Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-msc / refs/heads/master / . / src / libmsc / ran_msg_a.c
blob: d9041204a8aaa2d4c1af12ad1d8d4f02ed00b07f [file] [log] [blame]
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1/* BSSAP/BSSMAP encoding and decoding for MSC */
2/*
Vadim Yanitskiy999a5932023-05-18 17:22:26 +0700[diff] [blame]3 * (C) 2019 by sysmocom - s.f.m.c. GmbH <info@sysmocom.de>
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]4 * All Rights Reserved
5 *
6 * Author: Neels Hofmeyr
7 *
Harald Welte1b1a39b2024-02-17 10:11:18 +0100[diff] [blame]8 * SPDX-License-Identifier: AGPL-3.0+
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]9 *
10 * This program is free software; you can redistribute it and/or modify
Harald Welte1b1a39b2024-02-17 10:11:18 +0100[diff] [blame]11 * it under the terms of the GNU Affero General Public License as published by
12 * the Free Software Foundation; either version 3 of the License, or
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
Harald Welte1b1a39b2024-02-17 10:11:18 +0100[diff] [blame]18 * GNU Affero General Public License for more details.
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]19 */
20
21#include <osmocom/core/byteswap.h>
22
23#include <osmocom/crypt/auth.h>
Neels Hofmeyr6ce2edc2021-06-09 22:26:11 +0200[diff] [blame]24#include <osmocom/crypt/kdf.h>
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]25
26#include <osmocom/gsm/tlv.h>
27#include <osmocom/gsm/gsm0808.h>
28#include <osmocom/gsm/mncc.h>
29#include <osmocom/gsm/gsm48.h>
30
31#include <osmocom/msc/debug.h>
32#include <osmocom/msc/ran_msg_a.h>
33#include <osmocom/msc/sccp_ran.h>
Pau Espin Pedrolc9ba7542019-05-07 12:23:49 +0200[diff] [blame]34#include <osmocom/msc/gsm_data.h>
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]35
36#define LOG_RAN_A_DEC(RAN_DEC, level, fmt, args...) \
37 LOG_RAN_DEC(RAN_DEC, DBSSAP, level, "BSSMAP: " fmt, ## args)
38
39/* Assumes presence of struct ran_dec *ran_dec and ran_dec_msg.msg_name (set) in the local scope. */
40#define LOG_RAN_A_DEC_MSG(level, fmt, args...) \
41 LOG_RAN_DEC(ran_dec, DBSSAP, level, "%s: " fmt, ran_dec_msg.msg_name, ## args)
42
43#define LOG_RAN_A_ENC(FI, level, fmt, args...) \
44 LOG_RAN_ENC(FI, DBSSAP, level, "BSSMAP: " fmt, ## args)
45
46static int ran_a_decode_l3_compl(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
47{
48 struct gsm0808_cell_id_list2 cil;
49 struct gsm0808_cell_id cell_id;
50 struct tlv_p_entry *ie_cell_id = TLVP_GET(tp, GSM0808_IE_CELL_IDENTIFIER);
51 struct tlv_p_entry *ie_l3_info = TLVP_GET(tp, GSM0808_IE_LAYER_3_INFORMATION);
Neels Hofmeyr8a50cfb2019-10-21 03:01:00 +0200[diff] [blame]52 struct tlv_p_entry *ie_codec_list_bss_supported = TLVP_GET(tp, GSM0808_IE_SPEECH_CODEC_LIST);
53 struct gsm0808_speech_codec_list codec_list_bss_supported;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]54 struct ran_msg ran_dec_msg = {
55 .msg_type = RAN_MSG_COMPL_L3,
Neels Hofmeyr0c1ed152019-10-21 03:12:58 +0200[diff] [blame]56 .msg_name = "BSSMAP Complete Layer 3 Information",
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]57 .compl_l3 = {
58 .cell_id = &cell_id,
59 .msg = msg,
60 },
61 };
62 int rc;
63
64 if (!ie_cell_id) {
65 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory CELL IDENTIFIER not present, discarding message\n");
66 return -EINVAL;
67 }
68 if (!ie_l3_info) {
69 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory LAYER 3 INFORMATION not present, discarding message\n");
70 return -EINVAL;
71 }
72
73 /* Parse Cell ID element -- this should yield a cell identifier "list" with 1 element. */
74
75 rc = gsm0808_dec_cell_id_list2(&cil, ie_cell_id->val, ie_cell_id->len);
76 if (rc < 0) {
77 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Decoding CELL IDENTIFIER gave rc=%d\n", rc);
78 return -EINVAL;
79 }
80 if (cil.id_list_len != 1) {
81 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Unable to parse element CELL IDENTIFIER, discarding message\n");
82 return -EINVAL;
83 }
84
85 /* Sanity check the Cell Identity */
86 switch (cil.id_discr) {
87 case CELL_IDENT_WHOLE_GLOBAL:
88 case CELL_IDENT_LAI_AND_LAC:
89 case CELL_IDENT_LAC_AND_CI:
90 case CELL_IDENT_LAC:
91 break;
92
93 case CELL_IDENT_CI:
94 case CELL_IDENT_NO_CELL:
95 case CELL_IDENT_BSS:
96 default:
97 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "CELL IDENTIFIER does not specify a LAC, discarding message: %s\n",
98 gsm0808_cell_id_list_name(&cil));
99 return -EINVAL;
100 }
101
102 cell_id = (struct gsm0808_cell_id){
103 .id_discr = cil.id_discr,
104 .id = cil.id_list[0],
105 };
106
Neels Hofmeyrede90832022-01-13 18:13:15 +0100[diff] [blame]107 /* Parse Layer 3 Information element; point ran_dec_msg->compl_l3.msg to the L3 Info data */
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]108 msg->l3h = (uint8_t*)ie_l3_info->val;
109 msgb_l3trim(msg, ie_l3_info->len);
110
111 if (msgb_l3len(msg) < sizeof(struct gsm48_hdr)) {
112 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "too short L3 info (%d), discarding message\n", msgb_l3len(msg));
113 return -ENODATA;
114 }
115
Neels Hofmeyr8a50cfb2019-10-21 03:01:00 +0200[diff] [blame]116 /* Decode Codec List (BSS Supported) */
117 if (ie_codec_list_bss_supported) {
118 rc = gsm0808_dec_speech_codec_list(&codec_list_bss_supported,
119 ie_codec_list_bss_supported->val, ie_codec_list_bss_supported->len);
120 if (rc < 0) {
121 LOG_RAN_A_DEC_MSG(LOGL_ERROR,
122 "Complete Layer 3 Information: unable to decode IE Codec List (BSS Supported)"
123 " (rc=%d), continuing anyway\n", rc);
124 /* This IE is not critical, do not abort with error. */
125 } else
126 ran_dec_msg.compl_l3.codec_list_bss_supported = &codec_list_bss_supported;
127 }
128
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]129 return ran_decoded(ran_dec, &ran_dec_msg);
130}
131
132static int ran_a_decode_clear_request(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
133{
134 struct tlv_p_entry *ie_cause = TLVP_GET(tp, GSM0808_IE_CAUSE);
135 struct ran_msg ran_dec_msg = {
136 .msg_type = RAN_MSG_CLEAR_REQUEST,
137 .msg_name = "BSSMAP Clear Request",
138 };
139
140 if (!ie_cause) {
141 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Cause code is missing, using GSM0808_CAUSE_EQUIPMENT_FAILURE\n");
142 ran_dec_msg.clear_request.bssap_cause = GSM0808_CAUSE_EQUIPMENT_FAILURE;
143 } else {
144 ran_dec_msg.clear_request.bssap_cause = ie_cause->val[0];
145 }
146
147 return ran_decoded(ran_dec, &ran_dec_msg);
148}
149
150static int ran_a_decode_clear_complete(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
151{
152 struct ran_msg ran_dec_msg = {
153 .msg_type = RAN_MSG_CLEAR_COMPLETE,
154 .msg_name = "BSSMAP Clear Complete",
155 };
156 return ran_decoded(ran_dec, &ran_dec_msg);
157}
158
159static int ran_a_decode_classmark_update(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
160{
161 struct tlv_p_entry *ie_cm2 = TLVP_GET(tp, GSM0808_IE_CLASSMARK_INFORMATION_T2);
162 struct tlv_p_entry *ie_cm3 = TLVP_GET(tp, GSM0808_IE_CLASSMARK_INFORMATION_T3);
163 struct osmo_gsm48_classmark cm = {};
164 struct ran_msg ran_dec_msg = {
165 .msg_type = RAN_MSG_CLASSMARK_UPDATE,
166 .msg_name = "BSSMAP Classmark Update",
167 .classmark_update = {
168 .classmark = &cm,
169 },
170 };
171
172 if (!ie_cm2) {
173 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "mandatory Classmark Information Type 2 not present, discarding message\n");
174 return -EINVAL;
175 }
176
177 cm.classmark2_len = OSMO_MIN(sizeof(cm.classmark2), ie_cm2->len);
178 memcpy(&cm.classmark2, ie_cm2->val, cm.classmark2_len);
179
180 if (ie_cm3) {
181 cm.classmark3_len = OSMO_MIN(sizeof(cm.classmark3), ie_cm3->len);
182 memcpy(&cm.classmark3, ie_cm3->val, cm.classmark3_len);
183 }
184
185 return ran_decoded(ran_dec, &ran_dec_msg);
186}
187
188static int ran_a_decode_cipher_mode_complete(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
189{
190 struct tlv_p_entry *ie_chosen_encr_alg = TLVP_GET(tp, GSM0808_IE_CHOSEN_ENCR_ALG);
191 struct tlv_p_entry *ie_l3_msg = TLVP_GET(tp, GSM0808_IE_LAYER_3_MESSAGE_CONTENTS);
192 int rc;
193 struct ran_msg ran_dec_msg = {
194 .msg_type = RAN_MSG_CIPHER_MODE_COMPLETE,
195 .msg_name = "BSSMAP Ciphering Mode Complete",
196 };
197
198 if (ie_chosen_encr_alg) {
199 uint8_t ie_val = ie_chosen_encr_alg->val[0];
200 /* 3GPP TS 48.008 3.2.2.44 Chosen Encryption Algorithm encodes as 1 = no encryption, 2 = A5/1, 4 = A5/3.
201 * Internally we handle without this weird off-by-one. */
202 if (ie_val < 1 || ie_val > 8)
203 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Unsupported value for 3.2.2.44 Chosen Encryption Algorithm: %u\n",
204 ie_val);
205 else
206 ran_dec_msg.cipher_mode_complete.alg_id = ie_chosen_encr_alg->val[0];
207 }
208
Neels Hofmeyre9a39112019-08-29 00:10:49 +0200[diff] [blame]209 if (ie_l3_msg)
210 ran_dec_msg.cipher_mode_complete.l3_msg = ie_l3_msg;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]211
Neels Hofmeyre9a39112019-08-29 00:10:49 +0200[diff] [blame]212 rc = ran_decoded(ran_dec, &ran_dec_msg);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]213
214 return rc;
215}
216
217static int ran_a_decode_cipher_mode_reject(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
218{
219 int rc;
220 struct ran_msg ran_dec_msg = {
221 .msg_type = RAN_MSG_CIPHER_MODE_REJECT,
222 .msg_name = "BSSMAP Ciphering Mode Reject",
223 };
224
Vadim Yanitskiy33144f12021-02-05 20:14:19 +0100[diff] [blame]225 rc = gsm0808_get_cause(tp);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]226 if (rc < 0) {
227 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "failed to extract Cause\n");
228 ran_dec_msg.cipher_mode_reject.bssap_cause = GSM0808_CAUSE_EQUIPMENT_FAILURE;
229 } else {
230 ran_dec_msg.cipher_mode_reject.bssap_cause = (enum gsm0808_cause)rc;
231 }
232
233 return ran_decoded(ran_dec, &ran_dec_msg);
234}
235
236enum mgcp_codecs ran_a_mgcp_codec_from_sc(const struct gsm0808_speech_codec *sc)
237{
238 switch (sc->type) {
239 case GSM0808_SCT_FR1:
240 return CODEC_GSM_8000_1;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]241 case GSM0808_SCT_FR2:
242 return CODEC_GSMEFR_8000_1;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]243 case GSM0808_SCT_FR3:
244 return CODEC_AMR_8000_1;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]245 case GSM0808_SCT_FR4:
246 return CODEC_AMRWB_16000_1;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]247 case GSM0808_SCT_FR5:
248 return CODEC_AMRWB_16000_1;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]249 case GSM0808_SCT_HR1:
250 return CODEC_GSMHR_8000_1;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]251 case GSM0808_SCT_HR3:
252 return CODEC_AMR_8000_1;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]253 case GSM0808_SCT_HR4:
254 return CODEC_AMRWB_16000_1;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]255 case GSM0808_SCT_HR6:
256 return CODEC_AMRWB_16000_1;
Vadim Yanitskiy9d696552023-07-25 02:20:57 +0700[diff] [blame]257 case GSM0808_SCT_CSD:
258 return CODEC_CLEARMODE;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]259 default:
260 return CODEC_PCMU_8000_1;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]261 }
262}
263
264static int ran_a_decode_assignment_complete(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
265{
266 struct tlv_p_entry *ie_aoip_transp_addr = TLVP_GET(tp, GSM0808_IE_AOIP_TRASP_ADDR);
267 struct tlv_p_entry *ie_speech_codec = TLVP_GET(tp, GSM0808_IE_SPEECH_CODEC);
Neels Hofmeyr8a50cfb2019-10-21 03:01:00 +0200[diff] [blame]268 struct tlv_p_entry *ie_codec_list_bss_supported = TLVP_GET(tp, GSM0808_IE_SPEECH_CODEC_LIST);
Pau Espin Pedrola3cdab42019-05-09 17:54:08 +0200[diff] [blame]269 struct tlv_p_entry *ie_osmux_cid = TLVP_GET(tp, GSM0808_IE_OSMO_OSMUX_CID);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]270 struct sockaddr_storage rtp_addr;
Neels Hofmeyr8a50cfb2019-10-21 03:01:00 +0200[diff] [blame]271 struct gsm0808_speech_codec_list codec_list_bss_supported;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]272 int rc;
273 struct ran_msg ran_dec_msg = {
274 .msg_type = RAN_MSG_ASSIGNMENT_COMPLETE,
275 .msg_name = "BSSMAP Assignment Complete",
276 };
277
278 if (ie_aoip_transp_addr) {
279 /* Decode AoIP transport address element */
280 rc = gsm0808_dec_aoip_trasp_addr(&rtp_addr, ie_aoip_transp_addr->val, ie_aoip_transp_addr->len);
281 if (rc < 0) {
282 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Unable to decode AoIP Transport Layer Address\n");
283 return -EINVAL;
284 }
285
Pau Espin Pedrolf9c76e32020-09-02 19:25:55 +0200[diff] [blame]286 if (osmo_sockaddr_str_from_sockaddr(&ran_dec_msg.assignment_complete.remote_rtp, &rtp_addr)) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]287 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Assignment Complete: unable to decode remote RTP IP address\n");
288 return -EINVAL;
289 }
290 }
291
Pau Espin Pedrola3cdab42019-05-09 17:54:08 +0200[diff] [blame]292 if (ie_osmux_cid) {
293 rc = gsm0808_dec_osmux_cid(&ran_dec_msg.assignment_complete.osmux_cid, ie_osmux_cid->val, ie_osmux_cid->len);
294 if (rc < 0) {
295 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Unable to decode Osmux CID\n");
296 return -EINVAL;
297 }
298 ran_dec_msg.assignment_complete.osmux_present = true;
299 }
300
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]301 if (ie_speech_codec) {
302 /* Decode Speech Codec (Chosen) element */
Neels Hofmeyrcec51b32023-03-01 03:47:45 +0100[diff] [blame]303 rc = gsm0808_dec_speech_codec(&ran_dec_msg.assignment_complete.codec,
304 ie_speech_codec->val, ie_speech_codec->len);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]305 if (rc < 0) {
306 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Assignment Complete: unable to decode IE Speech Codec (Chosen)"
307 " (rc=%d).\n", rc);
308 return -EINVAL;
309 }
310 ran_dec_msg.assignment_complete.codec_present = true;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]311 }
312
Neels Hofmeyr8a50cfb2019-10-21 03:01:00 +0200[diff] [blame]313 if (ie_codec_list_bss_supported) {
314 /* Decode Codec List (BSS Supported) */
315 rc = gsm0808_dec_speech_codec_list(&codec_list_bss_supported,
316 ie_codec_list_bss_supported->val, ie_codec_list_bss_supported->len);
317 if (rc < 0) {
318 LOG_RAN_A_DEC_MSG(LOGL_ERROR,
319 "Assignment Complete: unable to decode IE Codec List (BSS Supported)"
320 " (rc=%d), continuing anyway\n", rc);
321 /* This IE is not critical, do not abort with error. */
322 } else
323 ran_dec_msg.assignment_complete.codec_list_bss_supported = &codec_list_bss_supported;
324 }
325
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]326 return ran_decoded(ran_dec, &ran_dec_msg);
327}
328
329static int ran_a_decode_assignment_failure(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
330{
331 struct tlv_p_entry *ie_cause = TLVP_GET(tp, GSM0808_IE_CAUSE);
332 struct tlv_p_entry *ie_rr_cause = TLVP_GET(tp, GSM0808_IE_RR_CAUSE);
333 struct tlv_p_entry *ie_speech_codec_list = TLVP_GET(tp, GSM0808_IE_SPEECH_CODEC_LIST);
334 struct gsm0808_speech_codec_list scl;
335 struct ran_msg ran_dec_msg = {
336 .msg_type = RAN_MSG_ASSIGNMENT_FAILURE,
337 .msg_name = "BSSMAP Assignment Failure",
338 .assignment_failure = {
339 .bssap_cause = GSM0808_CAUSE_EQUIPMENT_FAILURE,
340 .rr_cause = GSM48_RR_CAUSE_ABNORMAL_UNSPEC,
341 },
342 };
343
344 if (ie_cause)
345 ran_dec_msg.assignment_failure.bssap_cause = ie_cause->val[0];
346 if (ie_rr_cause)
347 ran_dec_msg.assignment_failure.rr_cause = ie_rr_cause->val[0];
348
349 if (ie_speech_codec_list
350 && gsm0808_dec_speech_codec_list(&scl, ie_speech_codec_list->val, ie_speech_codec_list->len) == 0)
351 ran_dec_msg.assignment_failure.scl_bss_supported = &scl;
352
353 return ran_decoded(ran_dec, &ran_dec_msg);
354}
355
356static int ran_a_decode_sapi_n_reject(struct ran_dec *ran_dec, struct msgb *msg, struct tlv_parsed *tp)
357{
358 struct tlv_p_entry *ie_cause = TLVP_GET(tp, GSM0808_IE_CAUSE);
359 struct tlv_p_entry *ie_dlci = TLVP_GET(tp, GSM0808_IE_DLCI);
360 struct ran_msg ran_dec_msg = {
361 .msg_type = RAN_MSG_SAPI_N_REJECT,
362 .msg_name = "BSSMAP SAPI-N Reject",
363 };
364
365 /* Note: The MSC code seems not to care about the cause code, but by
366 * the specification it is mandatory, so we check its presence. See
367 * also 3GPP TS 48.008 3.2.1.34 SAPI "n" REJECT */
368 if (!ie_cause) {
369 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "SAPI-N Reject: cause code IE is missing, discarding message\n");
370 return -EINVAL;
371 }
372 ran_dec_msg.sapi_n_reject.bssap_cause = ie_cause->val[0];
373
374 if (!ie_dlci) {
375 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "SAPI-N Reject: DLCI IE is missing, discarding message\n");
376 return -EINVAL;
377 }
378 ran_dec_msg.sapi_n_reject.dlci = ie_dlci->val[0];
379
380 return ran_decoded(ran_dec, &ran_dec_msg);
381}
382
383static int ran_a_decode_lcls_notification(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
384{
385 const struct tlv_p_entry *ie_lcls_bss_status = TLVP_GET(tp, GSM0808_IE_LCLS_BSS_STATUS);
386 const struct tlv_p_entry *ie_lcls_break_req = TLVP_GET(tp, GSM0808_IE_LCLS_BREAK_REQ);
387 struct ran_msg ran_dec_msg;
388
389 /* Either §3.2.2.119 LCLS-BSS-Status or §3.2.2.120 LCLS-Break-Request shall be present */
Vadim Yanitskiy18e8b392019-05-11 04:22:55 +0700[diff] [blame]390 if (ie_lcls_bss_status && !ie_lcls_break_req) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]391 ran_dec_msg = (struct ran_msg){
392 .msg_type = RAN_MSG_LCLS_STATUS,
393 .msg_name = "BSSMAP LCLS Notification (LCLS Status)",
394 .lcls_status = {
395 .status = ie_lcls_bss_status->len ?
396 ie_lcls_bss_status->val[0] : GSM0808_LCLS_STS_NA,
397 },
398 };
399 return ran_decoded(ran_dec, &ran_dec_msg);
Vadim Yanitskiy18e8b392019-05-11 04:22:55 +0700[diff] [blame]400 } else if (ie_lcls_break_req && !ie_lcls_bss_status) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]401 ran_dec_msg = (struct ran_msg){
402 .msg_type = RAN_MSG_LCLS_BREAK_REQ,
403 .msg_name = "BSSMAP LCLS Notification (LCLS Break Req)",
404 .lcls_break_req = {
405 .todo = 23,
406 },
407 };
408 return ran_decoded(ran_dec, &ran_dec_msg);
409 }
410
Vadim Yanitskiy18e8b392019-05-11 04:22:55 +0700[diff] [blame]411 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "Ignoring broken LCLS Notification message\n");
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]412 return -EINVAL;
413}
414
415static int ran_a_decode_handover_required(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
416{
417 const struct tlv_p_entry *ie_cause = TLVP_GET(tp, GSM0808_IE_CAUSE);
418 const struct tlv_p_entry *ie_cil = TLVP_GET(tp, GSM0808_IE_CELL_IDENTIFIER_LIST);
419 struct ran_msg ran_dec_msg = {
420 .msg_type = RAN_MSG_HANDOVER_REQUIRED,
421 .msg_name = "BSSMAP Handover Required",
422 };
423 /* On decoding failures, dispatch an invalid RAN_MSG_HANDOVER_REQUIRED so msc_a can pass down a
424 * BSS_MAP_MSG_HANDOVER_REQUIRED_REJECT message. */
425
426 if (ie_cause)
427 ran_dec_msg.handover_required.cause = ie_cause->val[0];
428 else
429 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Cause IE missing\n");
430
431 if (!ie_cil
432 || gsm0808_dec_cell_id_list2(&ran_dec_msg.handover_required.cil, ie_cil->val, ie_cil->len) <= 0) {
433 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "No or invalid Cell Identifier List IE\n");
434 ran_dec_msg.handover_required.cil = (struct gsm0808_cell_id_list2){};
435 }
436
437 return ran_decoded(ran_dec, &ran_dec_msg);
438}
439
440static uint8_t a5_encryption_mask_from_gsm0808_chosen_enc_alg(enum gsm0808_chosen_enc_alg val)
441{
442 return 1 << val;
443}
444
445static int ran_a_decode_handover_request(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
446{
447 struct osmo_gsm48_classmark classmark = {};
448 struct ran_msg ran_dec_msg = {
449 .msg_type = RAN_MSG_HANDOVER_REQUEST,
450 .msg_name = "BSSMAP Handover Request",
451 .handover_request = {
452 .classmark = &classmark,
453 },
454 };
455 struct ran_handover_request *r = &ran_dec_msg.handover_request;
456
457 const struct tlv_p_entry *ie_channel_type = TLVP_GET(tp, GSM0808_IE_CHANNEL_TYPE);
458 const struct tlv_p_entry *ie_encryption_information = TLVP_GET(tp, GSM0808_IE_ENCRYPTION_INFORMATION);
459 const struct tlv_p_entry *ie_classmark1 = TLVP_GET(tp, GSM0808_IE_CLASSMARK_INFORMATION_TYPE_1);
460 const struct tlv_p_entry *ie_classmark2 = TLVP_GET(tp, GSM0808_IE_CLASSMARK_INFORMATION_T2);
461 const struct tlv_p_entry *ie_cell_id_serving = TLVP_GET(&tp[0], GSM0808_IE_CELL_IDENTIFIER);
462 const struct tlv_p_entry *ie_cell_id_target = TLVP_GET(&tp[1], GSM0808_IE_CELL_IDENTIFIER);
463 const struct tlv_p_entry *ie_cause = TLVP_GET(tp, GSM0808_IE_CAUSE);
464 const struct tlv_p_entry *ie_classmark3 = TLVP_GET(tp, GSM0808_IE_CLASSMARK_INFORMATION_T3);
465 const struct tlv_p_entry *ie_current_channel_type_1 = TLVP_GET(tp, GSM0808_IE_CURRENT_CHANNEL_TYPE_1);
466 const struct tlv_p_entry *ie_speech_version_used = TLVP_GET(tp, GSM0808_IE_SPEECH_VERSION);
467 const struct tlv_p_entry *ie_chosen_encr_alg_serving = TLVP_GET(tp, GSM0808_IE_CHOSEN_ENCR_ALG);
468 const struct tlv_p_entry *ie_old_bss_to_new_bss_info = TLVP_GET(tp, GSM0808_IE_OLD_BSS_TO_NEW_BSS_INFORMATION);
469 const struct tlv_p_entry *ie_imsi = TLVP_GET(tp, GSM0808_IE_IMSI);
470 const struct tlv_p_entry *ie_aoip_transp_addr = TLVP_GET(tp, GSM0808_IE_AOIP_TRASP_ADDR);
471 const struct tlv_p_entry *ie_codec_list_msc_preferred = TLVP_GET(tp, GSM0808_IE_SPEECH_CODEC_LIST);
472 const struct tlv_p_entry *ie_call_id = TLVP_GET(tp, GSM0808_IE_CALL_ID);
Neels Hofmeyrdb07fdc2021-06-09 22:27:47 +0200[diff] [blame]473 const struct tlv_p_entry *ie_kc128 = TLVP_GET(tp, GSM0808_IE_KC_128);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]474 const struct tlv_p_entry *ie_global_call_ref = TLVP_GET(tp, GSM0808_IE_GLOBAL_CALL_REF);
475
476 struct gsm0808_channel_type channel_type;
477 struct gsm0808_encrypt_info encr_info;
478 struct gsm0808_speech_codec_list scl;
479 struct geran_encr geran_encr = {};
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]480 struct osmo_sockaddr_str rtp_ran_local;
481
482 if (!ie_channel_type) {
483 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory IE missing: Channel Type\n");
484 return -EINVAL;
485 }
486 if (gsm0808_dec_channel_type(&channel_type, ie_channel_type->val, ie_channel_type->len) <= 0) {
487 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Failed to decode Channel Type IE\n");
488 return -EINVAL;
489 }
490 r->geran.channel_type = &channel_type;
491
492 if (ie_encryption_information) {
493 int i;
494 if (gsm0808_dec_encrypt_info(&encr_info, ie_encryption_information->val, ie_encryption_information->len)
495 <= 0) {
Martin Hauke3f07dac2019-11-14 17:49:08 +0100[diff] [blame]496 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Failed to decode Encryption Information IE\n");
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]497 return -EINVAL;
498 }
499
500 for (i = 0; i < encr_info.perm_algo_len; i++) {
501 r->geran.a5_encryption_mask |=
502 a5_encryption_mask_from_gsm0808_chosen_enc_alg(encr_info.perm_algo[i]);
503 }
504
505 if (encr_info.key_len > sizeof(geran_encr.key)) {
Martin Hauke3f07dac2019-11-14 17:49:08 +0100[diff] [blame]506 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Failed to decode Encryption Information IE:"
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]507 " encryption key is too long: %u\n", geran_encr.key_len);
508 return -EINVAL;
509 }
510
511 if (encr_info.key_len) {
512 memcpy(geran_encr.key, encr_info.key, encr_info.key_len);
513 geran_encr.key_len = encr_info.key_len;
514 }
515
Neels Hofmeyrdb07fdc2021-06-09 22:27:47 +0200[diff] [blame]516 if (ie_kc128) {
517 memcpy(geran_encr.kc128, ie_kc128->val, 16);
518 geran_encr.kc128_present = true;
519 }
520
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]521 r->geran.chosen_encryption = &geran_encr;
522 }
523
524 if (!ie_classmark1 && !ie_classmark2) {
525 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory IE missing: either Classmark Information 1"
526 " or Classmark Information 2 must be included\n");
527 return -EINVAL;
528 }
529
530 if (ie_classmark1) {
531 if (ie_classmark1->len != sizeof(classmark.classmark1)) {
532 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Invalid size for Classmark 1: %u, expected %zu\n",
533 ie_classmark1->len, sizeof(classmark.classmark1));
534 return -EINVAL;
535 }
536 memcpy((uint8_t*)&classmark.classmark1, ie_classmark1->val, ie_classmark1->len);
537 classmark.classmark1_set = true;
538 }
539
540 if (ie_classmark2) {
541 uint8_t len = OSMO_MIN(ie_classmark2->len, sizeof(classmark.classmark2));
542 memcpy((uint8_t*)&classmark.classmark2, ie_classmark2->val, len);
543 classmark.classmark2_len = len;
544 }
545
546 if (!ie_cell_id_serving) {
547 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory IE missing: Cell Identifier (Serving)\n");
548 return -EINVAL;
549 }
550 if (gsm0808_dec_cell_id(&r->cell_id_serving, ie_cell_id_serving->val,
551 ie_cell_id_serving->len) <= 0) {
552 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Failed to decode Cell Identifier (Serving) IE\n");
553 return -EINVAL;
554 }
555
556 if (!ie_cell_id_target) {
557 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory IE missing: Cell Identifier (Target)\n");
558 return -EINVAL;
559 }
560 if (gsm0808_dec_cell_id(&r->cell_id_target, ie_cell_id_target->val,
561 ie_cell_id_target->len) <= 0) {
562 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Failed to decode Cell Identifier (Target) IE\n");
563 return -EINVAL;
564 }
565
566 if (ie_cause)
567 r->bssap_cause = ie_cause->val[0];
568
569 if (ie_classmark3) {
570 uint8_t len = OSMO_MIN(ie_classmark3->len, sizeof(classmark.classmark3));
571 memcpy(classmark.classmark3, ie_classmark3->val, len);
572 classmark.classmark3_len = len;
573 }
574
575 if (ie_current_channel_type_1) {
576 r->current_channel_type_1 = ie_current_channel_type_1->val[0];
577 r->current_channel_type_1_present = true;
578 }
579
580 if (ie_speech_version_used) {
581 r->speech_version_used = ie_speech_version_used->val[0];
582 }
583
584 if (ie_chosen_encr_alg_serving && ie_chosen_encr_alg_serving->len) {
585 geran_encr.alg_id = ie_chosen_encr_alg_serving->val[0];
586 r->geran.chosen_encryption = &geran_encr;
587 }
588
589 if (ie_old_bss_to_new_bss_info) {
590 r->old_bss_to_new_bss_info_raw = ie_old_bss_to_new_bss_info->val;
591 r->old_bss_to_new_bss_info_raw_len = ie_old_bss_to_new_bss_info->len;
592 }
593
594 if (ie_imsi) {
Neels Hofmeyr46d526a2020-05-29 03:27:50 +0200[diff] [blame]595 struct osmo_mobile_identity mi;
596 if (osmo_mobile_identity_decode(&mi, ie_imsi->val, ie_imsi->len, false)
597 || mi.type != GSM_MI_TYPE_IMSI)
598 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "IE IMSI: cannot decode IMSI identity\n");
599 else
600 r->imsi = mi.imsi;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]601 }
602
603 if (ie_aoip_transp_addr) {
Pau Espin Pedrol06327172020-09-04 16:37:14 +0200[diff] [blame]604 struct sockaddr_storage rtp_addr;
605 if (gsm0808_dec_aoip_trasp_addr(&rtp_addr, ie_aoip_transp_addr->val, ie_aoip_transp_addr->len) < 0)
606 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "unable to decode AoIP transport address\n");
607 else if (osmo_sockaddr_str_from_sockaddr(&rtp_ran_local, &rtp_addr) < 0)
608 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "unable to decode remote RTP IP address\n");
609 else
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]610 r->rtp_ran_local = &rtp_ran_local;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]611 }
612
613 if (ie_codec_list_msc_preferred
614 && gsm0808_dec_speech_codec_list(&scl, ie_codec_list_msc_preferred->val,
615 ie_codec_list_msc_preferred->len) == 0)
616 r->codec_list_msc_preferred = &scl;
617
618 if (ie_call_id && ie_call_id->len == 4) {
619 r->call_id = osmo_load32le(ie_call_id->val);
620 r->call_id_present = true;
621 }
622
623 if (ie_global_call_ref) {
624 r->global_call_reference = ie_global_call_ref->val;
625 r->global_call_reference_len = ie_global_call_ref->len;
626 }
627
628 return ran_decoded(ran_dec, &ran_dec_msg);
629}
630
631static int ran_a_decode_handover_request_ack(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
632{
633 struct ran_msg ran_dec_msg = {
634 .msg_type = RAN_MSG_HANDOVER_REQUEST_ACK,
635 .msg_name = "BSSMAP Handover Request Acknowledge",
636 };
637 const struct tlv_p_entry *ie_l3_info = TLVP_GET(tp, GSM0808_IE_LAYER_3_INFORMATION);
638 const struct tlv_p_entry *ie_aoip_transp_addr = TLVP_GET(tp, GSM0808_IE_AOIP_TRASP_ADDR);
639 const struct tlv_p_entry *ie_speech_codec = TLVP_GET(tp, GSM0808_IE_SPEECH_CODEC);
640 const struct tlv_p_entry *ie_chosen_channel = TLVP_GET(tp, GSM0808_IE_CHOSEN_CHANNEL);
641 const struct tlv_p_entry *ie_chosen_encr_alg = TLVP_GET(tp, GSM0808_IE_CHOSEN_ENCR_ALG);
642 const struct tlv_p_entry *ie_chosen_speech_version = TLVP_GET(tp, GSM0808_IE_SPEECH_VERSION);
643
644 /* On missing mandatory IEs, dispatch an invalid RAN_MSG_HANDOVER_REQUEST_ACK so msc_a can act on the failure. */
645
646 if (ie_l3_info) {
647 ran_dec_msg.handover_request_ack.rr_ho_command = ie_l3_info->val;
648 ran_dec_msg.handover_request_ack.rr_ho_command_len = ie_l3_info->len;
649 }
650
651 if (ie_chosen_channel) {
652 ran_dec_msg.handover_request_ack.chosen_channel_present = true;
653 ran_dec_msg.handover_request_ack.chosen_channel = *ie_chosen_channel->val;
654 }
655
656 if (ie_chosen_encr_alg) {
657 ran_dec_msg.handover_request_ack.chosen_encr_alg = *ie_chosen_encr_alg->val;
658 if (ran_dec_msg.handover_request_ack.chosen_encr_alg < 1
659 || ran_dec_msg.handover_request_ack.chosen_encr_alg > 8) {
660 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "invalid Chosen Encryption Algorithm: %u\n",
661 ran_dec_msg.handover_request_ack.chosen_encr_alg);
662 }
663 }
664
665 if (ie_chosen_speech_version) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]666 ran_dec_msg.handover_request_ack.chosen_speech_version = ie_chosen_speech_version->val[0];
667
668 /* the codec may be extrapolated from this Speech Version or below from Speech Codec */
Neels Hofmeyr7934e0d2022-10-31 18:13:47 +0100[diff] [blame]669 if (gsm0808_speech_codec_from_chan_type(&ran_dec_msg.handover_request_ack.codec,
670 ran_dec_msg.handover_request_ack.chosen_speech_version) == 0)
671 ran_dec_msg.handover_request_ack.codec_present = true;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]672 }
673
674 if (ie_aoip_transp_addr) {
Pau Espin Pedrol06327172020-09-04 16:37:14 +0200[diff] [blame]675 struct sockaddr_storage rtp_addr;
676 if (gsm0808_dec_aoip_trasp_addr(&rtp_addr, ie_aoip_transp_addr->val, ie_aoip_transp_addr->len) < 0) {
677 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "unable to decode AoIP transport address\n");
678 } else if (osmo_sockaddr_str_from_sockaddr(&ran_dec_msg.handover_request_ack.remote_rtp,
679 &rtp_addr)) {
680 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "unable to decode remote RTP IP address\n");
681 ran_dec_msg.handover_request_ack.remote_rtp = (struct osmo_sockaddr_str){};
682 }
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]683 }
684
685 if (ie_speech_codec) {
Neels Hofmeyr7934e0d2022-10-31 18:13:47 +0100[diff] [blame]686 /* the codec may be extrapolated from above Speech Version or from this Speech Codec */
687 if (gsm0808_dec_speech_codec(&ran_dec_msg.handover_request_ack.codec,
688 ie_speech_codec->val, ie_speech_codec->len) < 0)
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]689 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "unable to decode IE Speech Codec (Chosen)\n");
Neels Hofmeyr7934e0d2022-10-31 18:13:47 +0100[diff] [blame]690 else
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]691 ran_dec_msg.handover_request_ack.codec_present = true;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]692 }
693
694 return ran_decoded(ran_dec, &ran_dec_msg);
695}
696
697static int ran_a_decode_handover_detect(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
698{
699 struct ran_msg ran_dec_msg = {
700 .msg_type = RAN_MSG_HANDOVER_DETECT,
701 .msg_name = "BSSMAP Handover Detect",
702 };
703
704 return ran_decoded(ran_dec, &ran_dec_msg);
705}
706
707static int ran_a_decode_handover_succeeded(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
708{
709 struct ran_msg ran_dec_msg = {
710 .msg_type = RAN_MSG_HANDOVER_SUCCEEDED,
711 .msg_name = "BSSMAP Handover Succeeded",
712 };
713
714 return ran_decoded(ran_dec, &ran_dec_msg);
715}
716
717static int ran_a_decode_handover_complete(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
718{
719 struct ran_msg ran_dec_msg = {
720 .msg_type = RAN_MSG_HANDOVER_COMPLETE,
721 .msg_name = "BSSMAP Handover Complete",
722 };
723
724 return ran_decoded(ran_dec, &ran_dec_msg);
725}
726
727static int ran_a_decode_handover_failure(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
728{
729 struct ran_msg ran_dec_msg = {
730 .msg_type = RAN_MSG_HANDOVER_FAILURE,
731 .msg_name = "BSSMAP Handover Failure",
732 };
733
734 return ran_decoded(ran_dec, &ran_dec_msg);
735}
736
Andreas Eversberg2d27e2c2023-04-23 12:05:44 +0200[diff] [blame]737static int ran_a_decode_vgcs_vbs_setup_ack(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
738{
739 struct ran_msg ran_dec_msg = {
740 .msg_type = RAN_MSG_VGCS_VBS_SETUP_ACK,
741 .msg_name = "BSSMAP VGCS/VBS SETUP ACKNOWLEDGE",
742 };
743 struct gsm0808_vgcs_vbs_setup_ack *r = &ran_dec_msg.vgcs_vbs_setup_ack;
744 int rc;
745
746 const struct tlv_p_entry *ie_flags = TLVP_GET(tp, GSM0808_IE_VGCS_FEATURE_FLAGS);
747
748 /* VGCS Feature Flags, 3.2.2.88 */
749 if (ie_flags) {
750 rc = gsm0808_dec_vgcs_feature_flags(&r->flags, ie_flags->val, ie_flags->len);
751 if (rc < 0) {
752 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Unable to decode VGCS/VBS Feature Flags\n");
753 return -EINVAL;
754 }
755 r->vgcs_feature_flags_present = true;
756 }
757
758 return ran_decoded(ran_dec, &ran_dec_msg);
759}
760
761static int ran_a_decode_vgcs_vbs_setup_refuse(struct ran_dec *ran_dec, const struct msgb *msg,
762 const struct tlv_parsed *tp)
763{
764 struct ran_msg ran_dec_msg = {
765 .msg_type = RAN_MSG_VGCS_VBS_SETUP_REFUSE,
766 .msg_name = "BSSMAP VGCS/VBS SETUP REFUSE",
767 };
768
769 const struct tlv_p_entry *ie_cause = TLVP_GET(tp, GSM0808_IE_CAUSE);
770
771 /* Cause, 3.2.2.5 */
772 if (!ie_cause || ie_cause->len < 1) {
773 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory IE missing: Cause\n");
774 return -EINVAL;
775 }
776 ran_dec_msg.vgcs_vbs_setup_refuse.cause = ie_cause->val[0];
777
778 return ran_decoded(ran_dec, &ran_dec_msg);
779}
780
781static int ran_a_decode_vgcs_vbs_assign_res(struct ran_dec *ran_dec, const struct msgb *msg,
782 const struct tlv_parsed *tp)
783{
784 struct ran_msg ran_dec_msg = {
785 .msg_type = RAN_MSG_VGCS_VBS_ASSIGN_RES,
786 .msg_name = "BSSMAP VGCS/VBS ASSIGNMENT RESULT",
787 };
788 struct gsm0808_vgcs_vbs_assign_res *r = &ran_dec_msg.vgcs_vbs_assign_res;
789 int rc;
790
791 const struct tlv_p_entry *ie_channel_type = TLVP_GET(tp, GSM0808_IE_CHANNEL_TYPE);
792 const struct tlv_p_entry *ie_cell_id = TLVP_GET(tp, GSM0808_IE_CELL_IDENTIFIER);
793 const struct tlv_p_entry *ie_chosen_channel = TLVP_GET(tp, GSM0808_IE_CHOSEN_CHANNEL);
794 const struct tlv_p_entry *ie_cic = TLVP_GET(tp, GSM0808_IE_CIRCUIT_IDENTITY_CODE);
795 const struct tlv_p_entry *ie_circuit_pool = TLVP_GET(tp, GSM0808_IE_CIRCUIT_POOL);
796 const struct tlv_p_entry *ie_aoip = TLVP_GET(tp, GSM0808_IE_AOIP_TRASP_ADDR);
797 const struct tlv_p_entry *ie_call_id = TLVP_GET(tp, GSM0808_IE_CALL_ID);
798
799 /* Channel Type, 3.2.2.11 */
800 if (!ie_channel_type) {
801 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory IE missing: Channel Type\n");
802 return -EINVAL;
803 }
804 if (gsm0808_dec_channel_type(&r->channel_type, ie_channel_type->val, ie_channel_type->len) <= 0) {
805 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Failed to decode Channel Type IE\n");
806 return -EINVAL;
807 }
808
809 /* Cell Identifier, 3.2.2.17 */
810 if (!ie_cell_id) {
811 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory IE missing: Cell Identifier\n");
812 return -EINVAL;
813 }
814 rc = gsm0808_dec_cell_id(&r->cell_identifier, ie_cell_id->val, ie_cell_id->len);
815 if (rc < 0) {
816 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Decoding Cell Identifier gave rc=%d\n", rc);
817 return -EINVAL;
818 }
819
820 /* Chosen Channel, 3.2.2.33 */
821 if (ie_chosen_channel) {
822 r->chosen_channel = ie_chosen_channel->val[0];
823 r->chosen_channel_present = true;
824 }
825
826 /* Circuit Identity Code, 3.2.2.2 */
827 if (ie_cic) {
828 if (ie_cic->len != 2) {
829 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Circuit Identity Code has invalid length.\n");
830 return -EINVAL;
831 }
832 r->cic = *(uint16_t *)ie_cic->val;
833 r->cic_present = true;
834 }
835
836 /* Circuit Pool, 3.2.2.45 */
837 if (ie_circuit_pool) {
838 r->circuit_pool = ie_circuit_pool->val[0];
839 r->circuit_pool_present = true;
840 }
841
842 /* AoIP Transport Layer Address (BSS), 3.2.2.102 */
843 if (ie_aoip) {
844 if (gsm0808_dec_aoip_trasp_addr(&r->aoip_transport_layer, ie_aoip->val, ie_aoip->len) < 0) {
845 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "unable to decode AoIP transport address\n");
846 return -EINVAL;
847 }
848 r->aoip_transport_layer_present = true;
849 }
850
851 if (ie_call_id) {
852 if (ie_call_id->len != 4) {
853 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Call Identifier has invalid length.\n");
854 return -EINVAL;
855 }
856 r->call_id = osmo_load32le(ie_call_id->val);
857 r->call_id_present = true;
858 }
859
860 return ran_decoded(ran_dec, &ran_dec_msg);
861}
862
863static int ran_a_decode_vgcs_vbs_assign_fail(struct ran_dec *ran_dec, const struct msgb *msg,
864 const struct tlv_parsed *tp)
865{
866 struct ran_msg ran_dec_msg = {
867 .msg_type = RAN_MSG_VGCS_VBS_ASSIGN_FAIL,
868 .msg_name = "BSSMAP VGCS/VBS ASSIGNMENT FAILURE",
869 };
870 struct gsm0808_vgcs_vbs_assign_fail *r = &ran_dec_msg.vgcs_vbs_assign_fail;
871 int rc;
872
873 const struct tlv_p_entry *ie_cause = TLVP_GET(tp, GSM0808_IE_CAUSE);
874 const struct tlv_p_entry *ie_circuit_pool = TLVP_GET(tp, GSM0808_IE_CIRCUIT_POOL);
875 const struct tlv_p_entry *ie_circuit_pool_list = TLVP_GET(tp, GSM0808_IE_CIRCUIT_POOL_LIST);
876 const struct tlv_p_entry *ie_codec_list_bss_supported = TLVP_GET(tp, GSM0808_IE_SPEECH_CODEC_LIST);
877
878 /* Cause, 3.2.2.5 */
879 if (!ie_cause || ie_cause->len < 1) {
880 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory IE missing: Cause\n");
881 return -EINVAL;
882 }
883 r->cause = ie_cause->val[0];
884
885 /* Circuit Pool, 3.2.2.45 */
886 if (ie_circuit_pool) {
887 r->circuit_pool = ie_circuit_pool->val[0];
888 r->circuit_pool_present = true;
889 }
890
891 /* Circuit Pool List, 3.2.2.46 */
892 if (ie_circuit_pool_list && ie_circuit_pool_list->len) {
893 if (ie_circuit_pool_list->len > CIRCUIT_POOL_LIST_MAXLEN) {
894 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Circuit Pool List has invalid length.\n");
895 return -EINVAL;
896 }
897 memcpy(r->cpl.pool, ie_circuit_pool_list->val, ie_circuit_pool_list->len);
898 r->cpl.list_len = ie_circuit_pool_list->len;
899 r->cpl_present = true;
900 }
901
902 /* Codec List (BSS Supported) 3.2.2.103 */
903 if (ie_codec_list_bss_supported) {
904 rc = gsm0808_dec_speech_codec_list(&r->codec_list_bss_supported,
905 ie_codec_list_bss_supported->val, ie_codec_list_bss_supported->len);
906 if (rc < 0) {
907 LOG_RAN_A_DEC_MSG(LOGL_ERROR,
908 "Complete Layer 3 Information: unable to decode IE Codec List (BSS Supported)"
909 " (rc=%d), continuing anyway\n", rc);
910 /* This IE is not critical, do not abort with error. */
911 } else
912 r->codec_list_present = true;
913 }
914
915 return ran_decoded(ran_dec, &ran_dec_msg);
916}
917
918static int ran_a_decode_vgcs_vbs_queuing_ind(struct ran_dec *ran_dec, const struct msgb *msg,
919 const struct tlv_parsed *tp)
920{
921 struct ran_msg ran_dec_msg = {
922 .msg_type = RAN_MSG_VGCS_VBS_QUEUING_IND,
923 .msg_name = "BSSMAP VGCS/VBS QUEUING INDICATION",
924 };
925
926 return ran_decoded(ran_dec, &ran_dec_msg);
927}
928
929static int ran_a_decode_uplink_request(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
930{
931 struct ran_msg ran_dec_msg = {
932 .msg_type = RAN_MSG_UPLINK_REQUEST,
933 .msg_name = "BSSMAP UPLINK REQUEST",
934 };
935 struct gsm0808_uplink_request *r = &ran_dec_msg.uplink_request;
936 int rc;
937
938 const struct tlv_p_entry *ie_talker_priority = TLVP_GET(tp, GSM0808_IE_TALKER_PRIORITY);
939 const struct tlv_p_entry *ie_cell_id = TLVP_GET(tp, GSM0808_IE_CELL_IDENTIFIER);
940 const struct tlv_p_entry *ie_l3_info = TLVP_GET(tp, GSM0808_IE_LAYER_3_INFORMATION);
941 const struct tlv_p_entry *ie_mi = TLVP_GET(tp, GSM0808_IE_MOBILE_IDENTITY);
942
943 /* Talker Priority, 3.2.2.89 */
944 if (ie_talker_priority) {
945 r->talker_priority = ie_talker_priority->val[0] & 0x03;
946 r->talker_priority_present = true;
947 }
948
949 /* Cell Identifier, 3.2.2.17 */
950 if (ie_cell_id) {
951 rc = gsm0808_dec_cell_id(&r->cell_identifier, ie_cell_id->val, ie_cell_id->len);
952 if (rc < 0) {
953 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Decoding Cell Identifier gave rc=%d\n", rc);
954 return -EINVAL;
955 }
956 }
957
958 /* Layer 3 Information, 3.2.2.24 */
959 if (ie_l3_info && ie_l3_info->len) {
960 if (ie_l3_info->len > LAYER_3_INFORMATION_MAXLEN) {
961 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Call Identifier has invalid length.\n");
962 return -EINVAL;
963 }
964 memcpy(r->l3.l3, ie_l3_info->val, ie_l3_info->len);
965 r->l3.l3_len = ie_l3_info->len;
966 r->l3_present = true;
967 }
968
969 /* Mobile Identity, 3.2.2.41 */
970 if (ie_mi) {
Andreas Eversbergcc729292023-07-19 09:41:58 +0200[diff] [blame]971 rc = osmo_mobile_identity_decode(&r->mi, ie_mi->val, ie_mi->len, false);
972 if (rc < 0) {
Andreas Eversberg2d27e2c2023-04-23 12:05:44 +0200[diff] [blame]973 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Decoding Mobile Identity gave rc=%d\n", rc);
974 return -EINVAL;
975 }
976 r->mi_present = true;
977 }
978
979 return ran_decoded(ran_dec, &ran_dec_msg);
980}
981
982static int ran_a_decode_uplink_request_cnf(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
983{
984 struct ran_msg ran_dec_msg = {
985 .msg_type = RAN_MSG_UPLINK_REQUEST_CNF,
986 .msg_name = "BSSMAP UPLINK REQUEST CONFIRM",
987 };
988 struct gsm0808_uplink_request_cnf *r = &ran_dec_msg.uplink_request_cnf;
989 int rc;
990
991 const struct tlv_p_entry *ie_cell_id = TLVP_GET(tp, GSM0808_IE_CELL_IDENTIFIER);
992 const struct tlv_p_entry *ie_talker_identity = TLVP_GET(tp, GSM0808_IE_TALKER_IDENTITY);
993 const struct tlv_p_entry *ie_l3_info = TLVP_GET(tp, GSM0808_IE_LAYER_3_INFORMATION);
994
995 /* Cell Identifier, 3.2.2.17 */
996 if (!ie_cell_id) {
997 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory IE missing: Cell Identifier\n");
998 return -EINVAL;
999 }
1000 rc = gsm0808_dec_cell_id(&r->cell_identifier, ie_cell_id->val, ie_cell_id->len);
1001 if (rc < 0) {
1002 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Decoding Cell Identifier gave rc=%d\n", rc);
1003 return -EINVAL;
1004 }
1005
1006 /* Talker Identity, 3.2.2.91 */
1007 if (ie_talker_identity) {
1008 rc = gsm0808_dec_talker_identity(&r->talker_identity, ie_talker_identity->val, ie_talker_identity->len);
1009 if (rc < 0) {
1010 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Decoding Talker Identity gave rc=%d\n", rc);
1011 return -EINVAL;
1012 }
1013 r->talker_identity_present = true;
1014 }
1015
1016 /* Layer 3 Information, 3.2.2.24 */
1017 if (!ie_l3_info) {
1018 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory IE missing: Layer 3 Information\n");
1019 return -EINVAL;
1020 }
1021 if (ie_l3_info->len > LAYER_3_INFORMATION_MAXLEN) {
1022 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Call Identifier has invalid length.\n");
1023 return -EINVAL;
1024 }
1025 memcpy(r->l3.l3, ie_l3_info->val, ie_l3_info->len);
1026 r->l3.l3_len = ie_l3_info->len;
1027
1028 return ran_decoded(ran_dec, &ran_dec_msg);
1029}
1030
1031static int ran_a_decode_uplink_application_data(struct ran_dec *ran_dec, const struct msgb *msg,
1032 const struct tlv_parsed *tp)
1033{
1034 struct ran_msg ran_dec_msg = {
1035 .msg_type = RAN_MSG_UPLINK_APPLICATION_DATA,
1036 .msg_name = "BSSMAP UPLINK APPLICATION DATA",
1037 };
1038 struct gsm0808_uplink_app_data *r = &ran_dec_msg.uplink_app_data;
1039 int rc;
1040
1041 const struct tlv_p_entry *ie_cell_id = TLVP_GET(tp, GSM0808_IE_CELL_IDENTIFIER);
1042 const struct tlv_p_entry *ie_l3_info = TLVP_GET(tp, GSM0808_IE_LAYER_3_INFORMATION);
1043 const struct tlv_p_entry *ie_app_data = TLVP_GET(tp, GSM0808_IE_APP_DATA);
1044
1045 /* Cell Identifier, 3.2.2.17 */
1046 if (!ie_cell_id) {
1047 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory IE missing: Cell Identifier\n");
1048 return -EINVAL;
1049 }
1050 rc = gsm0808_dec_cell_id(&r->cell_identifier, ie_cell_id->val, ie_cell_id->len);
1051 if (rc < 0) {
1052 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Decoding Cell Identifier gave rc=%d\n", rc);
1053 return -EINVAL;
1054 }
1055
1056 /* Layer 3 Information, 3.2.2.24 */
1057 if (!ie_l3_info) {
1058 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory IE missing: Layer 3 Information\n");
1059 return -EINVAL;
1060 }
1061 if (ie_l3_info->len > LAYER_3_INFORMATION_MAXLEN) {
1062 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Call Identifier has invalid length.\n");
1063 return -EINVAL;
1064 }
1065 memcpy(r->l3.l3, ie_l3_info->val, ie_l3_info->len);
1066 r->l3.l3_len = ie_l3_info->len;
1067
1068 /* Application Data Information, 3.2.2.100 */
1069 if (!ie_app_data || ie_app_data->len < 1) {
1070 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory IE missing: Application Data Information\n");
1071 return -EINVAL;
1072 }
1073 r->bt_ind = ie_app_data->val[0] & 0x01;
1074
1075 return ran_decoded(ran_dec, &ran_dec_msg);
1076}
1077
1078static int ran_a_decode_uplink_release_ind(struct ran_dec *ran_dec, const struct msgb *msg, const struct tlv_parsed *tp)
1079{
1080 struct ran_msg ran_dec_msg = {
1081 .msg_type = RAN_MSG_UPLINK_RELEASE_IND,
1082 .msg_name = "BSSMAP UPLINK RELEASE INDICATION",
1083 };
1084 struct gsm0808_uplink_release_ind *r = &ran_dec_msg.uplink_release_ind;
1085
1086 const struct tlv_p_entry *ie_cause = TLVP_GET(tp, GSM0808_IE_CAUSE);
1087 const struct tlv_p_entry *ie_talker_priority = TLVP_GET(tp, GSM0808_IE_TALKER_PRIORITY);
1088
1089 /* Cause, 3.2.2.5 */
1090 if (!ie_cause || ie_cause->len < 1) {
1091 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Mandatory IE missing: Cause\n");
1092 return -EINVAL;
1093 }
1094 r->cause = ie_cause->val[0];
1095
1096 /* Talker Priority, 3.2.2.89 */
1097 if (ie_talker_priority) {
1098 r->talker_priority = ie_talker_priority->val[0] & 0x03;
1099 r->talker_priority_present = true;
1100 }
1101
1102 return ran_decoded(ran_dec, &ran_dec_msg);
1103}
1104
1105static int ran_a_decode_vgcs_vbs_assign_status(struct ran_dec *ran_dec, const struct msgb *msg,
1106 const struct tlv_parsed *tp)
1107{
1108 struct ran_msg ran_dec_msg = {
1109 .msg_type = RAN_MSG_VGCS_VBS_ASSIGN_STATUS,
1110 .msg_name = "BSSMAP VGCS/VBS ASSIGNMENT STATUS",
1111 };
1112 struct gsm0808_vgcs_vbs_assign_stat *r = &ran_dec_msg.vgcs_vbs_assign_stat;
1113 int rc;
1114
1115 const struct tlv_p_entry *ie_cils_est = TLVP_GET(tp, GSM0808_IE_CELL_ID_LIST_SEG_EST_CELLS);
1116 const struct tlv_p_entry *ie_cils_tbe = TLVP_GET(tp, GSM0808_IE_CELL_ID_LIST_SEG_CELLS_TBE);
1117 const struct tlv_p_entry *ie_cils_rel = TLVP_GET(tp, GSM0808_IE_CELL_ID_LIST_SEG_REL_CELLS);
1118 const struct tlv_p_entry *ie_cils_ne = TLVP_GET(tp, GSM0808_IE_CELL_ID_LIST_SEG_NE_CELLS);
1119 const struct tlv_p_entry *ie_cell_status = TLVP_GET(tp, GSM0808_IE_VGCS_VBS_CELL_STATUS);
1120
1121 /* Cell Identifier List Segment, 3.2.2.27b */
1122 if (ie_cils_est) {
1123 rc = gsm0808_dec_cell_id_list_segment(&r->cils_est, ie_cils_est->val, ie_cils_est->len);
1124 if (rc < 0) {
1125 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Decoding Cell Identifier gave rc=%d\n", rc);
1126 return -EINVAL;
1127 }
1128 r->cils_est_present = true;
1129 }
1130
1131 /* Cell Identifier List Segment, 3.2.2.27c */
1132 if (ie_cils_tbe) {
1133 rc = gsm0808_dec_cell_id_list_segment(&r->cils_tbe, ie_cils_tbe->val, ie_cils_tbe->len);
1134 if (rc < 0) {
1135 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Decoding Cell Identifier gave rc=%d\n", rc);
1136 return -EINVAL;
1137 }
1138 r->cils_tbe_present = true;
1139 }
1140
1141 /* Cell Identifier List Segment, 3.2.2.27e */
1142 if (ie_cils_rel) {
1143 rc = gsm0808_dec_cell_id_list_segment(&r->cils_rel, ie_cils_rel->val, ie_cils_rel->len);
1144 if (rc < 0) {
1145 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Decoding Cell Identifier gave rc=%d\n", rc);
1146 return -EINVAL;
1147 }
1148 r->cils_rel_present = true;
1149 }
1150
1151 /* Cell Identifier List Segment, 3.2.2.27f */
1152 if (ie_cils_ne) {
1153 rc = gsm0808_dec_cell_id_list_segment(&r->cils_ne, ie_cils_ne->val, ie_cils_ne->len);
1154 if (rc < 0) {
1155 LOG_RAN_A_DEC_MSG(LOGL_ERROR, "Decoding Cell Identifier gave rc=%d\n", rc);
1156 return -EINVAL;
1157 }
1158 r->cils_ne_present = true;
1159 }
1160
1161 /* VGCS/VBS Cell Status, 3.2.2.94 */
1162 if (ie_cell_status && ie_cell_status->len) {
1163 r->cell_status = ie_cell_status->val[0] & 0x73;
1164 r->cell_status_present = true;
1165 }
1166
1167 return ran_decoded(ran_dec, &ran_dec_msg);
1168}
1169
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1170static int ran_a_decode_bssmap(struct ran_dec *ran_dec, struct msgb *bssmap)
1171{
1172 struct tlv_parsed tp[2];
1173 int rc;
1174 struct bssmap_header *h = msgb_l2(bssmap);
1175 uint8_t msg_type;
1176 bssmap->l3h = bssmap->l2h + sizeof(*h);
1177
1178 if (msgb_l3len(bssmap) < 1) {
1179 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "No data received, discarding message\n");
1180 return -1;
1181 }
1182
1183 if (msgb_l3len(bssmap) < h->length) {
Neels Hofmeyrf0923012019-08-22 17:19:49 +0200[diff] [blame]1184 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "BSSMAP data truncated, discarding message:"
1185 " msgb_l3len(bssmap) == %u < bssmap_header->length == %u\n",
1186 msgb_l3len(bssmap), h->length);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1187 return -1;
1188 }
1189
1190 if (msgb_l3len(bssmap) > h->length) {
Neels Hofmeyrf0923012019-08-22 17:19:49 +0200[diff] [blame]1191 LOG_RAN_A_DEC(ran_dec, LOGL_NOTICE, "There are %u extra bytes after the BSSMAP data, truncating:"
1192 " msgb_l3len(bssmap) == %u > bssmap_header->length == %u\n",
1193 msgb_l3len(bssmap) - h->length,
1194 msgb_l3len(bssmap), h->length);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1195 msgb_l3trim(bssmap, h->length);
1196 }
1197
1198 /* h->type == BSSAP_MSG_BSS_MANAGEMENT; h->length is the data length,
1199 * which starts with the MAP msg_type, followed by IEs. */
1200 msg_type = bssmap->l3h[0];
1201 rc = osmo_bssap_tlv_parse2(tp, ARRAY_SIZE(tp), bssmap->l3h + 1, h->length - 1);
1202 if (rc < 0) {
1203 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "Failed parsing TLV, discarding message\n");
1204 return -EINVAL;
1205 }
1206
Neels Hofmeyr72fc7062019-10-08 06:24:17 +0200[diff] [blame]1207 LOG_RAN_A_DEC(ran_dec, LOGL_DEBUG, "%s\n", gsm0808_bssmap_name(msg_type));
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1208
1209 switch (msg_type) {
1210 case BSS_MAP_MSG_COMPLETE_LAYER_3:
1211 return ran_a_decode_l3_compl(ran_dec, bssmap, tp);
1212 case BSS_MAP_MSG_CLEAR_RQST:
1213 return ran_a_decode_clear_request(ran_dec, bssmap, tp);
1214 case BSS_MAP_MSG_CLEAR_COMPLETE:
1215 return ran_a_decode_clear_complete(ran_dec, bssmap, tp);
1216 case BSS_MAP_MSG_CLASSMARK_UPDATE:
1217 return ran_a_decode_classmark_update(ran_dec, bssmap, tp);
1218 case BSS_MAP_MSG_CIPHER_MODE_COMPLETE:
1219 return ran_a_decode_cipher_mode_complete(ran_dec, bssmap, tp);
1220 case BSS_MAP_MSG_CIPHER_MODE_REJECT:
1221 return ran_a_decode_cipher_mode_reject(ran_dec, bssmap, tp);
1222 case BSS_MAP_MSG_ASSIGMENT_COMPLETE:
1223 rc = ran_a_decode_assignment_complete(ran_dec, bssmap, tp);
1224 if (rc < 0) {
1225 struct ran_msg ran_dec_msg = {
1226 .msg_type = RAN_MSG_ASSIGNMENT_FAILURE,
1227 .msg_name = "BSSMAP Assignment Complete but failed to decode",
1228 .clear_request = {
1229 .bssap_cause = GSM0808_CAUSE_EQUIPMENT_FAILURE,
1230 },
1231 };
1232 ran_decoded(ran_dec, &ran_dec_msg);
1233 }
1234 return rc;
1235 case BSS_MAP_MSG_ASSIGMENT_FAILURE:
1236 return ran_a_decode_assignment_failure(ran_dec, bssmap, tp);
1237 case BSS_MAP_MSG_SAPI_N_REJECT:
1238 return ran_a_decode_sapi_n_reject(ran_dec, bssmap, tp);
1239 case BSS_MAP_MSG_LCLS_NOTIFICATION:
1240 return ran_a_decode_lcls_notification(ran_dec, bssmap, tp);
Andreas Eversberg2d27e2c2023-04-23 12:05:44 +0200[diff] [blame]1241 case BSS_MAP_MSG_VGCS_VBS_SETUP_ACK:
1242 return ran_a_decode_vgcs_vbs_setup_ack(ran_dec, bssmap, tp);
1243 case BSS_MAP_MSG_VGCS_VBS_SETUP_REFUSE:
1244 return ran_a_decode_vgcs_vbs_setup_refuse(ran_dec, bssmap, tp);
1245 case BSS_MAP_MSG_VGCS_VBS_ASSIGNMENT_RESULT:
1246 return ran_a_decode_vgcs_vbs_assign_res(ran_dec, bssmap, tp);
1247 case BSS_MAP_MSG_VGCS_VBS_ASSIGNMENT_FAILURE:
1248 return ran_a_decode_vgcs_vbs_assign_fail(ran_dec, bssmap, tp);
1249 case BSS_MAP_MSG_VGCS_VBS_QUEUING_INDICATION:
1250 return ran_a_decode_vgcs_vbs_queuing_ind(ran_dec, bssmap, tp);
1251 case BSS_MAP_MSG_UPLINK_RQST:
1252 return ran_a_decode_uplink_request(ran_dec, bssmap, tp);
1253 case BSS_MAP_MSG_UPLINK_RQST_CONFIRMATION:
1254 return ran_a_decode_uplink_request_cnf(ran_dec, bssmap, tp);
1255 case BSS_MAP_MSG_UPLINK_APP_DATA:
1256 return ran_a_decode_uplink_application_data(ran_dec, bssmap, tp);
1257 case BSS_MAP_MSG_UPLINK_RELEASE_INDICATION:
1258 return ran_a_decode_uplink_release_ind(ran_dec, bssmap, tp);
1259 case BSS_MAP_MSG_VGCS_VBS_ASSIGNMENT_STATUS:
1260 return ran_a_decode_vgcs_vbs_assign_status(ran_dec, bssmap, tp);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1261
1262 /* From current RAN peer, the Handover origin: */
1263 case BSS_MAP_MSG_HANDOVER_REQUIRED:
1264 return ran_a_decode_handover_required(ran_dec, bssmap, tp);
1265
1266 /* From current MSC to remote handover target MSC */
1267 case BSS_MAP_MSG_HANDOVER_RQST:
1268 return ran_a_decode_handover_request(ran_dec, bssmap, tp);
1269
1270 /* From potential new RAN peer, the Handover target: */
1271 case BSS_MAP_MSG_HANDOVER_RQST_ACKNOWLEDGE:
1272 return ran_a_decode_handover_request_ack(ran_dec, bssmap, tp);
1273 case BSS_MAP_MSG_HANDOVER_DETECT:
1274 return ran_a_decode_handover_detect(ran_dec, bssmap, tp);
1275 case BSS_MAP_MSG_HANDOVER_SUCCEEDED:
1276 return ran_a_decode_handover_succeeded(ran_dec, bssmap, tp);
1277 case BSS_MAP_MSG_HANDOVER_COMPLETE:
1278 return ran_a_decode_handover_complete(ran_dec, bssmap, tp);
1279
1280 /* From any Handover peer: */
1281 case BSS_MAP_MSG_HANDOVER_FAILURE:
1282 return ran_a_decode_handover_failure(ran_dec, bssmap, tp);
1283
1284 default:
1285 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "Unimplemented msg type: %s\n", gsm0808_bssmap_name(msg_type));
1286 return -EINVAL;
1287 }
1288
1289 return -EINVAL;
1290}
1291
1292static int ran_a_decode_l3(struct ran_dec *ran_dec, struct msgb *l3)
1293{
1294 struct dtap_header *dtap = msgb_l2(l3);
1295 struct ran_msg ran_dec_msg = {
1296 .msg_type = RAN_MSG_DTAP,
1297 .msg_name = "BSSAP DTAP",
1298 .dtap = l3,
1299 };
1300 l3->l3h = l3->l2h + sizeof(struct dtap_header);
1301 OMSC_LINKID_CB(l3) = dtap->link_id;
1302 return ran_decoded(ran_dec, &ran_dec_msg);
1303}
1304
1305int ran_a_decode_l2(struct ran_dec *ran_dec, struct msgb *bssap)
1306{
1307 uint8_t bssap_type;
1308 OSMO_ASSERT(bssap);
1309
1310 if (!msgb_l2(bssap) || !msgb_l2len(bssap)) {
1311 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "Cannot decode L2, msg->l2h is unset / empty: %s\n",
1312 msgb_hexdump(bssap));
1313 return -EINVAL;
1314 }
1315
1316 if (msgb_l2len(bssap) < sizeof(struct bssmap_header)) {
1317 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "The header is too short -- discarding message\n");
1318 return -EINVAL;
1319 }
1320
1321 bssap_type = bssap->l2h[0];
1322 switch (bssap_type) {
1323 case BSSAP_MSG_BSS_MANAGEMENT:
1324 return ran_a_decode_bssmap(ran_dec, bssap);
1325 case BSSAP_MSG_DTAP:
1326 return ran_a_decode_l3(ran_dec, bssap);
1327 default:
1328 LOG_RAN_A_DEC(ran_dec, LOGL_ERROR, "Unimplemented BSSAP msg type: %s\n", gsm0808_bssap_name(bssap_type));
1329 return -EINVAL;
1330 }
1331}
1332
1333static struct msgb *ran_a_wrap_dtap(struct msgb *dtap)
1334{
1335 struct msgb *an_apdu;
1336 dtap->l3h = dtap->data;
1337 an_apdu = gsm0808_create_dtap(dtap, OMSC_LINKID_CB(dtap));
1338 an_apdu->l2h = an_apdu->data;
1339 msgb_free(dtap);
1340 return an_apdu;
1341}
1342
1343static int ran_a_channel_type_to_speech_codec_list(struct gsm0808_speech_codec_list *scl, const struct gsm0808_channel_type *ct)
1344{
1345 unsigned int i;
1346 int rc;
1347
1348 memset(scl, 0, sizeof(*scl));
Oliver Smithb1a15882023-05-23 13:54:36 +0200[diff] [blame]1349
1350 switch (ct->ch_indctr) {
1351 case GSM0808_CHAN_DATA:
Vadim Yanitskiycc8743c2023-07-25 04:57:31 +0700[diff] [blame]1352 scl->codec[0] = (struct gsm0808_speech_codec) {
1353 .pi = true, /* PI indicates CSDoIP is supported */
1354 .pt = false, /* PT indicates CSDoTDM is not supported */
1355 .type = GSM0808_SCT_CSD,
1356 .cfg = 0, /* R2/R3 not set (redundancy not supported) */
1357 };
Oliver Smithb1a15882023-05-23 13:54:36 +0200[diff] [blame]1358 scl->len = 1;
1359 break;
1360 case GSM0808_CHAN_SPEECH:
1361 for (i = 0; i < ct->perm_spch_len; i++) {
1362 rc = gsm0808_speech_codec_from_chan_type(&scl->codec[i], ct->perm_spch[i]);
1363 if (rc != 0)
1364 return -EINVAL;
1365 }
1366 scl->len = i;
1367 break;
1368 default:
1369 OSMO_ASSERT(0);
1370 break;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1371 }
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1372
1373 return 0;
1374}
1375
1376/* Compose a BSSAP Assignment Command.
1377 * Passing an RTP address is optional.
1378 * The msub is passed merely for error logging. */
1379static struct msgb *ran_a_make_assignment_command(struct osmo_fsm_inst *log_fi,
1380 const struct ran_assignment_command *ac)
1381{
1382 struct gsm0808_speech_codec_list scl;
1383 struct gsm0808_speech_codec_list *use_scl = NULL;
1384 struct sockaddr_storage rtp_addr;
1385 struct sockaddr_storage *use_rtp_addr = NULL;
Pau Espin Pedrola3cdab42019-05-09 17:54:08 +0200[diff] [blame]1386 struct msgb *msg;
Philipp Maierf34d9452020-06-05 15:49:35 +0200[diff] [blame]1387 const uint32_t *call_id = NULL;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1388 int rc;
1389
1390 if (!ac->channel_type) {
1391 LOG_RAN_A_ENC(log_fi, LOGL_ERROR, "Assignment Command: missing Channel Type\n");
1392 return NULL;
1393 }
1394
Oliver Smithb1a15882023-05-23 13:54:36 +0200[diff] [blame]1395 if (ac->channel_type->ch_indctr == GSM0808_CHAN_SPEECH || ac->channel_type->ch_indctr == GSM0808_CHAN_DATA) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1396 rc = ran_a_channel_type_to_speech_codec_list(&scl, ac->channel_type);
1397 if (rc < 0) {
1398 LOG_RAN_A_ENC(log_fi, LOGL_ERROR, "Assignment Command: Cannot translate Channel Type to Speech Codec List\n");
1399 return NULL;
1400 }
1401 use_scl = &scl;
1402
1403 /* Package RTP-Address data */
Neels Hofmeyr84ce2062019-10-05 05:15:25 +0200[diff] [blame]1404 if (osmo_sockaddr_str_is_nonzero(ac->cn_rtp)) {
Pau Espin Pedrold35abfa2020-08-31 20:44:50 +0200[diff] [blame]1405 struct sockaddr_in *sin;
1406 struct sockaddr_in6 *sin6;
1407 int family = osmo_ip_str_type(ac->cn_rtp->ip);
1408 switch (family) {
1409 case AF_INET:
1410 sin = (struct sockaddr_in *)&rtp_addr;
1411 sin->sin_family = AF_INET;
1412 sin->sin_port = osmo_htons(ac->cn_rtp->port);
1413 if (inet_pton(AF_INET, ac->cn_rtp->ip, &sin->sin_addr) != 1) {
1414 LOG_RAN_A_ENC(log_fi, LOGL_ERROR,
1415 "Assignment Command: Invalid RTP-Address %s\n",
1416 ac->cn_rtp->ip);
1417 return NULL;
1418 }
1419 if (sin->sin_port == 0) {
1420 LOG_RAN_A_ENC(log_fi, LOGL_ERROR,
1421 "Assignment Command: Invalid RTP-Port\n");
1422 return NULL;
1423 }
1424 break;
1425 case AF_INET6:
1426 sin6 = (struct sockaddr_in6 *)&rtp_addr;
1427 sin6->sin6_family = AF_INET6;
1428 sin6->sin6_port = osmo_htons(ac->cn_rtp->port);
1429 if (inet_pton(AF_INET6, ac->cn_rtp->ip, &sin6->sin6_addr) != 1) {
1430 LOG_RAN_A_ENC(log_fi, LOGL_ERROR,
1431 "Assignment Command: Invalid RTP-Address %s\n",
1432 ac->cn_rtp->ip);
1433 return NULL;
1434 }
1435 if (sin6->sin6_port == 0) {
1436 LOG_RAN_A_ENC(log_fi, LOGL_ERROR,
1437 "Assignment Command: Invalid RTP-Port\n");
1438 return NULL;
1439 }
1440 break;
1441 default:
1442 LOG_RAN_A_ENC(log_fi, LOGL_ERROR,
1443 "Assignment Command: Invalid RTP-Address type for %s\n",
1444 ac->cn_rtp->ip);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1445 return NULL;
1446 }
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1447 use_rtp_addr = &rtp_addr;
1448 }
1449 }
1450
Philipp Maierf34d9452020-06-05 15:49:35 +0200[diff] [blame]1451 if(ac->call_id_present == true)
1452 call_id = &ac->call_id;
1453
Keith Whytea1a70be2021-05-16 02:59:52 +0200[diff] [blame]1454 msg = gsm0808_create_ass2(ac->channel_type, NULL, use_rtp_addr, use_scl, call_id,
1455 NULL, ac->lcls);
Vadim Yanitskiy8284fb02022-12-14 04:47:58 +0700[diff] [blame]1456 if (msg == NULL) {
1457 LOG_RAN_A_ENC(log_fi, LOGL_ERROR,
1458 "Failed to encode BSSMAP Assignment Request message\n");
1459 return NULL;
1460 }
1461
Andreas Eversberg9bbdc342023-06-21 13:35:38 +0200[diff] [blame]1462 /* Append optional IEs: Group Call Reference and Osmux CID */
1463 OSMO_ASSERT(msg->l3h[1] == msgb_l3len(msg) - 2); /* TL not in len */
1464 if (ac->callref_present)
1465 gsm0808_enc_group_callref(msg, &ac->callref);
Pau Espin Pedrola3cdab42019-05-09 17:54:08 +0200[diff] [blame]1466 if (ac->osmux_present)
Andreas Eversberg9bbdc342023-06-21 13:35:38 +0200[diff] [blame]1467 msgb_tv_put(msg, GSM0808_IE_OSMO_OSMUX_CID, ac->osmux_cid);
1468 msg->l3h[1] = msgb_l3len(msg) - 2;
Pau Espin Pedrola3cdab42019-05-09 17:54:08 +0200[diff] [blame]1469 return msg;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1470}
1471
1472/* For an A5/N number a5_n set dst to the matching GSM0808_ALG_ID_A5_<n>. */
1473static int a5_n_to_gsm0808_chosen_enc_alg(uint8_t *dst, int a5_n)
1474{
1475 switch (a5_n) {
1476 case 0:
1477 *dst = GSM0808_ALG_ID_A5_0;
1478 return 0;
1479 case 1:
1480 *dst = GSM0808_ALG_ID_A5_1;
1481 return 0;
1482 case 2:
1483 *dst = GSM0808_ALG_ID_A5_2;
1484 return 0;
1485 case 3:
1486 *dst = GSM0808_ALG_ID_A5_3;
1487 return 0;
Neels Hofmeyr6ce2edc2021-06-09 22:26:11 +0200[diff] [blame]1488 case 4:
1489 *dst = GSM0808_ALG_ID_A5_4;
1490 return 0;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1491 default:
1492 return -ENOTSUP;
1493 }
1494}
1495
1496static int make_encrypt_info_perm_algo(struct osmo_fsm_inst *fi, struct gsm0808_encrypt_info *ei,
1497 uint8_t a5_encryption_mask, const struct osmo_gsm48_classmark *cm)
1498{
1499 int i;
1500 int j = 0;
1501 for (i = 0; i < 8; i++) {
1502 int supported;
1503
1504 /* A5/n permitted by osmo-msc.cfg? */
1505 if (!(a5_encryption_mask & (1 << i)))
1506 continue;
1507
1508 /* A5/n supported by MS? */
1509 supported = osmo_gsm48_classmark_supports_a5(cm, i);
1510 if (supported != 1)
1511 continue;
1512
1513 if (a5_n_to_gsm0808_chosen_enc_alg(&ei->perm_algo[j], i)) {
1514 LOG_RAN_A_ENC(fi, LOGL_ERROR, "Not supported: A5/%d algorithm\n", i);
1515 return -1;
1516 }
1517 j++;
1518 ei->perm_algo_len = j;
1519 }
1520 return 0;
1521}
1522
1523/* For ran_a_make_cipher_mode_command(), for
1524 * memcpy(ei.key, cm->vec->kc, sizeof(cm->vec->kc));
1525 */
1526osmo_static_assert(sizeof(((struct gsm0808_encrypt_info*)0)->key) >= sizeof(((struct osmo_auth_vector*)0)->kc),
1527 gsm0808_encrypt_info_key_fits_osmo_auth_vec_kc);
1528static struct msgb *ran_a_make_cipher_mode_command(struct osmo_fsm_inst *fi, const struct ran_cipher_mode_command *cm)
1529{
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1530 struct gsm0808_cipher_mode_command cmc = {
1531 .cipher_response_mode_present = true,
1532 .cipher_response_mode = 1, /* 1: include IMEISV (3GPP TS 48.008 3.2.2.34) */
1533 };
1534 struct gsm0808_encrypt_info *ei = &cmc.ei;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1535 char buf[16 * 2 + 1];
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1536
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1537 if (make_encrypt_info_perm_algo(fi, ei, cm->geran.a5_encryption_mask, cm->classmark))
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1538 return NULL;
1539
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1540 if (ei->perm_algo_len == 0) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1541 LOG_RAN_A_ENC(fi, LOGL_ERROR, "cannot start ciphering, no intersection between MSC-configured"
1542 " and MS-supported A5 algorithms. MSC: 0x%02x MS: %s\n",
1543 cm->geran.a5_encryption_mask, osmo_gsm48_classmark_a5_name(cm->classmark));
1544 return NULL;
1545 }
1546
1547 /* In case of UMTS AKA, the Kc for ciphering must be derived from the 3G auth
1548 * tokens. vec->kc was calculated from the GSM algorithm and is not
1549 * necessarily a match for the UMTS AKA tokens. */
Neels Hofmeyr6ce2edc2021-06-09 22:26:11 +0200[diff] [blame]1550 if (cm->geran.umts_aka) {
1551 int i;
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1552 osmo_auth_c3(ei->key, cm->vec->ck, cm->vec->ik);
Neels Hofmeyr6ce2edc2021-06-09 22:26:11 +0200[diff] [blame]1553
1554 for (i = 0; i < ei->perm_algo_len; i++) {
1555 if (ei->perm_algo[i] != GSM0808_ALG_ID_A5_4)
1556 continue;
1557 /* A5/4 is included, so need to generate Kc128 */
1558 osmo_kdf_kc128(cm->vec->ck, cm->vec->ik, cmc.kc128);
1559 cmc.kc128_present = true;
1560 break;
1561 }
1562 } else {
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1563 memcpy(ei->key, cm->vec->kc, sizeof(cm->vec->kc));
Neels Hofmeyr6ce2edc2021-06-09 22:26:11 +0200[diff] [blame]1564 }
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1565 ei->key_len = sizeof(cm->vec->kc);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1566
1567 /* Store chosen GERAN key where the caller asked it to be stored.
1568 * alg_id remains unknown until we receive a Cipher Mode Complete from the BSC */
1569 if (cm->geran.chosen_key) {
Neels Hofmeyr6ce2edc2021-06-09 22:26:11 +0200[diff] [blame]1570 *cm->geran.chosen_key = (struct geran_encr){0};
1571
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1572 if (ei->key_len > sizeof(cm->geran.chosen_key->key)) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1573 LOG_RAN_A_ENC(fi, LOGL_ERROR, "Chosen key is larger than I can store\n");
1574 return NULL;
1575 }
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1576 memcpy(cm->geran.chosen_key->key, ei->key, ei->key_len);
1577 cm->geran.chosen_key->key_len = ei->key_len;
Neels Hofmeyr6ce2edc2021-06-09 22:26:11 +0200[diff] [blame]1578
1579 if (cmc.kc128_present) {
1580 memcpy(cm->geran.chosen_key->kc128, cmc.kc128, 16);
1581 cm->geran.chosen_key->kc128_present = true;
1582 }
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1583 }
1584
1585 LOG_RAN_A_ENC(fi, LOGL_DEBUG, "Tx BSSMAP CIPHER MODE COMMAND to BSC, %u ciphers (%s) key %s\n",
Neels Hofmeyrcdcfc802021-06-09 22:26:11 +0200[diff] [blame]1586 ei->perm_algo_len, osmo_hexdump_nospc(ei->perm_algo, ei->perm_algo_len),
1587 osmo_hexdump_buf(buf, sizeof(buf), ei->key, ei->key_len, NULL, false));
1588 return gsm0808_create_cipher2(&cmc);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1589}
1590
1591struct msgb *ran_a_make_handover_request(struct osmo_fsm_inst *log_fi, const struct ran_handover_request *n)
1592{
1593 struct sockaddr_storage ss;
1594 struct gsm0808_handover_request r = {
1595 .cell_identifier_serving = n->cell_id_serving,
1596 .cell_identifier_target = n->cell_id_target,
1597 .cause = n->bssap_cause,
1598 .current_channel_type_1_present = n->current_channel_type_1_present,
1599 .current_channel_type_1 = n->current_channel_type_1,
1600
1601 .speech_version_used = n->speech_version_used,
1602
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1603 .old_bss_to_new_bss_info_raw = n->old_bss_to_new_bss_info_raw,
1604 .old_bss_to_new_bss_info_raw_len = n->old_bss_to_new_bss_info_raw_len,
1605
1606 .imsi = n->imsi,
1607 .codec_list_msc_preferred = n->codec_list_msc_preferred,
Philipp Maier7da956e2020-06-09 14:34:40 +0200[diff] [blame]1608 .call_id_present = n->call_id_present,
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1609 .call_id = n->call_id,
1610 .global_call_reference = n->global_call_reference,
1611 .global_call_reference_len = n->global_call_reference_len,
1612 };
1613
1614 if (!n->geran.channel_type) {
1615 LOG_RAN_A_ENC(log_fi, LOGL_ERROR, "Channel Type required for encoding Handover Request in BSSAP\n");
1616 return NULL;
1617 }
1618 r.channel_type = *n->geran.channel_type;
1619
1620 /* Encryption Information */
1621 make_encrypt_info_perm_algo(log_fi, &r.encryption_information, n->geran.a5_encryption_mask, n->classmark);
1622 if (n->geran.chosen_encryption && n->geran.chosen_encryption->key_len) {
Vadim Yanitskiy444771d2019-05-11 04:46:24 +0700[diff] [blame]1623 /* Prevent both source / destination buffer overrun / overflow */
1624 if (n->geran.chosen_encryption->key_len > sizeof(r.encryption_information.key)
1625 || n->geran.chosen_encryption->key_len > sizeof(n->geran.chosen_encryption->key)) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1626 LOG_RAN_A_ENC(log_fi, LOGL_ERROR, "Handover Request: invalid chosen encryption key size %u\n",
1627 n->geran.chosen_encryption->key_len);
1628 return NULL;
1629 }
1630 memcpy(r.encryption_information.key,
1631 n->geran.chosen_encryption->key, n->geran.chosen_encryption->key_len);
1632 r.encryption_information.key_len = n->geran.chosen_encryption->key_len;
Vadim Yanitskiybfe8eb72019-05-11 03:52:28 +0700[diff] [blame]1633 r.chosen_encryption_algorithm_serving = n->geran.chosen_encryption->alg_id;
Neels Hofmeyrdb07fdc2021-06-09 22:27:47 +0200[diff] [blame]1634
1635 if (n->geran.chosen_encryption->kc128_present) {
1636 r.more_items = true;
1637 memcpy(r.kc128, n->geran.chosen_encryption->kc128, sizeof(r.kc128));
1638 r.kc128_present = true;
1639 }
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1640 }
1641
1642 if (n->classmark)
1643 r.classmark_information = *n->classmark;
1644
Neels Hofmeyr84ce2062019-10-05 05:15:25 +0200[diff] [blame]1645 if (osmo_sockaddr_str_is_nonzero(n->rtp_ran_local)) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1646 if (osmo_sockaddr_str_to_sockaddr(n->rtp_ran_local, &ss)) {
1647 LOG_RAN_A_ENC(log_fi, LOGL_ERROR,
1648 "Handover Request: invalid AoIP Transport Layer address/port: "
1649 OSMO_SOCKADDR_STR_FMT "\n", OSMO_SOCKADDR_STR_FMT_ARGS(n->rtp_ran_local));
1650 return NULL;
1651 }
1652 r.aoip_transport_layer = &ss;
1653 }
1654
1655 return gsm0808_create_handover_request(&r);
1656}
1657
1658static struct msgb *ran_a_make_handover_request_ack(struct osmo_fsm_inst *caller_fi, const struct ran_handover_request_ack *r)
1659{
1660 struct sockaddr_storage ss;
1661 struct gsm0808_handover_request_ack params = {
1662 .l3_info = r->rr_ho_command,
1663 .l3_info_len = r->rr_ho_command_len,
1664 .chosen_channel_present = r->chosen_channel_present,
1665 .chosen_channel = r->chosen_channel,
1666 .chosen_encr_alg = r->chosen_encr_alg,
1667 .chosen_speech_version = r->chosen_speech_version,
1668 };
1669
Neels Hofmeyr84ce2062019-10-05 05:15:25 +0200[diff] [blame]1670 if (osmo_sockaddr_str_is_nonzero(&r->remote_rtp)) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1671 osmo_sockaddr_str_to_sockaddr(&r->remote_rtp, &ss);
1672 params.aoip_transport_layer = &ss;
1673 }
1674
1675 return gsm0808_create_handover_request_ack2(&params);
1676}
1677
1678struct msgb *ran_a_make_handover_command(struct osmo_fsm_inst *log_fi, const struct ran_handover_command *n)
1679{
1680 struct gsm0808_handover_command c = {
1681 .l3_info = n->rr_ho_command,
1682 .l3_info_len = n->rr_ho_command_len,
1683 };
1684
1685 return gsm0808_create_handover_command(&c);
1686}
1687
1688struct msgb *ran_a_make_handover_failure(struct osmo_fsm_inst *log_fi, const struct ran_msg *msg)
1689{
1690 struct gsm0808_handover_failure params = {
1691 .cause = msg->handover_failure.cause,
1692 };
1693 return gsm0808_create_handover_failure(&params);
1694}
1695
1696static struct msgb *_ran_a_encode(struct osmo_fsm_inst *caller_fi, const struct ran_msg *ran_enc_msg)
1697{
1698
1699 LOG_RAN_A_ENC(caller_fi, LOGL_DEBUG, "%s\n", ran_msg_type_name(ran_enc_msg->msg_type));
1700
1701 switch (ran_enc_msg->msg_type) {
1702
1703 case RAN_MSG_DTAP:
1704 return ran_a_wrap_dtap(ran_enc_msg->dtap);
1705
1706 case RAN_MSG_CLASSMARK_REQUEST:
1707 return gsm0808_create_classmark_request();
1708
1709 case RAN_MSG_CLEAR_COMMAND:
1710 return gsm0808_create_clear_command2(ran_enc_msg->clear_command.gsm0808_cause,
1711 ran_enc_msg->clear_command.csfb_ind);
1712
1713 case RAN_MSG_ASSIGNMENT_COMMAND:
1714 return ran_a_make_assignment_command(caller_fi, &ran_enc_msg->assignment_command);
1715
Harald Welte544a32f2020-06-21 22:15:53 +0200[diff] [blame]1716 case RAN_MSG_COMMON_ID:
Pau Espin Pedrol67106702021-04-27 18:20:15 +0200[diff] [blame]1717 return gsm0808_create_common_id(ran_enc_msg->common_id.imsi, NULL,
1718 ran_enc_msg->common_id.last_eutran_plmn_present ?
1719 &ran_enc_msg->common_id.last_eutran_plmn :
1720 NULL
1721 );
Harald Welte544a32f2020-06-21 22:15:53 +0200[diff] [blame]1722
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1723 case RAN_MSG_CIPHER_MODE_COMMAND:
1724 return ran_a_make_cipher_mode_command(caller_fi, &ran_enc_msg->cipher_mode_command);
1725
1726 case RAN_MSG_HANDOVER_REQUIRED_REJECT:
1727 return gsm0808_create_handover_required_reject(&ran_enc_msg->handover_required_reject);
1728
1729 case RAN_MSG_HANDOVER_REQUEST:
1730 return ran_a_make_handover_request(caller_fi, &ran_enc_msg->handover_request);
1731
1732 case RAN_MSG_HANDOVER_REQUEST_ACK:
1733 return ran_a_make_handover_request_ack(caller_fi, &ran_enc_msg->handover_request_ack);
1734
1735 case RAN_MSG_HANDOVER_COMMAND:
1736 return ran_a_make_handover_command(caller_fi, &ran_enc_msg->handover_command);
1737
1738 case RAN_MSG_HANDOVER_SUCCEEDED:
1739 return gsm0808_create_handover_succeeded();
1740
1741 case RAN_MSG_HANDOVER_FAILURE:
1742 return ran_a_make_handover_failure(caller_fi, ran_enc_msg);
1743
Andreas Eversberg2d27e2c2023-04-23 12:05:44 +0200[diff] [blame]1744 case RAN_MSG_VGCS_VBS_SETUP:
1745 return gsm0808_create_vgcs_vbs_setup(&ran_enc_msg->vgcs_vbs_setup);
1746
1747 case RAN_MSG_VGCS_VBS_ASSIGN_REQ:
1748 return gsm0808_create_vgcs_vbs_assign_req(&ran_enc_msg->vgcs_vbs_assign_req);
1749
1750 case RAN_MSG_UPLINK_REQUEST_ACK:
1751 return gsm0808_create_uplink_request_ack(&ran_enc_msg->uplink_request_ack);
1752
1753 case RAN_MSG_UPLINK_REJECT_CMD:
1754 return gsm0808_create_uplink_reject_cmd(&ran_enc_msg->uplink_reject_cmd);
1755
1756 case RAN_MSG_UPLINK_RELEASE_CMD:
1757 return gsm0808_create_uplink_release_cmd(ran_enc_msg->uplink_release_cmd.cause);
1758
1759 case RAN_MSG_UPLINK_SEIZED_CMD:
1760 return gsm0808_create_uplink_seized_cmd(&ran_enc_msg->uplink_seized_cmd);
1761
1762 case RAN_MSG_VGCS_ADDITIONAL_INFO:
1763 return gsm0808_create_vgcs_additional_info(&ran_enc_msg->vgcs_additional_info.talker_identity);
1764
1765 case RAN_MSG_VGCS_VBS_AREA_CELL_INFO:
1766 return gsm0808_create_vgcs_vbs_area_cell_info(&ran_enc_msg->vgcs_vbs_area_cell_info);
1767
1768 case RAN_MSG_VGCS_SMS:
1769 return gsm0808_create_vgcs_sms(&ran_enc_msg->vgcs_sms.sms_to_vgcs);
1770
1771 case RAN_MSG_NOTIFICATION_DATA:
1772 return gsm0808_create_notification_data(&ran_enc_msg->notification_data);
1773
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1774 default:
1775 LOG_RAN_A_ENC(caller_fi, LOGL_ERROR, "Unimplemented RAN-encode message type: %s\n",
1776 ran_msg_type_name(ran_enc_msg->msg_type));
1777 return NULL;
1778 }
1779}
1780
1781struct msgb *ran_a_encode(struct osmo_fsm_inst *caller_fi, const struct ran_msg *ran_enc_msg)
1782{
1783 struct msgb *msg = _ran_a_encode(caller_fi, ran_enc_msg);
1784
1785 if (!msg)
1786 return NULL;
1787
1788 msg->l2h = msg->data;
1789
1790 /* some consistency checks to ensure we don't send invalid length */
1791 switch (msg->l2h[0]) {
1792 case BSSAP_MSG_DTAP:
1793 OSMO_ASSERT(msgb_l2len(msg) == msg->l2h[2] + 3);
1794 break;
1795 case BSSAP_MSG_BSS_MANAGEMENT:
1796 OSMO_ASSERT(msgb_l2len(msg) == msg->l2h[1] + 2);
1797 break;
1798 default:
1799 break;
1800 }
1801
1802 return msg;
1803}
1804
Neels Hofmeyrb6972742020-06-26 15:20:51 +0200[diff] [blame]1805static void cl_parse_osmux(struct osmo_fsm_inst *log_fi, struct msgb *msg, int *supports_osmux)
1806{
1807 struct tlv_parsed tp;
1808 int rc;
1809
1810 if (supports_osmux == NULL)
1811 return;
1812
1813 rc = tlv_parse(&tp, gsm0808_att_tlvdef(), msgb_l3(msg) + 1, msgb_l3len(msg) - 1, 0, 0);
1814 if (rc < 0) {
1815 LOGPFSMSL(log_fi, DBSSAP, LOGL_ERROR, "BSSMAP: Failed parsing TLV looking for Osmux support\n");
1816 return;
1817 }
1818
1819 if (TLVP_PRESENT(&tp, GSM0808_IE_OSMO_OSMUX_SUPPORT)) {
1820 *supports_osmux = true;
1821 } else {
1822 *supports_osmux = false;
1823 }
1824}
1825
1826/* Return 1 for a RESET, 2 for a RESET ACK message, 0 otherwise.
1827 * In supports_osmux, return 0 for no information, 1 for support detected, -1 for non-support detected. */
1828enum reset_msg_type bssmap_is_reset_msg(const struct sccp_ran_inst *sri, struct osmo_fsm_inst *log_fi,
1829 struct msgb *l2, int *supports_osmux)
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1830{
1831 struct bssmap_header *bs = (struct bssmap_header *)msgb_l2(l2);
1832
Neels Hofmeyrb6972742020-06-26 15:20:51 +0200[diff] [blame]1833 if (supports_osmux != NULL)
1834 *supports_osmux = 0;
1835
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1836 if (!bs
1837 || msgb_l2len(l2) < (sizeof(*bs) + 1)
1838 || bs->type != BSSAP_MSG_BSS_MANAGEMENT)
1839 return SCCP_RAN_MSG_NON_RESET;
1840
Neels Hofmeyrb6972742020-06-26 15:20:51 +0200[diff] [blame]1841 l2->l3h = l2->l2h + sizeof(struct bssmap_header);
1842
1843 switch (l2->l3h[0]) {
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1844 case BSS_MAP_MSG_RESET:
Neels Hofmeyrb6972742020-06-26 15:20:51 +0200[diff] [blame]1845 cl_parse_osmux(log_fi, l2, supports_osmux);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1846 return SCCP_RAN_MSG_RESET;
1847 case BSS_MAP_MSG_RESET_ACKNOWLEDGE:
Neels Hofmeyrb6972742020-06-26 15:20:51 +0200[diff] [blame]1848 cl_parse_osmux(log_fi, l2, supports_osmux);
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1849 return SCCP_RAN_MSG_RESET_ACK;
1850 default:
1851 return SCCP_RAN_MSG_NON_RESET;
1852 }
1853}
1854
Pau Espin Pedrolc9ba7542019-05-07 12:23:49 +0200[diff] [blame]1855/* Patch regular BSSMAP RESET to add extra T to announce Osmux support (osmocom extension) */
1856static void _gsm0808_extend_announce_osmux(struct msgb *msg)
1857{
1858 OSMO_ASSERT(msg->l3h[1] == msgb_l3len(msg) - 2); /*TL not in len */
1859 msgb_put_u8(msg, GSM0808_IE_OSMO_OSMUX_SUPPORT);
1860 msg->l3h[1] = msgb_l3len(msg) - 2;
1861}
1862
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1863struct msgb *bssmap_make_reset_msg(const struct sccp_ran_inst *sri, enum reset_msg_type type)
1864{
Pau Espin Pedrolc9ba7542019-05-07 12:23:49 +0200[diff] [blame]1865 struct gsm_network *net = sri->user_data;
1866 struct msgb *msg;
1867
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1868 switch (type) {
1869 case SCCP_RAN_MSG_RESET:
Pau Espin Pedrolc9ba7542019-05-07 12:23:49 +0200[diff] [blame]1870 msg = gsm0808_create_reset();
1871 break;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1872 case SCCP_RAN_MSG_RESET_ACK:
Pau Espin Pedrolc9ba7542019-05-07 12:23:49 +0200[diff] [blame]1873 msg = gsm0808_create_reset_ack();
1874 break;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1875 default:
1876 return NULL;
1877 }
Pau Espin Pedrolc9ba7542019-05-07 12:23:49 +0200[diff] [blame]1878
1879 if (!msg)
1880 return NULL;
1881
1882 if (net->use_osmux != OSMUX_USAGE_OFF)
1883 _gsm0808_extend_announce_osmux(msg);
1884
1885 return msg;
Neels Hofmeyrc4628a32018-12-07 14:47:34 +0100[diff] [blame]1886}
1887
1888struct msgb *bssmap_make_paging_msg(const struct sccp_ran_inst *sri, const struct gsm0808_cell_id *page_cell_id,
1889 const char *imsi, uint32_t tmsi, enum paging_cause cause)
1890{
1891 struct gsm0808_cell_id_list2 cil;
1892 gsm0808_cell_id_to_list(&cil, page_cell_id);
1893 return gsm0808_create_paging2(imsi, tmsi == GSM_RESERVED_TMSI ? NULL : &tmsi, &cil, NULL);
1894}
1895
1896const char *bssmap_msg_name(const struct sccp_ran_inst *sri, const struct msgb *l2)
1897{
1898 struct bssmap_header *bs;
1899
1900 if (!l2->l2h)
1901 return "?";
1902
1903 bs = (struct bssmap_header *)msgb_l2(l2);
1904 switch (bs->type) {
1905 case BSSAP_MSG_BSS_MANAGEMENT:
1906 return gsm0808_bssmap_name(l2->l2h[0]);
1907 case BSSAP_MSG_DTAP:
1908 return "DTAP";
1909 default:
1910 return "?";
1911 }
1912}