Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-bsc / 70fcde63a1ac94e9d37b368423e02457c6e97721 / . / src / libbsc / bsc_subscr_conn_fsm.c
blob: dc088a1f06fa9cf327ac6548072b75c643c93951 [file] [log] [blame]
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]1/* (C) 2017 by Harald Welte <laforge@gnumonks.org>
2 * All Rights Reserved
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU Affero General Public License as published by
6 * the Free Software Foundation; either version 3 of the License, or
7 * (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU Affero General Public License for more details.
13 *
14 * You should have received a copy of the GNU Affero General Public License
15 * along with this program. If not, see <http://www.gnu.org/licenses/>.
16 *
17 */
18
19#include <osmocom/core/fsm.h>
20#include <osmocom/core/logging.h>
21#include <osmocom/gsm/gsm0808.h>
22#include <osmocom/sigtran/sccp_sap.h>
23#include <osmocom/gsm/gsm0808_utils.h>
24
25#include <osmocom/bsc/debug.h>
26#include <osmocom/bsc/bsc_api.h>
27#include <osmocom/bsc/gsm_data.h>
28#include <osmocom/bsc/handover.h>
29#include <osmocom/bsc/chan_alloc.h>
30#include <osmocom/bsc/bsc_subscriber.h>
31#include <osmocom/bsc/osmo_bsc_sigtran.h>
32#include <osmocom/bsc/bsc_subscr_conn_fsm.h>
33#include <osmocom/bsc/osmo_bsc.h>
34#include <osmocom/bsc/penalty_timers.h>
35#include <osmocom/mgcp_client/mgcp_client_fsm.h>
36#include <osmocom/core/byteswap.h>
37
38#define S(x) (1 << (x))
39
40#define MGCP_MGW_TIMEOUT 4 /* in seconds */
41#define MGCP_MGW_TIMEOUT_TIMER_NR 1
42
43#define MGCP_MGW_HO_TIMEOUT 4 /* in seconds */
44#define MGCP_MGW_HO_TIMEOUT_TIMER_NR 2
45
46#define GSM0808_T10_TIMER_NR 10
47#define GSM0808_T10_VALUE 6
48
49#define ENDPOINT_ID "rtpbridge/*@mgw"
50
51enum gscon_fsm_states {
52 ST_INIT,
53 /* waiting for CC from MSC */
54 ST_WAIT_CC,
55 /* active connection */
56 ST_ACTIVE,
57 /* during assignment; waiting for ASS_CMPL */
58 ST_WAIT_ASS_CMPL,
59 /* during assignment; waiting for MODE_MODIFY_ACK */
60 ST_WAIT_MODE_MODIFY_ACK,
61 /* BSSMAP CLEAR has been received */
62 ST_CLEARING,
63
64/* MGW handling */
65 /* during assignment; waiting for MGW response to CRCX for BTS */
66 ST_WAIT_CRCX_BTS,
67 /* during assignment; waiting for MGW response to MDCX for BTS */
68 ST_WAIT_MDCX_BTS,
69 /* during assignment; waiting for MGW response to CRCX for MSC */
70 ST_WAIT_CRCX_MSC,
71
72/* MT (inbound) handover */
73 /* Wait for Handover Access from MS/BTS */
74 ST_WAIT_MT_HO_ACC,
75 /* Wait for RR Handover Complete from MS/BTS */
76 ST_WAIT_MT_HO_COMPL,
77
78/* MO (outbound) handover */
79 /* Wait for Handover Command / Handover Required Reject from MSC */
80 ST_WAIT_MO_HO_CMD,
81 /* Wait for Clear Command from MSC */
82 ST_MO_HO_PROCEEDING,
83
84/* Internal HO handling */
85 /* Wait for the handover logic to complete the handover */
86 ST_WAIT_HO_COMPL,
87 /* during handover; waiting for MGW response to MDCX for BTS */
88 ST_WAIT_MDCX_BTS_HO,
89};
90
91static const struct value_string gscon_fsm_event_names[] = {
92 {GSCON_EV_A_CONN_IND, "MT-CONNECT.ind"},
93 {GSCON_EV_A_CONN_REQ, "MO-CONNECT.req"},
94 {GSCON_EV_A_CONN_CFM, "MO-CONNECT.cfm"},
95 {GSCON_EV_A_ASSIGNMENT_CMD, "ASSIGNMENT_CMD"},
96 {GSCON_EV_A_CLEAR_CMD, "CLEAR_CMD"},
97 {GSCON_EV_A_DISC_IND, "DISCONNET.ind"},
98 {GSCON_EV_A_HO_REQ, "HANDOVER_REQUEST"},
99
100 {GSCON_EV_RR_ASS_COMPL, "RR_ASSIGN_COMPL"},
101 {GSCON_EV_RR_ASS_FAIL, "RR_ASSIGN_FAIL"},
102 {GSCON_EV_RR_MODE_MODIFY_ACK, "RR_MODE_MODIFY_ACK"},
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]103 {GSCON_EV_RLL_REL_IND, "RLL_RELEASE.ind"},
104 {GSCON_EV_RSL_CONN_FAIL, "RSL_CONN_FAIL.ind"},
105 {GSCON_EV_RSL_CLEAR_COMPL, "RSL_CLEAR_COMPLETE"},
106
107 {GSCON_EV_MO_DTAP, "MO-DTAP"},
108 {GSCON_EV_MT_DTAP, "MT-DTAP"},
109 {GSCON_EV_TX_SCCP, "TX_SCCP"},
110
111 {GSCON_EV_MGW_FAIL_BTS, "MGW_FAILURE_BTS"},
112 {GSCON_EV_MGW_FAIL_MSC, "MGW_FAILURE_MSC"},
113 {GSCON_EV_MGW_CRCX_RESP_BTS, "MGW_CRCX_RESPONSE_BTS"},
114 {GSCON_EV_MGW_MDCX_RESP_BTS, "MGW_MDCX_RESPONSE_BTS"},
115 {GSCON_EV_MGW_CRCX_RESP_MSC, "MGW_CRCX_RESPONSE_MSC"},
116
117 {GSCON_EV_HO_START, "HO_START"},
118 {GSCON_EV_HO_TIMEOUT, "HO_TIMEOUT"},
119 {GSCON_EV_HO_FAIL, "HO_FAIL"},
120 {GSCON_EV_HO_COMPL, "HO_COMPL"},
121
122 {0, NULL}
123};
124
125/* Send data SCCP message through SCCP connection. All sigtran messages
126 * that are send from this FSM must use this function. Never use
127 * osmo_bsc_sigtran_send() directly since this would defeat the checks
128 * provided by this function. */
129static void sigtran_send(struct gsm_subscriber_connection *conn, struct msgb *msg, struct osmo_fsm_inst *fi)
130{
131 int rc;
132
133 /* Make sure that we only attempt to send SCCP messages if we have
134 * a life SCCP connection. Otherwise drop the message. */
135 if (fi->state == ST_INIT || fi->state == ST_WAIT_CC) {
136 LOGPFSML(fi, LOGL_ERROR, "No active SCCP connection, dropping message!\n");
137 msgb_free(msg);
138 return;
139 }
140
141 rc = osmo_bsc_sigtran_send(conn, msg);
142 if (rc < 0)
143 LOGPFSML(fi, LOGL_ERROR, "Unable to deliver SCCP message!\n");
144}
145
146/* Generate and send assignment complete message */
147static void send_ass_compl(struct gsm_lchan *lchan, struct osmo_fsm_inst *fi)
148{
149 struct msgb *resp;
150 struct gsm0808_speech_codec sc;
151 struct gsm_subscriber_connection *conn;
152
153 conn = lchan->conn;
154
155 OSMO_ASSERT(lchan->abis_ip.ass_compl.valid);
156 OSMO_ASSERT(conn);
157
158 LOGPFSML(fi, LOGL_DEBUG, "Sending assignment complete message... (id=%i)\n", conn->sccp.conn_id);
159
160 /* Extrapolate speech codec from speech mode */
161 gsm0808_speech_codec_from_chan_type(&sc, lchan->abis_ip.ass_compl.speech_mode);
162
163 /* Generate message */
164 resp = gsm0808_create_ass_compl(lchan->abis_ip.ass_compl.rr_cause,
165 lchan->abis_ip.ass_compl.chosen_channel,
166 lchan->abis_ip.ass_compl.encr_alg_id,
167 lchan->abis_ip.ass_compl.speech_mode,
168 &conn->user_plane.aoip_rtp_addr_local, &sc, NULL);
169
170 if (!resp) {
171 LOGPFSML(fi, LOGL_ERROR, "Failed to generate assignment completed message! (id=%i)\n",
172 conn->sccp.conn_id);
173 }
174
175 sigtran_send(conn, resp, fi);
176}
177
178/* forward MT DTAP from BSSAP side to RSL side */
179static void submit_dtap(struct gsm_subscriber_connection *conn, struct msgb *msg, struct osmo_fsm_inst *fi)
180{
181 int rc;
182 struct msgb *resp = NULL;
183
184 OSMO_ASSERT(fi);
185 OSMO_ASSERT(msg);
186 OSMO_ASSERT(conn);
187
188 rc = gsm0808_submit_dtap(conn, msg, OBSC_LINKID_CB(msg), 1);
189 if (rc != 0) {
190 LOGPFSML(fi, LOGL_ERROR, "Tx BSSMAP CLEAR REQUEST to MSC\n");
191 resp = gsm0808_create_clear_rqst(GSM0808_CAUSE_EQUIPMENT_FAILURE);
192 sigtran_send(conn, resp, fi);
193 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
194 return;
195 }
196}
197
198/* forward MO DTAP from RSL side to BSSAP side */
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]199static void forward_dtap(struct gsm_subscriber_connection *conn, struct msgb *msg, struct osmo_fsm_inst *fi)
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]200{
201 struct msgb *resp = NULL;
202
203 OSMO_ASSERT(msg);
204 OSMO_ASSERT(conn);
205
206 resp = gsm0808_create_dtap(msg, OBSC_LINKID_CB(msg));
207 sigtran_send(conn, resp, fi);
208}
209
210/* In case there are open MGCP connections, toss
211 * those connections */
212static void toss_mgcp_conn(struct gsm_subscriber_connection *conn, struct osmo_fsm_inst *fi)
213{
214 LOGPFSML(fi, LOGL_ERROR, "tossing all MGCP connections...\n");
215
216 if (conn->user_plane.fi_bts) {
217 mgcp_conn_delete(conn->user_plane.fi_bts);
218 conn->user_plane.fi_bts = NULL;
219 }
220
221 if (conn->user_plane.fi_msc) {
222 mgcp_conn_delete(conn->user_plane.fi_msc);
223 conn->user_plane.fi_msc = NULL;
224 }
225
226 if (conn->user_plane.mgw_endpoint) {
227 talloc_free(conn->user_plane.mgw_endpoint);
228 conn->user_plane.mgw_endpoint = NULL;
229 }
230}
231
232static void gscon_fsm_init(struct osmo_fsm_inst *fi, uint32_t event, void *data)
233{
234 struct gsm_subscriber_connection *conn = fi->priv;
235 struct osmo_scu_prim *scu_prim = NULL;
236 struct msgb *msg = NULL;
237 int rc;
238
239 switch (event) {
240 case GSCON_EV_A_CONN_REQ:
241 /* RLL ESTABLISH IND with initial L3 Message */
242 msg = data;
243 /* FIXME: Extract Mobile ID and update FSM using osmo_fsm_inst_set_id()
244 * i.e. we will probably extract the mobile identity earlier, where the
245 * imsi filter code is. Then we could just use it here.
246 * related: OS#2969 */
247
248 rc = osmo_bsc_sigtran_open_conn(conn, msg);
249 if (rc < 0) {
250 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_ERROR, NULL);
251 } else {
252 /* SCCP T(conn est) is 1-2 minutes, way too long. The MS will timeout
253 * using T3210 (20s), T3220 (5s) or T3230 (10s) */
254 osmo_fsm_inst_state_chg(fi, ST_WAIT_CC, 20, 993210);
255 }
256 break;
257 case GSCON_EV_A_CONN_IND:
258 scu_prim = data;
259 if (!conn->sccp.msc) {
260 LOGPFSML(fi, LOGL_NOTICE, "N-CONNECT.ind from unknown MSC %s\n",
261 osmo_sccp_addr_dump(&scu_prim->u.connect.calling_addr));
262 osmo_sccp_tx_disconn(conn->sccp.msc->a.sccp_user, scu_prim->u.connect.conn_id,
263 &scu_prim->u.connect.called_addr, 0);
264 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, NULL);
265 }
266 /* FIXME: Extract optional IMSI and update FSM using osmo_fsm_inst_set_id()
267 * related: OS2969 (same as above) */
268
269 LOGPFSML(fi, LOGL_NOTICE, "No support for MSC-originated SCCP Connections yet\n");
270 osmo_sccp_tx_disconn(conn->sccp.msc->a.sccp_user, scu_prim->u.connect.conn_id,
271 &scu_prim->u.connect.called_addr, 0);
272 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, NULL);
273 break;
274 default:
275 OSMO_ASSERT(false);
276 break;
277 }
278}
279
280/* We've sent the CONNECTION.req to the SCCP provider and are waiting for CC from MSC */
281static void gscon_fsm_wait_cc(struct osmo_fsm_inst *fi, uint32_t event, void *data)
282{
283 switch (event) {
284 case GSCON_EV_A_CONN_CFM:
285 /* MSC has confirmed the connection, we now change into the
286 * active state and wait there for further operations */
287 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
288 /* if there's user payload, forward it just like EV_MT_DTAP */
289 /* FIXME: Question: if there's user payload attached to the CC, forward it like EV_MT_DTAP? */
290 break;
291 default:
292 OSMO_ASSERT(false);
293 break;
294 }
295}
296
297/* We're on an active subscriber connection, passing DTAP back and forth */
298static void gscon_fsm_active(struct osmo_fsm_inst *fi, uint32_t event, void *data)
299{
300 struct gsm_subscriber_connection *conn = fi->priv;
301 struct msgb *resp = NULL;
302 struct mgcp_conn_peer conn_peer;
303 int rc;
304
305 switch (event) {
306 case GSCON_EV_A_ASSIGNMENT_CMD:
307 /* MSC requests us to perform assignment, this code section is
308 * triggered via signal GSCON_EV_A_ASSIGNMENT_CMD from
309 * bssmap_handle_assignm_req() in osmo_bsc_bssap.c, which does
310 * the parsing of incoming assignment requests. */
311
312 LOGPFSML(fi, LOGL_NOTICE, "Channel assignment: chan_mode=%s, full_rate=%i\n",
313 get_value_string(gsm48_chan_mode_names, conn->user_plane.chan_mode),
314 conn->user_plane.full_rate);
315
316 /* FIXME: We need to check if current channel is sufficient. If
317 * yes, do MODIFY. If not, do assignment (see commented lines below) */
318
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]319 switch (conn->user_plane.chan_mode) {
320 case GSM48_CMODE_SPEECH_V1:
321 case GSM48_CMODE_SPEECH_EFR:
322 case GSM48_CMODE_SPEECH_AMR:
323 /* A voice channel is requested, so we run down the
324 * mgcp-ass-mgcp state-chain (see FIXME above) */
325 memset(&conn_peer, 0, sizeof(conn_peer));
326 conn_peer.call_id = conn->sccp.conn_id;
327 osmo_strlcpy(conn_peer.endpoint, ENDPOINT_ID, sizeof(conn_peer.endpoint));
328
329 /* (Pre)Change state and create the connection */
330 osmo_fsm_inst_state_chg(fi, ST_WAIT_CRCX_BTS, MGCP_MGW_TIMEOUT, MGCP_MGW_TIMEOUT_TIMER_NR);
331 conn->user_plane.fi_bts =
332 mgcp_conn_create(conn->network->mgw.client, fi, GSCON_EV_MGW_FAIL_BTS,
333 GSCON_EV_MGW_CRCX_RESP_BTS, &conn_peer);
334 if (!conn->user_plane.fi_bts) {
335 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
336 sigtran_send(conn, resp, fi);
337 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
338 return;
339 }
340 break;
341 case GSM48_CMODE_SIGN:
342 /* A signalling channel is requested, so we perform the
343 * channel assignment directly without performing any
344 * MGCP actions. ST_WAIT_ASS_CMPL will see by the
345 * conn->user_plane.chan_mode parameter that this
346 * assignment is for a signalling channel and will then
347 * change back to ST_ACTIVE (here) immediately. */
348 rc = gsm0808_assign_req(conn, conn->user_plane.full_rate, conn->user_plane.chan_mode);
349 if (rc != 0) {
350 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
351 sigtran_send(conn, resp, fi);
352 return;
353 }
354
355 osmo_fsm_inst_state_chg(fi, ST_WAIT_ASS_CMPL, GSM0808_T10_VALUE, GSM0808_T10_TIMER_NR);
356 break;
357 default:
358 /* An unsupported channel is requested, so we have to
359 * reject this request by sending an assignment failure
360 * message immediately */
Pau Espin Pedrol55677de2018-03-17 01:12:33 +0100[diff] [blame]361 LOGPFSML(fi, LOGL_ERROR, "Requested channel mode is not supported! chan_mode=%s full_rate=%d\n",
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]362 get_value_string(gsm48_chan_mode_names, conn->user_plane.chan_mode),
363 conn->user_plane.full_rate);
364
365 /* The requested channel mode is not supported */
366 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_REQ_CODEC_TYPE_OR_CONFIG_NOT_SUPP, NULL);
367 sigtran_send(conn, resp, fi);
368 break;
369 }
370 break;
371 case GSCON_EV_HO_START:
372 rc = bsc_handover_start_gscon(conn);
373 if (rc) {
374 resp = gsm0808_create_clear_rqst(GSM0808_CAUSE_EQUIPMENT_FAILURE);
375 sigtran_send(conn, resp, fi);
376 osmo_fsm_inst_state_chg(fi, ST_CLEARING, 0, 0);
377 return;
378 }
379
380 /* Note: No timeout is set here, T3103 in handover_logic.c
381 * will generate a GSCON_EV_HO_TIMEOUT event should the
382 * handover time out, so we do not need another timeout
383 * here (maybe its worth to think about giving GSCON
384 * more power over the actual handover process). */
385 osmo_fsm_inst_state_chg(fi, ST_WAIT_HO_COMPL, 0, 0);
386 break;
387 case GSCON_EV_A_HO_REQ:
388 /* FIXME: reject any handover requests with HO FAIL until implemented */
389 break;
390 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]391 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]392 break;
393 case GSCON_EV_MT_DTAP:
394 submit_dtap(conn, (struct msgb *)data, fi);
395 break;
396 case GSCON_EV_TX_SCCP:
397 sigtran_send(conn, (struct msgb *)data, fi);
398 break;
399 default:
400 OSMO_ASSERT(false);
401 break;
402 }
403}
404
405/* Before we may start the channel assignment we need to get an IP/Port for the
406 * RTP connection from the MGW */
407static void gscon_fsm_wait_crcx_bts(struct osmo_fsm_inst *fi, uint32_t event, void *data)
408{
409 struct gsm_subscriber_connection *conn = fi->priv;
410 struct mgcp_conn_peer *conn_peer = NULL;
411 struct msgb *resp = NULL;
412 int rc;
413
414 switch (event) {
415 case GSCON_EV_MGW_CRCX_RESP_BTS:
416 conn_peer = data;
417
Philipp Maier393165c2018-03-21 11:15:33 +0100[diff] [blame]418 /* Check if the MGW has assigned an enpoint to us, otherwise we
419 * can not proceed. */
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]420 if (strlen(conn_peer->endpoint) <= 0) {
421 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
422 sigtran_send(conn, resp, fi);
423 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
424 return;
425 }
426
427 /* Memorize the endpoint name we got assigned from the MGW.
428 * When the BTS sided connection is done, we need to create
429 * a second connection on that same endpoint, so we need
430 * to know its ID */
431 if (!conn->user_plane.mgw_endpoint)
432 conn->user_plane.mgw_endpoint = talloc_zero_size(conn, MGCP_ENDPOINT_MAXLEN);
433 OSMO_ASSERT(conn->user_plane.mgw_endpoint);
434 osmo_strlcpy(conn->user_plane.mgw_endpoint, conn_peer->endpoint, MGCP_ENDPOINT_MAXLEN);
435
436 /* Store the IP-Address and the port the MGW assigned to us,
437 * then start the channel assignment. */
438 conn->user_plane.rtp_port = conn_peer->port;
439 conn->user_plane.rtp_ip = osmo_ntohl(inet_addr(conn_peer->addr));
440 rc = gsm0808_assign_req(conn, conn->user_plane.full_rate, conn->user_plane.chan_mode);
441 if (rc != 0) {
442 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_RQSTED_SPEECH_VERSION_UNAVAILABLE, NULL);
443 sigtran_send(conn, resp, fi);
444 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
445 return;
446 }
447
448 osmo_fsm_inst_state_chg(fi, ST_WAIT_ASS_CMPL, GSM0808_T10_VALUE, GSM0808_T10_TIMER_NR);
449 break;
450 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]451 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]452 break;
453 case GSCON_EV_MT_DTAP:
454 submit_dtap(conn, (struct msgb *)data, fi);
455 break;
456 case GSCON_EV_TX_SCCP:
457 sigtran_send(conn, (struct msgb *)data, fi);
458 break;
459 default:
460 OSMO_ASSERT(false);
461 break;
462 }
463}
464
465/* We're waiting for an ASSIGNMENT COMPLETE from MS */
466static void gscon_fsm_wait_ass_cmpl(struct osmo_fsm_inst *fi, uint32_t event, void *data)
467{
468 struct gsm_subscriber_connection *conn = fi->priv;
469 struct gsm_lchan *lchan = conn->lchan;
470 struct mgcp_conn_peer conn_peer;
471 struct in_addr addr;
472 struct msgb *resp = NULL;
473 int rc;
474
475 switch (event) {
476 case GSCON_EV_RR_ASS_COMPL:
477 switch (conn->user_plane.chan_mode) {
478 case GSM48_CMODE_SPEECH_V1:
479 case GSM48_CMODE_SPEECH_EFR:
480 case GSM48_CMODE_SPEECH_AMR:
481 /* FIXME: What if we are using SCCP-Lite? */
482
483 /* We are dealing with a voice channel, so we can not
484 * confirm the assignment directly. We must first do
485 * some final steps on the MGCP side. */
486
487 /* Prepare parameters with the information we got during the assignment */
488 memset(&conn_peer, 0, sizeof(conn_peer));
489 addr.s_addr = osmo_ntohl(lchan->abis_ip.bound_ip);
490 osmo_strlcpy(conn_peer.addr, inet_ntoa(addr), sizeof(conn_peer.addr));
491 conn_peer.port = lchan->abis_ip.bound_port;
492
493 /* (Pre)Change state and modify the connection */
494 osmo_fsm_inst_state_chg(fi, ST_WAIT_MDCX_BTS, MGCP_MGW_TIMEOUT, MGCP_MGW_TIMEOUT_TIMER_NR);
495 rc = mgcp_conn_modify(conn->user_plane.fi_bts, GSCON_EV_MGW_MDCX_RESP_BTS, &conn_peer);
496 if (rc != 0) {
497 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
498 sigtran_send(conn, resp, fi);
499 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
500 return;
501 }
502 break;
503 case GSM48_CMODE_SIGN:
504 /* Confirm the successful assignment on BSSMAP and
505 * change back into active state */
506 send_ass_compl(lchan, fi);
507 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
508 break;
509 default:
510 /* Unsupported modes should have been already filtered
511 * by gscon_fsm_active(). If we reach the default
512 * section here anyway than some unsupported mode must
513 * have made it into the FSM, this would be a bug, so
514 * we fire an assertion here */
515 OSMO_ASSERT(false);
516 break;
517 }
518
519 break;
520 case GSCON_EV_RR_ASS_FAIL:
521 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_RQSTED_TERRESTRIAL_RESOURCE_UNAVAILABLE, NULL);
522 sigtran_send(conn, resp, fi);
523 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
524 break;
525 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]526 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]527 break;
528 case GSCON_EV_MT_DTAP:
529 submit_dtap(conn, (struct msgb *)data, fi);
530 break;
531 case GSCON_EV_TX_SCCP:
532 sigtran_send(conn, (struct msgb *)data, fi);
533 break;
534 default:
535 OSMO_ASSERT(false);
536 break;
537 }
538}
539
540/* We are waiting for the MGW response to the MDCX */
541static void gscon_fsm_wait_mdcx_bts(struct osmo_fsm_inst *fi, uint32_t event, void *data)
542{
543 struct gsm_subscriber_connection *conn = fi->priv;
544 struct mgcp_conn_peer conn_peer;
545 struct sockaddr_in *sin = NULL;
546 struct msgb *resp = NULL;
547
548 switch (event) {
549 case GSCON_EV_MGW_MDCX_RESP_BTS:
550
551 /* Prepare parameters with the connection information we got
552 * with the assignment command */
553 memset(&conn_peer, 0, sizeof(conn_peer));
554 conn_peer.call_id = conn->sccp.conn_id;
555 sin = (struct sockaddr_in *)&conn->user_plane.aoip_rtp_addr_remote;
556 conn_peer.port = osmo_ntohs(sin->sin_port);
557 osmo_strlcpy(conn_peer.addr, inet_ntoa(sin->sin_addr), sizeof(conn_peer.addr));
558
559 /* Make sure we use the same endpoint where we created the
560 * BTS connection. */
561 osmo_strlcpy(conn_peer.endpoint, conn->user_plane.mgw_endpoint, sizeof(conn_peer.endpoint));
562
563 /* (Pre)Change state and create the connection */
564 osmo_fsm_inst_state_chg(fi, ST_WAIT_CRCX_MSC, MGCP_MGW_TIMEOUT, MGCP_MGW_TIMEOUT_TIMER_NR);
565 conn->user_plane.fi_msc =
566 mgcp_conn_create(conn->network->mgw.client, fi, GSCON_EV_MGW_FAIL_MSC, GSCON_EV_MGW_CRCX_RESP_MSC,
567 &conn_peer);
568 if (!conn->user_plane.fi_bts) {
569 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
570 sigtran_send(conn, resp, fi);
571 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
572 return;
573 }
574
575 break;
576 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]577 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]578 break;
579 case GSCON_EV_MT_DTAP:
580 submit_dtap(conn, (struct msgb *)data, fi);
581 break;
582 case GSCON_EV_TX_SCCP:
583 sigtran_send(conn, (struct msgb *)data, fi);
584 break;
585 default:
586 OSMO_ASSERT(false);
587 break;
588 }
589}
590
591static void gscon_fsm_wait_crcx_msc(struct osmo_fsm_inst *fi, uint32_t event, void *data)
592{
593 struct gsm_subscriber_connection *conn = fi->priv;
594 struct mgcp_conn_peer *conn_peer = NULL;
595 struct gsm_lchan *lchan = conn->lchan;
596 struct sockaddr_in *sin = NULL;
597
598 switch (event) {
599 case GSCON_EV_MGW_CRCX_RESP_MSC:
600 conn_peer = data;
601
602 /* Store address information we got in response from the CRCX command. */
603 sin = (struct sockaddr_in *)&conn->user_plane.aoip_rtp_addr_local;
604 sin->sin_family = AF_INET;
605 sin->sin_addr.s_addr = inet_addr(conn_peer->addr);
606 sin->sin_port = osmo_ntohs(conn_peer->port);
607
608 /* Send assignment complete message to the MSC */
609 send_ass_compl(lchan, fi);
610
611 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
612
613 break;
614 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]615 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]616 break;
617 case GSCON_EV_MT_DTAP:
618 submit_dtap(conn, (struct msgb *)data, fi);
619 break;
620 case GSCON_EV_TX_SCCP:
621 sigtran_send(conn, (struct msgb *)data, fi);
622 break;
623 default:
624 OSMO_ASSERT(false);
625 break;
626 }
627}
628
629/* We're waiting for a MODE MODIFY ACK from MS + BTS */
630static void gscon_fsm_wait_mode_modify_ack(struct osmo_fsm_inst *fi, uint32_t event, void *data)
631{
632 struct gsm_subscriber_connection *conn = fi->priv;
633 struct gsm_lchan *lchan = conn->lchan;
634
635 switch (event) {
636 case GSCON_EV_RR_MODE_MODIFY_ACK:
637 /* we assume that not only have we received the RR MODE_MODIFY_ACK, but
638 * actually that also the BTS side of the channel mode has been changed accordingly */
639 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
640
641 /* FIXME: Check if this requires special handling. For now I assume that the send_ass_compl()
642 * can be used. But I am not sure. */
643 send_ass_compl(lchan, fi);
644
645 break;
646 /* FIXME: Do we need to handle DTAP traffic in this state? Maybe yes? Needs to be checked. */
647 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]648 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]649 break;
650 case GSCON_EV_MT_DTAP:
651 submit_dtap(conn, (struct msgb *)data, fi);
652 break;
653 case GSCON_EV_TX_SCCP:
654 sigtran_send(conn, (struct msgb *)data, fi);
655 break;
656 default:
657 OSMO_ASSERT(false);
658 break;
659 }
660}
661
662static void gscon_fsm_clearing(struct osmo_fsm_inst *fi, uint32_t event, void *data)
663{
664 struct gsm_subscriber_connection *conn = fi->priv;
665 struct msgb *resp;
666
667 switch (event) {
668 case GSCON_EV_RSL_CLEAR_COMPL:
669 resp = gsm0808_create_clear_complete();
670 sigtran_send(conn, resp, fi);
671 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, data);
672 break;
673 default:
674 OSMO_ASSERT(false);
675 break;
676 }
677}
678
679/* Wait for the handover logic to tell us whether the handover completed,
680 * failed or has timed out */
681static void gscon_fsm_wait_ho_compl(struct osmo_fsm_inst *fi, uint32_t event, void *data)
682{
683 struct gsm_subscriber_connection *conn = fi->priv;
684 struct mgcp_conn_peer conn_peer;
685 struct gsm_lchan *lchan = conn->lchan;
686 struct in_addr addr;
687 struct msgb *resp;
688 int rc;
689
690 switch (event) {
691 case GSCON_EV_HO_COMPL:
692 /* The handover logic informs us that the handover has been
693 * completet. Now we have to tell the MGW the IP/Port on the
694 * new BTS so that the uplink RTP traffic can be redirected
695 * there. */
696
697 /* Prepare parameters with the information we got during the
698 * handover procedure (via IPACC) */
699 memset(&conn_peer, 0, sizeof(conn_peer));
700 addr.s_addr = osmo_ntohl(lchan->abis_ip.bound_ip);
701 osmo_strlcpy(conn_peer.addr, inet_ntoa(addr), sizeof(conn_peer.addr));
702 conn_peer.port = lchan->abis_ip.bound_port;
703
704 /* (Pre)Change state and modify the connection */
705 osmo_fsm_inst_state_chg(fi, ST_WAIT_MDCX_BTS_HO, MGCP_MGW_TIMEOUT, MGCP_MGW_HO_TIMEOUT_TIMER_NR);
706 rc = mgcp_conn_modify(conn->user_plane.fi_bts, GSCON_EV_MGW_MDCX_RESP_BTS, &conn_peer);
707 if (rc != 0) {
708 resp = gsm0808_create_clear_rqst(GSM0808_CAUSE_EQUIPMENT_FAILURE);
709 sigtran_send(conn, resp, fi);
710 osmo_fsm_inst_state_chg(fi, ST_CLEARING, 0, 0);
711 return;
712 }
713 break;
714 case GSCON_EV_HO_TIMEOUT:
715 case GSCON_EV_HO_FAIL:
716 /* The handover logic informs us that the handover failed for
717 * some reason. This means the phone stays on the TS/BTS on
718 * which it currently is. We will change back to the active
719 * state again as there are no further operations needed */
720 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
721 break;
722 default:
723 OSMO_ASSERT(false);
724 break;
725 }
726}
727
728/* Wait for the MGW to confirm handover related modification of the connection
729 * parameters */
730static void gscon_fsm_wait_mdcx_bts_ho(struct osmo_fsm_inst *fi, uint32_t event, void *data)
731{
732 struct gsm_subscriber_connection *conn = fi->priv;
733
734 switch (event) {
735 case GSCON_EV_MGW_MDCX_RESP_BTS:
736 /* The MGW has confirmed the handover MDCX, and the handover
737 * is now also done on the RTP side. We may now change back
738 * to the active state. */
739 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
740 break;
741 case GSCON_EV_MO_DTAP:
Philipp Maier4be98dc2018-03-21 11:07:53 +0100[diff] [blame]742 forward_dtap(conn, (struct msgb *)data, fi);
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]743 break;
744 case GSCON_EV_MT_DTAP:
745 submit_dtap(conn, (struct msgb *)data, fi);
746 break;
747 case GSCON_EV_TX_SCCP:
748 sigtran_send(conn, (struct msgb *)data, fi);
749 break;
750 default:
751 OSMO_ASSERT(false);
752 break;
753 }
754}
755
756#define EV_TRANSPARENT_SCCP S(GSCON_EV_TX_SCCP) | S(GSCON_EV_MO_DTAP) | S(GSCON_EV_MT_DTAP)
757
758static const struct osmo_fsm_state gscon_fsm_states[] = {
759 [ST_INIT] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]760 .name = OSMO_STRINGIFY(INIT),
761 .in_event_mask = S(GSCON_EV_A_CONN_REQ) | S(GSCON_EV_A_CONN_IND),
762 .out_state_mask = S(ST_WAIT_CC),
763 .action = gscon_fsm_init,
764 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]765 [ST_WAIT_CC] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]766 .name = OSMO_STRINGIFY(WAIT_CC),
767 .in_event_mask = S(GSCON_EV_A_CONN_CFM),
768 .out_state_mask = S(ST_ACTIVE),
769 .action = gscon_fsm_wait_cc,
770 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]771 [ST_ACTIVE] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]772 .name = OSMO_STRINGIFY(ACTIVE),
773 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_A_ASSIGNMENT_CMD) |
774 S(GSCON_EV_A_HO_REQ) | S(GSCON_EV_HO_START),
775 .out_state_mask = S(ST_CLEARING) | S(ST_WAIT_CRCX_BTS) | S(ST_WAIT_ASS_CMPL) |
776 S(ST_WAIT_MODE_MODIFY_ACK) | S(ST_WAIT_MO_HO_CMD) | S(ST_WAIT_HO_COMPL),
777 .action = gscon_fsm_active,
778 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]779 [ST_WAIT_CRCX_BTS] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]780 .name = OSMO_STRINGIFY(WAIT_CRCX_BTS),
781 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_MGW_CRCX_RESP_BTS),
782 .out_state_mask = S(ST_ACTIVE) | S(ST_WAIT_ASS_CMPL),
783 .action = gscon_fsm_wait_crcx_bts,
784 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]785 [ST_WAIT_ASS_CMPL] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]786 .name = OSMO_STRINGIFY(WAIT_ASS_CMPL),
787 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_RR_ASS_COMPL) | S(GSCON_EV_RR_ASS_FAIL),
788 .out_state_mask = S(ST_ACTIVE) | S(ST_WAIT_MDCX_BTS),
789 .action = gscon_fsm_wait_ass_cmpl,
790 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]791 [ST_WAIT_MDCX_BTS] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]792 .name = OSMO_STRINGIFY(WAIT_MDCX_BTS),
793 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_MGW_MDCX_RESP_BTS),
794 .out_state_mask = S(ST_ACTIVE) | S(ST_WAIT_CRCX_MSC),
795 .action = gscon_fsm_wait_mdcx_bts,
796 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]797 [ST_WAIT_CRCX_MSC] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]798 .name = OSMO_STRINGIFY(WAIT_CRCX_MSC),
799 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_MGW_CRCX_RESP_MSC),
800 .out_state_mask = S(ST_ACTIVE),
801 .action = gscon_fsm_wait_crcx_msc,
802 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]803 [ST_WAIT_MODE_MODIFY_ACK] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]804 .name = OSMO_STRINGIFY(WAIT_MODE_MODIFY_ACK),
805 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_RR_MODE_MODIFY_ACK),
806 .out_state_mask = S(ST_ACTIVE) | S(ST_CLEARING),
807 .action = gscon_fsm_wait_mode_modify_ack,
808 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]809 [ST_CLEARING] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]810 .name = OSMO_STRINGIFY(CLEARING),
811 .in_event_mask = S(GSCON_EV_RSL_CLEAR_COMPL),
812 .action = gscon_fsm_clearing,
813 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]814
815 /* TODO: external handover, probably it makes sense to break up the
816 * program flow in handover_logic.c a bit and handle some of the logic
817 * here? */
818 [ST_WAIT_MT_HO_ACC] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]819 .name = OSMO_STRINGIFY(WAIT_MT_HO_ACC),
820 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]821 [ST_WAIT_MT_HO_COMPL] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]822 .name = OSMO_STRINGIFY(WAIT_MT_HO_COMPL),
823 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]824 [ST_WAIT_MO_HO_CMD] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]825 .name = OSMO_STRINGIFY(WAIT_MO_HO_CMD),
826 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]827 [ST_MO_HO_PROCEEDING] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]828 .name = OSMO_STRINGIFY(MO_HO_PROCEEDING),
829 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]830
831 /* Internal handover */
832 [ST_WAIT_HO_COMPL] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]833 .name = OSMO_STRINGIFY(WAIT_HO_COMPL),
834 .in_event_mask = S(GSCON_EV_HO_COMPL) | S(GSCON_EV_HO_FAIL) | S(GSCON_EV_HO_TIMEOUT),
835 .out_state_mask = S(ST_ACTIVE) | S(ST_WAIT_MDCX_BTS_HO),
836 .action = gscon_fsm_wait_ho_compl,
837 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]838 [ST_WAIT_MDCX_BTS_HO] = {
Harald Weltee9903fd2018-03-17 17:13:10 +0100[diff] [blame]839 .name = OSMO_STRINGIFY(WAIT_MDCX_BTS_HO),
840 .in_event_mask = EV_TRANSPARENT_SCCP | S(GSCON_EV_MGW_MDCX_RESP_BTS),
841 .action = gscon_fsm_wait_mdcx_bts_ho,
842 .out_state_mask = S(ST_ACTIVE),
843 },
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]844};
845
846static void gscon_fsm_allstate(struct osmo_fsm_inst *fi, uint32_t event, void *data)
847{
848 struct gsm_subscriber_connection *conn = fi->priv;
849 struct msgb *resp = NULL;
850
851 /* When a connection on the MGW fails, make sure that the reference
852 * in our book-keeping is erased. */
853 switch (event) {
854 case GSCON_EV_MGW_FAIL_BTS:
855 conn->user_plane.fi_bts = NULL;
856 break;
857 case GSCON_EV_MGW_FAIL_MSC:
858 conn->user_plane.fi_msc = NULL;
859 break;
860 }
861
862 /* Regular allstate event processing */
863 switch (event) {
864 case GSCON_EV_MGW_FAIL_BTS:
865 case GSCON_EV_MGW_FAIL_MSC:
866 /* Note: An MGW connection die per definition at any time.
867 * However, if it dies during the assignment we must return
868 * with an assignment failure */
Philipp Maier70fcde62018-03-21 11:17:32 +0100[diff] [blame^]869 OSMO_ASSERT(fi->state != ST_INIT && fi->state != ST_WAIT_CC);
870 if (fi->state == ST_WAIT_CRCX_BTS || fi->state == ST_WAIT_ASS_CMPL || fi->state == ST_WAIT_MDCX_BTS
871 || fi->state == ST_WAIT_CRCX_MSC) {
Harald Welte3561bd42018-01-28 03:04:16 +0100[diff] [blame]872 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
873 sigtran_send(conn, resp, fi);
874 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
875 }
876 break;
877 case GSCON_EV_A_CLEAR_CMD:
878 /* MSC tells us to cleanly shut down */
879 osmo_fsm_inst_state_chg(fi, ST_CLEARING, 0, 0);
880 gsm0808_clear(conn);
881 /* FIXME: Release all terestrial resources in ST_CLEARING */
882 /* According to 3GPP 48.008 3.1.9.1. "The BSS need not wait for the radio channel
883 * release to be completed or for the guard timer to expire before returning the
884 * CLEAR COMPLETE message" */
885
886 /* Close MGCP connections */
887 toss_mgcp_conn(conn, fi);
888
889 /* FIXME: Question: Is this a hack to force a clear complete from internel?
890 * nobody seems to send the event from outside? */
891 osmo_fsm_inst_dispatch(conn->fi, GSCON_EV_RSL_CLEAR_COMPL, NULL);
892 break;
893 case GSCON_EV_A_DISC_IND:
894 /* MSC or SIGTRAN network has hard-released SCCP connection,
895 * terminate the FSM now. */
896 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, data);
897 break;
898 case GSCON_EV_RLL_REL_IND:
899 /* BTS reports that one of the LAPDm data links was released */
900 /* send proper clear request to MSC */
901 LOGPFSML(fi, LOGL_DEBUG, "Tx BSSMAP CLEAR REQUEST to MSC\n");
902 resp = gsm0808_create_clear_rqst(GSM0808_CAUSE_RADIO_INTERFACE_MESSAGE_FAILURE);
903 sigtran_send(conn, resp, fi);
904 break;
905 case GSCON_EV_RSL_CONN_FAIL:
906 LOGPFSML(fi, LOGL_DEBUG, "Tx BSSMAP CLEAR REQUEST to MSC\n");
907 resp = gsm0808_create_clear_rqst(GSM0808_CAUSE_RADIO_INTERFACE_FAILURE);
908 sigtran_send(conn, resp, fi);
909 break;
910 default:
911 OSMO_ASSERT(false);
912 break;
913 }
914}
915
916void ho_dtap_cache_flush(struct gsm_subscriber_connection *conn, int send);
917
918static void gscon_cleanup(struct osmo_fsm_inst *fi, enum osmo_fsm_term_cause cause)
919{
920 struct gsm_subscriber_connection *conn = fi->priv;
921
922 if (conn->ho) {
923 LOGPFSML(fi, LOGL_DEBUG, "Releasing handover state\n");
924 bsc_clear_handover(conn, 1);
925 conn->ho = NULL;
926 }
927
928 if (conn->secondary_lchan) {
929 LOGPFSML(fi, LOGL_DEBUG, "Releasing secondary_lchan\n");
930 lchan_release(conn->secondary_lchan, 0, RSL_REL_LOCAL_END);
931 conn->secondary_lchan = NULL;
932 }
933 if (conn->lchan) {
934 LOGPFSML(fi, LOGL_DEBUG, "Releasing lchan\n");
935 lchan_release(conn->lchan, 0, RSL_REL_LOCAL_END);
936 conn->lchan = NULL;
937 }
938
939 if (conn->bsub) {
940 LOGPFSML(fi, LOGL_DEBUG, "Putting bsc_subscr\n");
941 bsc_subscr_put(conn->bsub);
942 conn->bsub = NULL;
943 }
944
945 if (conn->sccp.state != SUBSCR_SCCP_ST_NONE) {
946 LOGPFSML(fi, LOGL_DEBUG, "Disconnecting SCCP\n");
947 struct bsc_msc_data *msc = conn->sccp.msc;
948 /* FIXME: include a proper cause value / error message? */
949 osmo_sccp_tx_disconn(msc->a.sccp_user, conn->sccp.conn_id, &msc->a.bsc_addr, 0);
950 conn->sccp.state = SUBSCR_SCCP_ST_NONE;
951 }
952
953 /* drop pending messages */
954 ho_dtap_cache_flush(conn, 0);
955
956 penalty_timers_free(&conn->hodec2.penalty_timers);
957
958 llist_del(&conn->entry);
959 talloc_free(conn);
960 fi->priv = NULL;
961}
962
963static void gscon_pre_term(struct osmo_fsm_inst *fi, enum osmo_fsm_term_cause cause)
964{
965 struct gsm_subscriber_connection *conn = fi->priv;
966
967 /* Make sure all possibly still open MGCP connections get closed */
968 toss_mgcp_conn(conn, fi);
969}
970
971static int gscon_timer_cb(struct osmo_fsm_inst *fi)
972{
973 struct gsm_subscriber_connection *conn = fi->priv;
974 struct msgb *resp = NULL;
975
976 switch (fi->T) {
977 case 993210:
978 /* MSC has not responded/confirmed connection witH CC */
979 /* N-DISCONNET.req is sent in gscon_cleanup() above */
980 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, NULL);
981 break;
982 case GSM0808_T10_TIMER_NR: /* Assignment Failed */
983 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_RADIO_INTERFACE_FAILURE, NULL);
984 sigtran_send(conn, resp, fi);
985 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
986 break;
987 case MGCP_MGW_TIMEOUT_TIMER_NR: /* Assignment failed (no response from MGW) */
988 resp = gsm0808_create_assignment_failure(GSM0808_CAUSE_EQUIPMENT_FAILURE, NULL);
989 sigtran_send(conn, resp, fi);
990 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
991 break;
992 case MGCP_MGW_HO_TIMEOUT_TIMER_NR: /* Handover failed (no response from MGW) */
993 osmo_fsm_inst_state_chg(fi, ST_ACTIVE, 0, 0);
994 break;
995 default:
996 OSMO_ASSERT(false);
997 }
998 return 0;
999}
1000
1001static struct osmo_fsm gscon_fsm = {
1002 .name = "SUBSCR_CONN",
1003 .states = gscon_fsm_states,
1004 .num_states = ARRAY_SIZE(gscon_fsm_states),
1005 .allstate_event_mask = S(GSCON_EV_A_DISC_IND) | S(GSCON_EV_A_CLEAR_CMD) | S(GSCON_EV_RSL_CONN_FAIL) |
1006 S(GSCON_EV_RLL_REL_IND) | S(GSCON_EV_MGW_FAIL_BTS) | S(GSCON_EV_MGW_FAIL_MSC),
1007 .allstate_action = gscon_fsm_allstate,
1008 .cleanup = gscon_cleanup,
1009 .pre_term = gscon_pre_term,
1010 .timer_cb = gscon_timer_cb,
1011 .log_subsys = DMSC,
1012 .event_names = gscon_fsm_event_names,
1013};
1014
1015/* Allocate a subscriber connection and its associated FSM */
1016struct gsm_subscriber_connection *bsc_subscr_con_allocate(struct gsm_network *net)
1017{
1018 struct gsm_subscriber_connection *conn;
1019 static bool g_initialized = false;
1020
1021 if (!g_initialized) {
1022 osmo_fsm_register(&gscon_fsm);
1023 g_initialized = true;
1024 }
1025
1026 conn = talloc_zero(net, struct gsm_subscriber_connection);
1027 if (!conn)
1028 return NULL;
1029
1030 conn->network = net;
1031 INIT_LLIST_HEAD(&conn->ho_dtap_cache);
1032 /* BTW, penalty timers will be initialized on-demand. */
1033 conn->sccp.conn_id = -1;
1034
1035 /* don't allocate from 'conn' context, as gscon_cleanup() will call talloc_free(conn) before
1036 * libosmocore will call talloc_free(conn->fi), i.e. avoid use-after-free during cleanup */
1037 conn->fi = osmo_fsm_inst_alloc(&gscon_fsm, net, conn, LOGL_NOTICE, NULL);
1038 if (!conn->fi) {
1039 talloc_free(conn);
1040 return NULL;
1041 }
1042
1043 llist_add_tail(&conn->entry, &net->subscr_conns);
1044 return conn;
1045}