From 1683dd11e76f01760665ab15cd9204fa19923238 Mon Sep 17 00:00:00 2001 From: Darien Spencer Date: Thu, 30 Nov 2017 20:20:29 +0200 Subject: [PATCH] RRC: Improve C-RNTI resolving Now also trying to resolve C-RNTIs in FACH from the global RNTIs map Change-Id: If9ce5b73d6855271c15001fd73d8acaaaf9d1864 Reviewed-on: https://code.wireshark.org/review/24665 Reviewed-by: Pascal Quantin Petri-Dish: Pascal Quantin Tested-by: Petri Dish Buildbot Reviewed-by: Michael Mann --- .../dissectors/asn1/rrc/packet-rrc-template.c | 4 +- .../dissectors/asn1/rrc/packet-rrc-template.h | 2 +- epan/dissectors/asn1/rrc/rrc.cnf | 5 ++- epan/dissectors/packet-rrc.c | 43 ++++++++++--------- epan/dissectors/packet-rrc.h | 2 +- epan/dissectors/packet-umts_fp.h | 1 + epan/dissectors/packet-umts_mac.c | 39 ++++++++++------- 7 files changed, 54 insertions(+), 42 deletions(-) diff --git a/epan/dissectors/asn1/rrc/packet-rrc-template.c b/epan/dissectors/asn1/rrc/packet-rrc-template.c index d190d1c8f4..d891866dfc 100644 --- a/epan/dissectors/asn1/rrc/packet-rrc-template.c +++ b/epan/dissectors/asn1/rrc/packet-rrc-template.c @@ -65,7 +65,7 @@ extern int proto_umts_rlc; /*Handler to RLC*/ GTree * hsdsch_muxed_flows = NULL; GTree * rrc_ciph_info_tree = NULL; -wmem_tree_t* rrc_rach_urnti_crnti_map = NULL; +wmem_tree_t* rrc_global_urnti_crnti_map = NULL; static int msg_type _U_; /*****************************************************************************/ @@ -462,7 +462,7 @@ rrc_init(void) { rrc_free_value); /* Global U-RNTI / C-RNTI map to be used in RACH channels */ - rrc_rach_urnti_crnti_map = wmem_tree_new_autoreset(wmem_epan_scope(), wmem_file_scope()); + rrc_global_urnti_crnti_map = wmem_tree_new_autoreset(wmem_epan_scope(), wmem_file_scope()); } static void diff --git a/epan/dissectors/asn1/rrc/packet-rrc-template.h b/epan/dissectors/asn1/rrc/packet-rrc-template.h index f6c287c57c..bb0e5e3662 100644 --- a/epan/dissectors/asn1/rrc/packet-rrc-template.h +++ b/epan/dissectors/asn1/rrc/packet-rrc-template.h @@ -60,6 +60,6 @@ typedef struct rrc_ciphering_info extern GTree * hsdsch_muxed_flows; extern GTree * rrc_ciph_info_tree; -extern wmem_tree_t* rrc_rach_urnti_crnti_map; +extern wmem_tree_t* rrc_global_urnti_crnti_map; #endif /* PACKET_RRC_H */ diff --git a/epan/dissectors/asn1/rrc/rrc.cnf b/epan/dissectors/asn1/rrc/rrc.cnf index 4837a7c887..b677d67674 100644 --- a/epan/dissectors/asn1/rrc/rrc.cnf +++ b/epan/dissectors/asn1/rrc/rrc.cnf @@ -1069,9 +1069,10 @@ HNBName TYPE=FT_STRING DISPLAY=STR_UNICODE return offset; /* Both U-RNTI and C-RNTI present - storing the match*/ - fp_crnti_allocation_info = wmem_new0(wmem_file_scope(), fp_crnti_allocation_info_t); + fp_crnti_allocation_info = wmem_new(wmem_file_scope(), fp_crnti_allocation_info_t); fp_crnti_allocation_info->urnti = u_rnti; fp_crnti_allocation_info->alloc_frame_number = actx->pinfo->num; + fp_crnti_allocation_info->global_retrieval_count = 0; /* Finding FP conversation info */ p_conv = (conversation_t *)find_conversation(actx->pinfo->num, &actx->pinfo->net_dst, &actx->pinfo->net_src, @@ -1090,7 +1091,7 @@ HNBName TYPE=FT_STRING DISPLAY=STR_UNICODE } /* Also adding the C-RNTI / U-RNTI match to the global RNTIs map for the RACH channel */ - wmem_tree_insert32(rrc_rach_urnti_crnti_map, c_rnti, (void *)fp_crnti_allocation_info); + wmem_tree_insert32(rrc_global_urnti_crnti_map, c_rnti, (void *)fp_crnti_allocation_info); #.FN_BODY UL-ScramblingCode VAL_PTR = &scrambling_code guint32 scrambling_code; diff --git a/epan/dissectors/packet-rrc.c b/epan/dissectors/packet-rrc.c index 3cd1dbd07c..1487918251 100644 --- a/epan/dissectors/packet-rrc.c +++ b/epan/dissectors/packet-rrc.c @@ -73,7 +73,7 @@ extern int proto_umts_rlc; /*Handler to RLC*/ GTree * hsdsch_muxed_flows = NULL; GTree * rrc_ciph_info_tree = NULL; -wmem_tree_t* rrc_rach_urnti_crnti_map = NULL; +wmem_tree_t* rrc_global_urnti_crnti_map = NULL; static int msg_type _U_; /*****************************************************************************/ @@ -18577,7 +18577,7 @@ dissect_rrc_ActivationTime(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _ static int dissect_rrc_RB_Identity(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1275 "./asn1/rrc/rrc.cnf" +#line 1276 "./asn1/rrc/rrc.cnf" guint32 rbid; offset = dissect_per_constrained_integer(tvb, offset, actx, tree, hf_index, 1U, 32U, &rbid, FALSE); @@ -18594,7 +18594,7 @@ private_data_set_rbid(actx, rbid); static int dissect_rrc_RLC_SequenceNumber(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1281 "./asn1/rrc/rrc.cnf" +#line 1282 "./asn1/rrc/rrc.cnf" guint32 rlc_ciphering_sqn; offset = dissect_per_constrained_integer(tvb, offset, actx, tree, hf_index, 0U, 4095U, &rlc_ciphering_sqn, FALSE); @@ -18615,7 +18615,7 @@ static const per_sequence_t RB_ActivationTimeInfo_sequence[] = { static int dissect_rrc_RB_ActivationTimeInfo(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1247 "./asn1/rrc/rrc.cnf" +#line 1248 "./asn1/rrc/rrc.cnf" fp_info *fpinf; rlc_info *rlcinf; rrc_ciphering_info *ciphering_info; @@ -22593,7 +22593,7 @@ dissect_rrc_SSDT_UL(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, pro static int dissect_rrc_CellIdentity(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1101 "./asn1/rrc/rrc.cnf" +#line 1102 "./asn1/rrc/rrc.cnf" tvbuff_t * cell_id_tvb = NULL; proto_item *temp_ti; proto_tree *cell_identity_tree; @@ -22818,7 +22818,7 @@ dissect_rrc_T_r3(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_ static int dissect_rrc_H_RNTI(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1189 "./asn1/rrc/rrc.cnf" +#line 1190 "./asn1/rrc/rrc.cnf" tvbuff_t *hrnti_tvb; struct rrc_info *rrcinf; offset = dissect_per_bit_string(tvb, offset, actx, tree, hf_index, @@ -22827,7 +22827,7 @@ dissect_rrc_H_RNTI(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, prot -#line 1194 "./asn1/rrc/rrc.cnf" +#line 1195 "./asn1/rrc/rrc.cnf" rrcinf = (struct rrc_info *)p_get_proto_data(wmem_file_scope(), actx->pinfo, proto_rrc, 0); if (!rrcinf) { rrcinf = wmem_new0(wmem_file_scope(), struct rrc_info); @@ -28327,7 +28327,7 @@ dissect_rrc_ScramblingCodeType(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *ac static int dissect_rrc_UL_ScramblingCode(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1096 "./asn1/rrc/rrc.cnf" +#line 1097 "./asn1/rrc/rrc.cnf" guint32 scrambling_code; offset = dissect_per_constrained_integer(tvb, offset, actx, tree, hf_index, 0U, 16777215U, &scrambling_code, FALSE); @@ -39120,9 +39120,10 @@ dissect_rrc_C_RNTI(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, prot return offset; /* Both U-RNTI and C-RNTI present - storing the match*/ - fp_crnti_allocation_info = wmem_new0(wmem_file_scope(), fp_crnti_allocation_info_t); + fp_crnti_allocation_info = wmem_new(wmem_file_scope(), fp_crnti_allocation_info_t); fp_crnti_allocation_info->urnti = u_rnti; fp_crnti_allocation_info->alloc_frame_number = actx->pinfo->num; + fp_crnti_allocation_info->global_retrieval_count = 0; /* Finding FP conversation info */ p_conv = (conversation_t *)find_conversation(actx->pinfo->num, &actx->pinfo->net_dst, &actx->pinfo->net_src, @@ -39141,7 +39142,7 @@ dissect_rrc_C_RNTI(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, prot } /* Also adding the C-RNTI / U-RNTI match to the global RNTIs map for the RACH channel */ - wmem_tree_insert32(rrc_rach_urnti_crnti_map, c_rnti, (void *)fp_crnti_allocation_info); + wmem_tree_insert32(rrc_global_urnti_crnti_map, c_rnti, (void *)fp_crnti_allocation_info); @@ -46180,7 +46181,7 @@ dissect_rrc_RLC_Info_r5(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, static int dissect_rrc_MAC_d_FlowIdentity(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1186 "./asn1/rrc/rrc.cnf" +#line 1187 "./asn1/rrc/rrc.cnf" offset = dissect_per_constrained_integer(tvb, offset, actx, tree, hf_index, 0U, 7U, &flowd, FALSE); @@ -46228,7 +46229,7 @@ static const per_choice_t DL_TransportChannelType_r5_choice[] = { static int dissect_rrc_DL_TransportChannelType_r5(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1115 "./asn1/rrc/rrc.cnf" +#line 1116 "./asn1/rrc/rrc.cnf" /*Here we try to figure out which HS-DSCH channels are multiplexed*/ guint *flowd_p; guint *cur_val=NULL; @@ -49702,7 +49703,7 @@ static const per_choice_t DL_TransportChannelType_r7_choice[] = { static int dissect_rrc_DL_TransportChannelType_r7(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1150 "./asn1/rrc/rrc.cnf" +#line 1151 "./asn1/rrc/rrc.cnf" /*Here we try to figure out which HS-DSCH channels are multiplexed*/ guint *flowd_p; guint *cur_val=NULL; @@ -90280,7 +90281,7 @@ static const value_string rrc_ReleaseCause_vals[] = { static int dissect_rrc_ReleaseCause(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1303 "./asn1/rrc/rrc.cnf" +#line 1304 "./asn1/rrc/rrc.cnf" guint32 value; offset = dissect_per_enumerated(tvb, offset, actx, tree, hf_index, 8, &value, FALSE, 0, NULL); @@ -99800,7 +99801,7 @@ static const per_choice_t DL_DCCH_MessageType_choice[] = { static int dissect_rrc_DL_DCCH_MessageType(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1286 "./asn1/rrc/rrc.cnf" +#line 1287 "./asn1/rrc/rrc.cnf" offset = dissect_per_choice(tvb, offset, actx, tree, hf_index, ett_rrc_DL_DCCH_MessageType, DL_DCCH_MessageType_choice, &msg_type); @@ -99820,7 +99821,7 @@ static const per_sequence_t DL_DCCH_Message_sequence[] = { static int dissect_rrc_DL_DCCH_Message(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1289 "./asn1/rrc/rrc.cnf" +#line 1290 "./asn1/rrc/rrc.cnf" offset = dissect_per_sequence(tvb, offset, actx, tree, hf_index, ett_rrc_DL_DCCH_Message, DL_DCCH_Message_sequence); @@ -99834,7 +99835,7 @@ dissect_rrc_DL_DCCH_Message(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx static int dissect_rrc_START_Value(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1202 "./asn1/rrc/rrc.cnf" +#line 1203 "./asn1/rrc/rrc.cnf" tvbuff_t * start_val; fp_info *fpinf; rlc_info *rlcinf; @@ -129619,7 +129620,7 @@ static const per_choice_t HandoverToUTRANCommand_choice[] = { static int dissect_rrc_HandoverToUTRANCommand(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1292 "./asn1/rrc/rrc.cnf" +#line 1293 "./asn1/rrc/rrc.cnf" offset = dissect_per_choice(tvb, offset, actx, tree, hf_index, ett_rrc_HandoverToUTRANCommand, HandoverToUTRANCommand_choice, NULL); @@ -129760,7 +129761,7 @@ static const per_sequence_t UE_SecurityInformation_sequence[] = { static int dissect_rrc_UE_SecurityInformation(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1295 "./asn1/rrc/rrc.cnf" +#line 1296 "./asn1/rrc/rrc.cnf" private_data_set_cn_domain(actx, RRC_NAS_SYS_INFO_CS); offset = dissect_per_sequence(tvb, offset, actx, tree, hf_index, ett_rrc_UE_SecurityInformation, UE_SecurityInformation_sequence); @@ -130163,7 +130164,7 @@ static const per_sequence_t UE_SecurityInformation2_sequence[] = { static int dissect_rrc_UE_SecurityInformation2(tvbuff_t *tvb _U_, int offset _U_, asn1_ctx_t *actx _U_, proto_tree *tree _U_, int hf_index _U_) { -#line 1299 "./asn1/rrc/rrc.cnf" +#line 1300 "./asn1/rrc/rrc.cnf" private_data_set_cn_domain(actx, RRC_NAS_SYS_INFO_PS); offset = dissect_per_sequence(tvb, offset, actx, tree, hf_index, ett_rrc_UE_SecurityInformation2, UE_SecurityInformation2_sequence); @@ -163265,7 +163266,7 @@ rrc_init(void) { rrc_free_value); /* Global U-RNTI / C-RNTI map to be used in RACH channels */ - rrc_rach_urnti_crnti_map = wmem_tree_new_autoreset(wmem_epan_scope(), wmem_file_scope()); + rrc_global_urnti_crnti_map = wmem_tree_new_autoreset(wmem_epan_scope(), wmem_file_scope()); } static void diff --git a/epan/dissectors/packet-rrc.h b/epan/dissectors/packet-rrc.h index 7e0a553269..309d96ce23 100644 --- a/epan/dissectors/packet-rrc.h +++ b/epan/dissectors/packet-rrc.h @@ -84,6 +84,6 @@ typedef struct rrc_ciphering_info extern GTree * hsdsch_muxed_flows; extern GTree * rrc_ciph_info_tree; -extern wmem_tree_t* rrc_rach_urnti_crnti_map; +extern wmem_tree_t* rrc_global_urnti_crnti_map; #endif /* PACKET_RRC_H */ diff --git a/epan/dissectors/packet-umts_fp.h b/epan/dissectors/packet-umts_fp.h index 7718b7b996..1714f78a6a 100644 --- a/epan/dissectors/packet-umts_fp.h +++ b/epan/dissectors/packet-umts_fp.h @@ -112,6 +112,7 @@ typedef struct fp_crnti_allocation_info_t { guint32 alloc_frame_number; /* Frame where C-RNTI was allocated */ guint32 urnti; /* The U-RNTI to which the C-RNTI was allocated*/ + guint32 global_retrieval_count; /* How many times this alloc info was retrieved for FACH channels*/ } fp_crnti_allocation_info_t; /* Used in the 'channel_specific_info' field for FACH channels */ diff --git a/epan/dissectors/packet-umts_mac.c b/epan/dissectors/packet-umts_mac.c index 174b5934ae..1e9531ed65 100644 --- a/epan/dissectors/packet-umts_mac.c +++ b/epan/dissectors/packet-umts_mac.c @@ -238,6 +238,7 @@ static guint16 tree_add_common_dcch_dtch_fields(tvbuff_t *tvb, packet_info *pinf umts_fp_conversation_info_t *umts_fp_conversation_info = NULL; fp_rach_channel_info_t *fp_rach_channel_info = NULL; fp_fach_channel_info_t *fp_fach_channel_info = NULL; + wmem_tree_t* channel_rnti_map = NULL; guint16 c_rnti; fp_crnti_allocation_info_t *fp_crnti_allocation_info = NULL; @@ -260,35 +261,43 @@ static guint16 tree_add_common_dcch_dtch_fields(tvbuff_t *tvb, packet_info *pinf /* Trying to resolve the U-RNTI for this C-RNTI based on the channel type*/ switch(fpinf->channel){ case CHANNEL_RACH_FDD: - /* In RACH: First look in the channel's RNTIs map */ + /* In RACH: Get the channel's RNTIs map */ if (umts_fp_conversation_info) { fp_rach_channel_info = (fp_rach_channel_info_t *)umts_fp_conversation_info->channel_specific_info; if(fp_rach_channel_info) { - fp_crnti_allocation_info = (fp_crnti_allocation_info_t *)wmem_tree_lookup32(fp_rach_channel_info->crnti_to_urnti_map, c_rnti); - } - } - if(fp_crnti_allocation_info == NULL) { - /* If not found in the channel's map, Look in the global RNTIs map */ - fp_crnti_allocation_info = (fp_crnti_allocation_info_t *)wmem_tree_lookup32(rrc_rach_urnti_crnti_map, c_rnti); - if(fp_crnti_allocation_info != NULL) { - /* If found in the global map, remove and insert to the channel's map*/ - wmem_tree_remove32(rrc_rach_urnti_crnti_map, c_rnti); - if(fp_rach_channel_info) { - wmem_tree_insert32(fp_rach_channel_info->crnti_to_urnti_map, c_rnti, (void *)fp_crnti_allocation_info); - } + channel_rnti_map = fp_rach_channel_info->crnti_to_urnti_map; } } break; case CHANNEL_FACH_FDD: - /* In FACH: Look in the channel's RNTIs map */ + /* In FACH: Get the channel's RNTIs map */ if (umts_fp_conversation_info) { fp_fach_channel_info = (fp_fach_channel_info_t *)umts_fp_conversation_info->channel_specific_info; if(fp_fach_channel_info) { - fp_crnti_allocation_info = (fp_crnti_allocation_info_t *)wmem_tree_lookup32(fp_fach_channel_info->crnti_to_urnti_map, c_rnti); + channel_rnti_map = fp_fach_channel_info->crnti_to_urnti_map; } } break; } + if(channel_rnti_map) { + fp_crnti_allocation_info = (fp_crnti_allocation_info_t *)wmem_tree_lookup32(channel_rnti_map, c_rnti); + } + /* If not found in the RACH/FACH channel's map, Look in the global RNTIs map */ + if(fp_crnti_allocation_info == NULL) { + fp_crnti_allocation_info = (fp_crnti_allocation_info_t *)wmem_tree_lookup32(rrc_global_urnti_crnti_map, c_rnti); + if(fp_crnti_allocation_info != NULL) { + /* If found in the global map, check how many times it was retrieved (including this one) */ + fp_crnti_allocation_info->global_retrieval_count++; + /* If seen 2 times (RACH + fast FACH) remove from global map */ + if(fp_crnti_allocation_info->global_retrieval_count == 2) { + wmem_tree_remove32(rrc_global_urnti_crnti_map, c_rnti); + } + /* Also add to this channel's map for later retrieval */ + if(channel_rnti_map) { + wmem_tree_insert32(channel_rnti_map, c_rnti, (void *)fp_crnti_allocation_info); + } + } + } /* Choosing between resolved U-RNTI (if found) or the C-RNTI as UE-ID for RLC */ if(fp_crnti_allocation_info != NULL) { /* Using U-RNTI */