Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-msc / d63776051ebd5962f5e4e651ec282195956eb22e / . / src / libmsc / msc_vgcs.c
blob: c6f5e1653f744acdf932163d3239962c7964cbdd [file] [log] [blame]
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]1/* Handle VGCS/VBCS calls. (Voice Group/Broadcast Call Service). */
2/*
3 * (C) 2023 by sysmocom - s.f.m.c. GmbH <info@sysmocom.de>
4 * All Rights Reserved
5 *
6 * SPDX-License-Identifier: AGPL-3.0+
7 *
8 * Author: Andreas Eversberg
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU Affero General Public License as published by
12 * the Free Software Foundation; either version 3 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU Affero General Public License for more details.
19 *
20 * You should have received a copy of the GNU Affero General Public License
21 * along with this program. If not, see <http://www.gnu.org/licenses/>.
22 */
23
24/* The process consists of four state machines:
25 *
26 * The call control state machine "GCC" handles the voice group/broadcast call.
27 * There is one instance for every call. It is mainly controlled by the calling
28 * subscriber. The state machine is described in 3GPP TS 44.068 / 44.069.
29 * One SCCP connection to the calling subscriber is associated with the state
30 * machine. Once the calling subscriber leaves or is assigned to the VGCS/VBS
31 * channel, the association to the MSC-A role is removed and the SCCP connection
32 * is closed. The state machine with the transaction still exists until the end
33 * of the call.
34 *
35 * The BSS control state machine "vgcs_bss_fsm" handles the call in each BSC.
36 * There are as many instances as there are BSCs where the call is placed to.
37 * The instances are linked to the call control in a 1:n relation.
38 * One SCCP connection for every BSC is associated with the state machine.
39 * It sets up the call in the BSC and handles the uplink control and signaling
40 * with the talking phone.
41 *
42 * The resource controling state machine "vgcs_cell_fsm" handles the channel for
43 * each BTS that has a VGCS for the call. The instances are linked to the BSS
44 * control in a 1:n relation.
45 * One SCCP connection for every cell is associated with each list entry.
46 * It assigns the VGCS/VBS channel and the conference bridge in the MGW.
47 *
48 * The MGW endpoint state machine "vgcs_mgw_ep_fsm" handles the endpoint
49 * connection for each call. It controls the clearing of the MGW connections
50 * in case of endpoint failure. All instances of the resource controlling state
51 * machine are linked to this state machine in a 1:n relation.
52 *
53 * Setup of a call:
54 *
55 * When the calling subscriber dials a group/broadcast call, the GCR is checked
56 * for an existing Group ID. If it exists, the call is setup towards the a given
57 * list of MSCs for this Group ID. Also the channels are assigned for a given
58 * list of cells for this Group ID.
59 * The call can also be initiated via VTY.
60 *
61 * Then the calling subscriber is assigned to the VGCS channel of the same cell
62 * where the call was initialized. Afterwards the call is connected. The calling
63 * subscriber may then stay on the uplink or release it.
64 *
65 * Uplink control:
66 *
67 * Any BSC may indicate a talking subscriber. If there is no talking subscriber
68 * yet, the uplink is granted, otherwise it is rejected. If the uplink is in
69 * use on one BSC, all other BSCs will be blocked. If the uplink becomes free,
70 * all other BSCs will be unblocked.
71 *
72 * Termination of the call:
73 *
74 * The calling subscriber accesses the uplink. The it sends a termination
75 * request. This request is acknowledged by a termination command towards
76 * the calling subscriber. The call is cleared.
77 * The call can also be terminated via VTY and/or a timeout.
78 *
79 */
80
81#include <osmocom/core/utils.h>
82#include <osmocom/core/fsm.h>
83#include <osmocom/gsm/protocol/gsm_44_068.h>
84#include <osmocom/sigtran/sccp_helpers.h>
85#include <osmocom/mgcp_client/mgcp_client_endpoint_fsm.h>
86
87#include <osmocom/msc/gsm_data.h>
88#include <osmocom/msc/sccp_ran.h>
89#include <osmocom/msc/ran_infra.h>
90#include <osmocom/msc/ran_peer.h>
91#include <osmocom/msc/ran_msg_a.h>
92#include <osmocom/msc/msub.h>
93#include <osmocom/msc/debug.h>
94#include <osmocom/msc/msc_a.h>
95#include <osmocom/msc/vlr.h>
96#include <osmocom/msc/rtp_stream.h>
97#include <osmocom/msc/codec_mapping.h>
98#include <osmocom/msc/msc_vgcs.h>
99#include <osmocom/msc/asci_gcr.h>
100
101#define S(x) (1 << (x))
102
103#define LOG_GCC(trans, level, fmt, args...) \
104 LOGP((trans) ? ((trans->type == TRANS_GCC) ? DGCC : DBCC) : DASCI, level, \
105 (trans) ? ((trans->type == TRANS_GCC) ? ("GCC callref %s: " fmt) : ("BCC callref %s: " fmt)) : "%s" fmt, \
106 (trans) ? gsm44068_group_id_string(trans->callref) : "", ##args)
107#define LOG_BSS(bss, level, fmt, args...) \
108 LOGP(DASCI, level, \
109 (bss->trans_type == TRANS_GCC) ? ("GCC callref %s, BSS #%s: " fmt) : ("BCC callref %s, BSS #%s: " fmt), \
110 gsm44068_group_id_string(bss->callref), osmo_ss7_pointcode_print(NULL, bss->pc), ##args)
111#define LOG_CELL(cell, level, fmt, args...) \
112 LOGP(DASCI, level, \
113 (cell->trans_type == TRANS_GCC) ? ("GCC callref %s, BSS #%s, CID %d: " fmt) \
114 : ("BCC callref %s, BSS #%s, CID %d: " fmt), \
115 gsm44068_group_id_string(cell->callref), osmo_ss7_pointcode_print(NULL, cell->pc), cell->cell_id, ##args)
116
117static struct osmo_fsm vgcs_bcc_fsm;
118static struct osmo_fsm vgcs_gcc_fsm;
119static struct osmo_fsm vgcs_bss_fsm;
120static struct osmo_fsm vgcs_cell_fsm;
121static struct osmo_fsm vgcs_mgw_ep_fsm;
122
123static __attribute__((constructor)) void vgcs_fsm_init(void)
124{
125 OSMO_ASSERT(osmo_fsm_register(&vgcs_bcc_fsm) == 0);
126 OSMO_ASSERT(osmo_fsm_register(&vgcs_gcc_fsm) == 0);
127 OSMO_ASSERT(osmo_fsm_register(&vgcs_bss_fsm) == 0);
128 OSMO_ASSERT(osmo_fsm_register(&vgcs_cell_fsm) == 0);
129 OSMO_ASSERT(osmo_fsm_register(&vgcs_mgw_ep_fsm) == 0);
130}
131
132const char *gsm44068_group_id_string(uint32_t callref)
133{
134 static char string[9];
135
136 snprintf(string, sizeof(string), "%08u", callref);
137 string[sizeof(string) - 1] = '\0';
138
139 return string;
140}
141
142/* Resolve ran peer from point-code */
143static struct ran_peer *ran_peer_for_pc(struct gsm_network *msc_network, int pc)
144{
145 struct sccp_ran_inst *sri;
146 struct osmo_sccp_addr addr = {};
147 struct ran_peer *rp;
148
149 sri = msc_network->a.sri;
150 if (!osmo_sccp_get_ss7(sri->sccp)) {
151 LOGP(DASCI, LOGL_ERROR, "No SS7???\n");
152 return NULL;
153 }
154 osmo_sccp_make_addr_pc_ssn(&addr, pc, sri->ran->ssn);
155 rp = ran_peer_find_by_addr(sri, &addr);
156
157 return rp;
158}
159
160/* Encode message and send towards BSC. */
161int ran_encode_and_send(struct osmo_fsm_inst *fi, struct ran_msg *ran_msg, struct ran_conn *conn, bool initial)
162{
163 struct msgb *l3_msg;
164 int rc;
165
166 l3_msg = ran_a_encode(fi, ran_msg);
167 if (!l3_msg) {
168 LOGP(DASCI, LOGL_ERROR, "ran_a_encode() failed.\n");
169 return -EINVAL;
170 }
171 rc = ran_conn_down_l2_co(conn, l3_msg, initial);
172 msgb_free(l3_msg);
173
174 return rc;
175}
176
177/* Transmit DTAP message to talker
178 * This is used for sending group/broadcast call control messages. */
179int tx_dtap_to_talker(struct vgcs_bss *bss, struct msgb *l3_msg)
180{
181 struct ran_msg ran_msg;
182 struct gsm48_hdr *gh = msgb_l3(l3_msg) ? : l3_msg->data;
183 uint8_t pdisc = gsm48_hdr_pdisc(gh);
184 int rc;
185
186
187 LOG_BSS(bss, LOGL_DEBUG, "Sending DTAP: %s %s\n",
188 gsm48_pdisc_name(pdisc), gsm48_pdisc_msgtype_name(pdisc, gsm48_hdr_msg_type(gh)));
189
190 ran_msg = (struct ran_msg){
191 .msg_type = RAN_MSG_DTAP,
192 .dtap = l3_msg,
193 };
194
195 rc = ran_encode_and_send(bss->fi, &ran_msg, bss->conn, false);
196
197 return rc;
198}
199
200/*
201 * GCC/BCC Message transcoding
202 */
203
204static void _add_cause_ie(struct msgb *msg, uint8_t cause, uint8_t *diag, uint8_t diag_len)
205{
206 uint8_t *ie = msgb_put(msg, 2 + diag_len);
207
208 ie[0] = 1 + diag_len;
209 ie[1] = cause;
210 if (diag && diag_len) {
211 ie[1] |= 0x80;
212 memcpy(ie + 2, diag, diag_len);
213 }
214}
215
216static void _add_callref_ie(struct msgb *msg, uint32_t callref, bool with_prio, uint8_t prio)
217{
218 uint32_t ie;
219
220 ie = callref << 5;
221 if (with_prio)
222 ie |= 0x10 | (prio << 1);
223 msgb_put_u32(msg, ie);
224}
225
226static int _msg_too_short(void)
227{
228 LOGP(DASCI, LOGL_ERROR, "MSG too short.\n");
229 return -EINVAL;
230}
231
232static int _ie_invalid(void)
233{
234 LOGP(DASCI, LOGL_ERROR, "IE invalid.\n");
235 return -EINVAL;
236}
237
238static int _rx_callref(uint8_t *ie, unsigned int remaining_len, uint32_t *callref, bool *with_prio, uint8_t *prio)
239{
240 uint8_t ie_len;
241
242 ie_len = sizeof(uint32_t);
243 if (remaining_len < ie_len)
244 return _msg_too_short();
245 *callref = osmo_load32be(ie) >> 5;
246 if (ie[3] & 0x10) {
247 *with_prio = true;
248 *prio = (ie[3] >> 1) & 0x7;
249 } else
250 *with_prio = false;
251
252 return ie_len;
253}
254
255/* 3GPP TS 44.068 Clause 8.1 */
256static int gsm44068_tx_connect(struct gsm_trans *trans, uint8_t pdisc, uint32_t callref, bool with_prio, uint8_t prio,
257 uint8_t oi, uint8_t talker_prio, bool with_sms, uint8_t sms_dc, uint8_t sms_gp)
258{
259 struct msgb *msg = gsm44068_msgb_alloc_name("GSM 44.068 TX CONNECT");
260 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
261 uint8_t ie;
262
263 gh->proto_discr = pdisc;
264 gh->msg_type = OSMO_GSM44068_MSGT_CONNECT;
265 _add_callref_ie(msg, callref, with_prio, prio);
266 ie = (talker_prio << 4) | oi;
267 msgb_put_u8(msg, ie);
268 if (with_sms) {
269 ie = OSMO_GSM44068_IEI_SMS_INDICATIONS | (sms_dc << 1) | sms_gp;
270 msgb_put_u8(msg, ie);
271 }
272
273 /* Send to calling subscriber, depending on the link he is. */
274 if (trans->msc_a)
275 return msc_a_tx_dtap_to_i(trans->msc_a, msg);
276 if (trans->gcc.uplink_bss)
277 return tx_dtap_to_talker(trans->gcc.uplink_bss, msg);
278 msgb_free(msg);
279 return -EIO;
280}
281
282/* The Get Status procedure is not used by the current implementation.
283 * It is commented out, so it can be used in the future.
284 * The idea is to have a complete set of GCC/BCC message transcoding.
285 */
286#if 0
287/* 3GPP TS 44.068 Clause 8.2 */
288static int gsm44068_tx_get_status(struct gsm_trans *trans, uint8_t pdisc, struct osmo_mobile_identity *mi)
289{
290 struct msgb *msg = gsm44068_msgb_alloc_name("GSM 44.068 TX GET STATUS");
291 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
292
293 gh->proto_discr = pdisc;
294 gh->msg_type = OSMO_GSM44068_MSGT_GET_STATUS;
295 if (mi) {
296 uint8_t *l;
297 int rc;
298
299 l = msgb_tl_put(msg, OSMO_GSM44068_IEI_MOBILE_IDENTITY);
300 rc = osmo_mobile_identity_encode_msgb(msg, mi, false);
301 if (rc < 0) {
302 msgb_free(msg);
303 return -EINVAL;
304 }
305 *l = rc;
306 }
307
308 /* Send to calling subscriber, depending on the link he is. */
309 if (trans->msc_a)
310 return msc_a_tx_dtap_to_i(trans->msc_a, msg);
311 if (trans->gcc.uplink_bss)
312 return tx_dtap_to_talker(trans->gcc.uplink_bss, msg);
313 msgb_free(msg);
314 return -EIO;
315}
316#endif
317
318/* 3GPP TS 44.068 Clause 8.3 and 8.3a */
319static int gsm44068_rx_immediate_setup(struct msgb *msg, uint8_t *talker_prio, uint8_t *key_seq,
320 struct gsm48_classmark2 *cm2, struct osmo_mobile_identity *mi,
321 uint32_t *callref, bool *with_prio, uint8_t *prio, char *user_user)
322{
323 struct gsm48_hdr *gh = msgb_l3(msg);
324 unsigned int remaining_len = msgb_l3len(msg) - sizeof(*gh);
325 uint8_t *ie = gh->data;
326 uint8_t ie_len;
327 uint64_t otdi;
328 int i;
329 int rc;
330
331 /* Talker priority / Cyphering key sequence */
332 if (remaining_len < 1)
333 return _msg_too_short();
334 *talker_prio = ie[0] & 0x07;
335 *key_seq = (ie[0] >> 4) & 0x07;
336 remaining_len -= 1;
337 ie += 1;
338
339 /* Mobile station classmark 2 */
340 if (remaining_len < 4)
341 return _msg_too_short();
342 ie_len = ie[0];
343 if (remaining_len < ie_len + 1)
344 return _msg_too_short();
345 if (ie_len != 3)
346 return _ie_invalid();
347 memcpy(cm2, ie + 1, ie_len);
348 remaining_len -= ie_len + 1;
349 ie += ie_len + 1;
350
351 /* Mobile indentity */
352 if (gh->msg_type == OSMO_GSM44068_MSGT_IMMEDIATE_SETUP) {
353 /* IMMEDIATE SETUP uses IMSI/TMSI */
354 if (remaining_len < 2)
355 return _msg_too_short();
356 ie_len = ie[0];
357 if (remaining_len < ie_len + 1)
358 return _msg_too_short();
359 rc = osmo_mobile_identity_decode(mi, ie + 1, ie_len, false);
360 if (rc) {
361 LOGP(DMM, LOGL_ERROR, "Failure to decode Mobile Identity in GCC/BCC IMMEDDIATE SETUP"
362 " (rc=%d)\n", rc);
363 return -EINVAL;
364 }
365 remaining_len -= ie_len + 1;
366 ie += ie_len + 1;
367 } else {
368 /* IMMEDIATE SETUP 2 uses TMSI only */
369 if (remaining_len < 4)
370 return _msg_too_short();
371 mi->type = GSM_MI_TYPE_TMSI;
372 mi->tmsi = osmo_load32be(ie);
373 remaining_len -= 4;
374 ie += 4;
375 }
376
377 /* Call reference */
378 rc = _rx_callref(ie, remaining_len, callref, with_prio, prio);
379 if (rc < 0)
380 return rc;
381 remaining_len -= rc;
382 ie += rc;
383
384 /* OTID */
385 if (gh->msg_type == OSMO_GSM44068_MSGT_IMMEDIATE_SETUP_2 && user_user) {
386 ie_len = 5;
387 if (remaining_len < ie_len)
388 return _msg_too_short();
389 otdi = osmo_load32be(ie + 1) | ((uint64_t)ie[0] << 32);
390
391 for (i = 0; i < 12; i++) {
392 user_user[i] = (otdi % 10) + '0';
393 otdi /= 10;
394 }
395 user_user[i] = '\0';
396 remaining_len -= ie_len;
397 ie += ie_len;
398 } else if (user_user)
399 user_user[0] = '\0';
400
401 return 0;
402}
403
404/* 3GPP TS 44.068 Clause 8.4 */
405static int gsm44068_tx_set_parameter(struct gsm_trans *trans, uint8_t pdisc, uint8_t da, uint8_t ua, uint8_t comm,
406 uint8_t oi)
407{
408 struct msgb *msg = gsm44068_msgb_alloc_name("GSM 44.068 TX SET PARAMETER");
409 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
410 uint8_t ie;
411
412 gh->proto_discr = pdisc;
413 gh->msg_type = OSMO_GSM44068_MSGT_SET_PARAMETER;
414 ie = (da << 3) | (ua << 2) | (comm << 1) | oi;
415 msgb_put_u8(msg, ie);
416
417 /* Send to calling subscriber, depending on the link he is. */
418 if (trans->msc_a)
419 return msc_a_tx_dtap_to_i(trans->msc_a, msg);
420 if (trans->gcc.uplink_bss)
421 return tx_dtap_to_talker(trans->gcc.uplink_bss, msg);
422 msgb_free(msg);
423 return -EIO;
424}
425
426/* 3GPP TS 44.068 Clause 8.5 */
427static int gsm44068_rx_setup(struct msgb *msg, bool *with_talker_prio, uint8_t *talker_prio,
428 uint32_t *callref, bool *with_prio, uint8_t *prio, char *user_user)
429{
430 struct gsm48_hdr *gh = msgb_l3(msg);
431 unsigned int remaining_len = msgb_l3len(msg) - sizeof(*gh);
432 uint8_t *ie = gh->data;
433 struct tlv_parsed tp;
434 struct tlv_p_entry *tlv;
435 int rc;
436
437 /* Call reference */
438 rc = _rx_callref(ie, remaining_len, callref, with_prio, prio);
439 if (rc < 0)
440 return rc;
441 remaining_len -= rc;
442 ie += rc;
443
444 rc = tlv_parse(&tp, &osmo_gsm44068_att_tlvdef, ie, remaining_len, 0, 0);
445 if (rc < 0)
446 return _ie_invalid();
447
448 /* User-user */
449 tlv = TLVP_GET(&tp, OSMO_GSM44068_IEI_USER_USER);
450 if (tlv && tlv->len && tlv->len <= 1 + 12 && user_user) {
451 memcpy(user_user, tlv->val, tlv->len - 1);
452 user_user[tlv->len - 1] = '\0';
453 }
454
455 /* Talker priority */
456 tlv = TLVP_GET(&tp, OSMO_GSM44068_IEI_TALKER_PRIORITY);
457 if (tlv && tlv->len) {
458 *with_talker_prio = true;
459 *talker_prio = tlv->val[0] & 0x07;
460 } else
461 *with_talker_prio = false;
462
463 return 0;
464}
465
466/* 3GPP TS 44.068 Clause 8.6 */
467static int gsm44068_rx_status(struct msgb *msg, uint8_t *cause, uint8_t *diag, uint8_t *diag_len,
468 bool *with_call_state, enum osmo_gsm44068_call_state *call_state,
469 bool *with_state_attrs, uint8_t *da, uint8_t *ua, uint8_t *comm, uint8_t *oi)
470{
471 struct gsm48_hdr *gh = msgb_l3(msg);
472 unsigned int remaining_len = msgb_l3len(msg) - sizeof(*gh);
473 uint8_t *ie = gh->data;
474 uint8_t ie_len;
475 struct tlv_parsed tp;
476 struct tlv_p_entry *tlv;
477 int rc;
478
479 /* Cause */
480 if (remaining_len < 2 || ie[0] < remaining_len - 2)
481 return _msg_too_short();
482 ie_len = ie[0];
483 if (remaining_len < ie_len + 1)
484 return _msg_too_short();
485 if (ie_len < 1)
486 return _ie_invalid();
487 *cause = ie[1] & 0x7f;
488 *diag_len = ie_len - 1;
489 if (*diag_len)
490 memcpy(diag, ie + 2, ie_len - 1);
491 remaining_len -= ie_len + 1;
492 ie += ie_len + 1;
493
494 rc = tlv_parse(&tp, &osmo_gsm44068_att_tlvdef, ie, remaining_len, 0, 0);
495 if (rc < 0)
496 return _ie_invalid();
497
498 /* Call state */
499 tlv = TLVP_GET(&tp, OSMO_GSM44068_IEI_CALL_STATE);
500 if (tlv) {
501 *with_call_state = true;
502 *call_state = tlv->val[0] & 0x7;
503 } else
504 *with_call_state = false;
505
506 /* State attributes */
507 tlv = TLVP_GET(&tp, OSMO_GSM44068_IEI_STATE_ATTRIBUTES);
508 if (tlv) {
509 *with_state_attrs = true;
510 *da = (tlv->val[0] >> 3) & 0x1;
511 *ua = (tlv->val[0] >> 2) & 0x1;
512 *comm = (tlv->val[0] >> 1) & 0x1;
513 *oi = tlv->val[0] & 0x1;
514 } else
515 *with_state_attrs = false;
516
517 return 0;
518}
519
520/* 3GPP TS 44.068 Clause 8.7 and 8.8 */
521static int gsm44068_tx_termination(struct msc_a *msc_a, struct vgcs_bss *bss, uint8_t pdisc, uint8_t msg_type,
522 uint8_t cause, uint8_t *diag, uint8_t diag_len)
523{
524 struct msgb *msg = gsm44068_msgb_alloc_name("GSM 44.068 TX TERMINATION");
525 struct gsm48_hdr *gh = (struct gsm48_hdr *) msgb_put(msg, sizeof(*gh));
526
527 gh->proto_discr = pdisc;
528 gh->msg_type = msg_type;
529 _add_cause_ie(msg, cause, diag, diag_len);
530
531 /* Send to calling subscriber, depending on the link he is. */
532 if (msc_a)
533 return msc_a_tx_dtap_to_i(msc_a, msg);
534 if (bss)
535 return tx_dtap_to_talker(bss, msg);
536 msgb_free(msg);
537 return -EIO;
538}
539
540/* 3GPP TS 44.068 Clause 8.9 */
541static int gsm44068_rx_termination_req(struct msgb *msg, uint32_t *callref, bool *with_prio, uint8_t *prio,
542 bool *with_talker_prio, uint8_t *talker_prio)
543{
544 struct gsm48_hdr *gh = msgb_l3(msg);
545 unsigned int remaining_len = msgb_l3len(msg) - sizeof(*gh);
546 uint8_t *ie = gh->data;
547 struct tlv_parsed tp;
548 struct tlv_p_entry *tlv;
549 int rc;
550
551 /* Call reference */
552 rc = _rx_callref(ie, remaining_len, callref, with_prio, prio);
553 if (rc < 0)
554 return rc;
555 remaining_len -= rc;
556 ie += rc;
557
558 rc = tlv_parse(&tp, &osmo_gsm44068_att_tlvdef, ie, remaining_len, 0, 0);
559 if (rc < 0)
560 return _ie_invalid();
561
562 /* Talker priority */
563 tlv = TLVP_GET(&tp, OSMO_GSM44068_IEI_TALKER_PRIORITY);
564 if (tlv && tlv->len) {
565 *with_talker_prio = true;
566 *talker_prio = tlv->val[0] & 0x07;
567 } else
568 *with_talker_prio = false;
569
570 return 0;
571}
572
573/*
574 * GCC/BCC state machine - handles calling subscriber process
575 */
576
577static const struct value_string vgcs_gcc_fsm_event_names[] = {
578 OSMO_VALUE_STRING(VGCS_GCC_EV_NET_SETUP),
579 OSMO_VALUE_STRING(VGCS_GCC_EV_NET_TERM),
580 OSMO_VALUE_STRING(VGCS_GCC_EV_USER_SETUP),
581 OSMO_VALUE_STRING(VGCS_GCC_EV_USER_TERM),
582 OSMO_VALUE_STRING(VGCS_GCC_EV_BSS_ESTABLISHED),
583 OSMO_VALUE_STRING(VGCS_GCC_EV_BSS_ASSIGN_CPL),
584 OSMO_VALUE_STRING(VGCS_GCC_EV_BSS_ASSIGN_FAIL),
585 OSMO_VALUE_STRING(VGCS_GCC_EV_BSS_RELEASED),
586 OSMO_VALUE_STRING(VGCS_GCC_EV_TIMEOUT),
587 { }
588};
589
590static int gcc_establish_bss(struct gsm_trans *trans)
591{
592 struct gsm_network *net = trans->net;
593 struct vgcs_mgw_ep *mgw = NULL;
594 struct mgcp_client *mgcp_client;
595 struct gcr *gcr;
596 struct gcr_bss *b;
597 struct gcr_cell *c;
598 struct vgcs_bss *bss;
599 struct vgcs_bss_cell *cell;
600 struct osmo_fsm_inst *fi;
601 struct ran_peer *rp;
602
603 /* Failure should not happen, because it has been checked before. */
604 gcr = gcr_by_callref(trans->net, trans->type, trans->callref);
605 if (!gcr)
606 return -EINVAL;
607
608 /* Allocate MGW endpoint. */
609 mgcp_client = mgcp_client_pool_get(trans->net->mgw.mgw_pool);
610 if (!mgcp_client) {
611 LOG_GCC(trans, LOGL_ERROR, "No MGW client, please check config.\n");
612 goto err_mgw;
613 }
614 fi = osmo_fsm_inst_alloc(&vgcs_mgw_ep_fsm, net, NULL, LOGL_DEBUG, NULL);
615 if (!fi) {
616 LOG_GCC(trans, LOGL_ERROR, "No memory for VGCS MSG state machine.\n");
617 goto err_mgw;
618 }
619 osmo_fsm_inst_update_id(fi, "vgcs-mgw-ep");
620 osmo_fsm_inst_state_chg(fi, VGCS_MGW_EP_ST_ACTIVE, 0, 0);
621 mgw = talloc_zero(fi, struct vgcs_mgw_ep);
622 if (!mgw) {
623 LOG_GCC(trans, LOGL_ERROR, "No memory for MGW ep structure.\n");
624 osmo_fsm_inst_free(fi);
625 goto err_mgw;
626 }
627 mgw->fi = fi;
628 fi->priv = mgw;
629 INIT_LLIST_HEAD(&mgw->cell_list);
630 mgw->mgw_ep = osmo_mgcpc_ep_alloc(mgw->fi, VGCS_MGW_EP_EV_FREE,
631 mgcp_client, trans->net->mgw.tdefs, mgw->fi->id,
632 "%s", mgcp_client_rtpbridge_wildcard(mgcp_client));
633 if (!mgw->mgw_ep) {
634 LOG_GCC(trans, LOGL_ERROR, "No memory for MGW endpoint state machine.\n");
635 goto err_mgw;
636 }
637
638 /* Create BSS list structures. */
639 llist_for_each_entry(b, &gcr->bss_list, list) {
640 LOG_GCC(trans, LOGL_DEBUG, " -> BSS with PC %s.\n", osmo_ss7_pointcode_print(NULL, b->pc));
641 /* Resolve ran_peer. */
642 rp = ran_peer_for_pc(trans->net, b->pc);
643 if (!rp) {
644 LOG_GCC(trans, LOGL_ERROR, "Failed to resolve point code %s, skipping BSS!\n",
645 osmo_ss7_pointcode_print(NULL, b->pc));
646 continue;
647 }
648 /* Create state machine. */
649 fi = osmo_fsm_inst_alloc(&vgcs_bss_fsm, net, NULL, LOGL_DEBUG, NULL);
650 if (!fi) {
651 LOG_GCC(trans, LOGL_ERROR, "No memory for state machine.\n");
652 break;
653 }
654 /* Create call structure. */
655 bss = talloc_zero(fi, struct vgcs_bss);
656 if (!bss) {
657 LOG_GCC(trans, LOGL_ERROR, "No memory for BSS call structure.\n");
658 osmo_fsm_inst_free(fi);
659 break;
660 }
661 bss->fi = fi;
662 fi->priv = bss;
663 INIT_LLIST_HEAD(&bss->cell_list);
664 bss->trans = trans;
665 bss->trans_type = trans->type;
666 bss->callref = trans->callref;
667 bss->pc = b->pc;
668 /* Create ran connection. */
669 bss->conn = ran_conn_create_outgoing(rp);
670 if (!bss->conn) {
671 osmo_fsm_inst_free(bss->fi);
672 continue;
673 }
674 bss->conn->vgcs.bss = bss;
675 /* Create cell list structures. */
676 llist_for_each_entry(c, &b->cell_list, list) {
677 /* Create state machine. */
678 fi = osmo_fsm_inst_alloc(&vgcs_cell_fsm, net, NULL, LOGL_DEBUG, NULL);
679 if (!fi) {
680 LOG_GCC(trans, LOGL_ERROR, "No memory for state machine.\n");
681 break;
682 }
683 /* Create cell structure. */
684 cell = talloc_zero(fi, struct vgcs_bss_cell);
685 if (!cell) {
686 LOG_GCC(trans, LOGL_ERROR, "No memory for BSS cell structure.\n");
687 osmo_fsm_inst_free(fi);
688 break;
689 }
690 cell->fi = fi;
691 fi->priv = cell;
692 osmo_fsm_inst_update_id_f(cell->fi, "vgcs-cell-%d", c->cell_id);
693 cell->trans_type = trans->type;
694 cell->callref = trans->callref;
695 cell->pc = b->pc;
696 cell->cell_id = c->cell_id;
697 cell->call_id = trans->call_id;
698 /* Create ran connection. */
699 cell->conn = ran_conn_create_outgoing(rp);
700 if (!cell->conn) {
701 osmo_fsm_inst_free(cell->fi);
702 continue;
703 }
704 cell->conn->vgcs.cell = cell;
705 /* Attach to cell list of BSS and MGW endpoint */
706 llist_add_tail(&cell->list_bss, &bss->cell_list);
707 cell->bss = bss;
708 llist_add_tail(&cell->list_mgw, &mgw->cell_list);
709 cell->mgw = mgw;
710 }
711 /* No cell? */
712 if (llist_empty(&bss->cell_list)) {
713 osmo_fsm_inst_free(bss->fi);
714 break;
715 }
716 /* Attach to transaction list */
717 llist_add_tail(&bss->list, &trans->gcc.bss_list);
718 /* Trigger VGCS/VBS SETUP */
719 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_SETUP, NULL);
720 }
721 /* No BSS? */
722 if (llist_empty(&trans->gcc.bss_list)) {
723 /* Also destroy MGW, because this list is empty too! */
724 goto err_mgw;
725 }
726 return 0;
727
728err_mgw:
729 if (mgw) {
730 if (mgw->mgw_ep) {
731 /* This will also free FSM instance and vgcs_mgw_ep structure. */
732 osmo_fsm_inst_dispatch(mgw->fi, VGCS_MGW_EP_EV_CLEAR, NULL);
733 return -EINVAL;
734 }
735 osmo_fsm_inst_free(mgw->fi);
736 }
737 return -EINVAL;
738}
739
740/* Send Assignment Request to the calling subscriber.
741 * This is used to assign the subscriber from early assigned channel to the VGCS/VBS channel. */
742static int gcc_assign(struct gsm_trans *trans)
743{
744 struct ran_msg tx_ran_msg;
745 struct gsm0808_channel_type channel_type;
746 struct vgcs_bss *bss = NULL, *b;
747
748 /* No assignment, because the calling subscriber is already assigned or there is no calling subscriber. */
749 if (!trans->msc_a)
750 return 0;
751
752 /* Check calling subscriber's MSC */
753 struct ran_conn *conn = msub_ran_conn(trans->msc_a->c.msub);
754 if (!conn) {
755 LOG_GCC(trans, LOGL_ERROR, "Calling subscriber has no ran_conn????\n");
756 return -EINVAL;
757 }
758 llist_for_each_entry(b, &trans->gcc.bss_list, list) {
759 if (osmo_sccp_addr_ri_cmp(&conn->ran_peer->peer_addr, &b->conn->ran_peer->peer_addr))
760 continue;
761 bss = b;
762 break;
763 }
764 if (!bss) {
765 LOG_GCC(trans, LOGL_ERROR, "Calling subscriber comes from BSC that has no VGCS call.\n");
766 return -EINVAL;
767 }
768
769 /* For now we support GSM/FR V1 only. This shall be supported by all MS. */
770 channel_type = (struct gsm0808_channel_type) {
771 .ch_indctr = GSM0808_CHAN_SPEECH,
772 .ch_rate_type = GSM0808_SPEECH_FULL_BM,
773 .perm_spch_len = 1,
774 .perm_spch[0] = GSM0808_PERM_FR1,
775 };
776
777 /* Send assignment to VGCS channel */
778 tx_ran_msg = (struct ran_msg) {
779 .msg_type = RAN_MSG_ASSIGNMENT_COMMAND,
780 .assignment_command = {
781 .channel_type = &channel_type,
782 .callref_present = true,
783 .callref = {
784 .sf = (trans->type == TRANS_GCC),
785 },
786 },
787 };
788 osmo_store32be_ext(trans->callref >> 3, &tx_ran_msg.assignment_command.callref.call_ref_hi, 3);
789 tx_ran_msg.assignment_command.callref.call_ref_lo = trans->callref & 0x7;
790 if (msc_a_ran_down(trans->msc_a, MSC_ROLE_I, &tx_ran_msg)) {
791 LOG_GCC(trans, LOGL_ERROR, "Cannot send Assignment\n");
792 return -EIO;
793 }
794
795 /* Assign Talker to BSS of the calling subscriber. */
796 trans->gcc.uplink_bss = bss;
797
798 return 0;
799}
800
801/* Send CONNECT to the calling subscriber. */
802static void gcc_connect(struct gsm_trans *trans)
803{
804 uint8_t pdisc = (trans->type == TRANS_GCC) ? GSM48_PDISC_GROUP_CC : GSM48_PDISC_BCAST_CC;
805 int rc;
806
807 /* Send CONNECT towards MS. */
808 rc = gsm44068_tx_connect(trans,
809 pdisc | (trans->transaction_id << 4),
810 trans->callref, 0, 0, 1, 0, 0, 0, 0);
811 if (rc < 0)
812 LOG_GCC(trans, LOGL_ERROR, "Failed to send CONNECT towards MS. Continue anyway.\n");
813}
814
815/* Release dedicated (SDCCH) channel of calling subscriber after assigning to VGCS */
816static void release_msc_a(struct gsm_trans *trans)
817{
818 struct msc_a *msc_a = trans->msc_a;
819
820 if (!msc_a)
821 return;
822
823 trans->msc_a = NULL;
824 switch (trans->type) {
825 case TRANS_GCC:
826 msc_a_put(msc_a, MSC_A_USE_GCC);
827 break;
828 case TRANS_BCC:
829 msc_a_put(msc_a, MSC_A_USE_BCC);
830 break;
831 default:
832 break;
833 }
834}
835
836/* Send TERMINATE to the calling/talking subscriber, then destroy transaction. */
837static void gcc_terminate_and_destroy(struct gsm_trans *trans, enum osmo_gsm44068_cause cause)
838{
839 uint8_t pdisc = (trans->type == TRANS_GCC) ? GSM48_PDISC_GROUP_CC : GSM48_PDISC_BCAST_CC;
840 int rc;
841
842 /* Send TERMINATION towards MS. */
843 rc = gsm44068_tx_termination(trans->msc_a, trans->gcc.uplink_bss,
844 pdisc | (trans->transaction_id << 4),
845 OSMO_GSM44068_MSGT_TERMINATION,
846 cause, NULL, 0);
847 if (rc < 0)
848 LOG_GCC(trans, LOGL_ERROR, "Failed to send TERMINATION towards MS. Continue anyway.\n");
849
850 /* Destroy transaction, note that also _gsm44068_gcc_trans_free() will be called by trans_free().
851 * There the complete state machine is destroyed. */
852 trans->callref = 0;
853 trans_free(trans);
854}
855
856/* Start inactivity timer.
857 * This timer is used to terminate the call, if the radio connection to the caller gets lost. */
858static void start_inactivity_timer(struct gsm_trans *trans)
859{
860 if (trans->gcc.inactivity_to) {
861 LOG_GCC(trans, LOGL_DEBUG, "Set inactivity timer to %d seconds.\n", trans->gcc.inactivity_to);
862 osmo_timer_schedule(&trans->gcc.timer_inactivity, trans->gcc.inactivity_to, 0);
863 }
864}
865
866static void stop_inactivity_timer(struct gsm_trans *trans)
867{
868 if (osmo_timer_pending(&trans->gcc.timer_inactivity)) {
869 LOG_GCC(trans, LOGL_DEBUG, "Stop pending inactivity timer.\n");
870 osmo_timer_del(&trans->gcc.timer_inactivity);
871 }
872}
873
874static void inactivity_timer_cb(void *data)
875{
876 struct gsm_trans *trans = data;
877
878 osmo_fsm_inst_dispatch(trans->gcc.fi, VGCS_GCC_EV_TIMEOUT, NULL);
879}
880
881/* Set the parameters of the talker. (downlink mute/unmute, uplink unmute, COMM=T, originator) */
882static int set_parameter(struct gsm_trans *trans)
883{
884 uint8_t pdisc = (trans->type == TRANS_GCC) ? GSM48_PDISC_GROUP_CC : GSM48_PDISC_BCAST_CC;
885 int rc;
886
887 rc = gsm44068_tx_set_parameter(trans, pdisc, !trans->gcc.mute_talker, 1, 1, trans->gcc.uplink_originator);
888 if (rc < 0)
889 LOG_GCC(trans, LOGL_ERROR, "Failed to send SET PARAMETER towards MS.\n");
890 return rc;
891}
892
893/* Check in which cell the uplink is used and set "uplink_cell". */
894static int set_uplink_cell(struct vgcs_bss *bss, struct gsm0808_cell_id *cell_id_ie, uint16_t cell_id)
895{
896 struct vgcs_bss_cell *cell;
897
898 if (cell_id_ie) {
899 /* Get cell ID to determine talker channel. */
900 switch (cell_id_ie->id_discr) {
901 case CELL_IDENT_CI:
902 cell_id = cell_id_ie->id.ci;
903 break;
904 case CELL_IDENT_LAC_AND_CI:
905 cell_id = cell_id_ie->id.lac_and_ci.ci;
906 break;
907 default:
908 LOG_BSS(bss, LOGL_DEBUG, "Cannot idenitfy cell, please fix!\n");
909 return -EINVAL;
910 }
911 }
912
913 /* Search for cell ID. */
914 bss->trans->gcc.uplink_cell = NULL;
915 llist_for_each_entry(cell, &bss->cell_list, list_bss) {
916 if (cell->cell_id == cell_id) {
917 LOG_BSS(bss, LOGL_DEBUG, "Talker is talking on cell %d.\n", cell->cell_id);
918 bss->trans->gcc.uplink_cell = cell;
919 return 0;
920 }
921 }
922
923 LOG_BSS(bss, LOGL_DEBUG, "Cell ID %d is not in list of current BSS, please fix!\n", cell_id);
924 return -EINVAL;
925}
926
927/* Set the MGW conference mode.
928 * All cells are listening to the conference. If there is a talker, this cell is also transmitting to the conference. */
929static int set_mgw_conference(struct gsm_trans *trans)
930{
931 struct vgcs_bss *bss;
932 struct vgcs_bss_cell *cell;
933 struct rtp_stream *rtps;
934 int rc;
935
936 /* All cells without talker are listening */
937 llist_for_each_entry(bss, &trans->gcc.bss_list, list) {
938 llist_for_each_entry(cell, &bss->cell_list, list_bss) {
939 if (!(rtps = cell->rtps))
940 continue;
941 if (rtps->crcx_conn_mode != MGCP_CONN_SEND_ONLY) {
942 LOG_CELL(cell, LOGL_DEBUG, "Setting cell %d into listening mode.\n", cell->cell_id);
943 rtp_stream_set_mode(rtps, MGCP_CONN_SEND_ONLY);
944 rc = rtp_stream_commit(rtps);
945 if (rc < 0)
946 LOG_CELL(cell, LOGL_ERROR, "Failed to commit parameters to RTP stream "
947 "for cell %d.\n", cell->cell_id);
948 }
949 }
950 }
951
952 if (trans->gcc.uplink_cell && trans->gcc.uplink_cell->rtps) {
953 cell = trans->gcc.uplink_cell;
954 rtps = cell->rtps;
955 LOG_CELL(cell, LOGL_DEBUG, "Setting cell %d into listening mode.\n", cell->cell_id);
956 rtp_stream_set_mode(rtps, MGCP_CONN_CONFECHO);
957 rc = rtp_stream_commit(rtps);
958 if (rc < 0)
959 LOG_CELL(cell, LOGL_ERROR, "Failed to commit parameters to RTP stream "
960 "for cell %d.\n", cell->cell_id);
961 }
962
963 return 0;
964}
965
966static void _assign_complete(struct gsm_trans *trans, bool send_connect)
967{
968 uint16_t cell_id;
969
Andreas Eversberge2a40882023-07-19 09:56:53 +0200[diff] [blame]970 OSMO_ASSERT(trans->msc_a);
971
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]972 /* Change state. */
973 osmo_fsm_inst_state_chg(trans->gcc.fi, VGCS_GCC_ST_N2_CALL_ACTIVE, 0, 0);
974 /* Get cell ID. */
Andreas Eversberge2a40882023-07-19 09:56:53 +0200[diff] [blame]975 cell_id = trans->msc_a->via_cell.cell_identity;
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]976 /* Releasing dedicated channel. */
977 release_msc_a(trans);
978 /* Send CONNECT to the calling subscriber. */
979 if (send_connect)
980 gcc_connect(trans);
981 /* Set parameter. */
982 set_parameter(trans);
983 /* Start inactivity timer, if uplink is free. */
984 if (!trans->gcc.uplink_busy)
985 start_inactivity_timer(trans);
986 /* Set cell of current talker. */
987 set_uplink_cell(trans->gcc.uplink_bss, NULL, cell_id);
988 /* Set MGW conference. */
989 set_mgw_conference(trans);
990}
991
992#define CONNECT_OPTION false
993
994static void vgcs_gcc_fsm_n0_null(struct osmo_fsm_inst *fi, uint32_t event, void *data)
995{
996 struct gsm_trans *trans = fi->priv;
997 int rc;
998
999 switch (event) {
1000 case VGCS_GCC_EV_NET_SETUP:
1001 /* Establish call towards all BSSs. */
1002 LOG_GCC(trans, LOGL_DEBUG, "Setup by network, trying to establish cells.\n");
1003 rc = gcc_establish_bss(trans);
1004 if (rc < 0) {
1005 LOG_GCC(trans, LOGL_NOTICE, "Failed to setup call to any cell.\n");
1006 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NETWORK_FAILURE);
1007 break;
1008 }
1009 /* Keep state until established or released. */
1010 break;
1011 case VGCS_GCC_EV_NET_TERM:
1012 LOG_GCC(trans, LOGL_DEBUG, "Termination by network, destroying call.\n");
1013 /* Destroy group call in all cells. */
1014 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NORMAL_CALL_CLEARING);
1015 break;
1016 case VGCS_GCC_EV_USER_SETUP:
1017 LOG_GCC(trans, LOGL_DEBUG, "Setup by MS, trying to establish cells.\n");
1018 /* Change state. */
1019 osmo_fsm_inst_state_chg(fi, VGCS_GCC_ST_N1_CALL_INITIATED, 0, 0);
1020 /* Establish call towards all BSSs. */
1021 rc = gcc_establish_bss(trans);
1022 if (rc < 0) {
1023 LOG_GCC(trans, LOGL_NOTICE, "Failed to setup call to any cell.\n");
1024 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NETWORK_FAILURE);
1025 break;
1026 }
1027 if (CONNECT_OPTION) {
1028 /* Send CONNECT to the calling subscriber. */
1029 gcc_connect(trans);
1030 /* Change state. */
1031 osmo_fsm_inst_state_chg(fi, VGCS_GCC_ST_N3_CALL_EST_PROC, 0, 0);
1032 }
1033 break;
1034 case VGCS_GCC_EV_BSS_ESTABLISHED:
1035 LOG_GCC(trans, LOGL_DEBUG, "All cells establised, for a group call, sending CONNECT to caller.\n");
1036 /* Change state. */
1037 osmo_fsm_inst_state_chg(fi, VGCS_GCC_ST_N2_CALL_ACTIVE, 0, 0);
1038 /* Start inactivity timer, if uplink is free. */
1039 if (!trans->gcc.uplink_busy)
1040 start_inactivity_timer(trans);
1041 break;
1042 case VGCS_GCC_EV_BSS_RELEASED:
1043 LOG_GCC(trans, LOGL_DEBUG, "All group call in all cells failed, destroying call.\n");
1044 /* Send TERMINATE to the calling subscriber. */
1045 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NETWORK_FAILURE);
1046 break;
1047 default:
1048 OSMO_ASSERT(false);
1049 }
1050}
1051
1052static void vgcs_gcc_fsm_n1_call_initiated(struct osmo_fsm_inst *fi, uint32_t event, void *data)
1053{
1054 struct gsm_trans *trans = fi->priv;
1055 int rc;
1056
1057 switch (event) {
1058 case VGCS_GCC_EV_NET_TERM:
1059 LOG_GCC(trans, LOGL_DEBUG, "Termination by network, destroying call.\n");
1060 /* Destroy group call in all cells. */
1061 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NORMAL_CALL_CLEARING);
1062 break;
1063 case VGCS_GCC_EV_USER_TERM:
1064 LOG_GCC(trans, LOGL_DEBUG, "Termination by user, destroying call.\n");
1065 /* Send TERMINATE to the calling subscriber and destroy group call in all cells. */
1066 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NORMAL_CALL_CLEARING);
1067 break;
1068 case VGCS_GCC_EV_BSS_ESTABLISHED:
1069 LOG_GCC(trans, LOGL_DEBUG, "All cells establised, for a group call, assign caller to VGCS.\n");
1070 /* Send assignment to the calling subscriber. */
1071 rc = gcc_assign(trans);
1072 if (rc < 0) {
1073 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NETWORK_FAILURE);
1074 break;
1075 }
1076 break;
1077 case VGCS_GCC_EV_BSS_ASSIGN_CPL:
1078 LOG_GCC(trans, LOGL_DEBUG, "Assignment complete, sending CONNECT to caller, releasing channel.\n");
1079 /* Handle assignment complete */
1080 _assign_complete(trans, true);
1081 break;
1082 case VGCS_GCC_EV_BSS_ASSIGN_FAIL:
1083 LOG_GCC(trans, LOGL_DEBUG, "Assignment failed, releasing call.\n");
1084 /* Send TERMINATE to the calling subscriber. */
1085 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NETWORK_FAILURE);
1086 break;
1087 case VGCS_GCC_EV_BSS_RELEASED:
1088 LOG_GCC(trans, LOGL_DEBUG, "All group call in all cells failed, destroying call.\n");
1089 /* Send TERMINATE to the calling subscriber. */
1090 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NETWORK_FAILURE);
1091 break;
1092 default:
1093 OSMO_ASSERT(false);
1094 }
1095}
1096
1097static void vgcs_gcc_fsm_n2_call_active(struct osmo_fsm_inst *fi, uint32_t event, void *data)
1098{
1099 struct gsm_trans *trans = fi->priv;
1100
1101 switch (event) {
1102 case VGCS_GCC_EV_NET_TERM:
1103 LOG_GCC(trans, LOGL_DEBUG, "Termination by network, destroying call.\n");
1104 /* Destroy group call in all cells. */
1105 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NORMAL_CALL_CLEARING);
1106 break;
1107 case VGCS_GCC_EV_USER_TERM:
1108 LOG_GCC(trans, LOGL_DEBUG, "Termination by user, destroying call.\n");
1109 /* Send TERMINATE to the calling subscriber and destroy group call in all cells. */
1110 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NORMAL_CALL_CLEARING);
1111 break;
1112 case VGCS_GCC_EV_BSS_RELEASED:
1113 LOG_GCC(trans, LOGL_DEBUG, "All group call in all cells failed, destroying call.\n");
1114 /* Send TERMINATE to the calling subscriber. */
1115 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NETWORK_FAILURE);
1116 break;
1117 case VGCS_GCC_EV_TIMEOUT:
1118 LOG_GCC(trans, LOGL_DEBUG, "Termination by inactivity timer, destroying call.\n");
1119 /* Destroy group call in all cells. */
1120 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NORMAL_CALL_CLEARING);
1121 break;
1122 default:
1123 OSMO_ASSERT(false);
1124 }
1125}
1126
1127static void vgcs_gcc_fsm_n3_call_est_proc(struct osmo_fsm_inst *fi, uint32_t event, void *data)
1128{
1129 struct gsm_trans *trans = fi->priv;
1130 int rc;
1131
1132 switch (event) {
1133 case VGCS_GCC_EV_NET_TERM:
1134 LOG_GCC(trans, LOGL_DEBUG, "Termination by network, destroying call.\n");
1135 /* Destroy group call in all cells. */
1136 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NORMAL_CALL_CLEARING);
1137 break;
1138 case VGCS_GCC_EV_USER_TERM:
1139 LOG_GCC(trans, LOGL_DEBUG, "Termination by user, destroying call.\n");
1140 /* Send TERMINATE to the calling subscriber and destroy group call in all cells. */
1141 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NORMAL_CALL_CLEARING);
1142 break;
1143 case VGCS_GCC_EV_BSS_ESTABLISHED:
1144 LOG_GCC(trans, LOGL_DEBUG, "All cells establised, for a group call, assign caller to VGCS.\n");
1145 /* Send assignment to the calling subscriber. */
1146 rc = gcc_assign(trans);
1147 if (rc < 0) {
1148 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NETWORK_FAILURE);
1149 break;
1150 }
1151 break;
1152 case VGCS_GCC_EV_BSS_ASSIGN_CPL:
1153 LOG_GCC(trans, LOGL_DEBUG, "Assignment complete, sending CONNECT to caller, releasing channel.\n");
1154 /* Handle assignment complete */
1155 _assign_complete(trans, false);
1156 break;
1157 case VGCS_GCC_EV_BSS_ASSIGN_FAIL:
1158 LOG_GCC(trans, LOGL_DEBUG, "Assignment failed, releasing call.\n");
1159 /* Send TERMINATE to the calling subscriber. */
1160 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NETWORK_FAILURE);
1161 break;
1162 case VGCS_GCC_EV_BSS_RELEASED:
1163 LOG_GCC(trans, LOGL_DEBUG, "All group call in all cells failed, destroying call.\n");
1164 /* Send TERMINATE to the calling subscriber. */
1165 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NETWORK_FAILURE);
1166 break;
1167 default:
1168 OSMO_ASSERT(false);
1169 }
1170}
1171
1172static const struct osmo_fsm_state vgcs_gcc_fsm_states[] = {
1173 [VGCS_GCC_ST_N0_NULL] = {
1174 .name = "NULL (N0)",
1175 .in_event_mask = S(VGCS_GCC_EV_NET_SETUP) |
1176 S(VGCS_GCC_EV_NET_TERM) |
1177 S(VGCS_GCC_EV_USER_SETUP) |
1178 S(VGCS_GCC_EV_BSS_ESTABLISHED) |
1179 S(VGCS_GCC_EV_BSS_RELEASED),
1180 .out_state_mask = S(VGCS_GCC_ST_N1_CALL_INITIATED) |
1181 S(VGCS_GCC_ST_N2_CALL_ACTIVE),
1182 .action = vgcs_gcc_fsm_n0_null,
1183 },
1184 [VGCS_GCC_ST_N1_CALL_INITIATED] = {
1185 .name = "CALL INITATED (N1)",
1186 .in_event_mask = S(VGCS_GCC_EV_NET_TERM) |
1187 S(VGCS_GCC_EV_USER_TERM) |
1188 S(VGCS_GCC_EV_BSS_ESTABLISHED) |
1189 S(VGCS_GCC_EV_BSS_ASSIGN_CPL) |
1190 S(VGCS_GCC_EV_BSS_ASSIGN_FAIL) |
1191 S(VGCS_GCC_EV_BSS_RELEASED),
1192 .out_state_mask = S(VGCS_GCC_ST_N0_NULL) |
1193 S(VGCS_GCC_ST_N2_CALL_ACTIVE) |
1194 S(VGCS_GCC_ST_N3_CALL_EST_PROC),
1195 .action = vgcs_gcc_fsm_n1_call_initiated,
1196 },
1197 [VGCS_GCC_ST_N2_CALL_ACTIVE] = {
1198 .name = "CALL ACTIVE (N2)",
1199 .in_event_mask = S(VGCS_GCC_EV_NET_TERM) |
1200 S(VGCS_GCC_EV_USER_TERM) |
1201 S(VGCS_GCC_EV_BSS_RELEASED) |
1202 S(VGCS_GCC_EV_TIMEOUT),
1203 .out_state_mask = S(VGCS_GCC_ST_N0_NULL),
1204 .action = vgcs_gcc_fsm_n2_call_active,
1205 },
1206 [VGCS_GCC_ST_N3_CALL_EST_PROC] = {
1207 .name = "CALL EST PROCEEDING (N3)",
1208 .in_event_mask = S(VGCS_GCC_EV_NET_TERM) |
1209 S(VGCS_GCC_EV_USER_TERM) |
1210 S(VGCS_GCC_EV_BSS_ESTABLISHED) |
1211 S(VGCS_GCC_EV_BSS_ASSIGN_CPL) |
1212 S(VGCS_GCC_EV_BSS_ASSIGN_FAIL) |
1213 S(VGCS_GCC_EV_BSS_RELEASED),
1214 .out_state_mask = S(VGCS_GCC_ST_N2_CALL_ACTIVE) |
1215 S(VGCS_GCC_ST_N0_NULL),
1216 .action = vgcs_gcc_fsm_n3_call_est_proc,
1217 },
1218 // We don't need a state to wait for the group call to be terminated in all cells
1219};
1220
1221static struct osmo_fsm vgcs_bcc_fsm = {
1222 .name = "bcc",
1223 .states = vgcs_gcc_fsm_states,
1224 .num_states = ARRAY_SIZE(vgcs_gcc_fsm_states),
1225 .log_subsys = DBCC,
1226 .event_names = vgcs_gcc_fsm_event_names,
1227};
1228
1229static struct osmo_fsm vgcs_gcc_fsm = {
1230 .name = "gcc",
1231 .states = vgcs_gcc_fsm_states,
1232 .num_states = ARRAY_SIZE(vgcs_gcc_fsm_states),
1233 .log_subsys = DGCC,
1234 .event_names = vgcs_gcc_fsm_event_names,
1235};
1236
1237const char *vgcs_bcc_gcc_state_name(struct osmo_fsm_inst *fi)
1238{
1239 return vgcs_gcc_fsm_states[fi->state].name;
1240}
1241
1242static int update_uplink_state(struct vgcs_bss *bss, bool uplink_busy);
1243
1244/* Receive RR messages from calling subscriber, prior assignment to VGCS/VBS. */
1245int gsm44068_rcv_rr(struct msc_a *msc_a, struct msgb *msg)
1246{
1247 struct gsm_trans *trans = NULL;
1248 struct gsm48_hdr *gh;
1249 uint8_t msg_type;
1250
1251 gh = msgb_l3(msg);
1252 msg_type = gsm48_hdr_msg_type(gh);
1253
1254 /* Find transaction. */
1255 trans = trans_find_by_type(msc_a, TRANS_GCC);
1256 if (!trans)
1257 trans = trans_find_by_type(msc_a, TRANS_BCC);
1258
1259 if (!trans) {
1260 LOG_GCC(trans, LOGL_ERROR, "No VGCS/VBS transaction.\n");
1261 return -EINVAL;
1262 }
1263
1264 /* In case the phone releases uplink prior being assigned to a VGCS */
1265 if (msg_type == GSM48_MT_RR_UPLINK_RELEASE) {
1266 struct vgcs_bss *bss;
1267
1268 LOG_GCC(trans, LOGL_INFO, "Received UPLINK RELEASE on initial channel.\n");
1269 /* Clear the busy flag and unblock all cells. */
1270 trans->gcc.uplink_bss = NULL;
1271 trans->gcc.uplink_cell = NULL;
1272 trans->gcc.uplink_busy = false;
1273 llist_for_each_entry(bss, &trans->gcc.bss_list, list) {
1274 /* Update uplink state. */
1275 update_uplink_state(bss, trans->gcc.uplink_busy);
1276 }
1277 /* Start inactivity timer. */
1278 start_inactivity_timer(bss->trans);
1279 /* Next, the MS will switch to the VGCS as listener. Nothing else to do here. */
1280 }
1281
1282 return 0;
1283}
1284
1285/* Allocation of transaction for group call */
1286static struct gsm_trans *trans_alloc_vgcs(struct gsm_network *net,
1287 struct vlr_subscr *vsub,
1288 enum trans_type trans_type, uint8_t transaction_id,
1289 uint32_t callref,
1290 struct gcr *gcr,
1291 bool uplink_busy)
1292{
1293 struct gsm_trans *trans;
1294
1295 trans = trans_alloc(net, vsub, trans_type, transaction_id, callref);
1296 if (!trans) {
1297 LOG_GCC(trans, LOGL_ERROR, "No memory for trans.\n");
1298 return NULL;
1299 }
1300 /* The uplink is busy when the call is started until the calling subscriber releases. */
1301 trans->gcc.uplink_busy = uplink_busy;
1302 trans->gcc.uplink_originator = true;
1303 INIT_LLIST_HEAD(&trans->gcc.bss_list);
1304 trans->gcc.inactivity_to = gcr->timeout;
1305 trans->gcc.mute_talker = gcr->mute_talker;
1306 trans->gcc.timer_inactivity.data = trans;
1307 trans->gcc.timer_inactivity.cb = inactivity_timer_cb;
1308 trans->gcc.fi = osmo_fsm_inst_alloc((trans_type == TRANS_GCC) ? &vgcs_gcc_fsm : &vgcs_bcc_fsm,
1309 trans, trans, LOGL_DEBUG, NULL);
1310 if (!trans->gcc.fi) {
1311 LOG_GCC(trans, LOGL_ERROR, "No memory for state machine.\n");
1312 trans_free(trans);
1313 return NULL;
1314 }
1315
1316 return trans;
1317}
1318
1319/* Create transaction from incoming voice group/broadcast call. */
1320static struct gsm_trans *trans_create_bcc_gcc(struct msc_a *msc_a, enum trans_type trans_type, uint8_t transaction_id,
1321 uint8_t pdisc, uint8_t msg_type, uint32_t callref)
1322{
Andreas Eversberg7e65ed92023-07-19 09:38:25 +0200[diff] [blame]1323 struct gsm_network *net;
1324 struct vlr_subscr *vsub;
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]1325 struct gsm_trans *trans = NULL;
1326 struct gcr *gcr;
1327 int rc;
1328
1329 if (!msc_a) {
1330 LOG_GCC(trans, LOGL_ERROR, "Invalid conn: no msc_a\n");
1331 return NULL;
1332 }
Andreas Eversberg7e65ed92023-07-19 09:38:25 +0200[diff] [blame]1333 net = msc_a_net(msc_a);
1334 vsub = msc_a_vsub(msc_a);
1335
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]1336 if (!vsub) {
1337 LOG_GCC(trans, LOGL_ERROR, "Invalid conn: no subscriber\n");
1338 return NULL;
1339 }
1340
1341 /* An earlier CM Service Request for this CC message now has concluded */
1342 if (!osmo_use_count_by(&msc_a->use_count,
1343 (trans_type == TRANS_GCC) ? MSC_A_USE_CM_SERVICE_GCC : MSC_A_USE_CM_SERVICE_BCC))
1344 LOG_MSC_A(msc_a, LOGL_ERROR,
1345 "Creating new %s transaction without prior CM Service Request.\n",
1346 get_value_string(trans_type_names, trans_type));
1347 else
1348 msc_a_put(msc_a,
1349 (trans_type == TRANS_GCC) ? MSC_A_USE_CM_SERVICE_GCC : MSC_A_USE_CM_SERVICE_BCC);
1350
1351 /* A transaction must be created with a SETUP message. */
1352 if (msg_type != OSMO_GSM44068_MSGT_IMMEDIATE_SETUP
1353 && msg_type != OSMO_GSM44068_MSGT_SETUP
1354 && msg_type != OSMO_GSM44068_MSGT_IMMEDIATE_SETUP_2) {
1355 LOG_GCC(trans, LOGL_ERROR, "No transaction and message is not a SETUP.\n");
1356 return NULL;
1357 }
1358
1359 /* Check if callref already exists. */
1360 trans = trans_find_by_callref(net, trans_type, callref);
1361 if (trans) {
1362 LOG_GCC(trans, LOGL_INFO, "Call to existing %s with callref %s, rejecting!\n",
1363 trans_type_name(trans_type), gsm44068_group_id_string(callref));
1364 rc = gsm44068_tx_termination(msc_a, NULL,
1365 pdisc | (transaction_id << 4),
1366 OSMO_GSM44068_MSGT_TERMINATION,
1367 OSMO_GSM44068_CAUSE_BUSY, NULL, 0);
1368 if (rc < 0)
1369 LOG_GCC(trans, LOGL_ERROR, "Failed to send TERMINATION towards MS.\n");
1370 return 0;
1371 }
1372
1373 /* Check GCR for Group ID. */
1374 gcr = gcr_by_callref(net, trans_type, callref);
1375 if (!gcr) {
1376 LOG_GCC(trans, LOGL_INFO, "No Group configured for %s callref %s, rejecting!\n",
1377 trans_type_name(trans_type), gsm44068_group_id_string(callref));
1378 // FIXME: Better cause value for a group that does not exist ?
1379 rc = gsm44068_tx_termination(msc_a, NULL,
1380 pdisc | (transaction_id << 4),
1381 OSMO_GSM44068_MSGT_TERMINATION,
1382 OSMO_GSM44068_CAUSE_REQUESTED_SERVICE_NOT_SUB, NULL, 0);
1383 if (rc < 0)
1384 LOG_GCC(trans, LOGL_ERROR, "Failed to send TERMINATION towards MS.\n");
1385 return 0;
1386 }
1387
1388 /* Create transaction, uplink is busy. */
1389 trans = trans_alloc_vgcs(net, vsub, trans_type, transaction_id, callref, gcr, true);
1390 if (!trans) {
1391 rc = gsm44068_tx_termination(msc_a, NULL,
1392 pdisc | (transaction_id << 4),
1393 OSMO_GSM44068_MSGT_TERMINATION,
1394 OSMO_GSM44068_CAUSE_NETWORK_FAILURE, NULL, 0);
1395 if (rc < 0)
1396 LOG_GCC(trans, LOGL_ERROR, "Failed to send TERMINATION towards MS.\n");
1397 return NULL;
1398 }
1399
1400 if (osmo_fsm_inst_dispatch(msc_a->c.fi, MSC_A_EV_TRANSACTION_ACCEPTED, trans)) {
1401 LOG_MSC_A(msc_a, LOGL_ERROR, "Not allowed to accept %s transaction.\n",
1402 get_value_string(trans_type_names, trans_type));
1403 gcc_terminate_and_destroy(trans, OSMO_GSM44068_CAUSE_NETWORK_FAILURE);
1404 return NULL;
1405 }
1406
1407 /* Assign transaction */
1408 msc_a_get(msc_a, (trans_type == TRANS_GCC) ? MSC_A_USE_GCC : MSC_A_USE_BCC);
1409 trans->msc_a = msc_a;
1410 trans->dlci = 0; /* main DCCH */
1411
1412 return trans;
1413}
1414
1415/* Receive GCC/BCC messages from calling subscriber, depending on the PDISC used. */
1416int gsm44068_rcv_bcc_gcc(struct msc_a *msc_a, struct gsm_trans *trans, struct msgb *msg)
1417{
1418 struct gsm48_hdr *gh = msgb_l3(msg);
1419 uint8_t msg_type = gsm48_hdr_msg_type(gh);
1420 uint8_t pdisc = gsm48_hdr_pdisc(gh);
1421 uint8_t transaction_id = gsm48_hdr_trans_id_flip_ti(gh);
1422 enum trans_type trans_type = (pdisc == GSM48_PDISC_GROUP_CC) ? TRANS_GCC : TRANS_BCC;
1423
1424 uint8_t key_seq;
1425 bool talker_prio_requested;
1426 bool with_talker_prio;
1427 uint8_t talker_prio;
1428 struct gsm48_classmark2 cm2;
1429 struct osmo_mobile_identity mi;
1430 uint32_t callref;
1431 bool with_prio;
1432 uint8_t prio;
1433 char user_user[64] = "";
1434 uint8_t cause;
1435 uint8_t diag[256];
1436 uint8_t diag_len;
1437 bool with_call_state;
1438 enum osmo_gsm44068_call_state call_state;
1439 bool with_state_attrs;
1440 uint8_t da, ua, comm, oi;
1441 int rc = 0;
1442
1443 /* Remove sequence number (bit 7) from message type. */
1444 msg_type &= 0xbf;
1445
1446 /* Parse messages. */
1447 switch (msg_type) {
1448 case OSMO_GSM44068_MSGT_SETUP:
1449 rc = gsm44068_rx_setup(msg, &talker_prio_requested, &talker_prio, &callref, &with_prio, &prio,
1450 user_user);
1451 break;
1452 case OSMO_GSM44068_MSGT_IMMEDIATE_SETUP:
1453 case OSMO_GSM44068_MSGT_IMMEDIATE_SETUP_2:
1454 rc = gsm44068_rx_immediate_setup(msg, &talker_prio, &key_seq, &cm2, &mi, &callref, &with_prio, &prio,
1455 user_user);
1456 break;
1457 case OSMO_GSM44068_MSGT_STATUS:
1458 rc = gsm44068_rx_status(msg, &cause, diag, &diag_len, &with_call_state, &call_state,
1459 &with_state_attrs, &da, &ua, &comm, &oi);
1460 break;
1461 case OSMO_GSM44068_MSGT_TERMINATION_REQUEST:
1462 rc = gsm44068_rx_termination_req(msg, &callref, &with_prio, &prio, &with_talker_prio, &talker_prio);
1463 break;
1464 default:
1465 LOG_GCC(trans, LOGL_ERROR, "Invalid message type: 0x%02x\n", msg_type);
1466 return -EINVAL;
1467 }
1468 if (rc < 0)
1469 return rc;
1470
1471 /* Find transaction, if called from msc_a. */
1472 if (!trans)
1473 trans = trans_find_by_id(msc_a, trans_type, transaction_id);
1474
1475 /* Create transaction for SETUP message. */
1476 if (!trans) {
1477 trans = trans_create_bcc_gcc(msc_a, trans_type, transaction_id, pdisc, msg_type, callref);
1478 if (!trans)
1479 return -EINVAL;
1480 } else {
1481 /* A phone may not call while a VGCS is already active */
1482 if (msg_type == OSMO_GSM44068_MSGT_IMMEDIATE_SETUP
1483 || msg_type == OSMO_GSM44068_MSGT_SETUP
1484 || msg_type == OSMO_GSM44068_MSGT_IMMEDIATE_SETUP_2) {
1485 LOG_GCC(trans, LOGL_ERROR, "Received SETUP while call is already set up, rejecting.\n");
1486 rc = gsm44068_tx_termination(msc_a, NULL,
1487 pdisc | (transaction_id << 4),
1488 OSMO_GSM44068_MSGT_TERMINATION,
1489 OSMO_GSM44068_CAUSE_NETWORK_FAILURE, NULL, 0);
1490 if (rc < 0)
1491 LOG_GCC(trans, LOGL_ERROR, "Failed to send TERMINATION towards MS.\n");
1492 return -EINVAL;
1493 }
1494 }
1495
1496 /* Handle received GCC messages (trigger state machine). */
1497 switch (msg_type) {
1498 case OSMO_GSM44068_MSGT_IMMEDIATE_SETUP:
1499 case OSMO_GSM44068_MSGT_SETUP:
1500 case OSMO_GSM44068_MSGT_IMMEDIATE_SETUP_2:
1501 LOG_GCC(trans, LOGL_INFO, "Received SETUP.\n");
1502 osmo_fsm_inst_dispatch(trans->gcc.fi, VGCS_GCC_EV_USER_SETUP, NULL);
1503 break;
1504 case OSMO_GSM44068_MSGT_STATUS:
1505 LOG_GCC(trans, LOGL_NOTICE, "Received STATUS with cause %d (%s).\n", cause,
1506 get_value_string(osmo_gsm44068_cause_names, cause));
1507 if (diag_len)
1508 LOG_GCC(trans, LOGL_NOTICE, " -> diagnostics: %s\n", osmo_hexdump(diag, diag_len));
1509 if (with_call_state)
1510 LOG_GCC(trans, LOGL_NOTICE, " -> call state %s\n",
1511 get_value_string(osmo_gsm44068_call_state_names, call_state));
1512 break;
1513 case OSMO_GSM44068_MSGT_TERMINATION_REQUEST:
1514 LOG_GCC(trans, LOGL_INFO, "Received TERMINATRION REQUEST.\n");
1515 if (callref != trans->callref) {
1516 LOG_GCC(trans, LOGL_NOTICE, "Received callref 0x%x does not match!\n", callref);
1517 break;
1518 }
1519 osmo_fsm_inst_dispatch(trans->gcc.fi, VGCS_GCC_EV_USER_TERM, NULL);
1520 break;
1521 }
1522
1523 return 0;
1524}
1525
1526static void bss_clear(struct vgcs_bss *bss, uint8_t cause, bool notify_trans);
1527
1528/* Call Control Specific transaction release.
1529 * gets called by trans_free, DO NOT CALL YOURSELF! */
1530void gsm44068_bcc_gcc_trans_free(struct gsm_trans *trans)
1531{
1532 struct vgcs_bss *bss, *bss2;
1533
1534 /* Change state. */
1535 osmo_fsm_inst_state_chg(trans->gcc.fi, VGCS_GCC_ST_N0_NULL, 0, 0);
1536
1537 /* Free FSM. */
1538 if (trans->gcc.fi)
1539 osmo_fsm_inst_term(trans->gcc.fi, OSMO_FSM_TERM_REGULAR, NULL);
1540
1541 /* Remove relations to cells.
1542 * We must loop safe, because bss_clear() will detach every call control instance from list. */
1543 llist_for_each_entry_safe(bss, bss2, &trans->gcc.bss_list, list)
1544 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_CLEAR, NULL);
1545
1546 /* Stop inactivity timer. */
1547 stop_inactivity_timer(trans);
1548}
1549
1550/* Create a new call from VTY command. */
1551const char *vgcs_vty_initiate(struct gsm_network *gsmnet, struct gcr *gcr)
1552{
1553 enum trans_type trans_type;
1554 uint32_t callref;
1555 struct gsm_trans *trans;
1556
1557 /* Get callref from stored suffix. Caller cannot choose a prefix. */
1558 trans_type = gcr->trans_type;
1559 callref = atoi(gcr->group_id);
1560
1561 /* Check if callref already exists. */
1562 trans = trans_find_by_callref(gsmnet, trans_type, callref);
1563 if (trans) {
1564 LOG_GCC(trans, LOGL_INFO, "Call to existing %s with callref %s, rejecting!\n",
1565 trans_type_name(trans_type), gsm44068_group_id_string(callref));
1566 return "Call already exists.";
1567 }
1568
1569 /* Create transaction, uplink is free. */
1570 trans = trans_alloc_vgcs(gsmnet, NULL, trans_type, 0, callref, gcr, false);
1571 if (!trans) {
1572 LOG_GCC(trans, LOGL_ERROR, "No memory for trans.\n");
1573 return "Failed to create call.";
1574 }
1575
1576 LOG_GCC(trans, LOGL_INFO, "VTY initiates call.\n");
1577 osmo_fsm_inst_dispatch(trans->gcc.fi, VGCS_GCC_EV_NET_SETUP, NULL);
1578
1579 return NULL;
1580}
1581
1582/* Destroy a call from VTY command. */
1583const char *vgcs_vty_terminate(struct gsm_network *gsmnet, struct gcr *gcr)
1584{
1585 enum trans_type trans_type;
1586 uint32_t callref;
1587 struct gsm_trans *trans;
1588
1589 /* Get callref from stored suffix. Caller cannot choose a prefix. */
1590 trans_type = gcr->trans_type;
1591 callref = atoi(gcr->group_id);
1592
1593 /* Check if callref exists. */
1594 trans = trans_find_by_callref(gsmnet, trans_type, callref);
1595 if (!trans)
1596 return "Call does not exist.";
1597
1598 LOG_GCC(trans, LOGL_INFO, "VTY terminates call.\n");
1599 osmo_fsm_inst_dispatch(trans->gcc.fi, VGCS_GCC_EV_NET_TERM, NULL);
1600
1601 return NULL;
1602}
1603
1604/*
1605 * BSS state machine - handles all BSS "call control" instances
1606 */
1607
1608static const struct value_string vgcs_bss_fsm_event_names[] = {
1609 OSMO_VALUE_STRING(VGCS_BSS_EV_SETUP),
1610 OSMO_VALUE_STRING(VGCS_BSS_EV_SETUP_ACK),
1611 OSMO_VALUE_STRING(VGCS_BSS_EV_SETUP_REFUSE),
1612 OSMO_VALUE_STRING(VGCS_BSS_EV_ACTIVE_OR_FAIL),
1613 OSMO_VALUE_STRING(VGCS_BSS_EV_UL_REQUEST),
1614 OSMO_VALUE_STRING(VGCS_BSS_EV_UL_REQUEST_CNF),
1615 OSMO_VALUE_STRING(VGCS_BSS_EV_UL_APP_DATA),
1616 OSMO_VALUE_STRING(VGCS_BSS_EV_BSS_DTAP),
1617 OSMO_VALUE_STRING(VGCS_BSS_EV_UL_RELEASE),
1618 OSMO_VALUE_STRING(VGCS_BSS_EV_CLEAR),
1619 OSMO_VALUE_STRING(VGCS_BSS_EV_CLOSE),
1620 OSMO_VALUE_STRING(VGCS_BSS_EV_RELEASED),
1621 { }
1622};
1623
1624/* Blocks or unblocks uplinks of a BSS. */
1625static int update_uplink_state(struct vgcs_bss *bss, bool uplink_busy)
1626{
1627 struct ran_msg ran_msg;
1628 int rc;
1629
1630 if (uplink_busy) {
1631 /* Send UPLINK SEIZED COMMAND to BSS. */
1632 LOG_BSS(bss, LOGL_DEBUG, "Sending (VGCS) UPLINK SEIZED COMMAND towards BSS.\n");
1633 ran_msg = (struct ran_msg){
1634 .msg_type = RAN_MSG_UPLINK_SEIZED_CMD,
1635 .uplink_seized_cmd = {
1636 .cause = GSM0808_CAUSE_CALL_CONTROL,
1637 },
1638 };
1639 } else {
1640 /* Send UPLINK RELEASE COMMAND to BSS. */
1641 LOG_BSS(bss, LOGL_DEBUG, "Sending (VGCS) UPLINK RELEASE COMMAND towards BSS.\n");
1642 ran_msg = (struct ran_msg){
1643 .msg_type = RAN_MSG_UPLINK_RELEASE_CMD,
1644 .uplink_release_cmd = {
1645 .cause = GSM0808_CAUSE_CALL_CONTROL,
1646 },
1647 };
1648 }
1649
1650 rc = ran_encode_and_send(bss->fi, &ran_msg, bss->conn, false);
1651
1652 return rc;
1653}
1654
1655/* Clear the connection towards BSS.
1656 * The instance is removed soon, so it is detached from transaction and cells. */
1657static void bss_clear(struct vgcs_bss *bss, uint8_t cause, bool notify_trans)
1658{
1659 struct ran_msg ran_msg;
1660 struct gsm_trans *trans = bss->trans;
1661 struct vgcs_bss_cell *cell, *cell2;
1662
1663 /* Must detach us from transaction. */
1664 if (bss->trans) {
1665 /* Remove pointer to talking BSS and cell. */
1666 if (bss == bss->trans->gcc.uplink_bss) {
1667 bss->trans->gcc.uplink_bss = NULL;
1668 bss->trans->gcc.uplink_cell = NULL;
1669 }
1670 llist_del(&bss->list);
1671 bss->trans = NULL;
1672 }
1673
1674 /* Change state. */
1675 osmo_fsm_inst_state_chg(bss->fi, VGCS_BSS_ST_RELEASE, 0, 0);
1676
1677 /* Send Clear Command to BSS. */
1678 ran_msg = (struct ran_msg){
1679 .msg_type = RAN_MSG_CLEAR_COMMAND,
1680 .clear_command = {
1681 .gsm0808_cause = cause,
1682 },
1683 };
1684 if (bss->conn) {
1685 LOG_BSS(bss, LOGL_DEBUG, "Sending CLEAR COMMAND for call controling channel.\n");
1686 ran_encode_and_send(bss->fi, &ran_msg, bss->conn, false);
1687 }
1688
1689 /* Trigger clear of all cells. Be safe, because the process will remove cells from list. */
1690 llist_for_each_entry_safe(cell, cell2, &bss->cell_list, list_bss)
1691 osmo_fsm_inst_dispatch(cell->fi, VGCS_CELL_EV_CLEAR, NULL);
1692
1693 /* Detach us from all BSS, if still linked */
1694 llist_for_each_entry_safe(cell, cell2, &bss->cell_list, list_bss) {
1695 llist_del(&cell->list_bss);
1696 cell->bss = NULL;
1697 }
1698
1699 /* If all BS are gone, notify calling subscriber process. */
1700 if (notify_trans && trans && llist_empty(&trans->gcc.bss_list)) {
1701 LOG_BSS(bss, LOGL_DEBUG, "Notify calling user process, that all BSSs are cleared.\n");
1702 osmo_fsm_inst_dispatch(trans->gcc.fi, VGCS_GCC_EV_BSS_RELEASED, NULL);
1703 }
1704}
1705
1706/* When finally the BSS connection is released. (CLEAR COMPLETE response)
1707 * The instance is removed, so it is detached from transaction and cells, if not already. */
1708static void bss_destroy(struct vgcs_bss *bss)
1709{
1710 struct vgcs_bss_cell *cell, *cell2;
1711
1712 LOG_BSS(bss, LOGL_DEBUG, "Removing BSS call controling instance.\n");
1713
1714 /* Must detach us from transaction, if not already. */
1715 if (bss->trans) {
1716 /* Remove pointer to talking BSS and cell. */
1717 if (bss == bss->trans->gcc.uplink_bss) {
1718 bss->trans->gcc.uplink_bss = NULL;
1719 bss->trans->gcc.uplink_cell = NULL;
1720 }
1721 llist_del(&bss->list);
1722 bss->trans = NULL;
1723 }
1724
1725 /* Detach us from RAN connection. */
1726 if (bss->conn) {
1727 if (bss->conn->vgcs.bss == bss)
1728 bss->conn->vgcs.bss = NULL;
1729 if (bss->conn->vgcs.cell == bss)
1730 bss->conn->vgcs.cell = NULL;
1731 ran_conn_close(bss->conn);
1732 bss->conn = NULL;
1733 }
1734
1735 /* Detach us from all BSS, if still linked */
1736 llist_for_each_entry_safe(cell, cell2, &bss->cell_list, list_bss) {
1737 llist_del(&cell->list_bss);
1738 cell->bss = NULL;
1739 }
1740
1741 /* Free FSM. (should be allocated) */
1742 osmo_fsm_inst_state_chg(bss->fi, VGCS_BSS_ST_NULL, 0, 0);
1743 osmo_fsm_inst_term(bss->fi, OSMO_FSM_TERM_REGULAR, NULL);
1744}
1745
1746/* Get identity of talker.
1747 * This is required to detect if the talker is the calling subscriber. */
1748static int talker_identity(struct vgcs_bss *bss, uint8_t *l3, int l3_len)
1749{
1750 struct osmo_mobile_identity mi;
1751 int rc;
1752
1753 puts(osmo_hexdump(l3, l3_len));
1754 rc = osmo_mobile_identity_decode_from_l3_buf(&mi, l3, l3_len, false);
1755 if (rc < 0) {
1756 LOG_BSS(bss, LOGL_DEBUG, "Talker's Identity cannot be decoded.\n");
1757 return rc;
1758 }
1759
1760 switch (mi.type) {
1761 case GSM_MI_TYPE_IMSI:
1762 if (!bss->trans->vsub)
1763 break;
1764 LOG_BSS(bss, LOGL_DEBUG, "Talker's sends IMSI %s, originator has IMSI %s.\n",
1765 mi.imsi, bss->trans->vsub->imsi);
1766 if (!strcmp(mi.imsi, bss->trans->vsub->imsi))
1767 return 1;
1768 break;
1769 case GSM_MI_TYPE_TMSI:
1770 if (!bss->trans->vsub)
1771 break;
1772 LOG_BSS(bss, LOGL_DEBUG, "Talker's sends TMSI 0x%08x, originator has TMSI 0x%08x.\n",
1773 mi.tmsi, bss->trans->vsub->tmsi);
1774 if (mi.tmsi == bss->trans->vsub->tmsi)
1775 return 1;
1776 break;
1777 default:
1778 LOG_BSS(bss, LOGL_DEBUG, "Talker's Identity is not IMSI nor TMSI.\n");
1779 return -EINVAL;
1780 }
1781
1782 return 0;
1783}
1784
1785static void vgcs_bss_fsm_null(struct osmo_fsm_inst *fi, uint32_t event, void *data)
1786{
1787 struct vgcs_bss *bss = fi->priv;
1788 struct ran_msg ran_msg;
1789
1790 switch (event) {
1791 case VGCS_BSS_EV_SETUP:
1792 /* Change state. */
1793 osmo_fsm_inst_state_chg(fi, VGCS_BSS_ST_SETUP, 0, 0);
1794 /* Send VGCS/VBS SETUP to BSS. */
1795 LOG_BSS(bss, LOGL_DEBUG, "Sending VGCS/VBS SETUP towards BSS.\n");
1796 ran_msg = (struct ran_msg){
1797 .msg_type = RAN_MSG_VGCS_VBS_SETUP,
1798 .vgcs_vbs_setup = {
1799 .callref = {
1800 .sf = (bss->trans->type == TRANS_GCC),
1801 },
1802 .vgcs_feature_flags_present = true,
1803 },
1804 };
1805 osmo_store32be_ext(bss->callref >> 3, &ran_msg.vgcs_vbs_setup.callref.call_ref_hi, 3);
1806 ran_msg.vgcs_vbs_setup.callref.call_ref_lo = bss->callref & 0x7;
1807 /* First message, so we must set "initial" to "true". */
1808 ran_encode_and_send(fi, &ran_msg, bss->conn, true);
1809 break;
1810 case VGCS_BSS_EV_CLEAR:
1811 /* The calling user process requested clearing of VGCS/VBS call. */
1812 LOG_BSS(bss, LOGL_DEBUG, "Received clearing from calling user process.\n");
1813 bss_clear(bss, GSM0808_CAUSE_CALL_CONTROL, false);
1814 break;
1815 default:
1816 OSMO_ASSERT(false);
1817 }
1818}
1819
1820static void vgcs_bss_fsm_setup(struct osmo_fsm_inst *fi, uint32_t event, void *data)
1821{
1822 struct vgcs_bss *bss = fi->priv;
1823 struct vgcs_bss_cell *cell, *cell2;
1824
1825 switch (event) {
1826 case VGCS_BSS_EV_SETUP_ACK:
1827 /* Receive VGCS/VBS SETUP ACK from BSS. */
1828 LOG_BSS(bss, LOGL_DEBUG, "Received VGCS/VBS SETUP ACK from BSS.\n");
1829 /* Send current uplink state to this BSS. */
1830 if (bss->trans)
1831 update_uplink_state(bss, bss->trans->gcc.uplink_busy);
1832 /* Change state. */
1833 osmo_fsm_inst_state_chg(fi, VGCS_BSS_ST_ASSIGNMENT, 0, 0);
1834 /* Trigger VGCS/VBS ASSIGNMENT */
1835 llist_for_each_entry_safe(cell, cell2, &bss->cell_list, list_bss)
1836 osmo_fsm_inst_dispatch(cell->fi, VGCS_CELL_EV_ASSIGN, NULL);
1837 /* If all failed, clear call. */
1838 if (llist_empty(&bss->cell_list)) {
1839 LOG_BSS(bss, LOGL_NOTICE, "All VGCS/VBS assignments failed.\n");
1840 bss_clear(bss, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC, true);
1841 break;
1842 }
1843 break;
1844 case VGCS_BSS_EV_SETUP_REFUSE:
1845 /* Received VGCS/VBS SETUP REFUSE from BSS. */
1846 LOG_BSS(bss, LOGL_NOTICE, "Received VGCS/VBS SETUP REFUSE from BSS.\n");
1847 bss_clear(bss, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC, true);
1848 break;
1849 case VGCS_BSS_EV_CLEAR:
1850 /* The calling user process requested clearing of VGCS/VBS call. */
1851 LOG_BSS(bss, LOGL_DEBUG, "Received clearing from calling user process.\n");
1852 bss_clear(bss, GSM0808_CAUSE_CALL_CONTROL, false);
1853 break;
1854 case VGCS_BSS_EV_CLOSE:
1855 /* The SCCP connection from the MSC has been closed. */
1856 LOG_BSS(bss, LOGL_NOTICE, "Received SCCP connecting closing from MSC.\n");
1857 if (bss->conn) {
1858 bss->conn->vgcs.bss = NULL;
1859 bss->conn = NULL;
1860 }
1861 bss_clear(bss, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC, true);
1862 break;
1863 default:
1864 OSMO_ASSERT(false);
1865 }
1866}
1867
1868static void vgcs_bss_fsm_assignment(struct osmo_fsm_inst *fi, uint32_t event, void *data)
1869{
1870 struct vgcs_bss *bss = fi->priv;
1871 struct vgcs_bss_cell *c;
1872 bool assigned;
1873
1874 switch (event) {
1875 case VGCS_BSS_EV_ACTIVE_OR_FAIL:
1876 /* If all gone, clear call. */
1877 if (llist_empty(&bss->cell_list)) {
1878 LOG_BSS(bss, LOGL_NOTICE, "All VGCS/VBS assignments failed.\n");
1879 bss_clear(bss, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC, true);
1880 break;
1881 }
1882 /* Is there a response for all cells?
1883 * This means that all the channels have a positive response
1884 * There is no channel with negative response, because a
1885 * negative response will remove the channel. */
1886 assigned = true;
1887 llist_for_each_entry(c, &bss->cell_list, list_bss) {
1888 if (!c->assigned)
1889 assigned = false;
1890 }
1891 if (!assigned)
1892 break;
1893 LOG_BSS(bss, LOGL_DEBUG, "All VGCS/VBS assignments have responded.\n");
1894 /* Change state. */
1895 osmo_fsm_inst_state_chg(fi, VGCS_BSS_ST_ACTIVE, 0, 0);
1896 /* Notify calling subscriber process. */
1897 LOG_BSS(bss, LOGL_DEBUG, "Notify calling user process, that all BSSs are connected.\n");
1898 if (bss->trans)
1899 osmo_fsm_inst_dispatch(bss->trans->gcc.fi, VGCS_GCC_EV_BSS_ESTABLISHED, NULL);
1900 break;
1901 case VGCS_BSS_EV_CLEAR:
1902 /* The calling user process requested clearing of VGCS/VBS call. */
1903 LOG_BSS(bss, LOGL_DEBUG, "Received clearing from calling user process.\n");
1904 bss_clear(bss, GSM0808_CAUSE_CALL_CONTROL, false);
1905 break;
1906 case VGCS_BSS_EV_CLOSE:
1907 /* The SCCP connection from the MSC has been closed. */
1908 LOG_BSS(bss, LOGL_NOTICE, "Received SCCP connecting closing from MSC.\n");
1909 if (bss->conn) {
1910 bss->conn->vgcs.bss = NULL;
1911 bss->conn = NULL;
1912 }
1913 bss_clear(bss, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC, true);
1914 break;
1915 default:
1916 OSMO_ASSERT(false);
1917 }
1918}
1919
1920static void vgcs_bss_fsm_active(struct osmo_fsm_inst *fi, uint32_t event, void *data)
1921{
1922 struct vgcs_bss *bss = fi->priv, *other;
1923 struct ran_msg *rx_ran_msg = data;
1924 struct ran_msg tx_ran_msg;
1925 int rc;
1926
1927 switch (event) {
1928 case VGCS_BSS_EV_UL_REQUEST:
1929 LOG_BSS(bss, LOGL_DEBUG, "Listener changed to talker.\n");
1930 if (!bss->trans)
1931 break;
1932 /* Someone is talking. Check if there is no other uplink already busy.
1933 * This should not happen, since all other cells are blocked (SEIZED) as soon as the uplink was
1934 * requested. This may happen due to a race condition, where the uplink was requested before the
1935 * UPLINK SEIZED COMMAND has been received by BSS. */
1936 if (bss->trans->gcc.uplink_busy) {
1937 /* Send UPLINK REJECT COMMAND to BSS. */
1938 LOG_BSS(bss, LOGL_DEBUG, "Sending (VGCS) UPLINK REJECT COMMAND towards BSS.\n");
1939 tx_ran_msg = (struct ran_msg){
1940 .msg_type = RAN_MSG_UPLINK_REJECT_CMD,
1941 .uplink_reject_cmd = {
1942 .cause = GSM0808_CAUSE_CALL_CONTROL,
1943 },
1944 };
1945 ran_encode_and_send(fi, &tx_ran_msg, bss->conn, false);
1946 break;
1947 }
1948 /* Send UPLINK REQUEST ACKNOWLEDGE to BSS. */
1949 LOG_BSS(bss, LOGL_DEBUG, "Sending (VGCS) UPLINK REQUEST ACKNOWLEDGE towards BSS.\n");
1950 tx_ran_msg = (struct ran_msg){
1951 .msg_type = RAN_MSG_UPLINK_REQUEST_ACK,
1952 };
1953 ran_encode_and_send(fi, &tx_ran_msg, bss->conn, false);
1954 /* Set the busy flag and block all other cells. */
1955 bss->trans->gcc.uplink_bss = bss;
1956 bss->trans->gcc.uplink_busy = true;
1957 bss->trans->gcc.uplink_originator = false;
1958 llist_for_each_entry(other, &bss->trans->gcc.bss_list, list) {
1959 if (other == bss)
1960 continue;
1961 /* Update uplink state. */
1962 update_uplink_state(bss, bss->trans->gcc.uplink_busy);
1963 }
1964 /* Stop inactivity timer. */
1965 stop_inactivity_timer(bss->trans);
1966 break;
1967 case VGCS_BSS_EV_UL_REQUEST_CNF:
1968 LOG_BSS(bss, LOGL_DEBUG, "Talker established uplink.\n");
1969 if (!bss->trans)
1970 break;
1971 if (!bss->trans->gcc.uplink_busy || bss->trans->gcc.uplink_bss != bss) {
1972 LOG_BSS(bss, LOGL_ERROR, "Got UL REQUEST CNF, but we did not granted uplink.\n");
1973 break;
1974 }
1975 /* Determine if talker is the originator of the call. */
1976 rc = talker_identity(bss, rx_ran_msg->uplink_request_cnf.l3.l3,
1977 rx_ran_msg->uplink_request_cnf.l3.l3_len);
1978 if (rc > 0) {
1979 bss->trans->gcc.uplink_originator = true;
1980 LOG_BSS(bss, LOGL_DEBUG, "Talker is the originator of the call.\n");
1981 }
1982 /* Set parameter. */
1983 set_parameter(bss->trans);
1984 /* Set cell of current talker. */
1985 set_uplink_cell(bss, &rx_ran_msg->uplink_request_cnf.cell_identifier, 0);
1986 /* Set MGW conference. */
1987 set_mgw_conference(bss->trans);
1988 break;
1989 case VGCS_BSS_EV_UL_APP_DATA:
1990 LOG_BSS(bss, LOGL_DEBUG, "Talker sends application data on uplink.\n");
1991 if (!bss->trans)
1992 break;
1993 if (!bss->trans->gcc.uplink_busy || bss->trans->gcc.uplink_bss != bss) {
1994 LOG_BSS(bss, LOGL_ERROR, "Got UP APP DATA, but we did not granted uplink.\n");
1995 break;
1996 }
1997 // FIXME: Use L3 info and feed to app.
1998 break;
1999 case VGCS_BSS_EV_BSS_DTAP:
2000 LOG_BSS(bss, LOGL_DEBUG, "Talker sends DTAP message.\n");
2001 if (!bss->trans)
2002 break;
2003 if (!bss->trans->gcc.uplink_busy || bss->trans->gcc.uplink_bss != bss) {
2004 LOG_BSS(bss, LOGL_ERROR, "Got DTAP from BSS, but we did not granted uplink.\n");
2005 break;
2006 }
2007 gsm44068_rcv_bcc_gcc(NULL, bss->trans, rx_ran_msg->dtap);
2008 break;
2009 case VGCS_BSS_EV_UL_RELEASE:
2010 LOG_BSS(bss, LOGL_DEBUG, "Talker released uplink.\n");
2011 if (!bss->trans)
2012 break;
2013 if (bss->trans->type == TRANS_BCC) {
2014 LOG_BSS(bss, LOGL_DEBUG, "This is a broadcast call, terminating call.\n");
2015 gcc_terminate_and_destroy(bss->trans, OSMO_GSM44068_CAUSE_NORMAL_CALL_CLEARING);
2016 break;
2017 }
2018 if (!bss->trans->gcc.uplink_busy) {
2019 LOG_BSS(bss, LOGL_NOTICE, "Got uplink release, but no uplink busy.\n");
2020 break;
2021 }
2022 /* Talker release the uplink. Ignore, if not from the current talking cell. */
2023 if (bss->trans->gcc.uplink_bss != bss) {
2024 LOG_BSS(bss, LOGL_NOTICE, "Got uplink release, but uplink busy in other cell.\n");
2025 break;
2026 }
2027 /* Clear the busy flag and unblock all other cells. */
2028 bss->trans->gcc.uplink_bss = NULL;
2029 bss->trans->gcc.uplink_cell = NULL;
2030 bss->trans->gcc.uplink_busy = false;
2031 llist_for_each_entry(other, &bss->trans->gcc.bss_list, list) {
2032 if (other == bss)
2033 continue;
2034 /* Update uplink state. */
2035 if (bss->trans)
2036 update_uplink_state(bss, bss->trans->gcc.uplink_busy);
2037 }
2038 /* Set MGW conference. */
2039 set_mgw_conference(bss->trans);
2040 /* Start inactivity timer. */
2041 start_inactivity_timer(bss->trans);
2042 break;
2043 case VGCS_BSS_EV_CLEAR:
2044 /* The calling user process requested clearing of VGCS/VBS call. */
2045 LOG_BSS(bss, LOGL_DEBUG, "Received clearing from calling user process.\n");
2046 bss_clear(bss, GSM0808_CAUSE_CALL_CONTROL, false);
2047 break;
2048 case VGCS_BSS_EV_CLOSE:
2049 /* The SCCP connection from the MSC has been closed. */
2050 LOG_BSS(bss, LOGL_NOTICE, "Received SCCP connecting closing from MSC.\n");
2051 if (bss->conn) {
2052 bss->conn->vgcs.bss = NULL;
2053 bss->conn = NULL;
2054 }
2055 bss_clear(bss, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC, true);
2056 break;
2057 default:
2058 OSMO_ASSERT(false);
2059 }
2060}
2061
2062static void vgcs_bss_fsm_release(struct osmo_fsm_inst *fi, uint32_t event, void *data)
2063{
2064 struct vgcs_bss *bss = fi->priv;
2065
2066 switch (event) {
2067 case VGCS_BSS_EV_CLOSE:
2068 /* The SCCP connection from the MSC has been closed while waitring fro CLEAR COMPLETE. */
2069 LOG_BSS(bss, LOGL_NOTICE, "Received SCCP closing collision.\n");
2070 bss_destroy(bss);
2071 break;
2072 case VGCS_BSS_EV_RELEASED:
2073 LOG_BSS(bss, LOGL_DEBUG, "Received CLEAR COMPLETE from BSS, we are done!\n");
2074 bss_destroy(bss);
2075 break;
2076 default:
2077 OSMO_ASSERT(false);
2078 }
2079}
2080
2081static const struct osmo_fsm_state vgcs_bss_fsm_states[] = {
2082 [VGCS_BSS_ST_NULL] = {
2083 .name = "NULL",
2084 .in_event_mask = S(VGCS_BSS_EV_SETUP) |
2085 S(VGCS_BSS_EV_CLEAR),
2086 .out_state_mask = S(VGCS_BSS_ST_SETUP),
2087 .action = vgcs_bss_fsm_null,
2088 },
2089 [VGCS_BSS_ST_SETUP] = {
2090 .name = "SETUP sent",
2091 .in_event_mask = S(VGCS_BSS_EV_SETUP_ACK) |
2092 S(VGCS_BSS_EV_SETUP_REFUSE) |
2093 S(VGCS_BSS_EV_CLEAR) |
2094 S(VGCS_BSS_EV_CLOSE),
2095 .out_state_mask = S(VGCS_BSS_ST_ASSIGNMENT) |
2096 S(VGCS_BSS_ST_RELEASE),
2097 .action = vgcs_bss_fsm_setup,
2098 },
2099 [VGCS_BSS_ST_ASSIGNMENT] = {
2100 .name = "ASSIGNMENT Sent",
2101 .in_event_mask = S(VGCS_BSS_EV_ACTIVE_OR_FAIL) |
2102 S(VGCS_BSS_EV_CLEAR) |
2103 S(VGCS_BSS_EV_CLOSE),
2104 .out_state_mask = S(VGCS_BSS_ST_ACTIVE) |
2105 S(VGCS_BSS_ST_RELEASE),
2106 .action = vgcs_bss_fsm_assignment,
2107 },
2108 [VGCS_BSS_ST_ACTIVE] = {
2109 .name = "VGCS/VBS Active",
2110 .in_event_mask = S(VGCS_BSS_EV_UL_REQUEST) |
2111 S(VGCS_BSS_EV_UL_REQUEST_CNF) |
2112 S(VGCS_BSS_EV_UL_APP_DATA) |
2113 S(VGCS_BSS_EV_BSS_DTAP) |
2114 S(VGCS_BSS_EV_UL_RELEASE) |
2115 S(VGCS_BSS_EV_CLEAR) |
2116 S(VGCS_BSS_EV_CLOSE),
2117 .out_state_mask = S(VGCS_BSS_ST_RELEASE),
2118 .action = vgcs_bss_fsm_active,
2119 },
2120 [VGCS_BSS_ST_RELEASE] = {
2121 .name = "Releasing VGCS/VBS control",
2122 .in_event_mask = S(VGCS_BSS_EV_CLEAR) |
2123 S(VGCS_BSS_EV_RELEASED),
2124 .out_state_mask = S(VGCS_BSS_ST_NULL),
2125 .action = vgcs_bss_fsm_release,
2126 },
2127};
2128
2129static struct osmo_fsm vgcs_bss_fsm = {
2130 .name = "vgcs_bss",
2131 .states = vgcs_bss_fsm_states,
2132 .num_states = ARRAY_SIZE(vgcs_bss_fsm_states),
2133 .log_subsys = DASCI,
2134 .event_names = vgcs_bss_fsm_event_names,
2135};
2136
2137/* The BSS accepts VGCS/VBS and sends us supported features. */
2138void vgcs_vbs_setup_ack(struct vgcs_bss *bss, const struct ran_msg *ran_msg)
2139{
2140 if (!bss->trans)
2141 return;
2142 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_SETUP_ACK, (void *)ran_msg);
2143}
2144
2145/* The BSS refuses VGCS/VBS. */
2146void vgcs_vbs_setup_refuse(struct vgcs_bss *bss, const struct ran_msg *ran_msg)
2147{
2148 if (!bss->trans)
2149 return;
2150 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_SETUP_REFUSE, (void *)ran_msg);
2151}
2152
2153/* The BSS needs more time for VGCS/VBS channel assignment. */
2154void vgcs_vbs_queuing_ind(struct vgcs_bss_cell *cell)
2155{
2156 if (!cell->bss)
2157 return;
2158}
2159
2160/* A mobile station requests the uplink on a VGCS channel. */
2161void vgcs_uplink_request(struct vgcs_bss *bss, const struct ran_msg *ran_msg)
2162{
2163 if (!bss->trans)
2164 return;
2165 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_UL_REQUEST, (void *)ran_msg);
2166}
2167
2168/* The uplink on a VGCS channel has been established. */
2169void vgcs_uplink_request_cnf(struct vgcs_bss *bss, const struct ran_msg *ran_msg)
2170{
2171 if (!bss->trans)
2172 return;
2173 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_UL_REQUEST_CNF, (void *)ran_msg);
2174}
2175
2176/* Application data received on the uplink of a VGCS channel. */
2177void vgcs_app_data(struct vgcs_bss *bss, const struct ran_msg *ran_msg)
2178{
2179 if (!bss->trans)
2180 return;
2181 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_UL_APP_DATA, (void *)ran_msg);
2182}
2183
2184/* Application data received on the uplink of a VGCS channel. */
2185void vgcs_bss_dtap(struct vgcs_bss *bss, const struct ran_msg *ran_msg)
2186{
2187 if (!bss->trans)
2188 return;
2189 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_BSS_DTAP, (void *)ran_msg);
2190}
2191
2192/* A mobile station releases the uplink on a VGCS channel. */
2193void vgcs_uplink_release_ind(struct vgcs_bss *bss, const struct ran_msg *ran_msg)
2194{
2195 if (!bss->trans)
2196 return;
2197 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_UL_RELEASE, (void *)ran_msg);
2198}
2199
2200/* The BSS gives cell status about VGCS/VBS channel. */
2201void vgcs_vbs_assign_status(struct vgcs_bss_cell *cell, const struct ran_msg *ran_msg)
2202{
2203 if (!cell->bss)
2204 return;
2205}
2206
2207void vgcs_vbs_caller_assign_cpl(struct gsm_trans *trans)
2208{
2209 osmo_fsm_inst_dispatch(trans->gcc.fi, VGCS_GCC_EV_BSS_ASSIGN_CPL, NULL);
2210}
2211
2212void vgcs_vbs_caller_assign_fail(struct gsm_trans *trans)
2213{
2214 osmo_fsm_inst_dispatch(trans->gcc.fi, VGCS_GCC_EV_BSS_ASSIGN_FAIL, NULL);
2215}
2216
2217/* BSS indicated that the channel has been released. */
2218void vgcs_vbs_clear_req(struct vgcs_bss *bss, const struct ran_msg *ran_msg)
2219{
2220 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_CLOSE, (void *)ran_msg);
2221}
2222
2223/* BSS indicated that the channel has been released. */
2224void vgcs_vbs_clear_cpl(struct vgcs_bss *bss, const struct ran_msg *ran_msg)
2225{
2226 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_RELEASED, (void *)ran_msg);
2227}
2228
2229/*
2230 * Cell resource state machine - handles all "resource control" instances
2231 */
2232
2233static const struct value_string vgcs_cell_fsm_event_names[] = {
2234 OSMO_VALUE_STRING(VGCS_CELL_EV_RTP_STREAM_GONE),
2235 OSMO_VALUE_STRING(VGCS_CELL_EV_RTP_STREAM_ADDR_AVAILABLE),
2236 OSMO_VALUE_STRING(VGCS_CELL_EV_RTP_STREAM_ESTABLISHED),
2237 OSMO_VALUE_STRING(VGCS_CELL_EV_ASSIGN),
2238 OSMO_VALUE_STRING(VGCS_CELL_EV_ASSIGN_RES),
2239 OSMO_VALUE_STRING(VGCS_CELL_EV_ASSIGN_FAIL),
2240 OSMO_VALUE_STRING(VGCS_CELL_EV_CLEAR),
2241 OSMO_VALUE_STRING(VGCS_CELL_EV_CLOSE),
2242 OSMO_VALUE_STRING(VGCS_CELL_EV_RELEASED),
2243 { }
2244};
2245
2246static void cell_destroy(struct vgcs_bss_cell *cell);
2247
2248/* Clear the connection towards BSS.
2249 * Relations to the BSS and transaction is removed. */
2250static void cell_clear(struct vgcs_bss_cell *cell, uint8_t cause)
2251{
2252 struct ran_msg ran_msg;
2253
2254 /* Must detach us from BSS. */
2255 if (cell->bss) {
2256 /* Remove pointer to talking channel. */
2257 if (cell->bss->trans && cell->bss->trans->gcc.uplink_cell == cell)
2258 cell->bss->trans->gcc.uplink_cell = NULL;
2259 llist_del(&cell->list_bss);
2260 cell->bss = NULL;
2261 }
2262
2263 /* Change state. */
2264 if (cell->fi->state != VGCS_CELL_ST_RELEASE)
2265 osmo_fsm_inst_state_chg(cell->fi, VGCS_CELL_ST_RELEASE, 0, 0);
2266
2267 /* If there is no event to wait for, we can just destroy. */
2268 if (!cell->conn && !cell->rtps) {
2269 cell_destroy(cell);
2270 return;
2271 }
2272
2273 /* Send Clear Command to BSS. */
2274 if (cell->conn) {
2275 ran_msg = (struct ran_msg){
2276 .msg_type = RAN_MSG_CLEAR_COMMAND,
2277 .clear_command = {
2278 .gsm0808_cause = cause,
2279 },
2280 };
2281 LOG_CELL(cell, LOGL_DEBUG, "Sending CLEAR COMMAND for call controling channel.\n");
2282 ran_encode_and_send(cell->fi, &ran_msg, cell->conn, false);
2283 }
2284
2285 /* Clear RTP stream. This may trigger VGCS_CELL_EV_RTP_STREAM_GONE within this release function. */
2286 if (cell->rtps)
2287 rtp_stream_release(cell->rtps);
2288}
2289
2290/* When finally the BSS connection is released. (CLEAR COMPLETE response)
2291 * Relations to the BSS and transaction is removed, if not already. */
2292static void cell_destroy(struct vgcs_bss_cell *cell)
2293{
2294 struct vgcs_mgw_ep *mgw;
2295
2296 /* close RAN conn */
2297 if (cell->conn) {
2298 cell->conn->vgcs.cell = NULL;
2299 ran_conn_close(cell->conn);
2300 cell->conn = NULL;
2301 }
2302
2303 /* Detach from BSS now. Check, to prevent race condition. */
2304 if (cell->bss) {
2305 /* Remove pointer to talking channel. */
2306 if (cell->bss->trans && cell->bss->trans->gcc.uplink_cell == cell)
2307 cell->bss->trans->gcc.uplink_cell = NULL;
2308 llist_del(&cell->list_bss);
2309 cell->bss = NULL;
2310 }
2311
2312 /* Detach from MGW now. Check, to prevent race condition. */
2313 if (cell->mgw) {
2314 mgw = cell->mgw;
2315 llist_del(&cell->list_mgw);
2316 cell->mgw = NULL;
2317 /* Destroy MGW endpoint, if list is empty. */
2318 if (llist_empty(&mgw->cell_list))
2319 osmo_fsm_inst_dispatch(mgw->fi, VGCS_MGW_EP_EV_CLEAR, NULL);
2320 }
2321
2322 LOG_CELL(cell, LOGL_DEBUG, "Detroy connection to cell.\n");
2323
2324 /* Free FSM. (should be allocated) */
2325 osmo_fsm_inst_state_chg(cell->fi, VGCS_CELL_ST_NULL, 0, 0);
2326 osmo_fsm_inst_term(cell->fi, OSMO_FSM_TERM_REGULAR, NULL);
2327}
2328
2329static void vgcs_cell_fsm_null(struct osmo_fsm_inst *fi, uint32_t event, void *data)
2330{
2331 struct vgcs_bss_cell *cell = fi->priv;
2332 const struct codec_mapping *cm;
2333 int rc;
2334
2335 switch (event) {
2336 case VGCS_CELL_EV_ASSIGN:
2337 LOG_CELL(cell, LOGL_DEBUG, "Received assignment from BSS controling process.\n");
2338 /* Allocate rtps stream. */
2339 cell->rtps = rtp_stream_alloc(cell->fi, VGCS_CELL_EV_RTP_STREAM_GONE,
2340 VGCS_CELL_EV_RTP_STREAM_ADDR_AVAILABLE,
2341 VGCS_CELL_EV_RTP_STREAM_ESTABLISHED, RTP_TO_RAN, cell->call_id,
2342 NULL);
2343 if (!cell->rtps) {
2344 LOG_CELL(cell, LOGL_DEBUG, "Failed to allocate RTP stream, cannot continue.\n");
2345 cell_destroy(cell);
2346 break;
2347 }
2348 /* Hard coded codec: GSM V1 */
2349 cm = codec_mapping_by_gsm0808_speech_codec_type(GSM0808_SCT_FR1);
2350 rtp_stream_set_one_codec(cell->rtps, &cm->sdp);
2351 /* Set initial mode. */
2352 rtp_stream_set_mode(cell->rtps, MGCP_CONN_RECV_ONLY);
2353 /* Commit RTP stream. */
Andreas Eversbergd6377602023-07-19 09:46:18 +0200[diff] [blame^]2354 if (!cell->bss || !cell->bss->trans) {
2355 LOG_CELL(cell, LOGL_DEBUG, "No BSS/transaction, cannot continue.\n");
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]2356 cell_clear(cell, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC);
2357 break;
2358 }
Andreas Eversbergd6377602023-07-19 09:46:18 +0200[diff] [blame^]2359 if (!cell->mgw || !cell->mgw->mgw_ep) {
Andreas Eversberge24636c2023-04-23 12:20:55 +0200[diff] [blame]2360 LOG_CELL(cell, LOGL_DEBUG, "No MGW endpoint, cannot continue.\n");
2361 cell_clear(cell, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC);
2362 break;
2363 }
2364 rc = rtp_stream_ensure_ci(cell->rtps, cell->mgw->mgw_ep);
2365 if (rc < 0) {
2366 LOG_CELL(cell, LOGL_DEBUG, "Failed to trigger RTP stream CI.\n");
2367 cell_clear(cell, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC);
2368 break;
2369 }
2370 /* Change state. */
2371 osmo_fsm_inst_state_chg(fi, VGCS_CELL_ST_ASSIGNMENT, 0, 0);
2372 break;
2373 case VGCS_CELL_EV_CLEAR:
2374 /* The calling user process requested clearing of VGCS/VBS call. */
2375 LOG_CELL(cell, LOGL_DEBUG, "Received clearing from BSS controling process.\n");
2376 cell_clear(cell, GSM0808_CAUSE_CALL_CONTROL);
2377 break;
2378 default:
2379 OSMO_ASSERT(false);
2380 }
2381}
2382
2383static void vgcs_cell_fsm_assignment(struct osmo_fsm_inst *fi, uint32_t event, void *data)
2384{
2385 struct vgcs_bss_cell *cell = fi->priv;
2386 struct ran_msg *rx_ran_msg = data;
2387 struct ran_msg tx_ran_msg;
2388 struct osmo_sockaddr_str ss;
2389 const struct codec_mapping *cm;
2390 struct vgcs_bss *bss;
2391 int rc;
2392
2393 switch (event) {
2394 case VGCS_CELL_EV_RTP_STREAM_GONE:
2395 /* The RTP stream failed. */
2396 LOG_CELL(cell, LOGL_ERROR, "RTP stream of MGW failed.\n");
2397 cell->rtps = NULL;
2398 goto channel_fail;
2399 break;
2400 case VGCS_CELL_EV_RTP_STREAM_ADDR_AVAILABLE:
2401 /* The RTP stream sends its peer. */
2402 if (!osmo_sockaddr_str_is_nonzero(&cell->rtps->local)) {
2403 LOG_CELL(cell, LOGL_ERROR, "Invalid RTP address received from MGW: " OSMO_SOCKADDR_STR_FMT "\n",
2404 OSMO_SOCKADDR_STR_FMT_ARGS(&cell->rtps->local));
2405 goto channel_fail;
2406 }
2407 LOG_CELL(cell, LOGL_DEBUG,
2408 "MGW endpoint's RTP address available for the CI %s: " OSMO_SOCKADDR_STR_FMT " (osmux=%s:%d)\n",
2409 rtp_direction_name(cell->rtps->dir), OSMO_SOCKADDR_STR_FMT_ARGS(&cell->rtps->local),
2410 cell->rtps->use_osmux ? "yes" : "no", cell->rtps->local_osmux_cid);
2411 /* Send VGCS/VBS ASSIGNMENT REQUEST to BSS */
2412 LOG_CELL(cell, LOGL_DEBUG, "Sending VGCS/VBS ASSIGNMENT REQUEST towards BSS.\n");
2413 tx_ran_msg = (struct ran_msg) {
2414 .msg_type = RAN_MSG_VGCS_VBS_ASSIGN_REQ,
2415 .vgcs_vbs_assign_req = {
2416 /* For now we support GSM/FR V1 only. This shall be supported by all MS. */
2417 .channel_type = {
2418 .ch_indctr = GSM0808_CHAN_SPEECH,
2419 .ch_rate_type = GSM0808_SPEECH_FULL_BM,
2420 .perm_spch_len = 1,
2421 .perm_spch[0] = GSM0808_PERM_FR1,
2422 },
2423 /* For now we want a channel without any delay. */
2424 .ass_req = GSM0808_ASRQ_IMMEDIATE,
2425 .callref = {
2426 .sf = (cell->trans_type == TRANS_GCC),
2427 },
2428 /* We need to identify the cell only. */
2429 .cell_identifier = {
2430 .id_discr = CELL_IDENT_CI,
2431 .id.ci = cell->cell_id,
2432 },
2433 .aoip_transport_layer_present = true,
2434 .call_id_present = true,
2435 .call_id = cell->call_id,
2436 .codec_list_present = true,
2437 .codec_list_msc_preferred = {
2438 .len = 1,
2439 .codec[0] = {
2440 .fi = 1,
2441 .type = GSM0808_SCT_FR1,
2442 .cfg = 0,
2443 },
2444 },
2445 },
2446 };
2447 osmo_store32be_ext(cell->callref >> 3, &tx_ran_msg.vgcs_vbs_assign_req.callref.call_ref_hi, 3);
2448 tx_ran_msg.vgcs_vbs_assign_req.callref.call_ref_lo = cell->callref & 0x7;
2449 osmo_sockaddr_str_to_sockaddr(&cell->rtps->local, &tx_ran_msg.vgcs_vbs_assign_req.aoip_transport_layer);
2450 /* First message, so we must set "initial" to "true". */
2451 ran_encode_and_send(fi, &tx_ran_msg, cell->conn, true);
2452 break;
2453 case VGCS_CELL_EV_RTP_STREAM_ESTABLISHED:
2454 /* The RTP stream established. */
2455 LOG_CELL(cell, LOGL_DEBUG, "RTP stream is established.\n");
2456 break;
2457 case VGCS_CELL_EV_ASSIGN_RES:
2458 /* Receive VGCS/VBS ASSIGNMENT RESULT from BSS. */
2459 LOG_CELL(cell, LOGL_DEBUG, "Received VGCS/VBS ASSIGNMENT RESULT from BSS.\n");
2460 cell->assigned = true;
2461 if (!rx_ran_msg->vgcs_vbs_assign_res.aoip_transport_layer_present
2462 && !rx_ran_msg->vgcs_vbs_assign_res.codec_present
2463 && !rx_ran_msg->vgcs_vbs_assign_res.call_id_present) {
2464 LOG_CELL(cell, LOGL_ERROR, "Mandatory IEs missing.\n");
2465 goto channel_fail;
2466 }
2467 /* Send remote peer to RTP stream. */
2468 if (osmo_sockaddr_str_from_sockaddr(&ss, &rx_ran_msg->vgcs_vbs_assign_res.aoip_transport_layer)) {
2469 LOG_CELL(cell, LOGL_ERROR, "Cannot RTP-CONNECT, invalid RTP IP:port in incoming MNCC "
2470 "message\n");
2471 goto channel_fail;
2472 }
2473 rtp_stream_set_remote_addr(cell->rtps, &ss);
2474 /* Send remote codec to RTP stream. */
2475 cm = codec_mapping_by_gsm0808_speech_codec_type(rx_ran_msg->vgcs_vbs_assign_res.codec_msc_chosen.type);
2476 if (!cm) {
2477 LOG_CELL(cell, LOGL_ERROR, "Chosen codec by BSC is not supported by MSC.\n");
2478 goto channel_fail;
2479 }
2480 rtp_stream_set_one_codec(cell->rtps, &cm->sdp);
2481 /* Set listening mode. */
2482 rtp_stream_set_mode(cell->rtps, MGCP_CONN_SEND_ONLY);
2483 /* Commit RTP stream. */
2484 rc = rtp_stream_commit(cell->rtps);
2485 if (rc < 0) {
2486 LOG_CELL(cell, LOGL_ERROR, "Failed to commit parameters to RTP stream.\n");
2487 goto channel_fail;
2488 }
2489 /* Change state. */
2490 osmo_fsm_inst_state_chg(fi, VGCS_CELL_ST_ACTIVE, 0, 0);
2491 /* Notify BSS FSM about channel activation. */
2492 if (cell->bss)
2493 osmo_fsm_inst_dispatch(cell->bss->fi, VGCS_BSS_EV_ACTIVE_OR_FAIL, NULL);
2494 break;
2495 case VGCS_CELL_EV_ASSIGN_FAIL:
2496 /* Received VGCS/VBS ASSIGNMENT FAILURE from BSS. */
2497 LOG_CELL(cell, LOGL_NOTICE, "Received VGCS/VBS ASSIGNMENT FAILURE from BSS.\n");
2498channel_fail:
2499 bss = cell->bss;
2500 /* Remove cell. */
2501 tx_ran_msg = (struct ran_msg){
2502 .msg_type = RAN_MSG_CLEAR_COMMAND,
2503 .clear_command = {
2504 .gsm0808_cause = GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC,
2505 },
2506 };
2507 ran_encode_and_send(bss->fi, &tx_ran_msg, cell->conn, false);
2508 cell_clear(cell, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC);
2509 /* Notify BSS FSM about channel failure. */
2510 if (bss)
2511 osmo_fsm_inst_dispatch(bss->fi, VGCS_BSS_EV_ACTIVE_OR_FAIL, NULL);
2512 break;
2513 case VGCS_CELL_EV_CLEAR:
2514 /* The calling user process requested clearing of VGCS/VBS call. */
2515 LOG_CELL(cell, LOGL_DEBUG, "Received clearing from BSS controling process.\n");
2516 cell_clear(cell, GSM0808_CAUSE_CALL_CONTROL);
2517 break;
2518 case VGCS_CELL_EV_CLOSE:
2519 /* The SCCP connection from the MSC has been closed. */
2520 LOG_CELL(cell, LOGL_NOTICE, "Received SCCP connecting closing from MSC.\n");
2521 if (cell->conn) {
2522 cell->conn->vgcs.bss = NULL;
2523 cell->conn = NULL;
2524 }
2525 cell_clear(cell, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC);
2526 break;
2527 default:
2528 OSMO_ASSERT(false);
2529 }
2530}
2531
2532static void vgcs_cell_fsm_active(struct osmo_fsm_inst *fi, uint32_t event, void *data)
2533{
2534 struct vgcs_bss_cell *cell = fi->priv;
2535
2536 switch (event) {
2537 case VGCS_CELL_EV_RTP_STREAM_GONE:
2538 /* The RTP stream failed. */
2539 LOG_CELL(cell, LOGL_ERROR, "RTP stream of MGW failed.\n");
2540 cell->rtps = NULL;
2541 cell_clear(cell, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC);
2542 break;
2543 case VGCS_CELL_EV_RTP_STREAM_ESTABLISHED:
2544 /* The RTP stream established. */
2545 LOG_CELL(cell, LOGL_DEBUG, "RTP stream is established.\n");
2546 break;
2547 case VGCS_CELL_EV_CLEAR:
2548 /* The calling user process requested clearing of VGCS/VBS call. */
2549 LOG_CELL(cell, LOGL_DEBUG, "Received clearing from BSS controling process.\n");
2550 cell_clear(cell, GSM0808_CAUSE_CALL_CONTROL);
2551 break;
2552 case VGCS_CELL_EV_CLOSE:
2553 /* The SCCP connection from the MSC has been closed. */
2554 LOG_CELL(cell, LOGL_NOTICE, "Received SCCP connecting closing from MSC.\n");
2555 if (cell->conn) {
2556 cell->conn->vgcs.bss = NULL;
2557 cell->conn = NULL;
2558 }
2559 cell_clear(cell, GSM0808_CAUSE_PROTOCOL_ERROR_BETWEEN_BSS_AND_MSC);
2560 break;
2561 default:
2562 OSMO_ASSERT(false);
2563 }
2564}
2565
2566static void vgcs_cell_fsm_release(struct osmo_fsm_inst *fi, uint32_t event, void *data)
2567{
2568 struct vgcs_bss_cell *cell = fi->priv;
2569
2570 switch (event) {
2571 case VGCS_CELL_EV_RTP_STREAM_GONE:
2572 /* The RTP stream gone. */
2573 LOG_CELL(cell, LOGL_ERROR, "RTP stream gone.\n");
2574 cell->rtps = NULL;
2575 /* Wait for RAN conn. */
2576 if (cell->conn)
2577 break;
2578 cell_destroy(cell);
2579 break;
2580 case VGCS_CELL_EV_CLEAR:
2581 case VGCS_CELL_EV_RELEASED:
2582 if (event == VGCS_CELL_EV_CLEAR) {
2583 /* The SCCP connection from the MSC has been closed while waiting for CLEAR COMPLETE. */
2584 LOG_CELL(cell, LOGL_NOTICE, "Received SCCP closing collision.\n");
2585 } else
2586 LOG_CELL(cell, LOGL_DEBUG, "Received CLEAR COMPLETE from BSS, we are done!\n");
2587 /* Wait for RTP stream. */
2588 if (cell->rtps) {
2589 /* close RAN conn */
2590 if (cell->conn) {
2591 cell->conn->vgcs.cell = NULL;
2592 ran_conn_close(cell->conn);
2593 cell->conn = NULL;
2594 }
2595 break;
2596 }
2597 cell_destroy(cell);
2598 break;
2599 default:
2600 OSMO_ASSERT(false);
2601 }
2602}
2603
2604static const struct osmo_fsm_state vgcs_cell_fsm_states[] = {
2605 [VGCS_CELL_ST_NULL] = {
2606 .name = "NULL",
2607 .in_event_mask = S(VGCS_CELL_EV_ASSIGN) |
2608 S(VGCS_CELL_EV_CLEAR),
2609 .out_state_mask = S(VGCS_CELL_ST_ASSIGNMENT),
2610 .action = vgcs_cell_fsm_null,
2611 },
2612 [VGCS_CELL_ST_ASSIGNMENT] = {
2613 .name = "ASSIGNMENT Sent",
2614 .in_event_mask = S(VGCS_CELL_EV_RTP_STREAM_GONE) |
2615 S(VGCS_CELL_EV_RTP_STREAM_ADDR_AVAILABLE) |
2616 S(VGCS_CELL_EV_RTP_STREAM_ESTABLISHED) |
2617 S(VGCS_CELL_EV_ASSIGN_RES) |
2618 S(VGCS_CELL_EV_ASSIGN_FAIL) |
2619 S(VGCS_CELL_EV_CLEAR) |
2620 S(VGCS_CELL_EV_CLOSE),
2621 .out_state_mask = S(VGCS_CELL_ST_ACTIVE) |
2622 S(VGCS_CELL_ST_RELEASE),
2623 .action = vgcs_cell_fsm_assignment,
2624 },
2625 [VGCS_CELL_ST_ACTIVE] = {
2626 .name = "VGCS/VBS channel active",
2627 .in_event_mask = S(VGCS_CELL_EV_RTP_STREAM_GONE) |
2628 S(VGCS_CELL_EV_RTP_STREAM_ESTABLISHED) |
2629 S(VGCS_CELL_EV_CLEAR) |
2630 S(VGCS_CELL_EV_CLOSE),
2631 .out_state_mask = S(VGCS_CELL_ST_RELEASE),
2632 .action = vgcs_cell_fsm_active,
2633 },
2634 [VGCS_CELL_ST_RELEASE] = {
2635 .name = "Releasing VGCS/VBS channel",
2636 .in_event_mask = S(VGCS_CELL_EV_RTP_STREAM_GONE) |
2637 S(VGCS_CELL_EV_CLEAR) |
2638 S(VGCS_CELL_EV_RELEASED),
2639 .out_state_mask = S(VGCS_CELL_ST_NULL),
2640 .action = vgcs_cell_fsm_release,
2641 },
2642};
2643
2644static struct osmo_fsm vgcs_cell_fsm = {
2645 .name = "vgcs_cell",
2646 .states = vgcs_cell_fsm_states,
2647 .num_states = ARRAY_SIZE(vgcs_cell_fsm_states),
2648 .log_subsys = DASCI,
2649 .event_names = vgcs_cell_fsm_event_names,
2650};
2651
2652/* The BSS accepts VGCS/VBS channel assignment. */
2653void vgcs_vbs_assign_result(struct vgcs_bss_cell *cell, const struct ran_msg *ran_msg)
2654{
2655 osmo_fsm_inst_dispatch(cell->fi, VGCS_CELL_EV_ASSIGN_RES, (void *)ran_msg);
2656}
2657
2658/* The BSS refuses VGCS/VBS channel assignment. */
2659void vgcs_vbs_assign_fail(struct vgcs_bss_cell *cell, const struct ran_msg *ran_msg)
2660{
2661 osmo_fsm_inst_dispatch(cell->fi, VGCS_CELL_EV_ASSIGN_FAIL, (void *)ran_msg);
2662}
2663
2664/* BSS indicated that the channel has been released. */
2665void vgcs_vbs_clear_req_channel(struct vgcs_bss_cell *cell, const struct ran_msg *ran_msg)
2666{
2667 LOG_CELL(cell, LOGL_DEBUG, "Received CLEAR REQUEST for resource controling channel from BSS.\n");
2668 osmo_fsm_inst_dispatch(cell->fi, VGCS_CELL_EV_CLOSE, (void *)ran_msg);
2669}
2670
2671/* BSS confirms the release of channel. */
2672void vgcs_vbs_clear_cpl_channel(struct vgcs_bss_cell *cell, const struct ran_msg *ran_msg)
2673{
2674 LOG_CELL(cell, LOGL_DEBUG, "Received CLEAR COMPLETE for resource controling channel from BSS.\n");
2675 osmo_fsm_inst_dispatch(cell->fi, VGCS_CELL_EV_RELEASED, (void *)ran_msg);
2676}
2677
2678/*
2679 * MGW endpoint FSM
2680 */
2681
2682static const struct value_string vgcs_mgw_ep_fsm_event_names[] = {
2683 OSMO_VALUE_STRING(VGCS_MGW_EP_EV_FREE),
2684 OSMO_VALUE_STRING(VGCS_MGW_EP_EV_CLEAR),
2685 { }
2686};
2687
2688static void vgcs_mgw_ep_fsm_active(struct osmo_fsm_inst *fi, uint32_t event, void *data)
2689{
2690 struct vgcs_mgw_ep *mgw = fi->priv;
2691 struct vgcs_bss_cell *cell, *cell2;
2692 struct mgcp_client *mgcp_client;
2693
2694 switch (event) {
2695 case VGCS_MGW_EP_EV_FREE:
2696 LOGP(DASCI, LOGL_DEBUG, "MGW connection closed, removing all cell instances.\n");
2697 llist_for_each_entry_safe(cell, cell2, &mgw->cell_list, list_mgw) {
2698 if (cell->rtps)
2699 cell->rtps->ci = NULL;
2700 llist_del(&cell->list_mgw);
2701 cell->mgw = NULL;
2702 }
2703 /* Put MGCP client back into MGW pool. */
2704 mgcp_client = osmo_mgcpc_ep_client(mgw->mgw_ep);
2705 mgcp_client_pool_put(mgcp_client);
2706 /* Destroy this instance. */
2707 osmo_fsm_inst_term_children(fi, OSMO_FSM_TERM_PARENT, NULL);
2708 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, NULL);
2709 break;
2710 case VGCS_MGW_EP_EV_CLEAR:
2711 if (!llist_empty(&mgw->cell_list))
2712 break;
2713 LOGP(DASCI, LOGL_DEBUG, "Cell list of MGW instance is now empty, dropping.\n");
2714 /* Destroy this instance. */
2715 osmo_fsm_inst_term_children(fi, OSMO_FSM_TERM_PARENT, NULL);
2716 osmo_fsm_inst_term(fi, OSMO_FSM_TERM_REGULAR, NULL);
2717 break;
2718 default:
2719 OSMO_ASSERT(false);
2720 }
2721}
2722
2723static const struct osmo_fsm_state vgcs_mgw_ep_fsm_states[] = {
2724 [VGCS_MGW_EP_ST_NULL] = {
2725 .name = "NULL",
2726 .out_state_mask = S(VGCS_MGW_EP_ST_ACTIVE),
2727 },
2728 [VGCS_MGW_EP_ST_ACTIVE] = {
2729 .name = "MGW endpoint allocated",
2730 .in_event_mask = S(VGCS_MGW_EP_EV_FREE) |
2731 S(VGCS_MGW_EP_EV_CLEAR),
2732 .out_state_mask = S(VGCS_MGW_EP_ST_NULL),
2733 .action = vgcs_mgw_ep_fsm_active,
2734 },
2735};
2736
2737static struct osmo_fsm vgcs_mgw_ep_fsm = {
2738 .name = "vgcs_mgw_ep",
2739 .states = vgcs_mgw_ep_fsm_states,
2740 .num_states = ARRAY_SIZE(vgcs_mgw_ep_fsm_states),
2741 .log_subsys = DASCI,
2742 .event_names = vgcs_mgw_ep_fsm_event_names,
2743};