GSM A RR: dissect random bit stream in SI6 Rest Octets

Since version 10.2.0 (2011-03) of 3GPP TS 44.018, unused octets of the
SI6 Rest Octets IE (see 10.5.2.35a) may optionally contain random bits
instead of the standard repeating sequence of '00101011'.

This is a counter-measure making the known-plaintext attack on encrypted
channels slower (and thus harder).  For more details, see GP-110384 [1].

[1] http://portal.3gpp.org/ngppapp/DownloadTDoc.aspx?contributionUid=GP-110384

Without this patch Wireshark would warn about an unknown or potentially
malformed PDU if the network is using random padding bits:

  SI 6 Rest Octets
      L... .... = PCH and NCH Info: Not Present
      .L.. .... = VBS/VGCS options: Not Present
      ..L. .... = DTM: Not Supported in Serving cell
      ...L .... = Band Indicator: 1800
      .... L... = GPRS MS PWR MAX CCCH: Not Present
      .... .L.. = MBMS Procedures: Not supported
      .... ..L. = Additions in Rel-7: Not Present
      Padding Bits: Unknown extension detected or malformed PDU (Not decoded)

With this patch, value of the random bit stream indicator is used to
determine presence of random bit stream (padding):

  SI 6 Rest Octets
      L... .... = PCH and NCH Info: Not Present
      .L.. .... = VBS/VGCS options: Not Present
      ..L. .... = DTM: Not Supported in Serving cell
      ...L .... = Band Indicator: 1800
      .... L... = GPRS MS PWR MAX CCCH: Not Present
      .... .L.. = MBMS Procedures: Not supported
      .... ..L. = Additions in Rel-7: Not Present
      .... ...H = Random Bit Stream: Present
      Padding Bits: random bit stream

epan/dissectors/packet-gsm_a_rr.c

@@ -1050,6 +1050,7 @@ static int hf_gsm_a_rr_multiband_reporting_present = -1;
 static int hf_gsm_a_rr_report_priority_description = -1;
 static int hf_gsm_a_rr_tdd_reporting_offset_present = -1;
 static int hf_gsm_a_rr_amr_config_present = -1;
+static int hf_gsm_a_rr_rand_bit_stream_ind = -1;
 static int hf_gsm_a_rr_900_reporting_present = -1;
 static int hf_gsm_a_rr_rfl_number_present = -1;
 static int hf_gsm_a_rr_eutran_fdd_reporting_offset_present = -1;
@@ -7909,7 +7910,16 @@ de_rr_si6_rest_oct(tvbuff_t *tvb, proto_tree *subtree, packet_info *pinfo _U_, g
             bit_offset += 4;
         }
     }
-    gsm_rr_csn_padding_bits(subtree, tvb, bit_offset, tvb_len);
+    if (gsm_rr_csn_HL_flag(tvb, subtree, 0, bit_offset++, hf_gsm_a_rr_rand_bit_stream_ind))
+    { /* H < Random bit stream : bit **> */
+        proto_tree_add_bytes_format_value(subtree, hf_gsm_a_rr_padding, tvb,
+                                          bit_offset >> 3, -1, NULL,
+                                          "random bit stream");
+    }
+    else
+    { /* L <spare padding> -- (no randomization) */
+        gsm_rr_csn_padding_bits(subtree, tvb, bit_offset, tvb_len);
+    }
     return tvb_len - offset;
 }
 
@@ -14698,6 +14708,7 @@ proto_register_gsm_a_rr(void)
             { &hf_gsm_a_rr_si13alt_position_present, { "SI3 alt position", "gsm_a.rr.si13alt_position.present", FT_BOOLEAN, BASE_NONE, TFS(&tfs_present_not_present), 0x00, NULL, HFILL }},
             { &hf_gsm_a_call_prio_present, { "Call Priority", "gsm_a.call_prio.present", FT_BOOLEAN, BASE_NONE, TFS(&tfs_present_not_present), 0x00, NULL, HFILL }},
             { &hf_gsm_a_rr_amr_config_present, { "AMR Config", "gsm_a.rr.amr_config.present", FT_BOOLEAN, BASE_NONE, TFS(&tfs_present_not_present), 0x00, NULL, HFILL }},
+            { &hf_gsm_a_rr_rand_bit_stream_ind, { "Random Bit Stream", "gsm_a.rr.rand_bit_stream.ind", FT_BOOLEAN, BASE_NONE, TFS(&tfs_present_not_present), 0x00, NULL, HFILL }},
             { &hf_gsm_a_rr_rfl_number_present, { "RFL number list", "gsm_a.rr.rfl_number.present", FT_BOOLEAN, BASE_NONE, TFS(&tfs_present_not_present), 0x00, NULL, HFILL }},
             { &hf_gsm_a_rr_gprs_mobile_allocation, { "MA", "gsm_a.rr.gprs_mobile_allocation", FT_BOOLEAN, BASE_NONE, TFS(&tfs_not_present_present), 0x00, NULL, HFILL }},
             { &hf_gsm_a_rr_arfcn_index_list, { "ARFCN index list", "gsm_a.rr.arfcn_index_list", FT_BOOLEAN, BASE_NONE, TFS(&tfs_present_not_present), 0x00, NULL, HFILL }},