Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-msc / a1a70be593a341f48fd7eeca96e6663109868370 / . / src / libmsc / ran_msg_a.c
blob: b50259d04f1e0b97b5cafdf83807f6b694b0b8b7 [file] [log] [blame]
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1/* BSSAP/BSSMAP encoding and decoding for MSC */
2/*
3 * (C) 2019 by sysmocom - s.m.f.c. GmbH <info@sysmocom.de>
4 * All Rights Reserved
5 *
6 * Author: Neels Hofmeyr
7 *
8 * SPDX-License-Identifier: GPL-2.0+
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License along
21 * with this program; if not, write to the Free Software Foundation, Inc.,
22 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23 */
24
25#include <osmocom/core/byteswap.h>
26
27#include <osmocom/crypt/auth.h>
Neels Hofmeyr6ce2edc2021-06-09 22:26:11 +0200[diff] [blame]28#include <osmocom/crypt/kdf.h>
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]29
30#include <osmocom/gsm/tlv.h>
31#include <osmocom/gsm/gsm0808.h>
32#include <osmocom/gsm/mncc.h>
33#include <osmocom/gsm/gsm48.h>
34
35#include <osmocom/msc/debug.h>
36#include <osmocom/msc/ran_msg_a.h>
37#include <osmocom/msc/sccp_ran.h>
Pau Espin Pedrolc9ba7542019-05-07 12:23:49 +0200[diff] [blame]38#include <osmocom/msc/gsm_data.h>
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]39
40#define LOG_RAN_A_DEC(RAN_DEC, level, fmt, args...) \
41 LOG_RAN_DEC(RAN_DEC, DBSSAP, level, "BSSMAP: " fmt, ## args)
42
43/* Assumes presence of struct ran_dec *ran_dec and ran_dec_msg.msg_name (set) in the local scope. */
44#define LOG_RAN_A_DEC_MSG(level, fmt, args...) \
45 LOG_RAN_DEC(ran_dec, DBSSAP, level, "%s: " fmt, ran_dec_msg.msg_name, ## args)
46
47#define LOG_RAN_A_ENC(FI, level, fmt, args...) \
48 LOG_RAN_ENC(FI, DBSSAP, level, "BSSMAP: " fmt, ## args)
49
50static int ran_a_decode_l3_compl(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
51{
52 struct gsm0808_cell_id_list2 cil;
53 struct gsm0808_cell_id cell_id;
54 struct tlv_p_entry *ie_cell_id = TLVP_GET(tp, GSM0808_IE_CELL_IDENTIFIER);
55 struct tlv_p_entry *ie_l3_info = TLVP_GET(tp, GSM0808_IE_LAYER_3_INFORMATION);
Neels Hofmeyr8a50cfb2019-10-21 03:01:00 +0200[diff] [blame]56 struct tlv_p_entry *ie_codec_list_bss_supported = TLVP_GET(tp, GSM0808_IE_SPEECH_CODEC_LIST);
57 struct gsm0808_speech_codec_list codec_list_bss_supported;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]58 struct ran_msg ran_dec_msg = {
59 .msg_type = RAN_MSG_COMPL_L3,
Neels Hofmeyr0c1ed152019-10-21 03:12:58 +0200[diff] [blame]60 .msg_name = "BSSMAP Complete Layer 3 Information",
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]61 .compl_l3 = {
62 .cell_id = &cell_id,
63 .msg = msg,
64 },
65 };
66 int rc;
67
68 if (!ie_cell_id) {
69 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory CELL IDENTIFIER not present, discarding message\n");
70 return -EINVAL;
71 }
72 if (!ie_l3_info) {
73 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory LAYER 3 INFORMATION not present, discarding message\n");
74 return -EINVAL;
75 }
76
77 /* Parse Cell ID element -- this should yield a cell identifier "list" with 1 element. */
78
79 rc = gsm0808_dec_cell_id_list2(&cil, ie_cell_id->val, ie_cell_id->len);
80 if (rc < 0) {
81 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Decoding CELL IDENTIFIER gave rc=%d\n", rc);
82 return -EINVAL;
83 }
84 if (cil.id_list_len != 1) {
85 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Unable to parse element CELL IDENTIFIER, discarding message\n");
86 return -EINVAL;
87 }
88
89 /* Sanity check the Cell Identity */
90 switch (cil.id_discr) {
91 case CELL_IDENT_WHOLE_GLOBAL:
92 case CELL_IDENT_LAI_AND_LAC:
93 case CELL_IDENT_LAC_AND_CI:
94 case CELL_IDENT_LAC:
95 break;
96
97 case CELL_IDENT_CI:
98 case CELL_IDENT_NO_CELL:
99 case CELL_IDENT_BSS:
100 default:
101 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "CELL IDENTIFIER does not specify a LAC, discarding message: %s\n",
102 gsm0808_cell_id_list_name(&cil));
103 return -EINVAL;
104 }
105
106 cell_id = (struct gsm0808_cell_id){
107 .id_discr = cil.id_discr,
108 .id = cil.id_list[0],
109 };
110
111 /* Parse Layer 3 Information element */
112 msg->l3h = (uint8_t*)ie_l3_info->val;
113 msgb_l3trim(msg, ie_l3_info->len);
114
115 if (msgb_l3len(msg) < sizeof(struct gsm48_hdr)) {
116 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "too short L3 info (%d), discarding message\n", msgb_l3len(msg));
117 return -ENODATA;
118 }
119
Neels Hofmeyr8a50cfb2019-10-21 03:01:00 +0200[diff] [blame]120 /* Decode Codec List (BSS Supported) */
121 if (ie_codec_list_bss_supported) {
122 rc = gsm0808_dec_speech_codec_list(&codec_list_bss_supported,
123 ie_codec_list_bss_supported->val, ie_codec_list_bss_supported->len);
124 if (rc < 0) {
125 LOG_RAN_A_DEC_MSG(LOGL_ERROR,
126 "Complete Layer 3 Information: unable to decode IE Codec List (BSS Supported)"
127 " (rc=%d), continuing anyway\n", rc);
128 /* This IE is not critical, do not abort with error. */
129 } else
130 ran_dec_msg.compl_l3.codec_list_bss_supported = &codec_list_bss_supported;
131 }
132
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]133 return ran_decoded(ran_dec, &ran_dec_msg);
134}
135
136static int ran_a_decode_clear_request(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
137{
138 struct tlv_p_entry *ie_cause = TLVP_GET(tp, GSM0808_IE_CAUSE);
139 struct ran_msg ran_dec_msg = {
140 .msg_type = RAN_MSG_CLEAR_REQUEST,
141 .msg_name = "BSSMAP Clear Request",
142 };
143
144 if (!ie_cause) {
145 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Cause code is missing, using GSM0808_CAUSE_EQUIPMENT_FAILURE\n");
146 ran_dec_msg.clear_request.bssap_cause = GSM0808_CAUSE_EQUIPMENT_FAILURE;
147 } else {
148 ran_dec_msg.clear_request.bssap_cause = ie_cause->val[0];
149 }
150
151 return ran_decoded(ran_dec, &ran_dec_msg);
152}
153
154static int ran_a_decode_clear_complete(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
155{
156 struct ran_msg ran_dec_msg = {
157 .msg_type = RAN_MSG_CLEAR_COMPLETE,
158 .msg_name = "BSSMAP Clear Complete",
159 };
160 return ran_decoded(ran_dec, &ran_dec_msg);
161}
162
163static int ran_a_decode_classmark_update(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
164{
165 struct tlv_p_entry *ie_cm2 = TLVP_GET(tp, GSM0808_IE_CLASSMARK_INFORMATION_T2);
166 struct tlv_p_entry *ie_cm3 = TLVP_GET(tp, GSM0808_IE_CLASSMARK_INFORMATION_T3);
167 struct osmo_gsm48_classmark cm = {};
168 struct ran_msg ran_dec_msg = {
169 .msg_type = RAN_MSG_CLASSMARK_UPDATE,
170 .msg_name = "BSSMAP Classmark Update",
171 .classmark_update = {
172 .classmark = &cm,
173 },
174 };
175
176 if (!ie_cm2) {
177 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "mandatory Classmark Information Type 2 not present, discarding message\n");
178 return -EINVAL;
179 }
180
181 cm.classmark2_len = OSMO_MIN(sizeof(cm.classmark2), ie_cm2->len);
182 memcpy(&cm.classmark2, ie_cm2->val, cm.classmark2_len);
183
184 if (ie_cm3) {
185 cm.classmark3_len = OSMO_MIN(sizeof(cm.classmark3), ie_cm3->len);
186 memcpy(&cm.classmark3, ie_cm3->val, cm.classmark3_len);
187 }
188
189 return ran_decoded(ran_dec, &ran_dec_msg);
190}
191
192static int ran_a_decode_cipher_mode_complete(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
193{
194 struct tlv_p_entry *ie_chosen_encr_alg = TLVP_GET(tp, GSM0808_IE_CHOSEN_ENCR_ALG);
195 struct tlv_p_entry *ie_l3_msg = TLVP_GET(tp, GSM0808_IE_LAYER_3_MESSAGE_CONTENTS);
196 int rc;
197 struct ran_msg ran_dec_msg = {
198 .msg_type = RAN_MSG_CIPHER_MODE_COMPLETE,
199 .msg_name = "BSSMAP Ciphering Mode Complete",
200 };
201
202 if (ie_chosen_encr_alg) {
203 uint8_t ie_val = ie_chosen_encr_alg->val[0];
204 /* 3GPP TS 48.008 3.2.2.44 Chosen Encryption Algorithm encodes as 1 = no encryption, 2 = A5/1, 4 = A5/3.
205 * Internally we handle without this weird off-by-one. */
206 if (ie_val < 1 || ie_val > 8)
207 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Unsupported value for 3.2.2.44 Chosen Encryption Algorithm: %u\n",
208 ie_val);
209 else
210 ran_dec_msg.cipher_mode_complete.alg_id = ie_chosen_encr_alg->val[0];
211 }
212
Neels Hofmeyre9a39112019-08-29 00:10:49 +0200[diff] [blame]213 if (ie_l3_msg)
214 ran_dec_msg.cipher_mode_complete.l3_msg = ie_l3_msg;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]215
Neels Hofmeyre9a39112019-08-29 00:10:49 +0200[diff] [blame]216 rc = ran_decoded(ran_dec, &ran_dec_msg);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]217
218 return rc;
219}
220
221static int ran_a_decode_cipher_mode_reject(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
222{
223 int rc;
224 struct ran_msg ran_dec_msg = {
225 .msg_type = RAN_MSG_CIPHER_MODE_REJECT,
226 .msg_name = "BSSMAP Ciphering Mode Reject",
227 };
228
Vadim Yanitskiy33144f12021-02-05 20:14:19 +0100[diff] [blame]229 rc = gsm0808_get_cause(tp);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]230 if (rc < 0) {
231 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "failed to extract Cause\n");
232 ran_dec_msg.cipher_mode_reject.bssap_cause = GSM0808_CAUSE_EQUIPMENT_FAILURE;
233 } else {
234 ran_dec_msg.cipher_mode_reject.bssap_cause = (enum gsm0808_cause)rc;
235 }
236
237 return ran_decoded(ran_dec, &ran_dec_msg);
238}
239
240enum mgcp_codecs ran_a_mgcp_codec_from_sc(const struct gsm0808_speech_codec *sc)
241{
242 switch (sc->type) {
243 case GSM0808_SCT_FR1:
244 return CODEC_GSM_8000_1;
245 break;
246 case GSM0808_SCT_FR2:
247 return CODEC_GSMEFR_8000_1;
248 break;
249 case GSM0808_SCT_FR3:
250 return CODEC_AMR_8000_1;
251 break;
252 case GSM0808_SCT_FR4:
253 return CODEC_AMRWB_16000_1;
254 break;
255 case GSM0808_SCT_FR5:
256 return CODEC_AMRWB_16000_1;
257 break;
258 case GSM0808_SCT_HR1:
259 return CODEC_GSMHR_8000_1;
260 break;
261 case GSM0808_SCT_HR3:
262 return CODEC_AMR_8000_1;
263 break;
264 case GSM0808_SCT_HR4:
265 return CODEC_AMRWB_16000_1;
266 break;
267 case GSM0808_SCT_HR6:
268 return CODEC_AMRWB_16000_1;
269 break;
270 default:
271 return CODEC_PCMU_8000_1;
272 break;
273 }
274}
275
276static int ran_a_decode_assignment_complete(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
277{
278 struct tlv_p_entry *ie_aoip_transp_addr = TLVP_GET(tp, GSM0808_IE_AOIP_TRASP_ADDR);
279 struct tlv_p_entry *ie_speech_codec = TLVP_GET(tp, GSM0808_IE_SPEECH_CODEC);
Neels Hofmeyr8a50cfb2019-10-21 03:01:00 +0200[diff] [blame]280 struct tlv_p_entry *ie_codec_list_bss_supported = TLVP_GET(tp, GSM0808_IE_SPEECH_CODEC_LIST);
Pau Espin Pedrola3cdab42019-05-09 17:54:08 +0200[diff] [blame]281 struct tlv_p_entry *ie_osmux_cid = TLVP_GET(tp, GSM0808_IE_OSMO_OSMUX_CID);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]282 struct sockaddr_storage rtp_addr;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]283 struct gsm0808_speech_codec sc;
Neels Hofmeyr8a50cfb2019-10-21 03:01:00 +0200[diff] [blame]284 struct gsm0808_speech_codec_list codec_list_bss_supported;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]285 int rc;
286 struct ran_msg ran_dec_msg = {
287 .msg_type = RAN_MSG_ASSIGNMENT_COMPLETE,
288 .msg_name = "BSSMAP Assignment Complete",
289 };
290
291 if (ie_aoip_transp_addr) {
292 /* Decode AoIP transport address element */
293 rc = gsm0808_dec_aoip_trasp_addr(&rtp_addr, ie_aoip_transp_addr->val, ie_aoip_transp_addr->len);
294 if (rc < 0) {
295 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Unable to decode AoIP Transport Layer Address\n");
296 return -EINVAL;
297 }
298
Pau Espin Pedrolf9c76e32020-09-02 19:25:55 +0200[diff] [blame]299 if (osmo_sockaddr_str_from_sockaddr(&ran_dec_msg.assignment_complete.remote_rtp, &rtp_addr)) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]300 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Assignment Complete: unable to decode remote RTP IP address\n");
301 return -EINVAL;
302 }
303 }
304
Pau Espin Pedrola3cdab42019-05-09 17:54:08 +0200[diff] [blame]305 if (ie_osmux_cid) {
306 rc = gsm0808_dec_osmux_cid(&ran_dec_msg.assignment_complete.osmux_cid, ie_osmux_cid->val, ie_osmux_cid->len);
307 if (rc < 0) {
308 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Unable to decode Osmux CID\n");
309 return -EINVAL;
310 }
311 ran_dec_msg.assignment_complete.osmux_present = true;
312 }
313
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]314 if (ie_speech_codec) {
315 /* Decode Speech Codec (Chosen) element */
316 rc = gsm0808_dec_speech_codec(&sc, ie_speech_codec->val, ie_speech_codec->len);
317 if (rc < 0) {
318 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Assignment Complete: unable to decode IE Speech Codec (Chosen)"
319 " (rc=%d).\n", rc);
320 return -EINVAL;
321 }
322 ran_dec_msg.assignment_complete.codec_present = true;
323 ran_dec_msg.assignment_complete.codec = ran_a_mgcp_codec_from_sc(&sc);
324 }
325
Neels Hofmeyr8a50cfb2019-10-21 03:01:00 +0200[diff] [blame]326 if (ie_codec_list_bss_supported) {
327 /* Decode Codec List (BSS Supported) */
328 rc = gsm0808_dec_speech_codec_list(&codec_list_bss_supported,
329 ie_codec_list_bss_supported->val, ie_codec_list_bss_supported->len);
330 if (rc < 0) {
331 LOG_RAN_A_DEC_MSG(LOGL_ERROR,
332 "Assignment Complete: unable to decode IE Codec List (BSS Supported)"
333 " (rc=%d), continuing anyway\n", rc);
334 /* This IE is not critical, do not abort with error. */
335 } else
336 ran_dec_msg.assignment_complete.codec_list_bss_supported = &codec_list_bss_supported;
337 }
338
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]339 return ran_decoded(ran_dec, &ran_dec_msg);
340}
341
342static int ran_a_decode_assignment_failure(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
343{
344 struct tlv_p_entry *ie_cause = TLVP_GET(tp, GSM0808_IE_CAUSE);
345 struct tlv_p_entry *ie_rr_cause = TLVP_GET(tp, GSM0808_IE_RR_CAUSE);
346 struct tlv_p_entry *ie_speech_codec_list = TLVP_GET(tp, GSM0808_IE_SPEECH_CODEC_LIST);
347 struct gsm0808_speech_codec_list scl;
348 struct ran_msg ran_dec_msg = {
349 .msg_type = RAN_MSG_ASSIGNMENT_FAILURE,
350 .msg_name = "BSSMAP Assignment Failure",
351 .assignment_failure = {
352 .bssap_cause = GSM0808_CAUSE_EQUIPMENT_FAILURE,
353 .rr_cause = GSM48_RR_CAUSE_ABNORMAL_UNSPEC,
354 },
355 };
356
357 if (ie_cause)
358 ran_dec_msg.assignment_failure.bssap_cause = ie_cause->val[0];
359 if (ie_rr_cause)
360 ran_dec_msg.assignment_failure.rr_cause = ie_rr_cause->val[0];
361
362 if (ie_speech_codec_list
363 && gsm0808_dec_speech_codec_list(&scl, ie_speech_codec_list->val, ie_speech_codec_list->len) == 0)
364 ran_dec_msg.assignment_failure.scl_bss_supported = &scl;
365
366 return ran_decoded(ran_dec, &ran_dec_msg);
367}
368
369static int ran_a_decode_sapi_n_reject(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
370{
371 struct tlv_p_entry *ie_cause = TLVP_GET(tp, GSM0808_IE_CAUSE);
372 struct tlv_p_entry *ie_dlci = TLVP_GET(tp, GSM0808_IE_DLCI);
373 struct ran_msg ran_dec_msg = {
374 .msg_type = RAN_MSG_SAPI_N_REJECT,
375 .msg_name = "BSSMAP SAPI-N Reject",
376 };
377
378 /* Note: The MSC code seems not to care about the cause code, but by
379 * the specification it is mandatory, so we check its presence. See
380 * also 3GPP TS 48.008 3.2.1.34 SAPI "n" REJECT */
381 if (!ie_cause) {
382 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "SAPI-N Reject: cause code IE is missing, discarding message\n");
383 return -EINVAL;
384 }
385 ran_dec_msg.sapi_n_reject.bssap_cause = ie_cause->val[0];
386
387 if (!ie_dlci) {
388 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "SAPI-N Reject: DLCI IE is missing, discarding message\n");
389 return -EINVAL;
390 }
391 ran_dec_msg.sapi_n_reject.dlci = ie_dlci->val[0];
392
393 return ran_decoded(ran_dec, &ran_dec_msg);
394}
395
396static int ran_a_decode_lcls_notification(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
397{
398 const struct tlv_p_entry *ie_lcls_bss_status = TLVP_GET(tp, GSM0808_IE_LCLS_BSS_STATUS);
399 const struct tlv_p_entry *ie_lcls_break_req = TLVP_GET(tp, GSM0808_IE_LCLS_BREAK_REQ);
400 struct ran_msg ran_dec_msg;
401
402 /* Either §3.2.2.119 LCLS-BSS-Status or §3.2.2.120 LCLS-Break-Request shall be present */
Vadim Yanitskiy18e8b392019-05-11 04:22:55 +0700[diff] [blame]403 if (ie_lcls_bss_status && !ie_lcls_break_req) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]404 ran_dec_msg = (struct ran_msg){
405 .msg_type = RAN_MSG_LCLS_STATUS,
406 .msg_name = "BSSMAP LCLS Notification (LCLS Status)",
407 .lcls_status = {
408 .status = ie_lcls_bss_status->len ?
409 ie_lcls_bss_status->val[0] : GSM0808_LCLS_STS_NA,
410 },
411 };
412 return ran_decoded(ran_dec, &ran_dec_msg);
Vadim Yanitskiy18e8b392019-05-11 04:22:55 +0700[diff] [blame]413 } else if (ie_lcls_break_req && !ie_lcls_bss_status) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]414 ran_dec_msg = (struct ran_msg){
415 .msg_type = RAN_MSG_LCLS_BREAK_REQ,
416 .msg_name = "BSSMAP LCLS Notification (LCLS Break Req)",
417 .lcls_break_req = {
418 .todo = 23,
419 },
420 };
421 return ran_decoded(ran_dec, &ran_dec_msg);
422 }
423
Vadim Yanitskiy18e8b392019-05-11 04:22:55 +0700[diff] [blame]424 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "Ignoring broken LCLS Notification message\n");
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]425 return -EINVAL;
426}
427
428static int ran_a_decode_handover_required(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
429{
430 const struct tlv_p_entry *ie_cause = TLVP_GET(tp, GSM0808_IE_CAUSE);
431 const struct tlv_p_entry *ie_cil = TLVP_GET(tp, GSM0808_IE_CELL_IDENTIFIER_LIST);
432 struct ran_msg ran_dec_msg = {
433 .msg_type = RAN_MSG_HANDOVER_REQUIRED,
434 .msg_name = "BSSMAP Handover Required",
435 };
436 /* On decoding failures, dispatch an invalid RAN_MSG_HANDOVER_REQUIRED so msc_a can pass down a
437 * BSS_MAP_MSG_HANDOVER_REQUIRED_REJECT message. */
438
439 if (ie_cause)
440 ran_dec_msg.handover_required.cause = ie_cause->val[0];
441 else
442 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Cause IE missing\n");
443
444 if (!ie_cil
445 || gsm0808_dec_cell_id_list2(&ran_dec_msg.handover_required.cil, ie_cil->val, ie_cil->len) <= 0) {
446 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "No or invalid Cell Identifier List IE\n");
447 ran_dec_msg.handover_required.cil = (struct gsm0808_cell_id_list2){};
448 }
449
450 return ran_decoded(ran_dec, &ran_dec_msg);
451}
452
453static uint8_t a5_encryption_mask_from_gsm0808_chosen_enc_alg(enum gsm0808_chosen_enc_alg val)
454{
455 return 1 << val;
456}
457
458static int ran_a_decode_handover_request(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
459{
460 struct osmo_gsm48_classmark classmark = {};
461 struct ran_msg ran_dec_msg = {
462 .msg_type = RAN_MSG_HANDOVER_REQUEST,
463 .msg_name = "BSSMAP Handover Request",
464 .handover_request = {
465 .classmark = &classmark,
466 },
467 };
468 struct ran_handover_request *r = &ran_dec_msg.handover_request;
469
470 const struct tlv_p_entry *ie_channel_type = TLVP_GET(tp, GSM0808_IE_CHANNEL_TYPE);
471 const struct tlv_p_entry *ie_encryption_information = TLVP_GET(tp, GSM0808_IE_ENCRYPTION_INFORMATION);
472 const struct tlv_p_entry *ie_classmark1 = TLVP_GET(tp, GSM0808_IE_CLASSMARK_INFORMATION_TYPE_1);
473 const struct tlv_p_entry *ie_classmark2 = TLVP_GET(tp, GSM0808_IE_CLASSMARK_INFORMATION_T2);
474 const struct tlv_p_entry *ie_cell_id_serving = TLVP_GET(&tp[0], GSM0808_IE_CELL_IDENTIFIER);
475 const struct tlv_p_entry *ie_cell_id_target = TLVP_GET(&tp[1], GSM0808_IE_CELL_IDENTIFIER);
476 const struct tlv_p_entry *ie_cause = TLVP_GET(tp, GSM0808_IE_CAUSE);
477 const struct tlv_p_entry *ie_classmark3 = TLVP_GET(tp, GSM0808_IE_CLASSMARK_INFORMATION_T3);
478 const struct tlv_p_entry *ie_current_channel_type_1 = TLVP_GET(tp, GSM0808_IE_CURRENT_CHANNEL_TYPE_1);
479 const struct tlv_p_entry *ie_speech_version_used = TLVP_GET(tp, GSM0808_IE_SPEECH_VERSION);
480 const struct tlv_p_entry *ie_chosen_encr_alg_serving = TLVP_GET(tp, GSM0808_IE_CHOSEN_ENCR_ALG);
481 const struct tlv_p_entry *ie_old_bss_to_new_bss_info = TLVP_GET(tp, GSM0808_IE_OLD_BSS_TO_NEW_BSS_INFORMATION);
482 const struct tlv_p_entry *ie_imsi = TLVP_GET(tp, GSM0808_IE_IMSI);
483 const struct tlv_p_entry *ie_aoip_transp_addr = TLVP_GET(tp, GSM0808_IE_AOIP_TRASP_ADDR);
484 const struct tlv_p_entry *ie_codec_list_msc_preferred = TLVP_GET(tp, GSM0808_IE_SPEECH_CODEC_LIST);
485 const struct tlv_p_entry *ie_call_id = TLVP_GET(tp, GSM0808_IE_CALL_ID);
Neels Hofmeyrdb07fdc2021-06-09 22:27:47 +0200[diff] [blame]486 const struct tlv_p_entry *ie_kc128 = TLVP_GET(tp, GSM0808_IE_KC_128);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]487 const struct tlv_p_entry *ie_global_call_ref = TLVP_GET(tp, GSM0808_IE_GLOBAL_CALL_REF);
488
489 struct gsm0808_channel_type channel_type;
490 struct gsm0808_encrypt_info encr_info;
491 struct gsm0808_speech_codec_list scl;
492 struct geran_encr geran_encr = {};
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]493 struct osmo_sockaddr_str rtp_ran_local;
494
495 if (!ie_channel_type) {
496 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory IE missing: Channel Type\n");
497 return -EINVAL;
498 }
499 if (gsm0808_dec_channel_type(&channel_type, ie_channel_type->val, ie_channel_type->len) <= 0) {
500 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Failed to decode Channel Type IE\n");
501 return -EINVAL;
502 }
503 r->geran.channel_type = &channel_type;
504
505 if (ie_encryption_information) {
506 int i;
507 if (gsm0808_dec_encrypt_info(&encr_info, ie_encryption_information->val, ie_encryption_information->len)
508 <= 0) {
Martin Hauke3f07dac2019-11-14 17:49:08 +0100[diff] [blame]509 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Failed to decode Encryption Information IE\n");
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]510 return -EINVAL;
511 }
512
513 for (i = 0; i < encr_info.perm_algo_len; i++) {
514 r->geran.a5_encryption_mask |=
515 a5_encryption_mask_from_gsm0808_chosen_enc_alg(encr_info.perm_algo[i]);
516 }
517
518 if (encr_info.key_len > sizeof(geran_encr.key)) {
Martin Hauke3f07dac2019-11-14 17:49:08 +0100[diff] [blame]519 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Failed to decode Encryption Information IE:"
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]520 " encryption key is too long: %u\n", geran_encr.key_len);
521 return -EINVAL;
522 }
523
524 if (encr_info.key_len) {
525 memcpy(geran_encr.key, encr_info.key, encr_info.key_len);
526 geran_encr.key_len = encr_info.key_len;
527 }
528
Neels Hofmeyrdb07fdc2021-06-09 22:27:47 +0200[diff] [blame]529 if (ie_kc128) {
530 memcpy(geran_encr.kc128, ie_kc128->val, 16);
531 geran_encr.kc128_present = true;
532 }
533
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]534 r->geran.chosen_encryption = &geran_encr;
535 }
536
537 if (!ie_classmark1 && !ie_classmark2) {
538 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory IE missing: either Classmark Information 1"
539 " or Classmark Information 2 must be included\n");
540 return -EINVAL;
541 }
542
543 if (ie_classmark1) {
544 if (ie_classmark1->len != sizeof(classmark.classmark1)) {
545 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Invalid size for Classmark 1: %u, expected %zu\n",
546 ie_classmark1->len, sizeof(classmark.classmark1));
547 return -EINVAL;
548 }
549 memcpy((uint8_t*)&classmark.classmark1, ie_classmark1->val, ie_classmark1->len);
550 classmark.classmark1_set = true;
551 }
552
553 if (ie_classmark2) {
554 uint8_t len = OSMO_MIN(ie_classmark2->len, sizeof(classmark.classmark2));
555 memcpy((uint8_t*)&classmark.classmark2, ie_classmark2->val, len);
556 classmark.classmark2_len = len;
557 }
558
559 if (!ie_cell_id_serving) {
560 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory IE missing: Cell Identifier (Serving)\n");
561 return -EINVAL;
562 }
563 if (gsm0808_dec_cell_id(&r->cell_id_serving, ie_cell_id_serving->val,
564 ie_cell_id_serving->len) <= 0) {
565 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Failed to decode Cell Identifier (Serving) IE\n");
566 return -EINVAL;
567 }
568
569 if (!ie_cell_id_target) {
570 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory IE missing: Cell Identifier (Target)\n");
571 return -EINVAL;
572 }
573 if (gsm0808_dec_cell_id(&r->cell_id_target, ie_cell_id_target->val,
574 ie_cell_id_target->len) <= 0) {
575 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Failed to decode Cell Identifier (Target) IE\n");
576 return -EINVAL;
577 }
578
579 if (ie_cause)
580 r->bssap_cause = ie_cause->val[0];
581
582 if (ie_classmark3) {
583 uint8_t len = OSMO_MIN(ie_classmark3->len, sizeof(classmark.classmark3));
584 memcpy(classmark.classmark3, ie_classmark3->val, len);
585 classmark.classmark3_len = len;
586 }
587
588 if (ie_current_channel_type_1) {
589 r->current_channel_type_1 = ie_current_channel_type_1->val[0];
590 r->current_channel_type_1_present = true;
591 }
592
593 if (ie_speech_version_used) {
594 r->speech_version_used = ie_speech_version_used->val[0];
595 }
596
597 if (ie_chosen_encr_alg_serving && ie_chosen_encr_alg_serving->len) {
598 geran_encr.alg_id = ie_chosen_encr_alg_serving->val[0];
599 r->geran.chosen_encryption = &geran_encr;
600 }
601
602 if (ie_old_bss_to_new_bss_info) {
603 r->old_bss_to_new_bss_info_raw = ie_old_bss_to_new_bss_info->val;
604 r->old_bss_to_new_bss_info_raw_len = ie_old_bss_to_new_bss_info->len;
605 }
606
607 if (ie_imsi) {
Neels Hofmeyr46d526a2020-05-29 03:27:50 +0200[diff] [blame]608 struct osmo_mobile_identity mi;
609 if (osmo_mobile_identity_decode(&mi, ie_imsi->val, ie_imsi->len, false)
610 || mi.type != GSM_MI_TYPE_IMSI)
611 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "IE IMSI: cannot decode IMSI identity\n");
612 else
613 r->imsi = mi.imsi;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]614 }
615
616 if (ie_aoip_transp_addr) {
Pau Espin Pedrol06327172020-09-04 16:37:14 +0200[diff] [blame]617 struct sockaddr_storage rtp_addr;
618 if (gsm0808_dec_aoip_trasp_addr(&rtp_addr, ie_aoip_transp_addr->val, ie_aoip_transp_addr->len) < 0)
619 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "unable to decode AoIP transport address\n");
620 else if (osmo_sockaddr_str_from_sockaddr(&rtp_ran_local, &rtp_addr) < 0)
621 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "unable to decode remote RTP IP address\n");
622 else
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]623 r->rtp_ran_local = &rtp_ran_local;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]624 }
625
626 if (ie_codec_list_msc_preferred
627 && gsm0808_dec_speech_codec_list(&scl, ie_codec_list_msc_preferred->val,
628 ie_codec_list_msc_preferred->len) == 0)
629 r->codec_list_msc_preferred = &scl;
630
631 if (ie_call_id && ie_call_id->len == 4) {
632 r->call_id = osmo_load32le(ie_call_id->val);
633 r->call_id_present = true;
634 }
635
636 if (ie_global_call_ref) {
637 r->global_call_reference = ie_global_call_ref->val;
638 r->global_call_reference_len = ie_global_call_ref->len;
639 }
640
641 return ran_decoded(ran_dec, &ran_dec_msg);
642}
643
644static int ran_a_decode_handover_request_ack(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
645{
646 struct ran_msg ran_dec_msg = {
647 .msg_type = RAN_MSG_HANDOVER_REQUEST_ACK,
648 .msg_name = "BSSMAP Handover Request Acknowledge",
649 };
650 const struct tlv_p_entry *ie_l3_info = TLVP_GET(tp, GSM0808_IE_LAYER_3_INFORMATION);
651 const struct tlv_p_entry *ie_aoip_transp_addr = TLVP_GET(tp, GSM0808_IE_AOIP_TRASP_ADDR);
652 const struct tlv_p_entry *ie_speech_codec = TLVP_GET(tp, GSM0808_IE_SPEECH_CODEC);
653 const struct tlv_p_entry *ie_chosen_channel = TLVP_GET(tp, GSM0808_IE_CHOSEN_CHANNEL);
654 const struct tlv_p_entry *ie_chosen_encr_alg = TLVP_GET(tp, GSM0808_IE_CHOSEN_ENCR_ALG);
655 const struct tlv_p_entry *ie_chosen_speech_version = TLVP_GET(tp, GSM0808_IE_SPEECH_VERSION);
656
657 /* On missing mandatory IEs, dispatch an invalid RAN_MSG_HANDOVER_REQUEST_ACK so msc_a can act on the failure. */
658
659 if (ie_l3_info) {
660 ran_dec_msg.handover_request_ack.rr_ho_command = ie_l3_info->val;
661 ran_dec_msg.handover_request_ack.rr_ho_command_len = ie_l3_info->len;
662 }
663
664 if (ie_chosen_channel) {
665 ran_dec_msg.handover_request_ack.chosen_channel_present = true;
666 ran_dec_msg.handover_request_ack.chosen_channel = *ie_chosen_channel->val;
667 }
668
669 if (ie_chosen_encr_alg) {
670 ran_dec_msg.handover_request_ack.chosen_encr_alg = *ie_chosen_encr_alg->val;
671 if (ran_dec_msg.handover_request_ack.chosen_encr_alg < 1
672 || ran_dec_msg.handover_request_ack.chosen_encr_alg > 8) {
673 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "invalid Chosen Encryption Algorithm: %u\n",
674 ran_dec_msg.handover_request_ack.chosen_encr_alg);
675 }
676 }
677
678 if (ie_chosen_speech_version) {
679 struct gsm0808_speech_codec sc;
680 ran_dec_msg.handover_request_ack.chosen_speech_version = ie_chosen_speech_version->val[0];
681
682 /* the codec may be extrapolated from this Speech Version or below from Speech Codec */
683 gsm0808_speech_codec_from_chan_type(&sc, ran_dec_msg.handover_request_ack.chosen_speech_version);
684 ran_dec_msg.handover_request_ack.codec_present = true;
685 ran_dec_msg.handover_request_ack.codec = ran_a_mgcp_codec_from_sc(&sc);
686 }
687
688 if (ie_aoip_transp_addr) {
Pau Espin Pedrol06327172020-09-04 16:37:14 +0200[diff] [blame]689 struct sockaddr_storage rtp_addr;
690 if (gsm0808_dec_aoip_trasp_addr(&rtp_addr, ie_aoip_transp_addr->val, ie_aoip_transp_addr->len) < 0) {
691 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "unable to decode AoIP transport address\n");
692 } else if (osmo_sockaddr_str_from_sockaddr(&ran_dec_msg.handover_request_ack.remote_rtp,
693 &rtp_addr)) {
694 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "unable to decode remote RTP IP address\n");
695 ran_dec_msg.handover_request_ack.remote_rtp = (struct osmo_sockaddr_str){};
696 }
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]697 }
698
699 if (ie_speech_codec) {
700 struct gsm0808_speech_codec sc;
701 if (gsm0808_dec_speech_codec(&sc, ie_speech_codec->val, ie_speech_codec->len) < 0)
702 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "unable to decode IE Speech Codec (Chosen)\n");
703 else {
704 /* the codec may be extrapolated from above Speech Version or from this Speech Codec */
705 ran_dec_msg.handover_request_ack.codec_present = true;
706 ran_dec_msg.handover_request_ack.codec = ran_a_mgcp_codec_from_sc(&sc);
707 }
708 }
709
710 return ran_decoded(ran_dec, &ran_dec_msg);
711}
712
713static int ran_a_decode_handover_detect(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
714{
715 struct ran_msg ran_dec_msg = {
716 .msg_type = RAN_MSG_HANDOVER_DETECT,
717 .msg_name = "BSSMAP Handover Detect",
718 };
719
720 return ran_decoded(ran_dec, &ran_dec_msg);
721}
722
723static int ran_a_decode_handover_succeeded(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
724{
725 struct ran_msg ran_dec_msg = {
726 .msg_type = RAN_MSG_HANDOVER_SUCCEEDED,
727 .msg_name = "BSSMAP Handover Succeeded",
728 };
729
730 return ran_decoded(ran_dec, &ran_dec_msg);
731}
732
733static int ran_a_decode_handover_complete(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
734{
735 struct ran_msg ran_dec_msg = {
736 .msg_type = RAN_MSG_HANDOVER_COMPLETE,
737 .msg_name = "BSSMAP Handover Complete",
738 };
739
740 return ran_decoded(ran_dec, &ran_dec_msg);
741}
742
743static int ran_a_decode_handover_failure(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
744{
745 struct ran_msg ran_dec_msg = {
746 .msg_type = RAN_MSG_HANDOVER_FAILURE,
747 .msg_name = "BSSMAP Handover Failure",
748 };
749
750 return ran_decoded(ran_dec, &ran_dec_msg);
751}
752
753static int ran_a_decode_bssmap(struct ran_dec *ran_dec, struct msgb *bssmap)
754{
755 struct tlv_parsed tp[2];
756 int rc;
757 struct bssmap_header *h = msgb_l2(bssmap);
758 uint8_t msg_type;
759 bssmap->l3h = bssmap->l2h + sizeof(*h);
760
761 if (msgb_l3len(bssmap) < 1) {
762 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "No data received, discarding message\n");
763 return -1;
764 }
765
766 if (msgb_l3len(bssmap) < h->length) {
Neels Hofmeyrf0923012019-08-22 17:19:49 +0200[diff] [blame]767 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "BSSMAP data truncated, discarding message:"
768 " msgb_l3len(bssmap) == %u < bssmap_header->length == %u\n",
769 msgb_l3len(bssmap), h->length);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]770 return -1;
771 }
772
773 if (msgb_l3len(bssmap) > h->length) {
Neels Hofmeyrf0923012019-08-22 17:19:49 +0200[diff] [blame]774 LOG_RAN_A_DEC(ran_dec, LOGL_NOTICE, "There are %u extra bytes after the BSSMAP data, truncating:"
775 " msgb_l3len(bssmap) == %u > bssmap_header->length == %u\n",
776 msgb_l3len(bssmap) - h->length,
777 msgb_l3len(bssmap), h->length);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]778 msgb_l3trim(bssmap, h->length);
779 }
780
781 /* h->type == BSSAP_MSG_BSS_MANAGEMENT; h->length is the data length,
782 * which starts with the MAP msg_type, followed by IEs. */
783 msg_type = bssmap->l3h[0];
784 rc = osmo_bssap_tlv_parse2(tp, ARRAY_SIZE(tp), bssmap->l3h + 1, h->length - 1);
785 if (rc < 0) {
786 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "Failed parsing TLV, discarding message\n");
787 return -EINVAL;
788 }
789
Neels Hofmeyr72fc7062019-10-08 06:24:17 +0200[diff] [blame]790 LOG_RAN_A_DEC(ran_dec, LOGL_DEBUG, "%s\n", gsm0808_bssmap_name(msg_type));
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]791
792 switch (msg_type) {
793 case BSS_MAP_MSG_COMPLETE_LAYER_3:
794 return ran_a_decode_l3_compl(ran_dec, bssmap, tp);
795 case BSS_MAP_MSG_CLEAR_RQST:
796 return ran_a_decode_clear_request(ran_dec, bssmap, tp);
797 case BSS_MAP_MSG_CLEAR_COMPLETE:
798 return ran_a_decode_clear_complete(ran_dec, bssmap, tp);
799 case BSS_MAP_MSG_CLASSMARK_UPDATE:
800 return ran_a_decode_classmark_update(ran_dec, bssmap, tp);
801 case BSS_MAP_MSG_CIPHER_MODE_COMPLETE:
802 return ran_a_decode_cipher_mode_complete(ran_dec, bssmap, tp);
803 case BSS_MAP_MSG_CIPHER_MODE_REJECT:
804 return ran_a_decode_cipher_mode_reject(ran_dec, bssmap, tp);
805 case BSS_MAP_MSG_ASSIGMENT_COMPLETE:
806 rc = ran_a_decode_assignment_complete(ran_dec, bssmap, tp);
807 if (rc < 0) {
808 struct ran_msg ran_dec_msg = {
809 .msg_type = RAN_MSG_ASSIGNMENT_FAILURE,
810 .msg_name = "BSSMAP Assignment Complete but failed to decode",
811 .clear_request = {
812 .bssap_cause = GSM0808_CAUSE_EQUIPMENT_FAILURE,
813 },
814 };
815 ran_decoded(ran_dec, &ran_dec_msg);
816 }
817 return rc;
818 case BSS_MAP_MSG_ASSIGMENT_FAILURE:
819 return ran_a_decode_assignment_failure(ran_dec, bssmap, tp);
820 case BSS_MAP_MSG_SAPI_N_REJECT:
821 return ran_a_decode_sapi_n_reject(ran_dec, bssmap, tp);
822 case BSS_MAP_MSG_LCLS_NOTIFICATION:
823 return ran_a_decode_lcls_notification(ran_dec, bssmap, tp);
824
825 /* From current RAN peer, the Handover origin: */
826 case BSS_MAP_MSG_HANDOVER_REQUIRED:
827 return ran_a_decode_handover_required(ran_dec, bssmap, tp);
828
829 /* From current MSC to remote handover target MSC */
830 case BSS_MAP_MSG_HANDOVER_RQST:
831 return ran_a_decode_handover_request(ran_dec, bssmap, tp);
832
833 /* From potential new RAN peer, the Handover target: */
834 case BSS_MAP_MSG_HANDOVER_RQST_ACKNOWLEDGE:
835 return ran_a_decode_handover_request_ack(ran_dec, bssmap, tp);
836 case BSS_MAP_MSG_HANDOVER_DETECT:
837 return ran_a_decode_handover_detect(ran_dec, bssmap, tp);
838 case BSS_MAP_MSG_HANDOVER_SUCCEEDED:
839 return ran_a_decode_handover_succeeded(ran_dec, bssmap, tp);
840 case BSS_MAP_MSG_HANDOVER_COMPLETE:
841 return ran_a_decode_handover_complete(ran_dec, bssmap, tp);
842
843 /* From any Handover peer: */
844 case BSS_MAP_MSG_HANDOVER_FAILURE:
845 return ran_a_decode_handover_failure(ran_dec, bssmap, tp);
846
847 default:
848 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "Unimplemented msg type: %s\n", gsm0808_bssmap_name(msg_type));
849 return -EINVAL;
850 }
851
852 return -EINVAL;
853}
854
855static int ran_a_decode_l3(struct ran_dec *ran_dec, struct msgb *l3)
856{
857 struct dtap_header *dtap = msgb_l2(l3);
858 struct ran_msg ran_dec_msg = {
859 .msg_type = RAN_MSG_DTAP,
860 .msg_name = "BSSAP DTAP",
861 .dtap = l3,
862 };
863 l3->l3h = l3->l2h + sizeof(struct dtap_header);
864 OMSC_LINKID_CB(l3) = dtap->link_id;
865 return ran_decoded(ran_dec, &ran_dec_msg);
866}
867
868int ran_a_decode_l2(struct ran_dec *ran_dec, struct msgb *bssap)
869{
870 uint8_t bssap_type;
871 OSMO_ASSERT(bssap);
872
873 if (!msgb_l2(bssap) || !msgb_l2len(bssap)) {
874 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "Cannot decode L2, msg->l2h is unset / empty: %s\n",
875 msgb_hexdump(bssap));
876 return -EINVAL;
877 }
878
879 if (msgb_l2len(bssap) < sizeof(struct bssmap_header)) {
880 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "The header is too short -- discarding message\n");
881 return -EINVAL;
882 }
883
884 bssap_type = bssap->l2h[0];
885 switch (bssap_type) {
886 case BSSAP_MSG_BSS_MANAGEMENT:
887 return ran_a_decode_bssmap(ran_dec, bssap);
888 case BSSAP_MSG_DTAP:
889 return ran_a_decode_l3(ran_dec, bssap);
890 default:
891 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "Unimplemented BSSAP msg type: %s\n", gsm0808_bssap_name(bssap_type));
892 return -EINVAL;
893 }
894}
895
896static struct msgb *ran_a_wrap_dtap(struct msgb *dtap)
897{
898 struct msgb *an_apdu;
899 dtap->l3h = dtap->data;
900 an_apdu = gsm0808_create_dtap(dtap, OMSC_LINKID_CB(dtap));
901 an_apdu->l2h = an_apdu->data;
902 msgb_free(dtap);
903 return an_apdu;
904}
905
906static int ran_a_channel_type_to_speech_codec_list(struct gsm0808_speech_codec_list *scl, const struct gsm0808_channel_type *ct)
907{
908 unsigned int i;
909 int rc;
910
911 memset(scl, 0, sizeof(*scl));
912 for (i = 0; i < ct->perm_spch_len; i++) {
913 rc = gsm0808_speech_codec_from_chan_type(&scl->codec[i], ct->perm_spch[i]);
914 if (rc != 0)
915 return -EINVAL;
916 }
917 scl->len = i;
918
919 return 0;
920}
921
Pau Espin Pedrola3cdab42019-05-09 17:54:08 +0200[diff] [blame]922static void _gsm0808_assignment_extend_osmux(struct msgb *msg, uint8_t cid)
923{
924 OSMO_ASSERT(msg->l3h[1] == msgb_l3len(msg) - 2); /*TL not in len */
925 msgb_tv_put(msg, GSM0808_IE_OSMO_OSMUX_CID, cid);
926 msg->l3h[1] = msgb_l3len(msg) - 2;
927}
928
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]929/* Compose a BSSAP Assignment Command.
930 * Passing an RTP address is optional.
931 * The msub is passed merely for error logging. */
932static struct msgb *ran_a_make_assignment_command(struct osmo_fsm_inst *log_fi,
933 const struct ran_assignment_command *ac)
934{
935 struct gsm0808_speech_codec_list scl;
936 struct gsm0808_speech_codec_list *use_scl = NULL;
937 struct sockaddr_storage rtp_addr;
938 struct sockaddr_storage *use_rtp_addr = NULL;
Pau Espin Pedrola3cdab42019-05-09 17:54:08 +0200[diff] [blame]939 struct msgb *msg;
Philipp Maierf34d9452020-06-05 15:49:35 +0200[diff] [blame]940 const uint32_t *call_id = NULL;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]941 int rc;
942
943 if (!ac->channel_type) {
944 LOG_RAN_A_ENC(log_fi, LOGL_ERROR, "Assignment Command: missing Channel Type\n");
945 return NULL;
946 }
947
948 if (ac->channel_type->ch_indctr == GSM0808_CHAN_SPEECH) {
949 rc = ran_a_channel_type_to_speech_codec_list(&scl, ac->channel_type);
950 if (rc < 0) {
951 LOG_RAN_A_ENC(log_fi, LOGL_ERROR, "Assignment Command: Cannot translate Channel Type to Speech Codec List\n");
952 return NULL;
953 }
954 use_scl = &scl;
955
956 /* Package RTP-Address data */
Neels Hofmeyr84ce2062019-10-05 05:15:25 +0200[diff] [blame]957 if (osmo_sockaddr_str_is_nonzero(ac->cn_rtp)) {
Pau Espin Pedrold35abfa2020-08-31 20:44:50 +0200[diff] [blame]958 struct sockaddr_in *sin;
959 struct sockaddr_in6 *sin6;
960 int family = osmo_ip_str_type(ac->cn_rtp->ip);
961 switch (family) {
962 case AF_INET:
963 sin = (struct sockaddr_in *)&rtp_addr;
964 sin->sin_family = AF_INET;
965 sin->sin_port = osmo_htons(ac->cn_rtp->port);
966 if (inet_pton(AF_INET, ac->cn_rtp->ip, &sin->sin_addr) != 1) {
967 LOG_RAN_A_ENC(log_fi, LOGL_ERROR,
968 "Assignment Command: Invalid RTP-Address %s\n",
969 ac->cn_rtp->ip);
970 return NULL;
971 }
972 if (sin->sin_port == 0) {
973 LOG_RAN_A_ENC(log_fi, LOGL_ERROR,
974 "Assignment Command: Invalid RTP-Port\n");
975 return NULL;
976 }
977 break;
978 case AF_INET6:
979 sin6 = (struct sockaddr_in6 *)&rtp_addr;
980 sin6->sin6_family = AF_INET6;
981 sin6->sin6_port = osmo_htons(ac->cn_rtp->port);
982 if (inet_pton(AF_INET6, ac->cn_rtp->ip, &sin6->sin6_addr) != 1) {
983 LOG_RAN_A_ENC(log_fi, LOGL_ERROR,
984 "Assignment Command: Invalid RTP-Address %s\n",
985 ac->cn_rtp->ip);
986 return NULL;
987 }
988 if (sin6->sin6_port == 0) {
989 LOG_RAN_A_ENC(log_fi, LOGL_ERROR,
990 "Assignment Command: Invalid RTP-Port\n");
991 return NULL;
992 }
993 break;
994 default:
995 LOG_RAN_A_ENC(log_fi, LOGL_ERROR,
996 "Assignment Command: Invalid RTP-Address type for %s\n",
997 ac->cn_rtp->ip);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]998 return NULL;
999 }
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1000 use_rtp_addr = &rtp_addr;
1001 }
1002 }
1003
Philipp Maierf34d9452020-06-05 15:49:35 +0200[diff] [blame]1004 if(ac->call_id_present == true)
1005 call_id = &ac->call_id;
1006
Keith Whytea1a70be2021-05-16 02:59:52 +0200[diff] [blame^]1007 msg = gsm0808_create_ass2(ac->channel_type, NULL, use_rtp_addr, use_scl, call_id,
1008 NULL, ac->lcls);
Pau Espin Pedrola3cdab42019-05-09 17:54:08 +0200[diff] [blame]1009 if (ac->osmux_present)
1010 _gsm0808_assignment_extend_osmux(msg, ac->osmux_cid);
1011 return msg;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1012}
1013
1014/* For an A5/N number a5_n set dst to the matching GSM0808_ALG_ID_A5_<n>. */
1015static int a5_n_to_gsm0808_chosen_enc_alg(uint8_t *dst, int a5_n)
1016{
1017 switch (a5_n) {
1018 case 0:
1019 *dst = GSM0808_ALG_ID_A5_0;
1020 return 0;
1021 case 1:
1022 *dst = GSM0808_ALG_ID_A5_1;
1023 return 0;
1024 case 2:
1025 *dst = GSM0808_ALG_ID_A5_2;
1026 return 0;
1027 case 3:
1028 *dst = GSM0808_ALG_ID_A5_3;
1029 return 0;
Neels Hofmeyr6ce2edc2021-06-09 22:26:11 +0200[diff] [blame]1030 case 4:
1031 *dst = GSM0808_ALG_ID_A5_4;
1032 return 0;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1033 default:
1034 return -ENOTSUP;
1035 }
1036}
1037
1038static int make_encrypt_info_perm_algo(struct osmo_fsm_inst *fi, struct gsm0808_encrypt_info *ei,
1039 uint8_t a5_encryption_mask, const struct osmo_gsm48_classmark *cm)
1040{
1041 int i;
1042 int j = 0;
1043 for (i = 0; i < 8; i++) {
1044 int supported;
1045
1046 /* A5/n permitted by osmo-msc.cfg? */
1047 if (!(a5_encryption_mask & (1 << i)))
1048 continue;
1049
1050 /* A5/n supported by MS? */
1051 supported = osmo_gsm48_classmark_supports_a5(cm, i);
1052 if (supported != 1)
1053 continue;
1054
1055 if (a5_n_to_gsm0808_chosen_enc_alg(&ei->perm_algo[j], i)) {
1056 LOG_RAN_A_ENC(fi, LOGL_ERROR, "Not supported: A5/%d algorithm\n", i);
1057 return -1;
1058 }
1059 j++;
1060 ei->perm_algo_len = j;
1061 }
1062 return 0;
1063}
1064
1065/* For ran_a_make_cipher_mode_command(), for
1066 * memcpy(ei.key, cm->vec->kc, sizeof(cm->vec->kc));
1067 */
1068osmo_static_assert(sizeof(((struct gsm0808_encrypt_info*)0)->key) >= sizeof(((struct osmo_auth_vector*)0)->kc),
1069 gsm0808_encrypt_info_key_fits_osmo_auth_vec_kc);
1070static struct msgb *ran_a_make_cipher_mode_command(struct osmo_fsm_inst *fi, const struct ran_cipher_mode_command *cm)
1071{
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1072 struct gsm0808_cipher_mode_command cmc = {
1073 .cipher_response_mode_present = true,
1074 .cipher_response_mode = 1, /* 1: include IMEISV (3GPP TS 48.008 3.2.2.34) */
1075 };
1076 struct gsm0808_encrypt_info *ei = &cmc.ei;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1077 char buf[16 * 2 + 1];
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1078
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1079 if (make_encrypt_info_perm_algo(fi, ei, cm->geran.a5_encryption_mask, cm->classmark))
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1080 return NULL;
1081
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1082 if (ei->perm_algo_len == 0) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1083 LOG_RAN_A_ENC(fi, LOGL_ERROR, "cannot start ciphering, no intersection between MSC-configured"
1084 " and MS-supported A5 algorithms. MSC: 0x%02x MS: %s\n",
1085 cm->geran.a5_encryption_mask, osmo_gsm48_classmark_a5_name(cm->classmark));
1086 return NULL;
1087 }
1088
1089 /* In case of UMTS AKA, the Kc for ciphering must be derived from the 3G auth
1090 * tokens. vec->kc was calculated from the GSM algorithm and is not
1091 * necessarily a match for the UMTS AKA tokens. */
Neels Hofmeyr6ce2edc2021-06-09 22:26:11 +0200[diff] [blame]1092 if (cm->geran.umts_aka) {
1093 int i;
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1094 osmo_auth_c3(ei->key, cm->vec->ck, cm->vec->ik);
Neels Hofmeyr6ce2edc2021-06-09 22:26:11 +0200[diff] [blame]1095
1096 for (i = 0; i < ei->perm_algo_len; i++) {
1097 if (ei->perm_algo[i] != GSM0808_ALG_ID_A5_4)
1098 continue;
1099 /* A5/4 is included, so need to generate Kc128 */
1100 osmo_kdf_kc128(cm->vec->ck, cm->vec->ik, cmc.kc128);
1101 cmc.kc128_present = true;
1102 break;
1103 }
1104 } else {
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1105 memcpy(ei->key, cm->vec->kc, sizeof(cm->vec->kc));
Neels Hofmeyr6ce2edc2021-06-09 22:26:11 +0200[diff] [blame]1106 }
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1107 ei->key_len = sizeof(cm->vec->kc);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1108
1109 /* Store chosen GERAN key where the caller asked it to be stored.
1110 * alg_id remains unknown until we receive a Cipher Mode Complete from the BSC */
1111 if (cm->geran.chosen_key) {
Neels Hofmeyr6ce2edc2021-06-09 22:26:11 +0200[diff] [blame]1112 *cm->geran.chosen_key = (struct geran_encr){0};
1113
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1114 if (ei->key_len > sizeof(cm->geran.chosen_key->key)) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1115 LOG_RAN_A_ENC(fi, LOGL_ERROR, "Chosen key is larger than I can store\n");
1116 return NULL;
1117 }
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1118 memcpy(cm->geran.chosen_key->key, ei->key, ei->key_len);
1119 cm->geran.chosen_key->key_len = ei->key_len;
Neels Hofmeyr6ce2edc2021-06-09 22:26:11 +0200[diff] [blame]1120
1121 if (cmc.kc128_present) {
1122 memcpy(cm->geran.chosen_key->kc128, cmc.kc128, 16);
1123 cm->geran.chosen_key->kc128_present = true;
1124 }
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1125 }
1126
1127 LOG_RAN_A_ENC(fi, LOGL_DEBUG, "Tx BSSMAP CIPHER MODE COMMAND to BSC, %u ciphers (%s) key %s\n",
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1128 ei->perm_algo_len, osmo_hexdump_nospc(ei->perm_algo, ei->perm_algo_len),
1129 osmo_hexdump_buf(buf, sizeof(buf), ei->key, ei->key_len, NULL, false));
1130 return gsm0808_create_cipher2(&cmc);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1131}
1132
1133struct msgb *ran_a_make_handover_request(struct osmo_fsm_inst *log_fi, const struct ran_handover_request *n)
1134{
1135 struct sockaddr_storage ss;
1136 struct gsm0808_handover_request r = {
1137 .cell_identifier_serving = n->cell_id_serving,
1138 .cell_identifier_target = n->cell_id_target,
1139 .cause = n->bssap_cause,
1140 .current_channel_type_1_present = n->current_channel_type_1_present,
1141 .current_channel_type_1 = n->current_channel_type_1,
1142
1143 .speech_version_used = n->speech_version_used,
1144
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1145 .old_bss_to_new_bss_info_raw = n->old_bss_to_new_bss_info_raw,
1146 .old_bss_to_new_bss_info_raw_len = n->old_bss_to_new_bss_info_raw_len,
1147
1148 .imsi = n->imsi,
1149 .codec_list_msc_preferred = n->codec_list_msc_preferred,
Philipp Maier7da956e2020-06-09 14:34:40 +0200[diff] [blame]1150 .call_id_present = n->call_id_present,
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1151 .call_id = n->call_id,
1152 .global_call_reference = n->global_call_reference,
1153 .global_call_reference_len = n->global_call_reference_len,
1154 };
1155
1156 if (!n->geran.channel_type) {
1157 LOG_RAN_A_ENC(log_fi, LOGL_ERROR, "Channel Type required for encoding Handover Request in BSSAP\n");
1158 return NULL;
1159 }
1160 r.channel_type = *n->geran.channel_type;
1161
1162 /* Encryption Information */
1163 make_encrypt_info_perm_algo(log_fi, &r.encryption_information, n->geran.a5_encryption_mask, n->classmark);
1164 if (n->geran.chosen_encryption && n->geran.chosen_encryption->key_len) {
Vadim Yanitskiy444771d2019-05-11 04:46:24 +0700[diff] [blame]1165 /* Prevent both source / destination buffer overrun / overflow */
1166 if (n->geran.chosen_encryption->key_len > sizeof(r.encryption_information.key)
1167 || n->geran.chosen_encryption->key_len > sizeof(n->geran.chosen_encryption->key)) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1168 LOG_RAN_A_ENC(log_fi, LOGL_ERROR, "Handover Request: invalid chosen encryption key size %u\n",
1169 n->geran.chosen_encryption->key_len);
1170 return NULL;
1171 }
1172 memcpy(r.encryption_information.key,
1173 n->geran.chosen_encryption->key, n->geran.chosen_encryption->key_len);
1174 r.encryption_information.key_len = n->geran.chosen_encryption->key_len;
Vadim Yanitskiybfe8eb72019-05-11 03:52:28 +0700[diff] [blame]1175 r.chosen_encryption_algorithm_serving = n->geran.chosen_encryption->alg_id;
Neels Hofmeyrdb07fdc2021-06-09 22:27:47 +0200[diff] [blame]1176
1177 if (n->geran.chosen_encryption->kc128_present) {
1178 r.more_items = true;
1179 memcpy(r.kc128, n->geran.chosen_encryption->kc128, sizeof(r.kc128));
1180 r.kc128_present = true;
1181 }
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1182 }
1183
1184 if (n->classmark)
1185 r.classmark_information = *n->classmark;
1186
Neels Hofmeyr84ce2062019-10-05 05:15:25 +0200[diff] [blame]1187 if (osmo_sockaddr_str_is_nonzero(n->rtp_ran_local)) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1188 if (osmo_sockaddr_str_to_sockaddr(n->rtp_ran_local, &ss)) {
1189 LOG_RAN_A_ENC(log_fi, LOGL_ERROR,
1190 "Handover Request: invalid AoIP Transport Layer address/port: "
1191 OSMO_SOCKADDR_STR_FMT "\n", OSMO_SOCKADDR_STR_FMT_ARGS(n->rtp_ran_local));
1192 return NULL;
1193 }
1194 r.aoip_transport_layer = &ss;
1195 }
1196
1197 return gsm0808_create_handover_request(&r);
1198}
1199
1200static struct msgb *ran_a_make_handover_request_ack(struct osmo_fsm_inst *caller_fi, const struct ran_handover_request_ack *r)
1201{
1202 struct sockaddr_storage ss;
1203 struct gsm0808_handover_request_ack params = {
1204 .l3_info = r->rr_ho_command,
1205 .l3_info_len = r->rr_ho_command_len,
1206 .chosen_channel_present = r->chosen_channel_present,
1207 .chosen_channel = r->chosen_channel,
1208 .chosen_encr_alg = r->chosen_encr_alg,
1209 .chosen_speech_version = r->chosen_speech_version,
1210 };
1211
Neels Hofmeyr84ce2062019-10-05 05:15:25 +0200[diff] [blame]1212 if (osmo_sockaddr_str_is_nonzero(&r->remote_rtp)) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1213 osmo_sockaddr_str_to_sockaddr(&r->remote_rtp, &ss);
1214 params.aoip_transport_layer = &ss;
1215 }
1216
1217 return gsm0808_create_handover_request_ack2(&params);
1218}
1219
1220struct msgb *ran_a_make_handover_command(struct osmo_fsm_inst *log_fi, const struct ran_handover_command *n)
1221{
1222 struct gsm0808_handover_command c = {
1223 .l3_info = n->rr_ho_command,
1224 .l3_info_len = n->rr_ho_command_len,
1225 };
1226
1227 return gsm0808_create_handover_command(&c);
1228}
1229
1230struct msgb *ran_a_make_handover_failure(struct osmo_fsm_inst *log_fi, const struct ran_msg *msg)
1231{
1232 struct gsm0808_handover_failure params = {
1233 .cause = msg->handover_failure.cause,
1234 };
1235 return gsm0808_create_handover_failure(&params);
1236}
1237
1238static struct msgb *_ran_a_encode(struct osmo_fsm_inst *caller_fi, const struct ran_msg *ran_enc_msg)
1239{
1240
1241 LOG_RAN_A_ENC(caller_fi, LOGL_DEBUG, "%s\n", ran_msg_type_name(ran_enc_msg->msg_type));
1242
1243 switch (ran_enc_msg->msg_type) {
1244
1245 case RAN_MSG_DTAP:
1246 return ran_a_wrap_dtap(ran_enc_msg->dtap);
1247
1248 case RAN_MSG_CLASSMARK_REQUEST:
1249 return gsm0808_create_classmark_request();
1250
1251 case RAN_MSG_CLEAR_COMMAND:
1252 return gsm0808_create_clear_command2(ran_enc_msg->clear_command.gsm0808_cause,
1253 ran_enc_msg->clear_command.csfb_ind);
1254
1255 case RAN_MSG_ASSIGNMENT_COMMAND:
1256 return ran_a_make_assignment_command(caller_fi, &ran_enc_msg->assignment_command);
1257
Harald Welte544a32f2020-06-21 22:15:53 +0200[diff] [blame]1258 case RAN_MSG_COMMON_ID:
Pau Espin Pedrol67106702021-04-27 18:20:15 +0200[diff] [blame]1259 return gsm0808_create_common_id(ran_enc_msg->common_id.imsi, NULL,
1260 ran_enc_msg->common_id.last_eutran_plmn_present ?
1261 &ran_enc_msg->common_id.last_eutran_plmn :
1262 NULL
1263 );
Harald Welte544a32f2020-06-21 22:15:53 +0200[diff] [blame]1264
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1265 case RAN_MSG_CIPHER_MODE_COMMAND:
1266 return ran_a_make_cipher_mode_command(caller_fi, &ran_enc_msg->cipher_mode_command);
1267
1268 case RAN_MSG_HANDOVER_REQUIRED_REJECT:
1269 return gsm0808_create_handover_required_reject(&ran_enc_msg->handover_required_reject);
1270
1271 case RAN_MSG_HANDOVER_REQUEST:
1272 return ran_a_make_handover_request(caller_fi, &ran_enc_msg->handover_request);
1273
1274 case RAN_MSG_HANDOVER_REQUEST_ACK:
1275 return ran_a_make_handover_request_ack(caller_fi, &ran_enc_msg->handover_request_ack);
1276
1277 case RAN_MSG_HANDOVER_COMMAND:
1278 return ran_a_make_handover_command(caller_fi, &ran_enc_msg->handover_command);
1279
1280 case RAN_MSG_HANDOVER_SUCCEEDED:
1281 return gsm0808_create_handover_succeeded();
1282
1283 case RAN_MSG_HANDOVER_FAILURE:
1284 return ran_a_make_handover_failure(caller_fi, ran_enc_msg);
1285
1286 default:
1287 LOG_RAN_A_ENC(caller_fi, LOGL_ERROR, "Unimplemented RAN-encode message type: %s\n",
1288 ran_msg_type_name(ran_enc_msg->msg_type));
1289 return NULL;
1290 }
1291}
1292
1293struct msgb *ran_a_encode(struct osmo_fsm_inst *caller_fi, const struct ran_msg *ran_enc_msg)
1294{
1295 struct msgb *msg = _ran_a_encode(caller_fi, ran_enc_msg);
1296
1297 if (!msg)
1298 return NULL;
1299
1300 msg->l2h = msg->data;
1301
1302 /* some consistency checks to ensure we don't send invalid length */
1303 switch (msg->l2h[0]) {
1304 case BSSAP_MSG_DTAP:
1305 OSMO_ASSERT(msgb_l2len(msg) == msg->l2h[2] + 3);
1306 break;
1307 case BSSAP_MSG_BSS_MANAGEMENT:
1308 OSMO_ASSERT(msgb_l2len(msg) == msg->l2h[1] + 2);
1309 break;
1310 default:
1311 break;
1312 }
1313
1314 return msg;
1315}
1316
Neels Hofmeyrb6972742020-06-26 15:20:51 +0200[diff] [blame]1317static void cl_parse_osmux(struct osmo_fsm_inst *log_fi, struct msgb *msg, int *supports_osmux)
1318{
1319 struct tlv_parsed tp;
1320 int rc;
1321
1322 if (supports_osmux == NULL)
1323 return;
1324
1325 rc = tlv_parse(&tp, gsm0808_att_tlvdef(), msgb_l3(msg) + 1, msgb_l3len(msg) - 1, 0, 0);
1326 if (rc < 0) {
1327 LOGPFSMSL(log_fi, DBSSAP, LOGL_ERROR, "BSSMAP: Failed parsing TLV looking for Osmux support\n");
1328 return;
1329 }
1330
1331 if (TLVP_PRESENT(&tp, GSM0808_IE_OSMO_OSMUX_SUPPORT)) {
1332 *supports_osmux = true;
1333 } else {
1334 *supports_osmux = false;
1335 }
1336}
1337
1338/* Return 1 for a RESET, 2 for a RESET ACK message, 0 otherwise.
1339 * In supports_osmux, return 0 for no information, 1 for support detected, -1 for non-support detected. */
1340enum reset_msg_type bssmap_is_reset_msg(const struct sccp_ran_inst *sri, struct osmo_fsm_inst *log_fi,
1341 struct msgb *l2, int *supports_osmux)
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1342{
1343 struct bssmap_header *bs = (struct bssmap_header *)msgb_l2(l2);
1344
Neels Hofmeyrb6972742020-06-26 15:20:51 +0200[diff] [blame]1345 if (supports_osmux != NULL)
1346 *supports_osmux = 0;
1347
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1348 if (!bs
1349 || msgb_l2len(l2) < (sizeof(*bs) + 1)
1350 || bs->type != BSSAP_MSG_BSS_MANAGEMENT)
1351 return SCCP_RAN_MSG_NON_RESET;
1352
Neels Hofmeyrb6972742020-06-26 15:20:51 +0200[diff] [blame]1353 l2->l3h = l2->l2h + sizeof(struct bssmap_header);
1354
1355 switch (l2->l3h[0]) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1356 case BSS_MAP_MSG_RESET:
Neels Hofmeyrb6972742020-06-26 15:20:51 +0200[diff] [blame]1357 cl_parse_osmux(log_fi, l2, supports_osmux);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1358 return SCCP_RAN_MSG_RESET;
1359 case BSS_MAP_MSG_RESET_ACKNOWLEDGE:
Neels Hofmeyrb6972742020-06-26 15:20:51 +0200[diff] [blame]1360 cl_parse_osmux(log_fi, l2, supports_osmux);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1361 return SCCP_RAN_MSG_RESET_ACK;
1362 default:
1363 return SCCP_RAN_MSG_NON_RESET;
1364 }
1365}
1366
Pau Espin Pedrolc9ba7542019-05-07 12:23:49 +0200[diff] [blame]1367/* Patch regular BSSMAP RESET to add extra T to announce Osmux support (osmocom extension) */
1368static void _gsm0808_extend_announce_osmux(struct msgb *msg)
1369{
1370 OSMO_ASSERT(msg->l3h[1] == msgb_l3len(msg) - 2); /*TL not in len */
1371 msgb_put_u8(msg, GSM0808_IE_OSMO_OSMUX_SUPPORT);
1372 msg->l3h[1] = msgb_l3len(msg) - 2;
1373}
1374
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1375struct msgb *bssmap_make_reset_msg(const struct sccp_ran_inst *sri, enum reset_msg_type type)
1376{
Pau Espin Pedrolc9ba7542019-05-07 12:23:49 +0200[diff] [blame]1377 struct gsm_network *net = sri->user_data;
1378 struct msgb *msg;
1379
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1380 switch (type) {
1381 case SCCP_RAN_MSG_RESET:
Pau Espin Pedrolc9ba7542019-05-07 12:23:49 +0200[diff] [blame]1382 msg = gsm0808_create_reset();
1383 break;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1384 case SCCP_RAN_MSG_RESET_ACK:
Pau Espin Pedrolc9ba7542019-05-07 12:23:49 +0200[diff] [blame]1385 msg = gsm0808_create_reset_ack();
1386 break;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1387 default:
1388 return NULL;
1389 }
Pau Espin Pedrolc9ba7542019-05-07 12:23:49 +0200[diff] [blame]1390
1391 if (!msg)
1392 return NULL;
1393
1394 if (net->use_osmux != OSMUX_USAGE_OFF)
1395 _gsm0808_extend_announce_osmux(msg);
1396
1397 return msg;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1398}
1399
1400struct msgb *bssmap_make_paging_msg(const struct sccp_ran_inst *sri, const struct gsm0808_cell_id *page_cell_id,
1401 const char *imsi, uint32_t tmsi, enum paging_cause cause)
1402{
1403 struct gsm0808_cell_id_list2 cil;
1404 gsm0808_cell_id_to_list(&cil, page_cell_id);
1405 return gsm0808_create_paging2(imsi, tmsi == GSM_RESERVED_TMSI ? NULL : &tmsi, &cil, NULL);
1406}
1407
1408const char *bssmap_msg_name(const struct sccp_ran_inst *sri, const struct msgb *l2)
1409{
1410 struct bssmap_header *bs;
1411
1412 if (!l2->l2h)
1413 return "?";
1414
1415 bs = (struct bssmap_header *)msgb_l2(l2);
1416 switch (bs->type) {
1417 case BSSAP_MSG_BSS_MANAGEMENT:
1418 return gsm0808_bssmap_name(l2->l2h[0]);
1419 case BSSAP_MSG_DTAP:
1420 return "DTAP";
1421 default:
1422 return "?";
1423 }
1424}