diff --git a/openbsc/configure.ac b/openbsc/configure.ac index fbf2930d6..f63d61ffa 100644 --- a/openbsc/configure.ac +++ b/openbsc/configure.ac @@ -203,6 +203,7 @@ AC_OUTPUT( src/libmgcp/Makefile src/libcommon/Makefile src/libfilter/Makefile + src/libiu/Makefile src/osmo-nitb/Makefile src/osmo-bsc/Makefile src/osmo-bsc_nat/Makefile diff --git a/openbsc/include/openbsc/Makefile.am b/openbsc/include/openbsc/Makefile.am index ce5f768e9..90aa36455 100644 --- a/openbsc/include/openbsc/Makefile.am +++ b/openbsc/include/openbsc/Makefile.am @@ -18,7 +18,8 @@ noinst_HEADERS = abis_nm.h abis_rsl.h db.h gsm_04_08.h gsm_data.h \ gprs_gb_parse.h smpp.h meas_feed.h \ gprs_gsup_client.h bsc_msg_filter.h \ oap.h oap_messages.h \ - gtphub.h gprs_llc_xid.h gprs_sndcp.h + gtphub.h gprs_llc_xid.h gprs_sndcp.h \ + iu.h openbsc_HEADERS = gsm_04_08.h meas_rep.h bsc_api.h openbscdir = $(includedir)/openbsc diff --git a/openbsc/include/openbsc/iu.h b/openbsc/include/openbsc/iu.h new file mode 100644 index 000000000..d0ab54027 --- /dev/null +++ b/openbsc/include/openbsc/iu.h @@ -0,0 +1,60 @@ +#pragma once + +#include + +struct sgsn_pdp_ctx; +struct msgb; +struct gprs_ra_id; + +struct RANAP_RAB_SetupOrModifiedItemIEs_s; +struct RANAP_GlobalRNC_ID; + +struct ue_conn_ctx { + struct llist_head list; + struct osmo_sccp_link *link; + uint32_t conn_id; + int integrity_active; + struct gprs_ra_id ra_id; +}; + +enum iu_event_type { + IU_EVENT_RAB_ASSIGN, + IU_EVENT_SECURITY_MODE_COMPLETE, + IU_EVENT_IU_RELEASE, /* An actual Iu Release message was received */ + IU_EVENT_LINK_INVALIDATED, /* A SUA link was lost or closed down */ + /* FIXME: maybe IU_EVENT_IU_RELEASE and IU_EVENT_LINK_INVALIDATED + * should be combined to one generic event that simply means the + * ue_conn_ctx should no longer be used, for whatever reason. */ +}; + +extern const struct value_string iu_event_type_names[]; +static inline const char *iu_event_type_str(enum iu_event_type e) +{ + return get_value_string(iu_event_type_names, e); +} + +/* Implementations of iu_recv_cb_t shall find the ue_conn_ctx in msg->dst. */ +typedef int (* iu_recv_cb_t )(struct msgb *msg, struct gprs_ra_id *ra_id, + /* TODO "gprs_" in generic CS+PS domain ^ */ + uint16_t *sai); + +typedef int (* iu_event_cb_t )(struct ue_conn_ctx *ue_ctx, + enum iu_event_type type, void *data); + +typedef int (* iu_rab_ass_resp_cb_t )(struct ue_conn_ctx *ue_ctx, uint8_t rab_id, + struct RANAP_RAB_SetupOrModifiedItemIEs_s *setup_ies); + +int iu_init(void *ctx, const char *listen_addr, uint16_t listen_port, + iu_recv_cb_t iu_recv_cb, iu_event_cb_t iu_event_cb); + +void iu_link_del(struct osmo_sccp_link *link); + +int iu_tx(struct msgb *msg, uint8_t sapi); + +int iu_page_cs(const char *imsi, const uint32_t *tmsi, uint16_t lac); +int iu_page_ps(const char *imsi, const uint32_t *ptmsi, uint16_t lac, uint8_t rac); + +int iu_rab_act(struct ue_conn_ctx *ue_ctx, struct msgb *msg); +int iu_rab_deact(struct ue_conn_ctx *ue_ctx, uint8_t rab_id); +int iu_tx_sec_mode_cmd(struct ue_conn_ctx *uectx, struct gsm_auth_tuple *tp, + int send_ck, int new_key); diff --git a/openbsc/src/Makefile.am b/openbsc/src/Makefile.am index 6f6174eb1..4aa880f3e 100644 --- a/openbsc/src/Makefile.am +++ b/openbsc/src/Makefile.am @@ -2,9 +2,18 @@ AM_CPPFLAGS = $(all_includes) -I$(top_srcdir)/include -I$(top_builddir) AM_CFLAGS=-Wall $(LIBOSMOCORE_CFLAGS) $(LIBOSMOGSM_CFLAGS) $(LIBOSMOGSM_CFLAGS) $(LIBOSMOVTY_CFLAGS) $(COVERAGE_CFLAGS) AM_LDFLAGS = $(LIBOSMOCORE_LIBS) $(LIBOSMOGSM_LIBS) $(COVERAGE_LDFLAGS) -SUBDIRS = libcommon libmgcp libbsc libmsc libtrau libfilter osmo-nitb osmo-bsc_mgcp utils ipaccess gprs +# Libraries +SUBDIRS = libcommon libmgcp libbsc libmsc libtrau libfilter -# Conditional modules +# Conditional Libraries +if BUILD_IU +SUBDIRS += libiu +endif + +# Programs +SUBDIRS += osmo-nitb osmo-bsc_mgcp utils ipaccess gprs + +# Conditional Programs if BUILD_NAT SUBDIRS += osmo-bsc_nat endif diff --git a/openbsc/src/libiu/Makefile.am b/openbsc/src/libiu/Makefile.am new file mode 100644 index 000000000..7b1ba4d19 --- /dev/null +++ b/openbsc/src/libiu/Makefile.am @@ -0,0 +1,10 @@ +AM_CPPFLAGS = $(all_includes) -I$(top_srcdir)/include -I$(top_builddir) +AM_CFLAGS=-Wall $(LIBOSMOCORE_CFLAGS) $(LIBOSMOVTY_CFLAGS) \ + $(LIBOSMOGSM_CFLAGS) $(LIBOSMOABIS_CFLAGS) $(COVERAGE_CFLAGS) $(LIBCRYPTO_CFLAGS) \ + $(LIBASN1C_CFLAGS) \ + $(LIBOSMOSIGTRAN_CFLAGS) $(LIBOSMORANAP_CFLAGS) + +noinst_LIBRARIES = libiu.a + +libiu_a_SOURCES = iu.c + diff --git a/openbsc/src/libiu/iu.c b/openbsc/src/libiu/iu.c new file mode 100644 index 000000000..837385ebe --- /dev/null +++ b/openbsc/src/libiu/iu.c @@ -0,0 +1,760 @@ +/* Common parts of IuCS and IuPS interfaces implementation */ + +/* (C) 2016 by sysmocom s.f.m.c. GmbH + * All Rights Reserved + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +#include +#include + +#include +#include +#include + +#include +#include +#include + +#include + +#include +#include +#include +#include + +#include + +/* Parsed global RNC id. See also struct RANAP_GlobalRNC_ID, and note that the + * PLMN identity is a BCD representation of the MCC and MNC. + * See iu_grnc_id_parse(). */ +struct iu_grnc_id { + uint16_t mcc; + uint16_t mnc; + uint16_t rnc_id; +}; + +/* A remote RNC (Radio Network Controller, like BSC but for UMTS) that has + * called us and is currently reachable at the given osmo_sccp_link. So, when we + * know a LAC for a subscriber, we can page it at the RNC matching that LAC or + * RAC. An HNB-GW typically presents itself as if it were a single RNC, even + * though it may have several RNCs in hNodeBs connected to it. Those will then + * share the same RNC id, which they actually receive and adopt from the HNB-GW + * in the HNBAP HNB REGISTER ACCEPT message. */ +struct iu_rnc { + struct llist_head entry; + + uint16_t rnc_id; + uint16_t lac; /* Location Area Code (used for CS and PS) */ + uint8_t rac; /* Routing Area Code (used for PS only) */ + struct osmo_sccp_link *link; +}; + +void *talloc_iu_ctx; + +int asn1_xer_print = 1; +void *talloc_asn1_ctx; + +iu_recv_cb_t global_iu_recv_cb = NULL; +iu_event_cb_t global_iu_event_cb = NULL; + +static LLIST_HEAD(ue_conn_ctx_list); +static LLIST_HEAD(rnc_list); + +const struct value_string iu_event_type_names[] = { +#define IU_EVT_STR(X) { X, #X } + IU_EVT_STR(IU_EVENT_RAB_ASSIGN), + IU_EVT_STR(IU_EVENT_SECURITY_MODE_COMPLETE), + IU_EVT_STR(IU_EVENT_IU_RELEASE), + IU_EVT_STR(IU_EVENT_LINK_INVALIDATED), +#undef IU_EVT_STR +}; + +struct ue_conn_ctx *ue_conn_ctx_alloc(struct osmo_sccp_link *link, uint32_t conn_id) +{ + struct ue_conn_ctx *ctx = talloc_zero(talloc_iu_ctx, struct ue_conn_ctx); + + ctx->link = link; + ctx->conn_id = conn_id; + llist_add(&ctx->list, &ue_conn_ctx_list); + + return ctx; +} + +struct ue_conn_ctx *ue_conn_ctx_find(struct osmo_sccp_link *link, + uint32_t conn_id) +{ + struct ue_conn_ctx *ctx; + + llist_for_each_entry(ctx, &ue_conn_ctx_list, list) { + if (ctx->link == link && ctx->conn_id == conn_id) + return ctx; + } + return NULL; +} + +static struct iu_rnc *iu_rnc_alloc(uint16_t rnc_id, uint16_t lac, uint8_t rac, + struct osmo_sccp_link *link) +{ + struct iu_rnc *rnc = talloc_zero(talloc_iu_ctx, struct iu_rnc); + + rnc->rnc_id = rnc_id; + rnc->lac = lac; + rnc->rac = rac; + rnc->link = link; + llist_add(&rnc->entry, &rnc_list); + + LOGP(DRANAP, LOGL_NOTICE, "New RNC %d (LAC=%d RAC=%d)\n", + rnc->rnc_id, rnc->lac, rnc->rac); + + return rnc; +} + +static struct iu_rnc *iu_rnc_register(uint16_t rnc_id, uint16_t lac, + uint8_t rac, struct osmo_sccp_link *link) +{ + struct iu_rnc *rnc; + llist_for_each_entry(rnc, &rnc_list, entry) { + if (rnc->rnc_id != rnc_id) + continue; + + /* We have this RNC Id registered already. Make sure that the + * details match. */ + + /* TODO should a mismatch be an error? */ + if (rnc->lac != lac || rnc->rac != rac) + LOGP(DRANAP, LOGL_NOTICE, "RNC %d changes its details:" + " LAC=%d RAC=%d --> LAC=%d RAC=%d\n", + rnc->rnc_id, rnc->lac, rnc->rac, + lac, rac); + rnc->lac = lac; + rnc->rac = rac; + + if (link && rnc->link != link) + LOGP(DRANAP, LOGL_NOTICE, "RNC %d on new link" + " (LAC=%d RAC=%d)\n", + rnc->rnc_id, rnc->lac, rnc->rac); + rnc->link = link; + return rnc; + } + + /* Not found, make a new one. */ + return iu_rnc_alloc(rnc_id, lac, rac, link); +} + +/* Discard/invalidate all ue_conn_ctx and iu_rnc entries that reference the + * given link, since this link is invalid and about to be deallocated. For + * each ue_conn_ctx, invoke the iu_event_cb_t with IU_EVENT_LINK_INVALIDATED. + */ +void iu_link_del(struct osmo_sccp_link *link) +{ + struct iu_rnc *rnc, *rnc_next; + llist_for_each_entry_safe(rnc, rnc_next, &rnc_list, entry) { + if (!rnc->link) + continue; + if (rnc->link != link) + continue; + rnc->link = NULL; + llist_del(&rnc->entry); + talloc_free(rnc); + } + + struct ue_conn_ctx *uec, *uec_next; + llist_for_each_entry_safe(uec, uec_next, &ue_conn_ctx_list, list) { + if (uec->link != link) + continue; + uec->link = NULL; + global_iu_event_cb(uec, IU_EVENT_LINK_INVALIDATED, NULL); + } +} + +/*********************************************************************** + * RANAP handling + ***********************************************************************/ + +int iu_rab_act(struct ue_conn_ctx *ue_ctx, struct msgb *msg) +{ + struct osmo_scu_prim *prim; + + /* wrap RANAP message in SCCP N-DATA.req */ + prim = (struct osmo_scu_prim *) msgb_push(msg, sizeof(*prim)); + prim->u.data.conn_id = ue_ctx->conn_id; + osmo_prim_init(&prim->oph, + SCCP_SAP_USER, + OSMO_SCU_PRIM_N_DATA, + PRIM_OP_REQUEST, + msg); + return osmo_sua_user_link_down(ue_ctx->link, &prim->oph); +} + +int iu_rab_deact(struct ue_conn_ctx *ue_ctx, uint8_t rab_id) +{ + /* FIXME */ + return -1; +} + +int iu_tx_sec_mode_cmd(struct ue_conn_ctx *uectx, struct gsm_auth_tuple *tp, + int send_ck, int new_key) +{ + struct osmo_scu_prim *prim; + struct msgb *msg; + uint8_t ik[16]; + uint8_t ck[16]; + unsigned int i; + + /* C5 function to derive IK from Kc */ + for (i = 0; i < 4; i++) + ik[i] = tp->vec.kc[i] ^ tp->vec.kc[i+4]; + memcpy(ik+4, tp->vec.kc, 8); + for (i = 12; i < 16; i++) + ik[i] = ik[i-12]; + + if (send_ck) { + /* C4 function to derive CK from Kc */ + memcpy(ck, tp->vec.kc, 8); + memcpy(ck+8, tp->vec.kc, 8); + } + + /* create RANAP message */ + msg = ranap_new_msg_sec_mod_cmd(ik, send_ck? ck : NULL, new_key ? RANAP_KeyStatus_new : RANAP_KeyStatus_old); + msg->l2h = msg->data; + /* wrap RANAP message in SCCP N-DATA.req */ + prim = (struct osmo_scu_prim *) msgb_push(msg, sizeof(*prim)); + prim->u.data.conn_id = uectx->conn_id; + osmo_prim_init(&prim->oph, SCCP_SAP_USER, + OSMO_SCU_PRIM_N_DATA, + PRIM_OP_REQUEST, msg); + osmo_sua_user_link_down(uectx->link, &prim->oph); + + return 0; +} + +static int iu_grnc_id_parse(struct iu_grnc_id *dst, + struct RANAP_GlobalRNC_ID *src) +{ + /* The size is coming from arbitrary sender, check it gracefully */ + if (src->pLMNidentity.size != 3) { + LOGP(DRANAP, LOGL_ERROR, "Invalid PLMN Identity size:" + " should be 3, is %d\n", src->pLMNidentity.size); + return -1; + } + gsm48_mcc_mnc_from_bcd(&src->pLMNidentity.buf[0], + &dst->mcc, &dst->mnc); + dst->rnc_id = (uint16_t)src->rNC_ID; + return 0; +} + +#if 0 + -- not used at present -- +static int iu_grnc_id_compose(struct iu_grnc_id *src, + struct RANAP_GlobalRNC_ID *dst) +{ + /* The caller must ensure proper size */ + OSMO_ASSERT(dst->pLMNidentity.size == 3); + gsm48_mcc_mnc_to_bcd(&dst->pLMNidentity.buf[0], + src->mcc, src->mnc); + dst->rNC_ID = src->rnc_id; + return 0; +} +#endif + +static int ranap_handle_co_initial_ue(void *ctx, RANAP_InitialUE_MessageIEs_t *ies) +{ + struct ue_conn_ctx *ue_conn = ctx; + struct gprs_ra_id ra_id; + struct iu_grnc_id grnc_id; + uint16_t sai; + struct msgb *msg = msgb_alloc(256, "RANAP->NAS"); + + if (ranap_parse_lai(&ra_id, &ies->lai) != 0) { + LOGP(DRANAP, LOGL_ERROR, "Failed to parse RANAP LAI IE\n"); + return -1; + } + + if (ies->presenceMask & INITIALUE_MESSAGEIES_RANAP_RAC_PRESENT) { + ra_id.rac = asn1str_to_u8(&ies->rac); + } + + if (iu_grnc_id_parse(&grnc_id, &ies->globalRNC_ID) != 0) { + LOGP(DRANAP, LOGL_ERROR, + "Failed to parse RANAP Global-RNC-ID IE\n"); + return -1; + } + + sai = asn1str_to_u16(&ies->sai.sAC); + msgb_gmmh(msg) = msgb_put(msg, ies->nas_pdu.size); + memcpy(msgb_gmmh(msg), ies->nas_pdu.buf, ies->nas_pdu.size); + + /* Make sure we know the RNC Id and LAC+RAC coming in on this connection. */ + iu_rnc_register(grnc_id.rnc_id, ra_id.lac, ra_id.rac, ue_conn->link); + ue_conn->ra_id = ra_id; + + /* Feed into the MM layer */ + msg->dst = ctx; + global_iu_recv_cb(msg, &ra_id, &sai); + + msgb_free(msg); + + return 0; +} + +static int ranap_handle_co_dt(void *ctx, RANAP_DirectTransferIEs_t *ies) +{ + struct gprs_ra_id _ra_id, *ra_id = NULL; + uint16_t _sai, *sai = NULL; + struct msgb *msg = msgb_alloc(256, "RANAP->NAS"); + + if (ies->presenceMask & DIRECTTRANSFERIES_RANAP_LAI_PRESENT) { + if (ranap_parse_lai(&_ra_id, &ies->lai) != 0) { + LOGP(DRANAP, LOGL_ERROR, "Failed to parse RANAP LAI IE\n"); + return -1; + } + ra_id = &_ra_id; + if (ies->presenceMask & DIRECTTRANSFERIES_RANAP_RAC_PRESENT) { + _ra_id.rac = asn1str_to_u8(&ies->rac); + } + if (ies->presenceMask & DIRECTTRANSFERIES_RANAP_SAI_PRESENT) { + _sai = asn1str_to_u16(&ies->sai.sAC); + sai = &_sai; + } + } + + msgb_gmmh(msg) = msgb_put(msg, ies->nas_pdu.size); + memcpy(msgb_gmmh(msg), ies->nas_pdu.buf, ies->nas_pdu.size); + + /* Feed into the MM/CC/SMS-CP layer */ + msg->dst = ctx; + global_iu_recv_cb(msg, ra_id, sai); + + msgb_free(msg); + + return 0; +} + +static int ranap_handle_co_err_ind(void *ctx, RANAP_ErrorIndicationIEs_t *ies) +{ + if (ies->presenceMask & ERRORINDICATIONIES_RANAP_CAUSE_PRESENT) + LOGP(DRANAP, LOGL_ERROR, "Rx Error Indication (%s)\n", + ranap_cause_str(&ies->cause)); + else + LOGP(DRANAP, LOGL_ERROR, "Rx Error Indication\n"); + + return 0; +} + +int iu_tx(struct msgb *msg_nas, uint8_t sapi) +{ + struct ue_conn_ctx *uectx = msg_nas->dst; + struct msgb *msg; + struct osmo_scu_prim *prim; + + LOGP(DRANAP, LOGL_INFO, "Transmitting L3 Message as RANAP DT (SUA link %p conn_id %u)\n", + uectx->link, uectx->conn_id); + + msg = ranap_new_msg_dt(sapi, msg_nas->data, msgb_length(msg_nas)); + msgb_free(msg_nas); + msg->l2h = msg->data; + prim = (struct osmo_scu_prim *) msgb_push(msg, sizeof(*prim)); + prim->u.data.conn_id = uectx->conn_id; + osmo_prim_init(&prim->oph, SCCP_SAP_USER, + OSMO_SCU_PRIM_N_DATA, + PRIM_OP_REQUEST, msg); + osmo_sua_user_link_down(uectx->link, &prim->oph); + return 0; +} + +static int ranap_handle_co_iu_rel_req(struct ue_conn_ctx *ctx, RANAP_Iu_ReleaseRequestIEs_t *ies) +{ + struct msgb *msg; + struct osmo_scu_prim *prim; + + LOGP(DRANAP, LOGL_INFO, "Received Iu Release Request, Sending Release Command\n"); + msg = ranap_new_msg_iu_rel_cmd(&ies->cause); + msg->l2h = msg->data; + prim = (struct osmo_scu_prim *) msgb_push(msg, sizeof(*prim)); + prim->u.data.conn_id = ctx->conn_id; + osmo_prim_init(&prim->oph, SCCP_SAP_USER, + OSMO_SCU_PRIM_N_DATA, + PRIM_OP_REQUEST, msg); + osmo_sua_user_link_down(ctx->link, &prim->oph); + return 0; +} + +static int ranap_handle_co_rab_ass_resp(struct ue_conn_ctx *ctx, RANAP_RAB_AssignmentResponseIEs_t *ies) +{ + int rc = -1; + + LOGP(DRANAP, LOGL_INFO, "RAB Asignment Response:"); + if (ies->presenceMask & RAB_ASSIGNMENTRESPONSEIES_RANAP_RAB_SETUPORMODIFIEDLIST_PRESENT) { + /* TODO: Iterate over list of SetupOrModifiedList IEs and handle each one */ + RANAP_IE_t *ranap_ie = ies->raB_SetupOrModifiedList.raB_SetupOrModifiedList_ies.list.array[0]; + RANAP_RAB_SetupOrModifiedItemIEs_t setup_ies; + + rc = ranap_decode_rab_setupormodifieditemies_fromlist(&setup_ies, &ranap_ie->value); + if (rc) { + LOGP(DRANAP, LOGL_ERROR, "Error in ranap_decode_rab_setupormodifieditemies()\n"); + return rc; + } + + rc = global_iu_event_cb(ctx, IU_EVENT_RAB_ASSIGN, &setup_ies); + + ranap_free_rab_setupormodifieditemies(&setup_ies); + } + + LOGPC(DRANAP, LOGL_INFO, "\n"); + + return rc; +} + +/* Entry point for connection-oriented RANAP message */ +static void cn_ranap_handle_co(void *ctx, ranap_message *message) +{ + int rc; + + LOGP(DRANAP, LOGL_NOTICE, "handle_co(dir=%u, proc=%u)\n", message->direction, message->procedureCode); + + switch (message->direction) { + case RANAP_RANAP_PDU_PR_initiatingMessage: + switch (message->procedureCode) { + case RANAP_ProcedureCode_id_InitialUE_Message: + rc = ranap_handle_co_initial_ue(ctx, &message->msg.initialUE_MessageIEs); + break; + case RANAP_ProcedureCode_id_DirectTransfer: + rc = ranap_handle_co_dt(ctx, &message->msg.directTransferIEs); + break; + case RANAP_ProcedureCode_id_ErrorIndication: + rc = ranap_handle_co_err_ind(ctx, &message->msg.errorIndicationIEs); + break; + case RANAP_ProcedureCode_id_Iu_ReleaseRequest: + /* Iu Release Request */ + rc = ranap_handle_co_iu_rel_req(ctx, &message->msg.iu_ReleaseRequestIEs); + break; + default: + LOGP(DRANAP, LOGL_ERROR, "Received Initiating Message: unknown Procedure Code %d\n", + message->procedureCode); + rc = -1; + break; + } + break; + case RANAP_RANAP_PDU_PR_successfulOutcome: + switch (message->procedureCode) { + case RANAP_ProcedureCode_id_SecurityModeControl: + /* Security Mode Complete */ + rc = global_iu_event_cb(ctx, IU_EVENT_SECURITY_MODE_COMPLETE, NULL); + break; + case RANAP_ProcedureCode_id_Iu_Release: + /* Iu Release Complete */ + rc = global_iu_event_cb(ctx, IU_EVENT_IU_RELEASE, NULL); + if (rc) { + LOGP(DRANAP, LOGL_ERROR, "Iu Release event: Iu Event callback returned %d\n", + rc); + } + break; + default: + LOGP(DRANAP, LOGL_ERROR, "Received Successful Outcome: unknown Procedure Code %d\n", + message->procedureCode); + rc = -1; + break; + } + break; + case RANAP_RANAP_PDU_PR_outcome: + switch (message->procedureCode) { + case RANAP_ProcedureCode_id_RAB_Assignment: + /* RAB Assignment Response */ + rc = ranap_handle_co_rab_ass_resp(ctx, &message->msg.raB_AssignmentResponseIEs); + break; + default: + LOGP(DRANAP, LOGL_ERROR, "Received Outcome: unknown Procedure Code %d\n", + message->procedureCode); + rc = -1; + break; + } + break; + case RANAP_RANAP_PDU_PR_unsuccessfulOutcome: + default: + LOGP(DRANAP, LOGL_ERROR, "Received Unsuccessful Outcome: Procedure Code %d\n", + message->procedureCode); + rc = -1; + break; + } + + if (rc) { + LOGP(DRANAP, LOGL_ERROR, "Error in cn_ranap_handle_co (%d)\n", + rc); + /* TODO handling of the error? */ + } +} + +static int ranap_handle_cl_reset_req(void *ctx, RANAP_ResetIEs_t *ies) +{ + /* FIXME: send reset response */ + return -1; +} + +static int ranap_handle_cl_err_ind(void *ctx, RANAP_ErrorIndicationIEs_t *ies) +{ + if (ies->presenceMask & ERRORINDICATIONIES_RANAP_CAUSE_PRESENT) + LOGP(DRANAP, LOGL_ERROR, "Rx Error Indication (%s)\n", + ranap_cause_str(&ies->cause)); + else + LOGP(DRANAP, LOGL_ERROR, "Rx Error Indication\n"); + + return 0; +} + +/* Entry point for connection-less RANAP message */ +static void cn_ranap_handle_cl(void *ctx, ranap_message *message) +{ + int rc; + + switch (message->direction) { + case RANAP_RANAP_PDU_PR_initiatingMessage: + switch (message->procedureCode) { + case RANAP_ProcedureCode_id_Reset: + /* received reset.req, send reset.resp */ + rc = ranap_handle_cl_reset_req(ctx, &message->msg.resetIEs); + break; + case RANAP_ProcedureCode_id_ErrorIndication: + rc = ranap_handle_cl_err_ind(ctx, &message->msg.errorIndicationIEs); + break; + default: + rc = -1; + break; + } + break; + case RANAP_RANAP_PDU_PR_successfulOutcome: + case RANAP_RANAP_PDU_PR_unsuccessfulOutcome: + case RANAP_RANAP_PDU_PR_outcome: + default: + rc = -1; + break; + } + + if (rc) { + LOGP(DRANAP, LOGL_ERROR, "Error in cn_ranap_handle_cl (%d)\n", + rc); + /* TODO handling of the error? */ + } +} + +/*********************************************************************** + * Paging + ***********************************************************************/ + +/* Send a paging command down a given SUA link. tmsi and paging_cause are + * optional and may be passed NULL and 0, respectively, to disable their use. + * See enum RANAP_PagingCause. + * + * If TMSI is given, the IMSI is not sent over the air interface. Nevertheless, + * the IMSI is still required for resolution in the HNB-GW and/or(?) RNC. */ +static int iu_tx_paging_cmd(struct osmo_sccp_link *link, + const char *imsi, const uint32_t *tmsi, + bool is_ps, uint32_t paging_cause) +{ + struct msgb *msg; + msg = ranap_new_msg_paging_cmd(imsi, tmsi, is_ps? 1 : 0, paging_cause); + msg->l2h = msg->data; + return osmo_sccp_tx_unitdata_ranap(link, 1, 2, msg->data, + msgb_length(msg)); +} + +static int iu_page(const char *imsi, const uint32_t *tmsi_or_ptimsi, + uint16_t lac, uint8_t rac, bool is_ps) +{ + struct iu_rnc *rnc; + int pagings_sent = 0; + + if (tmsi_or_ptimsi) { + LOGP(DRANAP, LOGL_DEBUG, "%s: Looking for RNCs to page for IMSI %s" + " (paging will use %s %x)\n", + is_ps? "IuPS" : "IuCS", + imsi, + is_ps? "PTMSI" : "TMSI", + *tmsi_or_ptimsi); + } else { + LOGP(DRANAP, LOGL_DEBUG, "%s: Looking for RNCs to page for IMSI %s" + " (paging will use IMSI)\n", + is_ps? "IuPS" : "IuCS", + imsi + ); + } + + llist_for_each_entry(rnc, &rnc_list, entry) { + if (!rnc->link) { + /* Not actually connected, don't count it. */ + continue; + } + if (rnc->lac != lac) + continue; + if (is_ps && rnc->rac != rac) + continue; + + /* Found a match! */ + if (iu_tx_paging_cmd(rnc->link, imsi, tmsi_or_ptimsi, is_ps, 0) + == 0) { + LOGP(DRANAP, LOGL_DEBUG, + "%s: Paged for IMSI %s on RNC %d, on SUA link %p\n", + is_ps? "IuPS" : "IuCS", + imsi, rnc->rnc_id, rnc->link); + pagings_sent ++; + } + } + + /* Some logging... */ + if (pagings_sent > 0) { + LOGP(DRANAP, LOGL_DEBUG, + "%s: %d RNCs were paged for IMSI %s.\n", + is_ps? "IuPS" : "IuCS", + pagings_sent, imsi); + } + else { + if (is_ps) { + LOGP(DRANAP, LOGL_ERROR, "IuPS: Found no RNC to page for" + " LAC %d RAC %d (would have paged IMSI %s)\n", + lac, rac, imsi); + } + else { + LOGP(DRANAP, LOGL_ERROR, "IuCS: Found no RNC to page for" + " LAC %d (would have paged IMSI %s)\n", + lac, imsi); + } + } + + return pagings_sent; +} + +int iu_page_cs(const char *imsi, const uint32_t *tmsi, uint16_t lac) +{ + return iu_page(imsi, tmsi, lac, 0, false); +} + +int iu_page_ps(const char *imsi, const uint32_t *ptmsi, uint16_t lac, uint8_t rac) +{ + return iu_page(imsi, ptmsi, lac, rac, true); +} + + +/*********************************************************************** + * + ***********************************************************************/ + +int tx_unitdata(struct osmo_sccp_link *link); +int tx_conn_req(struct osmo_sccp_link *link, uint32_t conn_id); + +struct osmo_prim_hdr *make_conn_req(uint32_t conn_id); +struct osmo_prim_hdr *make_dt1_req(uint32_t conn_id, const uint8_t *data, unsigned int len); + +struct osmo_prim_hdr *make_conn_resp(struct osmo_scu_connect_param *param) +{ + struct msgb *msg = msgb_alloc(1024, "conn_resp"); + struct osmo_scu_prim *prim; + + prim = (struct osmo_scu_prim *) msgb_put(msg, sizeof(*prim)); + osmo_prim_init(&prim->oph, SCCP_SAP_USER, + OSMO_SCU_PRIM_N_CONNECT, + PRIM_OP_RESPONSE, msg); + memcpy(&prim->u.connect, param, sizeof(prim->u.connect)); + return &prim->oph; +} + +static int sccp_sap_up(struct osmo_prim_hdr *oph, void *link) +{ + struct osmo_scu_prim *prim = (struct osmo_scu_prim *) oph; + struct osmo_prim_hdr *resp = NULL; + int rc; + struct ue_conn_ctx *ue; + + DEBUGP(DRANAP, "sccp_sap_up(%s)\n", osmo_scu_prim_name(oph)); + + switch (OSMO_PRIM_HDR(oph)) { + case OSMO_PRIM(OSMO_SCU_PRIM_N_CONNECT, PRIM_OP_CONFIRM): + /* confirmation of outbound connection */ + rc = -1; + break; + case OSMO_PRIM(OSMO_SCU_PRIM_N_CONNECT, PRIM_OP_INDICATION): + /* indication of new inbound connection request*/ + DEBUGP(DRANAP, "N-CONNECT.ind(X->%u)\n", prim->u.connect.conn_id); + if (/* prim->u.connect.called_addr.ssn != OSMO_SCCP_SSN_RANAP || */ + !msgb_l2(oph->msg) || msgb_l2len(oph->msg) == 0) { + LOGP(DRANAP, LOGL_NOTICE, + "Received invalid N-CONNECT.ind\n"); + return 0; + } + ue = ue_conn_ctx_alloc(link, prim->u.connect.conn_id); + /* first ensure the local SUA/SCCP socket is ACTIVE */ + resp = make_conn_resp(&prim->u.connect); + osmo_sua_user_link_down(link, resp); + /* then handle the RANAP payload */ + rc = ranap_cn_rx_co(cn_ranap_handle_co, ue, msgb_l2(oph->msg), msgb_l2len(oph->msg)); + break; + case OSMO_PRIM(OSMO_SCU_PRIM_N_DISCONNECT, PRIM_OP_INDICATION): + /* indication of disconnect */ + DEBUGP(DRANAP, "N-DISCONNECT.ind(%u)\n", + prim->u.disconnect.conn_id); + ue = ue_conn_ctx_find(link, prim->u.disconnect.conn_id); + rc = ranap_cn_rx_co(cn_ranap_handle_co, ue, msgb_l2(oph->msg), msgb_l2len(oph->msg)); + break; + case OSMO_PRIM(OSMO_SCU_PRIM_N_DATA, PRIM_OP_INDICATION): + /* connection-oriented data received */ + DEBUGP(DRANAP, "N-DATA.ind(%u, %s)\n", prim->u.data.conn_id, + osmo_hexdump(msgb_l2(oph->msg), msgb_l2len(oph->msg))); + /* resolve UE context */ + ue = ue_conn_ctx_find(link, prim->u.data.conn_id); + rc = ranap_cn_rx_co(cn_ranap_handle_co, ue, msgb_l2(oph->msg), msgb_l2len(oph->msg)); + break; + case OSMO_PRIM(OSMO_SCU_PRIM_N_UNITDATA, PRIM_OP_INDICATION): + /* connection-less data received */ + DEBUGP(DRANAP, "N-UNITDATA.ind(%s)\n", + osmo_hexdump(msgb_l2(oph->msg), msgb_l2len(oph->msg))); + rc = ranap_cn_rx_cl(cn_ranap_handle_cl, link, msgb_l2(oph->msg), msgb_l2len(oph->msg)); + break; + default: + rc = -1; + break; + } + + msgb_free(oph->msg); + return rc; +} + +int iu_init(void *ctx, const char *listen_addr, uint16_t listen_port, + iu_recv_cb_t iu_recv_cb, iu_event_cb_t iu_event_cb) +{ + struct osmo_sccp_user *user; + talloc_iu_ctx = talloc_named_const(ctx, 1, "iu"); + talloc_asn1_ctx = talloc_named_const(talloc_iu_ctx, 1, "asn1"); + + global_iu_recv_cb = iu_recv_cb; + global_iu_event_cb = iu_event_cb; + osmo_sua_set_log_area(DSUA); + user = osmo_sua_user_create(talloc_iu_ctx, sccp_sap_up, talloc_iu_ctx); + return osmo_sua_server_listen(user, listen_addr, listen_port); +} +