Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-msc / cc7b7b85484d8429480916d4a6d237e8a4396c37 / . / src / libmsc / msc_vgcs.c
blob: e713ba5774206443f5742f6b3d7642815bca9345 [file] [log] [blame]
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]1/* Handle VGCS/VBCS calls. (Voice Group/Broadcast Call Service). */
2/*
3 * (C) 2023 by sysmocom - s.f.m.c. GmbH <info@sysmocom.de>
4 * All Rights Reserved
5 *
6 * SPDX-License-Identifier: AGPL-3.0+
7 *
8 * Author: Andreas Eversberg
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU Affero General Public License as published by
12 * the Free Software Foundation; either version 3 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU Affero General Public License for more details.
19 *
20 * You should have received a copy of the GNU Affero General Public License
21 * along with this program. If not, see <http://www.gnu.org/licenses/>.
22 */
23
24/* The process consists of four state machines:
25 *
26 * The call control state machine "GCC" handles the voice group/broadcast call.
27 * There is one instance for every call. It is mainly controlled by the calling
28 * subscriber. The state machine is described in 3GPP TS 44.068 / 44.069.
29 * One SCCP connection to the calling subscriber is associated with the state
30 * machine. Once the calling subscriber leaves or is assigned to the VGCS/VBS
31 * channel, the association to the MSC-A role is removed and the SCCP connection
32 * is closed. The state machine with the transaction still exists until the end
33 * of the call.
34 *
35 * The BSS control state machine "vgcs_bss_fsm" handles the call in each BSC.
36 * There are as many instances as there are BSCs where the call is placed to.
37 * The instances are linked to the call control in a 1:n relation.
38 * One SCCP connection for every BSC is associated with the state machine.
39 * It sets up the call in the BSC and handles the uplink control and signaling
40 * with the talking phone.
41 *
42 * The resource controling state machine "vgcs_cell_fsm" handles the channel for
43 * each BTS that has a VGCS for the call. The instances are linked to the BSS
44 * control in a 1:n relation.
45 * One SCCP connection for every cell is associated with each list entry.
46 * It assigns the VGCS/VBS channel and the conference bridge in the MGW.
47 *
48 * The MGW endpoint state machine "vgcs_mgw_ep_fsm" handles the endpoint
49 * connection for each call. It controls the clearing of the MGW connections
50 * in case of endpoint failure. All instances of the resource controlling state
51 * machine are linked to this state machine in a 1:n relation.
52 *
53 * Setup of a call:
54 *
55 * When the calling subscriber dials a group/broadcast call, the GCR is checked
56 * for an existing Group ID. If it exists, the call is setup towards the a given
57 * list of MSCs for this Group ID. Also the channels are assigned for a given
58 * list of cells for this Group ID.
59 * The call can also be initiated via VTY.
60 *
61 * Then the calling subscriber is assigned to the VGCS channel of the same cell
62 * where the call was initialized. Afterwards the call is connected. The calling
63 * subscriber may then stay on the uplink or release it.
64 *
65 * Uplink control:
66 *
67 * Any BSC may indicate a talking subscriber. If there is no talking subscriber
68 * yet, the uplink is granted, otherwise it is rejected. If the uplink is in
69 * use on one BSC, all other BSCs will be blocked. If the uplink becomes free,
70 * all other BSCs will be unblocked.
71 *
72 * Termination of the call:
73 *
74 * The calling subscriber accesses the uplink. The it sends a termination
75 * request. This request is acknowledged by a termination command towards
76 * the calling subscriber. The call is cleared.
77 * The call can also be terminated via VTY and/or a timeout.
78 *
79 */
80
81#include <osmocom/core/utils.h>
82#include <osmocom/core/fsm.h>
83#include <osmocom/gsm/protocol/gsm_44_068.h>
84#include <osmocom/sigtran/sccp_helpers.h>
85#include <osmocom/mgcp_client/mgcp_client_endpoint_fsm.h>
86
87#include <osmocom/msc/gsm_data.h>
88#include <osmocom/msc/sccp_ran.h>
89#include <osmocom/msc/ran_infra.h>
90#include <osmocom/msc/ran_peer.h>
91#include <osmocom/msc/ran_msg_a.h>
92#include <osmocom/msc/msub.h>
93#include <osmocom/msc/debug.h>
94#include <osmocom/msc/msc_a.h>
95#include <osmocom/msc/vlr.h>
96#include <osmocom/msc/rtp_stream.h>
97#include <osmocom/msc/codec_mapping.h>
98#include <osmocom/msc/msc_vgcs.h>
99#include <osmocom/msc/asci_gcr.h>
100
101#define S(x) (1 << (x))
102
103#define LOG_GCC(trans, level, fmt, args...) \
104 LOGP((trans) ? ((trans->type == TRANS_GCC) ? DGCC : DBCC) : DASCI, level, \
105 (trans) ? ((trans->type == TRANS_GCC) ? ("GCC callref %s: " fmt) : ("BCC callref %s: " fmt)) : "%s" fmt, \
106 (trans) ? gsm44068_group_id_string(trans->callref) : "", ##args)
107#define LOG_BSS(bss, level, fmt, args...) \
108 LOGP(DASCI, level, \
109 (bss->trans_type == TRANS_GCC) ? ("GCC callref %s, BSS #%s: " fmt) : ("BCC callref %s, BSS #%s: " fmt), \
110 gsm44068_group_id_string(bss->callref), osmo_ss7_pointcode_print(NULL, bss->pc), ##args)
111#define LOG_CELL(cell, level, fmt, args...) \
112 LOGP(DASCI, level, \
113 (cell->trans_type == TRANS_GCC) ? ("GCC callref %s, BSS #%s, CID %d: " fmt) \
114 : ("BCC callref %s, BSS #%s, CID %d: " fmt), \
115 gsm44068_group_id_string(cell->callref), osmo_ss7_pointcode_print(NULL, cell->pc), cell->cell_id, ##args)
116
117static struct osmo_fsm vgcs_bcc_fsm;
118static struct osmo_fsm vgcs_gcc_fsm;
119static struct osmo_fsm vgcs_bss_fsm;
120static struct osmo_fsm vgcs_cell_fsm;
121static struct osmo_fsm vgcs_mgw_ep_fsm;
122
123static __attribute__((constructor)) void vgcs_fsm_init(void)
124{
125 OSMO_ASSERT(osmo_fsm_register(&vgcs_bcc_fsm) == 0);
126 OSMO_ASSERT(osmo_fsm_register(&vgcs_gcc_fsm) == 0);
127 OSMO_ASSERT(osmo_fsm_register(&vgcs_bss_fsm) == 0);
128 OSMO_ASSERT(osmo_fsm_register(&vgcs_cell_fsm) == 0);
129 OSMO_ASSERT(osmo_fsm_register(&vgcs_mgw_ep_fsm) == 0);
130}
131
132const char *gsm44068_group_id_string(uint32_t callref)
133{
134 static char string[9];
135
136 snprintf(string, sizeof(string), "%08u", callref);
137 string[sizeof(string) - 1] = '\0';
138
139 return string;
140}
141
142/* Resolve ran peer from point-code */
143static struct ran_peer *ran_peer_for_pc(struct gsm_network *msc_network, int pc)
144{
145 struct sccp_ran_inst *sri;
146 struct osmo_sccp_addr addr = {};
147 struct ran_peer *rp;
148
149 sri = msc_network->a.sri;
150 if (!osmo_sccp_get_ss7(sri->sccp)) {
151 LOGP(DASCI, LOGL_ERROR, "No SS7???\n");
152 return NULL;
153 }
154 osmo_sccp_make_addr_pc_ssn(&addr, pc, sri->ran->ssn);
155 rp = ran_peer_find_by_addr(sri, &addr);
156
157 return rp;
158}
159
160/* Encode message and send towards BSC. */
161int ran_encode_and_send(struct osmo_fsm_inst *fi, struct ran_msg *ran_msg, struct ran_conn *conn, bool initial)
162{
163 struct msgb *l3_msg;
164 int rc;
165
166 l3_msg = ran_a_encode(fi, ran_msg);
167 if (!l3_msg) {
168 LOGP(DASCI, LOGL_ERROR, "ran_a_encode() failed.\n");
169 return -EINVAL;
170 }
171 rc = ran_conn_down_l2_co(conn, l3_msg, initial);
172 msgb_free(l3_msg);
173
174 return rc;
175}
176
177/* Transmit DTAP message to talker
178 * This is used for sending group/broadcast call control messages. */
179int tx_dtap_to_talker(struct vgcs_bss *bss, struct msgb *l3_msg)
180{
181 struct ran_msg ran_msg;
182 struct gsm48_hdr *gh = msgb_l3(l3_msg) ? : l3_msg->data;
183 uint8_t pdisc = gsm48_hdr_pdisc(gh);
184 int rc;
185
186
187 LOG_BSS(bss, LOGL_DEBUG, "Sending DTAP: %s %s\n",
188 gsm48_pdisc_name(pdisc), gsm48_pdisc_msgtype_name(pdisc, gsm48_hdr_msg_type(gh)));
189
190 ran_msg = (struct ran_msg){
191 .msg_type = RAN_MSG_DTAP,
192 .dtap = l3_msg,
193 };
194
195 rc = ran_encode_and_send(bss->fi, &ran_msg, bss->conn, false);
196
197 return rc;
198}
199
200/*
201 * GCC/BCC Message transcoding
202 */
203
204static void _add_cause_ie(struct msgb *msg, uint8_t cause, uint8_t *diag, uint8_t diag_len)
205{
206 uint8_t *ie = msgb_put(msg, 2 + diag_len);
207
208 ie[0] = 1 + diag_len;
209 ie[1] = cause;
210 if (diag && diag_len) {
211 ie[1] |= 0x80;
212 memcpy(ie + 2, diag, diag_len);
213 }
214}
215
216static void _add_callref_ie(struct msgb *msg, uint32_t callref, bool with_prio, uint8_t prio)
217{
218 uint32_t ie;
219
220 ie = callref << 5;
221 if (with_prio)
222 ie |= 0x10 | (prio << 1);
223 msgb_put_u32(msg, ie);
224}
225
226static int _msg_too_short(void)
227{
228 LOGP(DASCI, LOGL_ERROR, "MSG too short.\n");
229 return -EINVAL;
230}
231
232static int _ie_invalid(void)
233{
234 LOGP(DASCI, LOGL_ERROR, "IE invalid.\n");
235 return -EINVAL;
236}
237
238static int _rx_callref(uint8_t *ie, unsigned int remaining_len, uint32_t *callref, bool *with_prio, uint8_t *prio)
239{
240 uint8_t ie_len;
241
242 ie_len = sizeof(uint32_t);
243 if (remaining_len < ie_len)
244 return _msg_too_short();
245 *callref = osmo_load32be(ie) >> 5;
246 if (ie[3] & 0x10) {
247 *with_prio = true;
248 *prio = (ie[3] >> 1) & 0x7;
249 } else
250 *with_prio = false;
251
252 return ie_len;
253}
254
255/* 3GPP TS 44.068 Clause 8.1 */
256static int gsm44068_tx_connect(struct gsm_trans *trans, uint8_t pdisc, uint32_t callref, bool with_prio, uint8_t prio,
257 uint8_t oi, uint8_t talker_prio, bool with_sms, uint8_t sms_dc, uint8_t sms_gp)
258{
259 struct msgb *msg = gsm44068_msgb_alloc_name("GSM 44.068 TX CONNECT");
260 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
261 uint8_t ie;
262
263 gh->proto_discr = pdisc;
264 gh->msg_type = OSMO_GSM44068_MSGT_CONNECT;
265 _add_callref_ie(msg, callref, with_prio, prio);
266 ie = (talker_prio << 4) | oi;
267 msgb_put_u8(msg, ie);
268 if (with_sms) {
269 ie = OSMO_GSM44068_IEI_SMS_INDICATIONS | (sms_dc << 1) | sms_gp;
270 msgb_put_u8(msg, ie);
271 }
272
273 /* Send to calling subscriber, depending on the link he is. */
274 if (trans->msc_a)
275 return msc_a_tx_dtap_to_i(trans->msc_a, msg);
276 if (trans->gcc.uplink_bss)
277 return tx_dtap_to_talker(trans->gcc.uplink_bss, msg);
278 msgb_free(msg);
279 return -EIO;
280}
281
282/* The Get Status procedure is not used by the current implementation.
283 * It is commented out, so it can be used in the future.
284 * The idea is to have a complete set of GCC/BCC message transcoding.
285 */
286#if 0
287/* 3GPP TS 44.068 Clause 8.2 */
288static int gsm44068_tx_get_status(struct gsm_trans *trans, uint8_t pdisc, struct osmo_mobile_identity *mi)
289{
290 struct msgb *msg = gsm44068_msgb_alloc_name("GSM 44.068 TX GET STATUS");
291 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
292
293 gh->proto_discr = pdisc;
294 gh->msg_type = OSMO_GSM44068_MSGT_GET_STATUS;
295 if (mi) {
296 uint8_t *l;
297 int rc;
298
299 l = msgb_tl_put(msg, OSMO_GSM44068_IEI_MOBILE_IDENTITY);
300 rc = osmo_mobile_identity_encode_msgb(msg, mi, false);
301 if (rc < 0) {
302 msgb_free(msg);
303 return -EINVAL;
304 }
305 *l = rc;
306 }
307
308 /* Send to calling subscriber, depending on the link he is. */
309 if (trans->msc_a)
310 return msc_a_tx_dtap_to_i(trans->msc_a, msg);
311 if (trans->gcc.uplink_bss)
312 return tx_dtap_to_talker(trans->gcc.uplink_bss, msg);
313 msgb_free(msg);
314 return -EIO;
315}
316#endif
317
318/* 3GPP TS 44.068 Clause 8.3 and 8.3a */
319static int gsm44068_rx_immediate_setup(struct msgb *msg, uint8_t *talker_prio, uint8_t *key_seq,
320 struct gsm48_classmark2 *cm2, struct osmo_mobile_identity *mi,
321 uint32_t *callref, bool *with_prio, uint8_t *prio, char *user_user)
322{
323 struct gsm48_hdr *gh = msgb_l3(msg);
324 unsigned int remaining_len = msgb_l3len(msg) - sizeof(*gh);
325 uint8_t *ie = gh->data;
326 uint8_t ie_len;
327 uint64_t otdi;
328 int i;
329 int rc;
330
331 /* Talker priority / Cyphering key sequence */
332 if (remaining_len < 1)
333 return _msg_too_short();
334 *talker_prio = ie[0] & 0x07;
335 *key_seq = (ie[0] >> 4) & 0x07;
336 remaining_len -= 1;
337 ie += 1;
338
339 /* Mobile station classmark 2 */
340 if (remaining_len < 4)
341 return _msg_too_short();
342 ie_len = ie[0];
343 if (remaining_len < ie_len + 1)
344 return _msg_too_short();
345 if (ie_len != 3)
346 return _ie_invalid();
347 memcpy(cm2, ie + 1, ie_len);
348 remaining_len -= ie_len + 1;
349 ie += ie_len + 1;
350
351 /* Mobile indentity */
352 if (gh->msg_type == OSMO_GSM44068_MSGT_IMMEDIATE_SETUP) {
353 /* IMMEDIATE SETUP uses IMSI/TMSI */
354 if (remaining_len < 2)
355 return _msg_too_short();
356 ie_len = ie[0];
357 if (remaining_len < ie_len + 1)
358 return _msg_too_short();
359 rc = osmo_mobile_identity_decode(mi, ie + 1, ie_len, false);
360 if (rc) {
361 LOGP(DMM, LOGL_ERROR, "Failure to decode Mobile Identity in GCC/BCC IMMEDDIATE SETUP"
362 " (rc=%d)\n", rc);
363 return -EINVAL;
364 }
365 remaining_len -= ie_len + 1;
366 ie += ie_len + 1;
367 } else {
368 /* IMMEDIATE SETUP 2 uses TMSI only */
369 if (remaining_len < 4)
370 return _msg_too_short();
371 mi->type = GSM_MI_TYPE_TMSI;
372 mi->tmsi = osmo_load32be(ie);
373 remaining_len -= 4;
374 ie += 4;
375 }
376
377 /* Call reference */
378 rc = _rx_callref(ie, remaining_len, callref, with_prio, prio);
379 if (rc < 0)
380 return rc;
381 remaining_len -= rc;
382 ie += rc;
383
384 /* OTID */
385 if (gh->msg_type == OSMO_GSM44068_MSGT_IMMEDIATE_SETUP_2 && user_user) {
386 ie_len = 5;
387 if (remaining_len < ie_len)
388 return _msg_too_short();
389 otdi = osmo_load32be(ie + 1) | ((uint64_t)ie[0] << 32);
390
391 for (i = 0; i < 12; i++) {
392 user_user[i] = (otdi % 10) + '0';
393 otdi /= 10;
394 }
395 user_user[i] = '\0';
396 remaining_len -= ie_len;
397 ie += ie_len;
398 } else if (user_user)
399 user_user[0] = '\0';
400
401 return 0;
402}
403
404/* 3GPP TS 44.068 Clause 8.4 */
405static int gsm44068_tx_set_parameter(struct gsm_trans *trans, uint8_t pdisc, uint8_t da, uint8_t ua, uint8_t comm,
406 uint8_t oi)
407{
408 struct msgb *msg = gsm44068_msgb_alloc_name("GSM 44.068 TX SET PARAMETER");
409 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
410 uint8_t ie;
411
412 gh->proto_discr = pdisc;
413 gh->msg_type = OSMO_GSM44068_MSGT_SET_PARAMETER;
414 ie = (da << 3) | (ua << 2) | (comm << 1) | oi;
415 msgb_put_u8(msg, ie);
416
417 /* Send to calling subscriber, depending on the link he is. */
418 if (trans->msc_a)
419 return msc_a_tx_dtap_to_i(trans->msc_a, msg);
420 if (trans->gcc.uplink_bss)
421 return tx_dtap_to_talker(trans->gcc.uplink_bss, msg);
422 msgb_free(msg);
423 return -EIO;
424}
425
426/* 3GPP TS 44.068 Clause 8.5 */
427static int gsm44068_rx_setup(struct msgb *msg, bool *with_talker_prio, uint8_t *talker_prio,
428 uint32_t *callref, bool *with_prio, uint8_t *prio, char *user_user)
429{
430 struct gsm48_hdr *gh = msgb_l3(msg);
431 unsigned int remaining_len = msgb_l3len(msg) - sizeof(*gh);
432 uint8_t *ie = gh->data;
433 struct tlv_parsed tp;
434 struct tlv_p_entry *tlv;
435 int rc;
436
437 /* Call reference */
438 rc = _rx_callref(ie, remaining_len, callref, with_prio, prio);
439 if (rc < 0)
440 return rc;
441 remaining_len -= rc;
442 ie += rc;
443
444 rc = tlv_parse(&tp, &osmo_gsm44068_att_tlvdef, ie, remaining_len, 0, 0);
445 if (rc < 0)
446 return _ie_invalid();
447
448 /* User-user */
449 tlv = TLVP_GET(&tp, OSMO_GSM44068_IEI_USER_USER);
450 if (tlv && tlv->len && tlv->len <= 1 + 12 && user_user) {
451 memcpy(user_user, tlv->val, tlv->len - 1);
452 user_user[tlv->len - 1] = '\0';
453 }
454
455 /* Talker priority */
456 tlv = TLVP_GET(&tp, OSMO_GSM44068_IEI_TALKER_PRIORITY);
457 if (tlv && tlv->len) {
458 *with_talker_prio = true;
459 *talker_prio = tlv->val[0] & 0x07;
460 } else
461 *with_talker_prio = false;
462
463 return 0;
464}
465
466/* 3GPP TS 44.068 Clause 8.6 */
467static int gsm44068_rx_status(struct msgb *msg, uint8_t *cause, uint8_t *diag, uint8_t *diag_len,
468 bool *with_call_state, enum osmo_gsm44068_call_state *call_state,
469 bool *with_state_attrs, uint8_t *da, uint8_t *ua, uint8_t *comm, uint8_t *oi)
470{
471 struct gsm48_hdr *gh = msgb_l3(msg);
472 unsigned int remaining_len = msgb_l3len(msg) - sizeof(*gh);
473 uint8_t *ie = gh->data;
474 uint8_t ie_len;
475 struct tlv_parsed tp;
476 struct tlv_p_entry *tlv;
477 int rc;
478
479 /* Cause */
480 if (remaining_len < 2 || ie[0] < remaining_len - 2)
481 return _msg_too_short();
482 ie_len = ie[0];
483 if (remaining_len < ie_len + 1)
484 return _msg_too_short();
485 if (ie_len < 1)
486 return _ie_invalid();
487 *cause = ie[1] & 0x7f;
488 *diag_len = ie_len - 1;
489 if (*diag_len)
490 memcpy(diag, ie + 2, ie_len - 1);
491 remaining_len -= ie_len + 1;
492 ie += ie_len + 1;
493
494 rc = tlv_parse(&tp, &osmo_gsm44068_att_tlvdef, ie, remaining_len, 0, 0);
495 if (rc < 0)
496 return _ie_invalid();
497
498 /* Call state */
499 tlv = TLVP_GET(&tp, OSMO_GSM44068_IEI_CALL_STATE);
500 if (tlv) {
501 *with_call_state = true;
502 *call_state = tlv->val[0] & 0x7;
503 } else
504 *with_call_state = false;
505
506 /* State attributes */
507 tlv = TLVP_GET(&tp, OSMO_GSM44068_IEI_STATE_ATTRIBUTES);
508 if (tlv) {
509 *with_state_attrs = true;
510 *da = (tlv->val[0] >> 3) & 0x1;
511 *ua = (tlv->val[0] >> 2) & 0x1;
512 *comm = (tlv->val[0] >> 1) & 0x1;
513 *oi = tlv->val[0] & 0x1;
514 } else
515 *with_state_attrs = false;
516
517 return 0;
518}
519
520/* 3GPP TS 44.068 Clause 8.7 and 8.8 */
521static int gsm44068_tx_termination(struct msc_a *msc_a, struct vgcs_bss *bss, uint8_t pdisc, uint8_t msg_type,
522 uint8_t cause, uint8_t *diag, uint8_t diag_len)
523{
524 struct msgb *msg = gsm44068_msgb_alloc_name("GSM 44.068 TX TERMINATION");
525 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
526
527 gh->proto_discr = pdisc;
528 gh->msg_type = msg_type;
529 _add_cause_ie(msg, cause, diag, diag_len);
530
531 /* Send to calling subscriber, depending on the link he is. */
532 if (msc_a)
533 return msc_a_tx_dtap_to_i(msc_a, msg);
534 if (bss)
535 return tx_dtap_to_talker(bss, msg);
536 msgb_free(msg);
537 return -EIO;
538}
539
540/* 3GPP TS 44.068 Clause 8.9 */
541static int gsm44068_rx_termination_req(struct msgb *msg, uint32_t *callref, bool *with_prio, uint8_t *prio,
542 bool *with_talker_prio, uint8_t *talker_prio)
543{
544 struct gsm48_hdr *gh = msgb_l3(msg);
545 unsigned int remaining_len = msgb_l3len(msg) - sizeof(*gh);
546 uint8_t *ie = gh->data;
547 struct tlv_parsed tp;
548 struct tlv_p_entry *tlv;
549 int rc;
550
551 /* Call reference */
552 rc = _rx_callref(ie, remaining_len, callref, with_prio, prio);
553 if (rc < 0)
554 return rc;
555 remaining_len -= rc;
556 ie += rc;
557
558 rc = tlv_parse(&tp, &osmo_gsm44068_att_tlvdef, ie, remaining_len, 0, 0);
559 if (rc < 0)
560 return _ie_invalid();
561
562 /* Talker priority */
563 tlv = TLVP_GET(&tp, OSMO_GSM44068_IEI_TALKER_PRIORITY);
564 if (tlv && tlv->len) {
565 *with_talker_prio = true;
566 *talker_prio = tlv->val[0] & 0x07;
567 } else
568 *with_talker_prio = false;
569
570 return 0;
571}
572
573/*
574 * GCC/BCC state machine - handles calling subscriber process
575 */
576
577static const struct value_string vgcs_gcc_fsm_event_names[] = {
578 OSMO_VALUE_STRING(VGCS_GCC_EV_NET_SETUP),
579 OSMO_VALUE_STRING(VGCS_GCC_EV_NET_TERM),
580 OSMO_VALUE_STRING(VGCS_GCC_EV_USER_SETUP),
581 OSMO_VALUE_STRING(VGCS_GCC_EV_USER_TERM),
582 OSMO_VALUE_STRING(VGCS_GCC_EV_BSS_ESTABLISHED),
583 OSMO_VALUE_STRING(VGCS_GCC_EV_BSS_ASSIGN_CPL),
584 OSMO_VALUE_STRING(VGCS_GCC_EV_BSS_ASSIGN_FAIL),
585 OSMO_VALUE_STRING(VGCS_GCC_EV_BSS_RELEASED),
586 OSMO_VALUE_STRING(VGCS_GCC_EV_TIMEOUT),
587 { }
588};
589
590static int gcc_establish_bss(struct gsm_trans *trans)
591{
592 struct gsm_network *net = trans->net;
593 struct vgcs_mgw_ep *mgw = NULL;
594 struct mgcp_client *mgcp_client;
595 struct gcr *gcr;
596 struct gcr_bss *b;
597 struct gcr_cell *c;
598 struct vgcs_bss *bss;
599 struct vgcs_bss_cell *cell;
600 struct osmo_fsm_inst *fi;
601 struct ran_peer *rp;
602
603 /* Failure should not happen, because it has been checked before. */
604 gcr = gcr_by_callref(trans->net, trans->type, trans->callref);
605 if (!gcr)
606 return -EINVAL;
607
608 /* Allocate MGW endpoint. */
609 mgcp_client = mgcp_client_pool_get(trans->net->mgw.mgw_pool);
610 if (!mgcp_client) {
611 LOG_GCC(trans, LOGL_ERROR, "No MGW client, please check config.\n");
612 goto err_mgw;
613 }
614 fi = osmo_fsm_inst_alloc(&vgcs_mgw_ep_fsm, net, NULL, LOGL_DEBUG, NULL);
615 if (!fi) {
616 LOG_GCC(trans, LOGL_ERROR, "No memory for VGCS MSG state machine.\n");
617 goto err_mgw;
618 }
619 osmo_fsm_inst_update_id(fi, "vgcs-mgw-ep");
620 osmo_fsm_inst_state_chg(fi, VGCS_MGW_EP_ST_ACTIVE, 0, 0);
621 mgw = talloc_zero(fi, struct vgcs_mgw_ep);
622 if (!mgw) {
623 LOG_GCC(trans, LOGL_ERROR, "No memory for MGW ep structure.\n");
624 osmo_fsm_inst_free(fi);
625 goto err_mgw;
626 }
627 mgw->fi = fi;
628 fi->priv = mgw;
629 INIT_LLIST_HEAD(&mgw->cell_list);
630 mgw->mgw_ep = osmo_mgcpc_ep_alloc(mgw->fi, VGCS_MGW_EP_EV_FREE,
631 mgcp_client, trans->net->mgw.tdefs, mgw->fi->id,
632 "%s", mgcp_client_rtpbridge_wildcard(mgcp_client));
633 if (!mgw->mgw_ep) {
634 LOG_GCC(trans, LOGL_ERROR, "No memory for MGW endpoint state machine.\n");
635 goto err_mgw;
636 }
637
638 /* Create BSS list structures. */
Andreas Eversbergcc7b7b82023-07-27 13:17:50 +0200[diff] [blame^]639 LOG_GCC(trans, LOGL_DEBUG, "Creating BSS list structure with cell list structures.\n");
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]640 llist_for_each_entry(b, &gcr->bss_list, list) {
641 LOG_GCC(trans, LOGL_DEBUG, " -> BSS with PC %s.\n", osmo_ss7_pointcode_print(NULL, b->pc));
642 /* Resolve ran_peer. */
643 rp = ran_peer_for_pc(trans->net, b->pc);
644 if (!rp) {
645 LOG_GCC(trans, LOGL_ERROR, "Failed to resolve point code %s, skipping BSS!\n",
646 osmo_ss7_pointcode_print(NULL, b->pc));
647 continue;
648 }
649 /* Create state machine. */
650 fi = osmo_fsm_inst_alloc(&vgcs_bss_fsm, net, NULL, LOGL_DEBUG, NULL);
651 if (!fi) {
652 LOG_GCC(trans, LOGL_ERROR, "No memory for state machine.\n");
653 break;
654 }
655 /* Create call structure. */
656 bss = talloc_zero(fi, struct vgcs_bss);
657 if (!bss) {
658 LOG_GCC(trans, LOGL_ERROR, "No memory for BSS call structure.\n");
659 osmo_fsm_inst_free(fi);
660 break;
661 }
662 bss->fi = fi;
663 fi->priv = bss;
664 INIT_LLIST_HEAD(&bss->cell_list);
665 bss->trans = trans;
666 bss->trans_type = trans->type;
667 bss->callref = trans->callref;
668 bss->pc = b->pc;
669 /* Create ran connection. */
670 bss->conn = ran_conn_create_outgoing(rp);
671 if (!bss->conn) {
Andreas Eversbergcc7b7b82023-07-27 13:17:50 +0200[diff] [blame^]672 LOG_GCC(trans, LOGL_ERROR, "Failed to create RAN connection.\n");
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]673 osmo_fsm_inst_free(bss->fi);
674 continue;
675 }
676 bss->conn->vgcs.bss = bss;
677 /* Create cell list structures. */
678 llist_for_each_entry(c, &b->cell_list, list) {
Andreas Eversbergcc7b7b82023-07-27 13:17:50 +0200[diff] [blame^]679 LOG_GCC(trans, LOGL_DEBUG, " -> Cell ID %d.\n", c->cell_id);
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]680 /* Create state machine. */
681 fi = osmo_fsm_inst_alloc(&vgcs_cell_fsm, net, NULL, LOGL_DEBUG, NULL);
682 if (!fi) {
683 LOG_GCC(trans, LOGL_ERROR, "No memory for state machine.\n");
684 break;
685 }
686 /* Create cell structure. */
687 cell = talloc_zero(fi, struct vgcs_bss_cell);
688 if (!cell) {
689 LOG_GCC(trans, LOGL_ERROR, "No memory for BSS cell structure.\n");
690 osmo_fsm_inst_free(fi);
691 break;
692 }
693 cell->fi = fi;
694 fi->priv = cell;
695 osmo_fsm_inst_update_id_f(cell->fi, "vgcs-cell-%d", c->cell_id);
696 cell->trans_type = trans->type;
697 cell->callref = trans->callref;
698 cell->pc = b->pc;
699 cell->cell_id = c->cell_id;
700 cell->call_id = trans->call_id;
701 /* Create ran connection. */
702 cell->conn = ran_conn_create_outgoing(rp);
703 if (!cell->conn) {
Andreas Eversbergcc7b7b82023-07-27 13:17:50 +0200[diff] [blame^]704 LOG_GCC(trans, LOGL_ERROR, "Failed to create RAN connection.\n");
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]705 osmo_fsm_inst_free(cell->fi);
706 continue;
707 }
708 cell->conn->vgcs.cell = cell;
709 /* Attach to cell list of BSS and MGW endpoint */
710 llist_add_tail(&cell->list_bss, &bss->cell_list);
711 cell->bss = bss;
712 llist_add_tail(&cell->list_mgw, &mgw->cell_list);
713 cell->mgw = mgw;
714 }
715 /* No cell? */
716 if (llist_empty(&bss->cell_list)) {
Andreas Eversbergcc7b7b82023-07-27 13:17:50 +0200[diff] [blame^]717 LOG_GCC(trans, LOGL_DEBUG, " -> No Cell in this BSS.\n");
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]718 osmo_fsm_inst_free(bss->fi);
719 break;
720 }
721 /* Attach to transaction list */
722 llist_add_tail(&bss->list, &trans->gcc.bss_list);
723 /* Trigger VGCS/VBS SETUP */
724 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_SETUP, NULL);
725 }
726 /* No BSS? */
727 if (llist_empty(&trans->gcc.bss_list)) {
728 /* Also destroy MGW, because this list is empty too! */
Andreas Eversbergcc7b7b82023-07-27 13:17:50 +0200[diff] [blame^]729 LOG_GCC(trans, LOGL_NOTICE, "No BSS found, please check your VTY configuration and add cells.\n");
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]730 goto err_mgw;
731 }
732 return 0;
733
734err_mgw:
735 if (mgw) {
736 if (mgw->mgw_ep) {
737 /* This will also free FSM instance and vgcs_mgw_ep structure. */
738 osmo_fsm_inst_dispatch(mgw->fi, VGCS_MGW_EP_EV_CLEAR, NULL);
739 return -EINVAL;
740 }
741 osmo_fsm_inst_free(mgw->fi);
742 }
743 return -EINVAL;
744}
745
746/* Send Assignment Request to the calling subscriber.
747 * This is used to assign the subscriber from early assigned channel to the VGCS/VBS channel. */
748static int gcc_assign(struct gsm_trans *trans)
749{
750 struct ran_msg tx_ran_msg;
751 struct gsm0808_channel_type channel_type;
752 struct vgcs_bss *bss = NULL, *b;
753
754 /* No assignment, because the calling subscriber is already assigned or there is no calling subscriber. */
755 if (!trans->msc_a)
756 return 0;
757
758 /* Check calling subscriber's MSC */
759 struct ran_conn *conn = msub_ran_conn(trans->msc_a->c.msub);
760 if (!conn) {
761 LOG_GCC(trans, LOGL_ERROR, "Calling subscriber has no ran_conn????\n");
762 return -EINVAL;
763 }
764 llist_for_each_entry(b, &trans->gcc.bss_list, list) {
765 if (osmo_sccp_addr_ri_cmp(&conn->ran_peer->peer_addr, &b->conn->ran_peer->peer_addr))
766 continue;
767 bss = b;
768 break;
769 }
770 if (!bss) {
771 LOG_GCC(trans, LOGL_ERROR, "Calling subscriber comes from BSC that has no VGCS call.\n");
772 return -EINVAL;
773 }
774
775 /* For now we support GSM/FR V1 only. This shall be supported by all MS. */
776 channel_type = (struct gsm0808_channel_type) {
777 .ch_indctr = GSM0808_CHAN_SPEECH,
778 .ch_rate_type = GSM0808_SPEECH_FULL_BM,
779 .perm_spch_len = 1,
780 .perm_spch[0] = GSM0808_PERM_FR1,
781 };
782
783 /* Send assignment to VGCS channel */
784 tx_ran_msg = (struct ran_msg) {
785 .msg_type = RAN_MSG_ASSIGNMENT_COMMAND,
786 .assignment_command = {
787 .channel_type = &channel_type,
788 .callref_present = true,
789 .callref = {
790 .sf = (trans->type == TRANS_GCC),
791 },
792 },
793 };
794 osmo_store32be_ext(trans->callref >> 3, &tx_ran_msg.assignment_command.callref.call_ref_hi, 3);
795 tx_ran_msg.assignment_command.callref.call_ref_lo = trans->callref & 0x7;
796 if (msc_a_ran_down(trans->msc_a, MSC_ROLE_I, &tx_ran_msg)) {
797 LOG_GCC(trans, LOGL_ERROR, "Cannot send Assignment\n");
798 return -EIO;
799 }
800
801 /* Assign Talker to BSS of the calling subscriber. */
802 trans->gcc.uplink_bss = bss;
803
804 return 0;
805}
806
807/* Send CONNECT to the calling subscriber. */
808static void gcc_connect(struct gsm_trans *trans)
809{
810 uint8_t pdisc = (trans->type == TRANS_GCC) ? GSM48_PDISC_GROUP_CC : GSM48_PDISC_BCAST_CC;
811 int rc;
812
813 /* Send CONNECT towards MS. */
814 rc = gsm44068_tx_connect(trans,
815 pdisc | (trans->transaction_id << 4),
816 trans->callref, 0, 0, 1, 0, 0, 0, 0);
817 if (rc < 0)
818 LOG_GCC(trans, LOGL_ERROR, "Failed to send CONNECT towards MS. Continue anyway.\n");
819}
820
821/* Release dedicated (SDCCH) channel of calling subscriber after assigning to VGCS */
822static void release_msc_a(struct gsm_trans *trans)
823{
824 struct msc_a *msc_a = trans->msc_a;
825
826 if (!msc_a)
827 return;
828
829 trans->msc_a = NULL;
830 switch (trans->type) {
831 case TRANS_GCC:
832 msc_a_put(msc_a, MSC_A_USE_GCC);
833 break;
834 case TRANS_BCC:
835 msc_a_put(msc_a, MSC_A_USE_BCC);
836 break;
837 default:
838 break;
839 }
840}
841
842/* Send TERMINATE to the calling/talking subscriber, then destroy transaction. */
843static void gcc_terminate_and_destroy(struct gsm_trans *trans, enum osmo_gsm44068_cause cause)
844{
845 uint8_t pdisc = (trans->type == TRANS_GCC) ? GSM48_PDISC_GROUP_CC : GSM48_PDISC_BCAST_CC;
846 int rc;
847
848 /* Send TERMINATION towards MS. */
849 rc = gsm44068_tx_termination(trans->msc_a, trans->gcc.uplink_bss,
850 pdisc | (trans->transaction_id << 4),
851 OSMO_GSM44068_MSGT_TERMINATION,
852 cause, NULL, 0);
853 if (rc < 0)
854 LOG_GCC(trans, LOGL_ERROR, "Failed to send TERMINATION towards MS. Continue anyway.\n");
855
856 /* Destroy transaction, note that also _gsm44068_gcc_trans_free() will be called by trans_free().
857 * There the complete state machine is destroyed. */
858 trans->callref = 0;
859 trans_free(trans);
860}
861
862/* Start inactivity timer.
863 * This timer is used to terminate the call, if the radio connection to the caller gets lost. */
864static void start_inactivity_timer(struct gsm_trans *trans)
865{
866 if (trans->gcc.inactivity_to) {
867 LOG_GCC(trans, LOGL_DEBUG, "Set inactivity timer to %d seconds.\n", trans->gcc.inactivity_to);
868 osmo_timer_schedule(&trans->gcc.timer_inactivity, trans->gcc.inactivity_to, 0);
869 }
870}
871
872static void stop_inactivity_timer(struct gsm_trans *trans)
873{
874 if (osmo_timer_pending(&trans->gcc.timer_inactivity)) {
875 LOG_GCC(trans, LOGL_DEBUG, "Stop pending inactivity timer.\n");
876 osmo_timer_del(&trans->gcc.timer_inactivity);
877 }
878}
879
880static void inactivity_timer_cb(void *data)
881{
882 struct gsm_trans *trans = data;
883
884 osmo_fsm_inst_dispatch(trans->gcc.fi, VGCS_GCC_EV_TIMEOUT, NULL);
885}
886
887/* Set the parameters of the talker. (downlink mute/unmute, uplink unmute, COMM=T, originator) */
888static int set_parameter(struct gsm_trans *trans)
889{
890 uint8_t pdisc = (trans->type == TRANS_GCC) ? GSM48_PDISC_GROUP_CC : GSM48_PDISC_BCAST_CC;
891 int rc;
892
893 rc = gsm44068_tx_set_parameter(trans, pdisc, !trans->gcc.mute_talker, 1, 1, trans->gcc.uplink_originator);
894 if (rc < 0)
895 LOG_GCC(trans, LOGL_ERROR, "Failed to send SET PARAMETER towards MS.\n");
896 return rc;
897}
898
899/* Check in which cell the uplink is used and set "uplink_cell". */
900static int set_uplink_cell(struct vgcs_bss *bss, struct gsm0808_cell_id *cell_id_ie, uint16_t cell_id)
901{
902 struct vgcs_bss_cell *cell;
903
904 if (cell_id_ie) {
905 /* Get cell ID to determine talker channel. */
906 switch (cell_id_ie->id_discr) {
907 case CELL_IDENT_CI:
908 cell_id = cell_id_ie->id.ci;
909 break;
910 case CELL_IDENT_LAC_AND_CI:
911 cell_id = cell_id_ie->id.lac_and_ci.ci;
912 break;
913 default:
914 LOG_BSS(bss, LOGL_DEBUG, "Cannot idenitfy cell, please fix!\n");
915 return -EINVAL;
916 }
917 }
918
919 /* Search for cell ID. */
920 bss->trans->gcc.uplink_cell = NULL;
921 llist_for_each_entry(cell, &bss->cell_list, list_bss) {
922 if (cell->cell_id == cell_id) {
923 LOG_BSS(bss, LOGL_DEBUG, "Talker is talking on cell %d.\n", cell->cell_id);
924 bss->trans->gcc.uplink_cell = cell;
925 return 0;
926 }
927 }
928
929 LOG_BSS(bss, LOGL_DEBUG, "Cell ID %d is not in list of current BSS, please fix!\n", cell_id);
930 return -EINVAL;
931}
932
933/* Set the MGW conference mode.
934 * All cells are listening to the conference. If there is a talker, this cell is also transmitting to the conference. */
935static int set_mgw_conference(struct gsm_trans *trans)
936{
937 struct vgcs_bss *bss;
938 struct vgcs_bss_cell *cell;
939 struct rtp_stream *rtps;
940 int rc;
941
942 /* All cells without talker are listening */
943 llist_for_each_entry(bss, &trans->gcc.bss_list, list) {
944 llist_for_each_entry(cell, &bss->cell_list, list_bss) {
945 if (!(rtps = cell->rtps))
946 continue;
947 if (rtps->crcx_conn_mode != MGCP_CONN_SEND_ONLY) {
948 LOG_CELL(cell, LOGL_DEBUG, "Setting cell %d into listening mode.\n", cell->cell_id);
949 rtp_stream_set_mode(rtps, MGCP_CONN_SEND_ONLY);
950 rc = rtp_stream_commit(rtps);
951 if (rc < 0)
952 LOG_CELL(cell, LOGL_ERROR, "Failed to commit parameters to RTP stream "
953 "for cell %d.\n", cell->cell_id);
954 }
955 }
956 }
957
958 if (trans->gcc.uplink_cell && trans->gcc.uplink_cell->rtps) {
959 cell = trans->gcc.uplink_cell;
960 rtps = cell->rtps;
961 LOG_CELL(cell, LOGL_DEBUG, "Setting cell %d into listening mode.\n", cell->cell_id);
962 rtp_stream_set_mode(rtps, MGCP_CONN_CONFECHO);
963 rc = rtp_stream_commit(rtps);
964 if (rc < 0)
965 LOG_CELL(cell, LOGL_ERROR, "Failed to commit parameters to RTP stream "
966 "for cell %d.\n", cell->cell_id);
967 }
968
969 return 0;
970}
971
972static void _assign_complete(struct gsm_trans *trans, bool send_connect)
973{
974 uint16_t cell_id;
975
Andreas Eversberge2a40882023-07-19 09:56:53 +0200[diff] [blame]976 OSMO_ASSERT(trans->msc_a);
977
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]978 /* Change state. */
979 osmo_fsm_inst_state_chg(trans->gcc.fi, VGCS_GCC_ST_N2_CALL_ACTIVE, 0, 0);
980 /* Get cell ID. */
Andreas Eversberge2a40882023-07-19 09:56:53 +0200[diff] [blame]981 cell_id = trans->msc_a->via_cell.cell_identity;
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]982 /* Releasing dedicated channel. */
983 release_msc_a(trans);
984 /* Send CONNECT to the calling subscriber. */
985 if (send_connect)
986 gcc_connect(trans);
987 /* Set parameter. */
988 set_parameter(trans);
989 /* Start inactivity timer, if uplink is free. */
990 if (!trans->gcc.uplink_busy)
991 start_inactivity_timer(trans);
992 /* Set cell of current talker. */
993 set_uplink_cell(trans->gcc.uplink_bss, NULL, cell_id);
994 /* Set MGW conference. */
995 set_mgw_conference(trans);
996}
997
998#define CONNECT_OPTION false
999
1000static void vgcs_gcc_fsm_n0_null(struct osmo_fsm_inst *fi, uint32_t event, void *data)
1001{
1002 struct gsm_trans *trans = fi->priv;
1003 int rc;
1004
1005 switch (event) {
1006 case VGCS_GCC_EV_NET_SETUP:
1007 /* Establish call towards all BSSs. */
1008 LOG_GCC(trans, LOGL_DEBUG, "Setup by network, trying to establish cells.\n");
1009 rc = gcc_establish_bss(trans);
1010 if (rc < 0) {
1011 LOG_GCC(trans, LOGL_NOTICE, "Failed to setup call to any cell.\n");
1012 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NETWORK_FAILURE);
1013 break;
1014 }
1015 /* Keep state until established or released. */
1016 break;
1017 case VGCS_GCC_EV_NET_TERM:
1018 LOG_GCC(trans, LOGL_DEBUG, "Termination by network, destroying call.\n");
1019 /* Destroy group call in all cells. */
1020 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NORMAL_CALL_CLEARING);
1021 break;
1022 case VGCS_GCC_EV_USER_SETUP:
1023 LOG_GCC(trans, LOGL_DEBUG, "Setup by MS, trying to establish cells.\n");
1024 /* Change state. */
1025 osmo_fsm_inst_state_chg(fi, VGCS_GCC_ST_N1_CALL_INITIATED, 0, 0);
1026 /* Establish call towards all BSSs. */
1027 rc = gcc_establish_bss(trans);
1028 if (rc < 0) {
1029 LOG_GCC(trans, LOGL_NOTICE, "Failed to setup call to any cell.\n");
1030 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NETWORK_FAILURE);
1031 break;
1032 }
1033 if (CONNECT_OPTION) {
1034 /* Send CONNECT to the calling subscriber. */
1035 gcc_connect(trans);
1036 /* Change state. */
1037 osmo_fsm_inst_state_chg(fi, VGCS_GCC_ST_N3_CALL_EST_PROC, 0, 0);
1038 }
1039 break;
1040 case VGCS_GCC_EV_BSS_ESTABLISHED:
1041 LOG_GCC(trans, LOGL_DEBUG, "All cells establised, for a group call, sending CONNECT to caller.\n");
1042 /* Change state. */
1043 osmo_fsm_inst_state_chg(fi, VGCS_GCC_ST_N2_CALL_ACTIVE, 0, 0);
1044 /* Start inactivity timer, if uplink is free. */
1045 if (!trans->gcc.uplink_busy)
1046 start_inactivity_timer(trans);
1047 break;
1048 case VGCS_GCC_EV_BSS_RELEASED:
1049 LOG_GCC(trans, LOGL_DEBUG, "All group call in all cells failed, destroying call.\n");
1050 /* Send TERMINATE to the calling subscriber. */
1051 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NETWORK_FAILURE);
1052 break;
1053 default:
1054 OSMO_ASSERT(false);
1055 }
1056}
1057
1058static void vgcs_gcc_fsm_n1_call_initiated(struct osmo_fsm_inst *fi, uint32_t event, void *data)
1059{
1060 struct gsm_trans *trans = fi->priv;
1061 int rc;
1062
1063 switch (event) {
1064 case VGCS_GCC_EV_NET_TERM:
1065 LOG_GCC(trans, LOGL_DEBUG, "Termination by network, destroying call.\n");
1066 /* Destroy group call in all cells. */
1067 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NORMAL_CALL_CLEARING);
1068 break;
1069 case VGCS_GCC_EV_USER_TERM:
1070 LOG_GCC(trans, LOGL_DEBUG, "Termination by user, destroying call.\n");
1071 /* Send TERMINATE to the calling subscriber and destroy group call in all cells. */
1072 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NORMAL_CALL_CLEARING);
1073 break;
1074 case VGCS_GCC_EV_BSS_ESTABLISHED:
1075 LOG_GCC(trans, LOGL_DEBUG, "All cells establised, for a group call, assign caller to VGCS.\n");
1076 /* Send assignment to the calling subscriber. */
1077 rc = gcc_assign(trans);
1078 if (rc < 0) {
1079 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NETWORK_FAILURE);
1080 break;
1081 }
1082 break;
1083 case VGCS_GCC_EV_BSS_ASSIGN_CPL:
1084 LOG_GCC(trans, LOGL_DEBUG, "Assignment complete, sending CONNECT to caller, releasing channel.\n");
1085 /* Handle assignment complete */
1086 _assign_complete(trans, true);
1087 break;
1088 case VGCS_GCC_EV_BSS_ASSIGN_FAIL:
1089 LOG_GCC(trans, LOGL_DEBUG, "Assignment failed, releasing call.\n");
1090 /* Send TERMINATE to the calling subscriber. */
1091 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NETWORK_FAILURE);
1092 break;
1093 case VGCS_GCC_EV_BSS_RELEASED:
1094 LOG_GCC(trans, LOGL_DEBUG, "All group call in all cells failed, destroying call.\n");
1095 /* Send TERMINATE to the calling subscriber. */
1096 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NETWORK_FAILURE);
1097 break;
1098 default:
1099 OSMO_ASSERT(false);
1100 }
1101}
1102
1103static void vgcs_gcc_fsm_n2_call_active(struct osmo_fsm_inst *fi, uint32_t event, void *data)
1104{
1105 struct gsm_trans *trans = fi->priv;
1106
1107 switch (event) {
1108 case VGCS_GCC_EV_NET_TERM:
1109 LOG_GCC(trans, LOGL_DEBUG, "Termination by network, destroying call.\n");
1110 /* Destroy group call in all cells. */
1111 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NORMAL_CALL_CLEARING);
1112 break;
1113 case VGCS_GCC_EV_USER_TERM:
1114 LOG_GCC(trans, LOGL_DEBUG, "Termination by user, destroying call.\n");
1115 /* Send TERMINATE to the calling subscriber and destroy group call in all cells. */
1116 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NORMAL_CALL_CLEARING);
1117 break;
1118 case VGCS_GCC_EV_BSS_RELEASED:
1119 LOG_GCC(trans, LOGL_DEBUG, "All group call in all cells failed, destroying call.\n");
1120 /* Send TERMINATE to the calling subscriber. */
1121 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NETWORK_FAILURE);
1122 break;
1123 case VGCS_GCC_EV_TIMEOUT:
1124 LOG_GCC(trans, LOGL_DEBUG, "Termination by inactivity timer, destroying call.\n");
1125 /* Destroy group call in all cells. */
1126 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NORMAL_CALL_CLEARING);
1127 break;
1128 default:
1129 OSMO_ASSERT(false);
1130 }
1131}
1132
1133static void vgcs_gcc_fsm_n3_call_est_proc(struct osmo_fsm_inst *fi, uint32_t event, void *data)
1134{
1135 struct gsm_trans *trans = fi->priv;
1136 int rc;
1137
1138 switch (event) {
1139 case VGCS_GCC_EV_NET_TERM:
1140 LOG_GCC(trans, LOGL_DEBUG, "Termination by network, destroying call.\n");
1141 /* Destroy group call in all cells. */
1142 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NORMAL_CALL_CLEARING);
1143 break;
1144 case VGCS_GCC_EV_USER_TERM:
1145 LOG_GCC(trans, LOGL_DEBUG, "Termination by user, destroying call.\n");
1146 /* Send TERMINATE to the calling subscriber and destroy group call in all cells. */
1147 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NORMAL_CALL_CLEARING);
1148 break;
1149 case VGCS_GCC_EV_BSS_ESTABLISHED:
1150 LOG_GCC(trans, LOGL_DEBUG, "All cells establised, for a group call, assign caller to VGCS.\n");
1151 /* Send assignment to the calling subscriber. */
1152 rc = gcc_assign(trans);
1153 if (rc < 0) {
1154 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NETWORK_FAILURE);
1155 break;
1156 }
1157 break;
1158 case VGCS_GCC_EV_BSS_ASSIGN_CPL:
1159 LOG_GCC(trans, LOGL_DEBUG, "Assignment complete, sending CONNECT to caller, releasing channel.\n");
1160 /* Handle assignment complete */
1161 _assign_complete(trans, false);
1162 break;
1163 case VGCS_GCC_EV_BSS_ASSIGN_FAIL:
1164 LOG_GCC(trans, LOGL_DEBUG, "Assignment failed, releasing call.\n");
1165 /* Send TERMINATE to the calling subscriber. */
1166 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NETWORK_FAILURE);
1167 break;
1168 case VGCS_GCC_EV_BSS_RELEASED:
1169 LOG_GCC(trans, LOGL_DEBUG, "All group call in all cells failed, destroying call.\n");
1170 /* Send TERMINATE to the calling subscriber. */
1171 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NETWORK_FAILURE);
1172 break;
1173 default:
1174 OSMO_ASSERT(false);
1175 }
1176}
1177
1178static const struct osmo_fsm_state vgcs_gcc_fsm_states[] = {
1179 [VGCS_GCC_ST_N0_NULL] = {
1180 .name = "NULL (N0)",
1181 .in_event_mask = S(VGCS_GCC_EV_NET_SETUP) |
1182 S(VGCS_GCC_EV_NET_TERM) |
1183 S(VGCS_GCC_EV_USER_SETUP) |
1184 S(VGCS_GCC_EV_BSS_ESTABLISHED) |
1185 S(VGCS_GCC_EV_BSS_RELEASED),
1186 .out_state_mask = S(VGCS_GCC_ST_N1_CALL_INITIATED) |
1187 S(VGCS_GCC_ST_N2_CALL_ACTIVE),
1188 .action = vgcs_gcc_fsm_n0_null,
1189 },
1190 [VGCS_GCC_ST_N1_CALL_INITIATED] = {
1191 .name = "CALL INITATED (N1)",
1192 .in_event_mask = S(VGCS_GCC_EV_NET_TERM) |
1193 S(VGCS_GCC_EV_USER_TERM) |
1194 S(VGCS_GCC_EV_BSS_ESTABLISHED) |
1195 S(VGCS_GCC_EV_BSS_ASSIGN_CPL) |
1196 S(VGCS_GCC_EV_BSS_ASSIGN_FAIL) |
1197 S(VGCS_GCC_EV_BSS_RELEASED),
1198 .out_state_mask = S(VGCS_GCC_ST_N0_NULL) |
1199 S(VGCS_GCC_ST_N2_CALL_ACTIVE) |
1200 S(VGCS_GCC_ST_N3_CALL_EST_PROC),
1201 .action = vgcs_gcc_fsm_n1_call_initiated,
1202 },
1203 [VGCS_GCC_ST_N2_CALL_ACTIVE] = {
1204 .name = "CALL ACTIVE (N2)",
1205 .in_event_mask = S(VGCS_GCC_EV_NET_TERM) |
1206 S(VGCS_GCC_EV_USER_TERM) |
1207 S(VGCS_GCC_EV_BSS_RELEASED) |
1208 S(VGCS_GCC_EV_TIMEOUT),
1209 .out_state_mask = S(VGCS_GCC_ST_N0_NULL),
1210 .action = vgcs_gcc_fsm_n2_call_active,
1211 },
1212 [VGCS_GCC_ST_N3_CALL_EST_PROC] = {
1213 .name = "CALL EST PROCEEDING (N3)",
1214 .in_event_mask = S(VGCS_GCC_EV_NET_TERM) |
1215 S(VGCS_GCC_EV_USER_TERM) |
1216 S(VGCS_GCC_EV_BSS_ESTABLISHED) |
1217 S(VGCS_GCC_EV_BSS_ASSIGN_CPL) |
1218 S(VGCS_GCC_EV_BSS_ASSIGN_FAIL) |
1219 S(VGCS_GCC_EV_BSS_RELEASED),
1220 .out_state_mask = S(VGCS_GCC_ST_N2_CALL_ACTIVE) |
1221 S(VGCS_GCC_ST_N0_NULL),
1222 .action = vgcs_gcc_fsm_n3_call_est_proc,
1223 },
1224 // We don't need a state to wait for the group call to be terminated in all cells
1225};
1226
1227static struct osmo_fsm vgcs_bcc_fsm = {
1228 .name = "bcc",
1229 .states = vgcs_gcc_fsm_states,
1230 .num_states = ARRAY_SIZE(vgcs_gcc_fsm_states),
1231 .log_subsys = DBCC,
1232 .event_names = vgcs_gcc_fsm_event_names,
1233};
1234
1235static struct osmo_fsm vgcs_gcc_fsm = {
1236 .name = "gcc",
1237 .states = vgcs_gcc_fsm_states,
1238 .num_states = ARRAY_SIZE(vgcs_gcc_fsm_states),
1239 .log_subsys = DGCC,
1240 .event_names = vgcs_gcc_fsm_event_names,
1241};
1242
1243const char *vgcs_bcc_gcc_state_name(struct osmo_fsm_inst *fi)
1244{
1245 return vgcs_gcc_fsm_states[fi->state].name;
1246}
1247
1248static int update_uplink_state(struct vgcs_bss *bss, bool uplink_busy);
1249
1250/* Receive RR messages from calling subscriber, prior assignment to VGCS/VBS. */
1251int gsm44068_rcv_rr(struct msc_a *msc_a, struct msgb *msg)
1252{
1253 struct gsm_trans *trans = NULL;
1254 struct gsm48_hdr *gh;
1255 uint8_t msg_type;
1256
1257 gh = msgb_l3(msg);
1258 msg_type = gsm48_hdr_msg_type(gh);
1259
1260 /* Find transaction. */
1261 trans = trans_find_by_type(msc_a, TRANS_GCC);
1262 if (!trans)
1263 trans = trans_find_by_type(msc_a, TRANS_BCC);
1264
1265 if (!trans) {
1266 LOG_GCC(trans, LOGL_ERROR, "No VGCS/VBS transaction.\n");
1267 return -EINVAL;
1268 }
1269
1270 /* In case the phone releases uplink prior being assigned to a VGCS */
1271 if (msg_type == GSM48_MT_RR_UPLINK_RELEASE) {
1272 struct vgcs_bss *bss;
1273
1274 LOG_GCC(trans, LOGL_INFO, "Received UPLINK RELEASE on initial channel.\n");
1275 /* Clear the busy flag and unblock all cells. */
1276 trans->gcc.uplink_bss = NULL;
1277 trans->gcc.uplink_cell = NULL;
1278 trans->gcc.uplink_busy = false;
1279 llist_for_each_entry(bss, &trans->gcc.bss_list, list) {
1280 /* Update uplink state. */
1281 update_uplink_state(bss, trans->gcc.uplink_busy);
1282 }
1283 /* Start inactivity timer. */
1284 start_inactivity_timer(bss->trans);
1285 /* Next, the MS will switch to the VGCS as listener. Nothing else to do here. */
1286 }
1287
1288 return 0;
1289}
1290
1291/* Allocation of transaction for group call */
1292static struct gsm_trans *trans_alloc_vgcs(struct gsm_network *net,
1293 struct vlr_subscr *vsub,
1294 enum trans_type trans_type, uint8_t transaction_id,
1295 uint32_t callref,
1296 struct gcr *gcr,
1297 bool uplink_busy)
1298{
1299 struct gsm_trans *trans;
1300
1301 trans = trans_alloc(net, vsub, trans_type, transaction_id, callref);
1302 if (!trans) {
1303 LOG_GCC(trans, LOGL_ERROR, "No memory for trans.\n");
1304 return NULL;
1305 }
1306 /* The uplink is busy when the call is started until the calling subscriber releases. */
1307 trans->gcc.uplink_busy = uplink_busy;
1308 trans->gcc.uplink_originator = true;
1309 INIT_LLIST_HEAD(&trans->gcc.bss_list);
1310 trans->gcc.inactivity_to = gcr->timeout;
1311 trans->gcc.mute_talker = gcr->mute_talker;
1312 trans->gcc.timer_inactivity.data = trans;
1313 trans->gcc.timer_inactivity.cb = inactivity_timer_cb;
1314 trans->gcc.fi = osmo_fsm_inst_alloc((trans_type == TRANS_GCC) ? &vgcs_gcc_fsm : &vgcs_bcc_fsm,
1315 trans, trans, LOGL_DEBUG, NULL);
1316 if (!trans->gcc.fi) {
1317 LOG_GCC(trans, LOGL_ERROR, "No memory for state machine.\n");
1318 trans_free(trans);
1319 return NULL;
1320 }
1321
1322 return trans;
1323}
1324
1325/* Create transaction from incoming voice group/broadcast call. */
1326static struct gsm_trans *trans_create_bcc_gcc(struct msc_a *msc_a, enum trans_type trans_type, uint8_t transaction_id,
1327 uint8_t pdisc, uint8_t msg_type, uint32_t callref)
1328{
Andreas Eversberg7e65ed92023-07-19 09:38:25 +0200[diff] [blame]1329 struct gsm_network *net;
1330 struct vlr_subscr *vsub;
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]1331 struct gsm_trans *trans = NULL;
1332 struct gcr *gcr;
1333 int rc;
1334
1335 if (!msc_a) {
1336 LOG_GCC(trans, LOGL_ERROR, "Invalid conn: no msc_a\n");
1337 return NULL;
1338 }
Andreas Eversberg7e65ed92023-07-19 09:38:25 +0200[diff] [blame]1339 net = msc_a_net(msc_a);
1340 vsub = msc_a_vsub(msc_a);
1341
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]1342 if (!vsub) {
1343 LOG_GCC(trans, LOGL_ERROR, "Invalid conn: no subscriber\n");
1344 return NULL;
1345 }
1346
1347 /* An earlier CM Service Request for this CC message now has concluded */
1348 if (!osmo_use_count_by(&msc_a->use_count,
1349 (trans_type == TRANS_GCC) ? MSC_A_USE_CM_SERVICE_GCC : MSC_A_USE_CM_SERVICE_BCC))
1350 LOG_MSC_A(msc_a, LOGL_ERROR,
1351 "Creating new %s transaction without prior CM Service Request.\n",
1352 get_value_string(trans_type_names, trans_type));
1353 else
1354 msc_a_put(msc_a,
1355 (trans_type == TRANS_GCC) ? MSC_A_USE_CM_SERVICE_GCC : MSC_A_USE_CM_SERVICE_BCC);
1356
1357 /* A transaction must be created with a SETUP message. */
1358 if (msg_type != OSMO_GSM44068_MSGT_IMMEDIATE_SETUP
1359 && msg_type != OSMO_GSM44068_MSGT_SETUP
1360 && msg_type != OSMO_GSM44068_MSGT_IMMEDIATE_SETUP_2) {
1361 LOG_GCC(trans, LOGL_ERROR, "No transaction and message is not a SETUP.\n");
1362 return NULL;
1363 }
1364
1365 /* Check if callref already exists. */
1366 trans = trans_find_by_callref(net, trans_type, callref);
1367 if (trans) {
1368 LOG_GCC(trans, LOGL_INFO, "Call to existing %s with callref %s, rejecting!\n",
1369 trans_type_name(trans_type), gsm44068_group_id_string(callref));
1370 rc = gsm44068_tx_termination(msc_a, NULL,
1371 pdisc | (transaction_id << 4),
1372 OSMO_GSM44068_MSGT_TERMINATION,
1373 OSMO_GSM44068_CAUSE_BUSY, NULL, 0);
1374 if (rc < 0)
1375 LOG_GCC(trans, LOGL_ERROR, "Failed to send TERMINATION towards MS.\n");
1376 return 0;
1377 }
1378
1379 /* Check GCR for Group ID. */
1380 gcr = gcr_by_callref(net, trans_type, callref);
1381 if (!gcr) {
1382 LOG_GCC(trans, LOGL_INFO, "No Group configured for %s callref %s, rejecting!\n",
1383 trans_type_name(trans_type), gsm44068_group_id_string(callref));
1384 // FIXME: Better cause value for a group that does not exist ?
1385 rc = gsm44068_tx_termination(msc_a, NULL,
1386 pdisc | (transaction_id << 4),
1387 OSMO_GSM44068_MSGT_TERMINATION,
1388 OSMO_GSM44068_CAUSE_REQUESTED_SERVICE_NOT_SUB, NULL, 0);
1389 if (rc < 0)
1390 LOG_GCC(trans, LOGL_ERROR, "Failed to send TERMINATION towards MS.\n");
1391 return 0;
1392 }
1393
1394 /* Create transaction, uplink is busy. */
1395 trans = trans_alloc_vgcs(net, vsub, trans_type, transaction_id, callref, gcr, true);
1396 if (!trans) {
1397 rc = gsm44068_tx_termination(msc_a, NULL,
1398 pdisc | (transaction_id << 4),
1399 OSMO_GSM44068_MSGT_TERMINATION,
1400 OSMO_GSM44068_CAUSE_NETWORK_FAILURE, NULL, 0);
1401 if (rc < 0)
1402 LOG_GCC(trans, LOGL_ERROR, "Failed to send TERMINATION towards MS.\n");
1403 return NULL;
1404 }
1405
1406 if (osmo_fsm_inst_dispatch(msc_a->c.fi, MSC_A_EV_TRANSACTION_ACCEPTED, trans)) {
1407 LOG_MSC_A(msc_a, LOGL_ERROR, "Not allowed to accept %s transaction.\n",
1408 get_value_string(trans_type_names, trans_type));
1409 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NETWORK_FAILURE);
1410 return NULL;
1411 }
1412
1413 /* Assign transaction */
1414 msc_a_get(msc_a, (trans_type == TRANS_GCC) ? MSC_A_USE_GCC : MSC_A_USE_BCC);
1415 trans->msc_a = msc_a;
1416 trans->dlci = 0; /* main DCCH */
1417
1418 return trans;
1419}
1420
1421/* Receive GCC/BCC messages from calling subscriber, depending on the PDISC used. */
1422int gsm44068_rcv_bcc_gcc(struct msc_a *msc_a, struct gsm_trans *trans, struct msgb *msg)
1423{
1424 struct gsm48_hdr *gh = msgb_l3(msg);
1425 uint8_t msg_type = gsm48_hdr_msg_type(gh);
1426 uint8_t pdisc = gsm48_hdr_pdisc(gh);
1427 uint8_t transaction_id = gsm48_hdr_trans_id_flip_ti(gh);
1428 enum trans_type trans_type = (pdisc == GSM48_PDISC_GROUP_CC) ? TRANS_GCC : TRANS_BCC;
1429
1430 uint8_t key_seq;
1431 bool talker_prio_requested;
1432 bool with_talker_prio;
1433 uint8_t talker_prio;
1434 struct gsm48_classmark2 cm2;
1435 struct osmo_mobile_identity mi;
1436 uint32_t callref;
1437 bool with_prio;
1438 uint8_t prio;
1439 char user_user[64] = "";
1440 uint8_t cause;
1441 uint8_t diag[256];
1442 uint8_t diag_len;
1443 bool with_call_state;
1444 enum osmo_gsm44068_call_state call_state;
1445 bool with_state_attrs;
1446 uint8_t da, ua, comm, oi;
1447 int rc = 0;
1448
1449 /* Remove sequence number (bit 7) from message type. */
1450 msg_type &= 0xbf;
1451
1452 /* Parse messages. */
1453 switch (msg_type) {
1454 case OSMO_GSM44068_MSGT_SETUP:
1455 rc = gsm44068_rx_setup(msg, &talker_prio_requested, &talker_prio, &callref, &with_prio, &prio,
1456 user_user);
1457 break;
1458 case OSMO_GSM44068_MSGT_IMMEDIATE_SETUP:
1459 case OSMO_GSM44068_MSGT_IMMEDIATE_SETUP_2:
1460 rc = gsm44068_rx_immediate_setup(msg, &talker_prio, &key_seq, &cm2, &mi, &callref, &with_prio, &prio,
1461 user_user);
1462 break;
1463 case OSMO_GSM44068_MSGT_STATUS:
1464 rc = gsm44068_rx_status(msg, &cause, diag, &diag_len, &with_call_state, &call_state,
1465 &with_state_attrs, &da, &ua, &comm, &oi);
1466 break;
1467 case OSMO_GSM44068_MSGT_TERMINATION_REQUEST:
1468 rc = gsm44068_rx_termination_req(msg, &callref, &with_prio, &prio, &with_talker_prio, &talker_prio);
1469 break;
1470 default:
1471 LOG_GCC(trans, LOGL_ERROR, "Invalid message type: 0x%02x\n", msg_type);
1472 return -EINVAL;
1473 }
1474 if (rc < 0)
1475 return rc;
1476
1477 /* Find transaction, if called from msc_a. */
1478 if (!trans)
1479 trans = trans_find_by_id(msc_a, trans_type, transaction_id);
1480
1481 /* Create transaction for SETUP message. */
1482 if (!trans) {
1483 trans = trans_create_bcc_gcc(msc_a, trans_type, transaction_id, pdisc, msg_type, callref);
1484 if (!trans)
1485 return -EINVAL;
1486 } else {
1487 /* A phone may not call while a VGCS is already active */
1488 if (msg_type == OSMO_GSM44068_MSGT_IMMEDIATE_SETUP
1489 || msg_type == OSMO_GSM44068_MSGT_SETUP
1490 || msg_type == OSMO_GSM44068_MSGT_IMMEDIATE_SETUP_2) {
1491 LOG_GCC(trans, LOGL_ERROR, "Received SETUP while call is already set up, rejecting.\n");
1492 rc = gsm44068_tx_termination(msc_a, NULL,
1493 pdisc | (transaction_id << 4),
1494 OSMO_GSM44068_MSGT_TERMINATION,
1495 OSMO_GSM44068_CAUSE_NETWORK_FAILURE, NULL, 0);
1496 if (rc < 0)
1497 LOG_GCC(trans, LOGL_ERROR, "Failed to send TERMINATION towards MS.\n");
1498 return -EINVAL;
1499 }
1500 }
1501
1502 /* Handle received GCC messages (trigger state machine). */
1503 switch (msg_type) {
1504 case OSMO_GSM44068_MSGT_IMMEDIATE_SETUP:
1505 case OSMO_GSM44068_MSGT_SETUP:
1506 case OSMO_GSM44068_MSGT_IMMEDIATE_SETUP_2:
1507 LOG_GCC(trans, LOGL_INFO, "Received SETUP.\n");
1508 osmo_fsm_inst_dispatch(trans->gcc.fi, VGCS_GCC_EV_USER_SETUP, NULL);
1509 break;
1510 case OSMO_GSM44068_MSGT_STATUS:
1511 LOG_GCC(trans, LOGL_NOTICE, "Received STATUS with cause %d (%s).\n", cause,
1512 get_value_string(osmo_gsm44068_cause_names, cause));
1513 if (diag_len)
1514 LOG_GCC(trans, LOGL_NOTICE, " -> diagnostics: %s\n", osmo_hexdump(diag, diag_len));
1515 if (with_call_state)
1516 LOG_GCC(trans, LOGL_NOTICE, " -> call state %s\n",
1517 get_value_string(osmo_gsm44068_call_state_names, call_state));
1518 break;
1519 case OSMO_GSM44068_MSGT_TERMINATION_REQUEST:
1520 LOG_GCC(trans, LOGL_INFO, "Received TERMINATRION REQUEST.\n");
1521 if (callref != trans->callref) {
1522 LOG_GCC(trans, LOGL_NOTICE, "Received callref 0x%x does not match!\n", callref);
1523 break;
1524 }
1525 osmo_fsm_inst_dispatch(trans->gcc.fi, VGCS_GCC_EV_USER_TERM, NULL);
1526 break;
1527 }
1528
1529 return 0;
1530}
1531
1532static void bss_clear(struct vgcs_bss *bss, uint8_t cause, bool notify_trans);
1533
1534/* Call Control Specific transaction release.
1535 * gets called by trans_free, DO NOT CALL YOURSELF! */
1536void gsm44068_bcc_gcc_trans_free(struct gsm_trans *trans)
1537{
1538 struct vgcs_bss *bss, *bss2;
1539
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]1540 /* Free FSM. */
Andreas Eversbergb865c622023-07-19 10:06:07 +0200[diff] [blame]1541 if (trans->gcc.fi) {
1542 osmo_fsm_inst_state_chg(trans->gcc.fi, VGCS_GCC_ST_N0_NULL, 0, 0);
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]1543 osmo_fsm_inst_term(trans->gcc.fi, OSMO_FSM_TERM_REGULAR, NULL);
Andreas Eversbergb865c622023-07-19 10:06:07 +0200[diff] [blame]1544 }
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]1545
1546 /* Remove relations to cells.
1547 * We must loop safe, because bss_clear() will detach every call control instance from list. */
1548 llist_for_each_entry_safe(bss, bss2, &trans->gcc.bss_list, list)
1549 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_CLEAR, NULL);
1550
1551 /* Stop inactivity timer. */
1552 stop_inactivity_timer(trans);
1553}
1554
1555/* Create a new call from VTY command. */
1556const char *vgcs_vty_initiate(struct gsm_network *gsmnet, struct gcr *gcr)
1557{
1558 enum trans_type trans_type;
1559 uint32_t callref;
1560 struct gsm_trans *trans;
1561
1562 /* Get callref from stored suffix. Caller cannot choose a prefix. */
1563 trans_type = gcr->trans_type;
1564 callref = atoi(gcr->group_id);
1565
1566 /* Check if callref already exists. */
1567 trans = trans_find_by_callref(gsmnet, trans_type, callref);
1568 if (trans) {
1569 LOG_GCC(trans, LOGL_INFO, "Call to existing %s with callref %s, rejecting!\n",
1570 trans_type_name(trans_type), gsm44068_group_id_string(callref));
1571 return "Call already exists.";
1572 }
1573
1574 /* Create transaction, uplink is free. */
1575 trans = trans_alloc_vgcs(gsmnet, NULL, trans_type, 0, callref, gcr, false);
1576 if (!trans) {
1577 LOG_GCC(trans, LOGL_ERROR, "No memory for trans.\n");
1578 return "Failed to create call.";
1579 }
1580
1581 LOG_GCC(trans, LOGL_INFO, "VTY initiates call.\n");
1582 osmo_fsm_inst_dispatch(trans->gcc.fi, VGCS_GCC_EV_NET_SETUP, NULL);
1583
1584 return NULL;
1585}
1586
1587/* Destroy a call from VTY command. */
1588const char *vgcs_vty_terminate(struct gsm_network *gsmnet, struct gcr *gcr)
1589{
1590 enum trans_type trans_type;
1591 uint32_t callref;
1592 struct gsm_trans *trans;
1593
1594 /* Get callref from stored suffix. Caller cannot choose a prefix. */
1595 trans_type = gcr->trans_type;
1596 callref = atoi(gcr->group_id);
1597
1598 /* Check if callref exists. */
1599 trans = trans_find_by_callref(gsmnet, trans_type, callref);
1600 if (!trans)
1601 return "Call does not exist.";
1602
1603 LOG_GCC(trans, LOGL_INFO, "VTY terminates call.\n");
1604 osmo_fsm_inst_dispatch(trans->gcc.fi, VGCS_GCC_EV_NET_TERM, NULL);
1605
1606 return NULL;
1607}
1608
1609/*
1610 * BSS state machine - handles all BSS "call control" instances
1611 */
1612
1613static const struct value_string vgcs_bss_fsm_event_names[] = {
1614 OSMO_VALUE_STRING(VGCS_BSS_EV_SETUP),
1615 OSMO_VALUE_STRING(VGCS_BSS_EV_SETUP_ACK),
1616 OSMO_VALUE_STRING(VGCS_BSS_EV_SETUP_REFUSE),
1617 OSMO_VALUE_STRING(VGCS_BSS_EV_ACTIVE_OR_FAIL),
1618 OSMO_VALUE_STRING(VGCS_BSS_EV_UL_REQUEST),
1619 OSMO_VALUE_STRING(VGCS_BSS_EV_UL_REQUEST_CNF),
1620 OSMO_VALUE_STRING(VGCS_BSS_EV_UL_APP_DATA),
1621 OSMO_VALUE_STRING(VGCS_BSS_EV_BSS_DTAP),
1622 OSMO_VALUE_STRING(VGCS_BSS_EV_UL_RELEASE),
1623 OSMO_VALUE_STRING(VGCS_BSS_EV_CLEAR),
1624 OSMO_VALUE_STRING(VGCS_BSS_EV_CLOSE),
1625 OSMO_VALUE_STRING(VGCS_BSS_EV_RELEASED),
1626 { }
1627};
1628
1629/* Blocks or unblocks uplinks of a BSS. */
1630static int update_uplink_state(struct vgcs_bss *bss, bool uplink_busy)
1631{
1632 struct ran_msg ran_msg;
1633 int rc;
1634
1635 if (uplink_busy) {
1636 /* Send UPLINK SEIZED COMMAND to BSS. */
1637 LOG_BSS(bss, LOGL_DEBUG, "Sending (VGCS) UPLINK SEIZED COMMAND towards BSS.\n");
1638 ran_msg = (struct ran_msg){
1639 .msg_type = RAN_MSG_UPLINK_SEIZED_CMD,
1640 .uplink_seized_cmd = {
1641 .cause = GSM0808_CAUSE_CALL_CONTROL,
1642 },
1643 };
1644 } else {
1645 /* Send UPLINK RELEASE COMMAND to BSS. */
1646 LOG_BSS(bss, LOGL_DEBUG, "Sending (VGCS) UPLINK RELEASE COMMAND towards BSS.\n");
1647 ran_msg = (struct ran_msg){
1648 .msg_type = RAN_MSG_UPLINK_RELEASE_CMD,
1649 .uplink_release_cmd = {
1650 .cause = GSM0808_CAUSE_CALL_CONTROL,
1651 },
1652 };
1653 }
1654
1655 rc = ran_encode_and_send(bss->fi, &ran_msg, bss->conn, false);
1656
1657 return rc;
1658}
1659
1660/* Clear the connection towards BSS.
1661 * The instance is removed soon, so it is detached from transaction and cells. */
1662static void bss_clear(struct vgcs_bss *bss, uint8_t cause, bool notify_trans)
1663{
1664 struct ran_msg ran_msg;
1665 struct gsm_trans *trans = bss->trans;
1666 struct vgcs_bss_cell *cell, *cell2;
1667
1668 /* Must detach us from transaction. */
1669 if (bss->trans) {
1670 /* Remove pointer to talking BSS and cell. */
1671 if (bss == bss->trans->gcc.uplink_bss) {
1672 bss->trans->gcc.uplink_bss = NULL;
1673 bss->trans->gcc.uplink_cell = NULL;
1674 }
1675 llist_del(&bss->list);
1676 bss->trans = NULL;
1677 }
1678
1679 /* Change state. */
1680 osmo_fsm_inst_state_chg(bss->fi, VGCS_BSS_ST_RELEASE, 0, 0);
1681
1682 /* Send Clear Command to BSS. */
1683 ran_msg = (struct ran_msg){
1684 .msg_type = RAN_MSG_CLEAR_COMMAND,
1685 .clear_command = {
1686 .gsm0808_cause = cause,
1687 },
1688 };
1689 if (bss->conn) {
1690 LOG_BSS(bss, LOGL_DEBUG, "Sending CLEAR COMMAND for call controling channel.\n");
1691 ran_encode_and_send(bss->fi, &ran_msg, bss->conn, false);
1692 }
1693
1694 /* Trigger clear of all cells. Be safe, because the process will remove cells from list. */
1695 llist_for_each_entry_safe(cell, cell2, &bss->cell_list, list_bss)
1696 osmo_fsm_inst_dispatch(cell->fi, VGCS_CELL_EV_CLEAR, NULL);
1697
1698 /* Detach us from all BSS, if still linked */
1699 llist_for_each_entry_safe(cell, cell2, &bss->cell_list, list_bss) {
1700 llist_del(&cell->list_bss);
1701 cell->bss = NULL;
1702 }
1703
1704 /* If all BS are gone, notify calling subscriber process. */
1705 if (notify_trans && trans && llist_empty(&trans->gcc.bss_list)) {
1706 LOG_BSS(bss, LOGL_DEBUG, "Notify calling user process, that all BSSs are cleared.\n");
1707 osmo_fsm_inst_dispatch(trans->gcc.fi, VGCS_GCC_EV_BSS_RELEASED, NULL);
1708 }
1709}
1710
1711/* When finally the BSS connection is released. (CLEAR COMPLETE response)
1712 * The instance is removed, so it is detached from transaction and cells, if not already. */
1713static void bss_destroy(struct vgcs_bss *bss)
1714{
1715 struct vgcs_bss_cell *cell, *cell2;
1716
1717 LOG_BSS(bss, LOGL_DEBUG, "Removing BSS call controling instance.\n");
1718
1719 /* Must detach us from transaction, if not already. */
1720 if (bss->trans) {
1721 /* Remove pointer to talking BSS and cell. */
1722 if (bss == bss->trans->gcc.uplink_bss) {
1723 bss->trans->gcc.uplink_bss = NULL;
1724 bss->trans->gcc.uplink_cell = NULL;
1725 }
1726 llist_del(&bss->list);
1727 bss->trans = NULL;
1728 }
1729
1730 /* Detach us from RAN connection. */
1731 if (bss->conn) {
1732 if (bss->conn->vgcs.bss == bss)
1733 bss->conn->vgcs.bss = NULL;
1734 if (bss->conn->vgcs.cell == bss)
1735 bss->conn->vgcs.cell = NULL;
1736 ran_conn_close(bss->conn);
1737 bss->conn = NULL;
1738 }
1739
1740 /* Detach us from all BSS, if still linked */
1741 llist_for_each_entry_safe(cell, cell2, &bss->cell_list, list_bss) {
1742 llist_del(&cell->list_bss);
1743 cell->bss = NULL;
1744 }
1745
1746 /* Free FSM. (should be allocated) */
1747 osmo_fsm_inst_state_chg(bss->fi, VGCS_BSS_ST_NULL, 0, 0);
1748 osmo_fsm_inst_term(bss->fi, OSMO_FSM_TERM_REGULAR, NULL);
1749}
1750
1751/* Get identity of talker.
1752 * This is required to detect if the talker is the calling subscriber. */
1753static int talker_identity(struct vgcs_bss *bss, uint8_t *l3, int l3_len)
1754{
1755 struct osmo_mobile_identity mi;
1756 int rc;
1757
1758 puts(osmo_hexdump(l3, l3_len));
1759 rc = osmo_mobile_identity_decode_from_l3_buf(&mi, l3, l3_len, false);
1760 if (rc < 0) {
1761 LOG_BSS(bss, LOGL_DEBUG, "Talker's Identity cannot be decoded.\n");
1762 return rc;
1763 }
1764
1765 switch (mi.type) {
1766 case GSM_MI_TYPE_IMSI:
1767 if (!bss->trans->vsub)
1768 break;
1769 LOG_BSS(bss, LOGL_DEBUG, "Talker's sends IMSI %s, originator has IMSI %s.\n",
1770 mi.imsi, bss->trans->vsub->imsi);
1771 if (!strcmp(mi.imsi, bss->trans->vsub->imsi))
1772 return 1;
1773 break;
1774 case GSM_MI_TYPE_TMSI:
1775 if (!bss->trans->vsub)
1776 break;
1777 LOG_BSS(bss, LOGL_DEBUG, "Talker's sends TMSI 0x%08x, originator has TMSI 0x%08x.\n",
1778 mi.tmsi, bss->trans->vsub->tmsi);
1779 if (mi.tmsi == bss->trans->vsub->tmsi)
1780 return 1;
1781 break;
1782 default:
1783 LOG_BSS(bss, LOGL_DEBUG, "Talker's Identity is not IMSI nor TMSI.\n");
1784 return -EINVAL;
1785 }
1786
1787 return 0;
1788}
1789
1790static void vgcs_bss_fsm_null(struct osmo_fsm_inst *fi, uint32_t event, void *data)
1791{
1792 struct vgcs_bss *bss = fi->priv;
1793 struct ran_msg ran_msg;
1794
1795 switch (event) {
1796 case VGCS_BSS_EV_SETUP:
1797 /* Change state. */
1798 osmo_fsm_inst_state_chg(fi, VGCS_BSS_ST_SETUP, 0, 0);
1799 /* Send VGCS/VBS SETUP to BSS. */
1800 LOG_BSS(bss, LOGL_DEBUG, "Sending VGCS/VBS SETUP towards BSS.\n");
1801 ran_msg = (struct ran_msg){
1802 .msg_type = RAN_MSG_VGCS_VBS_SETUP,
1803 .vgcs_vbs_setup = {
1804 .callref = {
1805 .sf = (bss->trans->type == TRANS_GCC),
1806 },
1807 .vgcs_feature_flags_present = true,
1808 },
1809 };
1810 osmo_store32be_ext(bss->callref >> 3, &ran_msg.vgcs_vbs_setup.callref.call_ref_hi, 3);
1811 ran_msg.vgcs_vbs_setup.callref.call_ref_lo = bss->callref & 0x7;
1812 /* First message, so we must set "initial" to "true". */
1813 ran_encode_and_send(fi, &ran_msg, bss->conn, true);
1814 break;
1815 case VGCS_BSS_EV_CLEAR:
1816 /* The calling user process requested clearing of VGCS/VBS call. */
1817 LOG_BSS(bss, LOGL_DEBUG, "Received clearing from calling user process.\n");
1818 bss_clear(bss, GSM0808_CAUSE_CALL_CONTROL, false);
1819 break;
1820 default:
1821 OSMO_ASSERT(false);
1822 }
1823}
1824
1825static void vgcs_bss_fsm_setup(struct osmo_fsm_inst *fi, uint32_t event, void *data)
1826{
1827 struct vgcs_bss *bss = fi->priv;
1828 struct vgcs_bss_cell *cell, *cell2;
1829
1830 switch (event) {
1831 case VGCS_BSS_EV_SETUP_ACK:
1832 /* Receive VGCS/VBS SETUP ACK from BSS. */
1833 LOG_BSS(bss, LOGL_DEBUG, "Received VGCS/VBS SETUP ACK from BSS.\n");
1834 /* Send current uplink state to this BSS. */
1835 if (bss->trans)
1836 update_uplink_state(bss, bss->trans->gcc.uplink_busy);
1837 /* Change state. */
1838 osmo_fsm_inst_state_chg(fi, VGCS_BSS_ST_ASSIGNMENT, 0, 0);
1839 /* Trigger VGCS/VBS ASSIGNMENT */
1840 llist_for_each_entry_safe(cell, cell2, &bss->cell_list, list_bss)
1841 osmo_fsm_inst_dispatch(cell->fi, VGCS_CELL_EV_ASSIGN, NULL);
1842 /* If all failed, clear call. */
1843 if (llist_empty(&bss->cell_list)) {
1844 LOG_BSS(bss, LOGL_NOTICE, "All VGCS/VBS assignments failed.\n");
1845 bss_clear(bss, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC, true);
1846 break;
1847 }
1848 break;
1849 case VGCS_BSS_EV_SETUP_REFUSE:
1850 /* Received VGCS/VBS SETUP REFUSE from BSS. */
1851 LOG_BSS(bss, LOGL_NOTICE, "Received VGCS/VBS SETUP REFUSE from BSS.\n");
1852 bss_clear(bss, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC, true);
1853 break;
1854 case VGCS_BSS_EV_CLEAR:
1855 /* The calling user process requested clearing of VGCS/VBS call. */
1856 LOG_BSS(bss, LOGL_DEBUG, "Received clearing from calling user process.\n");
1857 bss_clear(bss, GSM0808_CAUSE_CALL_CONTROL, false);
1858 break;
1859 case VGCS_BSS_EV_CLOSE:
1860 /* The SCCP connection from the MSC has been closed. */
1861 LOG_BSS(bss, LOGL_NOTICE, "Received SCCP connecting closing from MSC.\n");
1862 if (bss->conn) {
1863 bss->conn->vgcs.bss = NULL;
1864 bss->conn = NULL;
1865 }
1866 bss_clear(bss, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC, true);
1867 break;
1868 default:
1869 OSMO_ASSERT(false);
1870 }
1871}
1872
1873static void vgcs_bss_fsm_assignment(struct osmo_fsm_inst *fi, uint32_t event, void *data)
1874{
1875 struct vgcs_bss *bss = fi->priv;
1876 struct vgcs_bss_cell *c;
1877 bool assigned;
1878
1879 switch (event) {
1880 case VGCS_BSS_EV_ACTIVE_OR_FAIL:
1881 /* If all gone, clear call. */
1882 if (llist_empty(&bss->cell_list)) {
1883 LOG_BSS(bss, LOGL_NOTICE, "All VGCS/VBS assignments failed.\n");
1884 bss_clear(bss, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC, true);
1885 break;
1886 }
1887 /* Is there a response for all cells?
1888 * This means that all the channels have a positive response
1889 * There is no channel with negative response, because a
1890 * negative response will remove the channel. */
1891 assigned = true;
1892 llist_for_each_entry(c, &bss->cell_list, list_bss) {
1893 if (!c->assigned)
1894 assigned = false;
1895 }
1896 if (!assigned)
1897 break;
1898 LOG_BSS(bss, LOGL_DEBUG, "All VGCS/VBS assignments have responded.\n");
1899 /* Change state. */
1900 osmo_fsm_inst_state_chg(fi, VGCS_BSS_ST_ACTIVE, 0, 0);
1901 /* Notify calling subscriber process. */
1902 LOG_BSS(bss, LOGL_DEBUG, "Notify calling user process, that all BSSs are connected.\n");
1903 if (bss->trans)
1904 osmo_fsm_inst_dispatch(bss->trans->gcc.fi, VGCS_GCC_EV_BSS_ESTABLISHED, NULL);
1905 break;
1906 case VGCS_BSS_EV_CLEAR:
1907 /* The calling user process requested clearing of VGCS/VBS call. */
1908 LOG_BSS(bss, LOGL_DEBUG, "Received clearing from calling user process.\n");
1909 bss_clear(bss, GSM0808_CAUSE_CALL_CONTROL, false);
1910 break;
1911 case VGCS_BSS_EV_CLOSE:
1912 /* The SCCP connection from the MSC has been closed. */
1913 LOG_BSS(bss, LOGL_NOTICE, "Received SCCP connecting closing from MSC.\n");
1914 if (bss->conn) {
1915 bss->conn->vgcs.bss = NULL;
1916 bss->conn = NULL;
1917 }
1918 bss_clear(bss, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC, true);
1919 break;
1920 default:
1921 OSMO_ASSERT(false);
1922 }
1923}
1924
1925static void vgcs_bss_fsm_active(struct osmo_fsm_inst *fi, uint32_t event, void *data)
1926{
1927 struct vgcs_bss *bss = fi->priv, *other;
1928 struct ran_msg *rx_ran_msg = data;
1929 struct ran_msg tx_ran_msg;
1930 int rc;
1931
1932 switch (event) {
1933 case VGCS_BSS_EV_UL_REQUEST:
1934 LOG_BSS(bss, LOGL_DEBUG, "Listener changed to talker.\n");
1935 if (!bss->trans)
1936 break;
1937 /* Someone is talking. Check if there is no other uplink already busy.
1938 * This should not happen, since all other cells are blocked (SEIZED) as soon as the uplink was
1939 * requested. This may happen due to a race condition, where the uplink was requested before the
1940 * UPLINK SEIZED COMMAND has been received by BSS. */
1941 if (bss->trans->gcc.uplink_busy) {
1942 /* Send UPLINK REJECT COMMAND to BSS. */
1943 LOG_BSS(bss, LOGL_DEBUG, "Sending (VGCS) UPLINK REJECT COMMAND towards BSS.\n");
1944 tx_ran_msg = (struct ran_msg){
1945 .msg_type = RAN_MSG_UPLINK_REJECT_CMD,
1946 .uplink_reject_cmd = {
1947 .cause = GSM0808_CAUSE_CALL_CONTROL,
1948 },
1949 };
1950 ran_encode_and_send(fi, &tx_ran_msg, bss->conn, false);
1951 break;
1952 }
1953 /* Send UPLINK REQUEST ACKNOWLEDGE to BSS. */
1954 LOG_BSS(bss, LOGL_DEBUG, "Sending (VGCS) UPLINK REQUEST ACKNOWLEDGE towards BSS.\n");
1955 tx_ran_msg = (struct ran_msg){
1956 .msg_type = RAN_MSG_UPLINK_REQUEST_ACK,
1957 };
1958 ran_encode_and_send(fi, &tx_ran_msg, bss->conn, false);
1959 /* Set the busy flag and block all other cells. */
1960 bss->trans->gcc.uplink_bss = bss;
1961 bss->trans->gcc.uplink_busy = true;
1962 bss->trans->gcc.uplink_originator = false;
1963 llist_for_each_entry(other, &bss->trans->gcc.bss_list, list) {
1964 if (other == bss)
1965 continue;
1966 /* Update uplink state. */
1967 update_uplink_state(bss, bss->trans->gcc.uplink_busy);
1968 }
1969 /* Stop inactivity timer. */
1970 stop_inactivity_timer(bss->trans);
1971 break;
1972 case VGCS_BSS_EV_UL_REQUEST_CNF:
1973 LOG_BSS(bss, LOGL_DEBUG, "Talker established uplink.\n");
1974 if (!bss->trans)
1975 break;
1976 if (!bss->trans->gcc.uplink_busy || bss->trans->gcc.uplink_bss != bss) {
1977 LOG_BSS(bss, LOGL_ERROR, "Got UL REQUEST CNF, but we did not granted uplink.\n");
1978 break;
1979 }
1980 /* Determine if talker is the originator of the call. */
1981 rc = talker_identity(bss, rx_ran_msg->uplink_request_cnf.l3.l3,
1982 rx_ran_msg->uplink_request_cnf.l3.l3_len);
1983 if (rc > 0) {
1984 bss->trans->gcc.uplink_originator = true;
1985 LOG_BSS(bss, LOGL_DEBUG, "Talker is the originator of the call.\n");
1986 }
1987 /* Set parameter. */
1988 set_parameter(bss->trans);
1989 /* Set cell of current talker. */
1990 set_uplink_cell(bss, &rx_ran_msg->uplink_request_cnf.cell_identifier, 0);
1991 /* Set MGW conference. */
1992 set_mgw_conference(bss->trans);
1993 break;
1994 case VGCS_BSS_EV_UL_APP_DATA:
1995 LOG_BSS(bss, LOGL_DEBUG, "Talker sends application data on uplink.\n");
1996 if (!bss->trans)
1997 break;
1998 if (!bss->trans->gcc.uplink_busy || bss->trans->gcc.uplink_bss != bss) {
1999 LOG_BSS(bss, LOGL_ERROR, "Got UP APP DATA, but we did not granted uplink.\n");
2000 break;
2001 }
2002 // FIXME: Use L3 info and feed to app.
2003 break;
2004 case VGCS_BSS_EV_BSS_DTAP:
2005 LOG_BSS(bss, LOGL_DEBUG, "Talker sends DTAP message.\n");
2006 if (!bss->trans)
2007 break;
2008 if (!bss->trans->gcc.uplink_busy || bss->trans->gcc.uplink_bss != bss) {
2009 LOG_BSS(bss, LOGL_ERROR, "Got DTAP from BSS, but we did not granted uplink.\n");
2010 break;
2011 }
2012 gsm44068_rcv_bcc_gcc(NULL, bss->trans, rx_ran_msg->dtap);
2013 break;
2014 case VGCS_BSS_EV_UL_RELEASE:
2015 LOG_BSS(bss, LOGL_DEBUG, "Talker released uplink.\n");
2016 if (!bss->trans)
2017 break;
2018 if (bss->trans->type == TRANS_BCC) {
2019 LOG_BSS(bss, LOGL_DEBUG, "This is a broadcast call, terminating call.\n");
2020 gcc_terminate_and_destroy(bss->trans, OSMO_GSM44068_CAUSE_NORMAL_CALL_CLEARING);
2021 break;
2022 }
2023 if (!bss->trans->gcc.uplink_busy) {
2024 LOG_BSS(bss, LOGL_NOTICE, "Got uplink release, but no uplink busy.\n");
2025 break;
2026 }
2027 /* Talker release the uplink. Ignore, if not from the current talking cell. */
2028 if (bss->trans->gcc.uplink_bss != bss) {
2029 LOG_BSS(bss, LOGL_NOTICE, "Got uplink release, but uplink busy in other cell.\n");
2030 break;
2031 }
2032 /* Clear the busy flag and unblock all other cells. */
2033 bss->trans->gcc.uplink_bss = NULL;
2034 bss->trans->gcc.uplink_cell = NULL;
2035 bss->trans->gcc.uplink_busy = false;
2036 llist_for_each_entry(other, &bss->trans->gcc.bss_list, list) {
2037 if (other == bss)
2038 continue;
2039 /* Update uplink state. */
2040 if (bss->trans)
2041 update_uplink_state(bss, bss->trans->gcc.uplink_busy);
2042 }
2043 /* Set MGW conference. */
2044 set_mgw_conference(bss->trans);
2045 /* Start inactivity timer. */
2046 start_inactivity_timer(bss->trans);
2047 break;
2048 case VGCS_BSS_EV_CLEAR:
2049 /* The calling user process requested clearing of VGCS/VBS call. */
2050 LOG_BSS(bss, LOGL_DEBUG, "Received clearing from calling user process.\n");
2051 bss_clear(bss, GSM0808_CAUSE_CALL_CONTROL, false);
2052 break;
2053 case VGCS_BSS_EV_CLOSE:
2054 /* The SCCP connection from the MSC has been closed. */
2055 LOG_BSS(bss, LOGL_NOTICE, "Received SCCP connecting closing from MSC.\n");
2056 if (bss->conn) {
2057 bss->conn->vgcs.bss = NULL;
2058 bss->conn = NULL;
2059 }
2060 bss_clear(bss, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC, true);
2061 break;
2062 default:
2063 OSMO_ASSERT(false);
2064 }
2065}
2066
2067static void vgcs_bss_fsm_release(struct osmo_fsm_inst *fi, uint32_t event, void *data)
2068{
2069 struct vgcs_bss *bss = fi->priv;
2070
2071 switch (event) {
2072 case VGCS_BSS_EV_CLOSE:
2073 /* The SCCP connection from the MSC has been closed while waitring fro CLEAR COMPLETE. */
2074 LOG_BSS(bss, LOGL_NOTICE, "Received SCCP closing collision.\n");
2075 bss_destroy(bss);
2076 break;
2077 case VGCS_BSS_EV_RELEASED:
2078 LOG_BSS(bss, LOGL_DEBUG, "Received CLEAR COMPLETE from BSS, we are done!\n");
2079 bss_destroy(bss);
2080 break;
2081 default:
2082 OSMO_ASSERT(false);
2083 }
2084}
2085
2086static const struct osmo_fsm_state vgcs_bss_fsm_states[] = {
2087 [VGCS_BSS_ST_NULL] = {
2088 .name = "NULL",
2089 .in_event_mask = S(VGCS_BSS_EV_SETUP) |
2090 S(VGCS_BSS_EV_CLEAR),
2091 .out_state_mask = S(VGCS_BSS_ST_SETUP),
2092 .action = vgcs_bss_fsm_null,
2093 },
2094 [VGCS_BSS_ST_SETUP] = {
2095 .name = "SETUP sent",
2096 .in_event_mask = S(VGCS_BSS_EV_SETUP_ACK) |
2097 S(VGCS_BSS_EV_SETUP_REFUSE) |
2098 S(VGCS_BSS_EV_CLEAR) |
2099 S(VGCS_BSS_EV_CLOSE),
2100 .out_state_mask = S(VGCS_BSS_ST_ASSIGNMENT) |
2101 S(VGCS_BSS_ST_RELEASE),
2102 .action = vgcs_bss_fsm_setup,
2103 },
2104 [VGCS_BSS_ST_ASSIGNMENT] = {
2105 .name = "ASSIGNMENT Sent",
2106 .in_event_mask = S(VGCS_BSS_EV_ACTIVE_OR_FAIL) |
2107 S(VGCS_BSS_EV_CLEAR) |
2108 S(VGCS_BSS_EV_CLOSE),
2109 .out_state_mask = S(VGCS_BSS_ST_ACTIVE) |
2110 S(VGCS_BSS_ST_RELEASE),
2111 .action = vgcs_bss_fsm_assignment,
2112 },
2113 [VGCS_BSS_ST_ACTIVE] = {
2114 .name = "VGCS/VBS Active",
2115 .in_event_mask = S(VGCS_BSS_EV_UL_REQUEST) |
2116 S(VGCS_BSS_EV_UL_REQUEST_CNF) |
2117 S(VGCS_BSS_EV_UL_APP_DATA) |
2118 S(VGCS_BSS_EV_BSS_DTAP) |
2119 S(VGCS_BSS_EV_UL_RELEASE) |
2120 S(VGCS_BSS_EV_CLEAR) |
2121 S(VGCS_BSS_EV_CLOSE),
2122 .out_state_mask = S(VGCS_BSS_ST_RELEASE),
2123 .action = vgcs_bss_fsm_active,
2124 },
2125 [VGCS_BSS_ST_RELEASE] = {
2126 .name = "Releasing VGCS/VBS control",
2127 .in_event_mask = S(VGCS_BSS_EV_CLEAR) |
2128 S(VGCS_BSS_EV_RELEASED),
2129 .out_state_mask = S(VGCS_BSS_ST_NULL),
2130 .action = vgcs_bss_fsm_release,
2131 },
2132};
2133
2134static struct osmo_fsm vgcs_bss_fsm = {
2135 .name = "vgcs_bss",
2136 .states = vgcs_bss_fsm_states,
2137 .num_states = ARRAY_SIZE(vgcs_bss_fsm_states),
2138 .log_subsys = DASCI,
2139 .event_names = vgcs_bss_fsm_event_names,
2140};
2141
2142/* The BSS accepts VGCS/VBS and sends us supported features. */
2143void vgcs_vbs_setup_ack(struct vgcs_bss *bss, const struct ran_msg *ran_msg)
2144{
2145 if (!bss->trans)
2146 return;
2147 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_SETUP_ACK, (void *)ran_msg);
2148}
2149
2150/* The BSS refuses VGCS/VBS. */
2151void vgcs_vbs_setup_refuse(struct vgcs_bss *bss, const struct ran_msg *ran_msg)
2152{
2153 if (!bss->trans)
2154 return;
2155 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_SETUP_REFUSE, (void *)ran_msg);
2156}
2157
2158/* The BSS needs more time for VGCS/VBS channel assignment. */
2159void vgcs_vbs_queuing_ind(struct vgcs_bss_cell *cell)
2160{
2161 if (!cell->bss)
2162 return;
2163}
2164
2165/* A mobile station requests the uplink on a VGCS channel. */
2166void vgcs_uplink_request(struct vgcs_bss *bss, const struct ran_msg *ran_msg)
2167{
2168 if (!bss->trans)
2169 return;
2170 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_UL_REQUEST, (void *)ran_msg);
2171}
2172
2173/* The uplink on a VGCS channel has been established. */
2174void vgcs_uplink_request_cnf(struct vgcs_bss *bss, const struct ran_msg *ran_msg)
2175{
2176 if (!bss->trans)
2177 return;
2178 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_UL_REQUEST_CNF, (void *)ran_msg);
2179}
2180
2181/* Application data received on the uplink of a VGCS channel. */
2182void vgcs_app_data(struct vgcs_bss *bss, const struct ran_msg *ran_msg)
2183{
2184 if (!bss->trans)
2185 return;
2186 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_UL_APP_DATA, (void *)ran_msg);
2187}
2188
2189/* Application data received on the uplink of a VGCS channel. */
2190void vgcs_bss_dtap(struct vgcs_bss *bss, const struct ran_msg *ran_msg)
2191{
2192 if (!bss->trans)
2193 return;
2194 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_BSS_DTAP, (void *)ran_msg);
2195}
2196
2197/* A mobile station releases the uplink on a VGCS channel. */
2198void vgcs_uplink_release_ind(struct vgcs_bss *bss, const struct ran_msg *ran_msg)
2199{
2200 if (!bss->trans)
2201 return;
2202 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_UL_RELEASE, (void *)ran_msg);
2203}
2204
2205/* The BSS gives cell status about VGCS/VBS channel. */
2206void vgcs_vbs_assign_status(struct vgcs_bss_cell *cell, const struct ran_msg *ran_msg)
2207{
2208 if (!cell->bss)
2209 return;
2210}
2211
2212void vgcs_vbs_caller_assign_cpl(struct gsm_trans *trans)
2213{
2214 osmo_fsm_inst_dispatch(trans->gcc.fi, VGCS_GCC_EV_BSS_ASSIGN_CPL, NULL);
2215}
2216
2217void vgcs_vbs_caller_assign_fail(struct gsm_trans *trans)
2218{
2219 osmo_fsm_inst_dispatch(trans->gcc.fi, VGCS_GCC_EV_BSS_ASSIGN_FAIL, NULL);
2220}
2221
2222/* BSS indicated that the channel has been released. */
2223void vgcs_vbs_clear_req(struct vgcs_bss *bss, const struct ran_msg *ran_msg)
2224{
2225 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_CLOSE, (void *)ran_msg);
2226}
2227
2228/* BSS indicated that the channel has been released. */
2229void vgcs_vbs_clear_cpl(struct vgcs_bss *bss, const struct ran_msg *ran_msg)
2230{
2231 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_RELEASED, (void *)ran_msg);
2232}
2233
2234/*
2235 * Cell resource state machine - handles all "resource control" instances
2236 */
2237
2238static const struct value_string vgcs_cell_fsm_event_names[] = {
2239 OSMO_VALUE_STRING(VGCS_CELL_EV_RTP_STREAM_GONE),
2240 OSMO_VALUE_STRING(VGCS_CELL_EV_RTP_STREAM_ADDR_AVAILABLE),
2241 OSMO_VALUE_STRING(VGCS_CELL_EV_RTP_STREAM_ESTABLISHED),
2242 OSMO_VALUE_STRING(VGCS_CELL_EV_ASSIGN),
2243 OSMO_VALUE_STRING(VGCS_CELL_EV_ASSIGN_RES),
2244 OSMO_VALUE_STRING(VGCS_CELL_EV_ASSIGN_FAIL),
2245 OSMO_VALUE_STRING(VGCS_CELL_EV_CLEAR),
2246 OSMO_VALUE_STRING(VGCS_CELL_EV_CLOSE),
2247 OSMO_VALUE_STRING(VGCS_CELL_EV_RELEASED),
2248 { }
2249};
2250
2251static void cell_destroy(struct vgcs_bss_cell *cell);
2252
2253/* Clear the connection towards BSS.
2254 * Relations to the BSS and transaction is removed. */
2255static void cell_clear(struct vgcs_bss_cell *cell, uint8_t cause)
2256{
2257 struct ran_msg ran_msg;
2258
2259 /* Must detach us from BSS. */
2260 if (cell->bss) {
2261 /* Remove pointer to talking channel. */
2262 if (cell->bss->trans && cell->bss->trans->gcc.uplink_cell == cell)
2263 cell->bss->trans->gcc.uplink_cell = NULL;
2264 llist_del(&cell->list_bss);
2265 cell->bss = NULL;
2266 }
2267
2268 /* Change state. */
2269 if (cell->fi->state != VGCS_CELL_ST_RELEASE)
2270 osmo_fsm_inst_state_chg(cell->fi, VGCS_CELL_ST_RELEASE, 0, 0);
2271
2272 /* If there is no event to wait for, we can just destroy. */
2273 if (!cell->conn && !cell->rtps) {
2274 cell_destroy(cell);
2275 return;
2276 }
2277
2278 /* Send Clear Command to BSS. */
2279 if (cell->conn) {
2280 ran_msg = (struct ran_msg){
2281 .msg_type = RAN_MSG_CLEAR_COMMAND,
2282 .clear_command = {
2283 .gsm0808_cause = cause,
2284 },
2285 };
2286 LOG_CELL(cell, LOGL_DEBUG, "Sending CLEAR COMMAND for call controling channel.\n");
2287 ran_encode_and_send(cell->fi, &ran_msg, cell->conn, false);
2288 }
2289
2290 /* Clear RTP stream. This may trigger VGCS_CELL_EV_RTP_STREAM_GONE within this release function. */
2291 if (cell->rtps)
2292 rtp_stream_release(cell->rtps);
2293}
2294
2295/* When finally the BSS connection is released. (CLEAR COMPLETE response)
2296 * Relations to the BSS and transaction is removed, if not already. */
2297static void cell_destroy(struct vgcs_bss_cell *cell)
2298{
2299 struct vgcs_mgw_ep *mgw;
2300
2301 /* close RAN conn */
2302 if (cell->conn) {
2303 cell->conn->vgcs.cell = NULL;
2304 ran_conn_close(cell->conn);
2305 cell->conn = NULL;
2306 }
2307
2308 /* Detach from BSS now. Check, to prevent race condition. */
2309 if (cell->bss) {
2310 /* Remove pointer to talking channel. */
2311 if (cell->bss->trans && cell->bss->trans->gcc.uplink_cell == cell)
2312 cell->bss->trans->gcc.uplink_cell = NULL;
2313 llist_del(&cell->list_bss);
2314 cell->bss = NULL;
2315 }
2316
2317 /* Detach from MGW now. Check, to prevent race condition. */
2318 if (cell->mgw) {
2319 mgw = cell->mgw;
2320 llist_del(&cell->list_mgw);
2321 cell->mgw = NULL;
2322 /* Destroy MGW endpoint, if list is empty. */
2323 if (llist_empty(&mgw->cell_list))
2324 osmo_fsm_inst_dispatch(mgw->fi, VGCS_MGW_EP_EV_CLEAR, NULL);
2325 }
2326
2327 LOG_CELL(cell, LOGL_DEBUG, "Detroy connection to cell.\n");
2328
2329 /* Free FSM. (should be allocated) */
2330 osmo_fsm_inst_state_chg(cell->fi, VGCS_CELL_ST_NULL, 0, 0);
2331 osmo_fsm_inst_term(cell->fi, OSMO_FSM_TERM_REGULAR, NULL);
2332}
2333
2334static void vgcs_cell_fsm_null(struct osmo_fsm_inst *fi, uint32_t event, void *data)
2335{
2336 struct vgcs_bss_cell *cell = fi->priv;
2337 const struct codec_mapping *cm;
2338 int rc;
2339
2340 switch (event) {
2341 case VGCS_CELL_EV_ASSIGN:
2342 LOG_CELL(cell, LOGL_DEBUG, "Received assignment from BSS controling process.\n");
2343 /* Allocate rtps stream. */
2344 cell->rtps = rtp_stream_alloc(cell->fi, VGCS_CELL_EV_RTP_STREAM_GONE,
2345 VGCS_CELL_EV_RTP_STREAM_ADDR_AVAILABLE,
2346 VGCS_CELL_EV_RTP_STREAM_ESTABLISHED, RTP_TO_RAN, cell->call_id,
2347 NULL);
2348 if (!cell->rtps) {
2349 LOG_CELL(cell, LOGL_DEBUG, "Failed to allocate RTP stream, cannot continue.\n");
2350 cell_destroy(cell);
2351 break;
2352 }
2353 /* Hard coded codec: GSM V1 */
2354 cm = codec_mapping_by_gsm0808_speech_codec_type(GSM0808_SCT_FR1);
Andreas Eversberg33a433a2023-07-19 10:01:20 +0200[diff] [blame]2355 if (!cm) {
2356 LOG_CELL(cell, LOGL_DEBUG, "Selected codec not supported, cannot continue.\n");
2357 cell_clear(cell, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC);
2358 break;
2359 }
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]2360 rtp_stream_set_one_codec(cell->rtps, &cm->sdp);
2361 /* Set initial mode. */
2362 rtp_stream_set_mode(cell->rtps, MGCP_CONN_RECV_ONLY);
2363 /* Commit RTP stream. */
Andreas Eversbergd6377602023-07-19 09:46:18 +0200[diff] [blame]2364 if (!cell->bss || !cell->bss->trans) {
2365 LOG_CELL(cell, LOGL_DEBUG, "No BSS/transaction, cannot continue.\n");
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]2366 cell_clear(cell, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC);
2367 break;
2368 }
Andreas Eversbergd6377602023-07-19 09:46:18 +0200[diff] [blame]2369 if (!cell->mgw || !cell->mgw->mgw_ep) {
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]2370 LOG_CELL(cell, LOGL_DEBUG, "No MGW endpoint, cannot continue.\n");
2371 cell_clear(cell, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC);
2372 break;
2373 }
2374 rc = rtp_stream_ensure_ci(cell->rtps, cell->mgw->mgw_ep);
2375 if (rc < 0) {
2376 LOG_CELL(cell, LOGL_DEBUG, "Failed to trigger RTP stream CI.\n");
2377 cell_clear(cell, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC);
2378 break;
2379 }
2380 /* Change state. */
2381 osmo_fsm_inst_state_chg(fi, VGCS_CELL_ST_ASSIGNMENT, 0, 0);
2382 break;
2383 case VGCS_CELL_EV_CLEAR:
2384 /* The calling user process requested clearing of VGCS/VBS call. */
2385 LOG_CELL(cell, LOGL_DEBUG, "Received clearing from BSS controling process.\n");
2386 cell_clear(cell, GSM0808_CAUSE_CALL_CONTROL);
2387 break;
2388 default:
2389 OSMO_ASSERT(false);
2390 }
2391}
2392
2393static void vgcs_cell_fsm_assignment(struct osmo_fsm_inst *fi, uint32_t event, void *data)
2394{
2395 struct vgcs_bss_cell *cell = fi->priv;
2396 struct ran_msg *rx_ran_msg = data;
2397 struct ran_msg tx_ran_msg;
2398 struct osmo_sockaddr_str ss;
2399 const struct codec_mapping *cm;
2400 struct vgcs_bss *bss;
2401 int rc;
2402
2403 switch (event) {
2404 case VGCS_CELL_EV_RTP_STREAM_GONE:
2405 /* The RTP stream failed. */
2406 LOG_CELL(cell, LOGL_ERROR, "RTP stream of MGW failed.\n");
2407 cell->rtps = NULL;
2408 goto channel_fail;
2409 break;
2410 case VGCS_CELL_EV_RTP_STREAM_ADDR_AVAILABLE:
2411 /* The RTP stream sends its peer. */
2412 if (!osmo_sockaddr_str_is_nonzero(&cell->rtps->local)) {
2413 LOG_CELL(cell, LOGL_ERROR, "Invalid RTP address received from MGW: " OSMO_SOCKADDR_STR_FMT "\n",
2414 OSMO_SOCKADDR_STR_FMT_ARGS(&cell->rtps->local));
2415 goto channel_fail;
2416 }
2417 LOG_CELL(cell, LOGL_DEBUG,
2418 "MGW endpoint's RTP address available for the CI %s: " OSMO_SOCKADDR_STR_FMT " (osmux=%s:%d)\n",
2419 rtp_direction_name(cell->rtps->dir), OSMO_SOCKADDR_STR_FMT_ARGS(&cell->rtps->local),
2420 cell->rtps->use_osmux ? "yes" : "no", cell->rtps->local_osmux_cid);
2421 /* Send VGCS/VBS ASSIGNMENT REQUEST to BSS */
2422 LOG_CELL(cell, LOGL_DEBUG, "Sending VGCS/VBS ASSIGNMENT REQUEST towards BSS.\n");
2423 tx_ran_msg = (struct ran_msg) {
2424 .msg_type = RAN_MSG_VGCS_VBS_ASSIGN_REQ,
2425 .vgcs_vbs_assign_req = {
2426 /* For now we support GSM/FR V1 only. This shall be supported by all MS. */
2427 .channel_type = {
2428 .ch_indctr = GSM0808_CHAN_SPEECH,
2429 .ch_rate_type = GSM0808_SPEECH_FULL_BM,
2430 .perm_spch_len = 1,
2431 .perm_spch[0] = GSM0808_PERM_FR1,
2432 },
2433 /* For now we want a channel without any delay. */
2434 .ass_req = GSM0808_ASRQ_IMMEDIATE,
2435 .callref = {
2436 .sf = (cell->trans_type == TRANS_GCC),
2437 },
2438 /* We need to identify the cell only. */
2439 .cell_identifier = {
2440 .id_discr = CELL_IDENT_CI,
2441 .id.ci = cell->cell_id,
2442 },
2443 .aoip_transport_layer_present = true,
2444 .call_id_present = true,
2445 .call_id = cell->call_id,
2446 .codec_list_present = true,
2447 .codec_list_msc_preferred = {
2448 .len = 1,
2449 .codec[0] = {
2450 .fi = 1,
2451 .type = GSM0808_SCT_FR1,
2452 .cfg = 0,
2453 },
2454 },
2455 },
2456 };
2457 osmo_store32be_ext(cell->callref >> 3, &tx_ran_msg.vgcs_vbs_assign_req.callref.call_ref_hi, 3);
2458 tx_ran_msg.vgcs_vbs_assign_req.callref.call_ref_lo = cell->callref & 0x7;
2459 osmo_sockaddr_str_to_sockaddr(&cell->rtps->local, &tx_ran_msg.vgcs_vbs_assign_req.aoip_transport_layer);
2460 /* First message, so we must set "initial" to "true". */
2461 ran_encode_and_send(fi, &tx_ran_msg, cell->conn, true);
2462 break;
2463 case VGCS_CELL_EV_RTP_STREAM_ESTABLISHED:
2464 /* The RTP stream established. */
2465 LOG_CELL(cell, LOGL_DEBUG, "RTP stream is established.\n");
2466 break;
2467 case VGCS_CELL_EV_ASSIGN_RES:
2468 /* Receive VGCS/VBS ASSIGNMENT RESULT from BSS. */
2469 LOG_CELL(cell, LOGL_DEBUG, "Received VGCS/VBS ASSIGNMENT RESULT from BSS.\n");
2470 cell->assigned = true;
2471 if (!rx_ran_msg->vgcs_vbs_assign_res.aoip_transport_layer_present
2472 && !rx_ran_msg->vgcs_vbs_assign_res.codec_present
2473 && !rx_ran_msg->vgcs_vbs_assign_res.call_id_present) {
2474 LOG_CELL(cell, LOGL_ERROR, "Mandatory IEs missing.\n");
2475 goto channel_fail;
2476 }
2477 /* Send remote peer to RTP stream. */
2478 if (osmo_sockaddr_str_from_sockaddr(&ss, &rx_ran_msg->vgcs_vbs_assign_res.aoip_transport_layer)) {
2479 LOG_CELL(cell, LOGL_ERROR, "Cannot RTP-CONNECT, invalid RTP IP:port in incoming MNCC "
2480 "message\n");
2481 goto channel_fail;
2482 }
2483 rtp_stream_set_remote_addr(cell->rtps, &ss);
2484 /* Send remote codec to RTP stream. */
2485 cm = codec_mapping_by_gsm0808_speech_codec_type(rx_ran_msg->vgcs_vbs_assign_res.codec_msc_chosen.type);
2486 if (!cm) {
2487 LOG_CELL(cell, LOGL_ERROR, "Chosen codec by BSC is not supported by MSC.\n");
2488 goto channel_fail;
2489 }
2490 rtp_stream_set_one_codec(cell->rtps, &cm->sdp);
2491 /* Set listening mode. */
2492 rtp_stream_set_mode(cell->rtps, MGCP_CONN_SEND_ONLY);
2493 /* Commit RTP stream. */
2494 rc = rtp_stream_commit(cell->rtps);
2495 if (rc < 0) {
2496 LOG_CELL(cell, LOGL_ERROR, "Failed to commit parameters to RTP stream.\n");
2497 goto channel_fail;
2498 }
2499 /* Change state. */
2500 osmo_fsm_inst_state_chg(fi, VGCS_CELL_ST_ACTIVE, 0, 0);
2501 /* Notify BSS FSM about channel activation. */
2502 if (cell->bss)
2503 osmo_fsm_inst_dispatch(cell->bss->fi, VGCS_BSS_EV_ACTIVE_OR_FAIL, NULL);
2504 break;
2505 case VGCS_CELL_EV_ASSIGN_FAIL:
2506 /* Received VGCS/VBS ASSIGNMENT FAILURE from BSS. */
2507 LOG_CELL(cell, LOGL_NOTICE, "Received VGCS/VBS ASSIGNMENT FAILURE from BSS.\n");
2508channel_fail:
2509 bss = cell->bss;
2510 /* Remove cell. */
2511 tx_ran_msg = (struct ran_msg){
2512 .msg_type = RAN_MSG_CLEAR_COMMAND,
2513 .clear_command = {
2514 .gsm0808_cause = GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC,
2515 },
2516 };
Andreas Eversberg482f0bd2023-07-19 10:10:04 +0200[diff] [blame]2517 ran_encode_and_send(fi, &tx_ran_msg, cell->conn, false);
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]2518 cell_clear(cell, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC);
2519 /* Notify BSS FSM about channel failure. */
2520 if (bss)
2521 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_ACTIVE_OR_FAIL, NULL);
2522 break;
2523 case VGCS_CELL_EV_CLEAR:
2524 /* The calling user process requested clearing of VGCS/VBS call. */
2525 LOG_CELL(cell, LOGL_DEBUG, "Received clearing from BSS controling process.\n");
2526 cell_clear(cell, GSM0808_CAUSE_CALL_CONTROL);
2527 break;
2528 case VGCS_CELL_EV_CLOSE:
2529 /* The SCCP connection from the MSC has been closed. */
2530 LOG_CELL(cell, LOGL_NOTICE, "Received SCCP connecting closing from MSC.\n");
2531 if (cell->conn) {
2532 cell->conn->vgcs.bss = NULL;
2533 cell->conn = NULL;
2534 }
2535 cell_clear(cell, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC);
2536 break;
2537 default:
2538 OSMO_ASSERT(false);
2539 }
2540}
2541
2542static void vgcs_cell_fsm_active(struct osmo_fsm_inst *fi, uint32_t event, void *data)
2543{
2544 struct vgcs_bss_cell *cell = fi->priv;
2545
2546 switch (event) {
2547 case VGCS_CELL_EV_RTP_STREAM_GONE:
2548 /* The RTP stream failed. */
2549 LOG_CELL(cell, LOGL_ERROR, "RTP stream of MGW failed.\n");
2550 cell->rtps = NULL;
2551 cell_clear(cell, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC);
2552 break;
2553 case VGCS_CELL_EV_RTP_STREAM_ESTABLISHED:
2554 /* The RTP stream established. */
2555 LOG_CELL(cell, LOGL_DEBUG, "RTP stream is established.\n");
2556 break;
2557 case VGCS_CELL_EV_CLEAR:
2558 /* The calling user process requested clearing of VGCS/VBS call. */
2559 LOG_CELL(cell, LOGL_DEBUG, "Received clearing from BSS controling process.\n");
2560 cell_clear(cell, GSM0808_CAUSE_CALL_CONTROL);
2561 break;
2562 case VGCS_CELL_EV_CLOSE:
2563 /* The SCCP connection from the MSC has been closed. */
2564 LOG_CELL(cell, LOGL_NOTICE, "Received SCCP connecting closing from MSC.\n");
2565 if (cell->conn) {
2566 cell->conn->vgcs.bss = NULL;
2567 cell->conn = NULL;
2568 }
2569 cell_clear(cell, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC);
2570 break;
2571 default:
2572 OSMO_ASSERT(false);
2573 }
2574}
2575
2576static void vgcs_cell_fsm_release(struct osmo_fsm_inst *fi, uint32_t event, void *data)
2577{
2578 struct vgcs_bss_cell *cell = fi->priv;
2579
2580 switch (event) {
2581 case VGCS_CELL_EV_RTP_STREAM_GONE:
2582 /* The RTP stream gone. */
2583 LOG_CELL(cell, LOGL_ERROR, "RTP stream gone.\n");
2584 cell->rtps = NULL;
2585 /* Wait for RAN conn. */
2586 if (cell->conn)
2587 break;
2588 cell_destroy(cell);
2589 break;
2590 case VGCS_CELL_EV_CLEAR:
2591 case VGCS_CELL_EV_RELEASED:
2592 if (event == VGCS_CELL_EV_CLEAR) {
2593 /* The SCCP connection from the MSC has been closed while waiting for CLEAR COMPLETE. */
2594 LOG_CELL(cell, LOGL_NOTICE, "Received SCCP closing collision.\n");
2595 } else
2596 LOG_CELL(cell, LOGL_DEBUG, "Received CLEAR COMPLETE from BSS, we are done!\n");
2597 /* Wait for RTP stream. */
2598 if (cell->rtps) {
2599 /* close RAN conn */
2600 if (cell->conn) {
2601 cell->conn->vgcs.cell = NULL;
2602 ran_conn_close(cell->conn);
2603 cell->conn = NULL;
2604 }
2605 break;
2606 }
2607 cell_destroy(cell);
2608 break;
2609 default:
2610 OSMO_ASSERT(false);
2611 }
2612}
2613
2614static const struct osmo_fsm_state vgcs_cell_fsm_states[] = {
2615 [VGCS_CELL_ST_NULL] = {
2616 .name = "NULL",
2617 .in_event_mask = S(VGCS_CELL_EV_ASSIGN) |
2618 S(VGCS_CELL_EV_CLEAR),
2619 .out_state_mask = S(VGCS_CELL_ST_ASSIGNMENT),
2620 .action = vgcs_cell_fsm_null,
2621 },
2622 [VGCS_CELL_ST_ASSIGNMENT] = {
2623 .name = "ASSIGNMENT Sent",
2624 .in_event_mask = S(VGCS_CELL_EV_RTP_STREAM_GONE) |
2625 S(VGCS_CELL_EV_RTP_STREAM_ADDR_AVAILABLE) |
2626 S(VGCS_CELL_EV_RTP_STREAM_ESTABLISHED) |
2627 S(VGCS_CELL_EV_ASSIGN_RES) |
2628 S(VGCS_CELL_EV_ASSIGN_FAIL) |
2629 S(VGCS_CELL_EV_CLEAR) |
2630 S(VGCS_CELL_EV_CLOSE),
2631 .out_state_mask = S(VGCS_CELL_ST_ACTIVE) |
2632 S(VGCS_CELL_ST_RELEASE),
2633 .action = vgcs_cell_fsm_assignment,
2634 },
2635 [VGCS_CELL_ST_ACTIVE] = {
2636 .name = "VGCS/VBS channel active",
2637 .in_event_mask = S(VGCS_CELL_EV_RTP_STREAM_GONE) |
2638 S(VGCS_CELL_EV_RTP_STREAM_ESTABLISHED) |
2639 S(VGCS_CELL_EV_CLEAR) |
2640 S(VGCS_CELL_EV_CLOSE),
2641 .out_state_mask = S(VGCS_CELL_ST_RELEASE),
2642 .action = vgcs_cell_fsm_active,
2643 },
2644 [VGCS_CELL_ST_RELEASE] = {
2645 .name = "Releasing VGCS/VBS channel",
2646 .in_event_mask = S(VGCS_CELL_EV_RTP_STREAM_GONE) |
2647 S(VGCS_CELL_EV_CLEAR) |
2648 S(VGCS_CELL_EV_RELEASED),
2649 .out_state_mask = S(VGCS_CELL_ST_NULL),
2650 .action = vgcs_cell_fsm_release,
2651 },
2652};
2653
2654static struct osmo_fsm vgcs_cell_fsm = {
2655 .name = "vgcs_cell",
2656 .states = vgcs_cell_fsm_states,
2657 .num_states = ARRAY_SIZE(vgcs_cell_fsm_states),
2658 .log_subsys = DASCI,
2659 .event_names = vgcs_cell_fsm_event_names,
2660};
2661
2662/* The BSS accepts VGCS/VBS channel assignment. */
2663void vgcs_vbs_assign_result(struct vgcs_bss_cell *cell, const struct ran_msg *ran_msg)
2664{
2665 osmo_fsm_inst_dispatch(cell->fi, VGCS_CELL_EV_ASSIGN_RES, (void *)ran_msg);
2666}
2667
2668/* The BSS refuses VGCS/VBS channel assignment. */
2669void vgcs_vbs_assign_fail(struct vgcs_bss_cell *cell, const struct ran_msg *ran_msg)
2670{
2671 osmo_fsm_inst_dispatch(cell->fi, VGCS_CELL_EV_ASSIGN_FAIL, (void *)ran_msg);
2672}
2673
2674/* BSS indicated that the channel has been released. */
2675void vgcs_vbs_clear_req_channel(struct vgcs_bss_cell *cell, const struct ran_msg *ran_msg)
2676{
2677 LOG_CELL(cell, LOGL_DEBUG, "Received CLEAR REQUEST for resource controling channel from BSS.\n");
2678 osmo_fsm_inst_dispatch(cell->fi, VGCS_CELL_EV_CLOSE, (void *)ran_msg);
2679}
2680
2681/* BSS confirms the release of channel. */
2682void vgcs_vbs_clear_cpl_channel(struct vgcs_bss_cell *cell, const struct ran_msg *ran_msg)
2683{
2684 LOG_CELL(cell, LOGL_DEBUG, "Received CLEAR COMPLETE for resource controling channel from BSS.\n");
2685 osmo_fsm_inst_dispatch(cell->fi, VGCS_CELL_EV_RELEASED, (void *)ran_msg);
2686}
2687
2688/*
2689 * MGW endpoint FSM
2690 */
2691
2692static const struct value_string vgcs_mgw_ep_fsm_event_names[] = {
2693 OSMO_VALUE_STRING(VGCS_MGW_EP_EV_FREE),
2694 OSMO_VALUE_STRING(VGCS_MGW_EP_EV_CLEAR),
2695 { }
2696};
2697
2698static void vgcs_mgw_ep_fsm_active(struct osmo_fsm_inst *fi, uint32_t event, void *data)
2699{
2700 struct vgcs_mgw_ep *mgw = fi->priv;
2701 struct vgcs_bss_cell *cell, *cell2;
2702 struct mgcp_client *mgcp_client;
2703
2704 switch (event) {
2705 case VGCS_MGW_EP_EV_FREE:
2706 LOGP(DASCI, LOGL_DEBUG, "MGW connection closed, removing all cell instances.\n");
2707 llist_for_each_entry_safe(cell, cell2, &mgw->cell_list, list_mgw) {
2708 if (cell->rtps)
2709 cell->rtps->ci = NULL;
2710 llist_del(&cell->list_mgw);
2711 cell->mgw = NULL;
2712 }
2713 /* Put MGCP client back into MGW pool. */
2714 mgcp_client = osmo_mgcpc_ep_client(mgw->mgw_ep);
2715 mgcp_client_pool_put(mgcp_client);
2716 /* Destroy this instance. */
2717 osmo_fsm_inst_term_children(fi, OSMO_FSM_TERM_PARENT, NULL);
2718 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, NULL);
2719 break;
2720 case VGCS_MGW_EP_EV_CLEAR:
2721 if (!llist_empty(&mgw->cell_list))
2722 break;
2723 LOGP(DASCI, LOGL_DEBUG, "Cell list of MGW instance is now empty, dropping.\n");
2724 /* Destroy this instance. */
2725 osmo_fsm_inst_term_children(fi, OSMO_FSM_TERM_PARENT, NULL);
2726 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, NULL);
2727 break;
2728 default:
2729 OSMO_ASSERT(false);
2730 }
2731}
2732
2733static const struct osmo_fsm_state vgcs_mgw_ep_fsm_states[] = {
2734 [VGCS_MGW_EP_ST_NULL] = {
2735 .name = "NULL",
2736 .out_state_mask = S(VGCS_MGW_EP_ST_ACTIVE),
2737 },
2738 [VGCS_MGW_EP_ST_ACTIVE] = {
2739 .name = "MGW endpoint allocated",
2740 .in_event_mask = S(VGCS_MGW_EP_EV_FREE) |
2741 S(VGCS_MGW_EP_EV_CLEAR),
2742 .out_state_mask = S(VGCS_MGW_EP_ST_NULL),
2743 .action = vgcs_mgw_ep_fsm_active,
2744 },
2745};
2746
2747static struct osmo_fsm vgcs_mgw_ep_fsm = {
2748 .name = "vgcs_mgw_ep",
2749 .states = vgcs_mgw_ep_fsm_states,
2750 .num_states = ARRAY_SIZE(vgcs_mgw_ep_fsm_states),
2751 .log_subsys = DASCI,
2752 .event_names = vgcs_mgw_ep_fsm_event_names,
2753};