Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-msc / 36c8153999483242deccacae490fdd15b55f3e95 / . / src / libmsc / ran_msg_iu.c
blob: f4439449d869ff59504dbae25e345b039db3e2db [file] [log] [blame]
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1/* RANAP encoding and decoding for MSC */
2/*
3 * (C) 2019 by sysmocom - s.m.f.c. GmbH <info@sysmocom.de>
4 * All Rights Reserved
5 *
6 * Author: Neels Hofmeyr
7 *
8 * SPDX-License-Identifier: GPL-2.0+
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License along
21 * with this program; if not, write to the Free Software Foundation, Inc.,
22 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23 */
24
25#include <asn1c/asn1helpers.h>
26
27#include <osmocom/core/prim.h>
28#include <osmocom/core/byteswap.h>
29#include <osmocom/crypt/auth.h>
30#include <osmocom/gsm/gsm48.h>
31
32#include <osmocom/ranap/ranap_common_cn.h>
33#include <osmocom/ranap/ranap_msg_factory.h>
34#include <osmocom/ranap/iu_helpers.h>
35
36#include <osmocom/msc/debug.h>
37#include <osmocom/msc/msc_common.h>
38#include <osmocom/msc/sccp_ran.h>
39#include <osmocom/msc/ran_msg_iu.h>
40
41/* Implement the extern talloc_asn1_ctx from libasn1c as talloc ctx for ASN.1 message composition */
42void *talloc_asn1_ctx = NULL;
43
44/* Implement the extern asn_debug from libasn1c to indicate whether to print asn.1 debug messages. */
45int asn_debug = 0;
46
47/* Implement the extern asn1_xer_print to indicate whether the ASN.1 binary code decoded and encoded during Iu
48 * communication should be logged to stderr (see asn.1 generated code in osmo-iuh). */
49int asn1_xer_print = 0;
50
51#define LOG_RAN_IU_DEC(RAN_DEC, level, fmt, args...) \
52 LOG_RAN_DEC(RAN_DEC, DIUCS, level, "RANAP: " fmt, ## args)
53
54#define LOG_RAN_IU_ENC(FI, level, fmt, args...) \
55 LOG_RAN_ENC(FI, DIUCS, level, "RANAP: " fmt, ## args)
56
57static void ran_iu_decode_l3_initial(struct ran_dec *ran_iu_decode, const RANAP_InitialUE_MessageIEs_t *ies, const char *msg_name)
58{
59 struct msgb *ran = msgb_alloc(256, msg_name);
60 struct ran_msg ran_dec_msg;
61
62 struct osmo_plmn_id plmn;
63
64 if (ies->lai.pLMNidentity.size < 3) {
65 LOG_RAN_IU_DEC(ran_iu_decode, LOGL_ERROR, "Too short PLMNidentity in RANAP InitialUE message\n");
66 return;
67 }
68 osmo_plmn_from_bcd(ies->lai.pLMNidentity.buf, &plmn);
69
70 struct gsm0808_cell_id cid = {
71 .id_discr = CELL_IDENT_LAI,
72 .id.lai_and_lac = {
73 .plmn = plmn,
74 .lac = asn1str_to_u16(&ies->lai.lAC),
75 },
76 };
77
78 /* TODO: really necessary to copy the RAN PDU?? */
79 ran->l3h = msgb_put(ran, ies->nas_pdu.size);
80 memcpy(ran->l3h, ies->nas_pdu.buf, ies->nas_pdu.size);
81
82 ran_dec_msg = (struct ran_msg){
83 .msg_type = RAN_MSG_COMPL_L3,
84 .msg_name = msg_name,
85 .compl_l3 = {
86 .cell_id = &cid,
87 .msg = ran,
88 },
89 };
90 ran_decoded(ran_iu_decode, &ran_dec_msg);
91
92 msgb_free(ran);
93}
94
95static void ran_iu_decode_l3(struct ran_dec *ran_iu_decode, const RANAP_NAS_PDU_t *nas_pdu, const char *msg_name)
96{
97 struct msgb *ran = msgb_alloc(256, msg_name);
98 struct ran_msg ran_dec_msg;
99
100 /* TODO: really necessary to copy the RAN PDU?? */
101 ran->l3h = msgb_put(ran, nas_pdu->size);
102 memcpy(ran->l3h, nas_pdu->buf, nas_pdu->size);
103
104 ran_dec_msg = (struct ran_msg){
105 .msg_type = RAN_MSG_DTAP,
106 .msg_name = msg_name,
107 .dtap = ran,
108 };
109 ran_decoded(ran_iu_decode, &ran_dec_msg);
110
111 msgb_free(ran);
112}
113
114static void ran_iu_decode_err(struct ran_dec *ran_iu_decode, const RANAP_ErrorIndicationIEs_t *ies)
115{
116 LOG_RAN_IU_DEC(ran_iu_decode, LOGL_ERROR, "Rx Error Indication (%s)\n",
117 (ies->presenceMask & ERRORINDICATIONIES_RANAP_CAUSE_PRESENT)?
118 ranap_cause_str(&ies->cause) : "no cause specified");
119}
120
121static int ran_iu_decode_rab_assignment_response_decode_setup_ies(struct ran_dec *ran_iu_decode,
122 struct ran_msg *ran_dec_msg,
123 const RANAP_RAB_SetupOrModifiedItemIEs_t *setup_ies)
124{
125 const RANAP_RAB_SetupOrModifiedItem_t *item;
126 const RANAP_TransportLayerAddress_t *transp_layer_addr;
127 const RANAP_IuTransportAssociation_t *transp_assoc;
128 uint16_t port = 0;
129 char addr[INET_ADDRSTRLEN];
130 uint8_t rab_id;
131
132 item = &setup_ies->raB_SetupOrModifiedItem;
133
134 rab_id = item->rAB_ID.buf[0];
135 LOG_RAN_IU_DEC(ran_iu_decode, LOGL_DEBUG, "Received RAB assignment response for rab_id=%d\n", rab_id);
136
137 if (!(item->iuTransportAssociation && item->transportLayerAddress)) {
138 LOG_RAN_IU_DEC(ran_iu_decode, LOGL_ERROR, "RAB Assignment Response does not contain RAB information\n");
139 return -1;
140 }
141
142 transp_layer_addr = item->transportLayerAddress;
143 transp_assoc = item->iuTransportAssociation;
144
145 if (ranap_transp_assoc_decode(&port, transp_assoc)) {
146 LOG_RAN_IU_DEC(ran_iu_decode, LOGL_ERROR, "Unable to decode RTP port in RAB Assignment Response\n");
147 return -1;
148 }
149
150 if (ranap_transp_layer_addr_decode(addr, sizeof(addr), transp_layer_addr)) {
151 LOG_RAN_IU_DEC(ran_iu_decode, LOGL_ERROR, "Unable to decode IP-Address in RAB Assignment Response\n");
152 return -1;
153 }
154
155 *ran_dec_msg = (struct ran_msg){
156 .msg_type = RAN_MSG_ASSIGNMENT_COMPLETE,
157 .msg_name = "RANAP RAB Assignment Response",
158 .assignment_complete = {
159 .codec = CODEC_AMR_8000_1,
160 },
161 };
162 if (osmo_sockaddr_str_from_str(&ran_dec_msg->assignment_complete.remote_rtp, addr, port)) {
163 LOG_RAN_IU_DEC(ran_iu_decode, LOGL_ERROR, "Assignment Complete: unable to decode remote RTP IP address %s\n",
164 osmo_quote_str(addr, -1));
165 return -1;
166 }
167 return 0;
168}
169
170static void ran_iu_decode_rab_assignment_response(struct ran_dec *ran_iu_decode, const RANAP_RAB_AssignmentResponseIEs_t *ies)
171{
172 int rc;
173 RANAP_IE_t *ranap_ie;
174 RANAP_RAB_SetupOrModifiedItemIEs_t setup_ies;
175 struct ran_msg ran_dec_msg;
176 bool free_ies = false;
177
178 if (!(ies->presenceMask & RAB_ASSIGNMENTRESPONSEIES_RANAP_RAB_SETUPORMODIFIEDLIST_PRESENT)) {
179 LOG_RAN_IU_DEC(ran_iu_decode, LOGL_ERROR, "RAB Assignment Response does not contain RAB information\n");
180 goto failure;
181 }
182
183 /* So far we assign a single RAB at a time, so it should not be necessary to iterate over the list of
184 * SetupOrModifiedList IEs and handle each one. */
185 ranap_ie = ies->raB_SetupOrModifiedList.raB_SetupOrModifiedList_ies.list.array[0];
186
187 rc = ranap_decode_rab_setupormodifieditemies_fromlist(&setup_ies, &ranap_ie->value);
188 if (rc) {
189 LOG_RAN_IU_DEC(ran_iu_decode, LOGL_ERROR, "Error in ranap_decode_rab_setupormodifieditemies(): rc=%d\n", rc);
190 goto failure;
191 }
192 free_ies = true;
193
194 if (!ran_iu_decode_rab_assignment_response_decode_setup_ies(ran_iu_decode, &ran_dec_msg, &setup_ies))
195 goto success;
196
197failure:
198 ran_dec_msg = (struct ran_msg){
199 .msg_type = RAN_MSG_ASSIGNMENT_FAILURE,
200 .msg_name = "RANAP RAB Assignment Response: Failure",
201 .assignment_failure = {
202 .bssap_cause = RAN_MSG_BSSAP_CAUSE_UNSET,
203 .rr_cause = GSM48_RR_CAUSE_ABNORMAL_UNSPEC,
204 },
205 };
206
207success:
208 ran_decoded(ran_iu_decode, &ran_dec_msg);
209
210 if (free_ies)
211 ranap_free_rab_setupormodifieditemies(&setup_ies);
212}
213
214static void ran_iu_decode_security_mode_complete(struct ran_dec *ran_iu_decode)
215{
216 struct ran_msg ran_dec_msg = {
217 .msg_type = RAN_MSG_CIPHER_MODE_COMPLETE,
218 .msg_name = "RANAP SecurityModeControl successfulOutcome",
219 };
220 ran_decoded(ran_iu_decode, &ran_dec_msg);
221}
222
223static void ran_iu_decode_security_mode_reject(struct ran_dec *ran_iu_decode)
224{
225 struct ran_msg ran_dec_msg = {
226 .msg_type = RAN_MSG_CIPHER_MODE_REJECT,
227 .msg_name = "RANAP SecurityModeControl unsuccessfulOutcome",
228 .cipher_mode_reject = {
229 .bssap_cause = RAN_MSG_BSSAP_CAUSE_UNSET,
230 },
231 };
232 ran_decoded(ran_iu_decode, &ran_dec_msg);
233}
234
235static void ran_iu_decode_release_request(struct ran_dec *ran_iu_decode)
236{
237 struct ran_msg ran_dec_msg = {
238 .msg_type = RAN_MSG_CLEAR_REQUEST,
239 .msg_name = "RANAP Iu ReleaseRequest",
240 .clear_request = {
241 .bssap_cause = RAN_MSG_BSSAP_CAUSE_UNSET,
242 },
243 };
244 ran_decoded(ran_iu_decode, &ran_dec_msg);
245}
246
247static void ran_iu_decode_release_complete(struct ran_dec *ran_iu_decode)
248{
249 struct ran_msg ran_dec_msg = {
250 .msg_type = RAN_MSG_CLEAR_COMPLETE,
251 .msg_name = "RANAP Iu Release successfulOutcome",
252 };
253 ran_decoded(ran_iu_decode, &ran_dec_msg);
254}
255
256static void ran_iu_decode_ranap_msg(void *_ran_dec, ranap_message *message)
257{
258 struct ran_dec *ran_iu_decode = _ran_dec;
259
260 LOG_RAN_IU_DEC(ran_iu_decode, LOGL_DEBUG, "dir=%u proc=%u\n", message->direction, message->procedureCode);
261
262 switch (message->procedureCode) {
263
264 case RANAP_ProcedureCode_id_InitialUE_Message:
265 ran_iu_decode_l3_initial(ran_iu_decode, &message->msg.initialUE_MessageIEs, "RANAP InitialUE RAN PDU");
266 return;
267
268 case RANAP_ProcedureCode_id_DirectTransfer:
269 ran_iu_decode_l3(ran_iu_decode, &message->msg.directTransferIEs.nas_pdu, "RANAP DirectTransfer RAN PDU");
270 return;
271
272 case RANAP_ProcedureCode_id_SecurityModeControl:
273 switch (message->direction) {
274 case RANAP_RANAP_PDU_PR_successfulOutcome:
275 ran_iu_decode_security_mode_complete(ran_iu_decode);
276 return;
277 case RANAP_RANAP_PDU_PR_unsuccessfulOutcome:
278 ran_iu_decode_security_mode_reject(ran_iu_decode);
279 return;
280 default:
281 LOG_RAN_IU_DEC(ran_iu_decode, LOGL_ERROR,
282 "Received SecurityModeControl: unexpected RANAP ProcedureCode: %d\n",
283 message->direction);
284 return;
285 }
286
287 case RANAP_ProcedureCode_id_RAB_Assignment:
288 /* This should always be a RANAP_RANAP_PDU_PR_outcome. No need to check for that. */
289 ran_iu_decode_rab_assignment_response(ran_iu_decode, &message->msg.raB_AssignmentResponseIEs);
290 return;
291
292 case RANAP_ProcedureCode_id_Iu_ReleaseRequest:
293 ran_iu_decode_release_request(ran_iu_decode);
294 return;
295
296 case RANAP_ProcedureCode_id_Iu_Release:
297 if (message->direction != RANAP_RANAP_PDU_PR_successfulOutcome) {
298 LOG_RAN_IU_DEC(ran_iu_decode, LOGL_ERROR, "Received Iu_Release: expected successfulOutcome, got %d\n",
299 message->direction);
300 return;
301 }
302 ran_iu_decode_release_complete(ran_iu_decode);
303 return;
304
305 case RANAP_ProcedureCode_id_ErrorIndication:
306 ran_iu_decode_err(ran_iu_decode, &message->msg.errorIndicationIEs);
307 return;
308
309 default:
310 LOG_RAN_IU_DEC(ran_iu_decode, LOGL_ERROR, "Received unhandled RANAP Procedure Code %d\n", message->procedureCode);
311 return;
312 }
313}
314
315int ran_iu_decode_l2(struct ran_dec *ran_iu_decode, struct msgb *ranap)
316{
317 return ranap_cn_rx_co(ran_iu_decode_ranap_msg, ran_iu_decode, msgb_l2(ranap), msgb_l2len(ranap));
318}
319
320/* Create a RANAP Initiating DirectTransfer message containing the given DTAP as RAN PDU, and return the resulting
321 * AN-APDU to be forwarded via E-interface. */
322static struct msgb *ran_iu_wrap_dtap(struct msgb *dtap)
323{
324 struct msgb *an_apdu;
Harald Welte4dd150a2019-05-10 23:54:15 +0200[diff] [blame]325 uint8_t sapi = OMSC_LINKID_CB(dtap);
326
327 an_apdu = ranap_new_msg_dt(sapi, dtap->data, msgb_length(dtap));
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]328 an_apdu->l2h = an_apdu->data;
329 msgb_free(dtap);
330 return an_apdu;
331}
332
333static struct msgb *ran_iu_make_rab_assignment(struct osmo_fsm_inst *caller_fi, const struct ran_assignment_command *ac)
334{
335 struct msgb *msg;
336 bool use_x213_nsap;
337 uint32_t cn_rtp_ip;
338 static uint8_t next_rab_id = 1;
339 uint8_t rab_id = next_rab_id;
340
341 next_rab_id ++;
342 if (!next_rab_id)
343 next_rab_id = 1;
344
345 cn_rtp_ip = osmo_htonl(inet_addr(ac->cn_rtp->ip));
346
347 if (cn_rtp_ip == INADDR_NONE) {
348 LOG_RAN_IU_ENC(caller_fi, LOGL_ERROR, "Error during RAB Assignment: invalid RTP IP-Address\n");
349 return NULL;
350 }
351 if (ac->cn_rtp->port == 0) {
352 LOG_RAN_IU_ENC(caller_fi, LOGL_ERROR, "Error during RAB Assignment: invalid RTP port\n");
353 return NULL;
354 }
355
356 use_x213_nsap = (ac->rab_assign_addr_enc == NSAP_ADDR_ENC_X213);
357 LOG_RAN_IU_ENC(caller_fi, LOGL_DEBUG, "RAB Assignment: rab_id=%d, rtp=" OSMO_SOCKADDR_STR_FMT ", use_x213_nsap=%d\n",
358 rab_id, OSMO_SOCKADDR_STR_FMT_ARGS(ac->cn_rtp), use_x213_nsap);
359
360 msg = ranap_new_msg_rab_assign_voice(rab_id, cn_rtp_ip, ac->cn_rtp->port, use_x213_nsap);
361 msg->l2h = msg->data;
362
363 return msg;
364}
365
366static struct msgb *ran_iu_make_security_mode_command(struct osmo_fsm_inst *caller_fi,
367 const struct ran_cipher_mode_command *cm)
368{
369
370 LOG_RAN_IU_ENC(caller_fi, LOGL_DEBUG, "Tx RANAP SECURITY MODE COMMAND to RNC, ik %s\n",
371 osmo_hexdump_nospc(cm->vec->ik, 16));
372 return ranap_new_msg_sec_mod_cmd(cm->vec->ik, NULL, RANAP_KeyStatus_new);
373}
374
375
376static struct msgb *ran_iu_make_release_command(struct osmo_fsm_inst *caller_fi,
377 const struct ran_clear_command *ccmd)
378{
379 static const struct RANAP_Cause cause = {
380 .present = RANAP_Cause_PR_radioNetwork,
381 .choice.radioNetwork = RANAP_CauseRadioNetwork_release_due_to_utran_generated_reason,
382 /* TODO: set various causes depending on the ran_clear_command cause value */
383 };
384 return ranap_new_msg_iu_rel_cmd(&cause);
385}
386
387struct msgb *ran_iu_encode(struct osmo_fsm_inst *caller_fi, const struct ran_msg *ran_enc_msg)
388{
389 LOG_RAN_IU_ENC(caller_fi, LOGL_DEBUG, "%s\n", ran_msg_type_name(ran_enc_msg->msg_type));
390
391 switch (ran_enc_msg->msg_type) {
392
393 case RAN_MSG_DTAP:
394 return ran_iu_wrap_dtap(ran_enc_msg->dtap);
395
396 // TODO: RAN_MSG_CLASSMARK_REQUEST ??
397
398 case RAN_MSG_CIPHER_MODE_COMMAND:
399 return ran_iu_make_security_mode_command(caller_fi, &ran_enc_msg->cipher_mode_command);
400
401 case RAN_MSG_ASSIGNMENT_COMMAND:
402 return ran_iu_make_rab_assignment(caller_fi, &ran_enc_msg->assignment_command);
403
404 case RAN_MSG_COMMON_ID:
405 return ranap_new_msg_common_id(ran_enc_msg->common_id.imsi);
406
407 case RAN_MSG_CLEAR_COMMAND:
408 return ran_iu_make_release_command(caller_fi, &ran_enc_msg->clear_command);
409
410 default:
411 LOG_RAN_IU_ENC(caller_fi, LOGL_ERROR, "Message type not implemented: %s\n",
412 ran_msg_type_name(ran_enc_msg->msg_type));
413 return NULL;
414 }
415}
416
417/* Entry point for connection-less RANAP message */
418static void ranap_handle_cl(void *ctx, ranap_message *message)
419{
420 int *rc = ctx;
421 *rc = SCCP_RAN_MSG_NON_RESET;
422
423 if (message->procedureCode != RANAP_ProcedureCode_id_Reset)
424 return;
425
426 switch (message->direction) {
427 case RANAP_RANAP_PDU_PR_initiatingMessage:
428 *rc = SCCP_RAN_MSG_RESET;
429 return;
430 case RANAP_RANAP_PDU_PR_successfulOutcome:
431 *rc = SCCP_RAN_MSG_RESET_ACK;
432 return;
433 default:
434 return;
435 }
436}
437
438enum reset_msg_type ranap_is_reset_msg(const struct sccp_ran_inst *sri, const struct msgb *l2)
439{
440 int ret = SCCP_RAN_MSG_NON_RESET;
441 int rc;
442
443 rc = ranap_cn_rx_cl(ranap_handle_cl, &ret, msgb_l2(l2), msgb_l2len(l2));
444 if (rc)
445 return 0;
446 return ret;
447}
448
449struct msgb *ranap_make_reset_msg(const struct sccp_ran_inst *sri, enum reset_msg_type type)
450{
451 const RANAP_Cause_t cause = {
452 .present = RANAP_Cause_PR_protocol,
453 .choice = {
454 .protocol = RANAP_CauseProtocol_message_not_compatible_with_receiver_state,
455 },
456 };
457 switch (type) {
458 case SCCP_RAN_MSG_RESET:
459 return ranap_new_msg_reset(RANAP_CN_DomainIndicator_cs_domain, &cause);
460 case SCCP_RAN_MSG_RESET_ACK:
461 return ranap_new_msg_reset_ack(RANAP_CN_DomainIndicator_cs_domain, NULL);
462 default:
463 return NULL;
464 }
465}
466
467static e_RANAP_PagingCause ranap_paging_cause_from_msc(enum paging_cause cause)
468{
469 switch (cause) {
470 default:
471 case PAGING_CAUSE_UNSPECIFIED:
472 case PAGING_CAUSE_CALL_CONVERSATIONAL:
473 return RANAP_PagingCause_terminating_conversational_call;
474 case PAGING_CAUSE_CALL_STREAMING:
475 return RANAP_PagingCause_terminating_streaming_call;
476 case PAGING_CAUSE_CALL_INTERACTIVE:
477 return RANAP_PagingCause_terminating_interactive_call;
478 case PAGING_CAUSE_CALL_BACKGROUND:
479 return RANAP_PagingCause_terminating_background_call;
480 case PAGING_CAUSE_SIGNALLING_LOW_PRIO:
481 return RANAP_PagingCause_terminating_low_priority_signalling;
482 case PAGING_CAUSE_SIGNALLING_HIGH_PRIO:
483 return RANAP_PagingCause_terminating_high_priority_signalling;
484 }
485}
486
487struct msgb *ranap_make_paging_msg(const struct sccp_ran_inst *sri, const struct gsm0808_cell_id *page_cell_id,
488 const char *imsi, uint32_t tmsi, enum paging_cause cause)
489{
490 return ranap_new_msg_paging_cmd(imsi, tmsi == GSM_RESERVED_TMSI ? NULL : &tmsi, false,
491 ranap_paging_cause_from_msc(cause));
492}
493
494const char *ranap_msg_name(const struct sccp_ran_inst *sri, const struct msgb *l2)
495{
496 uint8_t msgt;
497 uint8_t procedure;
498 static char buf[32];
499 if (!l2->l2h)
500 return "?";
501
502 msgt = l2->l2h[0];
503 procedure = l2->l2h[1];
504
505 snprintf(buf, sizeof(buf), "type %u procedureCode %u", msgt, procedure);
506 return buf;
507}