Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-bsc / 73acbca50fe109bcd58f90c1a282b0c75a81b97b^! / . / src / libbsc
commit73acbca50fe109bcd58f90c1a282b0c75a81b97b[log] [tgz]
authorStefan Sperling <ssperling@sysmocom.de>Mon Feb 12 14:28:52 2018 +0100
committerStefan Sperling <ssperling@sysmocom.de>Tue Feb 13 18:08:28 2018 +0100
tree7e5186a7d992dcae24a429e1c42d3252ac8bb1d5
parentaa4adb8fbf9bd66ec6d628250ffe1a4106a9724d [diff]
Make RSL connection attempts time out.

If a BTS/TRX does not respond to the "IPA RSL Connect" command,
pretend that the BTS has sent a NACK for the connection.

To ensure that osmo_timer_del(&trx->rsl_connection_timeout) is not called
before this timer is initialized with osmo_timer_setup(), the E1 layer now
drops incoming RSL messages from a BTS/TRX in LOCKED administrative state.

We cancel the timeout if we receive an RSL Connect ACK or NACK from the BTS,
and if the underlying E1 link does down.

While here, add a missing message buffer free() in bts_isdn_sign_link().
The callers do not free it.

Change-Id: Ia72b65a0f15f47dcb8a6f944f6c3695a4a64b923
Related: OS#2716

diff --git a/src/libbsc/abis_nm.c b/src/libbsc/abis_nm.c
index 33af213..403b94c 100644
--- a/src/libbsc/abis_nm.c
+++ b/src/libbsc/abis_nm.c

@@ -2660,6 +2660,7 @@
 			DEBUGPC(DNM, "STREAM=0x%02x ",
 					*TLVP_VAL(&tp, NM_ATT_IPACC_STREAM_ID));
 		DEBUGPC(DNM, "\n");
+		osmo_timer_del(&sign_link->trx->rsl_connect_timeout);
 		break;
 	case NM_MT_IPACC_RSL_CONNECT_NACK:
 		LOGP(DNM, LOGL_ERROR, "RSL CONNECT NACK ");
@@ -2668,6 +2669,7 @@
 				abis_nm_nack_cause_name(*TLVP_VAL(&tp, NM_ATT_NACK_CAUSES)));
 		else
 			LOGPC(DNM, LOGL_ERROR, "\n");
+		osmo_timer_del(&sign_link->trx->rsl_connect_timeout);
 		break;
 	case NM_MT_IPACC_SET_NVATTR_ACK:
 		DEBUGPC(DNM, "SET NVATTR ACK\n");
@@ -2776,6 +2778,19 @@
 				    attr_len);
 }
 
+static void rsl_connect_timeout(void *data)
+{
+	struct gsm_bts_trx *trx = data;
+	struct ipacc_ack_signal_data signal;
+
+	LOGP(DRSL, LOGL_NOTICE, "(bts=%d,trx=%d) RSL connection request timed out\n", trx->bts->nr, trx->nr);
+
+	/* Fake an RSL CONECT NACK message from the BTS. */
+	signal.trx = trx;
+	signal.msg_type = NM_MT_IPACC_RSL_CONNECT_NACK;
+	osmo_signal_dispatch(SS_NM, S_NM_IPACC_NACK, &signal);
+}
+
 int abis_nm_ipaccess_rsl_connect(struct gsm_bts_trx *trx,
 				 uint32_t ip, uint16_t port, uint8_t stream)
 {
@@ -2785,6 +2800,9 @@
 			    NM_ATT_IPACC_DST_IP, 0, 0, 0, 0 };
 
 	int attr_len = sizeof(attr);
+	int error;
+
+	osmo_timer_setup(&trx->rsl_connect_timeout, rsl_connect_timeout, trx);
 
 	ia.s_addr = htonl(ip);
 	attr[1] = stream;
@@ -2799,9 +2817,13 @@
 	DEBUGP(DNM, "ip.access RSL CONNECT IP=%s PORT=%u STREAM=0x%02x\n",
 		inet_ntoa(ia), port, stream);
 
-	return abis_nm_ipaccess_msg(trx->bts, NM_MT_IPACC_RSL_CONNECT,
-				    NM_OC_BASEB_TRANSC, trx->bts->bts_nr,
-				    trx->nr, 0xff, attr, attr_len);
+	error = abis_nm_ipaccess_msg(trx->bts, NM_MT_IPACC_RSL_CONNECT,
+				     NM_OC_BASEB_TRANSC, trx->bts->bts_nr,
+				     trx->nr, 0xff, attr, attr_len);
+	if (error == 0)
+		osmo_timer_schedule(&trx->rsl_connect_timeout, 60, 0);
+
+	return error;
 }
 
 /* restart / reboot an ip.access nanoBTS */

diff --git a/src/libbsc/bts_ipaccess_nanobts.c b/src/libbsc/bts_ipaccess_nanobts.c
index 03bb708..cf85961 100644
--- a/src/libbsc/bts_ipaccess_nanobts.c
+++ b/src/libbsc/bts_ipaccess_nanobts.c

@@ -470,15 +470,19 @@
 {
 	/* No matter what link went down, we close both signal links. */
 	struct e1inp_ts *ts = &line->ts[E1INP_SIGN_OML-1];
+	struct gsm_bts *bts = NULL;
 	struct e1inp_sign_link *link;
 
 	llist_for_each_entry(link, &ts->sign.sign_links, list) {
-		struct gsm_bts *bts = link->trx->bts;
-
-		ipaccess_drop_oml(bts);
-		/* Yes, we only use the first element of the list. */
-		break;
+		/* Get bts pointer from the first element of the list. */
+		if (bts == NULL)
+			bts = link->trx->bts;
+		/* Cancel RSL connection timeout in case are still waiting for an RSL connection. */
+		if (link->trx->mo.nm_state.administrative == NM_STATE_UNLOCKED)
+			osmo_timer_del(&link->trx->rsl_connect_timeout);
 	}
+	if (bts != NULL)
+		ipaccess_drop_oml(bts);
 }
 
 /* This function is called if we receive one OML/RSL message. */

diff --git a/src/libbsc/e1_config.c b/src/libbsc/e1_config.c
index 90e29d3..e7398ed 100644
--- a/src/libbsc/e1_config.c
+++ b/src/libbsc/e1_config.c

@@ -131,10 +131,17 @@
 		ret = bts->model->oml_rcvmsg(msg);
 		break;
 	case E1INP_SIGN_RSL:
+		if (link->trx->mo.nm_state.administrative == NM_STATE_LOCKED) {
+			LOGP(DLMI, LOGL_ERROR, "(bts=%d/trx=%d) discarding RSL message received "
+			     "in locked administrative state\n", link->trx->bts->nr, link->trx->nr);
+			msgb_free(msg);
+			break;
+		}
 		ret = abis_rsl_rcvmsg(msg);
 		break;
 	default:
 		LOGP(DLMI, LOGL_ERROR, "unknown link type %u\n", link->type);
+		msgb_free(msg);
 		break;
 	}
 	return ret;