Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-bsc / 0b103999371e91c979ffe51723579860cbbcac2f / . / src / libbsc / bsc_subscr_conn_fsm.c
blob: 3e0ccc00490217e9c5aaca9c91ddb6d6b178ed4c [file] [log] [blame]
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]1/* (C) 2017 by Harald Welte <laforge@gnumonks.org>
2 * All Rights Reserved
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU Affero General Public License as published by
6 * the Free Software Foundation; either version 3 of the License, or
7 * (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU Affero General Public License for more details.
13 *
14 * You should have received a copy of the GNU Affero General Public License
15 * along with this program. If not, see <http://www.gnu.org/licenses/>.
16 *
17 */
18
19#include <osmocom/core/fsm.h>
20#include <osmocom/core/logging.h>
21#include <osmocom/gsm/gsm0808.h>
22#include <osmocom/sigtran/sccp_sap.h>
23#include <osmocom/gsm/gsm0808_utils.h>
24
25#include <osmocom/bsc/debug.h>
26#include <osmocom/bsc/bsc_api.h>
27#include <osmocom/bsc/gsm_data.h>
28#include <osmocom/bsc/handover.h>
29#include <osmocom/bsc/chan_alloc.h>
30#include <osmocom/bsc/bsc_subscriber.h>
31#include <osmocom/bsc/osmo_bsc_sigtran.h>
32#include <osmocom/bsc/bsc_subscr_conn_fsm.h>
33#include <osmocom/bsc/osmo_bsc.h>
34#include <osmocom/bsc/penalty_timers.h>
35#include <osmocom/mgcp_client/mgcp_client_fsm.h>
36#include <osmocom/core/byteswap.h>
37
38#define S(x) (1 << (x))
39
40#define MGCP_MGW_TIMEOUT 4 /* in seconds */
41#define MGCP_MGW_TIMEOUT_TIMER_NR 1
42
43#define MGCP_MGW_HO_TIMEOUT 4 /* in seconds */
44#define MGCP_MGW_HO_TIMEOUT_TIMER_NR 2
45
46#define GSM0808_T10_TIMER_NR 10
47#define GSM0808_T10_VALUE 6
48
49#define ENDPOINT_ID "rtpbridge/*@mgw"
50
51enum gscon_fsm_states {
52 ST_INIT,
53 /* waiting for CC from MSC */
54 ST_WAIT_CC,
55 /* active connection */
56 ST_ACTIVE,
57 /* during assignment; waiting for ASS_CMPL */
58 ST_WAIT_ASS_CMPL,
59 /* during assignment; waiting for MODE_MODIFY_ACK */
60 ST_WAIT_MODE_MODIFY_ACK,
61 /* BSSMAP CLEAR has been received */
62 ST_CLEARING,
63
64/* MGW handling */
65 /* during assignment; waiting for MGW response to CRCX for BTS */
66 ST_WAIT_CRCX_BTS,
67 /* during assignment; waiting for MGW response to MDCX for BTS */
68 ST_WAIT_MDCX_BTS,
69 /* during assignment; waiting for MGW response to CRCX for MSC */
70 ST_WAIT_CRCX_MSC,
71
72/* MT (inbound) handover */
73 /* Wait for Handover Access from MS/BTS */
74 ST_WAIT_MT_HO_ACC,
75 /* Wait for RR Handover Complete from MS/BTS */
76 ST_WAIT_MT_HO_COMPL,
77
78/* MO (outbound) handover */
79 /* Wait for Handover Command / Handover Required Reject from MSC */
80 ST_WAIT_MO_HO_CMD,
81 /* Wait for Clear Command from MSC */
82 ST_MO_HO_PROCEEDING,
83
84/* Internal HO handling */
85 /* Wait for the handover logic to complete the handover */
86 ST_WAIT_HO_COMPL,
87 /* during handover; waiting for MGW response to MDCX for BTS */
88 ST_WAIT_MDCX_BTS_HO,
89};
90
91static const struct value_string gscon_fsm_event_names[] = {
92 {GSCON_EV_A_CONN_IND, "MT-CONNECT.ind"},
93 {GSCON_EV_A_CONN_REQ, "MO-CONNECT.req"},
94 {GSCON_EV_A_CONN_CFM, "MO-CONNECT.cfm"},
95 {GSCON_EV_A_ASSIGNMENT_CMD, "ASSIGNMENT_CMD"},
96 {GSCON_EV_A_CLEAR_CMD, "CLEAR_CMD"},
97 {GSCON_EV_A_DISC_IND, "DISCONNET.ind"},
98 {GSCON_EV_A_HO_REQ, "HANDOVER_REQUEST"},
99
100 {GSCON_EV_RR_ASS_COMPL, "RR_ASSIGN_COMPL"},
101 {GSCON_EV_RR_ASS_FAIL, "RR_ASSIGN_FAIL"},
102 {GSCON_EV_RR_MODE_MODIFY_ACK, "RR_MODE_MODIFY_ACK"},
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]103 {GSCON_EV_RLL_REL_IND, "RLL_RELEASE.ind"},
104 {GSCON_EV_RSL_CONN_FAIL, "RSL_CONN_FAIL.ind"},
105 {GSCON_EV_RSL_CLEAR_COMPL, "RSL_CLEAR_COMPLETE"},
106
107 {GSCON_EV_MO_DTAP, "MO-DTAP"},
108 {GSCON_EV_MT_DTAP, "MT-DTAP"},
109 {GSCON_EV_TX_SCCP, "TX_SCCP"},
110
111 {GSCON_EV_MGW_FAIL_BTS, "MGW_FAILURE_BTS"},
112 {GSCON_EV_MGW_FAIL_MSC, "MGW_FAILURE_MSC"},
113 {GSCON_EV_MGW_CRCX_RESP_BTS, "MGW_CRCX_RESPONSE_BTS"},
114 {GSCON_EV_MGW_MDCX_RESP_BTS, "MGW_MDCX_RESPONSE_BTS"},
115 {GSCON_EV_MGW_CRCX_RESP_MSC, "MGW_CRCX_RESPONSE_MSC"},
116
117 {GSCON_EV_HO_START, "HO_START"},
118 {GSCON_EV_HO_TIMEOUT, "HO_TIMEOUT"},
119 {GSCON_EV_HO_FAIL, "HO_FAIL"},
120 {GSCON_EV_HO_COMPL, "HO_COMPL"},
121
122 {0, NULL}
123};
124
125/* Send data SCCP message through SCCP connection. All sigtran messages
126 * that are send from this FSM must use this function. Never use
127 * osmo_bsc_sigtran_send() directly since this would defeat the checks
128 * provided by this function. */
129static void sigtran_send(struct gsm_subscriber_connection *conn, struct msgb *msg, struct osmo_fsm_inst *fi)
130{
131 int rc;
132
133 /* Make sure that we only attempt to send SCCP messages if we have
134 * a life SCCP connection. Otherwise drop the message. */
135 if (fi->state == ST_INIT || fi->state == ST_WAIT_CC) {
136 LOGPFSML(fi, LOGL_ERROR, "No active SCCP connection, dropping message!\n");
137 msgb_free(msg);
138 return;
139 }
140
141 rc = osmo_bsc_sigtran_send(conn, msg);
142 if (rc < 0)
143 LOGPFSML(fi, LOGL_ERROR, "Unable to deliver SCCP message!\n");
144}
145
Harald Welteead291a2018-03-21 22:11:32 +0100[diff] [blame]146
147/* See TS 48.008 3.2.2.11 Channel Type Octet 5 */
148static int bssap_speech_from_lchan(const struct gsm_lchan *lchan)
149{
150 switch (lchan->type) {
151 case GSM_LCHAN_TCH_H:
152 switch (lchan->tch_mode) {
153 case GSM48_CMODE_SPEECH_V1:
154 return 0x05;
155 case GSM48_CMODE_SPEECH_AMR:
156 return 0x25;
157 default:
158 return -1;
159 }
160 break;
161 case GSM_LCHAN_TCH_F:
162 switch (lchan->tch_mode) {
163 case GSM48_CMODE_SPEECH_V1:
164 return 0x01;
165 case GSM48_CMODE_SPEECH_EFR:
166 return 0x11;
167 case GSM48_CMODE_SPEECH_AMR:
168 return 0x21;
169 default:
170 return -1;
171 }
172 break;
173 default:
174 return -1;
175 }
176}
177
178/* GSM 08.08 3.2.2.33 */
179static uint8_t lchan_to_chosen_channel(struct gsm_lchan *lchan)
180{
181 uint8_t channel_mode = 0, channel = 0;
182
183 switch (lchan->tch_mode) {
184 case GSM48_CMODE_SPEECH_V1:
185 case GSM48_CMODE_SPEECH_EFR:
186 case GSM48_CMODE_SPEECH_AMR:
187 channel_mode = 0x9;
188 break;
189 case GSM48_CMODE_SIGN:
190 channel_mode = 0x8;
191 break;
192 case GSM48_CMODE_DATA_14k5:
193 channel_mode = 0xe;
194 break;
195 case GSM48_CMODE_DATA_12k0:
196 channel_mode = 0xb;
197 break;
198 case GSM48_CMODE_DATA_6k0:
199 channel_mode = 0xc;
200 break;
201 case GSM48_CMODE_DATA_3k6:
202 channel_mode = 0xd;
203 break;
204 }
205
206 switch (lchan->type) {
207 case GSM_LCHAN_NONE:
208 channel = 0x0;
209 break;
210 case GSM_LCHAN_SDCCH:
211 channel = 0x1;
212 break;
213 case GSM_LCHAN_TCH_F:
214 channel = 0x8;
215 break;
216 case GSM_LCHAN_TCH_H:
217 channel = 0x9;
218 break;
219 case GSM_LCHAN_UNKNOWN:
220 default:
221 LOGP(DMSC, LOGL_ERROR, "Unknown lchan type: %p\n", lchan);
222 break;
223 }
224
225 return channel_mode << 4 | channel;
226}
227
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]228/* Generate and send assignment complete message */
Philipp Maier1f4851e2018-04-16 17:24:10 +0200[diff] [blame]229static void send_ass_compl(struct gsm_lchan *lchan, struct osmo_fsm_inst *fi, bool voice)
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]230{
231 struct msgb *resp;
232 struct gsm0808_speech_codec sc;
Philipp Maier1f4851e2018-04-16 17:24:10 +0200[diff] [blame]233 struct gsm0808_speech_codec *sc_ptr = NULL;
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]234 struct gsm_subscriber_connection *conn;
Philipp Maier1f4851e2018-04-16 17:24:10 +0200[diff] [blame]235 struct sockaddr_storage *addr_local = NULL;
236 int perm_spch = 0;
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]237
238 conn = lchan->conn;
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]239 OSMO_ASSERT(conn);
240
241 LOGPFSML(fi, LOGL_DEBUG, "Sending assignment complete message... (id=%i)\n", conn->sccp.conn_id);
242
Philipp Maier1f4851e2018-04-16 17:24:10 +0200[diff] [blame]243 /* Generate voice related fields */
244 if (voice) {
245 OSMO_ASSERT(lchan->abis_ip.ass_compl.valid);
246 perm_spch = bssap_speech_from_lchan(lchan);
247 addr_local = &conn->user_plane.aoip_rtp_addr_local;
248
249 /* Extrapolate speech codec from speech mode */
250 gsm0808_speech_codec_from_chan_type(&sc, perm_spch);
251 sc_ptr = &sc;
252
253 /* FIXME: AMR codec configuration must be derived from lchan1! */
254 }
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]255
256 /* Generate message */
257 resp = gsm0808_create_ass_compl(lchan->abis_ip.ass_compl.rr_cause,
Harald Welteead291a2018-03-21 22:11:32 +0100[diff] [blame]258 lchan_to_chosen_channel(lchan),
259 lchan->encr.alg_id, perm_spch,
Philipp Maier1f4851e2018-04-16 17:24:10 +0200[diff] [blame]260 addr_local, sc_ptr, NULL);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]261
262 if (!resp) {
263 LOGPFSML(fi, LOGL_ERROR, "Failed to generate assignment completed message! (id=%i)\n",
264 conn->sccp.conn_id);
265 }
266
267 sigtran_send(conn, resp, fi);
268}
269
270/* forward MT DTAP from BSSAP side to RSL side */
271static void submit_dtap(struct gsm_subscriber_connection *conn, struct msgb *msg, struct osmo_fsm_inst *fi)
272{
273 int rc;
274 struct msgb *resp = NULL;
275
276 OSMO_ASSERT(fi);
277 OSMO_ASSERT(msg);
278 OSMO_ASSERT(conn);
279
280 rc = gsm0808_submit_dtap(conn, msg, OBSC_LINKID_CB(msg), 1);
281 if (rc != 0) {
282 LOGPFSML(fi, LOGL_ERROR, "Tx BSSMAP CLEAR REQUEST to MSC\n");
283 resp = gsm0808_create_clear_rqst(GSM0808_CAUSE_EQUIPMENT_FAILURE);
284 sigtran_send(conn, resp, fi);
285 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
286 return;
287 }
288}
289
290/* forward MO DTAP from RSL side to BSSAP side */
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]291static void forward_dtap(struct gsm_subscriber_connection *conn, struct msgb *msg, struct osmo_fsm_inst *fi)
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]292{
293 struct msgb *resp = NULL;
294
295 OSMO_ASSERT(msg);
296 OSMO_ASSERT(conn);
297
298 resp = gsm0808_create_dtap(msg, OBSC_LINKID_CB(msg));
299 sigtran_send(conn, resp, fi);
300}
301
302/* In case there are open MGCP connections, toss
303 * those connections */
304static void toss_mgcp_conn(struct gsm_subscriber_connection *conn, struct osmo_fsm_inst *fi)
305{
306 LOGPFSML(fi, LOGL_ERROR, "tossing all MGCP connections...\n");
307
308 if (conn->user_plane.fi_bts) {
309 mgcp_conn_delete(conn->user_plane.fi_bts);
310 conn->user_plane.fi_bts = NULL;
311 }
312
313 if (conn->user_plane.fi_msc) {
314 mgcp_conn_delete(conn->user_plane.fi_msc);
315 conn->user_plane.fi_msc = NULL;
316 }
317
318 if (conn->user_plane.mgw_endpoint) {
319 talloc_free(conn->user_plane.mgw_endpoint);
320 conn->user_plane.mgw_endpoint = NULL;
321 }
322}
323
324static void gscon_fsm_init(struct osmo_fsm_inst *fi, uint32_t event, void *data)
325{
326 struct gsm_subscriber_connection *conn = fi->priv;
327 struct osmo_scu_prim *scu_prim = NULL;
328 struct msgb *msg = NULL;
329 int rc;
330
331 switch (event) {
332 case GSCON_EV_A_CONN_REQ:
333 /* RLL ESTABLISH IND with initial L3 Message */
334 msg = data;
335 /* FIXME: Extract Mobile ID and update FSM using osmo_fsm_inst_set_id()
336 * i.e. we will probably extract the mobile identity earlier, where the
337 * imsi filter code is. Then we could just use it here.
338 * related: OS#2969 */
339
340 rc = osmo_bsc_sigtran_open_conn(conn, msg);
341 if (rc < 0) {
342 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_ERROR, NULL);
343 } else {
344 /* SCCP T(conn est) is 1-2 minutes, way too long. The MS will timeout
345 * using T3210 (20s), T3220 (5s) or T3230 (10s) */
346 osmo_fsm_inst_state_chg(fi, ST_WAIT_CC, 20, 993210);
347 }
348 break;
349 case GSCON_EV_A_CONN_IND:
350 scu_prim = data;
351 if (!conn->sccp.msc) {
352 LOGPFSML(fi, LOGL_NOTICE, "N-CONNECT.ind from unknown MSC %s\n",
353 osmo_sccp_addr_dump(&scu_prim->u.connect.calling_addr));
354 osmo_sccp_tx_disconn(conn->sccp.msc->a.sccp_user, scu_prim->u.connect.conn_id,
355 &scu_prim->u.connect.called_addr, 0);
356 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, NULL);
357 }
358 /* FIXME: Extract optional IMSI and update FSM using osmo_fsm_inst_set_id()
359 * related: OS2969 (same as above) */
360
361 LOGPFSML(fi, LOGL_NOTICE, "No support for MSC-originated SCCP Connections yet\n");
362 osmo_sccp_tx_disconn(conn->sccp.msc->a.sccp_user, scu_prim->u.connect.conn_id,
363 &scu_prim->u.connect.called_addr, 0);
364 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, NULL);
365 break;
366 default:
367 OSMO_ASSERT(false);
368 break;
369 }
370}
371
372/* We've sent the CONNECTION.req to the SCCP provider and are waiting for CC from MSC */
373static void gscon_fsm_wait_cc(struct osmo_fsm_inst *fi, uint32_t event, void *data)
374{
375 switch (event) {
376 case GSCON_EV_A_CONN_CFM:
377 /* MSC has confirmed the connection, we now change into the
378 * active state and wait there for further operations */
379 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
380 /* if there's user payload, forward it just like EV_MT_DTAP */
381 /* FIXME: Question: if there's user payload attached to the CC, forward it like EV_MT_DTAP? */
382 break;
383 default:
384 OSMO_ASSERT(false);
385 break;
386 }
387}
388
389/* We're on an active subscriber connection, passing DTAP back and forth */
390static void gscon_fsm_active(struct osmo_fsm_inst *fi, uint32_t event, void *data)
391{
392 struct gsm_subscriber_connection *conn = fi->priv;
393 struct msgb *resp = NULL;
394 struct mgcp_conn_peer conn_peer;
395 int rc;
396
397 switch (event) {
398 case GSCON_EV_A_ASSIGNMENT_CMD:
399 /* MSC requests us to perform assignment, this code section is
400 * triggered via signal GSCON_EV_A_ASSIGNMENT_CMD from
401 * bssmap_handle_assignm_req() in osmo_bsc_bssap.c, which does
402 * the parsing of incoming assignment requests. */
403
404 LOGPFSML(fi, LOGL_NOTICE, "Channel assignment: chan_mode=%s, full_rate=%i\n",
405 get_value_string(gsm48_chan_mode_names, conn->user_plane.chan_mode),
406 conn->user_plane.full_rate);
407
408 /* FIXME: We need to check if current channel is sufficient. If
409 * yes, do MODIFY. If not, do assignment (see commented lines below) */
410
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]411 switch (conn->user_plane.chan_mode) {
412 case GSM48_CMODE_SPEECH_V1:
413 case GSM48_CMODE_SPEECH_EFR:
414 case GSM48_CMODE_SPEECH_AMR:
415 /* A voice channel is requested, so we run down the
416 * mgcp-ass-mgcp state-chain (see FIXME above) */
417 memset(&conn_peer, 0, sizeof(conn_peer));
418 conn_peer.call_id = conn->sccp.conn_id;
419 osmo_strlcpy(conn_peer.endpoint, ENDPOINT_ID, sizeof(conn_peer.endpoint));
420
421 /* (Pre)Change state and create the connection */
422 osmo_fsm_inst_state_chg(fi, ST_WAIT_CRCX_BTS, MGCP_MGW_TIMEOUT, MGCP_MGW_TIMEOUT_TIMER_NR);
423 conn->user_plane.fi_bts =
424 mgcp_conn_create(conn->network->mgw.client, fi, GSCON_EV_MGW_FAIL_BTS,
425 GSCON_EV_MGW_CRCX_RESP_BTS, &conn_peer);
426 if (!conn->user_plane.fi_bts) {
427 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
428 sigtran_send(conn, resp, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]429 return;
430 }
431 break;
432 case GSM48_CMODE_SIGN:
433 /* A signalling channel is requested, so we perform the
434 * channel assignment directly without performing any
435 * MGCP actions. ST_WAIT_ASS_CMPL will see by the
436 * conn->user_plane.chan_mode parameter that this
437 * assignment is for a signalling channel and will then
438 * change back to ST_ACTIVE (here) immediately. */
Harald Welte6900f812018-03-21 21:29:03 +0100[diff] [blame]439 rc = gsm0808_assign_req(conn, conn->user_plane.chan_mode,
440 conn->user_plane.full_rate);
Philipp Maierad727702018-05-03 19:03:03 +0200[diff] [blame]441
442 if (rc == 1) {
443 send_ass_compl(conn->lchan, fi, false);
444 return;
445 } else if (rc != 0) {
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]446 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
447 sigtran_send(conn, resp, fi);
448 return;
449 }
450
451 osmo_fsm_inst_state_chg(fi, ST_WAIT_ASS_CMPL, GSM0808_T10_VALUE, GSM0808_T10_TIMER_NR);
452 break;
453 default:
454 /* An unsupported channel is requested, so we have to
455 * reject this request by sending an assignment failure
456 * message immediately */
Pau Espin Pedrol55677de2018-03-17 01:12:33 +0100[diff] [blame]457 LOGPFSML(fi, LOGL_ERROR, "Requested channel mode is not supported! chan_mode=%s full_rate=%d\n",
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]458 get_value_string(gsm48_chan_mode_names, conn->user_plane.chan_mode),
459 conn->user_plane.full_rate);
460
461 /* The requested channel mode is not supported */
462 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_REQ_CODEC_TYPE_OR_CONFIG_NOT_SUPP, NULL);
463 sigtran_send(conn, resp, fi);
464 break;
465 }
466 break;
467 case GSCON_EV_HO_START:
468 rc = bsc_handover_start_gscon(conn);
469 if (rc) {
470 resp = gsm0808_create_clear_rqst(GSM0808_CAUSE_EQUIPMENT_FAILURE);
471 sigtran_send(conn, resp, fi);
472 osmo_fsm_inst_state_chg(fi, ST_CLEARING, 0, 0);
473 return;
474 }
475
476 /* Note: No timeout is set here, T3103 in handover_logic.c
477 * will generate a GSCON_EV_HO_TIMEOUT event should the
478 * handover time out, so we do not need another timeout
479 * here (maybe its worth to think about giving GSCON
480 * more power over the actual handover process). */
481 osmo_fsm_inst_state_chg(fi, ST_WAIT_HO_COMPL, 0, 0);
482 break;
483 case GSCON_EV_A_HO_REQ:
484 /* FIXME: reject any handover requests with HO FAIL until implemented */
485 break;
486 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]487 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]488 break;
489 case GSCON_EV_MT_DTAP:
490 submit_dtap(conn, (struct msgb *)data, fi);
491 break;
492 case GSCON_EV_TX_SCCP:
493 sigtran_send(conn, (struct msgb *)data, fi);
494 break;
495 default:
496 OSMO_ASSERT(false);
497 break;
498 }
499}
500
501/* Before we may start the channel assignment we need to get an IP/Port for the
502 * RTP connection from the MGW */
503static void gscon_fsm_wait_crcx_bts(struct osmo_fsm_inst *fi, uint32_t event, void *data)
504{
505 struct gsm_subscriber_connection *conn = fi->priv;
506 struct mgcp_conn_peer *conn_peer = NULL;
507 struct msgb *resp = NULL;
508 int rc;
509
510 switch (event) {
511 case GSCON_EV_MGW_CRCX_RESP_BTS:
512 conn_peer = data;
513
Philipp Maier393165c2018-03-21 11:15:33 +0100[diff] [blame]514 /* Check if the MGW has assigned an enpoint to us, otherwise we
515 * can not proceed. */
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]516 if (strlen(conn_peer->endpoint) <= 0) {
517 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
518 sigtran_send(conn, resp, fi);
519 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
520 return;
521 }
522
523 /* Memorize the endpoint name we got assigned from the MGW.
524 * When the BTS sided connection is done, we need to create
525 * a second connection on that same endpoint, so we need
526 * to know its ID */
527 if (!conn->user_plane.mgw_endpoint)
528 conn->user_plane.mgw_endpoint = talloc_zero_size(conn, MGCP_ENDPOINT_MAXLEN);
529 OSMO_ASSERT(conn->user_plane.mgw_endpoint);
530 osmo_strlcpy(conn->user_plane.mgw_endpoint, conn_peer->endpoint, MGCP_ENDPOINT_MAXLEN);
531
532 /* Store the IP-Address and the port the MGW assigned to us,
533 * then start the channel assignment. */
534 conn->user_plane.rtp_port = conn_peer->port;
535 conn->user_plane.rtp_ip = osmo_ntohl(inet_addr(conn_peer->addr));
Harald Welte6900f812018-03-21 21:29:03 +0100[diff] [blame]536 rc = gsm0808_assign_req(conn, conn->user_plane.chan_mode, conn->user_plane.full_rate);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]537 if (rc != 0) {
538 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_RQSTED_SPEECH_VERSION_UNAVAILABLE, NULL);
539 sigtran_send(conn, resp, fi);
540 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
541 return;
542 }
543
544 osmo_fsm_inst_state_chg(fi, ST_WAIT_ASS_CMPL, GSM0808_T10_VALUE, GSM0808_T10_TIMER_NR);
545 break;
546 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]547 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]548 break;
549 case GSCON_EV_MT_DTAP:
550 submit_dtap(conn, (struct msgb *)data, fi);
551 break;
552 case GSCON_EV_TX_SCCP:
553 sigtran_send(conn, (struct msgb *)data, fi);
554 break;
555 default:
556 OSMO_ASSERT(false);
557 break;
558 }
559}
560
561/* We're waiting for an ASSIGNMENT COMPLETE from MS */
562static void gscon_fsm_wait_ass_cmpl(struct osmo_fsm_inst *fi, uint32_t event, void *data)
563{
564 struct gsm_subscriber_connection *conn = fi->priv;
565 struct gsm_lchan *lchan = conn->lchan;
566 struct mgcp_conn_peer conn_peer;
567 struct in_addr addr;
568 struct msgb *resp = NULL;
569 int rc;
570
571 switch (event) {
572 case GSCON_EV_RR_ASS_COMPL:
573 switch (conn->user_plane.chan_mode) {
574 case GSM48_CMODE_SPEECH_V1:
575 case GSM48_CMODE_SPEECH_EFR:
576 case GSM48_CMODE_SPEECH_AMR:
577 /* FIXME: What if we are using SCCP-Lite? */
578
579 /* We are dealing with a voice channel, so we can not
580 * confirm the assignment directly. We must first do
581 * some final steps on the MGCP side. */
582
583 /* Prepare parameters with the information we got during the assignment */
584 memset(&conn_peer, 0, sizeof(conn_peer));
585 addr.s_addr = osmo_ntohl(lchan->abis_ip.bound_ip);
586 osmo_strlcpy(conn_peer.addr, inet_ntoa(addr), sizeof(conn_peer.addr));
587 conn_peer.port = lchan->abis_ip.bound_port;
588
589 /* (Pre)Change state and modify the connection */
590 osmo_fsm_inst_state_chg(fi, ST_WAIT_MDCX_BTS, MGCP_MGW_TIMEOUT, MGCP_MGW_TIMEOUT_TIMER_NR);
591 rc = mgcp_conn_modify(conn->user_plane.fi_bts, GSCON_EV_MGW_MDCX_RESP_BTS, &conn_peer);
592 if (rc != 0) {
593 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
594 sigtran_send(conn, resp, fi);
595 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
596 return;
597 }
598 break;
599 case GSM48_CMODE_SIGN:
600 /* Confirm the successful assignment on BSSMAP and
601 * change back into active state */
Philipp Maier1f4851e2018-04-16 17:24:10 +0200[diff] [blame]602 send_ass_compl(lchan, fi, false);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]603 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
604 break;
605 default:
606 /* Unsupported modes should have been already filtered
607 * by gscon_fsm_active(). If we reach the default
608 * section here anyway than some unsupported mode must
609 * have made it into the FSM, this would be a bug, so
610 * we fire an assertion here */
611 OSMO_ASSERT(false);
612 break;
613 }
614
615 break;
616 case GSCON_EV_RR_ASS_FAIL:
617 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_RQSTED_TERRESTRIAL_RESOURCE_UNAVAILABLE, NULL);
618 sigtran_send(conn, resp, fi);
619 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
620 break;
621 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]622 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]623 break;
624 case GSCON_EV_MT_DTAP:
625 submit_dtap(conn, (struct msgb *)data, fi);
626 break;
627 case GSCON_EV_TX_SCCP:
628 sigtran_send(conn, (struct msgb *)data, fi);
629 break;
630 default:
631 OSMO_ASSERT(false);
632 break;
633 }
634}
635
636/* We are waiting for the MGW response to the MDCX */
637static void gscon_fsm_wait_mdcx_bts(struct osmo_fsm_inst *fi, uint32_t event, void *data)
638{
639 struct gsm_subscriber_connection *conn = fi->priv;
640 struct mgcp_conn_peer conn_peer;
641 struct sockaddr_in *sin = NULL;
642 struct msgb *resp = NULL;
643
644 switch (event) {
645 case GSCON_EV_MGW_MDCX_RESP_BTS:
646
647 /* Prepare parameters with the connection information we got
648 * with the assignment command */
649 memset(&conn_peer, 0, sizeof(conn_peer));
650 conn_peer.call_id = conn->sccp.conn_id;
651 sin = (struct sockaddr_in *)&conn->user_plane.aoip_rtp_addr_remote;
652 conn_peer.port = osmo_ntohs(sin->sin_port);
653 osmo_strlcpy(conn_peer.addr, inet_ntoa(sin->sin_addr), sizeof(conn_peer.addr));
654
655 /* Make sure we use the same endpoint where we created the
656 * BTS connection. */
657 osmo_strlcpy(conn_peer.endpoint, conn->user_plane.mgw_endpoint, sizeof(conn_peer.endpoint));
658
659 /* (Pre)Change state and create the connection */
660 osmo_fsm_inst_state_chg(fi, ST_WAIT_CRCX_MSC, MGCP_MGW_TIMEOUT, MGCP_MGW_TIMEOUT_TIMER_NR);
661 conn->user_plane.fi_msc =
662 mgcp_conn_create(conn->network->mgw.client, fi, GSCON_EV_MGW_FAIL_MSC, GSCON_EV_MGW_CRCX_RESP_MSC,
663 &conn_peer);
664 if (!conn->user_plane.fi_bts) {
665 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
666 sigtran_send(conn, resp, fi);
667 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
668 return;
669 }
670
671 break;
672 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]673 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]674 break;
675 case GSCON_EV_MT_DTAP:
676 submit_dtap(conn, (struct msgb *)data, fi);
677 break;
678 case GSCON_EV_TX_SCCP:
679 sigtran_send(conn, (struct msgb *)data, fi);
680 break;
681 default:
682 OSMO_ASSERT(false);
683 break;
684 }
685}
686
687static void gscon_fsm_wait_crcx_msc(struct osmo_fsm_inst *fi, uint32_t event, void *data)
688{
689 struct gsm_subscriber_connection *conn = fi->priv;
690 struct mgcp_conn_peer *conn_peer = NULL;
691 struct gsm_lchan *lchan = conn->lchan;
692 struct sockaddr_in *sin = NULL;
693
694 switch (event) {
695 case GSCON_EV_MGW_CRCX_RESP_MSC:
696 conn_peer = data;
697
698 /* Store address information we got in response from the CRCX command. */
699 sin = (struct sockaddr_in *)&conn->user_plane.aoip_rtp_addr_local;
700 sin->sin_family = AF_INET;
701 sin->sin_addr.s_addr = inet_addr(conn_peer->addr);
702 sin->sin_port = osmo_ntohs(conn_peer->port);
703
704 /* Send assignment complete message to the MSC */
Philipp Maier1f4851e2018-04-16 17:24:10 +0200[diff] [blame]705 send_ass_compl(lchan, fi, true);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]706
707 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
708
709 break;
710 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]711 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]712 break;
713 case GSCON_EV_MT_DTAP:
714 submit_dtap(conn, (struct msgb *)data, fi);
715 break;
716 case GSCON_EV_TX_SCCP:
717 sigtran_send(conn, (struct msgb *)data, fi);
718 break;
719 default:
720 OSMO_ASSERT(false);
721 break;
722 }
723}
724
725/* We're waiting for a MODE MODIFY ACK from MS + BTS */
726static void gscon_fsm_wait_mode_modify_ack(struct osmo_fsm_inst *fi, uint32_t event, void *data)
727{
728 struct gsm_subscriber_connection *conn = fi->priv;
729 struct gsm_lchan *lchan = conn->lchan;
730
731 switch (event) {
732 case GSCON_EV_RR_MODE_MODIFY_ACK:
733 /* we assume that not only have we received the RR MODE_MODIFY_ACK, but
734 * actually that also the BTS side of the channel mode has been changed accordingly */
735 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
736
737 /* FIXME: Check if this requires special handling. For now I assume that the send_ass_compl()
738 * can be used. But I am not sure. */
Philipp Maier1f4851e2018-04-16 17:24:10 +0200[diff] [blame]739 send_ass_compl(lchan, fi, false);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]740
741 break;
742 /* FIXME: Do we need to handle DTAP traffic in this state? Maybe yes? Needs to be checked. */
743 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]744 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]745 break;
746 case GSCON_EV_MT_DTAP:
747 submit_dtap(conn, (struct msgb *)data, fi);
748 break;
749 case GSCON_EV_TX_SCCP:
750 sigtran_send(conn, (struct msgb *)data, fi);
751 break;
752 default:
753 OSMO_ASSERT(false);
754 break;
755 }
756}
757
758static void gscon_fsm_clearing(struct osmo_fsm_inst *fi, uint32_t event, void *data)
759{
760 struct gsm_subscriber_connection *conn = fi->priv;
761 struct msgb *resp;
762
763 switch (event) {
764 case GSCON_EV_RSL_CLEAR_COMPL:
765 resp = gsm0808_create_clear_complete();
766 sigtran_send(conn, resp, fi);
767 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, data);
768 break;
769 default:
770 OSMO_ASSERT(false);
771 break;
772 }
773}
774
775/* Wait for the handover logic to tell us whether the handover completed,
776 * failed or has timed out */
777static void gscon_fsm_wait_ho_compl(struct osmo_fsm_inst *fi, uint32_t event, void *data)
778{
779 struct gsm_subscriber_connection *conn = fi->priv;
780 struct mgcp_conn_peer conn_peer;
781 struct gsm_lchan *lchan = conn->lchan;
782 struct in_addr addr;
783 struct msgb *resp;
784 int rc;
785
786 switch (event) {
787 case GSCON_EV_HO_COMPL:
788 /* The handover logic informs us that the handover has been
789 * completet. Now we have to tell the MGW the IP/Port on the
790 * new BTS so that the uplink RTP traffic can be redirected
791 * there. */
792
793 /* Prepare parameters with the information we got during the
794 * handover procedure (via IPACC) */
795 memset(&conn_peer, 0, sizeof(conn_peer));
796 addr.s_addr = osmo_ntohl(lchan->abis_ip.bound_ip);
797 osmo_strlcpy(conn_peer.addr, inet_ntoa(addr), sizeof(conn_peer.addr));
798 conn_peer.port = lchan->abis_ip.bound_port;
799
800 /* (Pre)Change state and modify the connection */
801 osmo_fsm_inst_state_chg(fi, ST_WAIT_MDCX_BTS_HO, MGCP_MGW_TIMEOUT, MGCP_MGW_HO_TIMEOUT_TIMER_NR);
802 rc = mgcp_conn_modify(conn->user_plane.fi_bts, GSCON_EV_MGW_MDCX_RESP_BTS, &conn_peer);
803 if (rc != 0) {
804 resp = gsm0808_create_clear_rqst(GSM0808_CAUSE_EQUIPMENT_FAILURE);
805 sigtran_send(conn, resp, fi);
806 osmo_fsm_inst_state_chg(fi, ST_CLEARING, 0, 0);
807 return;
808 }
809 break;
810 case GSCON_EV_HO_TIMEOUT:
811 case GSCON_EV_HO_FAIL:
812 /* The handover logic informs us that the handover failed for
813 * some reason. This means the phone stays on the TS/BTS on
814 * which it currently is. We will change back to the active
815 * state again as there are no further operations needed */
816 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
817 break;
818 default:
819 OSMO_ASSERT(false);
820 break;
821 }
822}
823
824/* Wait for the MGW to confirm handover related modification of the connection
825 * parameters */
826static void gscon_fsm_wait_mdcx_bts_ho(struct osmo_fsm_inst *fi, uint32_t event, void *data)
827{
828 struct gsm_subscriber_connection *conn = fi->priv;
829
830 switch (event) {
831 case GSCON_EV_MGW_MDCX_RESP_BTS:
832 /* The MGW has confirmed the handover MDCX, and the handover
833 * is now also done on the RTP side. We may now change back
834 * to the active state. */
835 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
836 break;
837 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]838 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]839 break;
840 case GSCON_EV_MT_DTAP:
841 submit_dtap(conn, (struct msgb *)data, fi);
842 break;
843 case GSCON_EV_TX_SCCP:
844 sigtran_send(conn, (struct msgb *)data, fi);
845 break;
846 default:
847 OSMO_ASSERT(false);
848 break;
849 }
850}
851
852#define EV_TRANSPARENT_SCCP S(GSCON_EV_TX_SCCP) | S(GSCON_EV_MO_DTAP) | S(GSCON_EV_MT_DTAP)
853
854static const struct osmo_fsm_state gscon_fsm_states[] = {
855 [ST_INIT] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]856 .name = OSMO_STRINGIFY(INIT),
857 .in_event_mask = S(GSCON_EV_A_CONN_REQ) | S(GSCON_EV_A_CONN_IND),
858 .out_state_mask = S(ST_WAIT_CC),
859 .action = gscon_fsm_init,
860 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]861 [ST_WAIT_CC] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]862 .name = OSMO_STRINGIFY(WAIT_CC),
863 .in_event_mask = S(GSCON_EV_A_CONN_CFM),
864 .out_state_mask = S(ST_ACTIVE),
865 .action = gscon_fsm_wait_cc,
866 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]867 [ST_ACTIVE] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]868 .name = OSMO_STRINGIFY(ACTIVE),
869 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_A_ASSIGNMENT_CMD) |
870 S(GSCON_EV_A_HO_REQ) | S(GSCON_EV_HO_START),
871 .out_state_mask = S(ST_CLEARING) | S(ST_WAIT_CRCX_BTS) | S(ST_WAIT_ASS_CMPL) |
872 S(ST_WAIT_MODE_MODIFY_ACK) | S(ST_WAIT_MO_HO_CMD) | S(ST_WAIT_HO_COMPL),
873 .action = gscon_fsm_active,
874 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]875 [ST_WAIT_CRCX_BTS] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]876 .name = OSMO_STRINGIFY(WAIT_CRCX_BTS),
877 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_MGW_CRCX_RESP_BTS),
878 .out_state_mask = S(ST_ACTIVE) | S(ST_WAIT_ASS_CMPL),
879 .action = gscon_fsm_wait_crcx_bts,
880 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]881 [ST_WAIT_ASS_CMPL] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]882 .name = OSMO_STRINGIFY(WAIT_ASS_CMPL),
883 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_RR_ASS_COMPL) | S(GSCON_EV_RR_ASS_FAIL),
884 .out_state_mask = S(ST_ACTIVE) | S(ST_WAIT_MDCX_BTS),
885 .action = gscon_fsm_wait_ass_cmpl,
886 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]887 [ST_WAIT_MDCX_BTS] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]888 .name = OSMO_STRINGIFY(WAIT_MDCX_BTS),
889 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_MGW_MDCX_RESP_BTS),
890 .out_state_mask = S(ST_ACTIVE) | S(ST_WAIT_CRCX_MSC),
891 .action = gscon_fsm_wait_mdcx_bts,
892 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]893 [ST_WAIT_CRCX_MSC] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]894 .name = OSMO_STRINGIFY(WAIT_CRCX_MSC),
895 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_MGW_CRCX_RESP_MSC),
896 .out_state_mask = S(ST_ACTIVE),
897 .action = gscon_fsm_wait_crcx_msc,
898 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]899 [ST_WAIT_MODE_MODIFY_ACK] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]900 .name = OSMO_STRINGIFY(WAIT_MODE_MODIFY_ACK),
901 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_RR_MODE_MODIFY_ACK),
902 .out_state_mask = S(ST_ACTIVE) | S(ST_CLEARING),
903 .action = gscon_fsm_wait_mode_modify_ack,
904 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]905 [ST_CLEARING] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]906 .name = OSMO_STRINGIFY(CLEARING),
907 .in_event_mask = S(GSCON_EV_RSL_CLEAR_COMPL),
908 .action = gscon_fsm_clearing,
909 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]910
911 /* TODO: external handover, probably it makes sense to break up the
912 * program flow in handover_logic.c a bit and handle some of the logic
913 * here? */
914 [ST_WAIT_MT_HO_ACC] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]915 .name = OSMO_STRINGIFY(WAIT_MT_HO_ACC),
916 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]917 [ST_WAIT_MT_HO_COMPL] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]918 .name = OSMO_STRINGIFY(WAIT_MT_HO_COMPL),
919 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]920 [ST_WAIT_MO_HO_CMD] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]921 .name = OSMO_STRINGIFY(WAIT_MO_HO_CMD),
922 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]923 [ST_MO_HO_PROCEEDING] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]924 .name = OSMO_STRINGIFY(MO_HO_PROCEEDING),
925 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]926
927 /* Internal handover */
928 [ST_WAIT_HO_COMPL] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]929 .name = OSMO_STRINGIFY(WAIT_HO_COMPL),
930 .in_event_mask = S(GSCON_EV_HO_COMPL) | S(GSCON_EV_HO_FAIL) | S(GSCON_EV_HO_TIMEOUT),
Philipp Maierecb03082018-03-26 12:05:48 +0200[diff] [blame]931 .out_state_mask = S(ST_ACTIVE) | S(ST_WAIT_MDCX_BTS_HO) | S(ST_CLEARING),
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]932 .action = gscon_fsm_wait_ho_compl,
933 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]934 [ST_WAIT_MDCX_BTS_HO] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]935 .name = OSMO_STRINGIFY(WAIT_MDCX_BTS_HO),
936 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_MGW_MDCX_RESP_BTS),
937 .action = gscon_fsm_wait_mdcx_bts_ho,
938 .out_state_mask = S(ST_ACTIVE),
939 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]940};
941
942static void gscon_fsm_allstate(struct osmo_fsm_inst *fi, uint32_t event, void *data)
943{
944 struct gsm_subscriber_connection *conn = fi->priv;
945 struct msgb *resp = NULL;
946
947 /* When a connection on the MGW fails, make sure that the reference
948 * in our book-keeping is erased. */
949 switch (event) {
950 case GSCON_EV_MGW_FAIL_BTS:
951 conn->user_plane.fi_bts = NULL;
952 break;
953 case GSCON_EV_MGW_FAIL_MSC:
954 conn->user_plane.fi_msc = NULL;
955 break;
956 }
957
958 /* Regular allstate event processing */
959 switch (event) {
960 case GSCON_EV_MGW_FAIL_BTS:
961 case GSCON_EV_MGW_FAIL_MSC:
962 /* Note: An MGW connection die per definition at any time.
963 * However, if it dies during the assignment we must return
964 * with an assignment failure */
Philipp Maier70fcde62018-03-21 11:17:32 +0100[diff] [blame]965 OSMO_ASSERT(fi->state != ST_INIT && fi->state != ST_WAIT_CC);
966 if (fi->state == ST_WAIT_CRCX_BTS || fi->state == ST_WAIT_ASS_CMPL || fi->state == ST_WAIT_MDCX_BTS
967 || fi->state == ST_WAIT_CRCX_MSC) {
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]968 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
969 sigtran_send(conn, resp, fi);
970 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
971 }
972 break;
973 case GSCON_EV_A_CLEAR_CMD:
974 /* MSC tells us to cleanly shut down */
975 osmo_fsm_inst_state_chg(fi, ST_CLEARING, 0, 0);
976 gsm0808_clear(conn);
977 /* FIXME: Release all terestrial resources in ST_CLEARING */
978 /* According to 3GPP 48.008 3.1.9.1. "The BSS need not wait for the radio channel
979 * release to be completed or for the guard timer to expire before returning the
980 * CLEAR COMPLETE message" */
981
982 /* Close MGCP connections */
983 toss_mgcp_conn(conn, fi);
984
985 /* FIXME: Question: Is this a hack to force a clear complete from internel?
986 * nobody seems to send the event from outside? */
987 osmo_fsm_inst_dispatch(conn->fi, GSCON_EV_RSL_CLEAR_COMPL, NULL);
988 break;
989 case GSCON_EV_A_DISC_IND:
990 /* MSC or SIGTRAN network has hard-released SCCP connection,
991 * terminate the FSM now. */
992 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, data);
993 break;
994 case GSCON_EV_RLL_REL_IND:
995 /* BTS reports that one of the LAPDm data links was released */
996 /* send proper clear request to MSC */
997 LOGPFSML(fi, LOGL_DEBUG, "Tx BSSMAP CLEAR REQUEST to MSC\n");
998 resp = gsm0808_create_clear_rqst(GSM0808_CAUSE_RADIO_INTERFACE_MESSAGE_FAILURE);
999 sigtran_send(conn, resp, fi);
1000 break;
1001 case GSCON_EV_RSL_CONN_FAIL:
1002 LOGPFSML(fi, LOGL_DEBUG, "Tx BSSMAP CLEAR REQUEST to MSC\n");
1003 resp = gsm0808_create_clear_rqst(GSM0808_CAUSE_RADIO_INTERFACE_FAILURE);
1004 sigtran_send(conn, resp, fi);
1005 break;
1006 default:
1007 OSMO_ASSERT(false);
1008 break;
1009 }
1010}
1011
1012void ho_dtap_cache_flush(struct gsm_subscriber_connection *conn, int send);
1013
1014static void gscon_cleanup(struct osmo_fsm_inst *fi, enum osmo_fsm_term_cause cause)
1015{
1016 struct gsm_subscriber_connection *conn = fi->priv;
1017
1018 if (conn->ho) {
1019 LOGPFSML(fi, LOGL_DEBUG, "Releasing handover state\n");
1020 bsc_clear_handover(conn, 1);
1021 conn->ho = NULL;
1022 }
1023
1024 if (conn->secondary_lchan) {
1025 LOGPFSML(fi, LOGL_DEBUG, "Releasing secondary_lchan\n");
1026 lchan_release(conn->secondary_lchan, 0, RSL_REL_LOCAL_END);
1027 conn->secondary_lchan = NULL;
1028 }
1029 if (conn->lchan) {
1030 LOGPFSML(fi, LOGL_DEBUG, "Releasing lchan\n");
1031 lchan_release(conn->lchan, 0, RSL_REL_LOCAL_END);
1032 conn->lchan = NULL;
1033 }
1034
1035 if (conn->bsub) {
1036 LOGPFSML(fi, LOGL_DEBUG, "Putting bsc_subscr\n");
1037 bsc_subscr_put(conn->bsub);
1038 conn->bsub = NULL;
1039 }
1040
1041 if (conn->sccp.state != SUBSCR_SCCP_ST_NONE) {
1042 LOGPFSML(fi, LOGL_DEBUG, "Disconnecting SCCP\n");
1043 struct bsc_msc_data *msc = conn->sccp.msc;
1044 /* FIXME: include a proper cause value / error message? */
1045 osmo_sccp_tx_disconn(msc->a.sccp_user, conn->sccp.conn_id, &msc->a.bsc_addr, 0);
1046 conn->sccp.state = SUBSCR_SCCP_ST_NONE;
1047 }
1048
1049 /* drop pending messages */
1050 ho_dtap_cache_flush(conn, 0);
1051
1052 penalty_timers_free(&conn->hodec2.penalty_timers);
1053
1054 llist_del(&conn->entry);
1055 talloc_free(conn);
1056 fi->priv = NULL;
1057}
1058
1059static void gscon_pre_term(struct osmo_fsm_inst *fi, enum osmo_fsm_term_cause cause)
1060{
1061 struct gsm_subscriber_connection *conn = fi->priv;
1062
1063 /* Make sure all possibly still open MGCP connections get closed */
1064 toss_mgcp_conn(conn, fi);
1065}
1066
1067static int gscon_timer_cb(struct osmo_fsm_inst *fi)
1068{
1069 struct gsm_subscriber_connection *conn = fi->priv;
1070 struct msgb *resp = NULL;
1071
1072 switch (fi->T) {
1073 case 993210:
Philipp Maier3ddb12d2018-04-13 16:47:26 +0200[diff] [blame]1074 /* MSC has not responded/confirmed connection with CC, this
1075 * could indicate a bad SCCP connection. We now inform the the
1076 * FSM that controls the BSSMAP reset about the event. Maybe
1077 * a BSSMAP reset is necessary. */
Philipp Maier0b103992018-05-07 12:43:28 +0200[diff] [blame^]1078 a_reset_conn_fail(conn->sccp.msc->a.reset_fsm);
Philipp Maier3ddb12d2018-04-13 16:47:26 +0200[diff] [blame]1079
1080 /* Since we could not reach the MSC, we give up and terminate
1081 * the FSM instance now (N-DISCONNET.req is sent in
1082 * gscon_cleanup() above) */
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]1083 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, NULL);
1084 break;
1085 case GSM0808_T10_TIMER_NR: /* Assignment Failed */
1086 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_RADIO_INTERFACE_FAILURE, NULL);
1087 sigtran_send(conn, resp, fi);
1088 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
1089 break;
1090 case MGCP_MGW_TIMEOUT_TIMER_NR: /* Assignment failed (no response from MGW) */
1091 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
1092 sigtran_send(conn, resp, fi);
1093 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
1094 break;
1095 case MGCP_MGW_HO_TIMEOUT_TIMER_NR: /* Handover failed (no response from MGW) */
1096 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
1097 break;
1098 default:
1099 OSMO_ASSERT(false);
1100 }
1101 return 0;
1102}
1103
1104static struct osmo_fsm gscon_fsm = {
1105 .name = "SUBSCR_CONN",
1106 .states = gscon_fsm_states,
1107 .num_states = ARRAY_SIZE(gscon_fsm_states),
1108 .allstate_event_mask = S(GSCON_EV_A_DISC_IND) | S(GSCON_EV_A_CLEAR_CMD) | S(GSCON_EV_RSL_CONN_FAIL) |
1109 S(GSCON_EV_RLL_REL_IND) | S(GSCON_EV_MGW_FAIL_BTS) | S(GSCON_EV_MGW_FAIL_MSC),
1110 .allstate_action = gscon_fsm_allstate,
1111 .cleanup = gscon_cleanup,
1112 .pre_term = gscon_pre_term,
1113 .timer_cb = gscon_timer_cb,
1114 .log_subsys = DMSC,
1115 .event_names = gscon_fsm_event_names,
1116};
1117
1118/* Allocate a subscriber connection and its associated FSM */
1119struct gsm_subscriber_connection *bsc_subscr_con_allocate(struct gsm_network *net)
1120{
1121 struct gsm_subscriber_connection *conn;
1122 static bool g_initialized = false;
1123
1124 if (!g_initialized) {
1125 osmo_fsm_register(&gscon_fsm);
1126 g_initialized = true;
1127 }
1128
1129 conn = talloc_zero(net, struct gsm_subscriber_connection);
1130 if (!conn)
1131 return NULL;
1132
1133 conn->network = net;
1134 INIT_LLIST_HEAD(&conn->ho_dtap_cache);
1135 /* BTW, penalty timers will be initialized on-demand. */
1136 conn->sccp.conn_id = -1;
1137
1138 /* don't allocate from 'conn' context, as gscon_cleanup() will call talloc_free(conn) before
1139 * libosmocore will call talloc_free(conn->fi), i.e. avoid use-after-free during cleanup */
1140 conn->fi = osmo_fsm_inst_alloc(&gscon_fsm, net, conn, LOGL_NOTICE, NULL);
1141 if (!conn->fi) {
1142 talloc_free(conn);
1143 return NULL;
1144 }
1145
1146 llist_add_tail(&conn->entry, &net->subscr_conns);
1147 return conn;
1148}