11Use osmo_fd_*_{disable,enable}Harald Welte1-6/+6
Change-Id: If4c7f946852d153bd472e5c704f8d517d26ca22e Depends: libosmocore.git Idb89ba7bc7c129a6304a76900d17f47daf54d17d
2020-10-23gsm48_rr: Don't swap ber with snr in "MON:" log lineHarald Welte1-1/+1
I was quite confused why I constantly see a bit error rate reported by gsm48_rr, while at the same time the actual L1CTL_DATA_IND did all state num_biterr == 0. So the log statement was broken ... Change-Id: I09bb6c606a8437b213bb444949c78a7c8a10542c
2020-10-21mobile: Use osmo_fd_setup() in script_lua.cHarald Welte1-4/+3
Change-Id: Ib6f97b9b8f3af63b81b92071b7fdb1fd55da89a5
2020-10-18Use osmo_fd_setup() whenever applicable.Harald Welte2-18/+9
Change-Id: If9b636c295fc6b5349a54c70662f09efa616ee63
2020-10-18Use OSMO_FD_* instead of deprecated BSC_FD_*Harald Welte3-12/+12
Change-Id: Ibf64b18288b9109927035f650d6ef7ad9f15d688
2020-10-13layer23/cbch-sniff: fix: use Osmocom specific RSL channel numberVadim Yanitskiy1-2/+13
This way the layer1 can activate proper CBCH task and send us CBCH block with proper RSL channel number, so they do not end up being routed to LAPDm and rejected there. Change-Id: Ib1d5c99587202a9d94aeb7b63de7ae8c4fb15af0
2020-10-13layer23/cbch-sniff: fix: do not blindly assume presence of CBCHVadim Yanitskiy1-1/+1
We cannot blindly assume that CBCH is present on TS0/SDCCH4 before decoding CBCH Channel Description in System Information Type 4. Change-Id: Ie8ce572df292d0b03c0f743bcf26184619176321
2020-07-31layer23/mobile: implement handling of TCH test loop commandsVadim Yanitskiy7-15/+239
For more information, see 3GPP TS 44.014, sections: - 5.1 "Single-slot TCH loops", and - 8 "Message definitions and contents". This feature has nothing to do with the Mobility Management, so let's handle GSM48_PDISC_TEST messages in the Radio Resources layer implementation (gsm48_mm.c -> gsm48_rr.c). Change-Id: If8efc57c7017aa8ea47b37c472d1bbb1914389ca
2020-07-30layer23/mobile: fix a memory leak (msgb) in gsm48_rr_data_ind()Vadim Yanitskiy1-1/+3
Change-Id: I55dcccf5b7d27d012908759954182eaec434d26b
2020-07-30layer23/mobile: fix wrong message type in gsm48_rr_tx_rr_status()Vadim Yanitskiy1-1/+1
Change-Id: I57c6a4e1e725da52c50e2a28e56627a3f3827c62
2020-07-29layer23/mobile: cosmetic: use GSM48_PDISC_TEST from gsm_04_08.hVadim Yanitskiy1-1/+1
Change-Id: Ie1f14b37f6138f5a019a25bdbc8a3531418df6c2
2020-05-05mobile: loopback: support EFROliver Smith1-4/+23
Related: SYS#4924 Change-Id: I73d1f88b0865ad97b85418ff76739febf2e128a7
2020-05-05mobile: traffic req check: support EFROliver Smith2-11/+47
L1CTL handling code should not be involved in such high level checks, so while at it, move the check into a separate function in gsm48_rr.c and add a length check. gsm48_rr_tx_voice() is the only caller of l1ctl_tx_traffic_req(). Related: SYS#4924 Change-Id: Iba84f5d60ff5b1a2db8fb6af5131e185965df7c9
2020-05-05mobile: implement 'loopback' TCH frame I/O handlerNeels Hofmeyr1-7/+22
Use newly added audio / loopback config vty node to provide audio loopback from mobile app. Only FR is supported for now. Change-Id: Icd0b8d00c855db1a6ff5e35e10c8ff67b7ad5c83
2020-05-05mobile: add audio config, with unused audio loopback settingNeels Hofmeyr4-0/+84
The aim is to add configurable audio loopback to mobile. An existing patch on a branch from fixeria [1] adds the audio config section. Add a reduced version of this audio config to be compatible with the future merge. Add the audio loopback setting, so far without functionality. Subsequent patch adds the actual loopback. [1] osmocom-bb branch fixeria/audio, patch "mobile/vty_interface.c: add new 'audio' section" Change-id I62cd5ef22ca2290fcafe65c78537ddbcb39fb8c6 Change-Id: Ie03e4a6c6f81ea3925266dd22e87506d722a6e1a
2020-03-17layer23/l1ctl: fix: do not pass PDCH and CBCH frames to LAPDmVadim Yanitskiy1-0/+10
GPRS (PDCH) and CBCH related frames have nothing to do with LAPDm. The former uses LLC for the user-plane data, while CBCH involves its own segmentation described in 3GPP TS 23.041 and TS 44.012. There is currently no code for handling these kinds of frames, so let's just send them to GSMTAP and release the memory (msgb). Change-Id: I59b4acbe22217f8989f73b79b128a43e8bcdfa2f Related: OS#4439
2020-03-07cbch_sniff: Use CCCH_MODE_COMBINED_CBCH, not CCCH_MODE_COMBINEDHarald Welte1-1/+1
In Change-Id Ia94ebf22a2ec439dfe1f31d703b832ae57b48ef2 we introduced a new member to the ccch_mode enum: CCCH_MODE_COMBINED_CBCH, which is to be used to tell the PHY if a CBCH is present on the combined CCCH+SDCCH/4+CBCH or not (CCCH+SDCCH4). This was implemented in trxcon + calypso firmware, but cbch_sniff has not been updated accordingly. Related: OS#4439 Change-Id: I429d45cfb181da4a2e767e92f1213ccd08c6d440
2020-03-05mobile: fix gsm_recv_voice: pull l1ctl header from TCH payloadNeels Hofmeyr1-0/+2
That function encapsulates the RTP payload in an MNCC header, but the l1ctl dl header has to be removed first to get only the RTP payload in the MNCC structure. Change-Id: Id6ddc9b1da43e88c5b9468d4397a39953bdf533a
2020-03-01mobile/gsm322: fix use-after-free of cs->si reported by ASanVadim Yanitskiy1-0/+7
This pointer cs->si stores an address to the System Information of a currently selected cell. When we release System Information, ensure that it does not point to free()d memory. Change-Id: Ife2ddf7274a48447a9ded9035f9dd01befaf2e6c
2020-03-01layer23/l1ctl: fix NULL-pointer dereference reported by ASanVadim Yanitskiy1-1/+8
Some applications (e.g. ccch_scan) may not initialize ms->cellsel.si, some (e.g. mobile) may need some time to initialize it. Let's assume that 'bs_ag_blks_res' is 1 if System Information is not available. Change-Id: Ie695d9700c01ee1e6778950a2f3c8610b69d2143
2020-02-26layer23: Terminate process if L2 socket fails/dissappearsHarald Welte1-0/+1
We don't recover from this situation at all, so it's best to terminate the process. Change-Id: I487d18e4afe2cae9f777a30864e680b5dc821fc1
2020-01-13layer23: Fix build against gpsd >= 3.20Pau Espin Pedrol1-0/+8
During 3.19->3.20 dev cycle, some fields were transformed from timestamp_t or double to timespec_t. See for instance gpsd.git f7c230fceb6d64483757f8c32afb98e6a2cb9413. Change-Id: Ie8ba19d030b6f46f2d8afc270a732ce8c26c438f
2019-12-31layer23: Avoid sending downlink AGCH/PCH fill frames over GSMTAPPau Espin Pedrol1-4/+36
Some bits are taken from osmo-bts l1sap.c. Change-Id: Id21e9334b620b8ab3ad404708bfd5358e3555ab6
2019-12-31layer23: Identify AGCH from PCH on tx of GSMTAP downlink messagesPau Espin Pedrol1-1/+46
Some bits are taken from osmo-bts l1sap.c Change-Id: I0adab003a4060c9cef730e0432859659c51bd087
2019-12-31mobile: Send correct ARFCN in UL gsmtapPau Espin Pedrol1-2/+3
Change-Id: I9f677866095413a0efeb8a336ce15a2dbca2228c
2019-12-20layer23: Fix trailing whitespacePau Espin Pedrol1-2/+2
Change-Id: I295f285e5fc3cdc372723f6b4de2415a94d4979a
2019-11-17mobile/gsm48_mm.h: use fixed-size integer types in packed structuresVadim Yanitskiy1-3/+2
Change-Id: I54ed93c03ebe776bdc7eb761a8194da3ab0b67fb
2019-11-17mobile/gsm48_mm.h: mark some structures as 'packed'Vadim Yanitskiy1-3/+3
In several code paths we put / push structures from 'gsm48_mm.h' into the message buffers, so then they're unpacked by the message receivers. The AddressSanitizer complains about unaligned pointer access and potentially unexpected behaviour. Let's fix this by explicitly marking those structures as 'packed'. Change-Id: I6af7475c609b3293af708540d569fe1616fab43f
2019-11-17mobile/gsm48_rr.c: fix NULL-pointer dereference in gsm48_rr_check_mode()Vadim Yanitskiy1-1/+1
In some cases (e.g. at start up) ms->rrlayer may not be initialized. Let's access ms->settings directly since we already have a pointer to struct osmocom_ms. Change-Id: Ia9720132fcda960dcecefab9ae48398946503dc4
2019-10-17Fix common misspellings and typosMartin Hauke25-99/+99
Change-Id: I962b42871693f33b1054d43d195817e9cd84bb64
2019-08-05Remove undefined param passed to logging_vty_add_cmdsPau Espin Pedrol1-1/+1
Since March 15th 2017, libosmocore API logging_vty_add_cmds() had its parameter removed (c65c5b4ea075ef6cef11fff9442ae0b15c1d6af7). However, definition in C file doesn't contain "(void)", which means number of parameters is undefined and thus compiler doesn't complain. Let's remove parameters from all callers before enforcing "(void)" on it. Change-Id: I25baaa30b097dad2fae507c5321778f43e863611 Related: OS#4138
2019-07-21gsm411_sms.c: Handle negative return of gsm340_gen_oa()Harald Welte1-0/+3
Change-Id: I36f56e1fbd72d9b31350dc2f8a53e763f79f4c08 Closes: CID#198533
2019-07-21mobile/gsm480_ss.c: gsm480_tx_release_compl(): fix cause IE encodingVadim Yanitskiy1-2/+7
According to GSM TS 04.08, section 10.5.4.11, location and coding standard are encoded before the cause value, not vice-versa! Also, coding standards other than "1 1 - Standard defined for the GSM PLMNs" shall not be used if the cause can be represented with the GSM standardized coding. Change-Id: Ic6abcfb9a9589f5b0c9c40def863f15ae04d0bdd
2019-07-21mobile: Fix encoding of cause in gsm480_tx_release_compl()Harald Welte1-4/+4
Change-Id: Iba2ace7d82be5677d28b25f60ab0312fed76f5e5 Closes: CID#198577, CID#198576, CID#198575
2019-07-21gsm322: Fix resource leak in gsm322_init() while reading BAHarald Welte1-1/+3
Change-Id: Id42102ab8581e247f495fb7e05dc62a6743d28c5 Closes: CID#198546
2019-05-28layer23: fix tons of compiler warnings, mostly OSMO_DEPRECATED relatedHarald Welte7-26/+36
Change-Id: I03918bd864c711b377a795186123c85bb6f4dc4a
2019-05-23common/sap_fsm.c: fix missing pointer dereferenceHarald Welte1-1/+1
sap_fsm.c: In function ‘sap_negotiate_msg_size’: sap_fsm.c:103:15: warning: passing argument 1 of ‘__bswap_16’ makes integer from pointer without a cast [-Wint-conversion]: size = ntohs((uint16_t *) param->value); ^~~~~~~~~~~~~~~~~~~~~~~~~ Change-Id: Ie58af6162c67ae377809b42daa897ca3f3d72af1
2019-05-22layer23: Fix 'make distcheck'Harald Welte6-6/+65
Change-Id: Ic48e240ee1484aaa793af23c62a24d2949900b86
2019-05-22bcch_scan: Fix compiler warning about undefined functionsHarald Welte3-1/+10
Change-Id: I435ef2032b9cefe844c37f395d9087be6af8934a
2019-05-14common/sim.c: add missing break to sim_apdu_resp()Vadim Yanitskiy1-0/+1
Change-Id: Id5c325ffcfea8175bc5d5499a0904c0984e00349 Fixes: OS#198542
2019-05-03mobile/gsm48_mm.c: use proper types for gsm48_rr_hdrVadim Yanitskiy1-5/+5
Change-Id: I29ed122b8956260b9f847cc0e3e81a28d6762632
2019-05-03mobile/gsm48_rr.h: mark gsm48_rr_hdr struct as packedVadim Yanitskiy1-1/+1
In both gsm48_mm.c and gsm48_rr.c we put / push 'gsm48_rr_hdr' structure into the message buffers, so then it's retrieved by the message receivers. The AddressSanitizer complains about unaligned pointer access and potentially unexpected behaviour. Change-Id: I8aa2c0074b405afd0e76044ef076b6819fe1083b
2019-05-03mobile/gsm322.c: fix heap-use-after-free in gsm322_unselect_cell()Vadim Yanitskiy1-0/+2
In gsm322_l1_signal(), if S_L1CTL_FBSB_ERR is received, we free stored System Information of the current cell, but cs->si may still point to it. Let's set it to NULL. Found with AddressSanitizer: DL1C ERROR l1ctl.c:96 FBSB RESP: result=255 DCS INFO gsm322.c:2995 Channel sync error, try again DCS INFO gsm322.c:467 Sync to ARFCN=860(DCS) rxlev=-106 DRR INFO gsm48_rr.c:665 MON: no cell info DRR INFO gsm48_rr.c:665 MON: no cell info DRR INFO gsm48_rr.c:665 MON: no cell info DRR INFO gsm48_rr.c:665 MON: no cell info DL1C ERROR l1ctl.c:96 FBSB RESP: result=255 DCS INFO gsm322.c:3008 Channel sync error. DCS DEBUG gsm322.c:3013 free sysinfo ARFCN=860(DCS) DCS INFO gsm322.c:3020 Unselect cell due to sync error! DCS INFO gsm322.c:509 Unselecting serving cell. ================================================================= ==6014==ERROR: AddressSanitizer: heap-use-after-free on address 0x61b0000000e6 at pc 0x00000050d6dd bp 0x7fff7f84aa60 sp 0x7fff7f84aa58 Change-Id: I9cc526c18d69695d810de98703579818408de011
2019-04-27lua: Add a sentinel for the fd function tableHolger Hans Peter Freyther1-0/+1
Change-Id: I4fe2fd6584a453a951361e1b67fb986583b176be
2019-02-02common/sim.c: use msgb_get() in gsm_sim_reply()Vadim Yanitskiy1-5/+1
Change-Id: Ie5843c8adafc37da0d69c335c97b422552b85049
2019-02-02common/sim.c: get rid of unused 'payload' pointerVadim Yanitskiy1-2/+0
This change fixes the following compiler warning: sim.c: In function ‘gsm_sim_reply’: sim.c:149:11: warning: variable ‘payload’ set but not used [-Wunused-but-set-variable] uint8_t *payload; Change-Id: I3767b23bb1b28d3f4bb515d399bce160ba2eee09
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-25 19:54:59 +0000