gmm: Forward forth and back the P-TMSI signature

Change-Id: Ibf12589e7d3029f80b4ced99992155deb9dba036

include/osmocom/gprs/gmm/gmm_prim.h

@@ -105,6 +105,7 @@ struct osmo_gprs_gmm_gmmreg_prim {
 		struct {
 			enum osmo_gprs_gmm_attach_type attach_type;
 			uint32_t ptmsi;
+			uint32_t ptmsi_sig;
 			bool attach_with_imsi;
 			char imsi[OSMO_IMSI_BUF_SIZE];
 			char imei[GSM23003_IMEI_NUM_DIGITS + 1];
@@ -119,6 +120,7 @@ struct osmo_gprs_gmm_gmmreg_prim {
 				struct {
 					/* PLMNs MT-caps, attach-type. */
 					uint32_t allocated_ptmsi;
+					uint32_t allocated_ptmsi_sig;
 					uint32_t allocated_tlli;
 					struct gprs_ra_id rai;
 				} acc;
@@ -211,6 +213,7 @@ struct osmo_gprs_gmm_gmmsm_prim {
 		struct {
 			enum osmo_gprs_gmm_attach_type attach_type;
 			uint32_t ptmsi;
+			uint32_t ptmsi_sig;
 			bool attach_with_imsi;
 			char imsi[OSMO_IMSI_BUF_SIZE];
 			char imei[GSM23003_IMEI_NUM_DIGITS + 1];
@@ -225,6 +228,7 @@ struct osmo_gprs_gmm_gmmsm_prim {
 				struct {
 					/* PLMNs MT-caps, attach-type. */
 					uint32_t allocated_ptmsi;
+					uint32_t allocated_ptmsi_sig;
 					uint32_t allocated_tlli;
 					struct gprs_ra_id rai;
 				} acc;

include/osmocom/gprs/gmm/gmm_private.h

@@ -56,6 +56,7 @@ struct gprs_gmm_entity {
 
 	struct gprs_gmm_ms_fsm_ctx ms_fsm;
 	uint32_t sess_id; /* Used to identify the GMME in GMMSM SAP */
+	uint32_t ptmsi_sig; /* 3 bytes */
 	uint32_t ptmsi;
 	uint32_t old_ptmsi;
 	uint32_t tlli;

src/gmm/gmm.c

@@ -150,6 +150,7 @@ struct gprs_gmm_entity *gprs_gmm_gmme_alloc(uint32_t ptmsi, const char *imsi)
 	}
 
 	gmme->sess_id = GPRS_GMM_SESS_ID_UNASSIGNED;
+	gmme->ptmsi_sig = GSM_RESERVED_TMSI;
 	gmme->ptmsi = ptmsi;
 	gmme->old_ptmsi = GSM_RESERVED_TMSI;
 	gmme->old_tlli = GPRS_GMM_TLLI_UNASSIGNED;
@@ -288,6 +289,7 @@ int gprs_gmm_submit_gmmreg_attach_cnf(struct gprs_gmm_entity *gmme, bool accepte
 	gmm_prim_tx->gmmreg.attach_cnf.accepted = accepted;
 	if (accepted) {
 		gmm_prim_tx->gmmreg.attach_cnf.acc.allocated_ptmsi = gmme->ptmsi;
+		gmm_prim_tx->gmmreg.attach_cnf.acc.allocated_ptmsi_sig = gmme->ptmsi_sig;
 		gmm_prim_tx->gmmreg.attach_cnf.acc.allocated_tlli = gmme->tlli;
 		memcpy(&gmm_prim_tx->gmmreg.attach_cnf.acc.rai, &gmme->ra, sizeof(gmme->ra));
 	} else {
@@ -333,6 +335,7 @@ int gprs_gmm_submit_gmmsm_establish_cnf(struct gprs_gmm_entity *gmme, bool accep
 	gmm_prim_tx = gprs_gmm_prim_alloc_gmmsm_establish_cnf(gmme->sess_id, cause);
 	if (accepted) {
 		gmm_prim_tx->gmmsm.establish_cnf.acc.allocated_ptmsi = gmme->ptmsi;
+		gmm_prim_tx->gmmsm.establish_cnf.acc.allocated_ptmsi_sig = gmme->ptmsi_sig;
 		gmm_prim_tx->gmmsm.establish_cnf.acc.allocated_tlli = gmme->tlli;
 		memcpy(&gmm_prim_tx->gmmsm.establish_cnf.acc.rai, &gmme->ra, sizeof(gmme->ra));
 	}
@@ -562,6 +565,13 @@ static int gprs_gmm_rx_att_ack(struct gprs_gmm_entity *gmme, struct gsm48_hdr *g
 			goto rejected;
 		}
 
+		if (TLVP_PRESENT(&tp, GSM48_IE_GMM_PTMSI_SIG)) {
+			const uint8_t *ptmsi_sig = TLVP_VAL(&tp, GSM48_IE_GMM_PTMSI_SIG);
+			gmme->ptmsi_sig = (ptmsi_sig[0] << 8) | (ptmsi_sig[1] << 4) | ptmsi_sig[2];
+		} else {
+			gmme->ptmsi_sig = GSM_RESERVED_TMSI;
+		}
+
 		if (TLVP_PRESENT(&tp, GSM48_IE_GMM_ALLOC_PTMSI)) {
 			struct osmo_mobile_identity mi;
 			if (osmo_mobile_identity_decode(&mi, TLVP_VAL(&tp, GSM48_IE_GMM_ALLOC_PTMSI),

src/gmm/gmm_pdu.c

@@ -230,6 +230,12 @@ int gprs_gmm_build_attach_req(struct gprs_gmm_entity *gmme,
 
 	/* TODO: optional fields */
 
+	/* 10.5.5.8 Old P-TMSI signature: */
+	if (!attach_with_imsi && gmme->ptmsi != GSM_RESERVED_TMSI) {
+		uint8_t ptmsi_sig[3] = { gmme->ptmsi_sig >> 16, gmme->ptmsi_sig >> 8, gmme->ptmsi_sig };
+		msgb_tv_fixed_put(msg, GSM48_IE_GMM_PTMSI_SIG, sizeof(ptmsi_sig), ptmsi_sig);
+	}
+
 	/* 9.4.1.13 P-TMSI type: The MS shall include this IE if the
 	 * type of identity in the Mobile identity IE is set to
 	 * "TMSI/P-TMSI/M-TMSI". */

src/gmm/gmm_prim.c

@@ -386,6 +386,7 @@ static int gprs_gmm_prim_handle_gmmreg_attach_req(struct osmo_gprs_gmm_prim *gmm
 	if (gmm_prim->gmmreg.attach_req.imeisv[0] != '\0')
 		OSMO_STRLCPY_ARRAY(gmme->imeisv, gmm_prim->gmmreg.attach_req.imeisv);
 	memcpy(&gmme->ra, &gmm_prim->gmmreg.attach_req.old_rai, sizeof(gmme->ra));
+	gmme->ptmsi_sig = gmm_prim->gmmreg.attach_req.ptmsi_sig;
 
 	rc = gprs_gmm_ms_fsm_ctx_request_attach(&gmme->ms_fsm,
 						gmm_prim->gmmreg.attach_req.attach_type,
@@ -488,6 +489,7 @@ static int gprs_gmm_prim_handle_gmmsm_establish_req(struct osmo_gprs_gmm_prim *g
 	OSMO_ASSERT(gmme);
 	/* Identify this GMME with this sess_id in GMMSM SAP from now on: */
 	gmme->sess_id = gmm_prim->gmmsm.sess_id;
+	gmme->ptmsi_sig = gmm_prim->gmmsm.establish_req.ptmsi_sig;
 
 	if (gmme->ms_fsm.fi->state == GPRS_GMM_MS_ST_REGISTERED) {
 		rc = gprs_gmm_submit_gmmsm_establish_cnf(gmme, true, 0);

tests/gmm/gmm_prim_test.c

@@ -157,9 +157,10 @@ int test_gmm_prim_up_cb(struct osmo_gprs_gmm_prim *gmm_prim, void *user_data)
 		switch (OSMO_PRIM_HDR(&gmm_prim->oph)) {
 		case OSMO_PRIM(OSMO_GPRS_GMM_GMMREG_ATTACH, PRIM_OP_CONFIRM):
 			if (gmm_prim->gmmreg.attach_cnf.accepted) {
-				printf("%s(): Rx %s accepted=%u allocated_ptmsi=0x%08x\n", __func__, pdu_name,
+				printf("%s(): Rx %s accepted=%u allocated_ptmsi=0x%08x allocated_ptmsi_sig=0x%06x\n", __func__, pdu_name,
 				       gmm_prim->gmmreg.attach_cnf.accepted,
-				       gmm_prim->gmmreg.attach_cnf.acc.allocated_ptmsi);
+				       gmm_prim->gmmreg.attach_cnf.acc.allocated_ptmsi,
+				       gmm_prim->gmmreg.attach_cnf.acc.allocated_ptmsi_sig);
 			} else {
 				printf("%s(): Rx %s accepted=%u rej_cause=%u\n", __func__, pdu_name,
 				       gmm_prim->gmmreg.attach_cnf.accepted,
@@ -283,6 +284,7 @@ static void test_gmm_prim_ms_gmmreg(void)
 	struct osmo_gprs_llc_prim *llc_prim;
 	int rc;
 	uint32_t ptmsi = 0x00001234;
+	uint32_t ptmsi_sig = 0x556677;
 	uint32_t rand_tlli = 0x80001234;
 	char *imsi = "1234567890";
 	char *imei = "42342342342342";
@@ -303,6 +305,7 @@ static void test_gmm_prim_ms_gmmreg(void)
 	OSMO_ASSERT(gmm_prim);
 	gmm_prim->gmmreg.attach_req.attach_type = OSMO_GPRS_GMM_ATTACH_TYPE_GPRS;
 	gmm_prim->gmmreg.attach_req.ptmsi = ptmsi;
+	gmm_prim->gmmreg.attach_req.ptmsi_sig = ptmsi_sig;
 	OSMO_STRLCPY_ARRAY(gmm_prim->gmmreg.attach_req.imsi, imsi);
 	OSMO_STRLCPY_ARRAY(gmm_prim->gmmreg.attach_req.imei, imei);
 	OSMO_STRLCPY_ARRAY(gmm_prim->gmmreg.attach_req.imeisv, imeisv);
@@ -366,6 +369,7 @@ static void test_gmm_prim_ms_gmmsm(void)
 	struct osmo_gprs_llc_prim *llc_prim;
 	int rc;
 	uint32_t ptmsi = 0x00001234;
+	uint32_t ptmsi_sig = 0x556677;
 	uint32_t rand_tlli = 0x80001234;
 	char *imsi = "1234567890";
 	char *imei = "42342342342342";
@@ -388,6 +392,7 @@ static void test_gmm_prim_ms_gmmsm(void)
 	OSMO_ASSERT(gmm_prim);
 	gmm_prim->gmmsm.establish_req.attach_type = OSMO_GPRS_GMM_ATTACH_TYPE_GPRS;
 	gmm_prim->gmmsm.establish_req.ptmsi = ptmsi;
+	gmm_prim->gmmsm.establish_req.ptmsi_sig = ptmsi_sig;
 	OSMO_STRLCPY_ARRAY(gmm_prim->gmmsm.establish_req.imsi, imsi);
 	OSMO_STRLCPY_ARRAY(gmm_prim->gmmsm.establish_req.imei, imei);
 	OSMO_STRLCPY_ARRAY(gmm_prim->gmmsm.establish_req.imeisv, imeisv);

tests/gmm/gmm_prim_test.ok

@@ -1,5 +1,5 @@
 ==== test_gmm_prim_ms_gmmreg() [start] ====
-test_gmm_prim_llc_down_cb(): Rx LL-UNITDATA.request TLLI=0x80001234 SAPI=GMM l3=[08 01 04 97 07 00 00 01 0a 00 05 f4 00 00 12 34 00 f0 00 00 00 00 00 e1 ]
+test_gmm_prim_llc_down_cb(): Rx LL-UNITDATA.request TLLI=0x80001234 SAPI=GMM l3=[08 01 04 97 07 00 00 01 0a 00 05 f4 00 00 12 34 00 f0 00 00 00 00 00 19 55 66 77 e1 ]
 test_gmm_prim_llc_down_cb(): Rx LL-UNITDATA.request TLLI=0x80001234 SAPI=GMM l3=[08 16 08 42 32 24 43 32 24 43 f2 ]
 test_gmm_prim_up_cb(): Rx GMMREG-SIM_AUTH.indication ac_ref_nr=2 key_seq=0 rand=e2 a6 f3 f8 bb 9e a7 01 e0 ce 4f 33 64 a9 91 75 
 test_gmm_prim_llc_down_cb(): Rx LLGMM-ASSIGN.request old_TLLI=0xffffffff new_TLLI=0x80001234
@@ -7,13 +7,13 @@ test_gmm_prim_llc_down_cb(): Rx LL-UNITDATA.request TLLI=0x80001234 SAPI=GMM l3=
 test_gmm_prim_llc_down_cb(): Rx LLGMM-ASSIGN.request old_TLLI=0x80001234 new_TLLI=0xea711b41
 test_gmm_prim_down_cb(): Rx GMRR-ASSIGN.request old_tlli=0x80001234 new_tlli=0xea711b41
 test_gmm_prim_llc_down_cb(): Rx LL-UNITDATA.request TLLI=0xea711b41 SAPI=GMM l3=[08 03 ]
-test_gmm_prim_up_cb(): Rx GMMREG-ATTACH.confirm accepted=1 allocated_ptmsi=0xea711b41
+test_gmm_prim_up_cb(): Rx GMMREG-ATTACH.confirm accepted=1 allocated_ptmsi=0xea711b41 allocated_ptmsi_sig=0xffffffff
 test_gmm_prim_llc_down_cb(): Rx LL-UNITDATA.request TLLI=0xea711b41 SAPI=GMM l3=[08 05 20 0a 00 05 f4 ea 71 1b 41 ]
 test_gmm_prim_llc_down_cb(): Rx LLGMM-ASSIGN.request old_TLLI=0xea711b41 new_TLLI=0xffffffff
 test_gmm_prim_up_cb(): Rx GMMREG-DETACH.confirm detach_type='GPRS detach'
 ==== test_gmm_prim_ms_gmmreg() [end] ====
 ==== test_gmm_prim_ms_gmmsm() [start] ====
-test_gmm_prim_llc_down_cb(): Rx LL-UNITDATA.request TLLI=0x80001234 SAPI=GMM l3=[08 01 04 97 07 00 00 01 0a 00 05 f4 00 00 12 34 00 f0 00 00 00 00 00 e1 ]
+test_gmm_prim_llc_down_cb(): Rx LL-UNITDATA.request TLLI=0x80001234 SAPI=GMM l3=[08 01 04 97 07 00 00 01 0a 00 05 f4 00 00 12 34 00 f0 00 00 00 00 00 19 55 66 77 e1 ]
 test_gmm_prim_llc_down_cb(): Rx LL-UNITDATA.request TLLI=0x80001234 SAPI=GMM l3=[08 16 08 42 32 24 43 32 24 43 f2 ]
 test_gmm_prim_up_cb(): Rx GMMREG-SIM_AUTH.indication ac_ref_nr=2 key_seq=0 rand=e2 a6 f3 f8 bb 9e a7 01 e0 ce 4f 33 64 a9 91 75 
 test_gmm_prim_llc_down_cb(): Rx LLGMM-ASSIGN.request old_TLLI=0xffffffff new_TLLI=0x80001234