Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-msc / 6a0ab76d679d54622a5fb8a961db9e379ef0693f / . / src / libmsc / ran_msg_a.c
blob: be026e520e9aa16ca8b3ba4fb15905b7c62800e9 [file] [log] [blame]
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1/* BSSAP/BSSMAP encoding and decoding for MSC */
2/*
3 * (C) 2019 by sysmocom - s.m.f.c. GmbH <info@sysmocom.de>
4 * All Rights Reserved
5 *
6 * Author: Neels Hofmeyr
7 *
8 * SPDX-License-Identifier: GPL-2.0+
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]19 */
20
21#include <osmocom/core/byteswap.h>
22
23#include <osmocom/crypt/auth.h>
Neels Hofmeyr6ce2edc2021-06-09 22:26:11 +0200[diff] [blame]24#include <osmocom/crypt/kdf.h>
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]25
26#include <osmocom/gsm/tlv.h>
27#include <osmocom/gsm/gsm0808.h>
28#include <osmocom/gsm/mncc.h>
29#include <osmocom/gsm/gsm48.h>
30
31#include <osmocom/msc/debug.h>
32#include <osmocom/msc/ran_msg_a.h>
33#include <osmocom/msc/sccp_ran.h>
Pau Espin Pedrolc9ba7542019-05-07 12:23:49 +0200[diff] [blame]34#include <osmocom/msc/gsm_data.h>
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]35
36#define LOG_RAN_A_DEC(RAN_DEC, level, fmt, args...) \
37 LOG_RAN_DEC(RAN_DEC, DBSSAP, level, "BSSMAP: " fmt, ## args)
38
39/* Assumes presence of struct ran_dec *ran_dec and ran_dec_msg.msg_name (set) in the local scope. */
40#define LOG_RAN_A_DEC_MSG(level, fmt, args...) \
41 LOG_RAN_DEC(ran_dec, DBSSAP, level, "%s: " fmt, ran_dec_msg.msg_name, ## args)
42
43#define LOG_RAN_A_ENC(FI, level, fmt, args...) \
44 LOG_RAN_ENC(FI, DBSSAP, level, "BSSMAP: " fmt, ## args)
45
46static int ran_a_decode_l3_compl(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
47{
48 struct gsm0808_cell_id_list2 cil;
49 struct gsm0808_cell_id cell_id;
50 struct tlv_p_entry *ie_cell_id = TLVP_GET(tp, GSM0808_IE_CELL_IDENTIFIER);
51 struct tlv_p_entry *ie_l3_info = TLVP_GET(tp, GSM0808_IE_LAYER_3_INFORMATION);
Neels Hofmeyr8a50cfb2019-10-21 03:01:00 +0200[diff] [blame]52 struct tlv_p_entry *ie_codec_list_bss_supported = TLVP_GET(tp, GSM0808_IE_SPEECH_CODEC_LIST);
53 struct gsm0808_speech_codec_list codec_list_bss_supported;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]54 struct ran_msg ran_dec_msg = {
55 .msg_type = RAN_MSG_COMPL_L3,
Neels Hofmeyr0c1ed152019-10-21 03:12:58 +0200[diff] [blame]56 .msg_name = "BSSMAP Complete Layer 3 Information",
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]57 .compl_l3 = {
58 .cell_id = &cell_id,
59 .msg = msg,
60 },
61 };
62 int rc;
63
64 if (!ie_cell_id) {
65 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory CELL IDENTIFIER not present, discarding message\n");
66 return -EINVAL;
67 }
68 if (!ie_l3_info) {
69 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory LAYER 3 INFORMATION not present, discarding message\n");
70 return -EINVAL;
71 }
72
73 /* Parse Cell ID element -- this should yield a cell identifier "list" with 1 element. */
74
75 rc = gsm0808_dec_cell_id_list2(&cil, ie_cell_id->val, ie_cell_id->len);
76 if (rc < 0) {
77 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Decoding CELL IDENTIFIER gave rc=%d\n", rc);
78 return -EINVAL;
79 }
80 if (cil.id_list_len != 1) {
81 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Unable to parse element CELL IDENTIFIER, discarding message\n");
82 return -EINVAL;
83 }
84
85 /* Sanity check the Cell Identity */
86 switch (cil.id_discr) {
87 case CELL_IDENT_WHOLE_GLOBAL:
88 case CELL_IDENT_LAI_AND_LAC:
89 case CELL_IDENT_LAC_AND_CI:
90 case CELL_IDENT_LAC:
91 break;
92
93 case CELL_IDENT_CI:
94 case CELL_IDENT_NO_CELL:
95 case CELL_IDENT_BSS:
96 default:
97 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "CELL IDENTIFIER does not specify a LAC, discarding message: %s\n",
98 gsm0808_cell_id_list_name(&cil));
99 return -EINVAL;
100 }
101
102 cell_id = (struct gsm0808_cell_id){
103 .id_discr = cil.id_discr,
104 .id = cil.id_list[0],
105 };
106
107 /* Parse Layer 3 Information element */
108 msg->l3h = (uint8_t*)ie_l3_info->val;
109 msgb_l3trim(msg, ie_l3_info->len);
110
111 if (msgb_l3len(msg) < sizeof(struct gsm48_hdr)) {
112 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "too short L3 info (%d), discarding message\n", msgb_l3len(msg));
113 return -ENODATA;
114 }
115
Neels Hofmeyr8a50cfb2019-10-21 03:01:00 +0200[diff] [blame]116 /* Decode Codec List (BSS Supported) */
117 if (ie_codec_list_bss_supported) {
118 rc = gsm0808_dec_speech_codec_list(&codec_list_bss_supported,
119 ie_codec_list_bss_supported->val, ie_codec_list_bss_supported->len);
120 if (rc < 0) {
121 LOG_RAN_A_DEC_MSG(LOGL_ERROR,
122 "Complete Layer 3 Information: unable to decode IE Codec List (BSS Supported)"
123 " (rc=%d), continuing anyway\n", rc);
124 /* This IE is not critical, do not abort with error. */
125 } else
126 ran_dec_msg.compl_l3.codec_list_bss_supported = &codec_list_bss_supported;
127 }
128
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]129 return ran_decoded(ran_dec, &ran_dec_msg);
130}
131
132static int ran_a_decode_clear_request(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
133{
134 struct tlv_p_entry *ie_cause = TLVP_GET(tp, GSM0808_IE_CAUSE);
135 struct ran_msg ran_dec_msg = {
136 .msg_type = RAN_MSG_CLEAR_REQUEST,
137 .msg_name = "BSSMAP Clear Request",
138 };
139
140 if (!ie_cause) {
141 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Cause code is missing, using GSM0808_CAUSE_EQUIPMENT_FAILURE\n");
142 ran_dec_msg.clear_request.bssap_cause = GSM0808_CAUSE_EQUIPMENT_FAILURE;
143 } else {
144 ran_dec_msg.clear_request.bssap_cause = ie_cause->val[0];
145 }
146
147 return ran_decoded(ran_dec, &ran_dec_msg);
148}
149
150static int ran_a_decode_clear_complete(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
151{
152 struct ran_msg ran_dec_msg = {
153 .msg_type = RAN_MSG_CLEAR_COMPLETE,
154 .msg_name = "BSSMAP Clear Complete",
155 };
156 return ran_decoded(ran_dec, &ran_dec_msg);
157}
158
159static int ran_a_decode_classmark_update(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
160{
161 struct tlv_p_entry *ie_cm2 = TLVP_GET(tp, GSM0808_IE_CLASSMARK_INFORMATION_T2);
162 struct tlv_p_entry *ie_cm3 = TLVP_GET(tp, GSM0808_IE_CLASSMARK_INFORMATION_T3);
163 struct osmo_gsm48_classmark cm = {};
164 struct ran_msg ran_dec_msg = {
165 .msg_type = RAN_MSG_CLASSMARK_UPDATE,
166 .msg_name = "BSSMAP Classmark Update",
167 .classmark_update = {
168 .classmark = &cm,
169 },
170 };
171
172 if (!ie_cm2) {
173 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "mandatory Classmark Information Type 2 not present, discarding message\n");
174 return -EINVAL;
175 }
176
177 cm.classmark2_len = OSMO_MIN(sizeof(cm.classmark2), ie_cm2->len);
178 memcpy(&cm.classmark2, ie_cm2->val, cm.classmark2_len);
179
180 if (ie_cm3) {
181 cm.classmark3_len = OSMO_MIN(sizeof(cm.classmark3), ie_cm3->len);
182 memcpy(&cm.classmark3, ie_cm3->val, cm.classmark3_len);
183 }
184
185 return ran_decoded(ran_dec, &ran_dec_msg);
186}
187
188static int ran_a_decode_cipher_mode_complete(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
189{
190 struct tlv_p_entry *ie_chosen_encr_alg = TLVP_GET(tp, GSM0808_IE_CHOSEN_ENCR_ALG);
191 struct tlv_p_entry *ie_l3_msg = TLVP_GET(tp, GSM0808_IE_LAYER_3_MESSAGE_CONTENTS);
192 int rc;
193 struct ran_msg ran_dec_msg = {
194 .msg_type = RAN_MSG_CIPHER_MODE_COMPLETE,
195 .msg_name = "BSSMAP Ciphering Mode Complete",
196 };
197
198 if (ie_chosen_encr_alg) {
199 uint8_t ie_val = ie_chosen_encr_alg->val[0];
200 /* 3GPP TS 48.008 3.2.2.44 Chosen Encryption Algorithm encodes as 1 = no encryption, 2 = A5/1, 4 = A5/3.
201 * Internally we handle without this weird off-by-one. */
202 if (ie_val < 1 || ie_val > 8)
203 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Unsupported value for 3.2.2.44 Chosen Encryption Algorithm: %u\n",
204 ie_val);
205 else
206 ran_dec_msg.cipher_mode_complete.alg_id = ie_chosen_encr_alg->val[0];
207 }
208
Neels Hofmeyre9a39112019-08-29 00:10:49 +0200[diff] [blame]209 if (ie_l3_msg)
210 ran_dec_msg.cipher_mode_complete.l3_msg = ie_l3_msg;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]211
Neels Hofmeyre9a39112019-08-29 00:10:49 +0200[diff] [blame]212 rc = ran_decoded(ran_dec, &ran_dec_msg);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]213
214 return rc;
215}
216
217static int ran_a_decode_cipher_mode_reject(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
218{
219 int rc;
220 struct ran_msg ran_dec_msg = {
221 .msg_type = RAN_MSG_CIPHER_MODE_REJECT,
222 .msg_name = "BSSMAP Ciphering Mode Reject",
223 };
224
Vadim Yanitskiy33144f12021-02-05 20:14:19 +0100[diff] [blame]225 rc = gsm0808_get_cause(tp);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]226 if (rc < 0) {
227 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "failed to extract Cause\n");
228 ran_dec_msg.cipher_mode_reject.bssap_cause = GSM0808_CAUSE_EQUIPMENT_FAILURE;
229 } else {
230 ran_dec_msg.cipher_mode_reject.bssap_cause = (enum gsm0808_cause)rc;
231 }
232
233 return ran_decoded(ran_dec, &ran_dec_msg);
234}
235
236enum mgcp_codecs ran_a_mgcp_codec_from_sc(const struct gsm0808_speech_codec *sc)
237{
238 switch (sc->type) {
239 case GSM0808_SCT_FR1:
240 return CODEC_GSM_8000_1;
241 break;
242 case GSM0808_SCT_FR2:
243 return CODEC_GSMEFR_8000_1;
244 break;
245 case GSM0808_SCT_FR3:
246 return CODEC_AMR_8000_1;
247 break;
248 case GSM0808_SCT_FR4:
249 return CODEC_AMRWB_16000_1;
250 break;
251 case GSM0808_SCT_FR5:
252 return CODEC_AMRWB_16000_1;
253 break;
254 case GSM0808_SCT_HR1:
255 return CODEC_GSMHR_8000_1;
256 break;
257 case GSM0808_SCT_HR3:
258 return CODEC_AMR_8000_1;
259 break;
260 case GSM0808_SCT_HR4:
261 return CODEC_AMRWB_16000_1;
262 break;
263 case GSM0808_SCT_HR6:
264 return CODEC_AMRWB_16000_1;
265 break;
266 default:
267 return CODEC_PCMU_8000_1;
268 break;
269 }
270}
271
272static int ran_a_decode_assignment_complete(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
273{
274 struct tlv_p_entry *ie_aoip_transp_addr = TLVP_GET(tp, GSM0808_IE_AOIP_TRASP_ADDR);
275 struct tlv_p_entry *ie_speech_codec = TLVP_GET(tp, GSM0808_IE_SPEECH_CODEC);
Neels Hofmeyr8a50cfb2019-10-21 03:01:00 +0200[diff] [blame]276 struct tlv_p_entry *ie_codec_list_bss_supported = TLVP_GET(tp, GSM0808_IE_SPEECH_CODEC_LIST);
Pau Espin Pedrola3cdab42019-05-09 17:54:08 +0200[diff] [blame]277 struct tlv_p_entry *ie_osmux_cid = TLVP_GET(tp, GSM0808_IE_OSMO_OSMUX_CID);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]278 struct sockaddr_storage rtp_addr;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]279 struct gsm0808_speech_codec sc;
Neels Hofmeyr8a50cfb2019-10-21 03:01:00 +0200[diff] [blame]280 struct gsm0808_speech_codec_list codec_list_bss_supported;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]281 int rc;
282 struct ran_msg ran_dec_msg = {
283 .msg_type = RAN_MSG_ASSIGNMENT_COMPLETE,
284 .msg_name = "BSSMAP Assignment Complete",
285 };
286
287 if (ie_aoip_transp_addr) {
288 /* Decode AoIP transport address element */
289 rc = gsm0808_dec_aoip_trasp_addr(&rtp_addr, ie_aoip_transp_addr->val, ie_aoip_transp_addr->len);
290 if (rc < 0) {
291 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Unable to decode AoIP Transport Layer Address\n");
292 return -EINVAL;
293 }
294
Pau Espin Pedrolf9c76e32020-09-02 19:25:55 +0200[diff] [blame]295 if (osmo_sockaddr_str_from_sockaddr(&ran_dec_msg.assignment_complete.remote_rtp, &rtp_addr)) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]296 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Assignment Complete: unable to decode remote RTP IP address\n");
297 return -EINVAL;
298 }
299 }
300
Pau Espin Pedrola3cdab42019-05-09 17:54:08 +0200[diff] [blame]301 if (ie_osmux_cid) {
302 rc = gsm0808_dec_osmux_cid(&ran_dec_msg.assignment_complete.osmux_cid, ie_osmux_cid->val, ie_osmux_cid->len);
303 if (rc < 0) {
304 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Unable to decode Osmux CID\n");
305 return -EINVAL;
306 }
307 ran_dec_msg.assignment_complete.osmux_present = true;
308 }
309
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]310 if (ie_speech_codec) {
311 /* Decode Speech Codec (Chosen) element */
312 rc = gsm0808_dec_speech_codec(&sc, ie_speech_codec->val, ie_speech_codec->len);
313 if (rc < 0) {
314 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Assignment Complete: unable to decode IE Speech Codec (Chosen)"
315 " (rc=%d).\n", rc);
316 return -EINVAL;
317 }
318 ran_dec_msg.assignment_complete.codec_present = true;
319 ran_dec_msg.assignment_complete.codec = ran_a_mgcp_codec_from_sc(&sc);
320 }
321
Neels Hofmeyr8a50cfb2019-10-21 03:01:00 +0200[diff] [blame]322 if (ie_codec_list_bss_supported) {
323 /* Decode Codec List (BSS Supported) */
324 rc = gsm0808_dec_speech_codec_list(&codec_list_bss_supported,
325 ie_codec_list_bss_supported->val, ie_codec_list_bss_supported->len);
326 if (rc < 0) {
327 LOG_RAN_A_DEC_MSG(LOGL_ERROR,
328 "Assignment Complete: unable to decode IE Codec List (BSS Supported)"
329 " (rc=%d), continuing anyway\n", rc);
330 /* This IE is not critical, do not abort with error. */
331 } else
332 ran_dec_msg.assignment_complete.codec_list_bss_supported = &codec_list_bss_supported;
333 }
334
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]335 return ran_decoded(ran_dec, &ran_dec_msg);
336}
337
338static int ran_a_decode_assignment_failure(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
339{
340 struct tlv_p_entry *ie_cause = TLVP_GET(tp, GSM0808_IE_CAUSE);
341 struct tlv_p_entry *ie_rr_cause = TLVP_GET(tp, GSM0808_IE_RR_CAUSE);
342 struct tlv_p_entry *ie_speech_codec_list = TLVP_GET(tp, GSM0808_IE_SPEECH_CODEC_LIST);
343 struct gsm0808_speech_codec_list scl;
344 struct ran_msg ran_dec_msg = {
345 .msg_type = RAN_MSG_ASSIGNMENT_FAILURE,
346 .msg_name = "BSSMAP Assignment Failure",
347 .assignment_failure = {
348 .bssap_cause = GSM0808_CAUSE_EQUIPMENT_FAILURE,
349 .rr_cause = GSM48_RR_CAUSE_ABNORMAL_UNSPEC,
350 },
351 };
352
353 if (ie_cause)
354 ran_dec_msg.assignment_failure.bssap_cause = ie_cause->val[0];
355 if (ie_rr_cause)
356 ran_dec_msg.assignment_failure.rr_cause = ie_rr_cause->val[0];
357
358 if (ie_speech_codec_list
359 && gsm0808_dec_speech_codec_list(&scl, ie_speech_codec_list->val, ie_speech_codec_list->len) == 0)
360 ran_dec_msg.assignment_failure.scl_bss_supported = &scl;
361
362 return ran_decoded(ran_dec, &ran_dec_msg);
363}
364
365static int ran_a_decode_sapi_n_reject(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
366{
367 struct tlv_p_entry *ie_cause = TLVP_GET(tp, GSM0808_IE_CAUSE);
368 struct tlv_p_entry *ie_dlci = TLVP_GET(tp, GSM0808_IE_DLCI);
369 struct ran_msg ran_dec_msg = {
370 .msg_type = RAN_MSG_SAPI_N_REJECT,
371 .msg_name = "BSSMAP SAPI-N Reject",
372 };
373
374 /* Note: The MSC code seems not to care about the cause code, but by
375 * the specification it is mandatory, so we check its presence. See
376 * also 3GPP TS 48.008 3.2.1.34 SAPI "n" REJECT */
377 if (!ie_cause) {
378 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "SAPI-N Reject: cause code IE is missing, discarding message\n");
379 return -EINVAL;
380 }
381 ran_dec_msg.sapi_n_reject.bssap_cause = ie_cause->val[0];
382
383 if (!ie_dlci) {
384 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "SAPI-N Reject: DLCI IE is missing, discarding message\n");
385 return -EINVAL;
386 }
387 ran_dec_msg.sapi_n_reject.dlci = ie_dlci->val[0];
388
389 return ran_decoded(ran_dec, &ran_dec_msg);
390}
391
392static int ran_a_decode_lcls_notification(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
393{
394 const struct tlv_p_entry *ie_lcls_bss_status = TLVP_GET(tp, GSM0808_IE_LCLS_BSS_STATUS);
395 const struct tlv_p_entry *ie_lcls_break_req = TLVP_GET(tp, GSM0808_IE_LCLS_BREAK_REQ);
396 struct ran_msg ran_dec_msg;
397
398 /* Either §3.2.2.119 LCLS-BSS-Status or §3.2.2.120 LCLS-Break-Request shall be present */
Vadim Yanitskiy18e8b392019-05-11 04:22:55 +0700[diff] [blame]399 if (ie_lcls_bss_status && !ie_lcls_break_req) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]400 ran_dec_msg = (struct ran_msg){
401 .msg_type = RAN_MSG_LCLS_STATUS,
402 .msg_name = "BSSMAP LCLS Notification (LCLS Status)",
403 .lcls_status = {
404 .status = ie_lcls_bss_status->len ?
405 ie_lcls_bss_status->val[0] : GSM0808_LCLS_STS_NA,
406 },
407 };
408 return ran_decoded(ran_dec, &ran_dec_msg);
Vadim Yanitskiy18e8b392019-05-11 04:22:55 +0700[diff] [blame]409 } else if (ie_lcls_break_req && !ie_lcls_bss_status) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]410 ran_dec_msg = (struct ran_msg){
411 .msg_type = RAN_MSG_LCLS_BREAK_REQ,
412 .msg_name = "BSSMAP LCLS Notification (LCLS Break Req)",
413 .lcls_break_req = {
414 .todo = 23,
415 },
416 };
417 return ran_decoded(ran_dec, &ran_dec_msg);
418 }
419
Vadim Yanitskiy18e8b392019-05-11 04:22:55 +0700[diff] [blame]420 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "Ignoring broken LCLS Notification message\n");
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]421 return -EINVAL;
422}
423
424static int ran_a_decode_handover_required(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
425{
426 const struct tlv_p_entry *ie_cause = TLVP_GET(tp, GSM0808_IE_CAUSE);
427 const struct tlv_p_entry *ie_cil = TLVP_GET(tp, GSM0808_IE_CELL_IDENTIFIER_LIST);
428 struct ran_msg ran_dec_msg = {
429 .msg_type = RAN_MSG_HANDOVER_REQUIRED,
430 .msg_name = "BSSMAP Handover Required",
431 };
432 /* On decoding failures, dispatch an invalid RAN_MSG_HANDOVER_REQUIRED so msc_a can pass down a
433 * BSS_MAP_MSG_HANDOVER_REQUIRED_REJECT message. */
434
435 if (ie_cause)
436 ran_dec_msg.handover_required.cause = ie_cause->val[0];
437 else
438 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Cause IE missing\n");
439
440 if (!ie_cil
441 || gsm0808_dec_cell_id_list2(&ran_dec_msg.handover_required.cil, ie_cil->val, ie_cil->len) <= 0) {
442 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "No or invalid Cell Identifier List IE\n");
443 ran_dec_msg.handover_required.cil = (struct gsm0808_cell_id_list2){};
444 }
445
446 return ran_decoded(ran_dec, &ran_dec_msg);
447}
448
449static uint8_t a5_encryption_mask_from_gsm0808_chosen_enc_alg(enum gsm0808_chosen_enc_alg val)
450{
451 return 1 << val;
452}
453
454static int ran_a_decode_handover_request(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
455{
456 struct osmo_gsm48_classmark classmark = {};
457 struct ran_msg ran_dec_msg = {
458 .msg_type = RAN_MSG_HANDOVER_REQUEST,
459 .msg_name = "BSSMAP Handover Request",
460 .handover_request = {
461 .classmark = &classmark,
462 },
463 };
464 struct ran_handover_request *r = &ran_dec_msg.handover_request;
465
466 const struct tlv_p_entry *ie_channel_type = TLVP_GET(tp, GSM0808_IE_CHANNEL_TYPE);
467 const struct tlv_p_entry *ie_encryption_information = TLVP_GET(tp, GSM0808_IE_ENCRYPTION_INFORMATION);
468 const struct tlv_p_entry *ie_classmark1 = TLVP_GET(tp, GSM0808_IE_CLASSMARK_INFORMATION_TYPE_1);
469 const struct tlv_p_entry *ie_classmark2 = TLVP_GET(tp, GSM0808_IE_CLASSMARK_INFORMATION_T2);
470 const struct tlv_p_entry *ie_cell_id_serving = TLVP_GET(&tp[0], GSM0808_IE_CELL_IDENTIFIER);
471 const struct tlv_p_entry *ie_cell_id_target = TLVP_GET(&tp[1], GSM0808_IE_CELL_IDENTIFIER);
472 const struct tlv_p_entry *ie_cause = TLVP_GET(tp, GSM0808_IE_CAUSE);
473 const struct tlv_p_entry *ie_classmark3 = TLVP_GET(tp, GSM0808_IE_CLASSMARK_INFORMATION_T3);
474 const struct tlv_p_entry *ie_current_channel_type_1 = TLVP_GET(tp, GSM0808_IE_CURRENT_CHANNEL_TYPE_1);
475 const struct tlv_p_entry *ie_speech_version_used = TLVP_GET(tp, GSM0808_IE_SPEECH_VERSION);
476 const struct tlv_p_entry *ie_chosen_encr_alg_serving = TLVP_GET(tp, GSM0808_IE_CHOSEN_ENCR_ALG);
477 const struct tlv_p_entry *ie_old_bss_to_new_bss_info = TLVP_GET(tp, GSM0808_IE_OLD_BSS_TO_NEW_BSS_INFORMATION);
478 const struct tlv_p_entry *ie_imsi = TLVP_GET(tp, GSM0808_IE_IMSI);
479 const struct tlv_p_entry *ie_aoip_transp_addr = TLVP_GET(tp, GSM0808_IE_AOIP_TRASP_ADDR);
480 const struct tlv_p_entry *ie_codec_list_msc_preferred = TLVP_GET(tp, GSM0808_IE_SPEECH_CODEC_LIST);
481 const struct tlv_p_entry *ie_call_id = TLVP_GET(tp, GSM0808_IE_CALL_ID);
Neels Hofmeyrdb07fdc2021-06-09 22:27:47 +0200[diff] [blame]482 const struct tlv_p_entry *ie_kc128 = TLVP_GET(tp, GSM0808_IE_KC_128);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]483 const struct tlv_p_entry *ie_global_call_ref = TLVP_GET(tp, GSM0808_IE_GLOBAL_CALL_REF);
484
485 struct gsm0808_channel_type channel_type;
486 struct gsm0808_encrypt_info encr_info;
487 struct gsm0808_speech_codec_list scl;
488 struct geran_encr geran_encr = {};
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]489 struct osmo_sockaddr_str rtp_ran_local;
490
491 if (!ie_channel_type) {
492 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory IE missing: Channel Type\n");
493 return -EINVAL;
494 }
495 if (gsm0808_dec_channel_type(&channel_type, ie_channel_type->val, ie_channel_type->len) <= 0) {
496 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Failed to decode Channel Type IE\n");
497 return -EINVAL;
498 }
499 r->geran.channel_type = &channel_type;
500
501 if (ie_encryption_information) {
502 int i;
503 if (gsm0808_dec_encrypt_info(&encr_info, ie_encryption_information->val, ie_encryption_information->len)
504 <= 0) {
Martin Hauke3f07dac2019-11-14 17:49:08 +0100[diff] [blame]505 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Failed to decode Encryption Information IE\n");
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]506 return -EINVAL;
507 }
508
509 for (i = 0; i < encr_info.perm_algo_len; i++) {
510 r->geran.a5_encryption_mask |=
511 a5_encryption_mask_from_gsm0808_chosen_enc_alg(encr_info.perm_algo[i]);
512 }
513
514 if (encr_info.key_len > sizeof(geran_encr.key)) {
Martin Hauke3f07dac2019-11-14 17:49:08 +0100[diff] [blame]515 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Failed to decode Encryption Information IE:"
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]516 " encryption key is too long: %u\n", geran_encr.key_len);
517 return -EINVAL;
518 }
519
520 if (encr_info.key_len) {
521 memcpy(geran_encr.key, encr_info.key, encr_info.key_len);
522 geran_encr.key_len = encr_info.key_len;
523 }
524
Neels Hofmeyrdb07fdc2021-06-09 22:27:47 +0200[diff] [blame]525 if (ie_kc128) {
526 memcpy(geran_encr.kc128, ie_kc128->val, 16);
527 geran_encr.kc128_present = true;
528 }
529
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]530 r->geran.chosen_encryption = &geran_encr;
531 }
532
533 if (!ie_classmark1 && !ie_classmark2) {
534 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory IE missing: either Classmark Information 1"
535 " or Classmark Information 2 must be included\n");
536 return -EINVAL;
537 }
538
539 if (ie_classmark1) {
540 if (ie_classmark1->len != sizeof(classmark.classmark1)) {
541 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Invalid size for Classmark 1: %u, expected %zu\n",
542 ie_classmark1->len, sizeof(classmark.classmark1));
543 return -EINVAL;
544 }
545 memcpy((uint8_t*)&classmark.classmark1, ie_classmark1->val, ie_classmark1->len);
546 classmark.classmark1_set = true;
547 }
548
549 if (ie_classmark2) {
550 uint8_t len = OSMO_MIN(ie_classmark2->len, sizeof(classmark.classmark2));
551 memcpy((uint8_t*)&classmark.classmark2, ie_classmark2->val, len);
552 classmark.classmark2_len = len;
553 }
554
555 if (!ie_cell_id_serving) {
556 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory IE missing: Cell Identifier (Serving)\n");
557 return -EINVAL;
558 }
559 if (gsm0808_dec_cell_id(&r->cell_id_serving, ie_cell_id_serving->val,
560 ie_cell_id_serving->len) <= 0) {
561 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Failed to decode Cell Identifier (Serving) IE\n");
562 return -EINVAL;
563 }
564
565 if (!ie_cell_id_target) {
566 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory IE missing: Cell Identifier (Target)\n");
567 return -EINVAL;
568 }
569 if (gsm0808_dec_cell_id(&r->cell_id_target, ie_cell_id_target->val,
570 ie_cell_id_target->len) <= 0) {
571 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Failed to decode Cell Identifier (Target) IE\n");
572 return -EINVAL;
573 }
574
575 if (ie_cause)
576 r->bssap_cause = ie_cause->val[0];
577
578 if (ie_classmark3) {
579 uint8_t len = OSMO_MIN(ie_classmark3->len, sizeof(classmark.classmark3));
580 memcpy(classmark.classmark3, ie_classmark3->val, len);
581 classmark.classmark3_len = len;
582 }
583
584 if (ie_current_channel_type_1) {
585 r->current_channel_type_1 = ie_current_channel_type_1->val[0];
586 r->current_channel_type_1_present = true;
587 }
588
589 if (ie_speech_version_used) {
590 r->speech_version_used = ie_speech_version_used->val[0];
591 }
592
593 if (ie_chosen_encr_alg_serving && ie_chosen_encr_alg_serving->len) {
594 geran_encr.alg_id = ie_chosen_encr_alg_serving->val[0];
595 r->geran.chosen_encryption = &geran_encr;
596 }
597
598 if (ie_old_bss_to_new_bss_info) {
599 r->old_bss_to_new_bss_info_raw = ie_old_bss_to_new_bss_info->val;
600 r->old_bss_to_new_bss_info_raw_len = ie_old_bss_to_new_bss_info->len;
601 }
602
603 if (ie_imsi) {
Neels Hofmeyr46d526a2020-05-29 03:27:50 +0200[diff] [blame]604 struct osmo_mobile_identity mi;
605 if (osmo_mobile_identity_decode(&mi, ie_imsi->val, ie_imsi->len, false)
606 || mi.type != GSM_MI_TYPE_IMSI)
607 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "IE IMSI: cannot decode IMSI identity\n");
608 else
609 r->imsi = mi.imsi;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]610 }
611
612 if (ie_aoip_transp_addr) {
Pau Espin Pedrol06327172020-09-04 16:37:14 +0200[diff] [blame]613 struct sockaddr_storage rtp_addr;
614 if (gsm0808_dec_aoip_trasp_addr(&rtp_addr, ie_aoip_transp_addr->val, ie_aoip_transp_addr->len) < 0)
615 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "unable to decode AoIP transport address\n");
616 else if (osmo_sockaddr_str_from_sockaddr(&rtp_ran_local, &rtp_addr) < 0)
617 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "unable to decode remote RTP IP address\n");
618 else
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]619 r->rtp_ran_local = &rtp_ran_local;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]620 }
621
622 if (ie_codec_list_msc_preferred
623 && gsm0808_dec_speech_codec_list(&scl, ie_codec_list_msc_preferred->val,
624 ie_codec_list_msc_preferred->len) == 0)
625 r->codec_list_msc_preferred = &scl;
626
627 if (ie_call_id && ie_call_id->len == 4) {
628 r->call_id = osmo_load32le(ie_call_id->val);
629 r->call_id_present = true;
630 }
631
632 if (ie_global_call_ref) {
633 r->global_call_reference = ie_global_call_ref->val;
634 r->global_call_reference_len = ie_global_call_ref->len;
635 }
636
637 return ran_decoded(ran_dec, &ran_dec_msg);
638}
639
640static int ran_a_decode_handover_request_ack(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
641{
642 struct ran_msg ran_dec_msg = {
643 .msg_type = RAN_MSG_HANDOVER_REQUEST_ACK,
644 .msg_name = "BSSMAP Handover Request Acknowledge",
645 };
646 const struct tlv_p_entry *ie_l3_info = TLVP_GET(tp, GSM0808_IE_LAYER_3_INFORMATION);
647 const struct tlv_p_entry *ie_aoip_transp_addr = TLVP_GET(tp, GSM0808_IE_AOIP_TRASP_ADDR);
648 const struct tlv_p_entry *ie_speech_codec = TLVP_GET(tp, GSM0808_IE_SPEECH_CODEC);
649 const struct tlv_p_entry *ie_chosen_channel = TLVP_GET(tp, GSM0808_IE_CHOSEN_CHANNEL);
650 const struct tlv_p_entry *ie_chosen_encr_alg = TLVP_GET(tp, GSM0808_IE_CHOSEN_ENCR_ALG);
651 const struct tlv_p_entry *ie_chosen_speech_version = TLVP_GET(tp, GSM0808_IE_SPEECH_VERSION);
652
653 /* On missing mandatory IEs, dispatch an invalid RAN_MSG_HANDOVER_REQUEST_ACK so msc_a can act on the failure. */
654
655 if (ie_l3_info) {
656 ran_dec_msg.handover_request_ack.rr_ho_command = ie_l3_info->val;
657 ran_dec_msg.handover_request_ack.rr_ho_command_len = ie_l3_info->len;
658 }
659
660 if (ie_chosen_channel) {
661 ran_dec_msg.handover_request_ack.chosen_channel_present = true;
662 ran_dec_msg.handover_request_ack.chosen_channel = *ie_chosen_channel->val;
663 }
664
665 if (ie_chosen_encr_alg) {
666 ran_dec_msg.handover_request_ack.chosen_encr_alg = *ie_chosen_encr_alg->val;
667 if (ran_dec_msg.handover_request_ack.chosen_encr_alg < 1
668 || ran_dec_msg.handover_request_ack.chosen_encr_alg > 8) {
669 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "invalid Chosen Encryption Algorithm: %u\n",
670 ran_dec_msg.handover_request_ack.chosen_encr_alg);
671 }
672 }
673
674 if (ie_chosen_speech_version) {
675 struct gsm0808_speech_codec sc;
676 ran_dec_msg.handover_request_ack.chosen_speech_version = ie_chosen_speech_version->val[0];
677
678 /* the codec may be extrapolated from this Speech Version or below from Speech Codec */
679 gsm0808_speech_codec_from_chan_type(&sc, ran_dec_msg.handover_request_ack.chosen_speech_version);
680 ran_dec_msg.handover_request_ack.codec_present = true;
681 ran_dec_msg.handover_request_ack.codec = ran_a_mgcp_codec_from_sc(&sc);
682 }
683
684 if (ie_aoip_transp_addr) {
Pau Espin Pedrol06327172020-09-04 16:37:14 +0200[diff] [blame]685 struct sockaddr_storage rtp_addr;
686 if (gsm0808_dec_aoip_trasp_addr(&rtp_addr, ie_aoip_transp_addr->val, ie_aoip_transp_addr->len) < 0) {
687 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "unable to decode AoIP transport address\n");
688 } else if (osmo_sockaddr_str_from_sockaddr(&ran_dec_msg.handover_request_ack.remote_rtp,
689 &rtp_addr)) {
690 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "unable to decode remote RTP IP address\n");
691 ran_dec_msg.handover_request_ack.remote_rtp = (struct osmo_sockaddr_str){};
692 }
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]693 }
694
695 if (ie_speech_codec) {
696 struct gsm0808_speech_codec sc;
697 if (gsm0808_dec_speech_codec(&sc, ie_speech_codec->val, ie_speech_codec->len) < 0)
698 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "unable to decode IE Speech Codec (Chosen)\n");
699 else {
700 /* the codec may be extrapolated from above Speech Version or from this Speech Codec */
701 ran_dec_msg.handover_request_ack.codec_present = true;
702 ran_dec_msg.handover_request_ack.codec = ran_a_mgcp_codec_from_sc(&sc);
703 }
704 }
705
706 return ran_decoded(ran_dec, &ran_dec_msg);
707}
708
709static int ran_a_decode_handover_detect(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
710{
711 struct ran_msg ran_dec_msg = {
712 .msg_type = RAN_MSG_HANDOVER_DETECT,
713 .msg_name = "BSSMAP Handover Detect",
714 };
715
716 return ran_decoded(ran_dec, &ran_dec_msg);
717}
718
719static int ran_a_decode_handover_succeeded(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
720{
721 struct ran_msg ran_dec_msg = {
722 .msg_type = RAN_MSG_HANDOVER_SUCCEEDED,
723 .msg_name = "BSSMAP Handover Succeeded",
724 };
725
726 return ran_decoded(ran_dec, &ran_dec_msg);
727}
728
729static int ran_a_decode_handover_complete(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
730{
731 struct ran_msg ran_dec_msg = {
732 .msg_type = RAN_MSG_HANDOVER_COMPLETE,
733 .msg_name = "BSSMAP Handover Complete",
734 };
735
736 return ran_decoded(ran_dec, &ran_dec_msg);
737}
738
739static int ran_a_decode_handover_failure(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
740{
741 struct ran_msg ran_dec_msg = {
742 .msg_type = RAN_MSG_HANDOVER_FAILURE,
743 .msg_name = "BSSMAP Handover Failure",
744 };
745
746 return ran_decoded(ran_dec, &ran_dec_msg);
747}
748
749static int ran_a_decode_bssmap(struct ran_dec *ran_dec, struct msgb *bssmap)
750{
751 struct tlv_parsed tp[2];
752 int rc;
753 struct bssmap_header *h = msgb_l2(bssmap);
754 uint8_t msg_type;
755 bssmap->l3h = bssmap->l2h + sizeof(*h);
756
757 if (msgb_l3len(bssmap) < 1) {
758 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "No data received, discarding message\n");
759 return -1;
760 }
761
762 if (msgb_l3len(bssmap) < h->length) {
Neels Hofmeyrf0923012019-08-22 17:19:49 +0200[diff] [blame]763 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "BSSMAP data truncated, discarding message:"
764 " msgb_l3len(bssmap) == %u < bssmap_header->length == %u\n",
765 msgb_l3len(bssmap), h->length);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]766 return -1;
767 }
768
769 if (msgb_l3len(bssmap) > h->length) {
Neels Hofmeyrf0923012019-08-22 17:19:49 +0200[diff] [blame]770 LOG_RAN_A_DEC(ran_dec, LOGL_NOTICE, "There are %u extra bytes after the BSSMAP data, truncating:"
771 " msgb_l3len(bssmap) == %u > bssmap_header->length == %u\n",
772 msgb_l3len(bssmap) - h->length,
773 msgb_l3len(bssmap), h->length);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]774 msgb_l3trim(bssmap, h->length);
775 }
776
777 /* h->type == BSSAP_MSG_BSS_MANAGEMENT; h->length is the data length,
778 * which starts with the MAP msg_type, followed by IEs. */
779 msg_type = bssmap->l3h[0];
780 rc = osmo_bssap_tlv_parse2(tp, ARRAY_SIZE(tp), bssmap->l3h + 1, h->length - 1);
781 if (rc < 0) {
782 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "Failed parsing TLV, discarding message\n");
783 return -EINVAL;
784 }
785
Neels Hofmeyr72fc7062019-10-08 06:24:17 +0200[diff] [blame]786 LOG_RAN_A_DEC(ran_dec, LOGL_DEBUG, "%s\n", gsm0808_bssmap_name(msg_type));
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]787
788 switch (msg_type) {
789 case BSS_MAP_MSG_COMPLETE_LAYER_3:
790 return ran_a_decode_l3_compl(ran_dec, bssmap, tp);
791 case BSS_MAP_MSG_CLEAR_RQST:
792 return ran_a_decode_clear_request(ran_dec, bssmap, tp);
793 case BSS_MAP_MSG_CLEAR_COMPLETE:
794 return ran_a_decode_clear_complete(ran_dec, bssmap, tp);
795 case BSS_MAP_MSG_CLASSMARK_UPDATE:
796 return ran_a_decode_classmark_update(ran_dec, bssmap, tp);
797 case BSS_MAP_MSG_CIPHER_MODE_COMPLETE:
798 return ran_a_decode_cipher_mode_complete(ran_dec, bssmap, tp);
799 case BSS_MAP_MSG_CIPHER_MODE_REJECT:
800 return ran_a_decode_cipher_mode_reject(ran_dec, bssmap, tp);
801 case BSS_MAP_MSG_ASSIGMENT_COMPLETE:
802 rc = ran_a_decode_assignment_complete(ran_dec, bssmap, tp);
803 if (rc < 0) {
804 struct ran_msg ran_dec_msg = {
805 .msg_type = RAN_MSG_ASSIGNMENT_FAILURE,
806 .msg_name = "BSSMAP Assignment Complete but failed to decode",
807 .clear_request = {
808 .bssap_cause = GSM0808_CAUSE_EQUIPMENT_FAILURE,
809 },
810 };
811 ran_decoded(ran_dec, &ran_dec_msg);
812 }
813 return rc;
814 case BSS_MAP_MSG_ASSIGMENT_FAILURE:
815 return ran_a_decode_assignment_failure(ran_dec, bssmap, tp);
816 case BSS_MAP_MSG_SAPI_N_REJECT:
817 return ran_a_decode_sapi_n_reject(ran_dec, bssmap, tp);
818 case BSS_MAP_MSG_LCLS_NOTIFICATION:
819 return ran_a_decode_lcls_notification(ran_dec, bssmap, tp);
820
821 /* From current RAN peer, the Handover origin: */
822 case BSS_MAP_MSG_HANDOVER_REQUIRED:
823 return ran_a_decode_handover_required(ran_dec, bssmap, tp);
824
825 /* From current MSC to remote handover target MSC */
826 case BSS_MAP_MSG_HANDOVER_RQST:
827 return ran_a_decode_handover_request(ran_dec, bssmap, tp);
828
829 /* From potential new RAN peer, the Handover target: */
830 case BSS_MAP_MSG_HANDOVER_RQST_ACKNOWLEDGE:
831 return ran_a_decode_handover_request_ack(ran_dec, bssmap, tp);
832 case BSS_MAP_MSG_HANDOVER_DETECT:
833 return ran_a_decode_handover_detect(ran_dec, bssmap, tp);
834 case BSS_MAP_MSG_HANDOVER_SUCCEEDED:
835 return ran_a_decode_handover_succeeded(ran_dec, bssmap, tp);
836 case BSS_MAP_MSG_HANDOVER_COMPLETE:
837 return ran_a_decode_handover_complete(ran_dec, bssmap, tp);
838
839 /* From any Handover peer: */
840 case BSS_MAP_MSG_HANDOVER_FAILURE:
841 return ran_a_decode_handover_failure(ran_dec, bssmap, tp);
842
843 default:
844 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "Unimplemented msg type: %s\n", gsm0808_bssmap_name(msg_type));
845 return -EINVAL;
846 }
847
848 return -EINVAL;
849}
850
851static int ran_a_decode_l3(struct ran_dec *ran_dec, struct msgb *l3)
852{
853 struct dtap_header *dtap = msgb_l2(l3);
854 struct ran_msg ran_dec_msg = {
855 .msg_type = RAN_MSG_DTAP,
856 .msg_name = "BSSAP DTAP",
857 .dtap = l3,
858 };
859 l3->l3h = l3->l2h + sizeof(struct dtap_header);
860 OMSC_LINKID_CB(l3) = dtap->link_id;
861 return ran_decoded(ran_dec, &ran_dec_msg);
862}
863
864int ran_a_decode_l2(struct ran_dec *ran_dec, struct msgb *bssap)
865{
866 uint8_t bssap_type;
867 OSMO_ASSERT(bssap);
868
869 if (!msgb_l2(bssap) || !msgb_l2len(bssap)) {
870 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "Cannot decode L2, msg->l2h is unset / empty: %s\n",
871 msgb_hexdump(bssap));
872 return -EINVAL;
873 }
874
875 if (msgb_l2len(bssap) < sizeof(struct bssmap_header)) {
876 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "The header is too short -- discarding message\n");
877 return -EINVAL;
878 }
879
880 bssap_type = bssap->l2h[0];
881 switch (bssap_type) {
882 case BSSAP_MSG_BSS_MANAGEMENT:
883 return ran_a_decode_bssmap(ran_dec, bssap);
884 case BSSAP_MSG_DTAP:
885 return ran_a_decode_l3(ran_dec, bssap);
886 default:
887 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "Unimplemented BSSAP msg type: %s\n", gsm0808_bssap_name(bssap_type));
888 return -EINVAL;
889 }
890}
891
892static struct msgb *ran_a_wrap_dtap(struct msgb *dtap)
893{
894 struct msgb *an_apdu;
895 dtap->l3h = dtap->data;
896 an_apdu = gsm0808_create_dtap(dtap, OMSC_LINKID_CB(dtap));
897 an_apdu->l2h = an_apdu->data;
898 msgb_free(dtap);
899 return an_apdu;
900}
901
902static int ran_a_channel_type_to_speech_codec_list(struct gsm0808_speech_codec_list *scl, const struct gsm0808_channel_type *ct)
903{
904 unsigned int i;
905 int rc;
906
907 memset(scl, 0, sizeof(*scl));
908 for (i = 0; i < ct->perm_spch_len; i++) {
909 rc = gsm0808_speech_codec_from_chan_type(&scl->codec[i], ct->perm_spch[i]);
910 if (rc != 0)
911 return -EINVAL;
912 }
913 scl->len = i;
914
915 return 0;
916}
917
Pau Espin Pedrola3cdab42019-05-09 17:54:08 +0200[diff] [blame]918static void _gsm0808_assignment_extend_osmux(struct msgb *msg, uint8_t cid)
919{
920 OSMO_ASSERT(msg->l3h[1] == msgb_l3len(msg) - 2); /*TL not in len */
921 msgb_tv_put(msg, GSM0808_IE_OSMO_OSMUX_CID, cid);
922 msg->l3h[1] = msgb_l3len(msg) - 2;
923}
924
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]925/* Compose a BSSAP Assignment Command.
926 * Passing an RTP address is optional.
927 * The msub is passed merely for error logging. */
928static struct msgb *ran_a_make_assignment_command(struct osmo_fsm_inst *log_fi,
929 const struct ran_assignment_command *ac)
930{
931 struct gsm0808_speech_codec_list scl;
932 struct gsm0808_speech_codec_list *use_scl = NULL;
933 struct sockaddr_storage rtp_addr;
934 struct sockaddr_storage *use_rtp_addr = NULL;
Pau Espin Pedrola3cdab42019-05-09 17:54:08 +0200[diff] [blame]935 struct msgb *msg;
Philipp Maierf34d9452020-06-05 15:49:35 +0200[diff] [blame]936 const uint32_t *call_id = NULL;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]937 int rc;
938
939 if (!ac->channel_type) {
940 LOG_RAN_A_ENC(log_fi, LOGL_ERROR, "Assignment Command: missing Channel Type\n");
941 return NULL;
942 }
943
944 if (ac->channel_type->ch_indctr == GSM0808_CHAN_SPEECH) {
945 rc = ran_a_channel_type_to_speech_codec_list(&scl, ac->channel_type);
946 if (rc < 0) {
947 LOG_RAN_A_ENC(log_fi, LOGL_ERROR, "Assignment Command: Cannot translate Channel Type to Speech Codec List\n");
948 return NULL;
949 }
950 use_scl = &scl;
951
952 /* Package RTP-Address data */
Neels Hofmeyr84ce2062019-10-05 05:15:25 +0200[diff] [blame]953 if (osmo_sockaddr_str_is_nonzero(ac->cn_rtp)) {
Pau Espin Pedrold35abfa2020-08-31 20:44:50 +0200[diff] [blame]954 struct sockaddr_in *sin;
955 struct sockaddr_in6 *sin6;
956 int family = osmo_ip_str_type(ac->cn_rtp->ip);
957 switch (family) {
958 case AF_INET:
959 sin = (struct sockaddr_in *)&rtp_addr;
960 sin->sin_family = AF_INET;
961 sin->sin_port = osmo_htons(ac->cn_rtp->port);
962 if (inet_pton(AF_INET, ac->cn_rtp->ip, &sin->sin_addr) != 1) {
963 LOG_RAN_A_ENC(log_fi, LOGL_ERROR,
964 "Assignment Command: Invalid RTP-Address %s\n",
965 ac->cn_rtp->ip);
966 return NULL;
967 }
968 if (sin->sin_port == 0) {
969 LOG_RAN_A_ENC(log_fi, LOGL_ERROR,
970 "Assignment Command: Invalid RTP-Port\n");
971 return NULL;
972 }
973 break;
974 case AF_INET6:
975 sin6 = (struct sockaddr_in6 *)&rtp_addr;
976 sin6->sin6_family = AF_INET6;
977 sin6->sin6_port = osmo_htons(ac->cn_rtp->port);
978 if (inet_pton(AF_INET6, ac->cn_rtp->ip, &sin6->sin6_addr) != 1) {
979 LOG_RAN_A_ENC(log_fi, LOGL_ERROR,
980 "Assignment Command: Invalid RTP-Address %s\n",
981 ac->cn_rtp->ip);
982 return NULL;
983 }
984 if (sin6->sin6_port == 0) {
985 LOG_RAN_A_ENC(log_fi, LOGL_ERROR,
986 "Assignment Command: Invalid RTP-Port\n");
987 return NULL;
988 }
989 break;
990 default:
991 LOG_RAN_A_ENC(log_fi, LOGL_ERROR,
992 "Assignment Command: Invalid RTP-Address type for %s\n",
993 ac->cn_rtp->ip);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]994 return NULL;
995 }
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]996 use_rtp_addr = &rtp_addr;
997 }
998 }
999
Philipp Maierf34d9452020-06-05 15:49:35 +0200[diff] [blame]1000 if(ac->call_id_present == true)
1001 call_id = &ac->call_id;
1002
Keith Whytea1a70be2021-05-16 02:59:52 +0200[diff] [blame]1003 msg = gsm0808_create_ass2(ac->channel_type, NULL, use_rtp_addr, use_scl, call_id,
1004 NULL, ac->lcls);
Pau Espin Pedrola3cdab42019-05-09 17:54:08 +0200[diff] [blame]1005 if (ac->osmux_present)
1006 _gsm0808_assignment_extend_osmux(msg, ac->osmux_cid);
1007 return msg;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1008}
1009
1010/* For an A5/N number a5_n set dst to the matching GSM0808_ALG_ID_A5_<n>. */
1011static int a5_n_to_gsm0808_chosen_enc_alg(uint8_t *dst, int a5_n)
1012{
1013 switch (a5_n) {
1014 case 0:
1015 *dst = GSM0808_ALG_ID_A5_0;
1016 return 0;
1017 case 1:
1018 *dst = GSM0808_ALG_ID_A5_1;
1019 return 0;
1020 case 2:
1021 *dst = GSM0808_ALG_ID_A5_2;
1022 return 0;
1023 case 3:
1024 *dst = GSM0808_ALG_ID_A5_3;
1025 return 0;
Neels Hofmeyr6ce2edc2021-06-09 22:26:11 +0200[diff] [blame]1026 case 4:
1027 *dst = GSM0808_ALG_ID_A5_4;
1028 return 0;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1029 default:
1030 return -ENOTSUP;
1031 }
1032}
1033
1034static int make_encrypt_info_perm_algo(struct osmo_fsm_inst *fi, struct gsm0808_encrypt_info *ei,
1035 uint8_t a5_encryption_mask, const struct osmo_gsm48_classmark *cm)
1036{
1037 int i;
1038 int j = 0;
1039 for (i = 0; i < 8; i++) {
1040 int supported;
1041
1042 /* A5/n permitted by osmo-msc.cfg? */
1043 if (!(a5_encryption_mask & (1 << i)))
1044 continue;
1045
1046 /* A5/n supported by MS? */
1047 supported = osmo_gsm48_classmark_supports_a5(cm, i);
1048 if (supported != 1)
1049 continue;
1050
1051 if (a5_n_to_gsm0808_chosen_enc_alg(&ei->perm_algo[j], i)) {
1052 LOG_RAN_A_ENC(fi, LOGL_ERROR, "Not supported: A5/%d algorithm\n", i);
1053 return -1;
1054 }
1055 j++;
1056 ei->perm_algo_len = j;
1057 }
1058 return 0;
1059}
1060
1061/* For ran_a_make_cipher_mode_command(), for
1062 * memcpy(ei.key, cm->vec->kc, sizeof(cm->vec->kc));
1063 */
1064osmo_static_assert(sizeof(((struct gsm0808_encrypt_info*)0)->key) >= sizeof(((struct osmo_auth_vector*)0)->kc),
1065 gsm0808_encrypt_info_key_fits_osmo_auth_vec_kc);
1066static struct msgb *ran_a_make_cipher_mode_command(struct osmo_fsm_inst *fi, const struct ran_cipher_mode_command *cm)
1067{
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1068 struct gsm0808_cipher_mode_command cmc = {
1069 .cipher_response_mode_present = true,
1070 .cipher_response_mode = 1, /* 1: include IMEISV (3GPP TS 48.008 3.2.2.34) */
1071 };
1072 struct gsm0808_encrypt_info *ei = &cmc.ei;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1073 char buf[16 * 2 + 1];
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1074
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1075 if (make_encrypt_info_perm_algo(fi, ei, cm->geran.a5_encryption_mask, cm->classmark))
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1076 return NULL;
1077
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1078 if (ei->perm_algo_len == 0) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1079 LOG_RAN_A_ENC(fi, LOGL_ERROR, "cannot start ciphering, no intersection between MSC-configured"
1080 " and MS-supported A5 algorithms. MSC: 0x%02x MS: %s\n",
1081 cm->geran.a5_encryption_mask, osmo_gsm48_classmark_a5_name(cm->classmark));
1082 return NULL;
1083 }
1084
1085 /* In case of UMTS AKA, the Kc for ciphering must be derived from the 3G auth
1086 * tokens. vec->kc was calculated from the GSM algorithm and is not
1087 * necessarily a match for the UMTS AKA tokens. */
Neels Hofmeyr6ce2edc2021-06-09 22:26:11 +0200[diff] [blame]1088 if (cm->geran.umts_aka) {
1089 int i;
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1090 osmo_auth_c3(ei->key, cm->vec->ck, cm->vec->ik);
Neels Hofmeyr6ce2edc2021-06-09 22:26:11 +0200[diff] [blame]1091
1092 for (i = 0; i < ei->perm_algo_len; i++) {
1093 if (ei->perm_algo[i] != GSM0808_ALG_ID_A5_4)
1094 continue;
1095 /* A5/4 is included, so need to generate Kc128 */
1096 osmo_kdf_kc128(cm->vec->ck, cm->vec->ik, cmc.kc128);
1097 cmc.kc128_present = true;
1098 break;
1099 }
1100 } else {
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1101 memcpy(ei->key, cm->vec->kc, sizeof(cm->vec->kc));
Neels Hofmeyr6ce2edc2021-06-09 22:26:11 +0200[diff] [blame]1102 }
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1103 ei->key_len = sizeof(cm->vec->kc);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1104
1105 /* Store chosen GERAN key where the caller asked it to be stored.
1106 * alg_id remains unknown until we receive a Cipher Mode Complete from the BSC */
1107 if (cm->geran.chosen_key) {
Neels Hofmeyr6ce2edc2021-06-09 22:26:11 +0200[diff] [blame]1108 *cm->geran.chosen_key = (struct geran_encr){0};
1109
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1110 if (ei->key_len > sizeof(cm->geran.chosen_key->key)) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1111 LOG_RAN_A_ENC(fi, LOGL_ERROR, "Chosen key is larger than I can store\n");
1112 return NULL;
1113 }
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1114 memcpy(cm->geran.chosen_key->key, ei->key, ei->key_len);
1115 cm->geran.chosen_key->key_len = ei->key_len;
Neels Hofmeyr6ce2edc2021-06-09 22:26:11 +0200[diff] [blame]1116
1117 if (cmc.kc128_present) {
1118 memcpy(cm->geran.chosen_key->kc128, cmc.kc128, 16);
1119 cm->geran.chosen_key->kc128_present = true;
1120 }
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1121 }
1122
1123 LOG_RAN_A_ENC(fi, LOGL_DEBUG, "Tx BSSMAP CIPHER MODE COMMAND to BSC, %u ciphers (%s) key %s\n",
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1124 ei->perm_algo_len, osmo_hexdump_nospc(ei->perm_algo, ei->perm_algo_len),
1125 osmo_hexdump_buf(buf, sizeof(buf), ei->key, ei->key_len, NULL, false));
1126 return gsm0808_create_cipher2(&cmc);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1127}
1128
1129struct msgb *ran_a_make_handover_request(struct osmo_fsm_inst *log_fi, const struct ran_handover_request *n)
1130{
1131 struct sockaddr_storage ss;
1132 struct gsm0808_handover_request r = {
1133 .cell_identifier_serving = n->cell_id_serving,
1134 .cell_identifier_target = n->cell_id_target,
1135 .cause = n->bssap_cause,
1136 .current_channel_type_1_present = n->current_channel_type_1_present,
1137 .current_channel_type_1 = n->current_channel_type_1,
1138
1139 .speech_version_used = n->speech_version_used,
1140
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1141 .old_bss_to_new_bss_info_raw = n->old_bss_to_new_bss_info_raw,
1142 .old_bss_to_new_bss_info_raw_len = n->old_bss_to_new_bss_info_raw_len,
1143
1144 .imsi = n->imsi,
1145 .codec_list_msc_preferred = n->codec_list_msc_preferred,
Philipp Maier7da956e2020-06-09 14:34:40 +0200[diff] [blame]1146 .call_id_present = n->call_id_present,
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1147 .call_id = n->call_id,
1148 .global_call_reference = n->global_call_reference,
1149 .global_call_reference_len = n->global_call_reference_len,
1150 };
1151
1152 if (!n->geran.channel_type) {
1153 LOG_RAN_A_ENC(log_fi, LOGL_ERROR, "Channel Type required for encoding Handover Request in BSSAP\n");
1154 return NULL;
1155 }
1156 r.channel_type = *n->geran.channel_type;
1157
1158 /* Encryption Information */
1159 make_encrypt_info_perm_algo(log_fi, &r.encryption_information, n->geran.a5_encryption_mask, n->classmark);
1160 if (n->geran.chosen_encryption && n->geran.chosen_encryption->key_len) {
Vadim Yanitskiy444771d2019-05-11 04:46:24 +0700[diff] [blame]1161 /* Prevent both source / destination buffer overrun / overflow */
1162 if (n->geran.chosen_encryption->key_len > sizeof(r.encryption_information.key)
1163 || n->geran.chosen_encryption->key_len > sizeof(n->geran.chosen_encryption->key)) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1164 LOG_RAN_A_ENC(log_fi, LOGL_ERROR, "Handover Request: invalid chosen encryption key size %u\n",
1165 n->geran.chosen_encryption->key_len);
1166 return NULL;
1167 }
1168 memcpy(r.encryption_information.key,
1169 n->geran.chosen_encryption->key, n->geran.chosen_encryption->key_len);
1170 r.encryption_information.key_len = n->geran.chosen_encryption->key_len;
Vadim Yanitskiybfe8eb72019-05-11 03:52:28 +0700[diff] [blame]1171 r.chosen_encryption_algorithm_serving = n->geran.chosen_encryption->alg_id;
Neels Hofmeyrdb07fdc2021-06-09 22:27:47 +0200[diff] [blame]1172
1173 if (n->geran.chosen_encryption->kc128_present) {
1174 r.more_items = true;
1175 memcpy(r.kc128, n->geran.chosen_encryption->kc128, sizeof(r.kc128));
1176 r.kc128_present = true;
1177 }
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1178 }
1179
1180 if (n->classmark)
1181 r.classmark_information = *n->classmark;
1182
Neels Hofmeyr84ce2062019-10-05 05:15:25 +0200[diff] [blame]1183 if (osmo_sockaddr_str_is_nonzero(n->rtp_ran_local)) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1184 if (osmo_sockaddr_str_to_sockaddr(n->rtp_ran_local, &ss)) {
1185 LOG_RAN_A_ENC(log_fi, LOGL_ERROR,
1186 "Handover Request: invalid AoIP Transport Layer address/port: "
1187 OSMO_SOCKADDR_STR_FMT "\n", OSMO_SOCKADDR_STR_FMT_ARGS(n->rtp_ran_local));
1188 return NULL;
1189 }
1190 r.aoip_transport_layer = &ss;
1191 }
1192
1193 return gsm0808_create_handover_request(&r);
1194}
1195
1196static struct msgb *ran_a_make_handover_request_ack(struct osmo_fsm_inst *caller_fi, const struct ran_handover_request_ack *r)
1197{
1198 struct sockaddr_storage ss;
1199 struct gsm0808_handover_request_ack params = {
1200 .l3_info = r->rr_ho_command,
1201 .l3_info_len = r->rr_ho_command_len,
1202 .chosen_channel_present = r->chosen_channel_present,
1203 .chosen_channel = r->chosen_channel,
1204 .chosen_encr_alg = r->chosen_encr_alg,
1205 .chosen_speech_version = r->chosen_speech_version,
1206 };
1207
Neels Hofmeyr84ce2062019-10-05 05:15:25 +0200[diff] [blame]1208 if (osmo_sockaddr_str_is_nonzero(&r->remote_rtp)) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1209 osmo_sockaddr_str_to_sockaddr(&r->remote_rtp, &ss);
1210 params.aoip_transport_layer = &ss;
1211 }
1212
1213 return gsm0808_create_handover_request_ack2(&params);
1214}
1215
1216struct msgb *ran_a_make_handover_command(struct osmo_fsm_inst *log_fi, const struct ran_handover_command *n)
1217{
1218 struct gsm0808_handover_command c = {
1219 .l3_info = n->rr_ho_command,
1220 .l3_info_len = n->rr_ho_command_len,
1221 };
1222
1223 return gsm0808_create_handover_command(&c);
1224}
1225
1226struct msgb *ran_a_make_handover_failure(struct osmo_fsm_inst *log_fi, const struct ran_msg *msg)
1227{
1228 struct gsm0808_handover_failure params = {
1229 .cause = msg->handover_failure.cause,
1230 };
1231 return gsm0808_create_handover_failure(&params);
1232}
1233
1234static struct msgb *_ran_a_encode(struct osmo_fsm_inst *caller_fi, const struct ran_msg *ran_enc_msg)
1235{
1236
1237 LOG_RAN_A_ENC(caller_fi, LOGL_DEBUG, "%s\n", ran_msg_type_name(ran_enc_msg->msg_type));
1238
1239 switch (ran_enc_msg->msg_type) {
1240
1241 case RAN_MSG_DTAP:
1242 return ran_a_wrap_dtap(ran_enc_msg->dtap);
1243
1244 case RAN_MSG_CLASSMARK_REQUEST:
1245 return gsm0808_create_classmark_request();
1246
1247 case RAN_MSG_CLEAR_COMMAND:
1248 return gsm0808_create_clear_command2(ran_enc_msg->clear_command.gsm0808_cause,
1249 ran_enc_msg->clear_command.csfb_ind);
1250
1251 case RAN_MSG_ASSIGNMENT_COMMAND:
1252 return ran_a_make_assignment_command(caller_fi, &ran_enc_msg->assignment_command);
1253
Harald Welte544a32f2020-06-21 22:15:53 +0200[diff] [blame]1254 case RAN_MSG_COMMON_ID:
Pau Espin Pedrol67106702021-04-27 18:20:15 +0200[diff] [blame]1255 return gsm0808_create_common_id(ran_enc_msg->common_id.imsi, NULL,
1256 ran_enc_msg->common_id.last_eutran_plmn_present ?
1257 &ran_enc_msg->common_id.last_eutran_plmn :
1258 NULL
1259 );
Harald Welte544a32f2020-06-21 22:15:53 +0200[diff] [blame]1260
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1261 case RAN_MSG_CIPHER_MODE_COMMAND:
1262 return ran_a_make_cipher_mode_command(caller_fi, &ran_enc_msg->cipher_mode_command);
1263
1264 case RAN_MSG_HANDOVER_REQUIRED_REJECT:
1265 return gsm0808_create_handover_required_reject(&ran_enc_msg->handover_required_reject);
1266
1267 case RAN_MSG_HANDOVER_REQUEST:
1268 return ran_a_make_handover_request(caller_fi, &ran_enc_msg->handover_request);
1269
1270 case RAN_MSG_HANDOVER_REQUEST_ACK:
1271 return ran_a_make_handover_request_ack(caller_fi, &ran_enc_msg->handover_request_ack);
1272
1273 case RAN_MSG_HANDOVER_COMMAND:
1274 return ran_a_make_handover_command(caller_fi, &ran_enc_msg->handover_command);
1275
1276 case RAN_MSG_HANDOVER_SUCCEEDED:
1277 return gsm0808_create_handover_succeeded();
1278
1279 case RAN_MSG_HANDOVER_FAILURE:
1280 return ran_a_make_handover_failure(caller_fi, ran_enc_msg);
1281
1282 default:
1283 LOG_RAN_A_ENC(caller_fi, LOGL_ERROR, "Unimplemented RAN-encode message type: %s\n",
1284 ran_msg_type_name(ran_enc_msg->msg_type));
1285 return NULL;
1286 }
1287}
1288
1289struct msgb *ran_a_encode(struct osmo_fsm_inst *caller_fi, const struct ran_msg *ran_enc_msg)
1290{
1291 struct msgb *msg = _ran_a_encode(caller_fi, ran_enc_msg);
1292
1293 if (!msg)
1294 return NULL;
1295
1296 msg->l2h = msg->data;
1297
1298 /* some consistency checks to ensure we don't send invalid length */
1299 switch (msg->l2h[0]) {
1300 case BSSAP_MSG_DTAP:
1301 OSMO_ASSERT(msgb_l2len(msg) == msg->l2h[2] + 3);
1302 break;
1303 case BSSAP_MSG_BSS_MANAGEMENT:
1304 OSMO_ASSERT(msgb_l2len(msg) == msg->l2h[1] + 2);
1305 break;
1306 default:
1307 break;
1308 }
1309
1310 return msg;
1311}
1312
Neels Hofmeyrb6972742020-06-26 15:20:51 +0200[diff] [blame]1313static void cl_parse_osmux(struct osmo_fsm_inst *log_fi, struct msgb *msg, int *supports_osmux)
1314{
1315 struct tlv_parsed tp;
1316 int rc;
1317
1318 if (supports_osmux == NULL)
1319 return;
1320
1321 rc = tlv_parse(&tp, gsm0808_att_tlvdef(), msgb_l3(msg) + 1, msgb_l3len(msg) - 1, 0, 0);
1322 if (rc < 0) {
1323 LOGPFSMSL(log_fi, DBSSAP, LOGL_ERROR, "BSSMAP: Failed parsing TLV looking for Osmux support\n");
1324 return;
1325 }
1326
1327 if (TLVP_PRESENT(&tp, GSM0808_IE_OSMO_OSMUX_SUPPORT)) {
1328 *supports_osmux = true;
1329 } else {
1330 *supports_osmux = false;
1331 }
1332}
1333
1334/* Return 1 for a RESET, 2 for a RESET ACK message, 0 otherwise.
1335 * In supports_osmux, return 0 for no information, 1 for support detected, -1 for non-support detected. */
1336enum reset_msg_type bssmap_is_reset_msg(const struct sccp_ran_inst *sri, struct osmo_fsm_inst *log_fi,
1337 struct msgb *l2, int *supports_osmux)
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1338{
1339 struct bssmap_header *bs = (struct bssmap_header *)msgb_l2(l2);
1340
Neels Hofmeyrb6972742020-06-26 15:20:51 +0200[diff] [blame]1341 if (supports_osmux != NULL)
1342 *supports_osmux = 0;
1343
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1344 if (!bs
1345 || msgb_l2len(l2) < (sizeof(*bs) + 1)
1346 || bs->type != BSSAP_MSG_BSS_MANAGEMENT)
1347 return SCCP_RAN_MSG_NON_RESET;
1348
Neels Hofmeyrb6972742020-06-26 15:20:51 +0200[diff] [blame]1349 l2->l3h = l2->l2h + sizeof(struct bssmap_header);
1350
1351 switch (l2->l3h[0]) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1352 case BSS_MAP_MSG_RESET:
Neels Hofmeyrb6972742020-06-26 15:20:51 +0200[diff] [blame]1353 cl_parse_osmux(log_fi, l2, supports_osmux);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1354 return SCCP_RAN_MSG_RESET;
1355 case BSS_MAP_MSG_RESET_ACKNOWLEDGE:
Neels Hofmeyrb6972742020-06-26 15:20:51 +0200[diff] [blame]1356 cl_parse_osmux(log_fi, l2, supports_osmux);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1357 return SCCP_RAN_MSG_RESET_ACK;
1358 default:
1359 return SCCP_RAN_MSG_NON_RESET;
1360 }
1361}
1362
Pau Espin Pedrolc9ba7542019-05-07 12:23:49 +0200[diff] [blame]1363/* Patch regular BSSMAP RESET to add extra T to announce Osmux support (osmocom extension) */
1364static void _gsm0808_extend_announce_osmux(struct msgb *msg)
1365{
1366 OSMO_ASSERT(msg->l3h[1] == msgb_l3len(msg) - 2); /*TL not in len */
1367 msgb_put_u8(msg, GSM0808_IE_OSMO_OSMUX_SUPPORT);
1368 msg->l3h[1] = msgb_l3len(msg) - 2;
1369}
1370
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1371struct msgb *bssmap_make_reset_msg(const struct sccp_ran_inst *sri, enum reset_msg_type type)
1372{
Pau Espin Pedrolc9ba7542019-05-07 12:23:49 +0200[diff] [blame]1373 struct gsm_network *net = sri->user_data;
1374 struct msgb *msg;
1375
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1376 switch (type) {
1377 case SCCP_RAN_MSG_RESET:
Pau Espin Pedrolc9ba7542019-05-07 12:23:49 +0200[diff] [blame]1378 msg = gsm0808_create_reset();
1379 break;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1380 case SCCP_RAN_MSG_RESET_ACK:
Pau Espin Pedrolc9ba7542019-05-07 12:23:49 +0200[diff] [blame]1381 msg = gsm0808_create_reset_ack();
1382 break;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1383 default:
1384 return NULL;
1385 }
Pau Espin Pedrolc9ba7542019-05-07 12:23:49 +0200[diff] [blame]1386
1387 if (!msg)
1388 return NULL;
1389
1390 if (net->use_osmux != OSMUX_USAGE_OFF)
1391 _gsm0808_extend_announce_osmux(msg);
1392
1393 return msg;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1394}
1395
1396struct msgb *bssmap_make_paging_msg(const struct sccp_ran_inst *sri, const struct gsm0808_cell_id *page_cell_id,
1397 const char *imsi, uint32_t tmsi, enum paging_cause cause)
1398{
1399 struct gsm0808_cell_id_list2 cil;
1400 gsm0808_cell_id_to_list(&cil, page_cell_id);
1401 return gsm0808_create_paging2(imsi, tmsi == GSM_RESERVED_TMSI ? NULL : &tmsi, &cil, NULL);
1402}
1403
1404const char *bssmap_msg_name(const struct sccp_ran_inst *sri, const struct msgb *l2)
1405{
1406 struct bssmap_header *bs;
1407
1408 if (!l2->l2h)
1409 return "?";
1410
1411 bs = (struct bssmap_header *)msgb_l2(l2);
1412 switch (bs->type) {
1413 case BSSAP_MSG_BSS_MANAGEMENT:
1414 return gsm0808_bssmap_name(l2->l2h[0]);
1415 case BSSAP_MSG_DTAP:
1416 return "DTAP";
1417 default:
1418 return "?";
1419 }
1420}