Currently the state is assumed to remain the same while the reset
procedure is active. While this works correctly in general, a single
unexpected BLOCK_ACK or UNBLOCK_ACK can change the state but will not
stop the reset procedure. The leads to repeated RESET messages, where
the corresponding RESET_ACK is ignored. This is a stable state which
can only be left by manual intervention or by reception of a RESET
message from the peer.
This commit changes the RESET timeout handler to set the state to
BLOCKED/RESET when sending the new NS RESET message.
Note that this should ensure a clean restart even if the state has been
screwed up. It does not fix the handling of BLOCK_ACK or UNBLOCK_ACK
in abnormal cases.
Addresses:
gprs_ns.c:349 NSEI=8895 Tx NS RESET (NSVCI=8895, cause=O&M intervention)
gprs_ns.c:878 NSVCI=8895 Rx NS RESET ACK (NSEI=8895, NSVCI=8895)
gprs_ns.c:887 NS RESET ACK Discarding unexpected message for NS-VCI 8895 from SGSN NSEI=8895
Ticket: OW#1551
Sponsored-by: On-Waves ehf
Currently incoming BSSGP STATUS messages are just logged and no other
action is taken. This makes it impossible for higher layers to react
to failures which are indicated by corresponding STATUS messages
unless a timeout is triggered as a result of that failure later on.
This commit adds a bssgp_rx_status() function and calls it on
incoming STATUS messages. That function logs a message, increments the
new BSSGP_CTR_STATUS counter if the bctx context exists and invokes
an NM_STATUS status indication. The latter will allow the application
to handle failures immediately. Since all STATUS messages should be
handled, the function is already called in bssgp_rcvmsg and the
message is no longer handled in (and will not reach) bssgp_rx_sign
and bssgp_rx_ptp.
Ticket: OW#1414
Sponsored-by: On-Waves ehf
Currently each incoming PtP BSSGP STATUS message is handled as 'not
yet implemented' and a BSSGP STATUS message (cause
BSSGP_CAUSE_PROTO_ERR_UNSPEC) is sent back to the peer. This will
cause endless messages loops if both peers use this BSSGP stack
implementation. This does not apply to signalling messages.
This commit changes the implementation of bssgp_rx_ptp() to just do
logging in this case.
Sponsored-by: On-Waves ehf
Currently this command segfaults (at least when ASAN is enabled),
because when getting the NSEI the index to argv is wrong and out of
bounds.
This patch fixes the offset.
Sponsored-by: On-Waves ehf
Currently sending SUSPEND/RESUME messages to this function (like it
is done in the osmo-sgsn) results in STATUS messages complaining
about an unknown BVCI. The reason is, that these messages rely on a
TLLI/RAI pair to identify the context and do not contain an explicit
BVCI.
This patch modifies bssgp_rcvmsg() to only complain about and unknown
BVCI if one is given but a matching context is not found (except for
RESET messages). The ctx argument is removed from the functions
handling SUSPEND and RESUME since it will always be NULL then.
Sponsored-by: On-Waves ehf
Currently the NS-VC's state is updated from within gprs_ns_tx_reset,
which can lead to an inconsistent state when the RESET_ACK is lost.
In this state, the NSE_S_RESET bit is set but the Tns-reset timer is
not started.
This patch moves the state update into gprs_nsvc_reset. This way, the
state flags are consistent with the timer.
Addresses:
SGSN -> BSS NS_ALIVE
BSS -> SGSN NS_ALIVE_ACK
BSS -> SGSN BVC_RESET
SGSN -> BSS NS_STATUS, Cause: NS-VC blocked, NS VCI: 0x65
and there is no BSS->SGSN NS_ALIVE
Ticket: OW#1213
Sponsored-by: On-Waves ehf
Currently gprs_nsvc_reset does not return any value.
This patch changes the function to return an integer, where a value
less than zero indicates an error. The value is taken from the
gprs_ns_tx_reset function. In case of failure, an error message is logged.
Sponsored-by: On-Waves ehf
the bits/crc files are not inside the sourcedirectory but will end
in the build directory. Go and look there as well. This somehow
doesn't fail with make distcheck but when building for Yocto Dizzy.
Currently the bssgph field is not set when using the bssgp_tx_*
functions. This hinders unit testing of generated messages.
This patch initializes the bssgph field directly after allocation a
new bssgp msgb in bssgp_msgb_alloc() so that it is set by default.
Sponsored-by: On-Waves ehf
Currently BSSGP messages with an NS BVCI of 0 (signalling) are
discarded if they aren't RESET messages. Thus valid signalling
messages (e.g. BLOCK) are not handled properly, because the BVCI IE
is ignored if it present. Instead a STATUS message referring to BVCI
0 (instead of the BVCI used in the BLOCK message) is returned.
This patch changes the implementation to use the BVCI contained in
the BVCI IE if that is present in a signalling message.
It fixes BSSGP BLOCK/UNBLOCK for the osmo-sgsn.
Note that signalling messages without an BVCI IE (e.g.
SUSPEND/RESUME) are still rejected.
Ticket: OW#1205
Sponsored-by: On-Waves ehf
Currently the BVCI is not set in all invocations to bssgp_tx_status()
when the cause is UNKNOWN_BVCI.
This patch adds the argument where it is missing.
It also adds a check for compliance (GSM 08.18, 10.4.14.1) to
bssgp_tx_status() to emit errors when the following requirement is
not fulfilled: The BVCI must be included if (and only if) the cause
is either "BVCI blocked" or "BVCI unknown".
Sponsored-by: On-Waves ehf
Sometimes a control interface command cannot be processed
and responded immediately, but we need to process it asynchronously.
In order to support this, we introduce the 'ctrl_cmd_def', which
represents such a deferred command. It is created by the service
implementing the command using ctrl_cmd_def_make(), and a response is
later sent using ctrl_cmd_def_send().
ctrl_cmd_def_is_zombie() must be called to handle the case where
the control connection has disconnected/died between receiving the
command and sending the response.
The control interface user now only has to register a very short
node lookup function callback. This function is optional, and only
required if hierarchical command lookup should be supported.
Instead of using one flat talloc context (and one that is specific to
openbsc), we should attach the objects to whatever parent context they
are being used in.
The element following the identifier list was the
GSM0808_IE_LSA_INFORMATION. It is a TLV type as well
and the issue got introduced in
92107dfd3b.
Fixes:
gsm0808.c:316:40: warning: initializer overrides prior initialization of this subobject
[-Winitializer-overrides]
[GSM0808_IE_LSA_IDENTIFIER_LIST] = { TLV_TYPE_TLV },
^~~~~~~~~~~~
gsm0808.c:315:40: note: previous initialization is here
[GSM0808_IE_LSA_IDENTIFIER_LIST] = { TLV_TYPE_TLV },
There doesn't seem to be a way to share this code with Linux as
it doesn't have the sockaddr_dl concept inside the getifaddrs.
I manually verified this on a FreeBSD10 box and hex decoding gave
me the correct mac address and rc was 0.
As we are breaking builds by moving functions from libosmo-abis to
libosmocore anyway, we might as well give functions more appropriate
names. ipaccess is a company, while IPA is the multiplex protocol, and
CCM is the protocol used for establishing identities on the IPA
multiplex.
libosmo-abis is about forming A-bis interfaces/lines by means
of E1 or the IPA multiplex (or possibly other link layers).
The IPA multiplex is used in other contexts, such as the Control
interface, or the A interface. In that context, it makes sense to
have generic IPA related functions in libosmocore.
Fix re-initialize issue of the GPRS NS. This was found while
working on the GB Proxy tests.
==27800== Invalid write of size 4
==27800== at 0x403C263: rate_ctr_group_alloc (linuxlist.h:65)
==27800== by 0x4050974: gprs_nsvc_create (gprs_ns.c:209)
==27800== by 0x405320D: gprs_ns_instantiate (gprs_ns.c:1330)
==27800== by 0x804B212: main (gbproxy_test.c:797)
==27800== Address 0x434173c is 52 bytes inside a block of size 784 free'd
==27800== at 0x4029DA8: free (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==27800== by 0x4041BBD: _talloc_free (talloc.c:609)
==27800== by 0x40432B2: talloc_free (talloc.c:578)
==27800== by 0x40532D3: gprs_ns_destroy (gprs_ns.c:1363)
==27800== by 0x804B1FE: main (gbproxy_test.c:791)
If the read callback closes the connection conn is already freed so we
can't derefernce it. Instead return -EBADFD in the read function if it
closed the connection and check for that.
If the FD is both readable and writable and the read callback closes the
connection (and frees the surrounding structure) we shouldn't call the
write callback (or check anything else in the read fd).
With this patch callback functions can return -EBADFD if they don't want
the FD to be handled any more.
This adds support for A-over-IP and LCLS related message/IEI
definitions.
Old definitions are in decimal, which is very hard (at least for me)
to compare with the binary tables in the spec. Hex is much easier
to manually compare for completeness/correctness. I didn't touch
the existing definitions, but think they should move to hex, too.
The code is lacking a "," at the end of a string and we ended up
doing string concatination instead of having an invalid state.
Fixes Coverity CID 1206564
The code would have used an uninitialized current_time in case
"now" was not NULL. As now is const and timersub expects a non
const parameter I decided to copy now into current_time.
Fixes: CID #1040661
Rename NM_ATT_O_REDUCEPOWER to NM_ATT_OSMO_REDUCEPOWER, which
makes it more clear that this is an osmcoom specific attribute.
Also, we cannot simply overload 0x01 as an already defined OML
attribute. The problem is quite simple: When we use abis_nm_att_tlvdef
during the TLV parse, 0x01 will match to NM_ATT_ABIS_CHANNEL,
which is defined as { TLV_TYPE_FIXED, 3 }.
So instead, we need to introduce a new abis_nm_osmo_att_tlvdef[],
which has to be patched into abis_nm_att_tlvdef[] by the means of
tlv_def_patch(), exactly how we do it for bs-11 and nanobts specific
attributes.
I'm using 0xfe for the attribute, as 0xfe doesn't overlap with the IPA
specific attribues (and we might want to combine/merge the 12.21 plus
IPA plus osmocom spefici attributes)