2013-07-29 07:42:23 +00:00
|
|
|
/* L1 SAP primitives */
|
|
|
|
|
|
|
|
|
|
/* (C) 2011 by Harald Welte <laforge@gnumonks.org>
|
|
|
|
|
* (C) 2013 by Andreas Eversberg <jolly@eversberg.eu>
|
|
|
|
|
*
|
|
|
|
|
* All Rights Reserved
|
|
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU Affero General Public License as published by
|
|
|
|
|
* the Free Software Foundation; either version 3 of the License, or
|
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU Affero General Public License
|
|
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include <stdint.h>
|
|
|
|
|
#include <unistd.h>
|
|
|
|
|
#include <errno.h>
|
|
|
|
|
#include <fcntl.h>
|
2016-09-17 12:15:03 +00:00
|
|
|
#include <stdbool.h>
|
2013-07-29 07:42:23 +00:00
|
|
|
#include <sys/types.h>
|
|
|
|
|
#include <sys/stat.h>
|
2017-06-29 15:53:49 +00:00
|
|
|
#include <inttypes.h>
|
2013-07-29 07:42:23 +00:00
|
|
|
|
|
|
|
|
#include <osmocom/core/msgb.h>
|
|
|
|
|
#include <osmocom/gsm/l1sap.h>
|
2017-07-03 08:56:59 +00:00
|
|
|
#include <osmocom/gsm/gsm_utils.h>
|
2018-10-10 11:43:04 +00:00
|
|
|
#include <osmocom/gsm/rsl.h>
|
2013-07-29 07:42:23 +00:00
|
|
|
#include <osmocom/core/gsmtap.h>
|
|
|
|
|
#include <osmocom/core/gsmtap_util.h>
|
|
|
|
|
#include <osmocom/core/utils.h>
|
|
|
|
|
|
|
|
|
|
#include <osmocom/trau/osmo_ortp.h>
|
|
|
|
|
|
|
|
|
|
#include <osmo-bts/logging.h>
|
|
|
|
|
#include <osmo-bts/gsm_data.h>
|
|
|
|
|
#include <osmo-bts/l1sap.h>
|
2016-10-03 15:37:45 +00:00
|
|
|
#include <osmo-bts/dtx_dl_amr_fsm.h>
|
2013-07-29 07:42:23 +00:00
|
|
|
#include <osmo-bts/pcu_if.h>
|
|
|
|
|
#include <osmo-bts/measurement.h>
|
|
|
|
|
#include <osmo-bts/bts.h>
|
|
|
|
|
#include <osmo-bts/rsl.h>
|
2017-01-02 20:42:56 +00:00
|
|
|
#include <osmo-bts/oml.h>
|
2017-06-22 11:07:33 +00:00
|
|
|
#include <osmo-bts/abis.h>
|
2013-07-29 07:42:23 +00:00
|
|
|
#include <osmo-bts/bts_model.h>
|
2014-08-27 15:13:20 +00:00
|
|
|
#include <osmo-bts/handover.h>
|
2016-09-17 12:15:03 +00:00
|
|
|
#include <osmo-bts/msg_utils.h>
|
2017-08-31 11:52:10 +00:00
|
|
|
#include <osmo-bts/pcuif_proto.h>
|
2018-08-24 21:37:45 +00:00
|
|
|
#include <osmo-bts/cbch.h>
|
2013-07-29 07:42:23 +00:00
|
|
|
|
2018-09-30 12:50:39 +00:00
|
|
|
|
|
|
|
|
#define CB_FCCH -1
|
|
|
|
|
#define CB_SCH -2
|
|
|
|
|
#define CB_BCCH -3
|
|
|
|
|
#define CB_IDLE -4
|
|
|
|
|
|
|
|
|
|
/* according to TS 05.02 Clause 7 Table 3 of 9 an Figure 8a */
|
|
|
|
|
static const int ccch_block_table[51] = {
|
|
|
|
|
CB_FCCH, CB_SCH,/* 0..1 */
|
|
|
|
|
CB_BCCH, CB_BCCH, CB_BCCH, CB_BCCH, /* 2..5: BCCH */
|
|
|
|
|
0, 0, 0, 0, /* 6..9: B0 */
|
|
|
|
|
CB_FCCH, CB_SCH,/* 10..11 */
|
|
|
|
|
1, 1, 1, 1, /* 12..15: B1 */
|
|
|
|
|
2, 2, 2, 2, /* 16..19: B2 */
|
|
|
|
|
CB_FCCH, CB_SCH,/* 20..21 */
|
|
|
|
|
3, 3, 3, 3, /* 22..25: B3 */
|
|
|
|
|
4, 4, 4, 4, /* 26..29: B4 */
|
|
|
|
|
CB_FCCH, CB_SCH,/* 30..31 */
|
|
|
|
|
5, 5, 5, 5, /* 32..35: B5 */
|
|
|
|
|
6, 6, 6, 6, /* 36..39: B6 */
|
|
|
|
|
CB_FCCH, CB_SCH,/* 40..41 */
|
|
|
|
|
7, 7, 7, 7, /* 42..45: B7 */
|
|
|
|
|
8, 8, 8, 8, /* 46..49: B8 */
|
|
|
|
|
-4 /* 50: Idle */
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/* determine the CCCH block number based on the frame number */
|
|
|
|
|
unsigned int l1sap_fn2ccch_block(uint32_t fn)
|
|
|
|
|
{
|
|
|
|
|
int rc = ccch_block_table[fn%51];
|
|
|
|
|
/* if FN is negative, we were called for something that's not CCCH! */
|
|
|
|
|
OSMO_ASSERT(rc >= 0);
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
2016-06-23 13:39:31 +00:00
|
|
|
struct gsm_lchan *get_lchan_by_chan_nr(struct gsm_bts_trx *trx,
|
|
|
|
|
unsigned int chan_nr)
|
2015-12-05 10:54:08 +00:00
|
|
|
{
|
2021-05-27 16:26:29 +00:00
|
|
|
struct gsm_bts_trx_ts *ts;
|
2018-09-17 18:45:54 +00:00
|
|
|
unsigned int tn, ss;
|
|
|
|
|
|
|
|
|
|
tn = L1SAP_CHAN2TS(chan_nr);
|
2021-05-27 16:26:29 +00:00
|
|
|
ts = &trx->ts[tn];
|
|
|
|
|
|
|
|
|
|
if (L1SAP_IS_CHAN_VAMOS(chan_nr)) {
|
|
|
|
|
if (ts->vamos.peer == NULL)
|
|
|
|
|
return NULL;
|
|
|
|
|
ts = ts->vamos.peer;
|
|
|
|
|
}
|
2018-09-17 18:45:54 +00:00
|
|
|
|
|
|
|
|
if (L1SAP_IS_CHAN_CBCH(chan_nr))
|
|
|
|
|
ss = 2; /* CBCH is always on sub-slot 2 */
|
|
|
|
|
else
|
|
|
|
|
ss = l1sap_chan2ss(chan_nr);
|
2021-05-27 16:26:29 +00:00
|
|
|
OSMO_ASSERT(ss < ARRAY_SIZE(ts->lchan));
|
2018-09-17 18:45:54 +00:00
|
|
|
|
2021-05-27 16:26:29 +00:00
|
|
|
return &ts->lchan[ss];
|
2015-12-05 10:54:08 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static struct gsm_lchan *
|
|
|
|
|
get_active_lchan_by_chan_nr(struct gsm_bts_trx *trx, unsigned int chan_nr)
|
|
|
|
|
{
|
|
|
|
|
struct gsm_lchan *lchan = get_lchan_by_chan_nr(trx, chan_nr);
|
|
|
|
|
|
2016-01-15 14:21:32 +00:00
|
|
|
if (lchan && lchan->state != LCHAN_S_ACTIVE) {
|
2019-05-20 23:14:24 +00:00
|
|
|
LOGPLCHAN(lchan, DL1P, LOGL_NOTICE, "assuming active lchan, but state is %s\n",
|
|
|
|
|
gsm_lchans_name(lchan->state));
|
2015-12-05 10:54:08 +00:00
|
|
|
return NULL;
|
2016-01-15 14:21:32 +00:00
|
|
|
}
|
2015-12-05 10:54:08 +00:00
|
|
|
return lchan;
|
|
|
|
|
}
|
|
|
|
|
|
2013-07-29 07:42:23 +00:00
|
|
|
static int l1sap_down(struct gsm_bts_trx *trx, struct osmo_phsap_prim *l1sap);
|
|
|
|
|
|
2016-12-09 13:13:22 +00:00
|
|
|
static uint32_t fn_ms_adj(uint32_t fn, const struct gsm_lchan *lchan)
|
2016-06-03 11:29:29 +00:00
|
|
|
{
|
2016-12-09 13:13:22 +00:00
|
|
|
uint32_t samples_passed, r;
|
|
|
|
|
|
|
|
|
|
if (lchan->tch.last_fn != LCHAN_FN_DUMMY) {
|
2016-10-11 16:13:32 +00:00
|
|
|
/* 12/13 frames usable for audio in TCH,
|
|
|
|
|
160 samples per RTP packet,
|
|
|
|
|
1 RTP packet per 4 frames */
|
2021-06-07 20:25:58 +00:00
|
|
|
const uint32_t num_fn = GSM_TDMA_FN_SUB(fn, lchan->tch.last_fn);
|
|
|
|
|
samples_passed = num_fn * 12 * 160 / (13 * 4);
|
2016-06-03 11:29:29 +00:00
|
|
|
/* round number of samples to the nearest multiple of
|
|
|
|
|
GSM_RTP_DURATION */
|
2016-12-09 13:13:22 +00:00
|
|
|
r = samples_passed + GSM_RTP_DURATION / 2;
|
2016-06-03 11:29:29 +00:00
|
|
|
r -= r % GSM_RTP_DURATION;
|
2017-06-29 15:53:49 +00:00
|
|
|
|
|
|
|
|
if (r != GSM_RTP_DURATION)
|
2019-05-20 23:14:24 +00:00
|
|
|
LOGPLCHAN(lchan, DRTP, LOGL_ERROR, "RTP clock out of sync with lower layer:"
|
|
|
|
|
" %"PRIu32" vs %d (%"PRIu32"->%"PRIu32")\n",
|
|
|
|
|
r, GSM_RTP_DURATION, lchan->tch.last_fn, fn);
|
2016-06-03 11:29:29 +00:00
|
|
|
}
|
|
|
|
|
return GSM_RTP_DURATION;
|
|
|
|
|
}
|
|
|
|
|
|
2013-07-29 07:42:23 +00:00
|
|
|
/* allocate a msgb containing a osmo_phsap_prim + optional l2 data
|
2019-10-13 17:09:39 +00:00
|
|
|
* in order to wrap femtobts header around l2 data, there must be enough space
|
2013-07-29 07:42:23 +00:00
|
|
|
* in front and behind data pointer */
|
|
|
|
|
struct msgb *l1sap_msgb_alloc(unsigned int l2_len)
|
|
|
|
|
{
|
2022-08-10 14:19:00 +00:00
|
|
|
const int headroom = L1SAP_MSGB_HEADROOM;
|
|
|
|
|
const int size = headroom + sizeof(struct osmo_phsap_prim) + l2_len;
|
2017-11-08 15:38:53 +00:00
|
|
|
struct msgb *msg = msgb_alloc_headroom(size, headroom, "l1sap_prim");
|
2013-07-29 07:42:23 +00:00
|
|
|
|
|
|
|
|
if (!msg)
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
msg->l1h = msgb_put(msg, sizeof(struct osmo_phsap_prim));
|
|
|
|
|
|
|
|
|
|
return msg;
|
|
|
|
|
}
|
|
|
|
|
|
2020-02-14 15:00:40 +00:00
|
|
|
/* Enclose rmsg into an osmo_phsap primitive and hand it over to the higher
|
|
|
|
|
* layers. The phsap primitive also contains measurement information. The
|
|
|
|
|
* parameters rssi, ta_offs and is_sub are only needed when the measurement
|
|
|
|
|
* information is passed along with the TCH data. When separate measurement
|
|
|
|
|
* indications are used, those last three parameters may be set to zero. */
|
2016-06-17 11:10:38 +00:00
|
|
|
int add_l1sap_header(struct gsm_bts_trx *trx, struct msgb *rmsg,
|
2017-06-30 13:19:00 +00:00
|
|
|
struct gsm_lchan *lchan, uint8_t chan_nr, uint32_t fn,
|
2020-02-14 15:00:40 +00:00
|
|
|
uint16_t ber10k, int16_t lqual_cb, int8_t rssi,
|
|
|
|
|
int16_t ta_offs, uint8_t is_sub)
|
2016-06-17 11:10:38 +00:00
|
|
|
{
|
|
|
|
|
struct osmo_phsap_prim *l1sap;
|
|
|
|
|
|
2019-05-20 23:14:24 +00:00
|
|
|
LOGPLCHAN(lchan, DL1P, LOGL_DEBUG, "Rx -> RTP: %s\n", osmo_hexdump(rmsg->data, rmsg->len));
|
2016-06-17 11:10:38 +00:00
|
|
|
|
|
|
|
|
rmsg->l2h = rmsg->data;
|
2018-07-19 14:02:01 +00:00
|
|
|
rmsg->l1h = msgb_push(rmsg, sizeof(*l1sap));
|
2016-06-17 11:10:38 +00:00
|
|
|
l1sap = msgb_l1sap_prim(rmsg);
|
|
|
|
|
osmo_prim_init(&l1sap->oph, SAP_GSM_PH, PRIM_TCH, PRIM_OP_INDICATION,
|
|
|
|
|
rmsg);
|
|
|
|
|
l1sap->u.tch.chan_nr = chan_nr;
|
|
|
|
|
l1sap->u.tch.fn = fn;
|
2017-06-30 13:19:00 +00:00
|
|
|
l1sap->u.tch.ber10k = ber10k;
|
|
|
|
|
l1sap->u.tch.lqual_cb = lqual_cb;
|
2016-06-17 11:10:38 +00:00
|
|
|
|
2020-02-14 15:00:40 +00:00
|
|
|
l1sap->u.tch.rssi = rssi;
|
|
|
|
|
l1sap->u.tch.ta_offs_256bits = ta_offs;
|
|
|
|
|
l1sap->u.tch.is_sub = is_sub;
|
|
|
|
|
|
2016-06-17 11:10:38 +00:00
|
|
|
return l1sap_up(trx, l1sap);
|
|
|
|
|
}
|
|
|
|
|
|
2013-09-01 09:09:20 +00:00
|
|
|
static int l1sap_tx_ciph_req(struct gsm_bts_trx *trx, uint8_t chan_nr,
|
|
|
|
|
uint8_t downlink, uint8_t uplink)
|
|
|
|
|
{
|
|
|
|
|
struct osmo_phsap_prim l1sap_ciph;
|
|
|
|
|
|
|
|
|
|
osmo_prim_init(&l1sap_ciph.oph, SAP_GSM_PH, PRIM_MPH_INFO,
|
|
|
|
|
PRIM_OP_REQUEST, NULL);
|
|
|
|
|
l1sap_ciph.u.info.type = PRIM_INFO_ACT_CIPH;
|
|
|
|
|
l1sap_ciph.u.info.u.ciph_req.chan_nr = chan_nr;
|
|
|
|
|
l1sap_ciph.u.info.u.ciph_req.downlink = downlink;
|
|
|
|
|
l1sap_ciph.u.info.u.ciph_req.uplink = uplink;
|
|
|
|
|
|
|
|
|
|
return l1sap_down(trx, &l1sap_ciph);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* check if the message is a GSM48_MT_RR_CIPH_M_CMD, and if yes, enable
|
|
|
|
|
* uni-directional de-cryption on the uplink. We need this ugly layering
|
|
|
|
|
* violation as we have no way of passing down L3 metadata (RSL CIPHERING CMD)
|
|
|
|
|
* to this point in L1 */
|
|
|
|
|
static int check_for_ciph_cmd(struct msgb *msg, struct gsm_lchan *lchan,
|
|
|
|
|
uint8_t chan_nr)
|
|
|
|
|
{
|
2016-01-25 14:43:03 +00:00
|
|
|
uint8_t n_s;
|
2013-09-01 09:09:20 +00:00
|
|
|
|
|
|
|
|
/* only do this if we are in the right state */
|
|
|
|
|
switch (lchan->ciph_state) {
|
|
|
|
|
case LCHAN_CIPH_NONE:
|
2013-07-02 09:04:11 +00:00
|
|
|
case LCHAN_CIPH_RX_REQ:
|
2013-09-01 09:09:20 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* First byte (Address Field) of LAPDm header) */
|
|
|
|
|
if (msg->data[0] != 0x03)
|
|
|
|
|
return 0;
|
|
|
|
|
/* First byte (protocol discriminator) of RR */
|
|
|
|
|
if ((msg->data[3] & 0xF) != GSM48_PDISC_RR)
|
|
|
|
|
return 0;
|
|
|
|
|
/* 2nd byte (msg type) of RR */
|
|
|
|
|
if ((msg->data[4] & 0x3F) != GSM48_MT_RR_CIPH_M_CMD)
|
|
|
|
|
return 0;
|
|
|
|
|
|
2016-01-25 14:43:03 +00:00
|
|
|
/* Remember N(S) + 1 to find the first ciphered frame */
|
|
|
|
|
n_s = (msg->data[1] >> 1) & 0x7;
|
|
|
|
|
lchan->ciph_ns = (n_s + 1) % 8;
|
|
|
|
|
|
2013-09-01 09:09:20 +00:00
|
|
|
l1sap_tx_ciph_req(lchan->ts->trx, chan_nr, 0, 1);
|
|
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-25 14:43:03 +00:00
|
|
|
/* public helpers for the test */
|
|
|
|
|
int bts_check_for_ciph_cmd(struct msgb *msg, struct gsm_lchan *lchan,
|
|
|
|
|
uint8_t chan_nr)
|
|
|
|
|
{
|
|
|
|
|
return check_for_ciph_cmd(msg, lchan, chan_nr);
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-25 08:39:40 +00:00
|
|
|
uint16_t l1sap_log_ctx_sapi;
|
|
|
|
|
|
|
|
|
|
const struct value_string l1sap_common_sapi_names[] = {
|
|
|
|
|
{ L1SAP_COMMON_SAPI_UNKNOWN, "UNKNOWN" },
|
|
|
|
|
/* alphabetic order */
|
|
|
|
|
{ L1SAP_COMMON_SAPI_AGCH, "AGCH" },
|
|
|
|
|
{ L1SAP_COMMON_SAPI_BCCH, "BCCH" },
|
|
|
|
|
{ L1SAP_COMMON_SAPI_CBCH, "CBCH" },
|
|
|
|
|
{ L1SAP_COMMON_SAPI_FACCH_F, "FACCH/F" },
|
|
|
|
|
{ L1SAP_COMMON_SAPI_FACCH_H, "FACCH/H" },
|
|
|
|
|
{ L1SAP_COMMON_SAPI_FCCH, "FCCH" },
|
|
|
|
|
{ L1SAP_COMMON_SAPI_IDLE, "IDLE" },
|
|
|
|
|
{ L1SAP_COMMON_SAPI_NCH, "NCH" },
|
|
|
|
|
{ L1SAP_COMMON_SAPI_PACCH, "PACCH" },
|
|
|
|
|
{ L1SAP_COMMON_SAPI_PAGCH, "PAGCH" },
|
|
|
|
|
{ L1SAP_COMMON_SAPI_PBCCH, "PBCCH" },
|
|
|
|
|
{ L1SAP_COMMON_SAPI_PCH, "PCH" },
|
|
|
|
|
{ L1SAP_COMMON_SAPI_PDTCH, "PDTCH" },
|
|
|
|
|
{ L1SAP_COMMON_SAPI_PNCH, "PNCH" },
|
|
|
|
|
{ L1SAP_COMMON_SAPI_PPCH, "PPCH" },
|
|
|
|
|
{ L1SAP_COMMON_SAPI_PRACH, "PRACH" },
|
|
|
|
|
{ L1SAP_COMMON_SAPI_PTCCH, "PTCCH" },
|
|
|
|
|
{ L1SAP_COMMON_SAPI_RACH, "RACH" },
|
|
|
|
|
{ L1SAP_COMMON_SAPI_SACCH, "SACCH" },
|
|
|
|
|
{ L1SAP_COMMON_SAPI_SCH, "SCH" },
|
|
|
|
|
{ L1SAP_COMMON_SAPI_SDCCH, "SDCCH" },
|
|
|
|
|
{ L1SAP_COMMON_SAPI_TCH_F, "TCH/F" },
|
|
|
|
|
{ L1SAP_COMMON_SAPI_TCH_H, "TCH/H" },
|
|
|
|
|
{ 0, NULL }
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static enum l1sap_common_sapi get_common_sapi_ph_data(struct gsm_bts_trx *trx, struct osmo_phsap_prim *l1sap)
|
|
|
|
|
{
|
|
|
|
|
uint8_t link_id = l1sap->u.data.link_id;
|
|
|
|
|
uint8_t chan_nr = l1sap->u.data.chan_nr;
|
|
|
|
|
uint32_t u32Fn = l1sap->u.data.fn;
|
|
|
|
|
|
|
|
|
|
if (L1SAP_IS_CHAN_TCHF(chan_nr))
|
|
|
|
|
return L1SAP_COMMON_SAPI_TCH_F;
|
|
|
|
|
|
|
|
|
|
if (L1SAP_IS_CHAN_TCHH(chan_nr))
|
|
|
|
|
return L1SAP_COMMON_SAPI_TCH_H;
|
|
|
|
|
|
|
|
|
|
if (L1SAP_IS_CHAN_SDCCH4(chan_nr) || L1SAP_IS_CHAN_SDCCH8(chan_nr))
|
|
|
|
|
return L1SAP_COMMON_SAPI_SDCCH;
|
|
|
|
|
|
|
|
|
|
if (L1SAP_IS_CHAN_BCCH(chan_nr))
|
|
|
|
|
return L1SAP_COMMON_SAPI_BCCH;
|
|
|
|
|
|
|
|
|
|
if (L1SAP_IS_CHAN_AGCH_PCH(chan_nr))
|
|
|
|
|
/* The sapi depends on DSP configuration, not on the actual SYSTEM INFORMATION 3. */
|
|
|
|
|
return ((l1sap_fn2ccch_block(u32Fn) >= num_agch(trx, "PH-DATA-REQ"))
|
|
|
|
|
? L1SAP_COMMON_SAPI_PCH
|
|
|
|
|
: L1SAP_COMMON_SAPI_AGCH);
|
|
|
|
|
|
|
|
|
|
if (L1SAP_IS_CHAN_CBCH(chan_nr))
|
|
|
|
|
return L1SAP_COMMON_SAPI_CBCH;
|
|
|
|
|
|
|
|
|
|
if (L1SAP_IS_LINK_SACCH(link_id))
|
|
|
|
|
return L1SAP_COMMON_SAPI_SACCH;
|
|
|
|
|
|
|
|
|
|
return L1SAP_COMMON_SAPI_UNKNOWN;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static enum l1sap_common_sapi get_common_sapi_by_trx_prim(struct gsm_bts_trx *trx, struct osmo_phsap_prim *l1sap)
|
|
|
|
|
{
|
|
|
|
|
/* Only downlink prims are relevant */
|
|
|
|
|
switch (OSMO_PRIM_HDR(&l1sap->oph)) {
|
|
|
|
|
case OSMO_PRIM(PRIM_PH_DATA, PRIM_OP_REQUEST):
|
|
|
|
|
if (ts_is_pdch(&trx->ts[L1SAP_CHAN2TS(l1sap->u.data.chan_nr)]))
|
|
|
|
|
return ((L1SAP_IS_PTCCH(l1sap->u.data.fn))
|
|
|
|
|
? L1SAP_COMMON_SAPI_PTCCH
|
|
|
|
|
: L1SAP_COMMON_SAPI_PDTCH);
|
|
|
|
|
return get_common_sapi_ph_data(trx, l1sap);
|
|
|
|
|
default:
|
|
|
|
|
return L1SAP_COMMON_SAPI_UNKNOWN;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2013-07-29 07:45:22 +00:00
|
|
|
/* send primitive as gsmtap */
|
2021-01-23 16:26:10 +00:00
|
|
|
static int gsmtap_ph_data(const struct osmo_phsap_prim *l1sap,
|
|
|
|
|
uint8_t *chan_type, uint8_t *ss, uint32_t fn,
|
|
|
|
|
uint8_t **data, unsigned int *len,
|
2016-10-12 14:24:32 +00:00
|
|
|
uint8_t num_agch)
|
2013-07-29 07:45:22 +00:00
|
|
|
{
|
|
|
|
|
struct msgb *msg = l1sap->oph.msg;
|
|
|
|
|
uint8_t chan_nr, link_id;
|
|
|
|
|
|
l1sap: Avoid assumption that l1sap is at head of msgb
This assumption used while sending the rx data to gsmtap in l1sap_up was
making osmo-bts-virtual crash, since that bts model is allocating the
l1sap in the stack rather than inside the msgb.
Instead, let's use the assumption that l2h is set correctly in msgb by
the bts model lower layer.
crash report:
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff6234ec3 in __memmove_sse2_unaligned_erms () from /usr/lib/libc.so.6
(gdb) bt
0 0x00007ffff6234ec3 in __memmove_sse2_unaligned_erms () from /usr/lib/libc.so.6
1 0x00007ffff6dbf4c8 in gsmtap_makemsg_ex (type=<optimized out>, arfcn=arfcn@entry=17255, ts=ts@entry=6 '\006',
chan_type=<optimized out>, ss=ss@entry=0 '\000', fn=fn@entry=11249, signal_dbm=0 '\000', snr=0 '\000',
data=0x5555557d5b50 "", len=4294967263) at libosmocore/src/gsmtap_util.c:179
2 0x00007ffff6dbf6d8 in gsmtap_send_ex (gti=0x555555877f10, type=type@entry=1 '\001', arfcn=arfcn@entry=17255,
ts=ts@entry=6 '\006', chan_type=<optimized out>, ss=<optimized out>, fn=11249, signal_dbm=0 '\000', snr=0 '\000',
data=0x5555557d5b50 "", len=4294967263) at libosmocore/src/gsmtap_util.c:311
3 0x00007ffff6dbf765 in gsmtap_send (gti=<optimized out>, arfcn=arfcn@entry=17255, ts=ts@entry=6 '\006',
chan_type=<optimized out>, ss=<optimized out>, fn=fn@entry=11249, signal_dbm=0 '\000', snr=0 '\000',
data=0x5555557d5b50 "", len=4294967263) at libosmocore/src/gsmtap_util.c:330
4 0x0000555555573571 in to_gsmtap (trx=0x7ffff7ef8070, l1sap=0x7fffffffde80)
at osmo-bts/src/common/l1sap.c:397
5 0x0000555555573b9c in l1sap_up (trx=0x7ffff7ef8070, l1sap=l1sap@entry=0x7fffffffde80)
at osmo-bts/src/common/l1sap.c:1285
6 0x000055555555ec06 in virt_um_rcv_cb (vui=<optimized out>, msg=<optimized out>)
at osmo-bts/src/osmo-bts-virtual/l1_if.c:170
7 0x000055555555f5c6 in virt_um_fd_cb (ofd=0x55555587cc30, what=<optimized out>)
at osmo-bts/src/osmo-bts-virtual/virtual_um.c:50
8 0x00007ffff6db6991 in osmo_fd_disp_fds (_eset=0x7fffffffe090, _wset=0x7fffffffe010, _rset=0x7fffffffdf90)
at libosmocore/src/select.c:216
9 osmo_select_main (polling=polling@entry=0) at libosmocore/src/select.c:256
10 0x0000555555576fbc in bts_main (argc=5, argv=0x7fffffffe288)
at osmo-bts/src/common/main.c:364
11 0x00007ffff61b5f4a in __libc_start_main () from /usr/lib/libc.so.6
12 0x000055555555c4ca in _start ()
In the old code when the sizeof(osmo_phsap_prim) was being substracted
it resulted on a negative len which later was casted to unsigned int and
became a really big number.
Fixes: OS#3092
Change-Id: I51a880328497673a06d153bfb76c428265b8cbb8
2018-03-21 18:51:46 +00:00
|
|
|
*data = msgb_l2(msg);
|
|
|
|
|
*len = msgb_l2len(msg);
|
2013-07-29 07:45:22 +00:00
|
|
|
chan_nr = l1sap->u.data.chan_nr;
|
|
|
|
|
link_id = l1sap->u.data.link_id;
|
|
|
|
|
|
|
|
|
|
if (L1SAP_IS_CHAN_TCHF(chan_nr)) {
|
|
|
|
|
*chan_type = GSMTAP_CHANNEL_TCH_F;
|
|
|
|
|
} else if (L1SAP_IS_CHAN_TCHH(chan_nr)) {
|
|
|
|
|
*ss = L1SAP_CHAN2SS_TCHH(chan_nr);
|
|
|
|
|
*chan_type = GSMTAP_CHANNEL_TCH_H;
|
|
|
|
|
} else if (L1SAP_IS_CHAN_SDCCH4(chan_nr)) {
|
|
|
|
|
*ss = L1SAP_CHAN2SS_SDCCH4(chan_nr);
|
|
|
|
|
*chan_type = GSMTAP_CHANNEL_SDCCH;
|
|
|
|
|
} else if (L1SAP_IS_CHAN_SDCCH8(chan_nr)) {
|
|
|
|
|
*ss = L1SAP_CHAN2SS_SDCCH8(chan_nr);
|
|
|
|
|
*chan_type = GSMTAP_CHANNEL_SDCCH;
|
|
|
|
|
} else if (L1SAP_IS_CHAN_BCCH(chan_nr)) {
|
|
|
|
|
*chan_type = GSMTAP_CHANNEL_BCCH;
|
|
|
|
|
} else if (L1SAP_IS_CHAN_AGCH_PCH(chan_nr)) {
|
|
|
|
|
/* The sapi depends on DSP configuration, not
|
|
|
|
|
* on the actual SYSTEM INFORMATION 3. */
|
2018-09-30 12:50:39 +00:00
|
|
|
if (l1sap_fn2ccch_block(fn) >= num_agch)
|
2013-07-29 07:45:22 +00:00
|
|
|
*chan_type = GSMTAP_CHANNEL_PCH;
|
|
|
|
|
else
|
|
|
|
|
*chan_type = GSMTAP_CHANNEL_AGCH;
|
2018-08-24 21:37:45 +00:00
|
|
|
} else if (L1SAP_IS_CHAN_CBCH(chan_nr)) {
|
|
|
|
|
*chan_type = GSMTAP_CHANNEL_CBCH51;
|
2017-07-30 14:55:00 +00:00
|
|
|
} else if (L1SAP_IS_CHAN_PDCH(chan_nr)) {
|
|
|
|
|
*chan_type = GSMTAP_CHANNEL_PDTCH;
|
2013-07-29 07:45:22 +00:00
|
|
|
}
|
|
|
|
|
if (L1SAP_IS_LINK_SACCH(link_id))
|
|
|
|
|
*chan_type |= GSMTAP_CHANNEL_ACCH;
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-23 16:26:10 +00:00
|
|
|
static int gsmtap_pdch(const struct osmo_phsap_prim *l1sap,
|
|
|
|
|
uint8_t *chan_type, uint8_t *ss, uint32_t fn,
|
|
|
|
|
uint8_t **data, unsigned int *len)
|
2013-07-29 07:45:22 +00:00
|
|
|
{
|
|
|
|
|
struct msgb *msg = l1sap->oph.msg;
|
|
|
|
|
|
l1sap: Avoid assumption that l1sap is at head of msgb
This assumption used while sending the rx data to gsmtap in l1sap_up was
making osmo-bts-virtual crash, since that bts model is allocating the
l1sap in the stack rather than inside the msgb.
Instead, let's use the assumption that l2h is set correctly in msgb by
the bts model lower layer.
crash report:
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff6234ec3 in __memmove_sse2_unaligned_erms () from /usr/lib/libc.so.6
(gdb) bt
0 0x00007ffff6234ec3 in __memmove_sse2_unaligned_erms () from /usr/lib/libc.so.6
1 0x00007ffff6dbf4c8 in gsmtap_makemsg_ex (type=<optimized out>, arfcn=arfcn@entry=17255, ts=ts@entry=6 '\006',
chan_type=<optimized out>, ss=ss@entry=0 '\000', fn=fn@entry=11249, signal_dbm=0 '\000', snr=0 '\000',
data=0x5555557d5b50 "", len=4294967263) at libosmocore/src/gsmtap_util.c:179
2 0x00007ffff6dbf6d8 in gsmtap_send_ex (gti=0x555555877f10, type=type@entry=1 '\001', arfcn=arfcn@entry=17255,
ts=ts@entry=6 '\006', chan_type=<optimized out>, ss=<optimized out>, fn=11249, signal_dbm=0 '\000', snr=0 '\000',
data=0x5555557d5b50 "", len=4294967263) at libosmocore/src/gsmtap_util.c:311
3 0x00007ffff6dbf765 in gsmtap_send (gti=<optimized out>, arfcn=arfcn@entry=17255, ts=ts@entry=6 '\006',
chan_type=<optimized out>, ss=<optimized out>, fn=fn@entry=11249, signal_dbm=0 '\000', snr=0 '\000',
data=0x5555557d5b50 "", len=4294967263) at libosmocore/src/gsmtap_util.c:330
4 0x0000555555573571 in to_gsmtap (trx=0x7ffff7ef8070, l1sap=0x7fffffffde80)
at osmo-bts/src/common/l1sap.c:397
5 0x0000555555573b9c in l1sap_up (trx=0x7ffff7ef8070, l1sap=l1sap@entry=0x7fffffffde80)
at osmo-bts/src/common/l1sap.c:1285
6 0x000055555555ec06 in virt_um_rcv_cb (vui=<optimized out>, msg=<optimized out>)
at osmo-bts/src/osmo-bts-virtual/l1_if.c:170
7 0x000055555555f5c6 in virt_um_fd_cb (ofd=0x55555587cc30, what=<optimized out>)
at osmo-bts/src/osmo-bts-virtual/virtual_um.c:50
8 0x00007ffff6db6991 in osmo_fd_disp_fds (_eset=0x7fffffffe090, _wset=0x7fffffffe010, _rset=0x7fffffffdf90)
at libosmocore/src/select.c:216
9 osmo_select_main (polling=polling@entry=0) at libosmocore/src/select.c:256
10 0x0000555555576fbc in bts_main (argc=5, argv=0x7fffffffe288)
at osmo-bts/src/common/main.c:364
11 0x00007ffff61b5f4a in __libc_start_main () from /usr/lib/libc.so.6
12 0x000055555555c4ca in _start ()
In the old code when the sizeof(osmo_phsap_prim) was being substracted
it resulted on a negative len which later was casted to unsigned int and
became a really big number.
Fixes: OS#3092
Change-Id: I51a880328497673a06d153bfb76c428265b8cbb8
2018-03-21 18:51:46 +00:00
|
|
|
*data = msgb_l2(msg);
|
|
|
|
|
*len = msgb_l2len(msg);
|
2013-07-29 07:45:22 +00:00
|
|
|
|
2016-11-11 11:22:11 +00:00
|
|
|
if (L1SAP_IS_PTCCH(fn)) {
|
2013-07-29 07:45:22 +00:00
|
|
|
*chan_type = GSMTAP_CHANNEL_PTCCH;
|
2016-11-11 11:22:11 +00:00
|
|
|
*ss = L1SAP_FN2PTCCHBLOCK(fn);
|
2019-10-08 21:24:30 +00:00
|
|
|
} else {
|
|
|
|
|
/* TODO: distinguish PACCH */
|
|
|
|
|
*chan_type = GSMTAP_CHANNEL_PDTCH;
|
|
|
|
|
}
|
2013-07-29 07:45:22 +00:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-23 16:26:10 +00:00
|
|
|
static int gsmtap_ph_rach(const struct osmo_phsap_prim *l1sap, uint8_t *chan_type,
|
|
|
|
|
uint8_t *tn, uint8_t *ss, uint32_t *fn,
|
|
|
|
|
uint8_t **data, unsigned int *len)
|
2013-07-29 07:45:22 +00:00
|
|
|
{
|
2019-10-08 19:53:58 +00:00
|
|
|
uint8_t chan_nr = l1sap->u.rach_ind.chan_nr;
|
2020-03-29 11:39:46 +00:00
|
|
|
static uint8_t ra_buf[2];
|
2013-07-29 07:45:22 +00:00
|
|
|
|
|
|
|
|
*chan_type = GSMTAP_CHANNEL_RACH;
|
|
|
|
|
*fn = l1sap->u.rach_ind.fn;
|
2019-10-08 19:53:58 +00:00
|
|
|
*tn = L1SAP_CHAN2TS(chan_nr);
|
|
|
|
|
|
2013-07-29 07:45:22 +00:00
|
|
|
if (L1SAP_IS_CHAN_TCHH(chan_nr))
|
|
|
|
|
*ss = L1SAP_CHAN2SS_TCHH(chan_nr);
|
|
|
|
|
else if (L1SAP_IS_CHAN_SDCCH4(chan_nr))
|
|
|
|
|
*ss = L1SAP_CHAN2SS_SDCCH4(chan_nr);
|
|
|
|
|
else if (L1SAP_IS_CHAN_SDCCH8(chan_nr))
|
|
|
|
|
*ss = L1SAP_CHAN2SS_SDCCH8(chan_nr);
|
2019-10-08 19:53:58 +00:00
|
|
|
else if (L1SAP_IS_CHAN_PDCH(chan_nr)) {
|
|
|
|
|
if (L1SAP_IS_PTCCH(*fn)) {
|
|
|
|
|
/* TODO: calculate sub-slot from frame-number */
|
|
|
|
|
*chan_type = GSMTAP_CHANNEL_PTCCH;
|
|
|
|
|
} else {
|
|
|
|
|
*chan_type = GSMTAP_CHANNEL_PDTCH;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-29 11:39:46 +00:00
|
|
|
if (l1sap->u.rach_ind.is_11bit) {
|
|
|
|
|
/* Pack as described in 3GPP TS 44.004, figure 7.4a.b */
|
|
|
|
|
ra_buf[0] = (uint8_t) (l1sap->u.rach_ind.ra >> 3);
|
|
|
|
|
ra_buf[1] = (uint8_t) (l1sap->u.rach_ind.ra & 0x07);
|
|
|
|
|
*len = sizeof(ra_buf);
|
|
|
|
|
*data = ra_buf;
|
|
|
|
|
} else {
|
|
|
|
|
ra_buf[0] = (uint8_t) (l1sap->u.rach_ind.ra & 0xff);
|
|
|
|
|
*len = sizeof(ra_buf[0]);
|
|
|
|
|
*data = ra_buf;
|
|
|
|
|
}
|
2013-07-29 07:45:22 +00:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2017-07-28 12:38:28 +00:00
|
|
|
/* Paging Request 1 with "no identity" content, i.e. empty/dummy paging */
|
|
|
|
|
static const uint8_t paging_fill[GSM_MACBLOCK_LEN] = {
|
|
|
|
|
0x15, 0x06, 0x21, 0x00, 0x01, 0xf0, 0x2b, 0x2b, 0x2b, 0x2b,
|
|
|
|
|
0x2b, 0x2b, 0x2b, 0x2b, 0x2b, 0x2b, 0x2b, 0x2b, 0x2b, 0x2b,
|
|
|
|
|
0x2b, 0x2b, 0x2b };
|
|
|
|
|
|
|
|
|
|
static bool is_fill_frame(uint8_t chan_type, const uint8_t *data, unsigned int len)
|
|
|
|
|
{
|
2019-12-20 15:36:27 +00:00
|
|
|
if (len != GSM_MACBLOCK_LEN)
|
|
|
|
|
return false;
|
|
|
|
|
|
2017-07-28 12:38:28 +00:00
|
|
|
switch (chan_type) {
|
|
|
|
|
case GSMTAP_CHANNEL_AGCH:
|
2021-08-24 15:42:45 +00:00
|
|
|
case GSMTAP_CHANNEL_SDCCH:
|
|
|
|
|
case GSMTAP_CHANNEL_TCH_F:
|
|
|
|
|
case GSMTAP_CHANNEL_TCH_H:
|
2017-07-28 12:38:28 +00:00
|
|
|
if (!memcmp(data, fill_frame, GSM_MACBLOCK_LEN))
|
|
|
|
|
return true;
|
|
|
|
|
break;
|
|
|
|
|
case GSMTAP_CHANNEL_PCH:
|
|
|
|
|
if (!memcmp(data, paging_fill, GSM_MACBLOCK_LEN))
|
|
|
|
|
return true;
|
|
|
|
|
break;
|
2021-08-24 15:42:45 +00:00
|
|
|
/* FIXME: implement the same for GSMTAP_CHANNEL_PDTCH from/to PCU */
|
2017-11-05 18:46:24 +00:00
|
|
|
/* don't use 'default' case here as the above only conditionally return true */
|
2017-07-28 12:38:28 +00:00
|
|
|
}
|
2017-11-05 18:46:24 +00:00
|
|
|
return false;
|
2017-07-28 12:38:28 +00:00
|
|
|
}
|
|
|
|
|
|
2013-07-29 07:45:22 +00:00
|
|
|
static int to_gsmtap(struct gsm_bts_trx *trx, struct osmo_phsap_prim *l1sap)
|
|
|
|
|
{
|
|
|
|
|
uint8_t *data;
|
l1sap: Avoid assumption that l1sap is at head of msgb
This assumption used while sending the rx data to gsmtap in l1sap_up was
making osmo-bts-virtual crash, since that bts model is allocating the
l1sap in the stack rather than inside the msgb.
Instead, let's use the assumption that l2h is set correctly in msgb by
the bts model lower layer.
crash report:
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff6234ec3 in __memmove_sse2_unaligned_erms () from /usr/lib/libc.so.6
(gdb) bt
0 0x00007ffff6234ec3 in __memmove_sse2_unaligned_erms () from /usr/lib/libc.so.6
1 0x00007ffff6dbf4c8 in gsmtap_makemsg_ex (type=<optimized out>, arfcn=arfcn@entry=17255, ts=ts@entry=6 '\006',
chan_type=<optimized out>, ss=ss@entry=0 '\000', fn=fn@entry=11249, signal_dbm=0 '\000', snr=0 '\000',
data=0x5555557d5b50 "", len=4294967263) at libosmocore/src/gsmtap_util.c:179
2 0x00007ffff6dbf6d8 in gsmtap_send_ex (gti=0x555555877f10, type=type@entry=1 '\001', arfcn=arfcn@entry=17255,
ts=ts@entry=6 '\006', chan_type=<optimized out>, ss=<optimized out>, fn=11249, signal_dbm=0 '\000', snr=0 '\000',
data=0x5555557d5b50 "", len=4294967263) at libosmocore/src/gsmtap_util.c:311
3 0x00007ffff6dbf765 in gsmtap_send (gti=<optimized out>, arfcn=arfcn@entry=17255, ts=ts@entry=6 '\006',
chan_type=<optimized out>, ss=<optimized out>, fn=fn@entry=11249, signal_dbm=0 '\000', snr=0 '\000',
data=0x5555557d5b50 "", len=4294967263) at libosmocore/src/gsmtap_util.c:330
4 0x0000555555573571 in to_gsmtap (trx=0x7ffff7ef8070, l1sap=0x7fffffffde80)
at osmo-bts/src/common/l1sap.c:397
5 0x0000555555573b9c in l1sap_up (trx=0x7ffff7ef8070, l1sap=l1sap@entry=0x7fffffffde80)
at osmo-bts/src/common/l1sap.c:1285
6 0x000055555555ec06 in virt_um_rcv_cb (vui=<optimized out>, msg=<optimized out>)
at osmo-bts/src/osmo-bts-virtual/l1_if.c:170
7 0x000055555555f5c6 in virt_um_fd_cb (ofd=0x55555587cc30, what=<optimized out>)
at osmo-bts/src/osmo-bts-virtual/virtual_um.c:50
8 0x00007ffff6db6991 in osmo_fd_disp_fds (_eset=0x7fffffffe090, _wset=0x7fffffffe010, _rset=0x7fffffffdf90)
at libosmocore/src/select.c:216
9 osmo_select_main (polling=polling@entry=0) at libosmocore/src/select.c:256
10 0x0000555555576fbc in bts_main (argc=5, argv=0x7fffffffe288)
at osmo-bts/src/common/main.c:364
11 0x00007ffff61b5f4a in __libc_start_main () from /usr/lib/libc.so.6
12 0x000055555555c4ca in _start ()
In the old code when the sizeof(osmo_phsap_prim) was being substracted
it resulted on a negative len which later was casted to unsigned int and
became a really big number.
Fixes: OS#3092
Change-Id: I51a880328497673a06d153bfb76c428265b8cbb8
2018-03-21 18:51:46 +00:00
|
|
|
unsigned int len;
|
2013-07-29 07:45:22 +00:00
|
|
|
uint8_t chan_type = 0, tn = 0, ss = 0;
|
|
|
|
|
uint32_t fn;
|
|
|
|
|
uint16_t uplink = GSMTAP_ARFCN_F_UPLINK;
|
2021-01-23 16:32:53 +00:00
|
|
|
int8_t signal_dbm;
|
2013-07-29 07:45:22 +00:00
|
|
|
int rc;
|
|
|
|
|
|
2021-02-13 04:03:36 +00:00
|
|
|
struct gsmtap_inst *inst = trx->bts->gsmtap.inst;
|
|
|
|
|
if (!inst)
|
2013-07-29 07:45:22 +00:00
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
switch (OSMO_PRIM_HDR(&l1sap->oph)) {
|
|
|
|
|
case OSMO_PRIM(PRIM_PH_DATA, PRIM_OP_REQUEST):
|
|
|
|
|
uplink = 0;
|
|
|
|
|
/* fall through */
|
|
|
|
|
case OSMO_PRIM(PRIM_PH_DATA, PRIM_OP_INDICATION):
|
2016-11-11 11:22:11 +00:00
|
|
|
fn = l1sap->u.data.fn;
|
|
|
|
|
tn = L1SAP_CHAN2TS(l1sap->u.data.chan_nr);
|
2016-07-27 13:52:55 +00:00
|
|
|
if (ts_is_pdch(&trx->ts[tn]))
|
2016-11-11 11:22:11 +00:00
|
|
|
rc = gsmtap_pdch(l1sap, &chan_type, &ss, fn, &data,
|
|
|
|
|
&len);
|
2013-07-29 07:45:22 +00:00
|
|
|
else
|
2016-11-11 11:22:11 +00:00
|
|
|
rc = gsmtap_ph_data(l1sap, &chan_type, &ss, fn, &data,
|
2016-10-12 14:24:32 +00:00
|
|
|
&len, num_agch(trx, "GSMTAP"));
|
2021-01-23 16:32:53 +00:00
|
|
|
signal_dbm = l1sap->u.data.rssi;
|
2013-07-29 07:45:22 +00:00
|
|
|
break;
|
|
|
|
|
case OSMO_PRIM(PRIM_PH_RACH, PRIM_OP_INDICATION):
|
|
|
|
|
rc = gsmtap_ph_rach(l1sap, &chan_type, &tn, &ss, &fn, &data,
|
|
|
|
|
&len);
|
2021-01-23 16:32:53 +00:00
|
|
|
signal_dbm = l1sap->u.rach_ind.rssi;
|
2013-07-29 07:45:22 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
rc = -ENOTSUP;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (rc)
|
|
|
|
|
return rc;
|
|
|
|
|
|
|
|
|
|
if (len == 0)
|
|
|
|
|
return 0;
|
|
|
|
|
if ((chan_type & GSMTAP_CHANNEL_ACCH)) {
|
2021-02-13 04:03:36 +00:00
|
|
|
if (!trx->bts->gsmtap.sapi_acch)
|
2013-07-29 07:45:22 +00:00
|
|
|
return 0;
|
|
|
|
|
} else {
|
2021-02-13 04:03:36 +00:00
|
|
|
if (!((1 << (chan_type & 31)) & trx->bts->gsmtap.sapi_mask))
|
2013-07-29 07:45:22 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2017-07-28 12:38:28 +00:00
|
|
|
/* don't log fill frames via GSMTAP; they serve no purpose other than
|
|
|
|
|
* to clog up your logs */
|
|
|
|
|
if (is_fill_frame(chan_type, data, len))
|
|
|
|
|
return 0;
|
|
|
|
|
|
2021-02-13 04:03:36 +00:00
|
|
|
gsmtap_send(inst, trx->arfcn | uplink, tn, chan_type, ss, fn,
|
2021-01-23 16:32:53 +00:00
|
|
|
signal_dbm, 0 /* TODO: SNR */, data, len);
|
2013-07-29 07:45:22 +00:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2017-01-11 15:01:14 +00:00
|
|
|
/* Calculate the number of RACH slots that expire in a certain GSM frame
|
|
|
|
|
* See also 3GPP TS 05.02 Clause 7 Table 5 of 9 */
|
|
|
|
|
static unsigned int calc_exprd_rach_frames(struct gsm_bts *bts, uint32_t fn)
|
|
|
|
|
{
|
|
|
|
|
int rach_frames_expired = 0;
|
|
|
|
|
uint8_t ccch_conf;
|
|
|
|
|
struct gsm48_system_information_type_3 *si3;
|
|
|
|
|
unsigned int blockno;
|
|
|
|
|
|
|
|
|
|
si3 = GSM_BTS_SI(bts, SYSINFO_TYPE_3);
|
|
|
|
|
ccch_conf = si3->control_channel_desc.ccch_conf;
|
|
|
|
|
|
|
|
|
|
if (ccch_conf == RSL_BCCH_CCCH_CONF_1_C) {
|
|
|
|
|
/* It is possible to combine a CCCH with an SDCCH4, in this
|
|
|
|
|
* case the CCCH will have to share the available frames with
|
|
|
|
|
* the other channel, this results in a limited number of
|
|
|
|
|
* available rach slots */
|
|
|
|
|
blockno = fn % 51;
|
|
|
|
|
if (blockno == 4 || blockno == 5
|
|
|
|
|
|| (blockno >= 15 && blockno <= 36) || blockno == 45
|
|
|
|
|
|| blockno == 46)
|
|
|
|
|
rach_frames_expired = 1;
|
|
|
|
|
} else {
|
|
|
|
|
/* It is possible to have multiple CCCH channels on
|
|
|
|
|
* different physical channels (large cells), this
|
|
|
|
|
* also multiplies the available/expired RACH channels.
|
|
|
|
|
* See also TS 04.08, Chapter 10.5.2.11, table 10.29 */
|
|
|
|
|
if (ccch_conf == RSL_BCCH_CCCH_CONF_2_NC)
|
|
|
|
|
rach_frames_expired = 2;
|
2017-01-16 17:36:24 +00:00
|
|
|
else if (ccch_conf == RSL_BCCH_CCCH_CONF_3_NC)
|
2017-01-11 15:01:14 +00:00
|
|
|
rach_frames_expired = 3;
|
2017-01-16 17:36:24 +00:00
|
|
|
else if (ccch_conf == RSL_BCCH_CCCH_CONF_4_NC)
|
2017-01-11 15:01:14 +00:00
|
|
|
rach_frames_expired = 4;
|
|
|
|
|
else
|
|
|
|
|
rach_frames_expired = 1;
|
|
|
|
|
}
|
|
|
|
|
|
2019-05-23 21:50:41 +00:00
|
|
|
return rach_frames_expired;
|
2017-01-11 15:01:14 +00:00
|
|
|
}
|
|
|
|
|
|
2021-10-07 12:32:23 +00:00
|
|
|
static void l1sap_interf_meas_calc_avg(struct gsm_bts_trx *trx)
|
|
|
|
|
{
|
|
|
|
|
unsigned int tn, ln;
|
|
|
|
|
|
|
|
|
|
for (tn = 0; tn < ARRAY_SIZE(trx->ts); tn++) {
|
|
|
|
|
struct gsm_bts_trx_ts *ts = &trx->ts[tn];
|
|
|
|
|
|
2021-11-09 12:18:10 +00:00
|
|
|
if (ts->mo.nm_state.operational != NM_OPSTATE_ENABLED)
|
|
|
|
|
continue;
|
|
|
|
|
if (ts->mo.nm_state.availability != NM_AVSTATE_OK)
|
|
|
|
|
continue;
|
|
|
|
|
|
2021-10-07 12:32:23 +00:00
|
|
|
for (ln = 0; ln < ARRAY_SIZE(ts->lchan); ln++) {
|
|
|
|
|
struct gsm_lchan *lchan = &ts->lchan[ln];
|
|
|
|
|
|
|
|
|
|
lchan->meas.interf_meas_avg_dbm = 0;
|
|
|
|
|
lchan->meas.interf_band = 0;
|
|
|
|
|
|
|
|
|
|
/* There must be at least one sample */
|
|
|
|
|
if (lchan->meas.interf_meas_num == 0)
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
/* Average all collected samples */
|
|
|
|
|
gsm_lchan_interf_meas_calc_avg(lchan);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-08 14:23:57 +00:00
|
|
|
static void l1sap_interf_meas_report(struct gsm_bts *bts)
|
|
|
|
|
{
|
|
|
|
|
const uint32_t period = bts->interference.intave * 104;
|
|
|
|
|
struct gsm_bts_trx *trx;
|
|
|
|
|
|
|
|
|
|
if (bts->interference.intave == 0)
|
|
|
|
|
return;
|
|
|
|
|
if (bts->gsm_time.fn % period != 0)
|
|
|
|
|
return;
|
|
|
|
|
|
2021-10-07 12:32:23 +00:00
|
|
|
llist_for_each_entry(trx, &bts->trx_list, list) {
|
|
|
|
|
/* Calculate the average of all received samples */
|
|
|
|
|
l1sap_interf_meas_calc_avg(trx);
|
|
|
|
|
/* Report to the BSC over the A-bis/RSL */
|
2021-06-08 14:23:57 +00:00
|
|
|
rsl_tx_rf_res(trx);
|
2021-10-04 18:06:39 +00:00
|
|
|
/* Report to the PCU over the PCUIF */
|
|
|
|
|
pcu_tx_interf_ind(trx, bts->gsm_time.fn);
|
2021-10-07 12:32:23 +00:00
|
|
|
}
|
2021-06-08 14:23:57 +00:00
|
|
|
}
|
|
|
|
|
|
2013-08-31 17:49:12 +00:00
|
|
|
/* time information received from bts model */
|
2013-07-08 16:34:14 +00:00
|
|
|
static int l1sap_info_time_ind(struct gsm_bts *bts,
|
2017-01-11 15:01:14 +00:00
|
|
|
struct osmo_phsap_prim *l1sap,
|
|
|
|
|
struct info_time_ind_param *info_time_ind)
|
2013-08-31 17:49:12 +00:00
|
|
|
{
|
2021-06-06 23:49:04 +00:00
|
|
|
unsigned int frames_expired;
|
|
|
|
|
unsigned int i;
|
2014-08-27 17:57:51 +00:00
|
|
|
|
2018-02-22 10:44:20 +00:00
|
|
|
DEBUGPFN(DL1P, info_time_ind->fn, "Rx MPH_INFO time ind\n");
|
2013-08-31 17:49:12 +00:00
|
|
|
|
2017-01-11 15:01:14 +00:00
|
|
|
/* Calculate and check frame difference */
|
2021-06-06 23:49:04 +00:00
|
|
|
frames_expired = GSM_TDMA_FN_SUB(info_time_ind->fn, bts->gsm_time.fn);
|
2017-01-11 15:01:14 +00:00
|
|
|
if (frames_expired > 1) {
|
2018-03-17 11:22:40 +00:00
|
|
|
if (bts->gsm_time.fn)
|
2018-02-22 10:44:20 +00:00
|
|
|
LOGPFN(DL1P, LOGL_ERROR, info_time_ind->fn,
|
2021-06-06 23:49:04 +00:00
|
|
|
"Invalid condition detected: Frame difference is %"PRIu32"-%"PRIu32"=%u > 1!\n",
|
2018-03-17 11:22:40 +00:00
|
|
|
info_time_ind->fn, bts->gsm_time.fn, frames_expired);
|
2017-01-11 15:01:14 +00:00
|
|
|
}
|
|
|
|
|
|
2013-08-31 17:49:12 +00:00
|
|
|
/* Update our data structures with the current GSM time */
|
2018-03-17 11:22:40 +00:00
|
|
|
gsm_fn2gsmtime(&bts->gsm_time, info_time_ind->fn);
|
2013-08-31 17:49:12 +00:00
|
|
|
|
|
|
|
|
/* Update time on PCU interface */
|
|
|
|
|
pcu_tx_time_ind(info_time_ind->fn);
|
|
|
|
|
|
2014-08-27 17:57:51 +00:00
|
|
|
/* increment number of RACH slots that have passed by since the
|
|
|
|
|
* last time indication */
|
2019-05-23 21:58:42 +00:00
|
|
|
for (i = 0; i < frames_expired; i++) {
|
2020-06-16 22:08:54 +00:00
|
|
|
uint32_t fn = GSM_TDMA_FN_SUB(info_time_ind->fn, i);
|
2019-05-23 21:58:42 +00:00
|
|
|
bts->load.rach.total += calc_exprd_rach_frames(bts, fn);
|
|
|
|
|
}
|
2013-08-31 17:49:12 +00:00
|
|
|
|
2021-06-08 14:23:57 +00:00
|
|
|
/* Report interference levels to the BSC */
|
2021-10-07 17:55:27 +00:00
|
|
|
if (bts_internal_flag_get(bts, BTS_INTERNAL_FLAG_INTERF_MEAS))
|
|
|
|
|
l1sap_interf_meas_report(bts);
|
2021-06-08 14:23:57 +00:00
|
|
|
|
2013-08-31 17:49:12 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
2017-03-07 16:30:35 +00:00
|
|
|
|
|
|
|
|
static inline void set_ms_to_data(struct gsm_lchan *lchan, int16_t data, bool set_ms_to)
|
|
|
|
|
{
|
|
|
|
|
if (!lchan)
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
if (data + 63 > 255) { /* According to 3GPP TS 48.058 §9.3.37 Timing Offset field cannot exceed 255 */
|
2019-05-20 23:14:24 +00:00
|
|
|
LOGPLCHAN(lchan, DL1P, LOGL_ERROR, "Attempting to set invalid Timing Offset value "
|
|
|
|
|
"%d (MS TO = %u)!\n", data, set_ms_to);
|
2017-03-07 16:30:35 +00:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (set_ms_to) {
|
|
|
|
|
lchan->ms_t_offs = data + 63;
|
|
|
|
|
lchan->p_offs = -1;
|
|
|
|
|
} else {
|
|
|
|
|
lchan->p_offs = data + 63;
|
|
|
|
|
lchan->ms_t_offs = -1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-27 14:45:47 +00:00
|
|
|
bool trx_sched_is_sacch_fn(const struct gsm_bts_trx_ts *ts, uint32_t fn, bool uplink);
|
|
|
|
|
|
2013-08-31 18:30:40 +00:00
|
|
|
/* measurement information received from bts model */
|
2021-10-27 10:29:21 +00:00
|
|
|
static void process_l1sap_meas_data(struct gsm_lchan *lchan,
|
2021-10-28 19:38:20 +00:00
|
|
|
const struct osmo_phsap_prim *l1sap,
|
2019-10-31 08:36:17 +00:00
|
|
|
enum osmo_ph_prim ind_type)
|
2013-08-31 18:30:40 +00:00
|
|
|
{
|
|
|
|
|
struct bts_ul_meas ulm;
|
2021-10-28 19:38:20 +00:00
|
|
|
const struct info_meas_ind_param *info_meas_ind;
|
|
|
|
|
const struct ph_data_param *ph_data_ind;
|
|
|
|
|
const struct ph_tch_param *ph_tch_ind;
|
2019-10-31 08:36:17 +00:00
|
|
|
uint32_t fn;
|
|
|
|
|
const char *ind_name;
|
|
|
|
|
|
|
|
|
|
switch (ind_type) {
|
|
|
|
|
case PRIM_MPH_INFO:
|
|
|
|
|
/* (legacy way, see also OS#2977) */
|
|
|
|
|
info_meas_ind = &l1sap->u.info.u.meas_ind;
|
|
|
|
|
fn = info_meas_ind->fn;
|
|
|
|
|
ind_name = "MPH INFO";
|
2021-10-27 09:07:49 +00:00
|
|
|
ulm = (struct bts_ul_meas) {
|
|
|
|
|
.ta_offs_256bits = info_meas_ind->ta_offs_256bits,
|
|
|
|
|
.inv_rssi = info_meas_ind->inv_rssi,
|
|
|
|
|
.ber10k = info_meas_ind->ber10k,
|
2022-04-27 15:04:58 +00:00
|
|
|
.ci_cb = info_meas_ind->c_i_cb,
|
2021-10-27 09:07:49 +00:00
|
|
|
};
|
2022-04-27 14:45:47 +00:00
|
|
|
/* additionally treat SACCH frames (match by TDMA FN) as SUB frames */
|
|
|
|
|
if (info_meas_ind->is_sub || trx_sched_is_sacch_fn(lchan->ts, fn, true))
|
|
|
|
|
ulm.is_sub = 1;
|
2019-10-31 08:36:17 +00:00
|
|
|
break;
|
|
|
|
|
case PRIM_TCH:
|
|
|
|
|
ph_tch_ind = &l1sap->u.tch;
|
|
|
|
|
if (ph_tch_ind->rssi == 0)
|
|
|
|
|
return;
|
|
|
|
|
fn = ph_tch_ind->fn;
|
|
|
|
|
ind_name = "TCH";
|
2021-10-27 09:07:49 +00:00
|
|
|
ulm = (struct bts_ul_meas) {
|
|
|
|
|
.ta_offs_256bits = ph_tch_ind->ta_offs_256bits,
|
|
|
|
|
.inv_rssi = abs(ph_tch_ind->rssi),
|
|
|
|
|
.ber10k = ph_tch_ind->ber10k,
|
2022-04-27 15:04:58 +00:00
|
|
|
.ci_cb = ph_tch_ind->lqual_cb,
|
2021-10-27 09:07:49 +00:00
|
|
|
.is_sub = ph_tch_ind->is_sub,
|
|
|
|
|
};
|
2022-04-27 14:45:47 +00:00
|
|
|
/* PRIM_TCH always carries DCCH, not SACCH */
|
2019-10-31 08:36:17 +00:00
|
|
|
break;
|
|
|
|
|
case PRIM_PH_DATA:
|
|
|
|
|
ph_data_ind = &l1sap->u.data;
|
|
|
|
|
if (ph_data_ind->rssi == 0)
|
|
|
|
|
return;
|
|
|
|
|
fn = ph_data_ind->fn;
|
|
|
|
|
ind_name = "DATA";
|
2021-10-27 09:07:49 +00:00
|
|
|
ulm = (struct bts_ul_meas) {
|
|
|
|
|
.ta_offs_256bits = ph_data_ind->ta_offs_256bits,
|
|
|
|
|
.inv_rssi = abs(ph_data_ind->rssi),
|
|
|
|
|
.ber10k = ph_data_ind->ber10k,
|
2022-04-27 15:04:58 +00:00
|
|
|
.ci_cb = ph_data_ind->lqual_cb,
|
2021-10-27 09:07:49 +00:00
|
|
|
};
|
2022-04-27 14:45:47 +00:00
|
|
|
/* additionally treat SACCH frames (match by RSL link ID) as SUB frames */
|
|
|
|
|
if (ph_data_ind->is_sub || L1SAP_IS_LINK_SACCH(ph_data_ind->link_id))
|
|
|
|
|
ulm.is_sub = 1;
|
2019-10-31 08:36:17 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
OSMO_ASSERT(false);
|
|
|
|
|
}
|
2013-08-31 18:30:40 +00:00
|
|
|
|
2019-10-31 08:36:17 +00:00
|
|
|
DEBUGPFN(DL1P, fn,
|
2021-09-13 09:50:26 +00:00
|
|
|
"%s %s meas ind, ta_offs_256bits=%d, ber10k=%d, inv_rssi=%u, C/I=%d cB\n",
|
2021-10-27 09:07:49 +00:00
|
|
|
gsm_lchan_name(lchan), ind_name, ulm.ta_offs_256bits,
|
2022-04-27 15:04:58 +00:00
|
|
|
ulm.ber10k, ulm.inv_rssi, ulm.ci_cb);
|
2013-08-31 18:30:40 +00:00
|
|
|
|
2017-03-07 16:30:35 +00:00
|
|
|
/* we assume that symbol period is 1 bit: */
|
2021-10-27 09:07:49 +00:00
|
|
|
set_ms_to_data(lchan, ulm.ta_offs_256bits / 256, true);
|
2017-03-07 16:30:35 +00:00
|
|
|
|
2019-10-31 08:36:17 +00:00
|
|
|
lchan_meas_process_measurement(lchan, &ulm, fn);
|
2017-04-19 15:09:50 +00:00
|
|
|
|
2019-10-31 08:36:17 +00:00
|
|
|
return;
|
2013-08-31 18:30:40 +00:00
|
|
|
}
|
|
|
|
|
|
2019-10-13 17:09:39 +00:00
|
|
|
/* any L1 MPH_INFO indication prim received from bts model */
|
2013-08-31 17:49:12 +00:00
|
|
|
static int l1sap_mph_info_ind(struct gsm_bts_trx *trx,
|
|
|
|
|
struct osmo_phsap_prim *l1sap, struct mph_info_param *info)
|
|
|
|
|
{
|
2021-10-27 10:29:21 +00:00
|
|
|
const struct info_meas_ind_param *meas_ind;
|
|
|
|
|
struct gsm_lchan *lchan;
|
2013-08-31 17:49:12 +00:00
|
|
|
int rc = 0;
|
|
|
|
|
|
|
|
|
|
switch (info->type) {
|
|
|
|
|
case PRIM_INFO_TIME:
|
2016-01-20 18:02:51 +00:00
|
|
|
if (trx != trx->bts->c0) {
|
2018-02-22 10:44:20 +00:00
|
|
|
LOGPFN(DL1P, LOGL_NOTICE, info->u.time_ind.fn,
|
|
|
|
|
"BTS model is sending us PRIM_INFO_TIME for TRX %u, please fix it\n",
|
|
|
|
|
trx->nr);
|
2016-01-20 18:02:51 +00:00
|
|
|
rc = -1;
|
|
|
|
|
} else
|
|
|
|
|
rc = l1sap_info_time_ind(trx->bts, l1sap,
|
|
|
|
|
&info->u.time_ind);
|
2013-08-31 17:49:12 +00:00
|
|
|
break;
|
2013-08-31 18:30:40 +00:00
|
|
|
case PRIM_INFO_MEAS:
|
2019-10-31 08:36:17 +00:00
|
|
|
/* We should never get an INFO_IND with PRIM_INFO_MEAS
|
Do not mix public and private BTS features, use libosmocore's API
It was a very bad idea to mix "public" BTS features, that are
reported to the BSC via OML, and those features, that are used
locally (and exclusively) in osmo-bts.
Why? At least because we already have the BTS feature manipulation
API in libosmocore, that is used by osmo-bsc, but for some reason
not by osmo-bts. New features added to libosmocore would clash
with the existing "internal" ones like BTS_FEAT_MS_PWR_CTRL_DSP.
So what this change does can be described as follows:
- remove duplicate definition of the "public" features,
- use libosmocore's API for the "public" features,
- separate both "internal" and "public" features:
- the "public" features continue to live in bitvec,
- the "internal" features become flags,
- s/BTS_FEAT/BTS_INTERNAL_FLAG/g.
Change-Id: Icf792d02323bb73e3b8d46384c7890cb1eb4731e
2020-05-29 17:14:03 +00:00
|
|
|
* when BTS_INTERNAL_FLAG_MEAS_PAYLOAD_COMB is set */
|
|
|
|
|
if (bts_internal_flag_get(trx->bts, BTS_INTERNAL_FLAG_MEAS_PAYLOAD_COMB))
|
2019-10-31 08:36:17 +00:00
|
|
|
OSMO_ASSERT(false);
|
|
|
|
|
|
2021-10-27 10:29:21 +00:00
|
|
|
meas_ind = &l1sap->u.info.u.meas_ind;
|
|
|
|
|
|
|
|
|
|
lchan = get_active_lchan_by_chan_nr(trx, meas_ind->chan_nr);
|
|
|
|
|
if (!lchan) {
|
|
|
|
|
LOGPFN(DL1P, LOGL_ERROR, meas_ind->fn,
|
|
|
|
|
"No lchan for chan_nr=%s\n",
|
|
|
|
|
rsl_chan_nr_str(meas_ind->chan_nr));
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
process_l1sap_meas_data(lchan, l1sap, PRIM_MPH_INFO);
|
2013-08-31 18:30:40 +00:00
|
|
|
break;
|
2013-08-31 17:49:12 +00:00
|
|
|
default:
|
|
|
|
|
LOGP(DL1P, LOGL_NOTICE, "unknown MPH_INFO ind type %d\n",
|
|
|
|
|
info->type);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
2013-09-01 07:19:45 +00:00
|
|
|
/* activation confirm received from bts model */
|
|
|
|
|
static int l1sap_info_act_cnf(struct gsm_bts_trx *trx,
|
|
|
|
|
struct osmo_phsap_prim *l1sap,
|
|
|
|
|
struct info_act_cnf_param *info_act_cnf)
|
|
|
|
|
{
|
2019-05-20 23:14:24 +00:00
|
|
|
struct gsm_lchan *lchan = get_lchan_by_chan_nr(trx, info_act_cnf->chan_nr);
|
2021-05-27 22:26:44 +00:00
|
|
|
if (lchan == NULL) {
|
|
|
|
|
LOGPTRX(trx, DL1C, LOGL_ERROR, "get_lchan_by_chan_nr(chan_nr=%s) "
|
|
|
|
|
"yields NULL for PRIM_INFO_ACTIVATE.conf\n",
|
|
|
|
|
rsl_chan_nr_str(info_act_cnf->chan_nr));
|
|
|
|
|
return -ENODEV;
|
|
|
|
|
}
|
2013-09-01 07:19:45 +00:00
|
|
|
|
2019-05-20 23:14:24 +00:00
|
|
|
LOGPLCHAN(lchan, DL1C, LOGL_INFO, "activate confirm chan_nr=%s trx=%d\n",
|
|
|
|
|
rsl_chan_nr_str(info_act_cnf->chan_nr), trx->nr);
|
2013-09-01 07:19:45 +00:00
|
|
|
|
2016-08-22 16:23:03 +00:00
|
|
|
rsl_tx_chan_act_acknack(lchan, info_act_cnf->cause);
|
2013-09-01 07:19:45 +00:00
|
|
|
|
2016-06-16 15:32:32 +00:00
|
|
|
/* During PDCH ACT, this is where we know that the PCU is done
|
|
|
|
|
* activating a PDCH, and PDCH switchover is complete. See
|
|
|
|
|
* rsl_rx_dyn_pdch() */
|
2016-07-16 20:29:28 +00:00
|
|
|
if (lchan->ts->pchan == GSM_PCHAN_TCH_F_PDCH
|
|
|
|
|
&& (lchan->ts->flags & TS_F_PDCH_ACT_PENDING))
|
|
|
|
|
ipacc_dyn_pdch_complete(lchan->ts,
|
|
|
|
|
info_act_cnf->cause? -EIO : 0);
|
2016-06-16 15:32:32 +00:00
|
|
|
|
2013-09-01 07:19:45 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* activation confirm received from bts model */
|
|
|
|
|
static int l1sap_info_rel_cnf(struct gsm_bts_trx *trx,
|
|
|
|
|
struct osmo_phsap_prim *l1sap,
|
|
|
|
|
struct info_act_cnf_param *info_act_cnf)
|
|
|
|
|
{
|
2019-05-20 23:14:24 +00:00
|
|
|
struct gsm_lchan *lchan = get_lchan_by_chan_nr(trx, info_act_cnf->chan_nr);
|
2021-05-27 22:26:44 +00:00
|
|
|
if (lchan == NULL) {
|
|
|
|
|
LOGPTRX(trx, DL1C, LOGL_ERROR, "get_lchan_by_chan_nr(chan_nr=%s) "
|
|
|
|
|
"yields NULL for PRIM_INFO_ACTIVATE.conf\n",
|
|
|
|
|
rsl_chan_nr_str(info_act_cnf->chan_nr));
|
|
|
|
|
return -ENODEV;
|
|
|
|
|
}
|
2013-09-01 07:19:45 +00:00
|
|
|
|
2019-05-20 23:14:24 +00:00
|
|
|
LOGPLCHAN(lchan, DL1C, LOGL_INFO, "deactivate confirm chan_nr=%s trx=%d\n",
|
|
|
|
|
rsl_chan_nr_str(info_act_cnf->chan_nr), trx->nr);
|
2013-09-01 07:19:45 +00:00
|
|
|
|
|
|
|
|
rsl_tx_rf_rel_ack(lchan);
|
|
|
|
|
|
2016-06-16 15:32:32 +00:00
|
|
|
/* During PDCH DEACT, this marks the deactivation of the PDTCH as
|
|
|
|
|
* requested by the PCU. Next up, we disconnect the TS completely and
|
2016-07-26 13:22:58 +00:00
|
|
|
* call back to cb_ts_disconnected(). See rsl_rx_dyn_pdch(). */
|
2016-07-16 20:29:28 +00:00
|
|
|
if (lchan->ts->pchan == GSM_PCHAN_TCH_F_PDCH
|
|
|
|
|
&& (lchan->ts->flags & TS_F_PDCH_DEACT_PENDING))
|
2016-06-16 15:32:32 +00:00
|
|
|
bts_model_ts_disconnect(lchan->ts);
|
|
|
|
|
|
2013-09-01 07:19:45 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2019-10-13 17:09:39 +00:00
|
|
|
/* any L1 MPH_INFO confirm prim received from bts model */
|
2013-09-01 07:19:45 +00:00
|
|
|
static int l1sap_mph_info_cnf(struct gsm_bts_trx *trx,
|
|
|
|
|
struct osmo_phsap_prim *l1sap, struct mph_info_param *info)
|
|
|
|
|
{
|
|
|
|
|
int rc = 0;
|
|
|
|
|
|
|
|
|
|
switch (info->type) {
|
|
|
|
|
case PRIM_INFO_ACTIVATE:
|
|
|
|
|
rc = l1sap_info_act_cnf(trx, l1sap, &info->u.act_cnf);
|
|
|
|
|
break;
|
|
|
|
|
case PRIM_INFO_DEACTIVATE:
|
|
|
|
|
rc = l1sap_info_rel_cnf(trx, l1sap, &info->u.act_cnf);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
2017-12-02 16:31:45 +00:00
|
|
|
LOGP(DL1C, LOGL_NOTICE, "unknown MPH_INFO cnf type %d\n",
|
2013-09-01 07:19:45 +00:00
|
|
|
info->type);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-23 16:26:24 +00:00
|
|
|
/*! handling for PDTCH loopback mode, used for BER testing
|
|
|
|
|
* \param[in] lchan logical channel on which we operate
|
|
|
|
|
* \param[in] rts_ind PH-RTS.ind from PHY which we process
|
|
|
|
|
* \param[out] msg Message buffer to which we write data
|
|
|
|
|
*
|
|
|
|
|
* The function will fill \a msg, from which the caller can then
|
|
|
|
|
* subsequently build a PH-DATA.req */
|
|
|
|
|
static int lchan_pdtch_ph_rts_ind_loop(struct gsm_lchan *lchan,
|
|
|
|
|
const struct ph_data_param *rts_ind,
|
|
|
|
|
struct msgb *msg, const struct gsm_time *tm)
|
|
|
|
|
{
|
|
|
|
|
struct msgb *loop_msg;
|
|
|
|
|
uint8_t *p;
|
|
|
|
|
|
|
|
|
|
/* de-queue response message (loopback) */
|
2022-08-11 15:37:32 +00:00
|
|
|
loop_msg = msgb_dequeue_count(&lchan->dl_tch_queue, &lchan->dl_tch_queue_len);
|
2017-06-23 16:26:24 +00:00
|
|
|
if (!loop_msg) {
|
2018-02-22 10:44:20 +00:00
|
|
|
LOGPGT(DL1P, LOGL_NOTICE, tm, "%s: no looped PDTCH message, sending empty\n",
|
|
|
|
|
gsm_lchan_name(lchan));
|
2017-06-23 16:26:24 +00:00
|
|
|
/* empty downlink message */
|
|
|
|
|
p = msgb_put(msg, GSM_MACBLOCK_LEN);
|
|
|
|
|
memset(p, 0, GSM_MACBLOCK_LEN);
|
|
|
|
|
} else {
|
2018-02-22 10:44:20 +00:00
|
|
|
LOGPGT(DL1P, LOGL_NOTICE, tm, "%s: looped PDTCH message of %u bytes\n",
|
|
|
|
|
gsm_lchan_name(lchan), msgb_l2len(loop_msg));
|
2017-06-23 16:26:24 +00:00
|
|
|
/* copy over data from queued response message */
|
|
|
|
|
p = msgb_put(msg, msgb_l2len(loop_msg));
|
|
|
|
|
memcpy(p, msgb_l2(loop_msg), msgb_l2len(loop_msg));
|
|
|
|
|
msgb_free(loop_msg);
|
|
|
|
|
}
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2018-08-31 09:24:49 +00:00
|
|
|
/* Check if given CCCH frame number is for a PCH or for an AGCH (this function is
|
|
|
|
|
* only used internally, it is public to call it from unit-tests) */
|
|
|
|
|
int is_ccch_for_agch(struct gsm_bts_trx *trx, uint32_t fn) {
|
|
|
|
|
/* Note: The number of available access grant channels is set by the
|
|
|
|
|
* parameter BS_AG_BLKS_RES via system information type 3. This SI is
|
2019-10-13 17:09:39 +00:00
|
|
|
* transferred to osmo-bts via RSL */
|
2018-09-30 12:50:39 +00:00
|
|
|
return l1sap_fn2ccch_block(fn) < num_agch(trx, "PH-RTS-IND");
|
2018-08-31 09:24:49 +00:00
|
|
|
}
|
|
|
|
|
|
2019-06-02 15:36:21 +00:00
|
|
|
/* return the measured average of frame numbers that the RTS clock is running in advance */
|
2020-09-25 02:53:59 +00:00
|
|
|
int32_t bts_get_avg_fn_advance(const struct gsm_bts *bts)
|
2019-06-02 15:36:21 +00:00
|
|
|
{
|
|
|
|
|
if (bts->fn_stats.avg_count == 0)
|
|
|
|
|
return 0;
|
|
|
|
|
return bts->fn_stats.avg256 / bts->fn_stats.avg_count;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void l1sap_update_fnstats(struct gsm_bts *bts, uint32_t rts_fn)
|
|
|
|
|
{
|
2020-06-16 22:08:54 +00:00
|
|
|
int32_t delta = GSM_TDMA_FN_SUB(rts_fn, bts->gsm_time.fn);
|
2019-06-02 15:36:21 +00:00
|
|
|
|
|
|
|
|
if (delta < bts->fn_stats.min)
|
|
|
|
|
bts->fn_stats.min = delta;
|
|
|
|
|
if (delta > bts->fn_stats.max)
|
|
|
|
|
bts->fn_stats.max = delta;
|
|
|
|
|
|
|
|
|
|
if (bts->fn_stats.avg_count > bts->fn_stats.avg_window) {
|
|
|
|
|
/* reset and start old average and new sample */
|
|
|
|
|
bts->fn_stats.avg256 = (bts->fn_stats.avg256 / bts->fn_stats.avg_count) + delta;
|
|
|
|
|
bts->fn_stats.avg_count = 2;
|
|
|
|
|
} else {
|
|
|
|
|
bts->fn_stats.avg256 += delta;
|
|
|
|
|
bts->fn_stats.avg_count++;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-11-01 21:22:56 +00:00
|
|
|
/* Common dequeueing function */
|
|
|
|
|
static inline struct msgb *lapdm_phsap_dequeue_msg(struct lapdm_entity *le)
|
|
|
|
|
{
|
|
|
|
|
struct osmo_phsap_prim pp;
|
|
|
|
|
if (lapdm_phsap_dequeue_prim(le, &pp) < 0)
|
|
|
|
|
return NULL;
|
|
|
|
|
return pp.oph.msg;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Special dequeueing function with FACCH repetition (3GPP TS 44.006, section 10) */
|
|
|
|
|
static inline struct msgb *lapdm_phsap_dequeue_msg_facch(struct gsm_lchan *lchan, struct lapdm_entity *le, uint32_t fn)
|
|
|
|
|
{
|
|
|
|
|
struct osmo_phsap_prim pp;
|
|
|
|
|
struct msgb *msg;
|
|
|
|
|
|
|
|
|
|
/* Note: The repeated version of the FACCH block must be scheduled 8 or 9 bursts after the original
|
|
|
|
|
* transmission. see 3GPP TS 44.006, section 10.2 for a more detailed explaination. */
|
2021-10-21 23:28:31 +00:00
|
|
|
if (lchan->rep_acch.dl_facch[0].msg && GSM_TDMA_FN_SUB(fn, lchan->rep_acch.dl_facch[0].fn) >= 8) {
|
2020-11-01 21:22:56 +00:00
|
|
|
/* Re-use stored FACCH message buffer from SLOT #0 for repetition. */
|
2021-10-21 23:28:31 +00:00
|
|
|
msg = lchan->rep_acch.dl_facch[0].msg;
|
|
|
|
|
lchan->rep_acch.dl_facch[0].msg = NULL;
|
|
|
|
|
} else if (lchan->rep_acch.dl_facch[1].msg && GSM_TDMA_FN_SUB(fn, lchan->rep_acch.dl_facch[1].fn) >= 8) {
|
2020-11-01 21:22:56 +00:00
|
|
|
/* Re-use stored FACCH message buffer from SLOT #1 for repetition. */
|
2021-10-21 23:28:31 +00:00
|
|
|
msg = lchan->rep_acch.dl_facch[1].msg;
|
|
|
|
|
lchan->rep_acch.dl_facch[1].msg = NULL;
|
2020-11-01 21:22:56 +00:00
|
|
|
} else {
|
|
|
|
|
/* Fetch new FACCH from queue ... */
|
|
|
|
|
if (lapdm_phsap_dequeue_prim(le, &pp) < 0)
|
|
|
|
|
return NULL;
|
|
|
|
|
msg = pp.oph.msg;
|
|
|
|
|
|
|
|
|
|
/* Check if the LAPDm frame is a command frame,
|
|
|
|
|
* see also: 3GPP TS 04.06 section 3.2 and 3.3.2.
|
|
|
|
|
* If the MS explicitly indicated that repeated ACCH is
|
|
|
|
|
* supported, than all FACCH frames may be repeated
|
|
|
|
|
* see also: 3GPP TS 44.006, section 10.3). */
|
2021-10-21 23:52:28 +00:00
|
|
|
if (!(lchan->rep_acch_cap.dl_facch_all || msg->data[0] & 0x02))
|
2020-11-01 21:22:56 +00:00
|
|
|
return msg;
|
|
|
|
|
|
|
|
|
|
/* ... and store the message buffer for repetition. */
|
2021-10-21 23:28:31 +00:00
|
|
|
if (lchan->rep_acch.dl_facch[0].msg == NULL) {
|
|
|
|
|
lchan->rep_acch.dl_facch[0].msg = msgb_copy(msg, "rep_facch_0");
|
|
|
|
|
lchan->rep_acch.dl_facch[0].fn = fn;
|
|
|
|
|
} else if (lchan->rep_acch.dl_facch[1].msg == NULL) {
|
|
|
|
|
lchan->rep_acch.dl_facch[1].msg = msgb_copy(msg, "rep_facch_1");
|
|
|
|
|
lchan->rep_acch.dl_facch[1].fn = fn;
|
2020-11-01 21:22:56 +00:00
|
|
|
} else {
|
|
|
|
|
/* By definition 3GPP TS 05.02 does not allow more than two (for TCH/H only one) FACCH blocks
|
|
|
|
|
* to be transmitted simultaniously. */
|
|
|
|
|
OSMO_ASSERT(false);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return msg;
|
|
|
|
|
}
|
|
|
|
|
|
2020-11-11 15:19:18 +00:00
|
|
|
/* Special dequeueing function with SACCH repetition (3GPP TS 44.006, section 11) */
|
|
|
|
|
static inline struct msgb *lapdm_phsap_dequeue_msg_sacch(struct gsm_lchan *lchan, struct lapdm_entity *le)
|
|
|
|
|
{
|
|
|
|
|
struct osmo_phsap_prim pp;
|
|
|
|
|
struct msgb *msg;
|
|
|
|
|
uint8_t sapi;
|
|
|
|
|
|
|
|
|
|
/* Note: When the MS disables SACCH repetition, we still must collect
|
|
|
|
|
* possible candidates in order to have one ready in case the MS enables
|
|
|
|
|
* SACCH repetition. */
|
|
|
|
|
|
2021-10-21 23:17:21 +00:00
|
|
|
if (lchan->rep_acch.dl_sacch_msg) {
|
2021-02-16 19:58:24 +00:00
|
|
|
if (lchan->meas.l1_info.srr_sro == 0) {
|
2020-11-11 15:19:18 +00:00
|
|
|
/* Toss previous repetition candidate */
|
2021-10-21 23:17:21 +00:00
|
|
|
msgb_free(lchan->rep_acch.dl_sacch_msg);
|
|
|
|
|
lchan->rep_acch.dl_sacch_msg = NULL;
|
2020-11-11 15:19:18 +00:00
|
|
|
} else {
|
|
|
|
|
/* Use previous repetition candidate */
|
2021-10-21 23:17:21 +00:00
|
|
|
msg = lchan->rep_acch.dl_sacch_msg;
|
|
|
|
|
lchan->rep_acch.dl_sacch_msg = NULL;
|
2020-11-11 15:19:18 +00:00
|
|
|
return msg;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Fetch new repetition candidate from queue */
|
|
|
|
|
if (lapdm_phsap_dequeue_prim(le, &pp) < 0)
|
|
|
|
|
return NULL;
|
|
|
|
|
msg = pp.oph.msg;
|
|
|
|
|
sapi = (msg->data[0] >> 2) & 0x07;
|
|
|
|
|
|
2021-02-12 15:06:20 +00:00
|
|
|
/* Only LAPDm frames for SAPI 0 may become a repetition
|
2020-11-11 15:19:18 +00:00
|
|
|
* candidate. */
|
|
|
|
|
if (sapi == 0)
|
2021-10-21 23:17:21 +00:00
|
|
|
lchan->rep_acch.dl_sacch_msg = msgb_copy(msg, "rep_sacch");
|
2020-11-11 15:19:18 +00:00
|
|
|
|
|
|
|
|
return msg;
|
|
|
|
|
}
|
|
|
|
|
|
2016-07-27 13:32:46 +00:00
|
|
|
/* PH-RTS-IND prim received from bts model */
|
2013-07-29 07:42:23 +00:00
|
|
|
static int l1sap_ph_rts_ind(struct gsm_bts_trx *trx,
|
|
|
|
|
struct osmo_phsap_prim *l1sap, struct ph_data_param *rts_ind)
|
|
|
|
|
{
|
|
|
|
|
struct msgb *msg = l1sap->oph.msg;
|
|
|
|
|
struct gsm_time g_time;
|
2013-09-01 09:09:20 +00:00
|
|
|
struct gsm_lchan *lchan;
|
2013-07-29 07:42:23 +00:00
|
|
|
uint8_t chan_nr, link_id;
|
2015-12-05 10:54:08 +00:00
|
|
|
uint8_t tn;
|
2013-07-29 07:42:23 +00:00
|
|
|
uint32_t fn;
|
2020-11-19 16:31:09 +00:00
|
|
|
uint8_t *p = NULL;
|
|
|
|
|
uint8_t *si;
|
2013-09-01 09:09:20 +00:00
|
|
|
struct lapdm_entity *le;
|
2020-11-01 21:22:56 +00:00
|
|
|
struct msgb *pp_msg;
|
2016-10-03 15:37:45 +00:00
|
|
|
bool dtxd_facch = false;
|
2013-08-30 06:03:09 +00:00
|
|
|
int rc;
|
2018-08-31 09:24:49 +00:00
|
|
|
int is_ag_res;
|
2013-07-29 07:42:23 +00:00
|
|
|
|
|
|
|
|
chan_nr = rts_ind->chan_nr;
|
|
|
|
|
link_id = rts_ind->link_id;
|
|
|
|
|
fn = rts_ind->fn;
|
|
|
|
|
tn = L1SAP_CHAN2TS(chan_nr);
|
|
|
|
|
|
|
|
|
|
gsm_fn2gsmtime(&g_time, fn);
|
|
|
|
|
|
2018-10-10 11:43:04 +00:00
|
|
|
DEBUGPGT(DL1P, &g_time, "Rx PH-RTS.ind chan_nr=%s link_id=0x%02xd\n", rsl_chan_nr_str(chan_nr), link_id);
|
2013-08-30 06:48:38 +00:00
|
|
|
|
2019-06-02 15:36:21 +00:00
|
|
|
l1sap_update_fnstats(trx->bts, fn);
|
|
|
|
|
|
2013-07-29 07:42:23 +00:00
|
|
|
/* reuse PH-RTS.ind for PH-DATA.req */
|
|
|
|
|
if (!msg) {
|
2018-02-22 10:44:20 +00:00
|
|
|
LOGPGT(DL1P, LOGL_FATAL, &g_time, "RTS without msg to be reused. Please fix!\n");
|
2013-07-29 07:42:23 +00:00
|
|
|
abort();
|
|
|
|
|
}
|
|
|
|
|
msgb_trim(msg, sizeof(*l1sap));
|
|
|
|
|
osmo_prim_init(&l1sap->oph, SAP_GSM_PH, PRIM_PH_DATA, PRIM_OP_REQUEST,
|
|
|
|
|
msg);
|
|
|
|
|
msg->l2h = msg->l1h + sizeof(*l1sap);
|
|
|
|
|
|
2017-06-23 16:26:24 +00:00
|
|
|
if (ts_is_pdch(&trx->ts[tn])) {
|
|
|
|
|
lchan = get_active_lchan_by_chan_nr(trx, chan_nr);
|
|
|
|
|
if (lchan && lchan->loopback) {
|
|
|
|
|
if (!L1SAP_IS_PTCCH(rts_ind->fn))
|
|
|
|
|
lchan_pdtch_ph_rts_ind_loop(lchan, rts_ind, msg, &g_time);
|
|
|
|
|
/* continue below like for SACCH/FACCH/... */
|
|
|
|
|
} else {
|
|
|
|
|
/* forward RTS.ind to PCU */
|
|
|
|
|
if (L1SAP_IS_PTCCH(rts_ind->fn)) {
|
2019-10-08 21:19:10 +00:00
|
|
|
pcu_tx_rts_req(&trx->ts[tn], 1, fn, trx->arfcn,
|
2017-06-23 16:26:24 +00:00
|
|
|
L1SAP_FN2PTCCHBLOCK(fn));
|
|
|
|
|
} else {
|
2019-10-08 21:19:10 +00:00
|
|
|
pcu_tx_rts_req(&trx->ts[tn], 0, fn, trx->arfcn,
|
2017-06-23 16:26:24 +00:00
|
|
|
L1SAP_FN2MACBLOCK(fn));
|
|
|
|
|
}
|
|
|
|
|
/* return early, PCU takes care of rest */
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
} else if (L1SAP_IS_CHAN_BCCH(chan_nr)) {
|
2013-07-29 07:42:23 +00:00
|
|
|
p = msgb_put(msg, GSM_MACBLOCK_LEN);
|
|
|
|
|
/* get them from bts->si_buf[] */
|
|
|
|
|
si = bts_sysinfo_get(trx->bts, &g_time);
|
|
|
|
|
if (si)
|
|
|
|
|
memcpy(p, si, GSM_MACBLOCK_LEN);
|
2018-08-23 11:27:01 +00:00
|
|
|
else
|
2013-07-29 07:42:23 +00:00
|
|
|
memcpy(p, fill_frame, GSM_MACBLOCK_LEN);
|
2018-08-24 21:37:45 +00:00
|
|
|
} else if (L1SAP_IS_CHAN_CBCH(chan_nr)) {
|
|
|
|
|
p = msgb_put(msg, GSM_MACBLOCK_LEN);
|
|
|
|
|
bts_cbch_get(trx->bts, p, &g_time);
|
2013-09-01 09:09:20 +00:00
|
|
|
} else if (!(chan_nr & 0x80)) { /* only TCH/F, TCH/H, SDCCH/4 and SDCCH/8 have C5 bit cleared */
|
2015-12-05 10:54:08 +00:00
|
|
|
lchan = get_active_lchan_by_chan_nr(trx, chan_nr);
|
2017-06-23 16:57:28 +00:00
|
|
|
if (!lchan) {
|
2018-10-10 11:43:04 +00:00
|
|
|
LOGPGT(DL1P, LOGL_ERROR, &g_time, "No lchan for PH-RTS.ind (chan_nr=%s)\n",
|
|
|
|
|
rsl_chan_nr_str(chan_nr));
|
2015-12-05 10:54:08 +00:00
|
|
|
return 0;
|
2017-06-23 16:57:28 +00:00
|
|
|
}
|
2021-10-25 14:01:58 +00:00
|
|
|
if (lchan->pending_rel_ind_msg) {
|
|
|
|
|
LOGPGT(DRSL, LOGL_INFO, &g_time,
|
|
|
|
|
"%s Forward RLL RELease INDication to the BSC\n",
|
|
|
|
|
gsm_lchan_name(lchan));
|
|
|
|
|
abis_bts_rsl_sendmsg(lchan->pending_rel_ind_msg);
|
|
|
|
|
lchan->pending_rel_ind_msg = NULL;
|
|
|
|
|
}
|
2013-09-01 09:09:20 +00:00
|
|
|
if (L1SAP_IS_LINK_SACCH(link_id)) {
|
|
|
|
|
p = msgb_put(msg, GSM_MACBLOCK_LEN);
|
|
|
|
|
/* L1-header, if not set/modified by layer 1 */
|
2014-08-07 06:32:30 +00:00
|
|
|
p[0] = lchan->ms_power_ctrl.current;
|
2021-10-21 23:17:21 +00:00
|
|
|
if (lchan->rep_acch.ul_sacch_active)
|
2020-11-14 21:32:29 +00:00
|
|
|
p[0] |= 0x40; /* See also: 3GPP TS 44.004, section 7.1 */
|
2021-09-09 14:38:07 +00:00
|
|
|
p[1] = lchan->ta_ctrl.current;
|
2013-09-01 09:09:20 +00:00
|
|
|
le = &lchan->lapdm_ch.lapdm_acch;
|
2021-10-21 23:52:28 +00:00
|
|
|
if (lchan->rep_acch_cap.dl_sacch) {
|
2021-02-15 15:39:04 +00:00
|
|
|
/* Check if MS requests SACCH repetition and update state accordingly */
|
2021-02-11 22:17:59 +00:00
|
|
|
if (lchan->meas.l1_info.srr_sro) {
|
2021-10-21 23:17:21 +00:00
|
|
|
if (lchan->rep_acch.dl_sacch_active == false)
|
2021-02-11 22:17:59 +00:00
|
|
|
LOGPLCHAN(lchan, DL1P, LOGL_DEBUG, "DL-SACCH repetition: inactive => active\n");
|
2021-10-21 23:17:21 +00:00
|
|
|
lchan->rep_acch.dl_sacch_active = true;
|
2021-02-11 22:17:59 +00:00
|
|
|
} else {
|
2021-10-21 23:17:21 +00:00
|
|
|
if (lchan->rep_acch.dl_sacch_active == true)
|
2021-02-11 22:17:59 +00:00
|
|
|
LOGPLCHAN(lchan, DL1P, LOGL_DEBUG, "DL-SACCH repetition: active => inactive\n");
|
2021-10-21 23:17:21 +00:00
|
|
|
lchan->rep_acch.dl_sacch_active = false;
|
2021-02-11 22:17:59 +00:00
|
|
|
}
|
2020-11-11 15:19:18 +00:00
|
|
|
pp_msg = lapdm_phsap_dequeue_msg_sacch(lchan, le);
|
2021-02-15 15:39:04 +00:00
|
|
|
} else {
|
2020-11-11 15:19:18 +00:00
|
|
|
pp_msg = lapdm_phsap_dequeue_msg(le);
|
2021-02-15 15:39:04 +00:00
|
|
|
}
|
2016-10-03 15:37:45 +00:00
|
|
|
} else {
|
|
|
|
|
if (lchan->ts->trx->bts->dtxd)
|
|
|
|
|
dtxd_facch = true;
|
2013-09-01 09:09:20 +00:00
|
|
|
le = &lchan->lapdm_ch.lapdm_dcch;
|
2021-10-21 23:17:21 +00:00
|
|
|
if (lchan->rep_acch.dl_facch_active && lchan->rsl_cmode != RSL_CMOD_SPD_SIGN)
|
2020-11-01 21:22:56 +00:00
|
|
|
pp_msg = lapdm_phsap_dequeue_msg_facch(lchan, le, fn);
|
|
|
|
|
else
|
|
|
|
|
pp_msg = lapdm_phsap_dequeue_msg(le);
|
2016-10-03 15:37:45 +00:00
|
|
|
}
|
2020-11-01 21:22:56 +00:00
|
|
|
if (!pp_msg) {
|
2013-09-01 09:09:20 +00:00
|
|
|
if (L1SAP_IS_LINK_SACCH(link_id)) {
|
|
|
|
|
/* No SACCH data from LAPDM pending, send SACCH filling */
|
|
|
|
|
uint8_t *si = lchan_sacch_get(lchan);
|
|
|
|
|
if (si) {
|
|
|
|
|
/* The +2 is empty space where the DSP inserts the L1 hdr */
|
|
|
|
|
memcpy(p + 2, si, GSM_MACBLOCK_LEN - 2);
|
2018-08-23 11:27:01 +00:00
|
|
|
} else
|
2013-09-01 09:09:20 +00:00
|
|
|
memcpy(p + 2, fill_frame, GSM_MACBLOCK_LEN - 2);
|
2018-08-23 11:27:01 +00:00
|
|
|
} else if (L1SAP_IS_CHAN_SDCCH4(chan_nr) || L1SAP_IS_CHAN_SDCCH8(chan_nr) ||
|
|
|
|
|
(lchan->rsl_cmode == RSL_CMOD_SPD_SIGN && !lchan->ts->trx->bts->dtxd)) {
|
|
|
|
|
/*
|
|
|
|
|
* SDCCH or TCH in signalling mode without DTX.
|
|
|
|
|
*
|
|
|
|
|
* Send fill frame according to GSM 05.08, section 8.3: "On the SDCCH and on the
|
|
|
|
|
* half rate speech traffic channel in signalling only mode DTX is not allowed.
|
|
|
|
|
* In these cases and during signalling on the TCH when DTX is not used, the same
|
|
|
|
|
* L2 fill frame shall be transmitted in case there is nothing else to transmit."
|
|
|
|
|
*/
|
2013-09-01 09:09:20 +00:00
|
|
|
p = msgb_put(msg, GSM_MACBLOCK_LEN);
|
|
|
|
|
memcpy(p, fill_frame, GSM_MACBLOCK_LEN);
|
|
|
|
|
} /* else the message remains empty, so TCH frames are sent */
|
|
|
|
|
} else {
|
|
|
|
|
/* The +2 is empty space where the DSP inserts the L1 hdr */
|
|
|
|
|
if (L1SAP_IS_LINK_SACCH(link_id))
|
2020-11-01 21:22:56 +00:00
|
|
|
memcpy(p + 2, pp_msg->data + 2, GSM_MACBLOCK_LEN - 2);
|
2013-09-01 09:09:20 +00:00
|
|
|
else {
|
|
|
|
|
p = msgb_put(msg, GSM_MACBLOCK_LEN);
|
2020-11-01 21:22:56 +00:00
|
|
|
memcpy(p, pp_msg->data, GSM_MACBLOCK_LEN);
|
2013-09-01 09:09:20 +00:00
|
|
|
/* check if it is a RR CIPH MODE CMD. if yes, enable RX ciphering */
|
2020-11-01 21:22:56 +00:00
|
|
|
check_for_ciph_cmd(pp_msg, lchan, chan_nr);
|
2016-11-04 15:52:35 +00:00
|
|
|
if (dtxd_facch)
|
|
|
|
|
dtx_dispatch(lchan, E_FACCH);
|
2013-09-01 09:09:20 +00:00
|
|
|
}
|
2020-11-01 21:22:56 +00:00
|
|
|
msgb_free(pp_msg);
|
2013-09-01 09:09:20 +00:00
|
|
|
}
|
2013-08-30 06:03:09 +00:00
|
|
|
} else if (L1SAP_IS_CHAN_AGCH_PCH(chan_nr)) {
|
|
|
|
|
p = msgb_put(msg, GSM_MACBLOCK_LEN);
|
2018-08-31 09:24:49 +00:00
|
|
|
is_ag_res = is_ccch_for_agch(trx, fn);
|
|
|
|
|
rc = bts_ccch_copy_msg(trx->bts, p, &g_time, is_ag_res);
|
2018-08-23 11:27:01 +00:00
|
|
|
if (rc <= 0)
|
2013-08-30 06:03:09 +00:00
|
|
|
memcpy(p, fill_frame, GSM_MACBLOCK_LEN);
|
2013-07-29 07:42:23 +00:00
|
|
|
}
|
|
|
|
|
|
2018-10-10 11:43:04 +00:00
|
|
|
DEBUGPGT(DL1P, &g_time, "Tx PH-DATA.req chan_nr=%s link_id=0x%02x\n", rsl_chan_nr_str(chan_nr), link_id);
|
2013-07-29 07:42:23 +00:00
|
|
|
|
|
|
|
|
l1sap_down(trx, l1sap);
|
|
|
|
|
|
|
|
|
|
/* don't free, because we forwarded data */
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2018-02-09 11:08:38 +00:00
|
|
|
static bool rtppayload_is_octet_aligned(const uint8_t *rtp_pl, uint8_t payload_len)
|
|
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* Logic: If 1st bit padding is not zero, packet is either:
|
|
|
|
|
* - bandwidth-efficient AMR payload.
|
|
|
|
|
* - malformed packet.
|
|
|
|
|
* However, Bandwidth-efficient AMR 4,75 frame last in payload(F=0, FT=0)
|
|
|
|
|
* with 4th,5ht,6th AMR payload to 0 matches padding==0.
|
|
|
|
|
* Furthermore, both AMR 4,75 bw-efficient and octet alignment are 14 bytes long (AMR 4,75 encodes 95b):
|
|
|
|
|
* bw-efficient: 95b, + 4b hdr + 6b ToC = 105b, + padding = 112b = 14B.
|
|
|
|
|
* octet-aligned: 1B hdr + 1B ToC + 95b = 111b, + padding = 112b = 14B.
|
|
|
|
|
* We cannot use other fields to match since they are inside the AMR
|
|
|
|
|
* payload bits which are unknown.
|
|
|
|
|
* As a result, this function may return false positive (true) for some AMR
|
|
|
|
|
* 4,75 AMR frames, but given the length, CMR and FT read is the same as a
|
|
|
|
|
* consequence, the damage in here is harmless other than being unable to
|
|
|
|
|
* decode the audio at the other side.
|
|
|
|
|
*/
|
|
|
|
|
#define AMR_PADDING1(rtp_pl) (rtp_pl[0] & 0x0f)
|
|
|
|
|
#define AMR_PADDING2(rtp_pl) (rtp_pl[1] & 0x03)
|
|
|
|
|
|
2022-04-19 01:04:36 +00:00
|
|
|
if (payload_len < 2 || AMR_PADDING1(rtp_pl) || AMR_PADDING2(rtp_pl))
|
2018-02-09 11:08:38 +00:00
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static bool rtppayload_is_valid(struct gsm_lchan *lchan, struct msgb *resp_msg)
|
|
|
|
|
{
|
|
|
|
|
/* Avoid sending bw-efficient AMR to lower layers, most bts models
|
|
|
|
|
* don't support it. */
|
2022-04-19 01:04:36 +00:00
|
|
|
if (lchan->tch_mode == GSM48_CMODE_SPEECH_AMR &&
|
2018-02-09 11:08:38 +00:00
|
|
|
!rtppayload_is_octet_aligned(resp_msg->data, resp_msg->len)) {
|
2019-05-20 23:14:24 +00:00
|
|
|
LOGPLCHAN(lchan, DL1P, LOGL_NOTICE,
|
|
|
|
|
"RTP->L1: Dropping unexpected AMR encoding (bw-efficient?) %s\n",
|
|
|
|
|
osmo_hexdump(resp_msg->data, resp_msg->len));
|
2018-02-09 11:08:38 +00:00
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2019-10-13 17:09:39 +00:00
|
|
|
/* TCH-RTS-IND prim received from bts model */
|
2013-09-01 08:08:15 +00:00
|
|
|
static int l1sap_tch_rts_ind(struct gsm_bts_trx *trx,
|
|
|
|
|
struct osmo_phsap_prim *l1sap, struct ph_tch_param *rts_ind)
|
|
|
|
|
{
|
|
|
|
|
struct msgb *resp_msg;
|
|
|
|
|
struct osmo_phsap_prim *resp_l1sap, empty_l1sap;
|
|
|
|
|
struct gsm_time g_time;
|
|
|
|
|
struct gsm_lchan *lchan;
|
2016-09-17 12:15:03 +00:00
|
|
|
uint8_t chan_nr, marker = 0;
|
2018-02-01 18:28:09 +00:00
|
|
|
uint32_t fn;
|
2013-09-01 08:08:15 +00:00
|
|
|
|
|
|
|
|
chan_nr = rts_ind->chan_nr;
|
|
|
|
|
fn = rts_ind->fn;
|
|
|
|
|
|
|
|
|
|
gsm_fn2gsmtime(&g_time, fn);
|
|
|
|
|
|
2018-10-10 11:43:04 +00:00
|
|
|
DEBUGPGT(DL1P, &g_time, "Rx TCH-RTS.ind chan_nr=%s\n", rsl_chan_nr_str(chan_nr));
|
2013-09-01 08:08:15 +00:00
|
|
|
|
2015-12-05 10:54:08 +00:00
|
|
|
lchan = get_active_lchan_by_chan_nr(trx, chan_nr);
|
2017-06-23 16:57:28 +00:00
|
|
|
if (!lchan) {
|
2018-10-10 11:43:04 +00:00
|
|
|
LOGPGT(DL1P, LOGL_ERROR, &g_time, "No lchan for PH-RTS.ind (chan_nr=%s)\n", rsl_chan_nr_str(chan_nr));
|
2015-12-05 10:54:08 +00:00
|
|
|
return 0;
|
2017-06-23 16:57:28 +00:00
|
|
|
}
|
2013-09-01 08:08:15 +00:00
|
|
|
|
|
|
|
|
if (!lchan->loopback && lchan->abis_ip.rtp_socket) {
|
|
|
|
|
osmo_rtp_socket_poll(lchan->abis_ip.rtp_socket);
|
|
|
|
|
/* FIXME: we _assume_ that we never miss TDMA
|
|
|
|
|
* frames and that we always get to this point
|
|
|
|
|
* for every to-be-transmitted voice frame. A
|
|
|
|
|
* better solution would be to compute
|
|
|
|
|
* rx_user_ts based on how many TDMA frames have
|
|
|
|
|
* elapsed since the last call */
|
|
|
|
|
lchan->abis_ip.rtp_socket->rx_user_ts += GSM_RTP_DURATION;
|
|
|
|
|
}
|
|
|
|
|
/* get a msgb from the dl_tx_queue */
|
2022-08-11 15:37:32 +00:00
|
|
|
resp_msg = msgb_dequeue_count(&lchan->dl_tch_queue, &lchan->dl_tch_queue_len);
|
2013-09-01 08:08:15 +00:00
|
|
|
if (!resp_msg) {
|
2018-02-22 10:44:20 +00:00
|
|
|
DEBUGPGT(DL1P, &g_time, "%s DL TCH Tx queue underrun\n", gsm_lchan_name(lchan));
|
2013-09-01 08:08:15 +00:00
|
|
|
resp_l1sap = &empty_l1sap;
|
2022-04-19 01:04:36 +00:00
|
|
|
} else if (!rtppayload_is_valid(lchan, resp_msg)) {
|
2018-02-09 11:08:38 +00:00
|
|
|
msgb_free(resp_msg);
|
|
|
|
|
resp_msg = NULL;
|
|
|
|
|
resp_l1sap = &empty_l1sap;
|
2013-09-01 08:08:15 +00:00
|
|
|
} else {
|
2016-09-17 12:15:03 +00:00
|
|
|
/* Obtain RTP header Marker bit from control buffer */
|
|
|
|
|
marker = rtpmsg_marker_bit(resp_msg);
|
|
|
|
|
|
2013-09-01 08:08:15 +00:00
|
|
|
resp_msg->l2h = resp_msg->data;
|
|
|
|
|
msgb_push(resp_msg, sizeof(*resp_l1sap));
|
|
|
|
|
resp_msg->l1h = resp_msg->data;
|
|
|
|
|
resp_l1sap = msgb_l1sap_prim(resp_msg);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
memset(resp_l1sap, 0, sizeof(*resp_l1sap));
|
|
|
|
|
osmo_prim_init(&resp_l1sap->oph, SAP_GSM_PH, PRIM_TCH, PRIM_OP_REQUEST,
|
|
|
|
|
resp_msg);
|
|
|
|
|
resp_l1sap->u.tch.chan_nr = chan_nr;
|
|
|
|
|
resp_l1sap->u.tch.fn = fn;
|
2016-09-17 12:15:03 +00:00
|
|
|
resp_l1sap->u.tch.marker = marker;
|
2013-09-01 08:08:15 +00:00
|
|
|
|
2018-10-10 11:43:04 +00:00
|
|
|
DEBUGPGT(DL1P, &g_time, "Tx TCH.req chan_nr=%s\n", rsl_chan_nr_str(chan_nr));
|
2013-09-01 08:08:15 +00:00
|
|
|
|
|
|
|
|
l1sap_down(trx, resp_l1sap);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-27 09:11:19 +00:00
|
|
|
/* process radio link timeout counter S. Follows TS 05.08 Section 5.2
|
|
|
|
|
* "MS Procedure" as the "BSS Procedure [...] shall be determined by the
|
|
|
|
|
* network operator." */
|
2020-08-05 20:55:26 +00:00
|
|
|
static void radio_link_timeout(struct gsm_lchan *lchan, bool bad_frame)
|
2013-09-01 09:09:20 +00:00
|
|
|
{
|
2018-03-17 11:22:40 +00:00
|
|
|
struct gsm_bts *bts = lchan->ts->trx->bts;
|
2013-09-01 09:09:20 +00:00
|
|
|
|
2017-05-27 10:12:39 +00:00
|
|
|
/* Bypass radio link timeout if set to -1 */
|
2020-10-05 15:49:35 +00:00
|
|
|
if (bts->radio_link_timeout.current < 0)
|
2017-05-27 10:12:39 +00:00
|
|
|
return;
|
|
|
|
|
|
2013-09-01 09:09:20 +00:00
|
|
|
/* if link loss criterion already reached */
|
|
|
|
|
if (lchan->s == 0) {
|
2020-08-05 20:52:47 +00:00
|
|
|
LOGPLCHAN(lchan, DMEAS, LOGL_DEBUG,
|
|
|
|
|
"radio link timeout counter S is already 0\n");
|
2013-09-01 09:09:20 +00:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (bad_frame) {
|
2020-08-05 20:52:47 +00:00
|
|
|
LOGPLCHAN(lchan, DMEAS, LOGL_DEBUG,
|
|
|
|
|
"decreasing radio link timeout counter S=%d -> %d\n",
|
|
|
|
|
lchan->s, lchan->s - 1);
|
2020-08-05 20:26:50 +00:00
|
|
|
lchan->s--; /* count down radio link counter S */
|
2019-10-02 15:20:42 +00:00
|
|
|
if (lchan->s == 0) {
|
|
|
|
|
LOGPLCHAN(lchan, DMEAS, LOGL_NOTICE,
|
2020-08-05 20:26:50 +00:00
|
|
|
"radio link timeout counter S reached zero, "
|
|
|
|
|
"dropping connection\n");
|
2013-09-01 09:09:20 +00:00
|
|
|
rsl_tx_conn_fail(lchan, RSL_ERR_RADIO_LINK_FAIL);
|
2019-10-02 15:20:42 +00:00
|
|
|
}
|
2013-09-01 09:09:20 +00:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2020-10-05 15:49:35 +00:00
|
|
|
if (lchan->s < bts->radio_link_timeout.current) {
|
2013-09-01 09:09:20 +00:00
|
|
|
/* count up radio link counter S */
|
2020-08-05 20:26:50 +00:00
|
|
|
int s = lchan->s + 2;
|
2020-10-05 15:49:35 +00:00
|
|
|
if (s > bts->radio_link_timeout.current)
|
|
|
|
|
s = bts->radio_link_timeout.current;
|
2020-08-05 20:52:47 +00:00
|
|
|
LOGPLCHAN(lchan, DMEAS, LOGL_DEBUG,
|
|
|
|
|
"increasing radio link timeout counter S=%d -> %d\n",
|
|
|
|
|
lchan->s, s);
|
2020-08-05 20:26:50 +00:00
|
|
|
lchan->s = s;
|
2013-09-01 09:09:20 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2014-08-27 20:13:18 +00:00
|
|
|
static inline int check_for_first_ciphrd(struct gsm_lchan *lchan,
|
|
|
|
|
uint8_t *data, int len)
|
|
|
|
|
{
|
2018-05-10 15:25:52 +00:00
|
|
|
uint8_t n_r;
|
2014-08-27 20:13:18 +00:00
|
|
|
|
|
|
|
|
/* if this is the first valid message after enabling Rx
|
|
|
|
|
* decryption, we have to enable Tx encryption */
|
|
|
|
|
if (lchan->ciph_state != LCHAN_CIPH_RX_CONF)
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
/* HACK: check if it's an I frame, in order to
|
|
|
|
|
* ignore some still buffered/queued UI frames received
|
|
|
|
|
* before decryption was enabled */
|
|
|
|
|
if (data[0] != 0x01)
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
if ((data[1] & 0x01) != 0)
|
|
|
|
|
return 0;
|
|
|
|
|
|
2018-05-10 15:25:52 +00:00
|
|
|
n_r = data[1] >> 5;
|
|
|
|
|
if (lchan->ciph_ns != n_r)
|
2014-08-27 20:13:18 +00:00
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* public helper for the test */
|
|
|
|
|
int bts_check_for_first_ciphrd(struct gsm_lchan *lchan,
|
|
|
|
|
uint8_t *data, int len)
|
|
|
|
|
{
|
|
|
|
|
return check_for_first_ciphrd(lchan, data, len);
|
|
|
|
|
}
|
|
|
|
|
|
2020-11-14 21:32:29 +00:00
|
|
|
/* Decide if repeated UL-SACCH should be applied or not. If the BER level, of
|
|
|
|
|
* the received SACCH blocks rises above a certain threshold UL-SACCH
|
|
|
|
|
* repetition is enabled */
|
|
|
|
|
static void repeated_ul_sacch_active_decision(struct gsm_lchan *lchan,
|
|
|
|
|
uint16_t ber10k)
|
|
|
|
|
{
|
|
|
|
|
uint16_t upper = 0;
|
|
|
|
|
uint16_t lower = 0;
|
2021-10-21 23:17:21 +00:00
|
|
|
bool prev_repeated_ul_sacch_active = lchan->rep_acch.ul_sacch_active;
|
2020-11-14 21:32:29 +00:00
|
|
|
|
2021-02-11 22:19:55 +00:00
|
|
|
/* This is an optimization so that we exit as quickly as possible if
|
|
|
|
|
* there are no uplink SACCH repetition capabilities present.
|
|
|
|
|
* However If the repeated UL-SACCH capabilities vanish for whatever
|
|
|
|
|
* reason, we must be sure that UL-SACCH repetition is disabled. */
|
2021-10-21 23:52:28 +00:00
|
|
|
if (!lchan->rep_acch_cap.ul_sacch) {
|
2021-10-21 23:17:21 +00:00
|
|
|
lchan->rep_acch.ul_sacch_active = false;
|
2021-02-11 22:17:59 +00:00
|
|
|
goto out;
|
2021-02-11 22:19:55 +00:00
|
|
|
}
|
2020-11-14 21:32:29 +00:00
|
|
|
|
2021-01-04 20:46:00 +00:00
|
|
|
/* Threshold disabled (repetition is always on) */
|
2021-10-21 23:52:28 +00:00
|
|
|
if (lchan->rep_acch_cap.rxqual == 0) {
|
2021-10-21 23:17:21 +00:00
|
|
|
lchan->rep_acch.ul_sacch_active = true;
|
2021-02-11 22:17:59 +00:00
|
|
|
goto out;
|
2021-01-04 20:46:00 +00:00
|
|
|
}
|
|
|
|
|
|
2021-01-12 21:08:53 +00:00
|
|
|
/* convert from RXQUAL value to ber10k value.
|
|
|
|
|
* see also GSM 05.08, section 8.2.4 (first table, without frame */
|
2020-11-14 21:32:29 +00:00
|
|
|
static const uint16_t ber10k_by_rxqual_upper[] =
|
2021-01-12 21:08:53 +00:00
|
|
|
{ 0, 20, 40, 80, 160, 320, 640, 1280 };
|
2020-11-14 21:32:29 +00:00
|
|
|
static const uint16_t ber10k_by_rxqual_lower[] =
|
2021-01-12 21:08:53 +00:00
|
|
|
{ 0, 0, 0, 20, 40, 80, 160, 320 };
|
|
|
|
|
/* Note: The values in the upper vector are taken from the left side
|
|
|
|
|
* of the table in GSM 05.08, section 8.2.4. The lower vector is just
|
|
|
|
|
* the upper vector shifted by 2. */
|
|
|
|
|
|
2021-10-21 23:52:28 +00:00
|
|
|
upper = ber10k_by_rxqual_upper[lchan->rep_acch_cap.rxqual];
|
|
|
|
|
lower = ber10k_by_rxqual_lower[lchan->rep_acch_cap.rxqual];
|
2020-11-14 21:32:29 +00:00
|
|
|
|
|
|
|
|
/* If upper/rxqual == 0, then repeated UL-SACCH is always on */
|
|
|
|
|
if (ber10k >= upper)
|
2021-10-21 23:17:21 +00:00
|
|
|
lchan->rep_acch.ul_sacch_active = true;
|
2020-11-14 21:32:29 +00:00
|
|
|
else if (ber10k <= lower)
|
2021-10-21 23:17:21 +00:00
|
|
|
lchan->rep_acch.ul_sacch_active = false;
|
2021-02-11 22:17:59 +00:00
|
|
|
|
|
|
|
|
out:
|
2021-10-21 23:17:21 +00:00
|
|
|
if (lchan->rep_acch.ul_sacch_active == prev_repeated_ul_sacch_active)
|
2021-02-11 22:17:59 +00:00
|
|
|
return;
|
2021-10-21 23:17:21 +00:00
|
|
|
if (lchan->rep_acch.ul_sacch_active)
|
2021-02-11 22:17:59 +00:00
|
|
|
LOGPLCHAN(lchan, DL1P, LOGL_DEBUG, "UL-SACCH repetition: inactive => active\n");
|
|
|
|
|
else
|
|
|
|
|
LOGPLCHAN(lchan, DL1P, LOGL_DEBUG, "UL-SACCH repetition: active => inactive\n");
|
2020-11-14 21:32:29 +00:00
|
|
|
}
|
|
|
|
|
|
2013-08-30 06:48:38 +00:00
|
|
|
/* DATA received from bts model */
|
|
|
|
|
static int l1sap_ph_data_ind(struct gsm_bts_trx *trx,
|
|
|
|
|
struct osmo_phsap_prim *l1sap, struct ph_data_param *data_ind)
|
|
|
|
|
{
|
|
|
|
|
struct msgb *msg = l1sap->oph.msg;
|
|
|
|
|
struct gsm_time g_time;
|
2013-09-01 09:09:20 +00:00
|
|
|
struct gsm_lchan *lchan;
|
|
|
|
|
struct lapdm_entity *le;
|
2013-08-30 06:48:38 +00:00
|
|
|
uint8_t *data = msg->l2h;
|
|
|
|
|
int len = msgb_l2len(msg);
|
|
|
|
|
uint8_t chan_nr, link_id;
|
2015-12-05 10:54:08 +00:00
|
|
|
uint8_t tn;
|
2013-08-30 06:48:38 +00:00
|
|
|
uint32_t fn;
|
2016-02-18 16:48:07 +00:00
|
|
|
enum osmo_ph_pres_info_type pr_info = data_ind->pdch_presence_info;
|
2013-08-30 06:48:38 +00:00
|
|
|
|
|
|
|
|
chan_nr = data_ind->chan_nr;
|
|
|
|
|
link_id = data_ind->link_id;
|
|
|
|
|
fn = data_ind->fn;
|
|
|
|
|
tn = L1SAP_CHAN2TS(chan_nr);
|
|
|
|
|
|
|
|
|
|
gsm_fn2gsmtime(&g_time, fn);
|
|
|
|
|
|
2018-10-10 11:43:04 +00:00
|
|
|
DEBUGPGT(DL1P, &g_time, "Rx PH-DATA.ind chan_nr=%s link_id=0x%02x len=%d\n",
|
|
|
|
|
rsl_chan_nr_str(chan_nr), link_id, len);
|
2013-08-30 06:48:38 +00:00
|
|
|
|
2016-07-27 13:52:55 +00:00
|
|
|
if (ts_is_pdch(&trx->ts[tn])) {
|
2017-06-23 16:26:24 +00:00
|
|
|
lchan = get_lchan_by_chan_nr(trx, chan_nr);
|
|
|
|
|
if (!lchan)
|
2018-10-10 11:43:04 +00:00
|
|
|
LOGPGT(DL1P, LOGL_ERROR, &g_time, "No lchan for chan_nr=%s\n", rsl_chan_nr_str(chan_nr));
|
2019-10-08 21:48:54 +00:00
|
|
|
if (lchan && lchan->loopback) {
|
2017-06-23 16:26:24 +00:00
|
|
|
/* we are in loopback mode (for BER testing)
|
|
|
|
|
* mode and need to enqeue the frame to be
|
|
|
|
|
* returned in downlink */
|
2022-08-11 15:37:32 +00:00
|
|
|
lchan_dl_tch_queue_enqueue(lchan, msg, 1);
|
2017-06-23 16:26:24 +00:00
|
|
|
|
|
|
|
|
/* Return 1 to signal that we're still using msg
|
|
|
|
|
* and it should not be freed */
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2021-10-27 08:49:59 +00:00
|
|
|
/* There can be no DATA.ind on PTCCH/U (rather RACH.ind instead), but some
|
|
|
|
|
* BTS models with buggy implementation may still be sending them to us. */
|
|
|
|
|
if (L1SAP_IS_PTCCH(fn)) {
|
|
|
|
|
LOGPGT(DL1P, LOGL_NOTICE, &g_time, "There can be no DATA.ind on PTCCH/U. "
|
|
|
|
|
"This is probably a bug of the BTS model you're using, please fix!\n");
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
}
|
|
|
|
|
|
2021-03-05 10:45:46 +00:00
|
|
|
/* Drop all data from incomplete UL block */
|
2019-10-08 21:48:54 +00:00
|
|
|
if (pr_info != PRES_INFO_BOTH)
|
2021-03-05 10:45:46 +00:00
|
|
|
len = 0;
|
2019-10-08 21:48:54 +00:00
|
|
|
|
|
|
|
|
/* PDTCH / PACCH frame handling */
|
|
|
|
|
pcu_tx_data_ind(&trx->ts[tn], PCU_IF_SAPI_PDTCH, fn, trx->arfcn,
|
2021-09-13 09:50:26 +00:00
|
|
|
L1SAP_FN2MACBLOCK(fn), data, len, data_ind->rssi, data_ind->ber10k,
|
2019-10-08 21:48:54 +00:00
|
|
|
data_ind->ta_offs_256bits/64, data_ind->lqual_cb);
|
2013-08-30 06:48:38 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2015-12-05 10:54:08 +00:00
|
|
|
lchan = get_active_lchan_by_chan_nr(trx, chan_nr);
|
2017-06-23 16:57:28 +00:00
|
|
|
if (!lchan) {
|
2018-10-10 11:43:04 +00:00
|
|
|
LOGPGT(DL1P, LOGL_ERROR, &g_time, "No lchan for chan_nr=%s\n", rsl_chan_nr_str(chan_nr));
|
2015-12-05 10:54:08 +00:00
|
|
|
return 0;
|
2017-06-23 16:57:28 +00:00
|
|
|
}
|
2013-09-01 09:09:20 +00:00
|
|
|
|
2021-10-27 10:29:21 +00:00
|
|
|
/* The ph_data_param contained in the l1sap primitive may contain
|
|
|
|
|
* measurement data. If this data is present, forward it for
|
|
|
|
|
* processing */
|
|
|
|
|
if (bts_internal_flag_get(trx->bts, BTS_INTERNAL_FLAG_MEAS_PAYLOAD_COMB))
|
|
|
|
|
process_l1sap_meas_data(lchan, l1sap, PRIM_PH_DATA);
|
|
|
|
|
|
2021-10-29 23:13:29 +00:00
|
|
|
if (L1SAP_IS_LINK_SACCH(link_id)) {
|
2020-11-14 21:32:29 +00:00
|
|
|
repeated_ul_sacch_active_decision(lchan, data_ind->ber10k);
|
|
|
|
|
|
2021-10-29 23:13:29 +00:00
|
|
|
/* Radio Link Timeout counter */
|
|
|
|
|
if (len == 0) {
|
|
|
|
|
LOGPGT(DL1P, LOGL_INFO, &g_time, "%s Lost SACCH block\n",
|
|
|
|
|
gsm_lchan_name(lchan));
|
2020-08-05 20:55:26 +00:00
|
|
|
radio_link_timeout(lchan, true);
|
2021-10-29 23:13:29 +00:00
|
|
|
} else {
|
|
|
|
|
radio_link_timeout(lchan, false);
|
2019-11-22 13:00:19 +00:00
|
|
|
}
|
2021-10-29 23:13:29 +00:00
|
|
|
|
|
|
|
|
/* Trigger the measurement reporting/processing logic */
|
|
|
|
|
lchan_meas_handle_sacch(lchan, msg);
|
2013-09-01 09:09:20 +00:00
|
|
|
}
|
|
|
|
|
|
2021-10-29 23:13:29 +00:00
|
|
|
/* bad frame */
|
|
|
|
|
if (len == 0)
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
2014-04-04 12:11:33 +00:00
|
|
|
/* report first valid received frame to handover process */
|
|
|
|
|
if (lchan->ho.active == HANDOVER_WAIT_FRAME)
|
|
|
|
|
handover_frame(lchan);
|
|
|
|
|
|
2021-10-29 23:13:29 +00:00
|
|
|
if (L1SAP_IS_LINK_SACCH(link_id))
|
2013-09-01 09:09:20 +00:00
|
|
|
le = &lchan->lapdm_ch.lapdm_acch;
|
2021-10-29 23:13:29 +00:00
|
|
|
else
|
2013-09-01 09:09:20 +00:00
|
|
|
le = &lchan->lapdm_ch.lapdm_dcch;
|
|
|
|
|
|
2014-08-27 20:13:18 +00:00
|
|
|
if (check_for_first_ciphrd(lchan, data, len))
|
|
|
|
|
l1sap_tx_ciph_req(lchan->ts->trx, chan_nr, 1, 0);
|
2013-09-01 09:09:20 +00:00
|
|
|
|
|
|
|
|
/* SDCCH, SACCH and FACCH all go to LAPDm */
|
2020-03-08 16:09:29 +00:00
|
|
|
msgb_pull_to_l2(msg);
|
2013-09-01 09:09:20 +00:00
|
|
|
lapdm_phsap_up(&l1sap->oph, le);
|
|
|
|
|
|
|
|
|
|
/* don't free, because we forwarded data */
|
|
|
|
|
return 1;
|
2013-08-30 06:48:38 +00:00
|
|
|
}
|
|
|
|
|
|
2013-09-01 08:08:15 +00:00
|
|
|
/* TCH received from bts model */
|
|
|
|
|
static int l1sap_tch_ind(struct gsm_bts_trx *trx, struct osmo_phsap_prim *l1sap,
|
|
|
|
|
struct ph_tch_param *tch_ind)
|
|
|
|
|
{
|
2018-03-17 11:22:40 +00:00
|
|
|
struct gsm_bts *bts = trx->bts;
|
2013-09-01 08:08:15 +00:00
|
|
|
struct msgb *msg = l1sap->oph.msg;
|
|
|
|
|
struct gsm_time g_time;
|
|
|
|
|
struct gsm_lchan *lchan;
|
2015-12-05 10:54:08 +00:00
|
|
|
uint8_t chan_nr;
|
2013-09-01 08:08:15 +00:00
|
|
|
uint32_t fn;
|
|
|
|
|
|
|
|
|
|
chan_nr = tch_ind->chan_nr;
|
|
|
|
|
fn = tch_ind->fn;
|
|
|
|
|
|
|
|
|
|
gsm_fn2gsmtime(&g_time, fn);
|
|
|
|
|
|
2020-02-12 15:01:42 +00:00
|
|
|
LOGPGT(DL1P, LOGL_DEBUG, &g_time, "Rx TCH.ind chan_nr=%s\n", rsl_chan_nr_str(chan_nr));
|
2013-09-01 08:08:15 +00:00
|
|
|
|
2015-12-05 10:54:08 +00:00
|
|
|
lchan = get_active_lchan_by_chan_nr(trx, chan_nr);
|
2017-06-23 16:57:28 +00:00
|
|
|
if (!lchan) {
|
2018-10-10 11:43:04 +00:00
|
|
|
LOGPGT(DL1P, LOGL_ERROR, &g_time, "No lchan for TCH.ind (chan_nr=%s)\n", rsl_chan_nr_str(chan_nr));
|
2015-12-05 10:54:08 +00:00
|
|
|
return 0;
|
2017-06-23 16:57:28 +00:00
|
|
|
}
|
2015-12-05 10:54:08 +00:00
|
|
|
|
2019-10-31 08:36:17 +00:00
|
|
|
/* The ph_tch_param contained in the l1sap primitive may contain
|
|
|
|
|
* measurement data. If this data is present, forward it for
|
|
|
|
|
* processing */
|
Do not mix public and private BTS features, use libosmocore's API
It was a very bad idea to mix "public" BTS features, that are
reported to the BSC via OML, and those features, that are used
locally (and exclusively) in osmo-bts.
Why? At least because we already have the BTS feature manipulation
API in libosmocore, that is used by osmo-bsc, but for some reason
not by osmo-bts. New features added to libosmocore would clash
with the existing "internal" ones like BTS_FEAT_MS_PWR_CTRL_DSP.
So what this change does can be described as follows:
- remove duplicate definition of the "public" features,
- use libosmocore's API for the "public" features,
- separate both "internal" and "public" features:
- the "public" features continue to live in bitvec,
- the "internal" features become flags,
- s/BTS_FEAT/BTS_INTERNAL_FLAG/g.
Change-Id: Icf792d02323bb73e3b8d46384c7890cb1eb4731e
2020-05-29 17:14:03 +00:00
|
|
|
if (bts_internal_flag_get(trx->bts, BTS_INTERNAL_FLAG_MEAS_PAYLOAD_COMB))
|
2021-10-27 10:29:21 +00:00
|
|
|
process_l1sap_meas_data(lchan, l1sap, PRIM_TCH);
|
2019-10-31 08:36:17 +00:00
|
|
|
|
2020-03-08 16:09:29 +00:00
|
|
|
msgb_pull_to_l2(msg);
|
2013-09-01 08:08:15 +00:00
|
|
|
|
2017-06-28 13:41:04 +00:00
|
|
|
/* Low level layers always call us when TCH content is expected, even if
|
|
|
|
|
* the content is not available due to decoding issues. Content not
|
|
|
|
|
* available is expected as empty payload. We also check if quality is
|
|
|
|
|
* good enough. */
|
Clarify and refactor link quality (C/I) handling
The radio link quality is defined by C/I (Carrier-to-Interference
ratio), which is computed from the training sequence of each
received burst, by comparing the "ideal" training sequence with
the actual (received) one.
Link quality measurements are used by L1SAP to filter out "ghost"
Access Bursts, and by the link quality adaptation algorithms. One
can define minimum link quality values using the VTY interface.
On the VTY interface we expect integer C/I values in centiBels
(cB, 10e-2 B), while the internal structures are using float
values in deciBels (dB, 10e-1 B). Some PHYs (sysmo, octphy,
oc2g, and litecell15) expose C/I measurements in deciBels,
while on the L1SAP interface we finally send then in centiBels.
Let's avoid this confusion and stick to a single format, that
will be used by the internal logic of OsmoBTS - integer values
(int16_t) in centiBels. This will give us the range of:
-32768 .. 32767 centiBels, or
-3276.8 .. 3276.7 deciBels,
which is certainly sufficient.
Change-Id: If624d6fdc0270e6813af8700d95f1345903c8a01
2019-07-07 12:58:48 +00:00
|
|
|
if (msg->len && tch_ind->lqual_cb >= bts->min_qual_norm) {
|
2017-06-28 13:41:04 +00:00
|
|
|
/* hand msg to RTP code for transmission */
|
2022-08-10 14:19:00 +00:00
|
|
|
if (lchan->abis_ip.osmux.use) {
|
|
|
|
|
lchan_osmux_send_frame(lchan, msg->data, msg->len,
|
|
|
|
|
fn_ms_adj(fn, lchan), lchan->rtp_tx_marker);
|
|
|
|
|
} else if (lchan->abis_ip.rtp_socket) {
|
2017-06-28 13:41:04 +00:00
|
|
|
osmo_rtp_send_frame_ext(lchan->abis_ip.rtp_socket,
|
|
|
|
|
msg->data, msg->len, fn_ms_adj(fn, lchan), lchan->rtp_tx_marker);
|
2022-08-10 14:19:00 +00:00
|
|
|
}
|
2017-06-28 13:41:04 +00:00
|
|
|
/* if loopback is enabled, also queue received RTP data */
|
|
|
|
|
if (lchan->loopback) {
|
2022-08-11 15:37:32 +00:00
|
|
|
/* add new frame to queue, make sure the queue doesn't get too long */
|
|
|
|
|
lchan_dl_tch_queue_enqueue(lchan, msg, 1);
|
2017-06-28 13:41:04 +00:00
|
|
|
/* Return 1 to signal that we're still using msg and it should not be freed */
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
/* Only clear the marker bit once we have sent a RTP packet with it */
|
|
|
|
|
lchan->rtp_tx_marker = false;
|
|
|
|
|
} else {
|
2018-02-22 10:44:20 +00:00
|
|
|
DEBUGPGT(DRTP, &g_time, "Skipping RTP frame with lost payload (chan_nr=0x%02x)\n",
|
|
|
|
|
chan_nr);
|
2022-08-10 14:19:00 +00:00
|
|
|
if (lchan->abis_ip.osmux.use)
|
|
|
|
|
lchan_osmux_skipped_frame(lchan, fn_ms_adj(fn, lchan));
|
|
|
|
|
else if (lchan->abis_ip.rtp_socket)
|
2017-06-28 13:41:04 +00:00
|
|
|
osmo_rtp_skipped_frame(lchan->abis_ip.rtp_socket, fn_ms_adj(fn, lchan));
|
|
|
|
|
lchan->rtp_tx_marker = true;
|
2013-09-01 08:08:15 +00:00
|
|
|
}
|
2016-06-13 09:33:43 +00:00
|
|
|
|
2016-06-03 11:29:29 +00:00
|
|
|
lchan->tch.last_fn = fn;
|
2013-09-01 08:08:15 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-05 13:56:20 +00:00
|
|
|
#define RACH_MIN_TOA256 -2 * 256
|
|
|
|
|
|
2019-12-04 15:39:30 +00:00
|
|
|
static bool rach_pass_filter(struct ph_rach_ind_param *rach_ind, struct gsm_bts *bts,
|
|
|
|
|
const char *chan_name)
|
2018-03-05 13:29:47 +00:00
|
|
|
{
|
2018-03-05 13:56:20 +00:00
|
|
|
int16_t toa256 = rach_ind->acc_delay_256bits;
|
|
|
|
|
|
2018-03-05 13:29:47 +00:00
|
|
|
/* Check for RACH exceeding BER threshold (ghost RACH) */
|
2018-03-17 11:22:40 +00:00
|
|
|
if (rach_ind->ber10k > bts->max_ber10k_rach) {
|
2020-01-13 20:45:46 +00:00
|
|
|
LOGPFN(DL1C, LOGL_DEBUG, rach_ind->fn, "Ignoring an Access Burst on %s: "
|
2019-12-04 15:39:30 +00:00
|
|
|
"BER10k(%u) > BER10k_MAX(%u)\n", chan_name,
|
2018-03-17 11:22:40 +00:00
|
|
|
rach_ind->ber10k, bts->max_ber10k_rach);
|
2018-03-05 13:29:47 +00:00
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-05 13:56:20 +00:00
|
|
|
/**
|
|
|
|
|
* Make sure that ToA (Timing of Arrival) is acceptable.
|
|
|
|
|
* We allow early arrival up to 2 symbols, and delay
|
|
|
|
|
* according to maximal allowed Timing Advance value.
|
|
|
|
|
*/
|
2018-03-17 11:22:40 +00:00
|
|
|
if (toa256 < RACH_MIN_TOA256 || toa256 > bts->max_ta * 256) {
|
2020-01-13 20:45:46 +00:00
|
|
|
LOGPFN(DL1C, LOGL_DEBUG, rach_ind->fn, "Ignoring an Access Burst on %s: "
|
2019-12-04 15:39:30 +00:00
|
|
|
"ToA(%d) exceeds the allowed range (%d..%d)\n", chan_name,
|
2018-03-17 11:22:40 +00:00
|
|
|
toa256, RACH_MIN_TOA256, bts->max_ta * 256);
|
2018-03-05 13:29:47 +00:00
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-07 13:00:53 +00:00
|
|
|
/* Link quality defined by C/I (Carrier-to-Interference ratio) */
|
|
|
|
|
if (rach_ind->lqual_cb < bts->min_qual_rach) {
|
2020-01-13 20:45:46 +00:00
|
|
|
LOGPFN(DL1C, LOGL_DEBUG, rach_ind->fn, "Ignoring an Access Burst on %s: "
|
2019-12-04 15:39:30 +00:00
|
|
|
"link quality (%d) below the minimum (%d)\n", chan_name,
|
2019-07-07 13:00:53 +00:00
|
|
|
rach_ind->lqual_cb, bts->min_qual_rach);
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-05 13:29:47 +00:00
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-05 13:43:02 +00:00
|
|
|
/* Special case where handover RACH is detected */
|
2019-10-08 19:50:17 +00:00
|
|
|
static int l1sap_handover_rach(struct gsm_bts_trx *trx, struct ph_rach_ind_param *rach_ind)
|
2018-03-05 13:43:02 +00:00
|
|
|
{
|
|
|
|
|
/* Filter out noise / interference / ghosts */
|
2019-12-04 15:39:30 +00:00
|
|
|
if (!rach_pass_filter(rach_ind, trx->bts, "handover")) {
|
2018-03-05 13:43:02 +00:00
|
|
|
rate_ctr_inc2(trx->bts->ctrs, BTS_CTR_RACH_DROP);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
handover_rach(get_lchan_by_chan_nr(trx, rach_ind->chan_nr),
|
|
|
|
|
rach_ind->ra, rach_ind->acc_delay);
|
|
|
|
|
|
|
|
|
|
/* must return 0, so in case of msg at l1sap, it will be freed */
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2019-10-08 19:53:58 +00:00
|
|
|
/* Special case for Access Bursts on PDTCH/U or PTCCH/U */
|
|
|
|
|
static int l1sap_pdch_rach(struct gsm_bts_trx *trx, struct ph_rach_ind_param *rach_ind)
|
2013-08-30 05:46:30 +00:00
|
|
|
{
|
2019-10-08 19:53:58 +00:00
|
|
|
/* Filter out noise / interference / ghosts */
|
2019-12-04 15:39:30 +00:00
|
|
|
if (!rach_pass_filter(rach_ind, trx->bts, "PDCH"))
|
2019-10-08 19:53:58 +00:00
|
|
|
return -EAGAIN;
|
2018-02-26 10:57:49 +00:00
|
|
|
|
2019-10-08 19:53:58 +00:00
|
|
|
/* PTCCH/U (Packet Timing Advance Control Channel) */
|
|
|
|
|
if (L1SAP_IS_PTCCH(rach_ind->fn)) {
|
scheduler: fix handling of PTCCH/U and PTCCH/D logical channels
According to 3GPP TS 45.010, section 5.6.2, for packet-switched
channels the BTS shall monitor the delay of the Access Bursts
sent by the MS on PTCCH and respond with timing advance values
for all MS performing the procedure on that PDCH.
According to 3GPP TS 45.002, section 3.3.4.2, PTCCH (Packet Timing
advance control channel) is a packet dedicated channel, that is
used for continuous Timing Advance control (mentioned above).
There are two sub-types of that logical channel:
- PTCCH/U (Uplink): used to transmit random Access Bursts
to allow estimation of the Timing Advance for one MS in
packet transfer mode.
- PTCCH/D (Downlink): used by the network to transmit
Timing Advance updates for several MS.
As per 3GPP TS 45.003, section 5.2, the coding scheme used for
PTCCH/U is the same as for PRACH as specified in subclause 5.3,
while the coding scheme used for PTCCH/D is the same as for
CS-1 as specified in subclause 5.1.1.
The way we used to handle both PTCCH/U and PTCCH/D is absolutely
wrong - they have nothing to do with xCCH coding. Instead, we
need to use tx_pdtch_fn() for Downlink and rx_rach_fn() for Uplink.
In l1sap_ph_rach_ind() we need to check if an Access Burst was
received on PTCCH/U and forward it to OsmoPCU with proper SAPI
value (PCU_IF_SAPI_PTCCH). To be able to specify a SAPI, a new
parameter is introduced to pcu_tx_rach_ind().
Change-Id: I232e5f514fbad2c51daaa59ff516004aba97c8a3
Related: OS#4102
2019-10-02 16:00:54 +00:00
|
|
|
LOGPFN(DL1P, LOGL_DEBUG, rach_ind->fn,
|
|
|
|
|
/* TODO: calculate and print Timing Advance Index */
|
|
|
|
|
"Access Burst for continuous Timing Advance control (toa256=%d)\n",
|
|
|
|
|
rach_ind->acc_delay_256bits);
|
|
|
|
|
|
|
|
|
|
/* QTA: Timing Advance in units of 1/4 of a symbol */
|
pcuif_proto.h: extend RACH.ind with TRX and timeslot number fields
Since there can be multiple PDCH channels configured on different
timeslots, different TRXes, and BTSes, the PTCCH/U handling code
in OsmoPCU needs to know the exact origin of a given RACH.ind.
Otherwise, it is not known which subscriber originated a given
PTCCH/U indication, and hence it is impossible to send PTCCH/D
Timing Advance notification properly.
Fortunately, we can extend the RACH.ind message without even
bumping the protocol version, because every single PDU has a
fixed size defined by the largest message - INFO.ind. In case
if the actual message payload is smaller, the rest is filled
with a constant padding byte (0x00).
Older versions of OsmoPCU will consider the new fields as padding,
while the messages from older OsmoBTS versions will always have
both fields set to 0x00. Since C0/TS0 cannot be configured to
PDCH, this can be easily detected on the other end.
Change-Id: Iff38934a108b6b1cd298669834263a7d5296c3f6
Related: OS#4102, OS#1545
2019-11-16 18:30:33 +00:00
|
|
|
pcu_tx_rach_ind(trx->bts->nr, trx->nr, rach_ind->chan_nr & 0x07,
|
|
|
|
|
rach_ind->acc_delay_256bits >> 6,
|
scheduler: fix handling of PTCCH/U and PTCCH/D logical channels
According to 3GPP TS 45.010, section 5.6.2, for packet-switched
channels the BTS shall monitor the delay of the Access Bursts
sent by the MS on PTCCH and respond with timing advance values
for all MS performing the procedure on that PDCH.
According to 3GPP TS 45.002, section 3.3.4.2, PTCCH (Packet Timing
advance control channel) is a packet dedicated channel, that is
used for continuous Timing Advance control (mentioned above).
There are two sub-types of that logical channel:
- PTCCH/U (Uplink): used to transmit random Access Bursts
to allow estimation of the Timing Advance for one MS in
packet transfer mode.
- PTCCH/D (Downlink): used by the network to transmit
Timing Advance updates for several MS.
As per 3GPP TS 45.003, section 5.2, the coding scheme used for
PTCCH/U is the same as for PRACH as specified in subclause 5.3,
while the coding scheme used for PTCCH/D is the same as for
CS-1 as specified in subclause 5.1.1.
The way we used to handle both PTCCH/U and PTCCH/D is absolutely
wrong - they have nothing to do with xCCH coding. Instead, we
need to use tx_pdtch_fn() for Downlink and rx_rach_fn() for Uplink.
In l1sap_ph_rach_ind() we need to check if an Access Burst was
received on PTCCH/U and forward it to OsmoPCU with proper SAPI
value (PCU_IF_SAPI_PTCCH). To be able to specify a SAPI, a new
parameter is introduced to pcu_tx_rach_ind().
Change-Id: I232e5f514fbad2c51daaa59ff516004aba97c8a3
Related: OS#4102
2019-10-02 16:00:54 +00:00
|
|
|
rach_ind->ra, rach_ind->fn, rach_ind->is_11bit,
|
|
|
|
|
rach_ind->burst_type, PCU_IF_SAPI_PTCCH);
|
|
|
|
|
return 0;
|
2019-10-08 19:53:58 +00:00
|
|
|
} else { /* The MS may acknowledge DL data by 4 consequent Access Bursts */
|
|
|
|
|
LOGPFN(DL1P, LOGL_NOTICE, rach_ind->fn,
|
|
|
|
|
"Access Bursts on PDTCH/U are not (yet) supported\n");
|
|
|
|
|
return -ENOTSUP;
|
scheduler: fix handling of PTCCH/U and PTCCH/D logical channels
According to 3GPP TS 45.010, section 5.6.2, for packet-switched
channels the BTS shall monitor the delay of the Access Bursts
sent by the MS on PTCCH and respond with timing advance values
for all MS performing the procedure on that PDCH.
According to 3GPP TS 45.002, section 3.3.4.2, PTCCH (Packet Timing
advance control channel) is a packet dedicated channel, that is
used for continuous Timing Advance control (mentioned above).
There are two sub-types of that logical channel:
- PTCCH/U (Uplink): used to transmit random Access Bursts
to allow estimation of the Timing Advance for one MS in
packet transfer mode.
- PTCCH/D (Downlink): used by the network to transmit
Timing Advance updates for several MS.
As per 3GPP TS 45.003, section 5.2, the coding scheme used for
PTCCH/U is the same as for PRACH as specified in subclause 5.3,
while the coding scheme used for PTCCH/D is the same as for
CS-1 as specified in subclause 5.1.1.
The way we used to handle both PTCCH/U and PTCCH/D is absolutely
wrong - they have nothing to do with xCCH coding. Instead, we
need to use tx_pdtch_fn() for Downlink and rx_rach_fn() for Uplink.
In l1sap_ph_rach_ind() we need to check if an Access Burst was
received on PTCCH/U and forward it to OsmoPCU with proper SAPI
value (PCU_IF_SAPI_PTCCH). To be able to specify a SAPI, a new
parameter is introduced to pcu_tx_rach_ind().
Change-Id: I232e5f514fbad2c51daaa59ff516004aba97c8a3
Related: OS#4102
2019-10-02 16:00:54 +00:00
|
|
|
}
|
2019-10-08 19:53:58 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* RACH received from bts model */
|
|
|
|
|
static int l1sap_ph_rach_ind(struct gsm_bts_trx *trx,
|
|
|
|
|
struct osmo_phsap_prim *l1sap, struct ph_rach_ind_param *rach_ind)
|
|
|
|
|
{
|
|
|
|
|
struct gsm_bts *bts = trx->bts;
|
|
|
|
|
struct lapdm_channel *lc;
|
|
|
|
|
|
|
|
|
|
DEBUGPFN(DL1P, rach_ind->fn, "Rx PH-RA.ind\n");
|
scheduler: fix handling of PTCCH/U and PTCCH/D logical channels
According to 3GPP TS 45.010, section 5.6.2, for packet-switched
channels the BTS shall monitor the delay of the Access Bursts
sent by the MS on PTCCH and respond with timing advance values
for all MS performing the procedure on that PDCH.
According to 3GPP TS 45.002, section 3.3.4.2, PTCCH (Packet Timing
advance control channel) is a packet dedicated channel, that is
used for continuous Timing Advance control (mentioned above).
There are two sub-types of that logical channel:
- PTCCH/U (Uplink): used to transmit random Access Bursts
to allow estimation of the Timing Advance for one MS in
packet transfer mode.
- PTCCH/D (Downlink): used by the network to transmit
Timing Advance updates for several MS.
As per 3GPP TS 45.003, section 5.2, the coding scheme used for
PTCCH/U is the same as for PRACH as specified in subclause 5.3,
while the coding scheme used for PTCCH/D is the same as for
CS-1 as specified in subclause 5.1.1.
The way we used to handle both PTCCH/U and PTCCH/D is absolutely
wrong - they have nothing to do with xCCH coding. Instead, we
need to use tx_pdtch_fn() for Downlink and rx_rach_fn() for Uplink.
In l1sap_ph_rach_ind() we need to check if an Access Burst was
received on PTCCH/U and forward it to OsmoPCU with proper SAPI
value (PCU_IF_SAPI_PTCCH). To be able to specify a SAPI, a new
parameter is introduced to pcu_tx_rach_ind().
Change-Id: I232e5f514fbad2c51daaa59ff516004aba97c8a3
Related: OS#4102
2019-10-02 16:00:54 +00:00
|
|
|
|
2019-10-08 19:53:58 +00:00
|
|
|
/* Check the origin of an Access Burst */
|
|
|
|
|
switch (rach_ind->chan_nr & 0xf8) {
|
|
|
|
|
case RSL_CHAN_RACH:
|
|
|
|
|
/* CS or PS RACH, to be handled in this function */
|
|
|
|
|
break;
|
|
|
|
|
case RSL_CHAN_OSMO_PDCH:
|
|
|
|
|
/* TODO: do we need to count Access Bursts on PDCH? */
|
|
|
|
|
return l1sap_pdch_rach(trx, rach_ind);
|
|
|
|
|
default:
|
2018-02-26 10:57:49 +00:00
|
|
|
rate_ctr_inc2(trx->bts->ctrs, BTS_CTR_RACH_HO);
|
2019-10-08 19:50:17 +00:00
|
|
|
return l1sap_handover_rach(trx, rach_ind);
|
2018-02-26 10:57:49 +00:00
|
|
|
}
|
|
|
|
|
|
2018-02-24 11:36:52 +00:00
|
|
|
rate_ctr_inc2(trx->bts->ctrs, BTS_CTR_RACH_RCVD);
|
2013-08-30 05:46:30 +00:00
|
|
|
|
2018-02-26 10:57:49 +00:00
|
|
|
/* increment number of busy RACH slots, if required */
|
2018-03-17 11:22:40 +00:00
|
|
|
if (rach_ind->rssi >= bts->load.rach.busy_thresh)
|
|
|
|
|
bts->load.rach.busy++;
|
2018-02-26 10:57:49 +00:00
|
|
|
|
2018-03-05 13:29:47 +00:00
|
|
|
/* Filter out noise / interference / ghosts */
|
2019-12-04 15:39:30 +00:00
|
|
|
if (!rach_pass_filter(rach_ind, bts, "CCCH")) {
|
2018-02-26 07:49:59 +00:00
|
|
|
rate_ctr_inc2(trx->bts->ctrs, BTS_CTR_RACH_DROP);
|
2013-08-30 05:46:30 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-05 13:03:06 +00:00
|
|
|
/* increment number of RACH slots with valid non-handover RACH burst */
|
2018-03-17 11:22:40 +00:00
|
|
|
bts->load.rach.access++;
|
2018-03-05 13:03:06 +00:00
|
|
|
|
|
|
|
|
lc = &trx->ts[0].lchan[CCCH_LCHAN].lapdm_ch;
|
|
|
|
|
|
2017-03-07 16:30:35 +00:00
|
|
|
/* According to 3GPP TS 48.058 § 9.3.17 Access Delay is expressed same way as TA (number of symbols) */
|
2018-03-05 13:29:47 +00:00
|
|
|
set_ms_to_data(get_lchan_by_chan_nr(trx, rach_ind->chan_nr),
|
|
|
|
|
rach_ind->acc_delay, false);
|
2017-03-07 16:30:35 +00:00
|
|
|
|
2013-08-30 05:46:30 +00:00
|
|
|
/* check for packet access */
|
2016-08-17 10:57:31 +00:00
|
|
|
if ((trx == bts->c0 && L1SAP_IS_PACKET_RACH(rach_ind->ra)) ||
|
|
|
|
|
(trx == bts->c0 && rach_ind->is_11bit)) {
|
2018-02-26 07:49:59 +00:00
|
|
|
rate_ctr_inc2(trx->bts->ctrs, BTS_CTR_RACH_PS);
|
2016-08-17 10:57:31 +00:00
|
|
|
|
2018-02-22 10:44:20 +00:00
|
|
|
LOGPFN(DL1P, LOGL_INFO, rach_ind->fn, "RACH for packet access (toa=%d, ra=%d)\n",
|
2017-03-02 12:50:19 +00:00
|
|
|
rach_ind->acc_delay, rach_ind->ra);
|
|
|
|
|
|
2019-10-02 16:22:19 +00:00
|
|
|
/* QTA: Timing Advance in units of 1/4 of a symbol */
|
pcuif_proto.h: extend RACH.ind with TRX and timeslot number fields
Since there can be multiple PDCH channels configured on different
timeslots, different TRXes, and BTSes, the PTCCH/U handling code
in OsmoPCU needs to know the exact origin of a given RACH.ind.
Otherwise, it is not known which subscriber originated a given
PTCCH/U indication, and hence it is impossible to send PTCCH/D
Timing Advance notification properly.
Fortunately, we can extend the RACH.ind message without even
bumping the protocol version, because every single PDU has a
fixed size defined by the largest message - INFO.ind. In case
if the actual message payload is smaller, the rest is filled
with a constant padding byte (0x00).
Older versions of OsmoPCU will consider the new fields as padding,
while the messages from older OsmoBTS versions will always have
both fields set to 0x00. Since C0/TS0 cannot be configured to
PDCH, this can be easily detected on the other end.
Change-Id: Iff38934a108b6b1cd298669834263a7d5296c3f6
Related: OS#4102, OS#1545
2019-11-16 18:30:33 +00:00
|
|
|
pcu_tx_rach_ind(bts->nr, trx->nr, rach_ind->chan_nr & 0x07,
|
|
|
|
|
rach_ind->acc_delay_256bits >> 6,
|
scheduler: fix handling of PTCCH/U and PTCCH/D logical channels
According to 3GPP TS 45.010, section 5.6.2, for packet-switched
channels the BTS shall monitor the delay of the Access Bursts
sent by the MS on PTCCH and respond with timing advance values
for all MS performing the procedure on that PDCH.
According to 3GPP TS 45.002, section 3.3.4.2, PTCCH (Packet Timing
advance control channel) is a packet dedicated channel, that is
used for continuous Timing Advance control (mentioned above).
There are two sub-types of that logical channel:
- PTCCH/U (Uplink): used to transmit random Access Bursts
to allow estimation of the Timing Advance for one MS in
packet transfer mode.
- PTCCH/D (Downlink): used by the network to transmit
Timing Advance updates for several MS.
As per 3GPP TS 45.003, section 5.2, the coding scheme used for
PTCCH/U is the same as for PRACH as specified in subclause 5.3,
while the coding scheme used for PTCCH/D is the same as for
CS-1 as specified in subclause 5.1.1.
The way we used to handle both PTCCH/U and PTCCH/D is absolutely
wrong - they have nothing to do with xCCH coding. Instead, we
need to use tx_pdtch_fn() for Downlink and rx_rach_fn() for Uplink.
In l1sap_ph_rach_ind() we need to check if an Access Burst was
received on PTCCH/U and forward it to OsmoPCU with proper SAPI
value (PCU_IF_SAPI_PTCCH). To be able to specify a SAPI, a new
parameter is introduced to pcu_tx_rach_ind().
Change-Id: I232e5f514fbad2c51daaa59ff516004aba97c8a3
Related: OS#4102
2019-10-02 16:00:54 +00:00
|
|
|
rach_ind->ra, rach_ind->fn, rach_ind->is_11bit,
|
|
|
|
|
rach_ind->burst_type, PCU_IF_SAPI_RACH);
|
2013-08-30 05:46:30 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2018-02-22 10:44:20 +00:00
|
|
|
LOGPFN(DL1P, LOGL_INFO, rach_ind->fn, "RACH for RR access (toa=%d, ra=%d)\n",
|
2013-08-30 05:46:30 +00:00
|
|
|
rach_ind->acc_delay, rach_ind->ra);
|
2018-02-26 07:49:59 +00:00
|
|
|
rate_ctr_inc2(trx->bts->ctrs, BTS_CTR_RACH_CS);
|
2013-08-30 05:46:30 +00:00
|
|
|
lapdm_phsap_up(&l1sap->oph, &lc->lapdm_dcch);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
l1sap: Avoid assumption that l1sap is at head of msgb
This assumption used while sending the rx data to gsmtap in l1sap_up was
making osmo-bts-virtual crash, since that bts model is allocating the
l1sap in the stack rather than inside the msgb.
Instead, let's use the assumption that l2h is set correctly in msgb by
the bts model lower layer.
crash report:
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff6234ec3 in __memmove_sse2_unaligned_erms () from /usr/lib/libc.so.6
(gdb) bt
0 0x00007ffff6234ec3 in __memmove_sse2_unaligned_erms () from /usr/lib/libc.so.6
1 0x00007ffff6dbf4c8 in gsmtap_makemsg_ex (type=<optimized out>, arfcn=arfcn@entry=17255, ts=ts@entry=6 '\006',
chan_type=<optimized out>, ss=ss@entry=0 '\000', fn=fn@entry=11249, signal_dbm=0 '\000', snr=0 '\000',
data=0x5555557d5b50 "", len=4294967263) at libosmocore/src/gsmtap_util.c:179
2 0x00007ffff6dbf6d8 in gsmtap_send_ex (gti=0x555555877f10, type=type@entry=1 '\001', arfcn=arfcn@entry=17255,
ts=ts@entry=6 '\006', chan_type=<optimized out>, ss=<optimized out>, fn=11249, signal_dbm=0 '\000', snr=0 '\000',
data=0x5555557d5b50 "", len=4294967263) at libosmocore/src/gsmtap_util.c:311
3 0x00007ffff6dbf765 in gsmtap_send (gti=<optimized out>, arfcn=arfcn@entry=17255, ts=ts@entry=6 '\006',
chan_type=<optimized out>, ss=<optimized out>, fn=fn@entry=11249, signal_dbm=0 '\000', snr=0 '\000',
data=0x5555557d5b50 "", len=4294967263) at libosmocore/src/gsmtap_util.c:330
4 0x0000555555573571 in to_gsmtap (trx=0x7ffff7ef8070, l1sap=0x7fffffffde80)
at osmo-bts/src/common/l1sap.c:397
5 0x0000555555573b9c in l1sap_up (trx=0x7ffff7ef8070, l1sap=l1sap@entry=0x7fffffffde80)
at osmo-bts/src/common/l1sap.c:1285
6 0x000055555555ec06 in virt_um_rcv_cb (vui=<optimized out>, msg=<optimized out>)
at osmo-bts/src/osmo-bts-virtual/l1_if.c:170
7 0x000055555555f5c6 in virt_um_fd_cb (ofd=0x55555587cc30, what=<optimized out>)
at osmo-bts/src/osmo-bts-virtual/virtual_um.c:50
8 0x00007ffff6db6991 in osmo_fd_disp_fds (_eset=0x7fffffffe090, _wset=0x7fffffffe010, _rset=0x7fffffffdf90)
at libosmocore/src/select.c:216
9 osmo_select_main (polling=polling@entry=0) at libosmocore/src/select.c:256
10 0x0000555555576fbc in bts_main (argc=5, argv=0x7fffffffe288)
at osmo-bts/src/common/main.c:364
11 0x00007ffff61b5f4a in __libc_start_main () from /usr/lib/libc.so.6
12 0x000055555555c4ca in _start ()
In the old code when the sizeof(osmo_phsap_prim) was being substracted
it resulted on a negative len which later was casted to unsigned int and
became a really big number.
Fixes: OS#3092
Change-Id: I51a880328497673a06d153bfb76c428265b8cbb8
2018-03-21 18:51:46 +00:00
|
|
|
/* Process any L1 prim received from bts model.
|
|
|
|
|
*
|
|
|
|
|
* This function takes ownership of the msgb.
|
|
|
|
|
* If l1sap contains a msgb, it assumes that msgb->l2h was set by lower layer.
|
|
|
|
|
*/
|
2013-07-29 07:42:23 +00:00
|
|
|
int l1sap_up(struct gsm_bts_trx *trx, struct osmo_phsap_prim *l1sap)
|
|
|
|
|
{
|
|
|
|
|
struct msgb *msg = l1sap->oph.msg;
|
|
|
|
|
int rc = 0;
|
|
|
|
|
|
|
|
|
|
switch (OSMO_PRIM_HDR(&l1sap->oph)) {
|
2013-08-31 17:49:12 +00:00
|
|
|
case OSMO_PRIM(PRIM_MPH_INFO, PRIM_OP_INDICATION):
|
|
|
|
|
rc = l1sap_mph_info_ind(trx, l1sap, &l1sap->u.info);
|
|
|
|
|
break;
|
2013-09-01 07:19:45 +00:00
|
|
|
case OSMO_PRIM(PRIM_MPH_INFO, PRIM_OP_CONFIRM):
|
|
|
|
|
rc = l1sap_mph_info_cnf(trx, l1sap, &l1sap->u.info);
|
|
|
|
|
break;
|
2013-07-29 07:42:23 +00:00
|
|
|
case OSMO_PRIM(PRIM_PH_RTS, PRIM_OP_INDICATION):
|
|
|
|
|
rc = l1sap_ph_rts_ind(trx, l1sap, &l1sap->u.data);
|
|
|
|
|
break;
|
2013-09-01 08:08:15 +00:00
|
|
|
case OSMO_PRIM(PRIM_TCH_RTS, PRIM_OP_INDICATION):
|
|
|
|
|
rc = l1sap_tch_rts_ind(trx, l1sap, &l1sap->u.tch);
|
|
|
|
|
break;
|
2013-08-30 06:48:38 +00:00
|
|
|
case OSMO_PRIM(PRIM_PH_DATA, PRIM_OP_INDICATION):
|
2013-07-29 07:45:22 +00:00
|
|
|
to_gsmtap(trx, l1sap);
|
2013-08-30 06:48:38 +00:00
|
|
|
rc = l1sap_ph_data_ind(trx, l1sap, &l1sap->u.data);
|
|
|
|
|
break;
|
2013-09-01 08:08:15 +00:00
|
|
|
case OSMO_PRIM(PRIM_TCH, PRIM_OP_INDICATION):
|
|
|
|
|
rc = l1sap_tch_ind(trx, l1sap, &l1sap->u.tch);
|
|
|
|
|
break;
|
2013-08-30 05:46:30 +00:00
|
|
|
case OSMO_PRIM(PRIM_PH_RACH, PRIM_OP_INDICATION):
|
2013-07-29 07:45:22 +00:00
|
|
|
to_gsmtap(trx, l1sap);
|
2013-08-30 05:46:30 +00:00
|
|
|
rc = l1sap_ph_rach_ind(trx, l1sap, &l1sap->u.rach_ind);
|
|
|
|
|
break;
|
2013-07-29 07:42:23 +00:00
|
|
|
default:
|
|
|
|
|
LOGP(DL1P, LOGL_NOTICE, "unknown prim %d op %d\n",
|
|
|
|
|
l1sap->oph.primitive, l1sap->oph.operation);
|
2019-05-25 08:19:00 +00:00
|
|
|
oml_tx_failure_event_rep(&trx->mo, NM_SEVER_MAJOR, OSMO_EVT_MAJ_UKWN_MSG,
|
2019-03-15 11:08:05 +00:00
|
|
|
"unknown prim %d op %d",
|
|
|
|
|
l1sap->oph.primitive,
|
|
|
|
|
l1sap->oph.operation);
|
2013-07-29 07:42:23 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Special return value '1' means: do not free */
|
|
|
|
|
if (rc != 1)
|
|
|
|
|
msgb_free(msg);
|
|
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* any L1 prim sent to bts model */
|
|
|
|
|
static int l1sap_down(struct gsm_bts_trx *trx, struct osmo_phsap_prim *l1sap)
|
|
|
|
|
{
|
2019-09-25 08:39:40 +00:00
|
|
|
l1sap_log_ctx_sapi = get_common_sapi_by_trx_prim(trx, l1sap);
|
|
|
|
|
log_set_context(LOG_CTX_L1_SAPI, &l1sap_log_ctx_sapi);
|
|
|
|
|
|
2013-07-29 07:45:22 +00:00
|
|
|
if (OSMO_PRIM_HDR(&l1sap->oph) ==
|
|
|
|
|
OSMO_PRIM(PRIM_PH_DATA, PRIM_OP_REQUEST))
|
|
|
|
|
to_gsmtap(trx, l1sap);
|
|
|
|
|
|
2013-07-29 07:42:23 +00:00
|
|
|
return bts_model_l1sap_down(trx, l1sap);
|
|
|
|
|
}
|
|
|
|
|
|
2013-08-30 06:48:38 +00:00
|
|
|
/* pcu (socket interface) sends us a data request primitive */
|
|
|
|
|
int l1sap_pdch_req(struct gsm_bts_trx_ts *ts, int is_ptcch, uint32_t fn,
|
2019-03-18 11:06:57 +00:00
|
|
|
uint16_t arfcn, uint8_t block_nr, const uint8_t *data, uint8_t len)
|
2013-08-30 06:48:38 +00:00
|
|
|
{
|
|
|
|
|
struct msgb *msg;
|
|
|
|
|
struct osmo_phsap_prim *l1sap;
|
|
|
|
|
struct gsm_time g_time;
|
|
|
|
|
|
|
|
|
|
gsm_fn2gsmtime(&g_time, fn);
|
|
|
|
|
|
2017-06-30 16:57:02 +00:00
|
|
|
DEBUGP(DL1P, "TX packet data %s is_ptcch=%d trx=%d ts=%d "
|
|
|
|
|
"block_nr=%d, arfcn=%d, len=%d\n", osmo_dump_gsmtime(&g_time),
|
|
|
|
|
is_ptcch, ts->trx->nr, ts->nr, block_nr, arfcn, len);
|
2013-08-30 06:48:38 +00:00
|
|
|
|
|
|
|
|
msg = l1sap_msgb_alloc(len);
|
|
|
|
|
l1sap = msgb_l1sap_prim(msg);
|
|
|
|
|
osmo_prim_init(&l1sap->oph, SAP_GSM_PH, PRIM_PH_DATA, PRIM_OP_REQUEST,
|
|
|
|
|
msg);
|
2017-07-30 14:55:00 +00:00
|
|
|
l1sap->u.data.chan_nr = RSL_CHAN_OSMO_PDCH | ts->nr;
|
2013-08-30 06:48:38 +00:00
|
|
|
l1sap->u.data.link_id = 0x00;
|
|
|
|
|
l1sap->u.data.fn = fn;
|
2021-09-22 11:30:39 +00:00
|
|
|
if (len) {
|
|
|
|
|
msg->l2h = msgb_put(msg, len);
|
|
|
|
|
memcpy(msg->l2h, data, len);
|
|
|
|
|
} else {
|
|
|
|
|
msg->l2h = NULL; /* Idle block */
|
|
|
|
|
}
|
2013-08-30 06:48:38 +00:00
|
|
|
|
|
|
|
|
return l1sap_down(ts->trx, l1sap);
|
|
|
|
|
}
|
2013-09-01 07:19:45 +00:00
|
|
|
|
2013-09-01 08:08:15 +00:00
|
|
|
/*! \brief call-back function for incoming RTP */
|
|
|
|
|
void l1sap_rtp_rx_cb(struct osmo_rtp_socket *rs, const uint8_t *rtp_pl,
|
2016-10-21 17:53:34 +00:00
|
|
|
unsigned int rtp_pl_len, uint16_t seq_number,
|
|
|
|
|
uint32_t timestamp, bool marker)
|
2013-09-01 08:08:15 +00:00
|
|
|
{
|
|
|
|
|
struct gsm_lchan *lchan = rs->priv;
|
2017-06-23 19:08:09 +00:00
|
|
|
struct msgb *msg;
|
2013-09-01 08:08:15 +00:00
|
|
|
struct osmo_phsap_prim *l1sap;
|
|
|
|
|
|
2017-06-23 22:36:54 +00:00
|
|
|
/* if we're in loopback mode, we don't accept frames from the
|
|
|
|
|
* RTP socket anymore */
|
|
|
|
|
if (lchan->loopback)
|
|
|
|
|
return;
|
|
|
|
|
|
2013-09-01 08:08:15 +00:00
|
|
|
msg = l1sap_msgb_alloc(rtp_pl_len);
|
|
|
|
|
if (!msg)
|
|
|
|
|
return;
|
|
|
|
|
memcpy(msgb_put(msg, rtp_pl_len), rtp_pl, rtp_pl_len);
|
|
|
|
|
msgb_pull(msg, sizeof(*l1sap));
|
|
|
|
|
|
2016-09-17 12:15:03 +00:00
|
|
|
/* Store RTP header Marker bit in control buffer */
|
|
|
|
|
rtpmsg_marker_bit(msg) = marker;
|
2016-11-28 16:27:05 +00:00
|
|
|
/* Store RTP header Sequence Number in control buffer */
|
|
|
|
|
rtpmsg_seq(msg) = seq_number;
|
|
|
|
|
/* Store RTP header Timestamp in control buffer */
|
|
|
|
|
rtpmsg_ts(msg) = timestamp;
|
2013-09-01 08:08:15 +00:00
|
|
|
|
2016-11-28 16:27:05 +00:00
|
|
|
/* make sure the queue doesn't get too long */
|
2022-08-11 15:37:32 +00:00
|
|
|
lchan_dl_tch_queue_enqueue(lchan, msg, 1);
|
2013-09-01 08:08:15 +00:00
|
|
|
}
|
|
|
|
|
|
2013-09-01 07:19:45 +00:00
|
|
|
static int l1sap_chan_act_dact_modify(struct gsm_bts_trx *trx, uint8_t chan_nr,
|
|
|
|
|
enum osmo_mph_info_type type, uint8_t sacch_only)
|
|
|
|
|
{
|
|
|
|
|
struct osmo_phsap_prim l1sap;
|
|
|
|
|
|
|
|
|
|
memset(&l1sap, 0, sizeof(l1sap));
|
|
|
|
|
osmo_prim_init(&l1sap.oph, SAP_GSM_PH, PRIM_MPH_INFO, PRIM_OP_REQUEST,
|
|
|
|
|
NULL);
|
|
|
|
|
l1sap.u.info.type = type;
|
|
|
|
|
l1sap.u.info.u.act_req.chan_nr = chan_nr;
|
|
|
|
|
l1sap.u.info.u.act_req.sacch_only = sacch_only;
|
|
|
|
|
|
|
|
|
|
return l1sap_down(trx, &l1sap);
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-11 03:01:19 +00:00
|
|
|
int l1sap_chan_act(struct gsm_bts_trx *trx, uint8_t chan_nr)
|
2013-09-01 07:19:45 +00:00
|
|
|
{
|
2015-12-05 10:54:08 +00:00
|
|
|
struct gsm_lchan *lchan = get_lchan_by_chan_nr(trx, chan_nr);
|
2013-09-01 07:19:45 +00:00
|
|
|
int rc;
|
|
|
|
|
|
2021-10-26 16:00:17 +00:00
|
|
|
if (lchan->state == LCHAN_S_ACTIVE) {
|
|
|
|
|
LOGPLCHAN(lchan, DL1C, LOGL_ERROR, "Trying to activate already active channel %s\n",
|
|
|
|
|
rsl_chan_nr_str(chan_nr));
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2021-09-25 06:01:45 +00:00
|
|
|
LOGPLCHAN(lchan, DL1C, LOGL_INFO, "Activating channel %s\n", rsl_chan_nr_str(chan_nr));
|
2013-09-01 07:19:45 +00:00
|
|
|
|
2021-04-07 01:53:56 +00:00
|
|
|
lchan->s = trx->bts->radio_link_timeout.current;
|
2013-09-01 07:19:45 +00:00
|
|
|
|
|
|
|
|
rc = l1sap_chan_act_dact_modify(trx, chan_nr, PRIM_INFO_ACTIVATE, 0);
|
|
|
|
|
if (rc)
|
|
|
|
|
return -RSL_ERR_EQUIPMENT_FAIL;
|
2016-10-03 15:37:45 +00:00
|
|
|
|
|
|
|
|
/* Init DTX DL FSM if necessary */
|
2022-04-11 02:58:24 +00:00
|
|
|
if (trx->bts->dtxd && lchan_is_tch(lchan)) {
|
2016-10-28 14:52:48 +00:00
|
|
|
lchan->tch.dtx.dl_amr_fsm = osmo_fsm_inst_alloc(&dtx_dl_amr_fsm,
|
|
|
|
|
tall_bts_ctx,
|
|
|
|
|
lchan,
|
|
|
|
|
LOGL_DEBUG,
|
2021-05-27 16:26:29 +00:00
|
|
|
NULL);
|
DTX: avoid illegal character contained in DTX FSM allocation which causes BTS crash
Problem:
lchan->tch.dtx.dl_amr_fsm struct failed to allocate in l1sap_chan_act routine
in l1sap.c due to illegal characters contained in lchan->name which are passed to
osmo_fsm_inst_alloc routine. As a result, lchan->tch.dtx.dl_amr_fsm is NULL
causing BTS crashed (SEG FAULT) when trying to access this struct.
Below is snapshot of crash log obtained by GDB:
...
Fri Nov 24 18:13:55 2017 <0000> rsl.c:1653 payload type: 98
Fri Nov 24 18:13:55 2017 <0000> rsl.c:1463 (bts=0,trx=0,ts=2,ss=0)
RSL Tx IPAC_MDCX_ACK (local 127.0.0.1:11538, remote 127.0.0.1:30012)
Program received signal SIGSEGV, Segmentation fault.
0x00031930 in dtx_dl_amr_fsm_step (lchan=lchan@entry=0xb69592a8,
rtp_pl=rtp_pl@entry=0x87ae8 " \024\351Y\363_\337\345\351f\177\373\300\210\201\200\210",
rtp_pl_len=17, fn=1728481, l1_payload=0x10dd25 "", marker=marker@entry=true,
len=len@entry=0x10ddc4 "\024", ft_out=0xbefff7d7 "\002",
ft_out@entry=0xbefff7cf "\276\341_\032") at msg_utils.c:233
233 msg_utils.c: No such file or directory.
...
Fix:
* Use different formatting for lchan name passed to osmo_fsm_inst_alloc routine
* Refuse channel activation if FSM could not be generated (as opposed to crash)
Related: OS#2606
Reported-by: Minh-Quang Nguyen <minh-quang.nguyen@nutaq.com>
Change-Id: I929ce3703dc57acf8db569ae0e346265644d0b3c
2017-10-31 19:29:35 +00:00
|
|
|
if (!lchan->tch.dtx.dl_amr_fsm) {
|
|
|
|
|
l1sap_chan_act_dact_modify(trx, chan_nr, PRIM_INFO_DEACTIVATE, 0);
|
|
|
|
|
return -RSL_ERR_EQUIPMENT_FAIL;
|
|
|
|
|
}
|
2021-05-27 16:26:29 +00:00
|
|
|
|
|
|
|
|
rc = osmo_fsm_inst_update_id_f(lchan->tch.dtx.dl_amr_fsm,
|
|
|
|
|
"bts%u-trx%u-ts%u-ss%u%s",
|
|
|
|
|
trx->bts->nr, trx->nr,
|
|
|
|
|
lchan->ts->nr, lchan->nr,
|
|
|
|
|
lchan->ts->vamos.is_shadow ? "-shadow" : "");
|
|
|
|
|
OSMO_ASSERT(rc == 0);
|
DTX: avoid illegal character contained in DTX FSM allocation which causes BTS crash
Problem:
lchan->tch.dtx.dl_amr_fsm struct failed to allocate in l1sap_chan_act routine
in l1sap.c due to illegal characters contained in lchan->name which are passed to
osmo_fsm_inst_alloc routine. As a result, lchan->tch.dtx.dl_amr_fsm is NULL
causing BTS crashed (SEG FAULT) when trying to access this struct.
Below is snapshot of crash log obtained by GDB:
...
Fri Nov 24 18:13:55 2017 <0000> rsl.c:1653 payload type: 98
Fri Nov 24 18:13:55 2017 <0000> rsl.c:1463 (bts=0,trx=0,ts=2,ss=0)
RSL Tx IPAC_MDCX_ACK (local 127.0.0.1:11538, remote 127.0.0.1:30012)
Program received signal SIGSEGV, Segmentation fault.
0x00031930 in dtx_dl_amr_fsm_step (lchan=lchan@entry=0xb69592a8,
rtp_pl=rtp_pl@entry=0x87ae8 " \024\351Y\363_\337\345\351f\177\373\300\210\201\200\210",
rtp_pl_len=17, fn=1728481, l1_payload=0x10dd25 "", marker=marker@entry=true,
len=len@entry=0x10ddc4 "\024", ft_out=0xbefff7d7 "\002",
ft_out@entry=0xbefff7cf "\276\341_\032") at msg_utils.c:233
233 msg_utils.c: No such file or directory.
...
Fix:
* Use different formatting for lchan name passed to osmo_fsm_inst_alloc routine
* Refuse channel activation if FSM could not be generated (as opposed to crash)
Related: OS#2606
Reported-by: Minh-Quang Nguyen <minh-quang.nguyen@nutaq.com>
Change-Id: I929ce3703dc57acf8db569ae0e346265644d0b3c
2017-10-31 19:29:35 +00:00
|
|
|
}
|
2013-09-01 07:19:45 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int l1sap_chan_rel(struct gsm_bts_trx *trx, uint8_t chan_nr)
|
|
|
|
|
{
|
2016-10-03 15:37:45 +00:00
|
|
|
struct gsm_lchan *lchan = get_lchan_by_chan_nr(trx, chan_nr);
|
2021-10-26 16:00:17 +00:00
|
|
|
|
|
|
|
|
if (lchan->state == LCHAN_S_NONE) {
|
|
|
|
|
LOGPLCHAN(lchan, DL1C, LOGL_ERROR, "Trying to deactivate already deactivated channel %s\n",
|
|
|
|
|
rsl_chan_nr_str(chan_nr));
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2021-09-25 06:01:45 +00:00
|
|
|
LOGPLCHAN(lchan, DL1C, LOGL_INFO, "Deactivating channel %s\n",
|
|
|
|
|
rsl_chan_nr_str(chan_nr));
|
2013-09-01 07:19:45 +00:00
|
|
|
|
2016-10-03 15:37:45 +00:00
|
|
|
if (lchan->tch.dtx.dl_amr_fsm) {
|
|
|
|
|
osmo_fsm_inst_free(lchan->tch.dtx.dl_amr_fsm);
|
|
|
|
|
lchan->tch.dtx.dl_amr_fsm = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2013-09-01 07:19:45 +00:00
|
|
|
return l1sap_chan_act_dact_modify(trx, chan_nr, PRIM_INFO_DEACTIVATE,
|
|
|
|
|
0);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int l1sap_chan_deact_sacch(struct gsm_bts_trx *trx, uint8_t chan_nr)
|
|
|
|
|
{
|
2015-12-05 10:54:08 +00:00
|
|
|
struct gsm_lchan *lchan = get_lchan_by_chan_nr(trx, chan_nr);
|
2013-09-01 07:19:45 +00:00
|
|
|
|
2021-09-25 06:01:45 +00:00
|
|
|
LOGPLCHAN(lchan, DL1C, LOGL_INFO, "Deactivating SACCH on channel %s\n",
|
|
|
|
|
rsl_chan_nr_str(chan_nr));
|
2013-09-01 07:19:45 +00:00
|
|
|
|
|
|
|
|
return l1sap_chan_act_dact_modify(trx, chan_nr, PRIM_INFO_DEACTIVATE,
|
|
|
|
|
1);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int l1sap_chan_modify(struct gsm_bts_trx *trx, uint8_t chan_nr)
|
|
|
|
|
{
|
2021-09-25 06:01:45 +00:00
|
|
|
struct gsm_lchan *lchan = get_lchan_by_chan_nr(trx, chan_nr);
|
|
|
|
|
|
|
|
|
|
LOGPLCHAN(lchan, DL1C, LOGL_INFO, "Modifying channel %s\n",
|
|
|
|
|
rsl_chan_nr_str(chan_nr));
|
2013-09-01 07:19:45 +00:00
|
|
|
|
|
|
|
|
return l1sap_chan_act_dact_modify(trx, chan_nr, PRIM_INFO_MODIFY, 0);
|
|
|
|
|
}
|
