Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-bsc / 3ddb12d52e7f12dee1823d20ec4a2e99172d1db2 / . / src / libbsc / bsc_subscr_conn_fsm.c
blob: a63483e4e01c5213382c5e3fc388c51d2266f38d [file] [log] [blame]
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]1/* (C) 2017 by Harald Welte <laforge@gnumonks.org>
2 * All Rights Reserved
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU Affero General Public License as published by
6 * the Free Software Foundation; either version 3 of the License, or
7 * (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU Affero General Public License for more details.
13 *
14 * You should have received a copy of the GNU Affero General Public License
15 * along with this program. If not, see <http://www.gnu.org/licenses/>.
16 *
17 */
18
19#include <osmocom/core/fsm.h>
20#include <osmocom/core/logging.h>
21#include <osmocom/gsm/gsm0808.h>
22#include <osmocom/sigtran/sccp_sap.h>
23#include <osmocom/gsm/gsm0808_utils.h>
24
25#include <osmocom/bsc/debug.h>
26#include <osmocom/bsc/bsc_api.h>
27#include <osmocom/bsc/gsm_data.h>
28#include <osmocom/bsc/handover.h>
29#include <osmocom/bsc/chan_alloc.h>
30#include <osmocom/bsc/bsc_subscriber.h>
31#include <osmocom/bsc/osmo_bsc_sigtran.h>
32#include <osmocom/bsc/bsc_subscr_conn_fsm.h>
33#include <osmocom/bsc/osmo_bsc.h>
34#include <osmocom/bsc/penalty_timers.h>
35#include <osmocom/mgcp_client/mgcp_client_fsm.h>
36#include <osmocom/core/byteswap.h>
37
38#define S(x) (1 << (x))
39
40#define MGCP_MGW_TIMEOUT 4 /* in seconds */
41#define MGCP_MGW_TIMEOUT_TIMER_NR 1
42
43#define MGCP_MGW_HO_TIMEOUT 4 /* in seconds */
44#define MGCP_MGW_HO_TIMEOUT_TIMER_NR 2
45
46#define GSM0808_T10_TIMER_NR 10
47#define GSM0808_T10_VALUE 6
48
49#define ENDPOINT_ID "rtpbridge/*@mgw"
50
51enum gscon_fsm_states {
52 ST_INIT,
53 /* waiting for CC from MSC */
54 ST_WAIT_CC,
55 /* active connection */
56 ST_ACTIVE,
57 /* during assignment; waiting for ASS_CMPL */
58 ST_WAIT_ASS_CMPL,
59 /* during assignment; waiting for MODE_MODIFY_ACK */
60 ST_WAIT_MODE_MODIFY_ACK,
61 /* BSSMAP CLEAR has been received */
62 ST_CLEARING,
63
64/* MGW handling */
65 /* during assignment; waiting for MGW response to CRCX for BTS */
66 ST_WAIT_CRCX_BTS,
67 /* during assignment; waiting for MGW response to MDCX for BTS */
68 ST_WAIT_MDCX_BTS,
69 /* during assignment; waiting for MGW response to CRCX for MSC */
70 ST_WAIT_CRCX_MSC,
71
72/* MT (inbound) handover */
73 /* Wait for Handover Access from MS/BTS */
74 ST_WAIT_MT_HO_ACC,
75 /* Wait for RR Handover Complete from MS/BTS */
76 ST_WAIT_MT_HO_COMPL,
77
78/* MO (outbound) handover */
79 /* Wait for Handover Command / Handover Required Reject from MSC */
80 ST_WAIT_MO_HO_CMD,
81 /* Wait for Clear Command from MSC */
82 ST_MO_HO_PROCEEDING,
83
84/* Internal HO handling */
85 /* Wait for the handover logic to complete the handover */
86 ST_WAIT_HO_COMPL,
87 /* during handover; waiting for MGW response to MDCX for BTS */
88 ST_WAIT_MDCX_BTS_HO,
89};
90
91static const struct value_string gscon_fsm_event_names[] = {
92 {GSCON_EV_A_CONN_IND, "MT-CONNECT.ind"},
93 {GSCON_EV_A_CONN_REQ, "MO-CONNECT.req"},
94 {GSCON_EV_A_CONN_CFM, "MO-CONNECT.cfm"},
95 {GSCON_EV_A_ASSIGNMENT_CMD, "ASSIGNMENT_CMD"},
96 {GSCON_EV_A_CLEAR_CMD, "CLEAR_CMD"},
97 {GSCON_EV_A_DISC_IND, "DISCONNET.ind"},
98 {GSCON_EV_A_HO_REQ, "HANDOVER_REQUEST"},
99
100 {GSCON_EV_RR_ASS_COMPL, "RR_ASSIGN_COMPL"},
101 {GSCON_EV_RR_ASS_FAIL, "RR_ASSIGN_FAIL"},
102 {GSCON_EV_RR_MODE_MODIFY_ACK, "RR_MODE_MODIFY_ACK"},
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]103 {GSCON_EV_RLL_REL_IND, "RLL_RELEASE.ind"},
104 {GSCON_EV_RSL_CONN_FAIL, "RSL_CONN_FAIL.ind"},
105 {GSCON_EV_RSL_CLEAR_COMPL, "RSL_CLEAR_COMPLETE"},
106
107 {GSCON_EV_MO_DTAP, "MO-DTAP"},
108 {GSCON_EV_MT_DTAP, "MT-DTAP"},
109 {GSCON_EV_TX_SCCP, "TX_SCCP"},
110
111 {GSCON_EV_MGW_FAIL_BTS, "MGW_FAILURE_BTS"},
112 {GSCON_EV_MGW_FAIL_MSC, "MGW_FAILURE_MSC"},
113 {GSCON_EV_MGW_CRCX_RESP_BTS, "MGW_CRCX_RESPONSE_BTS"},
114 {GSCON_EV_MGW_MDCX_RESP_BTS, "MGW_MDCX_RESPONSE_BTS"},
115 {GSCON_EV_MGW_CRCX_RESP_MSC, "MGW_CRCX_RESPONSE_MSC"},
116
117 {GSCON_EV_HO_START, "HO_START"},
118 {GSCON_EV_HO_TIMEOUT, "HO_TIMEOUT"},
119 {GSCON_EV_HO_FAIL, "HO_FAIL"},
120 {GSCON_EV_HO_COMPL, "HO_COMPL"},
121
122 {0, NULL}
123};
124
125/* Send data SCCP message through SCCP connection. All sigtran messages
126 * that are send from this FSM must use this function. Never use
127 * osmo_bsc_sigtran_send() directly since this would defeat the checks
128 * provided by this function. */
129static void sigtran_send(struct gsm_subscriber_connection *conn, struct msgb *msg, struct osmo_fsm_inst *fi)
130{
131 int rc;
132
133 /* Make sure that we only attempt to send SCCP messages if we have
134 * a life SCCP connection. Otherwise drop the message. */
135 if (fi->state == ST_INIT || fi->state == ST_WAIT_CC) {
136 LOGPFSML(fi, LOGL_ERROR, "No active SCCP connection, dropping message!\n");
137 msgb_free(msg);
138 return;
139 }
140
141 rc = osmo_bsc_sigtran_send(conn, msg);
142 if (rc < 0)
143 LOGPFSML(fi, LOGL_ERROR, "Unable to deliver SCCP message!\n");
144}
145
Harald Welteead291a2018-03-21 22:11:32 +0100[diff] [blame]146
147/* See TS 48.008 3.2.2.11 Channel Type Octet 5 */
148static int bssap_speech_from_lchan(const struct gsm_lchan *lchan)
149{
150 switch (lchan->type) {
151 case GSM_LCHAN_TCH_H:
152 switch (lchan->tch_mode) {
153 case GSM48_CMODE_SPEECH_V1:
154 return 0x05;
155 case GSM48_CMODE_SPEECH_AMR:
156 return 0x25;
157 default:
158 return -1;
159 }
160 break;
161 case GSM_LCHAN_TCH_F:
162 switch (lchan->tch_mode) {
163 case GSM48_CMODE_SPEECH_V1:
164 return 0x01;
165 case GSM48_CMODE_SPEECH_EFR:
166 return 0x11;
167 case GSM48_CMODE_SPEECH_AMR:
168 return 0x21;
169 default:
170 return -1;
171 }
172 break;
173 default:
174 return -1;
175 }
176}
177
178/* GSM 08.08 3.2.2.33 */
179static uint8_t lchan_to_chosen_channel(struct gsm_lchan *lchan)
180{
181 uint8_t channel_mode = 0, channel = 0;
182
183 switch (lchan->tch_mode) {
184 case GSM48_CMODE_SPEECH_V1:
185 case GSM48_CMODE_SPEECH_EFR:
186 case GSM48_CMODE_SPEECH_AMR:
187 channel_mode = 0x9;
188 break;
189 case GSM48_CMODE_SIGN:
190 channel_mode = 0x8;
191 break;
192 case GSM48_CMODE_DATA_14k5:
193 channel_mode = 0xe;
194 break;
195 case GSM48_CMODE_DATA_12k0:
196 channel_mode = 0xb;
197 break;
198 case GSM48_CMODE_DATA_6k0:
199 channel_mode = 0xc;
200 break;
201 case GSM48_CMODE_DATA_3k6:
202 channel_mode = 0xd;
203 break;
204 }
205
206 switch (lchan->type) {
207 case GSM_LCHAN_NONE:
208 channel = 0x0;
209 break;
210 case GSM_LCHAN_SDCCH:
211 channel = 0x1;
212 break;
213 case GSM_LCHAN_TCH_F:
214 channel = 0x8;
215 break;
216 case GSM_LCHAN_TCH_H:
217 channel = 0x9;
218 break;
219 case GSM_LCHAN_UNKNOWN:
220 default:
221 LOGP(DMSC, LOGL_ERROR, "Unknown lchan type: %p\n", lchan);
222 break;
223 }
224
225 return channel_mode << 4 | channel;
226}
227
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]228/* Generate and send assignment complete message */
229static void send_ass_compl(struct gsm_lchan *lchan, struct osmo_fsm_inst *fi)
230{
231 struct msgb *resp;
232 struct gsm0808_speech_codec sc;
233 struct gsm_subscriber_connection *conn;
Harald Welteead291a2018-03-21 22:11:32 +0100[diff] [blame]234 int perm_spch = bssap_speech_from_lchan(lchan);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]235
236 conn = lchan->conn;
237
238 OSMO_ASSERT(lchan->abis_ip.ass_compl.valid);
239 OSMO_ASSERT(conn);
240
241 LOGPFSML(fi, LOGL_DEBUG, "Sending assignment complete message... (id=%i)\n", conn->sccp.conn_id);
242
243 /* Extrapolate speech codec from speech mode */
Harald Welteead291a2018-03-21 22:11:32 +0100[diff] [blame]244 gsm0808_speech_codec_from_chan_type(&sc, perm_spch);
245 /* FIXME: AMR codec configuration must be derived from lchan1! */
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]246
247 /* Generate message */
248 resp = gsm0808_create_ass_compl(lchan->abis_ip.ass_compl.rr_cause,
Harald Welteead291a2018-03-21 22:11:32 +0100[diff] [blame]249 lchan_to_chosen_channel(lchan),
250 lchan->encr.alg_id, perm_spch,
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]251 &conn->user_plane.aoip_rtp_addr_local, &sc, NULL);
252
253 if (!resp) {
254 LOGPFSML(fi, LOGL_ERROR, "Failed to generate assignment completed message! (id=%i)\n",
255 conn->sccp.conn_id);
256 }
257
258 sigtran_send(conn, resp, fi);
259}
260
261/* forward MT DTAP from BSSAP side to RSL side */
262static void submit_dtap(struct gsm_subscriber_connection *conn, struct msgb *msg, struct osmo_fsm_inst *fi)
263{
264 int rc;
265 struct msgb *resp = NULL;
266
267 OSMO_ASSERT(fi);
268 OSMO_ASSERT(msg);
269 OSMO_ASSERT(conn);
270
271 rc = gsm0808_submit_dtap(conn, msg, OBSC_LINKID_CB(msg), 1);
272 if (rc != 0) {
273 LOGPFSML(fi, LOGL_ERROR, "Tx BSSMAP CLEAR REQUEST to MSC\n");
274 resp = gsm0808_create_clear_rqst(GSM0808_CAUSE_EQUIPMENT_FAILURE);
275 sigtran_send(conn, resp, fi);
276 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
277 return;
278 }
279}
280
281/* forward MO DTAP from RSL side to BSSAP side */
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]282static void forward_dtap(struct gsm_subscriber_connection *conn, struct msgb *msg, struct osmo_fsm_inst *fi)
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]283{
284 struct msgb *resp = NULL;
285
286 OSMO_ASSERT(msg);
287 OSMO_ASSERT(conn);
288
289 resp = gsm0808_create_dtap(msg, OBSC_LINKID_CB(msg));
290 sigtran_send(conn, resp, fi);
291}
292
293/* In case there are open MGCP connections, toss
294 * those connections */
295static void toss_mgcp_conn(struct gsm_subscriber_connection *conn, struct osmo_fsm_inst *fi)
296{
297 LOGPFSML(fi, LOGL_ERROR, "tossing all MGCP connections...\n");
298
299 if (conn->user_plane.fi_bts) {
300 mgcp_conn_delete(conn->user_plane.fi_bts);
301 conn->user_plane.fi_bts = NULL;
302 }
303
304 if (conn->user_plane.fi_msc) {
305 mgcp_conn_delete(conn->user_plane.fi_msc);
306 conn->user_plane.fi_msc = NULL;
307 }
308
309 if (conn->user_plane.mgw_endpoint) {
310 talloc_free(conn->user_plane.mgw_endpoint);
311 conn->user_plane.mgw_endpoint = NULL;
312 }
313}
314
315static void gscon_fsm_init(struct osmo_fsm_inst *fi, uint32_t event, void *data)
316{
317 struct gsm_subscriber_connection *conn = fi->priv;
318 struct osmo_scu_prim *scu_prim = NULL;
319 struct msgb *msg = NULL;
320 int rc;
321
322 switch (event) {
323 case GSCON_EV_A_CONN_REQ:
324 /* RLL ESTABLISH IND with initial L3 Message */
325 msg = data;
326 /* FIXME: Extract Mobile ID and update FSM using osmo_fsm_inst_set_id()
327 * i.e. we will probably extract the mobile identity earlier, where the
328 * imsi filter code is. Then we could just use it here.
329 * related: OS#2969 */
330
331 rc = osmo_bsc_sigtran_open_conn(conn, msg);
332 if (rc < 0) {
333 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_ERROR, NULL);
334 } else {
335 /* SCCP T(conn est) is 1-2 minutes, way too long. The MS will timeout
336 * using T3210 (20s), T3220 (5s) or T3230 (10s) */
337 osmo_fsm_inst_state_chg(fi, ST_WAIT_CC, 20, 993210);
338 }
339 break;
340 case GSCON_EV_A_CONN_IND:
341 scu_prim = data;
342 if (!conn->sccp.msc) {
343 LOGPFSML(fi, LOGL_NOTICE, "N-CONNECT.ind from unknown MSC %s\n",
344 osmo_sccp_addr_dump(&scu_prim->u.connect.calling_addr));
345 osmo_sccp_tx_disconn(conn->sccp.msc->a.sccp_user, scu_prim->u.connect.conn_id,
346 &scu_prim->u.connect.called_addr, 0);
347 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, NULL);
348 }
349 /* FIXME: Extract optional IMSI and update FSM using osmo_fsm_inst_set_id()
350 * related: OS2969 (same as above) */
351
352 LOGPFSML(fi, LOGL_NOTICE, "No support for MSC-originated SCCP Connections yet\n");
353 osmo_sccp_tx_disconn(conn->sccp.msc->a.sccp_user, scu_prim->u.connect.conn_id,
354 &scu_prim->u.connect.called_addr, 0);
355 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, NULL);
356 break;
357 default:
358 OSMO_ASSERT(false);
359 break;
360 }
361}
362
363/* We've sent the CONNECTION.req to the SCCP provider and are waiting for CC from MSC */
364static void gscon_fsm_wait_cc(struct osmo_fsm_inst *fi, uint32_t event, void *data)
365{
366 switch (event) {
367 case GSCON_EV_A_CONN_CFM:
368 /* MSC has confirmed the connection, we now change into the
369 * active state and wait there for further operations */
370 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
371 /* if there's user payload, forward it just like EV_MT_DTAP */
372 /* FIXME: Question: if there's user payload attached to the CC, forward it like EV_MT_DTAP? */
373 break;
374 default:
375 OSMO_ASSERT(false);
376 break;
377 }
378}
379
380/* We're on an active subscriber connection, passing DTAP back and forth */
381static void gscon_fsm_active(struct osmo_fsm_inst *fi, uint32_t event, void *data)
382{
383 struct gsm_subscriber_connection *conn = fi->priv;
384 struct msgb *resp = NULL;
385 struct mgcp_conn_peer conn_peer;
386 int rc;
387
388 switch (event) {
389 case GSCON_EV_A_ASSIGNMENT_CMD:
390 /* MSC requests us to perform assignment, this code section is
391 * triggered via signal GSCON_EV_A_ASSIGNMENT_CMD from
392 * bssmap_handle_assignm_req() in osmo_bsc_bssap.c, which does
393 * the parsing of incoming assignment requests. */
394
395 LOGPFSML(fi, LOGL_NOTICE, "Channel assignment: chan_mode=%s, full_rate=%i\n",
396 get_value_string(gsm48_chan_mode_names, conn->user_plane.chan_mode),
397 conn->user_plane.full_rate);
398
399 /* FIXME: We need to check if current channel is sufficient. If
400 * yes, do MODIFY. If not, do assignment (see commented lines below) */
401
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]402 switch (conn->user_plane.chan_mode) {
403 case GSM48_CMODE_SPEECH_V1:
404 case GSM48_CMODE_SPEECH_EFR:
405 case GSM48_CMODE_SPEECH_AMR:
406 /* A voice channel is requested, so we run down the
407 * mgcp-ass-mgcp state-chain (see FIXME above) */
408 memset(&conn_peer, 0, sizeof(conn_peer));
409 conn_peer.call_id = conn->sccp.conn_id;
410 osmo_strlcpy(conn_peer.endpoint, ENDPOINT_ID, sizeof(conn_peer.endpoint));
411
412 /* (Pre)Change state and create the connection */
413 osmo_fsm_inst_state_chg(fi, ST_WAIT_CRCX_BTS, MGCP_MGW_TIMEOUT, MGCP_MGW_TIMEOUT_TIMER_NR);
414 conn->user_plane.fi_bts =
415 mgcp_conn_create(conn->network->mgw.client, fi, GSCON_EV_MGW_FAIL_BTS,
416 GSCON_EV_MGW_CRCX_RESP_BTS, &conn_peer);
417 if (!conn->user_plane.fi_bts) {
418 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
419 sigtran_send(conn, resp, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]420 return;
421 }
422 break;
423 case GSM48_CMODE_SIGN:
424 /* A signalling channel is requested, so we perform the
425 * channel assignment directly without performing any
426 * MGCP actions. ST_WAIT_ASS_CMPL will see by the
427 * conn->user_plane.chan_mode parameter that this
428 * assignment is for a signalling channel and will then
429 * change back to ST_ACTIVE (here) immediately. */
Harald Welte6900f812018-03-21 21:29:03 +0100[diff] [blame]430 rc = gsm0808_assign_req(conn, conn->user_plane.chan_mode,
431 conn->user_plane.full_rate);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]432 if (rc != 0) {
433 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
434 sigtran_send(conn, resp, fi);
435 return;
436 }
437
438 osmo_fsm_inst_state_chg(fi, ST_WAIT_ASS_CMPL, GSM0808_T10_VALUE, GSM0808_T10_TIMER_NR);
439 break;
440 default:
441 /* An unsupported channel is requested, so we have to
442 * reject this request by sending an assignment failure
443 * message immediately */
Pau Espin Pedrol55677de2018-03-17 01:12:33 +0100[diff] [blame]444 LOGPFSML(fi, LOGL_ERROR, "Requested channel mode is not supported! chan_mode=%s full_rate=%d\n",
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]445 get_value_string(gsm48_chan_mode_names, conn->user_plane.chan_mode),
446 conn->user_plane.full_rate);
447
448 /* The requested channel mode is not supported */
449 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_REQ_CODEC_TYPE_OR_CONFIG_NOT_SUPP, NULL);
450 sigtran_send(conn, resp, fi);
451 break;
452 }
453 break;
454 case GSCON_EV_HO_START:
455 rc = bsc_handover_start_gscon(conn);
456 if (rc) {
457 resp = gsm0808_create_clear_rqst(GSM0808_CAUSE_EQUIPMENT_FAILURE);
458 sigtran_send(conn, resp, fi);
459 osmo_fsm_inst_state_chg(fi, ST_CLEARING, 0, 0);
460 return;
461 }
462
463 /* Note: No timeout is set here, T3103 in handover_logic.c
464 * will generate a GSCON_EV_HO_TIMEOUT event should the
465 * handover time out, so we do not need another timeout
466 * here (maybe its worth to think about giving GSCON
467 * more power over the actual handover process). */
468 osmo_fsm_inst_state_chg(fi, ST_WAIT_HO_COMPL, 0, 0);
469 break;
470 case GSCON_EV_A_HO_REQ:
471 /* FIXME: reject any handover requests with HO FAIL until implemented */
472 break;
473 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]474 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]475 break;
476 case GSCON_EV_MT_DTAP:
477 submit_dtap(conn, (struct msgb *)data, fi);
478 break;
479 case GSCON_EV_TX_SCCP:
480 sigtran_send(conn, (struct msgb *)data, fi);
481 break;
482 default:
483 OSMO_ASSERT(false);
484 break;
485 }
486}
487
488/* Before we may start the channel assignment we need to get an IP/Port for the
489 * RTP connection from the MGW */
490static void gscon_fsm_wait_crcx_bts(struct osmo_fsm_inst *fi, uint32_t event, void *data)
491{
492 struct gsm_subscriber_connection *conn = fi->priv;
493 struct mgcp_conn_peer *conn_peer = NULL;
494 struct msgb *resp = NULL;
495 int rc;
496
497 switch (event) {
498 case GSCON_EV_MGW_CRCX_RESP_BTS:
499 conn_peer = data;
500
Philipp Maier393165c2018-03-21 11:15:33 +0100[diff] [blame]501 /* Check if the MGW has assigned an enpoint to us, otherwise we
502 * can not proceed. */
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]503 if (strlen(conn_peer->endpoint) <= 0) {
504 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
505 sigtran_send(conn, resp, fi);
506 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
507 return;
508 }
509
510 /* Memorize the endpoint name we got assigned from the MGW.
511 * When the BTS sided connection is done, we need to create
512 * a second connection on that same endpoint, so we need
513 * to know its ID */
514 if (!conn->user_plane.mgw_endpoint)
515 conn->user_plane.mgw_endpoint = talloc_zero_size(conn, MGCP_ENDPOINT_MAXLEN);
516 OSMO_ASSERT(conn->user_plane.mgw_endpoint);
517 osmo_strlcpy(conn->user_plane.mgw_endpoint, conn_peer->endpoint, MGCP_ENDPOINT_MAXLEN);
518
519 /* Store the IP-Address and the port the MGW assigned to us,
520 * then start the channel assignment. */
521 conn->user_plane.rtp_port = conn_peer->port;
522 conn->user_plane.rtp_ip = osmo_ntohl(inet_addr(conn_peer->addr));
Harald Welte6900f812018-03-21 21:29:03 +0100[diff] [blame]523 rc = gsm0808_assign_req(conn, conn->user_plane.chan_mode, conn->user_plane.full_rate);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]524 if (rc != 0) {
525 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_RQSTED_SPEECH_VERSION_UNAVAILABLE, NULL);
526 sigtran_send(conn, resp, fi);
527 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
528 return;
529 }
530
531 osmo_fsm_inst_state_chg(fi, ST_WAIT_ASS_CMPL, GSM0808_T10_VALUE, GSM0808_T10_TIMER_NR);
532 break;
533 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]534 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]535 break;
536 case GSCON_EV_MT_DTAP:
537 submit_dtap(conn, (struct msgb *)data, fi);
538 break;
539 case GSCON_EV_TX_SCCP:
540 sigtran_send(conn, (struct msgb *)data, fi);
541 break;
542 default:
543 OSMO_ASSERT(false);
544 break;
545 }
546}
547
548/* We're waiting for an ASSIGNMENT COMPLETE from MS */
549static void gscon_fsm_wait_ass_cmpl(struct osmo_fsm_inst *fi, uint32_t event, void *data)
550{
551 struct gsm_subscriber_connection *conn = fi->priv;
552 struct gsm_lchan *lchan = conn->lchan;
553 struct mgcp_conn_peer conn_peer;
554 struct in_addr addr;
555 struct msgb *resp = NULL;
556 int rc;
557
558 switch (event) {
559 case GSCON_EV_RR_ASS_COMPL:
560 switch (conn->user_plane.chan_mode) {
561 case GSM48_CMODE_SPEECH_V1:
562 case GSM48_CMODE_SPEECH_EFR:
563 case GSM48_CMODE_SPEECH_AMR:
564 /* FIXME: What if we are using SCCP-Lite? */
565
566 /* We are dealing with a voice channel, so we can not
567 * confirm the assignment directly. We must first do
568 * some final steps on the MGCP side. */
569
570 /* Prepare parameters with the information we got during the assignment */
571 memset(&conn_peer, 0, sizeof(conn_peer));
572 addr.s_addr = osmo_ntohl(lchan->abis_ip.bound_ip);
573 osmo_strlcpy(conn_peer.addr, inet_ntoa(addr), sizeof(conn_peer.addr));
574 conn_peer.port = lchan->abis_ip.bound_port;
575
576 /* (Pre)Change state and modify the connection */
577 osmo_fsm_inst_state_chg(fi, ST_WAIT_MDCX_BTS, MGCP_MGW_TIMEOUT, MGCP_MGW_TIMEOUT_TIMER_NR);
578 rc = mgcp_conn_modify(conn->user_plane.fi_bts, GSCON_EV_MGW_MDCX_RESP_BTS, &conn_peer);
579 if (rc != 0) {
580 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
581 sigtran_send(conn, resp, fi);
582 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
583 return;
584 }
585 break;
586 case GSM48_CMODE_SIGN:
587 /* Confirm the successful assignment on BSSMAP and
588 * change back into active state */
589 send_ass_compl(lchan, fi);
590 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
591 break;
592 default:
593 /* Unsupported modes should have been already filtered
594 * by gscon_fsm_active(). If we reach the default
595 * section here anyway than some unsupported mode must
596 * have made it into the FSM, this would be a bug, so
597 * we fire an assertion here */
598 OSMO_ASSERT(false);
599 break;
600 }
601
602 break;
603 case GSCON_EV_RR_ASS_FAIL:
604 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_RQSTED_TERRESTRIAL_RESOURCE_UNAVAILABLE, NULL);
605 sigtran_send(conn, resp, fi);
606 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
607 break;
608 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]609 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]610 break;
611 case GSCON_EV_MT_DTAP:
612 submit_dtap(conn, (struct msgb *)data, fi);
613 break;
614 case GSCON_EV_TX_SCCP:
615 sigtran_send(conn, (struct msgb *)data, fi);
616 break;
617 default:
618 OSMO_ASSERT(false);
619 break;
620 }
621}
622
623/* We are waiting for the MGW response to the MDCX */
624static void gscon_fsm_wait_mdcx_bts(struct osmo_fsm_inst *fi, uint32_t event, void *data)
625{
626 struct gsm_subscriber_connection *conn = fi->priv;
627 struct mgcp_conn_peer conn_peer;
628 struct sockaddr_in *sin = NULL;
629 struct msgb *resp = NULL;
630
631 switch (event) {
632 case GSCON_EV_MGW_MDCX_RESP_BTS:
633
634 /* Prepare parameters with the connection information we got
635 * with the assignment command */
636 memset(&conn_peer, 0, sizeof(conn_peer));
637 conn_peer.call_id = conn->sccp.conn_id;
638 sin = (struct sockaddr_in *)&conn->user_plane.aoip_rtp_addr_remote;
639 conn_peer.port = osmo_ntohs(sin->sin_port);
640 osmo_strlcpy(conn_peer.addr, inet_ntoa(sin->sin_addr), sizeof(conn_peer.addr));
641
642 /* Make sure we use the same endpoint where we created the
643 * BTS connection. */
644 osmo_strlcpy(conn_peer.endpoint, conn->user_plane.mgw_endpoint, sizeof(conn_peer.endpoint));
645
646 /* (Pre)Change state and create the connection */
647 osmo_fsm_inst_state_chg(fi, ST_WAIT_CRCX_MSC, MGCP_MGW_TIMEOUT, MGCP_MGW_TIMEOUT_TIMER_NR);
648 conn->user_plane.fi_msc =
649 mgcp_conn_create(conn->network->mgw.client, fi, GSCON_EV_MGW_FAIL_MSC, GSCON_EV_MGW_CRCX_RESP_MSC,
650 &conn_peer);
651 if (!conn->user_plane.fi_bts) {
652 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
653 sigtran_send(conn, resp, fi);
654 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
655 return;
656 }
657
658 break;
659 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]660 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]661 break;
662 case GSCON_EV_MT_DTAP:
663 submit_dtap(conn, (struct msgb *)data, fi);
664 break;
665 case GSCON_EV_TX_SCCP:
666 sigtran_send(conn, (struct msgb *)data, fi);
667 break;
668 default:
669 OSMO_ASSERT(false);
670 break;
671 }
672}
673
674static void gscon_fsm_wait_crcx_msc(struct osmo_fsm_inst *fi, uint32_t event, void *data)
675{
676 struct gsm_subscriber_connection *conn = fi->priv;
677 struct mgcp_conn_peer *conn_peer = NULL;
678 struct gsm_lchan *lchan = conn->lchan;
679 struct sockaddr_in *sin = NULL;
680
681 switch (event) {
682 case GSCON_EV_MGW_CRCX_RESP_MSC:
683 conn_peer = data;
684
685 /* Store address information we got in response from the CRCX command. */
686 sin = (struct sockaddr_in *)&conn->user_plane.aoip_rtp_addr_local;
687 sin->sin_family = AF_INET;
688 sin->sin_addr.s_addr = inet_addr(conn_peer->addr);
689 sin->sin_port = osmo_ntohs(conn_peer->port);
690
691 /* Send assignment complete message to the MSC */
692 send_ass_compl(lchan, fi);
693
694 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
695
696 break;
697 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]698 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]699 break;
700 case GSCON_EV_MT_DTAP:
701 submit_dtap(conn, (struct msgb *)data, fi);
702 break;
703 case GSCON_EV_TX_SCCP:
704 sigtran_send(conn, (struct msgb *)data, fi);
705 break;
706 default:
707 OSMO_ASSERT(false);
708 break;
709 }
710}
711
712/* We're waiting for a MODE MODIFY ACK from MS + BTS */
713static void gscon_fsm_wait_mode_modify_ack(struct osmo_fsm_inst *fi, uint32_t event, void *data)
714{
715 struct gsm_subscriber_connection *conn = fi->priv;
716 struct gsm_lchan *lchan = conn->lchan;
717
718 switch (event) {
719 case GSCON_EV_RR_MODE_MODIFY_ACK:
720 /* we assume that not only have we received the RR MODE_MODIFY_ACK, but
721 * actually that also the BTS side of the channel mode has been changed accordingly */
722 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
723
724 /* FIXME: Check if this requires special handling. For now I assume that the send_ass_compl()
725 * can be used. But I am not sure. */
726 send_ass_compl(lchan, fi);
727
728 break;
729 /* FIXME: Do we need to handle DTAP traffic in this state? Maybe yes? Needs to be checked. */
730 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]731 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]732 break;
733 case GSCON_EV_MT_DTAP:
734 submit_dtap(conn, (struct msgb *)data, fi);
735 break;
736 case GSCON_EV_TX_SCCP:
737 sigtran_send(conn, (struct msgb *)data, fi);
738 break;
739 default:
740 OSMO_ASSERT(false);
741 break;
742 }
743}
744
745static void gscon_fsm_clearing(struct osmo_fsm_inst *fi, uint32_t event, void *data)
746{
747 struct gsm_subscriber_connection *conn = fi->priv;
748 struct msgb *resp;
749
750 switch (event) {
751 case GSCON_EV_RSL_CLEAR_COMPL:
752 resp = gsm0808_create_clear_complete();
753 sigtran_send(conn, resp, fi);
754 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, data);
755 break;
756 default:
757 OSMO_ASSERT(false);
758 break;
759 }
760}
761
762/* Wait for the handover logic to tell us whether the handover completed,
763 * failed or has timed out */
764static void gscon_fsm_wait_ho_compl(struct osmo_fsm_inst *fi, uint32_t event, void *data)
765{
766 struct gsm_subscriber_connection *conn = fi->priv;
767 struct mgcp_conn_peer conn_peer;
768 struct gsm_lchan *lchan = conn->lchan;
769 struct in_addr addr;
770 struct msgb *resp;
771 int rc;
772
773 switch (event) {
774 case GSCON_EV_HO_COMPL:
775 /* The handover logic informs us that the handover has been
776 * completet. Now we have to tell the MGW the IP/Port on the
777 * new BTS so that the uplink RTP traffic can be redirected
778 * there. */
779
780 /* Prepare parameters with the information we got during the
781 * handover procedure (via IPACC) */
782 memset(&conn_peer, 0, sizeof(conn_peer));
783 addr.s_addr = osmo_ntohl(lchan->abis_ip.bound_ip);
784 osmo_strlcpy(conn_peer.addr, inet_ntoa(addr), sizeof(conn_peer.addr));
785 conn_peer.port = lchan->abis_ip.bound_port;
786
787 /* (Pre)Change state and modify the connection */
788 osmo_fsm_inst_state_chg(fi, ST_WAIT_MDCX_BTS_HO, MGCP_MGW_TIMEOUT, MGCP_MGW_HO_TIMEOUT_TIMER_NR);
789 rc = mgcp_conn_modify(conn->user_plane.fi_bts, GSCON_EV_MGW_MDCX_RESP_BTS, &conn_peer);
790 if (rc != 0) {
791 resp = gsm0808_create_clear_rqst(GSM0808_CAUSE_EQUIPMENT_FAILURE);
792 sigtran_send(conn, resp, fi);
793 osmo_fsm_inst_state_chg(fi, ST_CLEARING, 0, 0);
794 return;
795 }
796 break;
797 case GSCON_EV_HO_TIMEOUT:
798 case GSCON_EV_HO_FAIL:
799 /* The handover logic informs us that the handover failed for
800 * some reason. This means the phone stays on the TS/BTS on
801 * which it currently is. We will change back to the active
802 * state again as there are no further operations needed */
803 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
804 break;
805 default:
806 OSMO_ASSERT(false);
807 break;
808 }
809}
810
811/* Wait for the MGW to confirm handover related modification of the connection
812 * parameters */
813static void gscon_fsm_wait_mdcx_bts_ho(struct osmo_fsm_inst *fi, uint32_t event, void *data)
814{
815 struct gsm_subscriber_connection *conn = fi->priv;
816
817 switch (event) {
818 case GSCON_EV_MGW_MDCX_RESP_BTS:
819 /* The MGW has confirmed the handover MDCX, and the handover
820 * is now also done on the RTP side. We may now change back
821 * to the active state. */
822 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
823 break;
824 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]825 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]826 break;
827 case GSCON_EV_MT_DTAP:
828 submit_dtap(conn, (struct msgb *)data, fi);
829 break;
830 case GSCON_EV_TX_SCCP:
831 sigtran_send(conn, (struct msgb *)data, fi);
832 break;
833 default:
834 OSMO_ASSERT(false);
835 break;
836 }
837}
838
839#define EV_TRANSPARENT_SCCP S(GSCON_EV_TX_SCCP) | S(GSCON_EV_MO_DTAP) | S(GSCON_EV_MT_DTAP)
840
841static const struct osmo_fsm_state gscon_fsm_states[] = {
842 [ST_INIT] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]843 .name = OSMO_STRINGIFY(INIT),
844 .in_event_mask = S(GSCON_EV_A_CONN_REQ) | S(GSCON_EV_A_CONN_IND),
845 .out_state_mask = S(ST_WAIT_CC),
846 .action = gscon_fsm_init,
847 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]848 [ST_WAIT_CC] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]849 .name = OSMO_STRINGIFY(WAIT_CC),
850 .in_event_mask = S(GSCON_EV_A_CONN_CFM),
851 .out_state_mask = S(ST_ACTIVE),
852 .action = gscon_fsm_wait_cc,
853 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]854 [ST_ACTIVE] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]855 .name = OSMO_STRINGIFY(ACTIVE),
856 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_A_ASSIGNMENT_CMD) |
857 S(GSCON_EV_A_HO_REQ) | S(GSCON_EV_HO_START),
858 .out_state_mask = S(ST_CLEARING) | S(ST_WAIT_CRCX_BTS) | S(ST_WAIT_ASS_CMPL) |
859 S(ST_WAIT_MODE_MODIFY_ACK) | S(ST_WAIT_MO_HO_CMD) | S(ST_WAIT_HO_COMPL),
860 .action = gscon_fsm_active,
861 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]862 [ST_WAIT_CRCX_BTS] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]863 .name = OSMO_STRINGIFY(WAIT_CRCX_BTS),
864 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_MGW_CRCX_RESP_BTS),
865 .out_state_mask = S(ST_ACTIVE) | S(ST_WAIT_ASS_CMPL),
866 .action = gscon_fsm_wait_crcx_bts,
867 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]868 [ST_WAIT_ASS_CMPL] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]869 .name = OSMO_STRINGIFY(WAIT_ASS_CMPL),
870 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_RR_ASS_COMPL) | S(GSCON_EV_RR_ASS_FAIL),
871 .out_state_mask = S(ST_ACTIVE) | S(ST_WAIT_MDCX_BTS),
872 .action = gscon_fsm_wait_ass_cmpl,
873 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]874 [ST_WAIT_MDCX_BTS] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]875 .name = OSMO_STRINGIFY(WAIT_MDCX_BTS),
876 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_MGW_MDCX_RESP_BTS),
877 .out_state_mask = S(ST_ACTIVE) | S(ST_WAIT_CRCX_MSC),
878 .action = gscon_fsm_wait_mdcx_bts,
879 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]880 [ST_WAIT_CRCX_MSC] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]881 .name = OSMO_STRINGIFY(WAIT_CRCX_MSC),
882 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_MGW_CRCX_RESP_MSC),
883 .out_state_mask = S(ST_ACTIVE),
884 .action = gscon_fsm_wait_crcx_msc,
885 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]886 [ST_WAIT_MODE_MODIFY_ACK] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]887 .name = OSMO_STRINGIFY(WAIT_MODE_MODIFY_ACK),
888 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_RR_MODE_MODIFY_ACK),
889 .out_state_mask = S(ST_ACTIVE) | S(ST_CLEARING),
890 .action = gscon_fsm_wait_mode_modify_ack,
891 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]892 [ST_CLEARING] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]893 .name = OSMO_STRINGIFY(CLEARING),
894 .in_event_mask = S(GSCON_EV_RSL_CLEAR_COMPL),
895 .action = gscon_fsm_clearing,
896 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]897
898 /* TODO: external handover, probably it makes sense to break up the
899 * program flow in handover_logic.c a bit and handle some of the logic
900 * here? */
901 [ST_WAIT_MT_HO_ACC] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]902 .name = OSMO_STRINGIFY(WAIT_MT_HO_ACC),
903 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]904 [ST_WAIT_MT_HO_COMPL] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]905 .name = OSMO_STRINGIFY(WAIT_MT_HO_COMPL),
906 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]907 [ST_WAIT_MO_HO_CMD] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]908 .name = OSMO_STRINGIFY(WAIT_MO_HO_CMD),
909 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]910 [ST_MO_HO_PROCEEDING] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]911 .name = OSMO_STRINGIFY(MO_HO_PROCEEDING),
912 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]913
914 /* Internal handover */
915 [ST_WAIT_HO_COMPL] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]916 .name = OSMO_STRINGIFY(WAIT_HO_COMPL),
917 .in_event_mask = S(GSCON_EV_HO_COMPL) | S(GSCON_EV_HO_FAIL) | S(GSCON_EV_HO_TIMEOUT),
Philipp Maierecb03082018-03-26 12:05:48 +0200[diff] [blame]918 .out_state_mask = S(ST_ACTIVE) | S(ST_WAIT_MDCX_BTS_HO) | S(ST_CLEARING),
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]919 .action = gscon_fsm_wait_ho_compl,
920 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]921 [ST_WAIT_MDCX_BTS_HO] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]922 .name = OSMO_STRINGIFY(WAIT_MDCX_BTS_HO),
923 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_MGW_MDCX_RESP_BTS),
924 .action = gscon_fsm_wait_mdcx_bts_ho,
925 .out_state_mask = S(ST_ACTIVE),
926 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]927};
928
929static void gscon_fsm_allstate(struct osmo_fsm_inst *fi, uint32_t event, void *data)
930{
931 struct gsm_subscriber_connection *conn = fi->priv;
932 struct msgb *resp = NULL;
933
934 /* When a connection on the MGW fails, make sure that the reference
935 * in our book-keeping is erased. */
936 switch (event) {
937 case GSCON_EV_MGW_FAIL_BTS:
938 conn->user_plane.fi_bts = NULL;
939 break;
940 case GSCON_EV_MGW_FAIL_MSC:
941 conn->user_plane.fi_msc = NULL;
942 break;
943 }
944
945 /* Regular allstate event processing */
946 switch (event) {
947 case GSCON_EV_MGW_FAIL_BTS:
948 case GSCON_EV_MGW_FAIL_MSC:
949 /* Note: An MGW connection die per definition at any time.
950 * However, if it dies during the assignment we must return
951 * with an assignment failure */
Philipp Maier70fcde62018-03-21 11:17:32 +0100[diff] [blame]952 OSMO_ASSERT(fi->state != ST_INIT && fi->state != ST_WAIT_CC);
953 if (fi->state == ST_WAIT_CRCX_BTS || fi->state == ST_WAIT_ASS_CMPL || fi->state == ST_WAIT_MDCX_BTS
954 || fi->state == ST_WAIT_CRCX_MSC) {
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]955 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
956 sigtran_send(conn, resp, fi);
957 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
958 }
959 break;
960 case GSCON_EV_A_CLEAR_CMD:
961 /* MSC tells us to cleanly shut down */
962 osmo_fsm_inst_state_chg(fi, ST_CLEARING, 0, 0);
963 gsm0808_clear(conn);
964 /* FIXME: Release all terestrial resources in ST_CLEARING */
965 /* According to 3GPP 48.008 3.1.9.1. "The BSS need not wait for the radio channel
966 * release to be completed or for the guard timer to expire before returning the
967 * CLEAR COMPLETE message" */
968
969 /* Close MGCP connections */
970 toss_mgcp_conn(conn, fi);
971
972 /* FIXME: Question: Is this a hack to force a clear complete from internel?
973 * nobody seems to send the event from outside? */
974 osmo_fsm_inst_dispatch(conn->fi, GSCON_EV_RSL_CLEAR_COMPL, NULL);
975 break;
976 case GSCON_EV_A_DISC_IND:
977 /* MSC or SIGTRAN network has hard-released SCCP connection,
978 * terminate the FSM now. */
979 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, data);
980 break;
981 case GSCON_EV_RLL_REL_IND:
982 /* BTS reports that one of the LAPDm data links was released */
983 /* send proper clear request to MSC */
984 LOGPFSML(fi, LOGL_DEBUG, "Tx BSSMAP CLEAR REQUEST to MSC\n");
985 resp = gsm0808_create_clear_rqst(GSM0808_CAUSE_RADIO_INTERFACE_MESSAGE_FAILURE);
986 sigtran_send(conn, resp, fi);
987 break;
988 case GSCON_EV_RSL_CONN_FAIL:
989 LOGPFSML(fi, LOGL_DEBUG, "Tx BSSMAP CLEAR REQUEST to MSC\n");
990 resp = gsm0808_create_clear_rqst(GSM0808_CAUSE_RADIO_INTERFACE_FAILURE);
991 sigtran_send(conn, resp, fi);
992 break;
993 default:
994 OSMO_ASSERT(false);
995 break;
996 }
997}
998
999void ho_dtap_cache_flush(struct gsm_subscriber_connection *conn, int send);
1000
1001static void gscon_cleanup(struct osmo_fsm_inst *fi, enum osmo_fsm_term_cause cause)
1002{
1003 struct gsm_subscriber_connection *conn = fi->priv;
1004
1005 if (conn->ho) {
1006 LOGPFSML(fi, LOGL_DEBUG, "Releasing handover state\n");
1007 bsc_clear_handover(conn, 1);
1008 conn->ho = NULL;
1009 }
1010
1011 if (conn->secondary_lchan) {
1012 LOGPFSML(fi, LOGL_DEBUG, "Releasing secondary_lchan\n");
1013 lchan_release(conn->secondary_lchan, 0, RSL_REL_LOCAL_END);
1014 conn->secondary_lchan = NULL;
1015 }
1016 if (conn->lchan) {
1017 LOGPFSML(fi, LOGL_DEBUG, "Releasing lchan\n");
1018 lchan_release(conn->lchan, 0, RSL_REL_LOCAL_END);
1019 conn->lchan = NULL;
1020 }
1021
1022 if (conn->bsub) {
1023 LOGPFSML(fi, LOGL_DEBUG, "Putting bsc_subscr\n");
1024 bsc_subscr_put(conn->bsub);
1025 conn->bsub = NULL;
1026 }
1027
1028 if (conn->sccp.state != SUBSCR_SCCP_ST_NONE) {
1029 LOGPFSML(fi, LOGL_DEBUG, "Disconnecting SCCP\n");
1030 struct bsc_msc_data *msc = conn->sccp.msc;
1031 /* FIXME: include a proper cause value / error message? */
1032 osmo_sccp_tx_disconn(msc->a.sccp_user, conn->sccp.conn_id, &msc->a.bsc_addr, 0);
1033 conn->sccp.state = SUBSCR_SCCP_ST_NONE;
1034 }
1035
1036 /* drop pending messages */
1037 ho_dtap_cache_flush(conn, 0);
1038
1039 penalty_timers_free(&conn->hodec2.penalty_timers);
1040
1041 llist_del(&conn->entry);
1042 talloc_free(conn);
1043 fi->priv = NULL;
1044}
1045
1046static void gscon_pre_term(struct osmo_fsm_inst *fi, enum osmo_fsm_term_cause cause)
1047{
1048 struct gsm_subscriber_connection *conn = fi->priv;
1049
1050 /* Make sure all possibly still open MGCP connections get closed */
1051 toss_mgcp_conn(conn, fi);
1052}
1053
1054static int gscon_timer_cb(struct osmo_fsm_inst *fi)
1055{
1056 struct gsm_subscriber_connection *conn = fi->priv;
1057 struct msgb *resp = NULL;
1058
1059 switch (fi->T) {
1060 case 993210:
Philipp Maier3ddb12d2018-04-13 16:47:26 +0200[diff] [blame^]1061 /* MSC has not responded/confirmed connection with CC, this
1062 * could indicate a bad SCCP connection. We now inform the the
1063 * FSM that controls the BSSMAP reset about the event. Maybe
1064 * a BSSMAP reset is necessary. */
1065 a_reset_conn_fail(conn->sccp.msc->a.reset);
1066
1067 /* Since we could not reach the MSC, we give up and terminate
1068 * the FSM instance now (N-DISCONNET.req is sent in
1069 * gscon_cleanup() above) */
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]1070 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, NULL);
1071 break;
1072 case GSM0808_T10_TIMER_NR: /* Assignment Failed */
1073 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_RADIO_INTERFACE_FAILURE, NULL);
1074 sigtran_send(conn, resp, fi);
1075 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
1076 break;
1077 case MGCP_MGW_TIMEOUT_TIMER_NR: /* Assignment failed (no response from MGW) */
1078 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
1079 sigtran_send(conn, resp, fi);
1080 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
1081 break;
1082 case MGCP_MGW_HO_TIMEOUT_TIMER_NR: /* Handover failed (no response from MGW) */
1083 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
1084 break;
1085 default:
1086 OSMO_ASSERT(false);
1087 }
1088 return 0;
1089}
1090
1091static struct osmo_fsm gscon_fsm = {
1092 .name = "SUBSCR_CONN",
1093 .states = gscon_fsm_states,
1094 .num_states = ARRAY_SIZE(gscon_fsm_states),
1095 .allstate_event_mask = S(GSCON_EV_A_DISC_IND) | S(GSCON_EV_A_CLEAR_CMD) | S(GSCON_EV_RSL_CONN_FAIL) |
1096 S(GSCON_EV_RLL_REL_IND) | S(GSCON_EV_MGW_FAIL_BTS) | S(GSCON_EV_MGW_FAIL_MSC),
1097 .allstate_action = gscon_fsm_allstate,
1098 .cleanup = gscon_cleanup,
1099 .pre_term = gscon_pre_term,
1100 .timer_cb = gscon_timer_cb,
1101 .log_subsys = DMSC,
1102 .event_names = gscon_fsm_event_names,
1103};
1104
1105/* Allocate a subscriber connection and its associated FSM */
1106struct gsm_subscriber_connection *bsc_subscr_con_allocate(struct gsm_network *net)
1107{
1108 struct gsm_subscriber_connection *conn;
1109 static bool g_initialized = false;
1110
1111 if (!g_initialized) {
1112 osmo_fsm_register(&gscon_fsm);
1113 g_initialized = true;
1114 }
1115
1116 conn = talloc_zero(net, struct gsm_subscriber_connection);
1117 if (!conn)
1118 return NULL;
1119
1120 conn->network = net;
1121 INIT_LLIST_HEAD(&conn->ho_dtap_cache);
1122 /* BTW, penalty timers will be initialized on-demand. */
1123 conn->sccp.conn_id = -1;
1124
1125 /* don't allocate from 'conn' context, as gscon_cleanup() will call talloc_free(conn) before
1126 * libosmocore will call talloc_free(conn->fi), i.e. avoid use-after-free during cleanup */
1127 conn->fi = osmo_fsm_inst_alloc(&gscon_fsm, net, conn, LOGL_NOTICE, NULL);
1128 if (!conn->fi) {
1129 talloc_free(conn);
1130 return NULL;
1131 }
1132
1133 llist_add_tail(&conn->entry, &net->subscr_conns);
1134 return conn;
1135}