Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-bsc / 6900f8123611fc4667ba42c25a03abf96e697aa7 / . / src / libbsc / bsc_subscr_conn_fsm.c
blob: 9d23dd55f07cbfcd70b98ce14396b196f8501148 [file] [log] [blame]
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]1/* (C) 2017 by Harald Welte <laforge@gnumonks.org>
2 * All Rights Reserved
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU Affero General Public License as published by
6 * the Free Software Foundation; either version 3 of the License, or
7 * (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU Affero General Public License for more details.
13 *
14 * You should have received a copy of the GNU Affero General Public License
15 * along with this program. If not, see <http://www.gnu.org/licenses/>.
16 *
17 */
18
19#include <osmocom/core/fsm.h>
20#include <osmocom/core/logging.h>
21#include <osmocom/gsm/gsm0808.h>
22#include <osmocom/sigtran/sccp_sap.h>
23#include <osmocom/gsm/gsm0808_utils.h>
24
25#include <osmocom/bsc/debug.h>
26#include <osmocom/bsc/bsc_api.h>
27#include <osmocom/bsc/gsm_data.h>
28#include <osmocom/bsc/handover.h>
29#include <osmocom/bsc/chan_alloc.h>
30#include <osmocom/bsc/bsc_subscriber.h>
31#include <osmocom/bsc/osmo_bsc_sigtran.h>
32#include <osmocom/bsc/bsc_subscr_conn_fsm.h>
33#include <osmocom/bsc/osmo_bsc.h>
34#include <osmocom/bsc/penalty_timers.h>
35#include <osmocom/mgcp_client/mgcp_client_fsm.h>
36#include <osmocom/core/byteswap.h>
37
38#define S(x) (1 << (x))
39
40#define MGCP_MGW_TIMEOUT 4 /* in seconds */
41#define MGCP_MGW_TIMEOUT_TIMER_NR 1
42
43#define MGCP_MGW_HO_TIMEOUT 4 /* in seconds */
44#define MGCP_MGW_HO_TIMEOUT_TIMER_NR 2
45
46#define GSM0808_T10_TIMER_NR 10
47#define GSM0808_T10_VALUE 6
48
49#define ENDPOINT_ID "rtpbridge/*@mgw"
50
51enum gscon_fsm_states {
52 ST_INIT,
53 /* waiting for CC from MSC */
54 ST_WAIT_CC,
55 /* active connection */
56 ST_ACTIVE,
57 /* during assignment; waiting for ASS_CMPL */
58 ST_WAIT_ASS_CMPL,
59 /* during assignment; waiting for MODE_MODIFY_ACK */
60 ST_WAIT_MODE_MODIFY_ACK,
61 /* BSSMAP CLEAR has been received */
62 ST_CLEARING,
63
64/* MGW handling */
65 /* during assignment; waiting for MGW response to CRCX for BTS */
66 ST_WAIT_CRCX_BTS,
67 /* during assignment; waiting for MGW response to MDCX for BTS */
68 ST_WAIT_MDCX_BTS,
69 /* during assignment; waiting for MGW response to CRCX for MSC */
70 ST_WAIT_CRCX_MSC,
71
72/* MT (inbound) handover */
73 /* Wait for Handover Access from MS/BTS */
74 ST_WAIT_MT_HO_ACC,
75 /* Wait for RR Handover Complete from MS/BTS */
76 ST_WAIT_MT_HO_COMPL,
77
78/* MO (outbound) handover */
79 /* Wait for Handover Command / Handover Required Reject from MSC */
80 ST_WAIT_MO_HO_CMD,
81 /* Wait for Clear Command from MSC */
82 ST_MO_HO_PROCEEDING,
83
84/* Internal HO handling */
85 /* Wait for the handover logic to complete the handover */
86 ST_WAIT_HO_COMPL,
87 /* during handover; waiting for MGW response to MDCX for BTS */
88 ST_WAIT_MDCX_BTS_HO,
89};
90
91static const struct value_string gscon_fsm_event_names[] = {
92 {GSCON_EV_A_CONN_IND, "MT-CONNECT.ind"},
93 {GSCON_EV_A_CONN_REQ, "MO-CONNECT.req"},
94 {GSCON_EV_A_CONN_CFM, "MO-CONNECT.cfm"},
95 {GSCON_EV_A_ASSIGNMENT_CMD, "ASSIGNMENT_CMD"},
96 {GSCON_EV_A_CLEAR_CMD, "CLEAR_CMD"},
97 {GSCON_EV_A_DISC_IND, "DISCONNET.ind"},
98 {GSCON_EV_A_HO_REQ, "HANDOVER_REQUEST"},
99
100 {GSCON_EV_RR_ASS_COMPL, "RR_ASSIGN_COMPL"},
101 {GSCON_EV_RR_ASS_FAIL, "RR_ASSIGN_FAIL"},
102 {GSCON_EV_RR_MODE_MODIFY_ACK, "RR_MODE_MODIFY_ACK"},
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]103 {GSCON_EV_RLL_REL_IND, "RLL_RELEASE.ind"},
104 {GSCON_EV_RSL_CONN_FAIL, "RSL_CONN_FAIL.ind"},
105 {GSCON_EV_RSL_CLEAR_COMPL, "RSL_CLEAR_COMPLETE"},
106
107 {GSCON_EV_MO_DTAP, "MO-DTAP"},
108 {GSCON_EV_MT_DTAP, "MT-DTAP"},
109 {GSCON_EV_TX_SCCP, "TX_SCCP"},
110
111 {GSCON_EV_MGW_FAIL_BTS, "MGW_FAILURE_BTS"},
112 {GSCON_EV_MGW_FAIL_MSC, "MGW_FAILURE_MSC"},
113 {GSCON_EV_MGW_CRCX_RESP_BTS, "MGW_CRCX_RESPONSE_BTS"},
114 {GSCON_EV_MGW_MDCX_RESP_BTS, "MGW_MDCX_RESPONSE_BTS"},
115 {GSCON_EV_MGW_CRCX_RESP_MSC, "MGW_CRCX_RESPONSE_MSC"},
116
117 {GSCON_EV_HO_START, "HO_START"},
118 {GSCON_EV_HO_TIMEOUT, "HO_TIMEOUT"},
119 {GSCON_EV_HO_FAIL, "HO_FAIL"},
120 {GSCON_EV_HO_COMPL, "HO_COMPL"},
121
122 {0, NULL}
123};
124
125/* Send data SCCP message through SCCP connection. All sigtran messages
126 * that are send from this FSM must use this function. Never use
127 * osmo_bsc_sigtran_send() directly since this would defeat the checks
128 * provided by this function. */
129static void sigtran_send(struct gsm_subscriber_connection *conn, struct msgb *msg, struct osmo_fsm_inst *fi)
130{
131 int rc;
132
133 /* Make sure that we only attempt to send SCCP messages if we have
134 * a life SCCP connection. Otherwise drop the message. */
135 if (fi->state == ST_INIT || fi->state == ST_WAIT_CC) {
136 LOGPFSML(fi, LOGL_ERROR, "No active SCCP connection, dropping message!\n");
137 msgb_free(msg);
138 return;
139 }
140
141 rc = osmo_bsc_sigtran_send(conn, msg);
142 if (rc < 0)
143 LOGPFSML(fi, LOGL_ERROR, "Unable to deliver SCCP message!\n");
144}
145
146/* Generate and send assignment complete message */
147static void send_ass_compl(struct gsm_lchan *lchan, struct osmo_fsm_inst *fi)
148{
149 struct msgb *resp;
150 struct gsm0808_speech_codec sc;
151 struct gsm_subscriber_connection *conn;
152
153 conn = lchan->conn;
154
155 OSMO_ASSERT(lchan->abis_ip.ass_compl.valid);
156 OSMO_ASSERT(conn);
157
158 LOGPFSML(fi, LOGL_DEBUG, "Sending assignment complete message... (id=%i)\n", conn->sccp.conn_id);
159
160 /* Extrapolate speech codec from speech mode */
161 gsm0808_speech_codec_from_chan_type(&sc, lchan->abis_ip.ass_compl.speech_mode);
162
163 /* Generate message */
164 resp = gsm0808_create_ass_compl(lchan->abis_ip.ass_compl.rr_cause,
165 lchan->abis_ip.ass_compl.chosen_channel,
166 lchan->abis_ip.ass_compl.encr_alg_id,
167 lchan->abis_ip.ass_compl.speech_mode,
168 &conn->user_plane.aoip_rtp_addr_local, &sc, NULL);
169
170 if (!resp) {
171 LOGPFSML(fi, LOGL_ERROR, "Failed to generate assignment completed message! (id=%i)\n",
172 conn->sccp.conn_id);
173 }
174
175 sigtran_send(conn, resp, fi);
176}
177
178/* forward MT DTAP from BSSAP side to RSL side */
179static void submit_dtap(struct gsm_subscriber_connection *conn, struct msgb *msg, struct osmo_fsm_inst *fi)
180{
181 int rc;
182 struct msgb *resp = NULL;
183
184 OSMO_ASSERT(fi);
185 OSMO_ASSERT(msg);
186 OSMO_ASSERT(conn);
187
188 rc = gsm0808_submit_dtap(conn, msg, OBSC_LINKID_CB(msg), 1);
189 if (rc != 0) {
190 LOGPFSML(fi, LOGL_ERROR, "Tx BSSMAP CLEAR REQUEST to MSC\n");
191 resp = gsm0808_create_clear_rqst(GSM0808_CAUSE_EQUIPMENT_FAILURE);
192 sigtran_send(conn, resp, fi);
193 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
194 return;
195 }
196}
197
198/* forward MO DTAP from RSL side to BSSAP side */
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]199static void forward_dtap(struct gsm_subscriber_connection *conn, struct msgb *msg, struct osmo_fsm_inst *fi)
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]200{
201 struct msgb *resp = NULL;
202
203 OSMO_ASSERT(msg);
204 OSMO_ASSERT(conn);
205
206 resp = gsm0808_create_dtap(msg, OBSC_LINKID_CB(msg));
207 sigtran_send(conn, resp, fi);
208}
209
210/* In case there are open MGCP connections, toss
211 * those connections */
212static void toss_mgcp_conn(struct gsm_subscriber_connection *conn, struct osmo_fsm_inst *fi)
213{
214 LOGPFSML(fi, LOGL_ERROR, "tossing all MGCP connections...\n");
215
216 if (conn->user_plane.fi_bts) {
217 mgcp_conn_delete(conn->user_plane.fi_bts);
218 conn->user_plane.fi_bts = NULL;
219 }
220
221 if (conn->user_plane.fi_msc) {
222 mgcp_conn_delete(conn->user_plane.fi_msc);
223 conn->user_plane.fi_msc = NULL;
224 }
225
226 if (conn->user_plane.mgw_endpoint) {
227 talloc_free(conn->user_plane.mgw_endpoint);
228 conn->user_plane.mgw_endpoint = NULL;
229 }
230}
231
232static void gscon_fsm_init(struct osmo_fsm_inst *fi, uint32_t event, void *data)
233{
234 struct gsm_subscriber_connection *conn = fi->priv;
235 struct osmo_scu_prim *scu_prim = NULL;
236 struct msgb *msg = NULL;
237 int rc;
238
239 switch (event) {
240 case GSCON_EV_A_CONN_REQ:
241 /* RLL ESTABLISH IND with initial L3 Message */
242 msg = data;
243 /* FIXME: Extract Mobile ID and update FSM using osmo_fsm_inst_set_id()
244 * i.e. we will probably extract the mobile identity earlier, where the
245 * imsi filter code is. Then we could just use it here.
246 * related: OS#2969 */
247
248 rc = osmo_bsc_sigtran_open_conn(conn, msg);
249 if (rc < 0) {
250 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_ERROR, NULL);
251 } else {
252 /* SCCP T(conn est) is 1-2 minutes, way too long. The MS will timeout
253 * using T3210 (20s), T3220 (5s) or T3230 (10s) */
254 osmo_fsm_inst_state_chg(fi, ST_WAIT_CC, 20, 993210);
255 }
256 break;
257 case GSCON_EV_A_CONN_IND:
258 scu_prim = data;
259 if (!conn->sccp.msc) {
260 LOGPFSML(fi, LOGL_NOTICE, "N-CONNECT.ind from unknown MSC %s\n",
261 osmo_sccp_addr_dump(&scu_prim->u.connect.calling_addr));
262 osmo_sccp_tx_disconn(conn->sccp.msc->a.sccp_user, scu_prim->u.connect.conn_id,
263 &scu_prim->u.connect.called_addr, 0);
264 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, NULL);
265 }
266 /* FIXME: Extract optional IMSI and update FSM using osmo_fsm_inst_set_id()
267 * related: OS2969 (same as above) */
268
269 LOGPFSML(fi, LOGL_NOTICE, "No support for MSC-originated SCCP Connections yet\n");
270 osmo_sccp_tx_disconn(conn->sccp.msc->a.sccp_user, scu_prim->u.connect.conn_id,
271 &scu_prim->u.connect.called_addr, 0);
272 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, NULL);
273 break;
274 default:
275 OSMO_ASSERT(false);
276 break;
277 }
278}
279
280/* We've sent the CONNECTION.req to the SCCP provider and are waiting for CC from MSC */
281static void gscon_fsm_wait_cc(struct osmo_fsm_inst *fi, uint32_t event, void *data)
282{
283 switch (event) {
284 case GSCON_EV_A_CONN_CFM:
285 /* MSC has confirmed the connection, we now change into the
286 * active state and wait there for further operations */
287 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
288 /* if there's user payload, forward it just like EV_MT_DTAP */
289 /* FIXME: Question: if there's user payload attached to the CC, forward it like EV_MT_DTAP? */
290 break;
291 default:
292 OSMO_ASSERT(false);
293 break;
294 }
295}
296
297/* We're on an active subscriber connection, passing DTAP back and forth */
298static void gscon_fsm_active(struct osmo_fsm_inst *fi, uint32_t event, void *data)
299{
300 struct gsm_subscriber_connection *conn = fi->priv;
301 struct msgb *resp = NULL;
302 struct mgcp_conn_peer conn_peer;
303 int rc;
304
305 switch (event) {
306 case GSCON_EV_A_ASSIGNMENT_CMD:
307 /* MSC requests us to perform assignment, this code section is
308 * triggered via signal GSCON_EV_A_ASSIGNMENT_CMD from
309 * bssmap_handle_assignm_req() in osmo_bsc_bssap.c, which does
310 * the parsing of incoming assignment requests. */
311
312 LOGPFSML(fi, LOGL_NOTICE, "Channel assignment: chan_mode=%s, full_rate=%i\n",
313 get_value_string(gsm48_chan_mode_names, conn->user_plane.chan_mode),
314 conn->user_plane.full_rate);
315
316 /* FIXME: We need to check if current channel is sufficient. If
317 * yes, do MODIFY. If not, do assignment (see commented lines below) */
318
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]319 switch (conn->user_plane.chan_mode) {
320 case GSM48_CMODE_SPEECH_V1:
321 case GSM48_CMODE_SPEECH_EFR:
322 case GSM48_CMODE_SPEECH_AMR:
323 /* A voice channel is requested, so we run down the
324 * mgcp-ass-mgcp state-chain (see FIXME above) */
325 memset(&conn_peer, 0, sizeof(conn_peer));
326 conn_peer.call_id = conn->sccp.conn_id;
327 osmo_strlcpy(conn_peer.endpoint, ENDPOINT_ID, sizeof(conn_peer.endpoint));
328
329 /* (Pre)Change state and create the connection */
330 osmo_fsm_inst_state_chg(fi, ST_WAIT_CRCX_BTS, MGCP_MGW_TIMEOUT, MGCP_MGW_TIMEOUT_TIMER_NR);
331 conn->user_plane.fi_bts =
332 mgcp_conn_create(conn->network->mgw.client, fi, GSCON_EV_MGW_FAIL_BTS,
333 GSCON_EV_MGW_CRCX_RESP_BTS, &conn_peer);
334 if (!conn->user_plane.fi_bts) {
335 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
336 sigtran_send(conn, resp, fi);
337 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
338 return;
339 }
340 break;
341 case GSM48_CMODE_SIGN:
342 /* A signalling channel is requested, so we perform the
343 * channel assignment directly without performing any
344 * MGCP actions. ST_WAIT_ASS_CMPL will see by the
345 * conn->user_plane.chan_mode parameter that this
346 * assignment is for a signalling channel and will then
347 * change back to ST_ACTIVE (here) immediately. */
Harald Welte6900f812018-03-21 21:29:03 +0100[diff] [blame^]348 rc = gsm0808_assign_req(conn, conn->user_plane.chan_mode,
349 conn->user_plane.full_rate);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]350 if (rc != 0) {
351 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
352 sigtran_send(conn, resp, fi);
353 return;
354 }
355
356 osmo_fsm_inst_state_chg(fi, ST_WAIT_ASS_CMPL, GSM0808_T10_VALUE, GSM0808_T10_TIMER_NR);
357 break;
358 default:
359 /* An unsupported channel is requested, so we have to
360 * reject this request by sending an assignment failure
361 * message immediately */
Pau Espin Pedrol55677de2018-03-17 01:12:33 +0100[diff] [blame]362 LOGPFSML(fi, LOGL_ERROR, "Requested channel mode is not supported! chan_mode=%s full_rate=%d\n",
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]363 get_value_string(gsm48_chan_mode_names, conn->user_plane.chan_mode),
364 conn->user_plane.full_rate);
365
366 /* The requested channel mode is not supported */
367 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_REQ_CODEC_TYPE_OR_CONFIG_NOT_SUPP, NULL);
368 sigtran_send(conn, resp, fi);
369 break;
370 }
371 break;
372 case GSCON_EV_HO_START:
373 rc = bsc_handover_start_gscon(conn);
374 if (rc) {
375 resp = gsm0808_create_clear_rqst(GSM0808_CAUSE_EQUIPMENT_FAILURE);
376 sigtran_send(conn, resp, fi);
377 osmo_fsm_inst_state_chg(fi, ST_CLEARING, 0, 0);
378 return;
379 }
380
381 /* Note: No timeout is set here, T3103 in handover_logic.c
382 * will generate a GSCON_EV_HO_TIMEOUT event should the
383 * handover time out, so we do not need another timeout
384 * here (maybe its worth to think about giving GSCON
385 * more power over the actual handover process). */
386 osmo_fsm_inst_state_chg(fi, ST_WAIT_HO_COMPL, 0, 0);
387 break;
388 case GSCON_EV_A_HO_REQ:
389 /* FIXME: reject any handover requests with HO FAIL until implemented */
390 break;
391 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]392 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]393 break;
394 case GSCON_EV_MT_DTAP:
395 submit_dtap(conn, (struct msgb *)data, fi);
396 break;
397 case GSCON_EV_TX_SCCP:
398 sigtran_send(conn, (struct msgb *)data, fi);
399 break;
400 default:
401 OSMO_ASSERT(false);
402 break;
403 }
404}
405
406/* Before we may start the channel assignment we need to get an IP/Port for the
407 * RTP connection from the MGW */
408static void gscon_fsm_wait_crcx_bts(struct osmo_fsm_inst *fi, uint32_t event, void *data)
409{
410 struct gsm_subscriber_connection *conn = fi->priv;
411 struct mgcp_conn_peer *conn_peer = NULL;
412 struct msgb *resp = NULL;
413 int rc;
414
415 switch (event) {
416 case GSCON_EV_MGW_CRCX_RESP_BTS:
417 conn_peer = data;
418
Philipp Maier393165c2018-03-21 11:15:33 +0100[diff] [blame]419 /* Check if the MGW has assigned an enpoint to us, otherwise we
420 * can not proceed. */
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]421 if (strlen(conn_peer->endpoint) <= 0) {
422 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
423 sigtran_send(conn, resp, fi);
424 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
425 return;
426 }
427
428 /* Memorize the endpoint name we got assigned from the MGW.
429 * When the BTS sided connection is done, we need to create
430 * a second connection on that same endpoint, so we need
431 * to know its ID */
432 if (!conn->user_plane.mgw_endpoint)
433 conn->user_plane.mgw_endpoint = talloc_zero_size(conn, MGCP_ENDPOINT_MAXLEN);
434 OSMO_ASSERT(conn->user_plane.mgw_endpoint);
435 osmo_strlcpy(conn->user_plane.mgw_endpoint, conn_peer->endpoint, MGCP_ENDPOINT_MAXLEN);
436
437 /* Store the IP-Address and the port the MGW assigned to us,
438 * then start the channel assignment. */
439 conn->user_plane.rtp_port = conn_peer->port;
440 conn->user_plane.rtp_ip = osmo_ntohl(inet_addr(conn_peer->addr));
Harald Welte6900f812018-03-21 21:29:03 +0100[diff] [blame^]441 rc = gsm0808_assign_req(conn, conn->user_plane.chan_mode, conn->user_plane.full_rate);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]442 if (rc != 0) {
443 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_RQSTED_SPEECH_VERSION_UNAVAILABLE, NULL);
444 sigtran_send(conn, resp, fi);
445 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
446 return;
447 }
448
449 osmo_fsm_inst_state_chg(fi, ST_WAIT_ASS_CMPL, GSM0808_T10_VALUE, GSM0808_T10_TIMER_NR);
450 break;
451 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]452 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]453 break;
454 case GSCON_EV_MT_DTAP:
455 submit_dtap(conn, (struct msgb *)data, fi);
456 break;
457 case GSCON_EV_TX_SCCP:
458 sigtran_send(conn, (struct msgb *)data, fi);
459 break;
460 default:
461 OSMO_ASSERT(false);
462 break;
463 }
464}
465
466/* We're waiting for an ASSIGNMENT COMPLETE from MS */
467static void gscon_fsm_wait_ass_cmpl(struct osmo_fsm_inst *fi, uint32_t event, void *data)
468{
469 struct gsm_subscriber_connection *conn = fi->priv;
470 struct gsm_lchan *lchan = conn->lchan;
471 struct mgcp_conn_peer conn_peer;
472 struct in_addr addr;
473 struct msgb *resp = NULL;
474 int rc;
475
476 switch (event) {
477 case GSCON_EV_RR_ASS_COMPL:
478 switch (conn->user_plane.chan_mode) {
479 case GSM48_CMODE_SPEECH_V1:
480 case GSM48_CMODE_SPEECH_EFR:
481 case GSM48_CMODE_SPEECH_AMR:
482 /* FIXME: What if we are using SCCP-Lite? */
483
484 /* We are dealing with a voice channel, so we can not
485 * confirm the assignment directly. We must first do
486 * some final steps on the MGCP side. */
487
488 /* Prepare parameters with the information we got during the assignment */
489 memset(&conn_peer, 0, sizeof(conn_peer));
490 addr.s_addr = osmo_ntohl(lchan->abis_ip.bound_ip);
491 osmo_strlcpy(conn_peer.addr, inet_ntoa(addr), sizeof(conn_peer.addr));
492 conn_peer.port = lchan->abis_ip.bound_port;
493
494 /* (Pre)Change state and modify the connection */
495 osmo_fsm_inst_state_chg(fi, ST_WAIT_MDCX_BTS, MGCP_MGW_TIMEOUT, MGCP_MGW_TIMEOUT_TIMER_NR);
496 rc = mgcp_conn_modify(conn->user_plane.fi_bts, GSCON_EV_MGW_MDCX_RESP_BTS, &conn_peer);
497 if (rc != 0) {
498 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
499 sigtran_send(conn, resp, fi);
500 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
501 return;
502 }
503 break;
504 case GSM48_CMODE_SIGN:
505 /* Confirm the successful assignment on BSSMAP and
506 * change back into active state */
507 send_ass_compl(lchan, fi);
508 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
509 break;
510 default:
511 /* Unsupported modes should have been already filtered
512 * by gscon_fsm_active(). If we reach the default
513 * section here anyway than some unsupported mode must
514 * have made it into the FSM, this would be a bug, so
515 * we fire an assertion here */
516 OSMO_ASSERT(false);
517 break;
518 }
519
520 break;
521 case GSCON_EV_RR_ASS_FAIL:
522 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_RQSTED_TERRESTRIAL_RESOURCE_UNAVAILABLE, NULL);
523 sigtran_send(conn, resp, fi);
524 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
525 break;
526 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]527 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]528 break;
529 case GSCON_EV_MT_DTAP:
530 submit_dtap(conn, (struct msgb *)data, fi);
531 break;
532 case GSCON_EV_TX_SCCP:
533 sigtran_send(conn, (struct msgb *)data, fi);
534 break;
535 default:
536 OSMO_ASSERT(false);
537 break;
538 }
539}
540
541/* We are waiting for the MGW response to the MDCX */
542static void gscon_fsm_wait_mdcx_bts(struct osmo_fsm_inst *fi, uint32_t event, void *data)
543{
544 struct gsm_subscriber_connection *conn = fi->priv;
545 struct mgcp_conn_peer conn_peer;
546 struct sockaddr_in *sin = NULL;
547 struct msgb *resp = NULL;
548
549 switch (event) {
550 case GSCON_EV_MGW_MDCX_RESP_BTS:
551
552 /* Prepare parameters with the connection information we got
553 * with the assignment command */
554 memset(&conn_peer, 0, sizeof(conn_peer));
555 conn_peer.call_id = conn->sccp.conn_id;
556 sin = (struct sockaddr_in *)&conn->user_plane.aoip_rtp_addr_remote;
557 conn_peer.port = osmo_ntohs(sin->sin_port);
558 osmo_strlcpy(conn_peer.addr, inet_ntoa(sin->sin_addr), sizeof(conn_peer.addr));
559
560 /* Make sure we use the same endpoint where we created the
561 * BTS connection. */
562 osmo_strlcpy(conn_peer.endpoint, conn->user_plane.mgw_endpoint, sizeof(conn_peer.endpoint));
563
564 /* (Pre)Change state and create the connection */
565 osmo_fsm_inst_state_chg(fi, ST_WAIT_CRCX_MSC, MGCP_MGW_TIMEOUT, MGCP_MGW_TIMEOUT_TIMER_NR);
566 conn->user_plane.fi_msc =
567 mgcp_conn_create(conn->network->mgw.client, fi, GSCON_EV_MGW_FAIL_MSC, GSCON_EV_MGW_CRCX_RESP_MSC,
568 &conn_peer);
569 if (!conn->user_plane.fi_bts) {
570 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
571 sigtran_send(conn, resp, fi);
572 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
573 return;
574 }
575
576 break;
577 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]578 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]579 break;
580 case GSCON_EV_MT_DTAP:
581 submit_dtap(conn, (struct msgb *)data, fi);
582 break;
583 case GSCON_EV_TX_SCCP:
584 sigtran_send(conn, (struct msgb *)data, fi);
585 break;
586 default:
587 OSMO_ASSERT(false);
588 break;
589 }
590}
591
592static void gscon_fsm_wait_crcx_msc(struct osmo_fsm_inst *fi, uint32_t event, void *data)
593{
594 struct gsm_subscriber_connection *conn = fi->priv;
595 struct mgcp_conn_peer *conn_peer = NULL;
596 struct gsm_lchan *lchan = conn->lchan;
597 struct sockaddr_in *sin = NULL;
598
599 switch (event) {
600 case GSCON_EV_MGW_CRCX_RESP_MSC:
601 conn_peer = data;
602
603 /* Store address information we got in response from the CRCX command. */
604 sin = (struct sockaddr_in *)&conn->user_plane.aoip_rtp_addr_local;
605 sin->sin_family = AF_INET;
606 sin->sin_addr.s_addr = inet_addr(conn_peer->addr);
607 sin->sin_port = osmo_ntohs(conn_peer->port);
608
609 /* Send assignment complete message to the MSC */
610 send_ass_compl(lchan, fi);
611
612 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
613
614 break;
615 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]616 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]617 break;
618 case GSCON_EV_MT_DTAP:
619 submit_dtap(conn, (struct msgb *)data, fi);
620 break;
621 case GSCON_EV_TX_SCCP:
622 sigtran_send(conn, (struct msgb *)data, fi);
623 break;
624 default:
625 OSMO_ASSERT(false);
626 break;
627 }
628}
629
630/* We're waiting for a MODE MODIFY ACK from MS + BTS */
631static void gscon_fsm_wait_mode_modify_ack(struct osmo_fsm_inst *fi, uint32_t event, void *data)
632{
633 struct gsm_subscriber_connection *conn = fi->priv;
634 struct gsm_lchan *lchan = conn->lchan;
635
636 switch (event) {
637 case GSCON_EV_RR_MODE_MODIFY_ACK:
638 /* we assume that not only have we received the RR MODE_MODIFY_ACK, but
639 * actually that also the BTS side of the channel mode has been changed accordingly */
640 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
641
642 /* FIXME: Check if this requires special handling. For now I assume that the send_ass_compl()
643 * can be used. But I am not sure. */
644 send_ass_compl(lchan, fi);
645
646 break;
647 /* FIXME: Do we need to handle DTAP traffic in this state? Maybe yes? Needs to be checked. */
648 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]649 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]650 break;
651 case GSCON_EV_MT_DTAP:
652 submit_dtap(conn, (struct msgb *)data, fi);
653 break;
654 case GSCON_EV_TX_SCCP:
655 sigtran_send(conn, (struct msgb *)data, fi);
656 break;
657 default:
658 OSMO_ASSERT(false);
659 break;
660 }
661}
662
663static void gscon_fsm_clearing(struct osmo_fsm_inst *fi, uint32_t event, void *data)
664{
665 struct gsm_subscriber_connection *conn = fi->priv;
666 struct msgb *resp;
667
668 switch (event) {
669 case GSCON_EV_RSL_CLEAR_COMPL:
670 resp = gsm0808_create_clear_complete();
671 sigtran_send(conn, resp, fi);
672 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, data);
673 break;
674 default:
675 OSMO_ASSERT(false);
676 break;
677 }
678}
679
680/* Wait for the handover logic to tell us whether the handover completed,
681 * failed or has timed out */
682static void gscon_fsm_wait_ho_compl(struct osmo_fsm_inst *fi, uint32_t event, void *data)
683{
684 struct gsm_subscriber_connection *conn = fi->priv;
685 struct mgcp_conn_peer conn_peer;
686 struct gsm_lchan *lchan = conn->lchan;
687 struct in_addr addr;
688 struct msgb *resp;
689 int rc;
690
691 switch (event) {
692 case GSCON_EV_HO_COMPL:
693 /* The handover logic informs us that the handover has been
694 * completet. Now we have to tell the MGW the IP/Port on the
695 * new BTS so that the uplink RTP traffic can be redirected
696 * there. */
697
698 /* Prepare parameters with the information we got during the
699 * handover procedure (via IPACC) */
700 memset(&conn_peer, 0, sizeof(conn_peer));
701 addr.s_addr = osmo_ntohl(lchan->abis_ip.bound_ip);
702 osmo_strlcpy(conn_peer.addr, inet_ntoa(addr), sizeof(conn_peer.addr));
703 conn_peer.port = lchan->abis_ip.bound_port;
704
705 /* (Pre)Change state and modify the connection */
706 osmo_fsm_inst_state_chg(fi, ST_WAIT_MDCX_BTS_HO, MGCP_MGW_TIMEOUT, MGCP_MGW_HO_TIMEOUT_TIMER_NR);
707 rc = mgcp_conn_modify(conn->user_plane.fi_bts, GSCON_EV_MGW_MDCX_RESP_BTS, &conn_peer);
708 if (rc != 0) {
709 resp = gsm0808_create_clear_rqst(GSM0808_CAUSE_EQUIPMENT_FAILURE);
710 sigtran_send(conn, resp, fi);
711 osmo_fsm_inst_state_chg(fi, ST_CLEARING, 0, 0);
712 return;
713 }
714 break;
715 case GSCON_EV_HO_TIMEOUT:
716 case GSCON_EV_HO_FAIL:
717 /* The handover logic informs us that the handover failed for
718 * some reason. This means the phone stays on the TS/BTS on
719 * which it currently is. We will change back to the active
720 * state again as there are no further operations needed */
721 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
722 break;
723 default:
724 OSMO_ASSERT(false);
725 break;
726 }
727}
728
729/* Wait for the MGW to confirm handover related modification of the connection
730 * parameters */
731static void gscon_fsm_wait_mdcx_bts_ho(struct osmo_fsm_inst *fi, uint32_t event, void *data)
732{
733 struct gsm_subscriber_connection *conn = fi->priv;
734
735 switch (event) {
736 case GSCON_EV_MGW_MDCX_RESP_BTS:
737 /* The MGW has confirmed the handover MDCX, and the handover
738 * is now also done on the RTP side. We may now change back
739 * to the active state. */
740 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
741 break;
742 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]743 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]744 break;
745 case GSCON_EV_MT_DTAP:
746 submit_dtap(conn, (struct msgb *)data, fi);
747 break;
748 case GSCON_EV_TX_SCCP:
749 sigtran_send(conn, (struct msgb *)data, fi);
750 break;
751 default:
752 OSMO_ASSERT(false);
753 break;
754 }
755}
756
757#define EV_TRANSPARENT_SCCP S(GSCON_EV_TX_SCCP) | S(GSCON_EV_MO_DTAP) | S(GSCON_EV_MT_DTAP)
758
759static const struct osmo_fsm_state gscon_fsm_states[] = {
760 [ST_INIT] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]761 .name = OSMO_STRINGIFY(INIT),
762 .in_event_mask = S(GSCON_EV_A_CONN_REQ) | S(GSCON_EV_A_CONN_IND),
763 .out_state_mask = S(ST_WAIT_CC),
764 .action = gscon_fsm_init,
765 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]766 [ST_WAIT_CC] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]767 .name = OSMO_STRINGIFY(WAIT_CC),
768 .in_event_mask = S(GSCON_EV_A_CONN_CFM),
769 .out_state_mask = S(ST_ACTIVE),
770 .action = gscon_fsm_wait_cc,
771 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]772 [ST_ACTIVE] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]773 .name = OSMO_STRINGIFY(ACTIVE),
774 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_A_ASSIGNMENT_CMD) |
775 S(GSCON_EV_A_HO_REQ) | S(GSCON_EV_HO_START),
776 .out_state_mask = S(ST_CLEARING) | S(ST_WAIT_CRCX_BTS) | S(ST_WAIT_ASS_CMPL) |
777 S(ST_WAIT_MODE_MODIFY_ACK) | S(ST_WAIT_MO_HO_CMD) | S(ST_WAIT_HO_COMPL),
778 .action = gscon_fsm_active,
779 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]780 [ST_WAIT_CRCX_BTS] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]781 .name = OSMO_STRINGIFY(WAIT_CRCX_BTS),
782 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_MGW_CRCX_RESP_BTS),
783 .out_state_mask = S(ST_ACTIVE) | S(ST_WAIT_ASS_CMPL),
784 .action = gscon_fsm_wait_crcx_bts,
785 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]786 [ST_WAIT_ASS_CMPL] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]787 .name = OSMO_STRINGIFY(WAIT_ASS_CMPL),
788 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_RR_ASS_COMPL) | S(GSCON_EV_RR_ASS_FAIL),
789 .out_state_mask = S(ST_ACTIVE) | S(ST_WAIT_MDCX_BTS),
790 .action = gscon_fsm_wait_ass_cmpl,
791 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]792 [ST_WAIT_MDCX_BTS] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]793 .name = OSMO_STRINGIFY(WAIT_MDCX_BTS),
794 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_MGW_MDCX_RESP_BTS),
795 .out_state_mask = S(ST_ACTIVE) | S(ST_WAIT_CRCX_MSC),
796 .action = gscon_fsm_wait_mdcx_bts,
797 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]798 [ST_WAIT_CRCX_MSC] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]799 .name = OSMO_STRINGIFY(WAIT_CRCX_MSC),
800 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_MGW_CRCX_RESP_MSC),
801 .out_state_mask = S(ST_ACTIVE),
802 .action = gscon_fsm_wait_crcx_msc,
803 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]804 [ST_WAIT_MODE_MODIFY_ACK] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]805 .name = OSMO_STRINGIFY(WAIT_MODE_MODIFY_ACK),
806 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_RR_MODE_MODIFY_ACK),
807 .out_state_mask = S(ST_ACTIVE) | S(ST_CLEARING),
808 .action = gscon_fsm_wait_mode_modify_ack,
809 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]810 [ST_CLEARING] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]811 .name = OSMO_STRINGIFY(CLEARING),
812 .in_event_mask = S(GSCON_EV_RSL_CLEAR_COMPL),
813 .action = gscon_fsm_clearing,
814 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]815
816 /* TODO: external handover, probably it makes sense to break up the
817 * program flow in handover_logic.c a bit and handle some of the logic
818 * here? */
819 [ST_WAIT_MT_HO_ACC] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]820 .name = OSMO_STRINGIFY(WAIT_MT_HO_ACC),
821 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]822 [ST_WAIT_MT_HO_COMPL] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]823 .name = OSMO_STRINGIFY(WAIT_MT_HO_COMPL),
824 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]825 [ST_WAIT_MO_HO_CMD] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]826 .name = OSMO_STRINGIFY(WAIT_MO_HO_CMD),
827 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]828 [ST_MO_HO_PROCEEDING] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]829 .name = OSMO_STRINGIFY(MO_HO_PROCEEDING),
830 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]831
832 /* Internal handover */
833 [ST_WAIT_HO_COMPL] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]834 .name = OSMO_STRINGIFY(WAIT_HO_COMPL),
835 .in_event_mask = S(GSCON_EV_HO_COMPL) | S(GSCON_EV_HO_FAIL) | S(GSCON_EV_HO_TIMEOUT),
836 .out_state_mask = S(ST_ACTIVE) | S(ST_WAIT_MDCX_BTS_HO),
837 .action = gscon_fsm_wait_ho_compl,
838 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]839 [ST_WAIT_MDCX_BTS_HO] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]840 .name = OSMO_STRINGIFY(WAIT_MDCX_BTS_HO),
841 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_MGW_MDCX_RESP_BTS),
842 .action = gscon_fsm_wait_mdcx_bts_ho,
843 .out_state_mask = S(ST_ACTIVE),
844 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]845};
846
847static void gscon_fsm_allstate(struct osmo_fsm_inst *fi, uint32_t event, void *data)
848{
849 struct gsm_subscriber_connection *conn = fi->priv;
850 struct msgb *resp = NULL;
851
852 /* When a connection on the MGW fails, make sure that the reference
853 * in our book-keeping is erased. */
854 switch (event) {
855 case GSCON_EV_MGW_FAIL_BTS:
856 conn->user_plane.fi_bts = NULL;
857 break;
858 case GSCON_EV_MGW_FAIL_MSC:
859 conn->user_plane.fi_msc = NULL;
860 break;
861 }
862
863 /* Regular allstate event processing */
864 switch (event) {
865 case GSCON_EV_MGW_FAIL_BTS:
866 case GSCON_EV_MGW_FAIL_MSC:
867 /* Note: An MGW connection die per definition at any time.
868 * However, if it dies during the assignment we must return
869 * with an assignment failure */
Philipp Maier70fcde62018-03-21 11:17:32 +0100[diff] [blame]870 OSMO_ASSERT(fi->state != ST_INIT && fi->state != ST_WAIT_CC);
871 if (fi->state == ST_WAIT_CRCX_BTS || fi->state == ST_WAIT_ASS_CMPL || fi->state == ST_WAIT_MDCX_BTS
872 || fi->state == ST_WAIT_CRCX_MSC) {
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]873 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
874 sigtran_send(conn, resp, fi);
875 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
876 }
877 break;
878 case GSCON_EV_A_CLEAR_CMD:
879 /* MSC tells us to cleanly shut down */
880 osmo_fsm_inst_state_chg(fi, ST_CLEARING, 0, 0);
881 gsm0808_clear(conn);
882 /* FIXME: Release all terestrial resources in ST_CLEARING */
883 /* According to 3GPP 48.008 3.1.9.1. "The BSS need not wait for the radio channel
884 * release to be completed or for the guard timer to expire before returning the
885 * CLEAR COMPLETE message" */
886
887 /* Close MGCP connections */
888 toss_mgcp_conn(conn, fi);
889
890 /* FIXME: Question: Is this a hack to force a clear complete from internel?
891 * nobody seems to send the event from outside? */
892 osmo_fsm_inst_dispatch(conn->fi, GSCON_EV_RSL_CLEAR_COMPL, NULL);
893 break;
894 case GSCON_EV_A_DISC_IND:
895 /* MSC or SIGTRAN network has hard-released SCCP connection,
896 * terminate the FSM now. */
897 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, data);
898 break;
899 case GSCON_EV_RLL_REL_IND:
900 /* BTS reports that one of the LAPDm data links was released */
901 /* send proper clear request to MSC */
902 LOGPFSML(fi, LOGL_DEBUG, "Tx BSSMAP CLEAR REQUEST to MSC\n");
903 resp = gsm0808_create_clear_rqst(GSM0808_CAUSE_RADIO_INTERFACE_MESSAGE_FAILURE);
904 sigtran_send(conn, resp, fi);
905 break;
906 case GSCON_EV_RSL_CONN_FAIL:
907 LOGPFSML(fi, LOGL_DEBUG, "Tx BSSMAP CLEAR REQUEST to MSC\n");
908 resp = gsm0808_create_clear_rqst(GSM0808_CAUSE_RADIO_INTERFACE_FAILURE);
909 sigtran_send(conn, resp, fi);
910 break;
911 default:
912 OSMO_ASSERT(false);
913 break;
914 }
915}
916
917void ho_dtap_cache_flush(struct gsm_subscriber_connection *conn, int send);
918
919static void gscon_cleanup(struct osmo_fsm_inst *fi, enum osmo_fsm_term_cause cause)
920{
921 struct gsm_subscriber_connection *conn = fi->priv;
922
923 if (conn->ho) {
924 LOGPFSML(fi, LOGL_DEBUG, "Releasing handover state\n");
925 bsc_clear_handover(conn, 1);
926 conn->ho = NULL;
927 }
928
929 if (conn->secondary_lchan) {
930 LOGPFSML(fi, LOGL_DEBUG, "Releasing secondary_lchan\n");
931 lchan_release(conn->secondary_lchan, 0, RSL_REL_LOCAL_END);
932 conn->secondary_lchan = NULL;
933 }
934 if (conn->lchan) {
935 LOGPFSML(fi, LOGL_DEBUG, "Releasing lchan\n");
936 lchan_release(conn->lchan, 0, RSL_REL_LOCAL_END);
937 conn->lchan = NULL;
938 }
939
940 if (conn->bsub) {
941 LOGPFSML(fi, LOGL_DEBUG, "Putting bsc_subscr\n");
942 bsc_subscr_put(conn->bsub);
943 conn->bsub = NULL;
944 }
945
946 if (conn->sccp.state != SUBSCR_SCCP_ST_NONE) {
947 LOGPFSML(fi, LOGL_DEBUG, "Disconnecting SCCP\n");
948 struct bsc_msc_data *msc = conn->sccp.msc;
949 /* FIXME: include a proper cause value / error message? */
950 osmo_sccp_tx_disconn(msc->a.sccp_user, conn->sccp.conn_id, &msc->a.bsc_addr, 0);
951 conn->sccp.state = SUBSCR_SCCP_ST_NONE;
952 }
953
954 /* drop pending messages */
955 ho_dtap_cache_flush(conn, 0);
956
957 penalty_timers_free(&conn->hodec2.penalty_timers);
958
959 llist_del(&conn->entry);
960 talloc_free(conn);
961 fi->priv = NULL;
962}
963
964static void gscon_pre_term(struct osmo_fsm_inst *fi, enum osmo_fsm_term_cause cause)
965{
966 struct gsm_subscriber_connection *conn = fi->priv;
967
968 /* Make sure all possibly still open MGCP connections get closed */
969 toss_mgcp_conn(conn, fi);
970}
971
972static int gscon_timer_cb(struct osmo_fsm_inst *fi)
973{
974 struct gsm_subscriber_connection *conn = fi->priv;
975 struct msgb *resp = NULL;
976
977 switch (fi->T) {
978 case 993210:
979 /* MSC has not responded/confirmed connection witH CC */
980 /* N-DISCONNET.req is sent in gscon_cleanup() above */
981 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, NULL);
982 break;
983 case GSM0808_T10_TIMER_NR: /* Assignment Failed */
984 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_RADIO_INTERFACE_FAILURE, NULL);
985 sigtran_send(conn, resp, fi);
986 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
987 break;
988 case MGCP_MGW_TIMEOUT_TIMER_NR: /* Assignment failed (no response from MGW) */
989 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
990 sigtran_send(conn, resp, fi);
991 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
992 break;
993 case MGCP_MGW_HO_TIMEOUT_TIMER_NR: /* Handover failed (no response from MGW) */
994 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
995 break;
996 default:
997 OSMO_ASSERT(false);
998 }
999 return 0;
1000}
1001
1002static struct osmo_fsm gscon_fsm = {
1003 .name = "SUBSCR_CONN",
1004 .states = gscon_fsm_states,
1005 .num_states = ARRAY_SIZE(gscon_fsm_states),
1006 .allstate_event_mask = S(GSCON_EV_A_DISC_IND) | S(GSCON_EV_A_CLEAR_CMD) | S(GSCON_EV_RSL_CONN_FAIL) |
1007 S(GSCON_EV_RLL_REL_IND) | S(GSCON_EV_MGW_FAIL_BTS) | S(GSCON_EV_MGW_FAIL_MSC),
1008 .allstate_action = gscon_fsm_allstate,
1009 .cleanup = gscon_cleanup,
1010 .pre_term = gscon_pre_term,
1011 .timer_cb = gscon_timer_cb,
1012 .log_subsys = DMSC,
1013 .event_names = gscon_fsm_event_names,
1014};
1015
1016/* Allocate a subscriber connection and its associated FSM */
1017struct gsm_subscriber_connection *bsc_subscr_con_allocate(struct gsm_network *net)
1018{
1019 struct gsm_subscriber_connection *conn;
1020 static bool g_initialized = false;
1021
1022 if (!g_initialized) {
1023 osmo_fsm_register(&gscon_fsm);
1024 g_initialized = true;
1025 }
1026
1027 conn = talloc_zero(net, struct gsm_subscriber_connection);
1028 if (!conn)
1029 return NULL;
1030
1031 conn->network = net;
1032 INIT_LLIST_HEAD(&conn->ho_dtap_cache);
1033 /* BTW, penalty timers will be initialized on-demand. */
1034 conn->sccp.conn_id = -1;
1035
1036 /* don't allocate from 'conn' context, as gscon_cleanup() will call talloc_free(conn) before
1037 * libosmocore will call talloc_free(conn->fi), i.e. avoid use-after-free during cleanup */
1038 conn->fi = osmo_fsm_inst_alloc(&gscon_fsm, net, conn, LOGL_NOTICE, NULL);
1039 if (!conn->fi) {
1040 talloc_free(conn);
1041 return NULL;
1042 }
1043
1044 llist_add_tail(&conn->entry, &net->subscr_conns);
1045 return conn;
1046}