Previous code relied on abort() switching sigaction to SIG_FDL +
retriggering SIGABRT in case the signal handler returns, which would
then generate the coredump + terminate the process.
However, if a SIGABRT is received from somewhere else (kill -SIGABRT),
then the process would print the talloc report and continue running,
which is not desired.
Change-Id: I65f70a53b6982bff9ea4bd6ff786d8a2f8181eac
Fixes: OS#4865
Previous code relied on abort() switching sigaction to SIG_FDL +
retriggering SIGABRT in case the signal handler returns, which would
then generate the coredump + terminate the process.
However, if a SIGABRT is received from somewhere else (kill -SIGABRT),
then the process would print the talloc report and continue running,
which is not desired.
Change-Id: I1cab4a716cf2fda6353f698888edbcec6228d78b
Fixes: OS#4865
Previous code relied on abort() switching sigaction to SIG_FDL +
retriggering SIGABRT in case the signal handler returns, which would
then generate the coredump + terminate the process.
However, if a SIGABRT is received from somewhere else (kill -SIGABRT),
then the process would print the talloc report and continue running,
which is not desired.
Change-Id: I97559b29328101c7cf340aaf1052c0c406634065
Fixes: OS#4865
This will be needed to use the TLLI as link selector parameter
in osmo-gbproxy in an upcoming patch.
Depends: libosmocore.git I397b32a6e6ea3e9d218446138cceafa9b27685dd
Change-Id: Ia6d5300e63ad23987cbdca824db620305bd583d7
When we receive a PAGING for PS or CS with destination to the entire
BSS area, we need to iterate over all peers and send one copy of the
paging to each of them.
Change-Id: Iecf244238500a354d5a5b40c76f0c0bb8f8c2511
There may very well be many PCUs connected within the same RAC or LAC.
This means we'll need to iterate the list of peers and dispatch it to
each matching peer.
Change-Id: I2c44959661fb53730586f4347cbfbbcece065e13
The python scripts already use #!/usr/bin/env python3 so it was pure
coincidence that the tests are working.
Change-Id: I96ac31e7862fe102e5baee0c2e25458ff0451a50
Commit cce88282388f in libosmocore changed the msg ownership model - the
callback that the user registers is now responsible for freeing the msg.
Change-Id: Iee940aba7d94afefb5957dbe5f0b04dcf951b31c
Related: SYS#4998
* is_config_node is deprecated, so don't set it
* go_parent_cb is only used if we want to do special stuff upon exiting
a node, in osmo-sgsn and gtphub only osmo_ss7_vty_go_parent() needs to
be called
Change-Id: I2008dd9026922d29ee703c59e70d3fecced0ee18
Currently the code reports routing the message to a BVCI but never even
tries to get the peer for it.
Change-Id: Ic72f0f03e5886ab76404915fc60a2796e6881a7a
Related: SYS#4998
When we receive a signalling BVC RESET from the SGSN we want to reset
the signalling BVCs for every peer.
Change-Id: I98c1a53d0e4b9a988e9ddec97ce0c67ded6f6326
Related: SYS#4998
Since NS2 has a different abstraction we mock up the prim send/recv
functions and don't test NS like the old tests did.
Related: SYS#4998
Change-Id: Iecfd0408a35a11638d254c1db3c1d477b1a11524
sgsn_delete_pdp_ctx() should never be called without checking if the GTP
side is available, since it may happen that it has already been released
by the time the mmctx tells us the pdp ctx is gone on the MS side.
Fixes: OS#4817
Change-Id: Ie618874545172ec98355174a2ee041fc4a8bec16
This function is only expected to be called if the GTP side of the PDP
ctx is still alive, since it will tear down the GTP side and then finish
the pending MS side if needed.
The asserts are added to ease debugging since it was noted that a few
callers were using this function without properly checking the status of
the pdp ctx.
Related: OS#4817
Change-Id: I4248e2e9846fec5ae2c8557384da2deb86668c50
The SGSN initialises GTP with gtp_statedir of "./" which may
not be the desired path for writing the gsn_restart file.
When starting from systemd for example, we might write
to the system root.
This patch allows override via the config file.
Closes: OS#4820
Change-Id: Ib3ffb7fd6ea1d9b0286111d8c2cba9da5394ca58
Scenario:
1- For an unknwon reason, sgsn sends DeletePdpCtxReq on GTP towards GGSN.
2- GGSN answers with Error Indication to that pdp ctx which calls
gtp_freepdp()
3- gtp_freepdp() calls libgtp callback cb_delete_context() before freeing the
pointer, in osmo-sgsn callback points to cb_delete_context(), which
removes pctx->ggsn and tries to drop the pdp on the NS side by sending a
DeactPdpReq.
4- While waiting for DeactPdpAck, the MS/PCU sends a DeactPdpReq, and
code was unconditionalyl trying to release the gtp side without checking
if it was alreay released, using pctx->ggsn==NULL and crashing.
This is basically the same logic already in place in regular path
gsm48_rx_gsm_deact_pdp_ack.
Related: OS#4817
Change-Id: I02587a3dc812823d893fc00b904142b75fd190b9
gtphub.c:2915:2: error: ‘snprintf’ argument 4 may overlap destination object ‘buf’ [-Werror=restrict]
2915 | snprintf(pos, len, " port %s", portbuf);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Be better safe and use the stack instead of byte counting in the buffer.
Change-Id: Ied9665ce6bd2633797bbc3a2171e911ada357a22
When compression is turned on, an extra buffer "expnd" is allocated in
the context of msg. This means that when msg is freed, expnd is freed as
well and there is no need for freein it explcicitly, which, when it is
done after freeng msg, causes talloc to abort.
Change-Id: I8959b75e241ffabf9fa34c4cf014721584372b26
3GPP TS 24.008 Section 10.5.7.2 Radio Priority states that the Radio Priority IE is
3 bits as follows:
--------------------------------------------
0 0 1 priority level 1 (highest)
0 1 0 priority level 2
0 1 1 priority level 3
1 0 0 priority level 4 (lowest)
All other values are interpreted as priority
level 4 by this version of the protocol.
--------------------------------------------
However at least the MediaTek MT6753 and MT6592 have been
observed to interpret a value of 0 0 0 in an undetermined way
resulting in lack of access to RACH in the cell.
Fixes: OS#4506
Change-Id: I810cd541eb5764ee3f2c238bcd3a10836228d0b5
As long the SGSN doesn't support PS handover treat unknown RA as invalid
and do an implicit detach.
Fixes ttcn3 crash when an RAU happen within an Attach Request
Change-Id: I6a0b335d51f58c26349f7e0a62b2107d7d351d07
"127.0.0.1" is changed to "localhost" to let local NSS decide whether to
use IPv4 or IPv6. In newish systems, IPv6 ::1 will be selected since
IPv6 takes precedence over IPv4.
Similarly, the default source addr needs to be changed from NULL to "localhost"
since for some yet unknwon reason, getaddrinfo(AF_UNSPEC, NULL) returns
first IPv4 "0.0.0.0" and later "::", which is inconsistent with
getaddrinfo("localhost") result, resulting in src=IPv4(0.0.0.0) and
dst=IPv6(::1), which is incompatible and will fail. In any case, since
the default remote address is a local one and it's the client side,
there's no real logical change since the kernel would anyway should have
taken a local address anyway.
Change-Id: I2f599e1aa449d44136ef20ba5f516ca9b61f3223
3GPP TS 48.018 Section 8.4:
> After any failure affecting the NSE, the party (BSS or SGSN) where
> the failure resided shall reset the signalling BVC. After sending or
> receiving a BVC-RESET PDU for the signalling BVC, the BSS shall stop all
> traffic and initiate the BVC-RESET procedure for all BVCs corresponding
> to PTP functional entities of the underlying network service entity. The
> BSS must complete the BVC-RESET procedure for signalling BVC before
> starting PTP BVC-RESET procedures.
TODO: We should not just trigger a single outbound BVC-RESET message,
but we should re-transmit them until we get a response. This would
likely entail adding FSMs to libosmogb, which we will leave for a later
point - it's anticipated that the NS + BSSGP code is undergoing quite
some changes in the coming months anyway, so leave it for then.
Change-Id: I0b46035b40709c38bb9ab9493c11031a577e3ee0
Closes: OS#4629
Depends: libosmocore.git I353adc1aa72377f7d4b3336d2ff47791fb73d62c
The osmo_ prefix should be only used for official struct/apis of libosmocore.
This commit was done via `sed -i 's/osmo_sockaddr/sgsn_sockaddr/g'`.
In prepartion of introducing a different api of osmo_sockaddr to
libosmocore.
Change-Id: Ibb1ddce9ff1ffe7494de5cdb8ea1843c45fe4566
The MS notifies movement to GMM SUSPEND state because it is for instance
handling a call and cannot use PDCH anymore. Once it releases the TCH it
will ASAP move to either dedicated mode or trigger RAU, which means it
will get out of SUSPEND state. So it doesn't make sense to try paging
the MS when in that state.
This change makes test TC_suspend_nopaging pass.
Related: OS#4616
Change-Id: Ia245899eb9f16c7f839785def4ceb721a1c3a11b
Fix the final nibble of all IMSI BCD digits to 0xf, since it is a filler digit.
The encoded IMSI has an even amount of digits (14) and must contain a 0xf
filler nibble at the end. The test data looked correct due to repeated '1'
digits.
wrong hex: 11 12 13 14 15 16 17 18
correct: 11 12 13 14 15 16 17 f8
order: 1T 32 54 76 98 ba dc Xe T = type, X = filler, 1..e = 14 digits
This error was found when applying the new osmo_mobile_identity API.
Change-Id: Ia006a3da6779ad1984f642e8ea29790a4daeb8b9
We so far only resumed from suspend upon receiving an explicit BSSGP
RESUME message from the BSS. The latter is only possible in
BSC-colocated PCU, where the BSC can trigger the message when releasing
the dedicated channel. In BTS-colocated PCUs, this is not possible,
and we have to rely on the MS resuming by RAU.
See 3GPP TS 23.060 section 16.2.1.1.1 clause 6:
The MS shall resume GPRS services by sending a Routeing Area Update Request message to the SGSN:
* if the BSS did not successfully request the SGSN to resume GPRS services,
* if the RR Channel Release message was not received before the MS left dedicated mode,
* if the MS locally determines that the conditions for the GPRS suspension have disappeared
Without this patch, the GMM state would forever be stuck in SUSPEND,
which in turn causes the SGSN to page the MS all the time.
Change-Id: I3c09187a27483d95fa0070bbb467f94a2ea3978f
Related: OS4616
As msgb ownership is not passed along, we need to free the message
buffer memory we allocate in defrag_segments() after calling
sgsn_rx_sndcp_ud_ind().
Change-Id: I1185b1aa99bb167d616eb469e5445e4ed5ad949d
Closes: OS#4603
Remove OpenSUSE bug report link, set version to @VERSION@, make it build
with CentOS 8 etc.
Related: OS#4550
Change-Id: I824b67f2d590ac2aa9f2e4fa4387a5283cf22521
Harald Welte
Pau Espin
Daniel Willmann
Alexander Couzens
Keith Whyte
Philipp Maier
Vadim Yanitskiy
Oliver Smith