| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Change-Id: I18d7a29496929c761aeaba9c0aee847befc13108
|
|
|
|
| |
Change-Id: I3c0e53b846b2208bd201ace99777f2286ea39ae8
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to be able to transfer SS/USSD messages via GSUP,
this change introduces the following new message types:
- OSMO_GSUP_MSGT_PROC_SS_*,
and the following new IE:
- OSMO_GSUP_SS_INFO_IE
which represents an ASN.1 encoded MAP payload coming to/from
the mobile station 'as is', without any transcoding.
Change-Id: Ie17a78043a35fffbdd59e80fd2b2da39cce5e532
Related: OS#1597
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Unlike TCAP/MAP, GSUP is just a transport layer without the
dialogue/context. This prevents us from having session based
communication, required e.g. for USSD. But we can emulate
TCAP dialogue by adding additional IEs, which would allow
to relate each message to a particular session.
This change introduces the following IEs:
- OSMO_GSUP_SESSION_ID_IE,
- OSMO_GSUP_SESSION_STATE_IE,
which optionally can be used to indicate that the message is
related to a session with given ID, and to manage session
state, i.e. initiate, continue, and finish.
Change-Id: I1cee271fed0284a134ffed103c0d4bebbcfde2a8
Related: OS#1597
|
|
|
|
| |
Change-Id: Ib83143e467df068b7d462a8e51d94b9d961ce18f
|
|
|
|
|
|
|
|
|
|
|
| |
According to the 3GPP TS 04.80, table 2.5 'Release complete', a
RELEASE_COMPLETE message may containg optional FACILITY element.
Meanwhile, the 0xff byte is used to indicate that there is no
decoded message (legacy field). Let's avoid overwriting of
a decoded message.
Change-Id: I0c85292222749a48ca0c4b2e93f4fa2d61468c18
|
|
|
|
|
| |
Related: OS#2283 (inter-BSC Handover, BSC side, MT)
Change-Id: I692292a06c7d66004404560dc4ed933ca9107f9b
|
|
|
|
|
| |
Related: OS#2283 (inter-BSC Handover, BSC side, MO)
Change-Id: Idb6dc3eab0282158a17091d97ed77c1e2e3eb3c2
|
|
|
|
|
|
|
|
| |
The idea is to be able to add a gsm0808_cell_id to a gsm0808_cell_id_list2:
first convert it to a list, then re-use gsm0808_cell_id_list_add(). It will be
used by osmo-bsc to manage neighbor-BSS cell identifiers from VTY.
Change-Id: Ibf746ac60b1b1e920baf494b396658a5ceabd788
|
|
|
|
|
| |
Closes: OS#3293
Change-Id: I8dc2f24d4bf557ff7bb0f2f46881f9f8d9d7f86f
|
|
|
|
|
|
|
|
| |
There are some symbols for use between control_cmd.c and control_if.c,
which are not supposed to be exported publicly. Let's make sure we
keep those symbols local.
Change-Id: Ia85f36a9c4b2ebf4003718e0a230959638370320
|
|
|
|
| |
Change-Id: I24666d0b90a355e9fdefd280d48900b8cac1de64
|
|
|
|
|
|
| |
Change-Id: Iff5699be1dc306120cc1752b0a892e4fcbc5a8c0
Fixes: 97d3da2c591984b47839fd1d9a5cba24a7f05fa1
Related: OS#3245
|
|
|
|
|
|
|
|
|
| |
Add a new VTY command which shows all rate counters registered
with libosmocore.
Change-Id: Id60a5aa2d961ae99cddf1e776358a5517dbc573d
Depends: Idb3ec12494ff6a3a05efcc8818e78d1baa6546bd
Related: OS#3245
|
|
|
|
|
|
|
|
|
|
|
|
| |
This new function can be used to print a rate counter group according
to a format string. The intention is to generalize and replace manual
printing of counters as implemented for the 'show statistics' VTY
command of osmo-bsc.
Related: OS#3245
Related: osmo-bsc commit 71d524c059c5a5c90e7cb77d8a2134c1c68b9cde (g#9217)
Change-Id: Idb3ec12494ff6a3a05efcc8818e78d1baa6546bd
|
|
|
|
|
|
|
| |
For some strange reason, the osmo_mncc_name() inline function
was not in the mncc.h header, but in the mncc.c file. Let's fix that.
Change-Id: I2c3666510c981dffa4ba25bed517fd7ebd1250f5
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
of 64 bits
Fixes following AddressSanitizer report during gea_test run with gcc
8.1.0:
==8899==ERROR: AddressSanitizer: dynamic-stack-buffer-overflow on address 0x7ffc5f1719bb at pc 0x7fe574adc5fe bp 0x7ffc5f171460 sp 0x7ffc5f171450
WRITE of size 1 at 0x7ffc5f1719bb thread T0
#0 0x7fe574adc5fd in osmo_store64be_ext ../../include/osmocom/core/bit64gen.h:75
#1 0x7fe574adc649 in osmo_store64be ../../include/osmocom/core/bit64gen.h:104
#2 0x7fe574ade936 in _kasumi_kgcore libosmocore/src/gsm/kasumi.c:186
#3 0x7fe574ae2532 in gea4 libosmocore/src/gsm/gea.c:44
#4 0x7fe574ae266c in gea3 libosmocore/src/gsm/gea.c:60
#5 0x7fe574a9b616 in gprs_cipher_run libosmocore/src/gsm/gprs_cipher_core.c:95
#6 0x56422d3fb2ee in test_gea libosmocore/tests/gea/gea_test.c:29
#7 0x56422d3fb506 in main libosmocore/tests/gea/gea_test.c:49
#8 0x7fe5730f406a in __libc_start_main (/usr/lib/libc.so.6+0x2306a)
#9 0x56422d3fadf9 in _start (libosmocore/tests/gea/.libs/lt-gea_test+0x1df9)
The kasumi_test is updated to calculate the entire array of bits
according to expected result. Before this commit it worked by writing
the entire last 64bit block, and addressSanitizer cannot catch it
because the allocated buffer is 64bit aligned too.
Change-Id: I7b2a0224a3b5527d5a3ad7e17efc73081b63eac1
|
|
|
|
| |
Change-Id: I3ac92217f83279d5f987ab34eb18b2e6cb1c7812
|
|
|
|
|
|
|
|
|
|
|
| |
The FSM allows to set individual action callback functions for each
state but it does not allow to leave the action callback pointer
unpopulated. However, there are cornercases where having no callback
function is desirable.
- Check if action callback is popolated before executing it.
Change-Id: I36d221c973d3890721ef1d376fb9be82c4311378
|
|
|
|
|
|
|
|
|
|
|
| |
* prefix all symbols/constants with osmo_
* use stdint.h types instead of kernel types
* use Doxygen API documentation
* use Osmocom CRC16-CCITT functions
* use Osmocom bit-reversal functions
* integrate with Automake
Change-Id: I109085ab3e412c20b19cd42fb7137aa0e4167542
|
|
|
|
|
|
|
| |
I've been importing from 94d7dbf108813ea45a91e27e9a8bd231d5a23fa7
but the isdnhdlc code hasn't seen any changes since 2012 anyway.
Change-Id: I3c58f9cb6921c2fdd0f2fcb11f622a0be88c7c63
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Linux offers file descriptor based periodic (interval) timers,
which can achieve a higher precision than our userspace based
timers and which can be slave'd to CLOCK_MONOTINIC or other clock
sources. Let's add some code for osmo_fd wrapped versions that
integrate well with our select() abstraction.
The code has been used in osmo-bts-trx since June 2017 (change-id
I51b19adde14ebb7ef3bb863d45e06243c323e22e), and I'm just renaming
and moving it to libosmocore here. After a merge, the osmo-bts
implementations can be removed in favor if this one.
Change-Id: Ibeffba7c997252c003723bcd5d14122c4ded2fe7
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In Change-Id: I8c2c103cdc7f9a45d7b2080c572f559fc3db58e4 we introduced
a check to enforce contention resolution always being used in
MS-originated LAPDm establishment on the main DCCH / SAPI0. This is
only required after RACH request (IMM.ASS.) and not after a normal
assignment command which was sent already via a dedicated channel.
Hence, we cannot enforce a strict requirement for contention resolution
in those cases.
We *could* use the RSL Channel Activation type as a constraint on
whether or not to enforce contention-resoluiton-only LAPDm
establishment, but this is out of the scope of the LAPDm code but would
have to be done inside OsmoBTS.
Related: OS#3252
Change-Id: Id903492ee90809fe98defcf4abc0419b8150069f
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The RSL_IE_MS_POWER / RSL_IE_TIMING_ADVANCE is how we communicate
the SACCH L1 header values on the MS side between LAPDm and L3 (which
is a non-standard use of RSL).
However, those IEs only maek sense on the SACCH, where we have B4 frame
format and where we actually have a L1 header containing related
information. Let's make sure to skip those IEs on regular RLL UNIT DATA
INDICATION happening on other channel types.
Change-Id: I6f13e02192531479287f71de674d17ca2ceabdc6
Closes: OS#3249
|
|
|
|
|
|
|
|
| |
This is a purely cosmetic clean-up to use the msgb_tv_push() API
to pre-pend a Tag-Value IE to a msgb, rather than the existing
open-coding approach.
Change-Id: I19bbfa1e327a617685ed11d4182e533df33215cb
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add:
- gsm0808_current_channel_type_1()
- gsm0808_permitted_speech()
- gsm0808_chosen_channel()
- gsm0808_channel_type_name()
gsm0808_permitted_speech() is moved from osmo-bsc's bssap_speech_from_lchan();
gsm0808_chosen_channel() is moved from osmo-bsc's lchan_to_chosen_channel();
Rationale: will be re-used by inter-BSC handover, makes sense to keep with the
other gsm0808 utils.
Related: OS#2283 (inter-BSC handover, BSC side)
Change-Id: I8a3cc5d4548e9a78d945d54c69ccced251edcec9
|
|
|
|
|
|
|
|
|
|
| |
* MO SAPI0 establishment *must always* have L3 payload for contention
resolution
* SAPI3 establishment *must never* use contention resolution
* MT establish must never use contention resolution
Change-Id: I8c2c103cdc7f9a45d7b2080c572f559fc3db58e4
Closes: OS#2370
|
|
|
|
|
|
|
|
| |
It seems that during all those years it has never been noted that
the back-pointer from the lapdm_entity to the lapdm_channel was
never initialized. Let's fix that.
Change-Id: Iaca66cd6a2c9f315561e365b51163927868fc346
|
|
|
|
|
|
|
|
|
|
| |
Sometimes the library probiding dlopen is not the same one providing
dlsym.
This is the case when compiling with AddressSanitizer enabled. In this
case, AC_SEARCH_LIBS([dlopen]...) reports no lib is required, but tests
using dlsym still require to link against -ldl.
Change-Id: Ic619b0885688066b60c97caf1e2c7e5402c1d9f7
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Imagine following scenario:
1- client connects to CTRL iface, a new conn is created with POLL_READ
enabled.
2- A non-related event happens which triggers a TRAP to be sent. As a
result, the wqueue for the conn has now enabled POLL_WRITE, and message
will be sent next time we go through osmo_main_select().
3- At the same time, we receive the GET cmd from the CTRL client, which
means POLL_READ event will be also triggered next time we call
osmo_main_select().
4- osmo_main_select triggers osmo_wqueue_bfd_cb with both READ/WRITE
flags set.
5- The read_cb of wqueue is executed first. The handler closes the CTRL
conn for some reason, freeing the osmo_fd struct and returns.
6- osmo_qeueue_bfd_cb keeps using the already freed osmo_fd and calls
write_cb.
So in step 6 we get a heap-use-after-free catched by AddressSanitizer:
[0;m20180424135406115 [1;32mDLCTRL[0;m <0018> control_if.c:506 accept()ed new CTRL connection from (r=10.42.42.1:53910<->l=10.42.42.7:4249)
[0;m20180424135406116 [1;34mDLCTRL[0;m <0018> control_cmd.c:378 Command: GET bts.0.oml-connection-state
[0;m20180424135406117 [1;34mDLINP[0;m <0013> bts_ipaccess_nanobts.c:417 Identified BTS 1/0/0
[0;m[1;36m20180424135406118 [1;34mDNM[0;m[1;36m <0005> abis_nm.c:1628 Get Attr (bts=0)
[0;m[1;36m20180424135406118 [1;34mDNM[0;m[1;36m <0005> abis_nm.c:1628 Get Attr (bts=0)
[0;m20180424135406118 [1;34mDCTRL[0;m <000e> osmo_bsc_ctrl.c:158 BTS connection (re)established, sending TRAP.
[0;m20180424135406119 [1;32mDLCTRL[0;m <0018> control_if.c:173 close()d CTRL connection (r=10.42.42.1:53910<->l=10.42.42.7:4249)
[0;m=================================================================
==12301==ERROR: AddressSanitizer: heap-use-after-free on address 0x611000003e04 at pc 0x7f23091c3a2f bp 0x7ffc0cb73ff0 sp 0x7ffc0cb73fe8
READ of size 4 at 0x611000003e04 thread T0
#0 0x7f23091c3a2e in osmo_wqueue_bfd_cb /home/osmocom-build/jenkins/workspace/osmo-gsm-tester_build-osmo-bsc/libosmocore/src/write_queue.c:65
#1 0x7f23091ad5d8 in osmo_fd_disp_fds /home/osmocom-build/jenkins/workspace/osmo-gsm-tester_build-osmo-bsc/libosmocore/src/select.c:216
#2 0x7f23091ad5d8 in osmo_select_main /home/osmocom-build/jenkins/workspace/osmo-gsm-tester_build-osmo-bsc/libosmocore/src/select.c:256
#3 0x56538bdb7a26 in main /home/osmocom-build/jenkins/workspace/osmo-gsm-tester_build-osmo-bsc/osmo-bsc/src/osmo-bsc/osmo_bsc_main.c:532
#4 0x7f23077532e0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202e0)
#5 0x56538bdb8999 in _start (/home/jenkins/workspace/osmo-gsm-tester_run-prod/trial-896/inst/osmo-bsc/bin/osmo-bsc+0x259999)
Fixes: OS#3206
Change-Id: I84d10caaadcfa6bd46ba8756ca89aa0badcfd2e3
|
|
|
|
|
|
|
| |
Remark: For libosmogb and libosmogsm, LIBVERSION was
already bumped in c4fce1425e19d604c199c895e227dc2519110456.
Change-Id: Ib4fa53a9bb9954ae48d0a610ba9a81dd8e8b4ef6
|
|
|
|
|
|
|
|
|
|
| |
gnutls_global_init must be called at least once for
gnutls < 3.3.0. It doesn't hurt calling it twice, except
a reference counter is increased.
gnutls >= 3.3.0 will call it automatic.
Fixes: OS#2986
Change-Id: I241b6ae5aa8df13dd78f04658cf0953e9561c9e2
|
|
|
|
|
|
|
|
|
|
| |
3GPP TS 48.058 has a very clear definition of which messages are
"transparent" and hence have the T-bit == 1. This is *not* just
all RLL messages, but basically only RLL_DATA.{ind,req} and
RLL_UNITDATA.{ind,req}. All other messages are non-transparent.
Change-Id: I9f83654af189d818563d799bf623325b7fee8e70
Closes: OS#3188
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Catched by AddressSanitizer in osmo-bts-trx while running tests in
osmo-gsm-tester:
==31738==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 5744 byte(s) in 1 object(s) allocated from:
#0 0x7ff7ec789ed0 in calloc (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc1ed0)
#1 0x7ff7e952697c (/lib/x86_64-linux-gnu/libc.so.6+0x10297c)
#2 0x7ff7e95274df in getifaddrs (/lib/x86_64-linux-gnu/libc.so.6+0x1034df)
#3 0x7ff7eadcdc8f in osmo_sockaddr_is_local libosmocore/src/socket.c:537
Change-Id: I778d3c1f162abce0595e62670c29c5134bccd28d
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Catched by address sanitizer in osmo-bts-trx during osmo-gsm-tester test
run.
==25503==ERROR: AddressSanitizer: global-buffer-overflow on address 0x55b4e8468780 at pc 0x7fd824f543ba bp 0x7fffc21009f0 sp 0x7fffc21009e8
READ of size 16 at 0x55b4e8468780 thread T0
#0 0x7fd824f543b9 in osmo_get_macaddr libosmocore/src/macaddr.c:132
#1 0x55b4e842df33 in abis_open osmo-bts/src/common/abis.c:256
#2 0x55b4e84286c9 in bts_main osmo-bts/src/common/main.c:342
#3 0x7fd8235ab2e0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202e0)
#4 0x55b4e838e759 in _start (/home/jenkins/workspace/osmo-gsm-tester_run-prod/trial-807/inst/osmo-bts/bin/osmo-bts-trx+0xfc759)
Change-Id: I3727ef339279c8eeb85908735467bfd0e02ca259
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Provide comprehensive API to obtain string representations of Cell Identifiers
and -Lists.
Change gsm0808_test.c to use the new functions (which simplifies the output a
bit), so that we don't duplicate printing code in gsm0808_test.c, and so that
the not-so-trivial printing code is also tested.
In gsm0808_test, also test gsm0808_cell_id_list_name_buf()'s return value and
truncation behavior.
The rationale for gsm0808_cell_id_list_name(), i.e. printing an entire list of
cell identifiers, is that even though the maximum is 127 elements, a list of
more than a few elements is hardly ever expected in practice (even more than
one element isn't actually expected: either "entire BSS" or a single LAC). It
is thus useful to log the entire list when it shows up in Paging and Handover.
Change-Id: I9b2106805422f96c5cc96ebb9178451355582df3
|
|
|
|
| |
Change-Id: I697639d8469e5dda617b27995c4a92e1f0c0bead
|
|
|
|
|
|
|
|
|
|
|
|
| |
According to the GSM TS 04.07, section 11.2.3.1.1 "Protocol
discriminator", bits 1 to 4 of the first octet of a standard
L3 message contain the protocol discriminator IE.
Meanwhile, the GSM48_PDISC_USSD represents value 0x11, i.e.
0b10001, that requires 5 bits, and moreover it is not
documented anywhere. Let's drop it.
Change-Id: Ic4eb8a6db4ff1dfd535bd0c84e7acf1908422f64
|
|
|
|
|
|
|
| |
don't blindly trust the tag-length value in an IPA CCM ID GET
message. This could result in a remotely-triggered integer underflow.
Change-Id: I4723361e1094b358310541a7dc4c5c921c778a15
|
|
|
|
| |
Change-Id: I9a04d501698f8a3360ef9dcbf04b57c5ac10e63b
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Clarify semantics and micro-optimise for the case of single Cell Identifer IEs.
Test in gsm0808_test.c
So far we have gsm0808_enc_cell_id_list2(), but there also exist instances of
single Cell Identifiers (3GPP TS 48.008 3.2.2.17).
It is possible to decode the same using the cell identifier list API, but this
forces the caller to also keep a full struct gsm0808_cell_id_list2 with all its
127 entries around.
E.g. for handover, there are two Cell Identifiers (Serving and Target); I'd
need two full cell id lists for each, and these would be dynamically allocated
for each handover operation, whether it uses them or not.
Related: OS#2283 (inter-BSC HO, BSC side)
Change-Id: I9f9c528965775698ab62ac386af0516192c4b0cc
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allow passing multiple struct tlv_parsed in an array, to allow parsing as many
repeated IEs as are expected by the caller.
From tlv_parse(), call tlv_parse2() with dec_multiple = 1 to yield the previous
behavior. tlv_parse() remains valid API.
An example of multiple IEs is the BSSMAP Handover Request, containing Cell
Identifier (Serving) and Cell Identifier (Target), both defined by 3GPP TS
48.008 3.2.2.17 with identical IE tags; both are mandatory.
Related: OS#2283 (inter-BSC HO, BSC side)
Change-Id: Id04008eaf0a1cafdbdc11b7efc556e3035b1c84d
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This will be used by the upcoming neighbor_ident API in osmo-bsc, where the vty
interface allows composing neihbor BSS cell identifier lists, and we want to
allow adding individual items from individual user commands.
It will also be useful to accumulate cell identifiers in case a subscriber sees
multiple alternative cells from a neighboring BSS, and we want to pass these on
to the MSC in a Handover Required.
Related: OS#2283 (inter-BSC HO, BSC side)
Change-Id: I5781f5fa5339c92ab2e2620489b002829d206925
|
|
|
|
|
|
|
| |
This will be used by cell idenitifier list code, like upcoming neighbor_ident
VTY in osmo-bsc and regression tests.
Change-Id: Iebc5cdf61b697b1603900993fc265af3eca0cedf
|
|
|
|
| |
Change-Id: Ie098af4fc9640240196eda10fd61edcb3a872455
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There seems to be quite some confusion / overlap between enum
gsm48_reject_value, gsm48_gsm_cause and gsm48_gmm_cause. I tried to go with
gsm48_gsm_cause_names[], but e.g. GSM48_REJECT_CONGESTION is not represented.
Instead of attempting to mix/merge those enums, provide a separate value string
array for enum gsm48_reject_value.
This will be used by osmo-msc's libvlr (refactoring of FSM result handling),
I27bf8d68737ff1f8dc6d11fb1eac3d391aab0cb1.
Change-Id: I6661f139e68a498fb1bef10c266c2f064b72774a
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the osmo-msc, I would like to set the subscr conn FSM identifier by a string
format, to include the type of Complete Layer 3 that is taking place. I could
each time talloc a string and free it again. This API is more convenient.
From osmo_fsm_inst_update_id(), call osmo_fsm_inst_update_id_f() with "%s" (or
pass NULL).
Put the name updating into separate static update_name() function to clarify.
Adjust the error message for erratic ID: don't say "allocate", it might be from
an update. Adjust test expectation.
Change-Id: I76743a7642f2449fd33350691ac8ebbf4400371d
|
|
|
|
|
|
|
|
|
| |
On erratic id in osmo_fsm_inst_update_id(), don't say "Attempting to allocate
FSM instance".
Escape the invalid id using osmo_quote_str().
Change-Id: I770fc460de21faa42b403f694e853e8da01c4bef
|
|
|
|
|
|
|
|
|
|
| |
Since alloc relies on osmo_fsm_inst_update_id() to set the name, never skip
that.
In osmo_fsm_inst_alloc(), we allow passing a NULL id, and in
osmo_fsm_inst_update_id(), we set the name without id if id is NULL.
Change-Id: I6d6b09a811b82770818f19b189a57d9fc4a8133b
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
strcmp() *must not* be passed NULL pointers, or we hit:
../../../src/libosmocore/src/fsm.c:123:8: runtime error: null pointer passed as argument 2, which is declared to never be null
ASAN:DEADLYSIGNAL
(Or, alternatively, a segfault.)
If any of the search |