Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-mgw / fae3c65938328ba47f12d86db035db118d10ee83 / . / openbsc / src / bsc / osmo_bsc_bssap.c
blob: 533da77e1e017e02cb027973df27e7c5c42a5d83 [file] [log] [blame]
Holger Hans Peter Freyther3485feb2010-11-09 23:28:33 +0100[diff] [blame]1/* GSM 08.08 BSSMAP handling */
2/* (C) 2009-2010 by Holger Hans Peter Freyther <zecke@selfish.org>
3 * (C) 2009-2010 by On-Waves
4 * All Rights Reserved
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; if not, write to the Free Software Foundation, Inc.,
18 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
19 *
20 */
21
22#include <openbsc/osmo_bsc.h>
Holger Hans Peter Freyther890dfc52010-11-10 09:24:37 +0100[diff] [blame]23#include <openbsc/osmo_bsc_grace.h>
Holger Hans Peter Freyther3485feb2010-11-09 23:28:33 +0100[diff] [blame]24#include <openbsc/debug.h>
25
Holger Hans Peter Freyther890dfc52010-11-10 09:24:37 +0100[diff] [blame]26#include <osmocore/gsm0808.h>
Holger Hans Peter Freyther3485feb2010-11-09 23:28:33 +0100[diff] [blame]27#include <osmocore/protocol/gsm_08_08.h>
28
Holger Hans Peter Freyther890dfc52010-11-10 09:24:37 +0100[diff] [blame]29#include <arpa/inet.h>
30
31static uint16_t read_data16(const uint8_t *data)
32{
33 uint16_t res;
34
35 memcpy(&res, data, sizeof(res));
36 return res;
37}
38
39static int bssmap_handle_reset_ack(struct gsm_network *net,
40 struct msgb *msg, unsigned int length)
41{
42 LOGP(DMSC, LOGL_NOTICE, "Reset ACK from MSC\n");
43 return 0;
44}
45
46/* GSM 08.08 § 3.2.1.19 */
47static int bssmap_handle_paging(struct gsm_network *net,
48 struct msgb *msg, unsigned int payload_length)
49{
50 struct tlv_parsed tp;
51 char mi_string[GSM48_MI_SIZE];
52 uint32_t tmsi = GSM_RESERVED_TMSI;
53 unsigned int lac = GSM_LAC_RESERVED_ALL_BTS;
54 uint8_t data_length;
55 const uint8_t *data;
56 uint8_t chan_needed = RSL_CHANNEED_ANY;
57
58 tlv_parse(&tp, gsm0808_att_tlvdef(), msg->l4h + 1, payload_length - 1, 0, 0);
59
60 if (!TLVP_PRESENT(&tp, GSM0808_IE_IMSI)) {
61 LOGP(DMSC, LOGL_ERROR, "Mandantory IMSI not present.\n");
62 return -1;
63 } else if ((TLVP_VAL(&tp, GSM0808_IE_IMSI)[0] & GSM_MI_TYPE_MASK) != GSM_MI_TYPE_IMSI) {
64 LOGP(DMSC, LOGL_ERROR, "Wrong content in the IMSI\n");
65 return -1;
66 }
67
68 if (!TLVP_PRESENT(&tp, GSM0808_IE_CELL_IDENTIFIER_LIST)) {
69 LOGP(DMSC, LOGL_ERROR, "Mandantory CELL IDENTIFIER LIST not present.\n");
70 return -1;
71 }
72
73 if (TLVP_PRESENT(&tp, GSM0808_IE_TMSI)) {
74 gsm48_mi_to_string(mi_string, sizeof(mi_string),
75 TLVP_VAL(&tp, GSM0808_IE_TMSI), TLVP_LEN(&tp, GSM0808_IE_TMSI));
76 tmsi = strtoul(mi_string, NULL, 10);
77 }
78
79
80 /*
81 * parse the IMSI
82 */
83 gsm48_mi_to_string(mi_string, sizeof(mi_string),
84 TLVP_VAL(&tp, GSM0808_IE_IMSI), TLVP_LEN(&tp, GSM0808_IE_IMSI));
85
86 /*
87 * parse the cell identifier list
88 */
89 data_length = TLVP_LEN(&tp, GSM0808_IE_CELL_IDENTIFIER_LIST);
90 data = TLVP_VAL(&tp, GSM0808_IE_CELL_IDENTIFIER_LIST);
91
92 /*
93 * Support paging to all network or one BTS at one LAC
94 */
95 if (data_length == 3 && data[0] == CELL_IDENT_LAC) {
96 lac = ntohs(read_data16(&data[1]));
97 } else if (data_length > 1 || (data[0] & 0x0f) != CELL_IDENT_BSS) {
98 LOGP(DMSC, LOGL_ERROR, "Unsupported Cell Identifier List: %s\n", hexdump(data, data_length));
99 return -1;
100 }
101
102 if (TLVP_PRESENT(&tp, GSM0808_IE_CHANNEL_NEEDED) && TLVP_LEN(&tp, GSM0808_IE_CHANNEL_NEEDED) == 1)
103 chan_needed = TLVP_VAL(&tp, GSM0808_IE_CHANNEL_NEEDED)[0] & 0x03;
104
105 if (TLVP_PRESENT(&tp, GSM0808_IE_EMLPP_PRIORITY)) {
106 LOGP(DMSC, LOGL_ERROR, "eMLPP is not handled\n");
107 }
108
109 LOGP(DMSC, LOGL_DEBUG, "Paging request from MSC IMSI: '%s' TMSI: '0x%x/%u' LAC: 0x%x\n", mi_string, tmsi, tmsi, lac);
110 LOGP(DMSC, LOGL_ERROR, "Paging is not implemented...\n");
111 return -1;
112}
113
Holger Hans Peter Freytherf1f57a82010-11-10 09:34:47 +0100[diff] [blame]114/*
115 * GSM 08.08 § 3.1.9.1 and 3.2.1.21...
116 * release our gsm_subscriber_connection and send message
117 */
118static int bssmap_handle_clear_command(struct osmo_bsc_sccp_con *conn,
119 struct msgb *msg, unsigned int payload_length)
120{
121 struct msgb *resp;
122
123 /* TODO: handle the cause of this package */
124
125 if (conn->conn) {
126 LOGP(DMSC, LOGL_DEBUG, "Releasing all transactions on %p\n", conn);
127 gsm0808_clear(conn->conn);
128 subscr_con_free(conn->conn);
129 conn->conn = NULL;
130 }
131
132 /* send the clear complete message */
133 resp = gsm0808_create_clear_complete();
134 if (!resp) {
135 LOGP(DMSC, LOGL_ERROR, "Sending clear complete failed.\n");
136 return -1;
137 }
138
139 bsc_queue_for_msc(conn, resp);
140 return 0;
141}
142
Holger Hans Peter Freytherfae3c652010-11-10 09:44:34 +0100[diff] [blame^]143/*
144 * GSM 08.08 § 3.4.7 cipher mode handling. We will have to pick
145 * the cipher to be used for this. In case we are already using
146 * a cipher we will have to send cipher mode reject to the MSC,
147 * otherwise we will have to pick something that we and the MS
148 * is supporting. Currently we are doing it in a rather static
149 * way by picking one ecnryption or no encrytpion.
150 */
151static int bssmap_handle_cipher_mode(struct osmo_bsc_sccp_con *conn,
152 struct msgb *msg, unsigned int payload_length)
153{
154 uint16_t len;
155 struct gsm_network *network = NULL;
156 const uint8_t *data;
157 struct tlv_parsed tp;
158 struct msgb *resp;
159 int reject_cause = -1;
160 int include_imeisv = 1;
161
162 if (!conn->conn) {
163 LOGP(DMSC, LOGL_ERROR, "No lchan/msc_data in cipher mode command.\n");
164 goto reject;
165 }
166
167 if (conn->ciphering_handled) {
168 LOGP(DMSC, LOGL_ERROR, "Already seen ciphering command. Protocol Error.\n");
169 goto reject;
170 }
171
172 conn->ciphering_handled = 1;
173
174 tlv_parse(&tp, gsm0808_att_tlvdef(), msg->l4h + 1, payload_length - 1, 0, 0);
175 if (!TLVP_PRESENT(&tp, GSM0808_IE_ENCRYPTION_INFORMATION)) {
176 LOGP(DMSC, LOGL_ERROR, "IE Encryption Information missing.\n");
177 goto reject;
178 }
179
180 /*
181 * check if our global setting is allowed
182 * - Currently we check for A5/0 and A5/1
183 * - Copy the key if that is necessary
184 * - Otherwise reject
185 */
186 len = TLVP_LEN(&tp, GSM0808_IE_ENCRYPTION_INFORMATION);
187 if (len < 1) {
188 LOGP(DMSC, LOGL_ERROR, "IE Encryption Information is too short.\n");
189 goto reject;
190 }
191
192 network = conn->conn->bts->network;
193 data = TLVP_VAL(&tp, GSM0808_IE_ENCRYPTION_INFORMATION);
194
195 if (TLVP_PRESENT(&tp, GSM0808_IE_CIPHER_RESPONSE_MODE))
196 include_imeisv = TLVP_VAL(&tp, GSM0808_IE_CIPHER_RESPONSE_MODE)[0] & 0x1;
197
198 if (network->a5_encryption == 0 && (data[0] & 0x1) == 0x1) {
199 gsm0808_cipher_mode(conn->conn, 0, NULL, 0, include_imeisv);
200 } else if (network->a5_encryption != 0 && (data[0] & 0x2) == 0x2) {
201 gsm0808_cipher_mode(conn->conn, 1, &data[1], len - 1, include_imeisv);
202 } else {
203 LOGP(DMSC, LOGL_ERROR, "Can not select encryption...\n");
204 goto reject;
205 }
206
207reject:
208 resp = gsm0808_create_cipher_reject(reject_cause);
209 if (!resp) {
210 LOGP(DMSC, LOGL_ERROR, "Sending the cipher reject failed.\n");
211 return -1;
212 }
213
214 bsc_queue_for_msc(conn, resp);
215 return -1;
216}
217
Holger Hans Peter Freyther890dfc52010-11-10 09:24:37 +0100[diff] [blame]218static int bssmap_rcvmsg_udt(struct gsm_network *net,
219 struct msgb *msg, unsigned int length)
220{
221 int ret = 0;
222
223 if (length < 1) {
224 LOGP(DMSC, LOGL_ERROR, "Not enough room: %d\n", length);
225 return -1;
226 }
227
228 switch (msg->l4h[0]) {
229 case BSS_MAP_MSG_RESET_ACKNOWLEDGE:
230 ret = bssmap_handle_reset_ack(net, msg, length);
231 break;
232 case BSS_MAP_MSG_PAGING:
233 if (bsc_grace_allow_new_connection(net))
234 ret = bssmap_handle_paging(net, msg, length);
235 break;
236 }
237
238 return ret;
239}
240
241static int bssmap_rcvmsg_dt1(struct osmo_bsc_sccp_con *conn,
242 struct msgb *msg, unsigned int length)
243{
Holger Hans Peter Freytherf1f57a82010-11-10 09:34:47 +0100[diff] [blame]244 int ret = 0;
245
246 if (length < 1) {
247 LOGP(DMSC, LOGL_ERROR, "Not enough room: %d\n", length);
248 return -1;
249 }
250
251 switch (msg->l4h[0]) {
252 case BSS_MAP_MSG_CLEAR_CMD:
253 ret = bssmap_handle_clear_command(conn, msg, length);
254 break;
Holger Hans Peter Freytherfae3c652010-11-10 09:44:34 +0100[diff] [blame^]255 case BSS_MAP_MSG_CIPHER_MODE_CMD:
256 ret = bssmap_handle_cipher_mode(conn, msg, length);
257 break;
Holger Hans Peter Freytherf1f57a82010-11-10 09:34:47 +0100[diff] [blame]258 default:
259 LOGP(DMSC, LOGL_DEBUG, "Unimplemented msg type: %d\n", msg->l4h[0]);
260 break;
261 }
262
263 return ret;
Holger Hans Peter Freyther890dfc52010-11-10 09:24:37 +0100[diff] [blame]264}
265
266static int dtap_rcvmsg(struct osmo_bsc_sccp_con *conn,
267 struct msgb *msg, unsigned int length)
268{
269 return -1;
270}
271
Holger Hans Peter Freyther3485feb2010-11-09 23:28:33 +0100[diff] [blame]272int bsc_handle_udt(struct gsm_network *network,
273 struct bsc_msc_connection *conn,
274 struct msgb *msgb, unsigned int length)
275{
276 struct bssmap_header *bs;
277
278 LOGP(DMSC, LOGL_DEBUG, "Incoming SCCP message ftom MSC: %s\n",
279 hexdump(msgb->l3h, length));
280
281 if (length < sizeof(*bs)) {
282 LOGP(DMSC, LOGL_ERROR, "The header is too short.\n");
283 return -1;
284 }
285
286 bs = (struct bssmap_header *) msgb->l3h;
287 if (bs->length < length - sizeof(*bs))
288 return -1;
289
290 switch (bs->type) {
291 case BSSAP_MSG_BSS_MANAGEMENT:
Holger Hans Peter Freyther890dfc52010-11-10 09:24:37 +0100[diff] [blame]292 msgb->l4h = &msgb->l3h[sizeof(*bs)];
293 bssmap_rcvmsg_udt(network, msgb, length - sizeof(*bs));
Holger Hans Peter Freyther3485feb2010-11-09 23:28:33 +0100[diff] [blame]294 break;
295 default:
296 LOGP(DMSC, LOGL_ERROR, "Unimplemented msg type: %d\n", bs->type);
297 }
298
299 return 0;
300}
301
302int bsc_handle_dt1(struct osmo_bsc_sccp_con *conn,
303 struct msgb *msg, unsigned int len)
304{
Holger Hans Peter Freyther890dfc52010-11-10 09:24:37 +0100[diff] [blame]305 if (len < sizeof(struct bssmap_header)) {
306 LOGP(DMSC, LOGL_ERROR, "The header is too short.\n");
307 }
308
309 switch (msg->l3h[0]) {
310 case BSSAP_MSG_BSS_MANAGEMENT:
311 msg->l4h = &msg->l3h[sizeof(struct bssmap_header)];
312 bssmap_rcvmsg_dt1(conn, msg, len - sizeof(struct bssmap_header));
313 break;
314 case BSSAP_MSG_DTAP:
315 dtap_rcvmsg(conn, msg, len);
316 break;
317 default:
318 LOGP(DMSC, LOGL_DEBUG, "Unimplemented msg type: %d\n", msg->l3h[0]);
319 }
320
Holger Hans Peter Freyther3485feb2010-11-09 23:28:33 +0100[diff] [blame]321 return -1;
322}