This change introduces three new classes:
- DATAMSG - abstract class, defines common fields and methods
for any message on DATA interface, e.g. frame and timeslot
numbers, bit conversation methods, etc.
- DATAMSG_L12TRX - a child of DATAMSG, defines a message
coming from L1 to TRX.
- DATAMSG_TRX2L1 - a child of DATAMSG, defines a message
coming from TRX to L1.
Both child classes could be used to generate DATA messages from
known fields (i.e. fn, tn, etc.), and parse them back from
already encoded DATA messages.
Change-Id: Id1c72f0b18fb128acc74d0cd899fb7aab7bd8790
Previously there were multiple definitions of some common GSM
constants in different modules. Let's share them.
Change-Id: Id6cdfbc6e8688755a0df7e44daa512c9afa7dad2
Move corresponding .gitignore entry inside virt-phy to avoid interfering
with other subprojects still using hand-crafted Makefiles.
Change-Id: I19a8661b74ae0b28da51cf2e81f0ca40de76fcbd
This change introduces a new tool, which could be used to sniff a
single connection between L1 and TRX in both directions, filter
captured bursts by direction, timeslot and/or frame number, and
finally write them to a binary file for further analysis.
Sniffing capability is based on Scapy framework, so it should
be installed in order to run this tool. Please also note,
that sniffing requires root access. For details, see:
https://github.com/secdev/scapyhttps://scapy.readthedocs.io/en/latest/
Usage example:
sudo ./trx_sniff --frame-count 30 --timeslot 2 -o /tmp/bursts
This command will capture 30 frames on timeslot number 2, and
write them to a binary file. The format of this file is based
on TLV (Tag Length Value), that wraps each burst:
... |-TAG (byte)-|-LEN (byte)-|-BURST (LEN bytes)-| ...
TAG 0x01 - a message coming from L1 to TRX
TAG 0x02 - a message coming from TRX to L1
Change-Id: I6e65e1d657574cc3e67bc7cdb1c01ef6bf08ecde
If we fail to initialize the VTY, print an error mesage instead of
failing silently. For example:
"Cannot init VTY on 127.0.0.1 port 4247: Address already in use"
Change-Id: I24161f53fa621ae1c8b1916bd0c8055c494b531e
Since both TA and AGC loops should be implemented in transceiver,
this TODO is meaningless. Let's drop it.
Change-Id: I84979712e2a1b849acaee53d5cd50de4e1e357c2
As there is no any order relation between logical channels, it's
better to use the linuxlist API instead of talloc array.
Change-Id: I5a78582c77ed1ab33817d240e065dc4cd4708199
Previously, when resetting or deleting a timeslot, we did not
deactivate the logical channels, relaying on talloc hierarchical
nature. This approach may cause some problems, e.g. on embedded
systems with emulated talloc API.
Change-Id: I8c34c793df87bd8c79b7bf1f05b949faf10520e8
Let's assume that a logical channel, which was already in use,
is activated again for a new connection. As we don't reset the
state variables, such as burst masks or ciphering data, it may
cause an unexpected behaviour.
In order to avoid this, let's always reset the logical channel
state after deactivation.
Change-Id: I91e736a97cb05b167614cb488a00d847a9a859e0
Initially it was expected that a TCH transmit queue could contain
TCH and FACCH primitives only. But there are also SACCH primitives,
which are also being stored there.
So, let's drop the assertations from the sched_prim_dequeue_tch(),
and return NULL if nothing was found.
Change-Id: Iae37057d35883c09a76f0612e52c2d14d9ff91cb
Link to Lua docs, link to our manual. Demo logging, timer, MS
on/off, sms sending and sms receiving. For the MM state I will
need to export constants/names to make this usable. Currently
it is a bit of a hack (first time to MM_IDLE) to send a SMS. We
would know when we attached though.
Change-Id: I10ac656330b65e3905d6cbbb7865aa0f969cd9ff
When reloading a script go through script_lua_close. Get the
primitive first. Then destruct the lua environment which will
lead to GC (e.g. cancellation of timers) and then delete the
primitive code.
Change-Id: I5bb4fa9e7c5010f3ad50b258dcb14956eea8822a
Make this symmetric and send the SMS through the primitive
interface. Construct and copy the sms into the prim, store
the SCA in the prim as well. In 04.11 we see we can store
2*10 digits in the destination address and a NUL.
Change-Id: I91d7537f4f6ce5ba00218c58f3456947ec7bc662
This change implements the A5/X ciphering support transparently
for the logical channel handlers. In other words, a DL burst is
deciphered before being passed to a handler, and an UL burst is
ciphered before being sent to transceiver.
The implementation mostly relays on the libosmocore's A5 API.
Change-Id: Ib53418d8c0f394fdece09cf5cc240887cb0bb5af
Having a possibility to preprocess UL burst before sending to
transceiver is required for the further ciphering support
integration and probably some other tasks.
Change-Id: Ia6eead5d4f51d7c0bf277b9d5ebb0a74676df567
Previously, the L1CTL_CRYPTO_REQ message contained only a ciphering
algorithm and actual Kc key to be used. The key length was
calculated manually using the MSGB API.
Let's avoid manual calculations here, as it may cause unexpected
behavior if the message structure is changed. Also, let's fill
the UL header with minimal information about a channel, which
is going to be encrypted.
Change-Id: I1813a188e755141241273479b17896415abcc3f1
Previously we used to compare two consecutive first primitives,
taken from a transmit queue. This approach may cause some delay,
which is critical for FACCH e.g. in case of handover.
Let's walk through a whole transmit queue to find a pair of
both FACCH frames, and only then decide what to do.
Change-Id: I925cca77bfaa255dd095bc882c901d41c9bc4633
Previously, each lchan handler used to obtain and delete primitives
from a timeslot's tranmit queue itself. This approach entails many
potential problems and bugs:
- The lchan handlers shall not do that by definition, they
should encode and decode frames according to GSM 05.03.
- In some cases (e.g. TCH), a single transmit queue may contain
primitives of different types (e.g. TCH, FACCH and SACCH). At
the same time, the lchan handlers don't care and don't even
know about each other. So, this could cause an unexpected
behaviour in some cases.
This change separates all primitive management routines,
providing a new API for obtaining and dropping them.
"Write programs that do one thing and do it well."
Change-Id: I29503ece51903784bc53541015285234471c8d15
It's good to write, keep and make the source code as much modular
as possible. So, Tte primitive management code was separated to
the 'sched_prim.c' and going to be extended in the near future.
Change-Id: Ifec8c9e4f2c95c72b00772688bcb5dc9c11d6de7
Both SACCH and FACCH messages have the same 23-byte length, both
are being queued together within a single transimt queue. So,
previously a SACCH frame could be picked by TCH burst handler,
and then sent as a FACCH frame. Let's fix this.
A FACCH primitive may have one of the TRXC_TCH* logical channel
types, while SACCH primitives have one of the TRXC_SACCH*.
Change-Id: Ia7090384f3ff74c9d94997265135acbceffa0ffe
Previously, we used to drop a frame if decoding wasn't successful.
This way, the higher layers didn't even know about that, so the
local counters and Measurement Reports were incomplete.
This change makes scheduler to forward L2 frames in any case,
setting the num_biterr for each of them. In case of decoding
error, a dummy (payload filled by 0x00) L2 frame will be sent.
Change-Id: I31011d8f3ca8b9a12474cd0bc653faed18391033
This change implements basic TCH/F lchan handlers for both data
reception and transmission. Only FACCH (signaling), FR and EFR
payloads are supported at the moment.
Change-Id: If6b0eaede2b484484d2a824e7219ff04483266a1
Previously, TCH frames coming from L1 were reordered to the RTP
format. Moreover, the implementation had a few problems:
- L1CTL is not the best place for such manipulations;
- payloads with other than FR codec were corrupted.
Let's use RTP-ordered payloads on the L1CTL interface,
performing TCH frame reordering at the firmware.
Please note, that actual FR reordering was moved to the firmware
as is, without any codec determination. This could be fixed in
a separate change.
Change-Id: I235a9f535c39d8e57f5d2c6566daeaf883aeef9e
There were some BTS specific variables, which are meaningless.
This change cleans them up, and also groups some measurement,
encryption, and AMR specific variables into sub-structures.
Change-Id: Ie753a7e3e7fa2b433d8319b3a05b85b8583d7be2
Since the 32e5641d, the gsm0503_rach_encode() is deprecated, and
the library provides new API with extended (11-bit) RACH support.
Change-Id: I1955fe46eebd173d6eddd1d47ee9f7318b9b4e2d
According to GSM 04.08, the System Information messages, such as
SI5, SI5ter, SI5bis and SI6 (described in sections 9.1.37-40),
have no the 'L2 Pseudo Length' (10.5.2.19) field, unlike others.
So, previously the ACCH SI messages were ignored due to an
implementation error - the gsm48_system_information_type_header
struct isn't applicable here, because it assumes the 'l2_plen'.
Since there is no (yet?) equivalent struct for the ACCH SI, this
change replaces the wrong struct by the 'gsm48_hdr', which
satisfies described requirements.
Moreover, this change cleans up some gsm48_rr_rx_sysinfo*
functions, getting rid of meaningless pionter shifting.
Change-Id: I9166996f146af7973bf02a8a1c965581dc58a4a5
The existing Makefile.mtk isn't compatible with the current
Makefile scheme, so nothing would happen when it was called.
This change updates the Makefile.mtk, so the Mediatek firmware
can be successfully compiled again.
Change-Id: Iecd619ed862f4d825095292ffde50544e647f6ff
The time at which the phone is allowed to transmit a burst of
traffic within a timeslot must be adjusted accordingly to prevent
collisions with adjacent users. Timing Advance (TA) is the
variable controlling this adjustment. The TA value is normally
between 0 and 63, with each step representing an advance of
one bit period (approximately 3.69 microseconds).
As trxcon doesn't perform actual burst transmission, this value
needs to be forwarded to the transceiver, which will take care
about the timings.
Change-Id: Ia8c0848827ab2b4cd7cf1efe128b28d5c06ec84e
The 'SETMAXDLY' command is used on the BTS side to limit maximal
Time of Arrival for access bursts. As we don't receive RACH
bursts on the MS side, the command is useless.
The 'SETRXGAIN' command is used on the BTS side to set initial
receive gain value for TRX. On the MS side it's possible to set
that parameter via command-line options of TRX.
Change-Id: I3e61b4b48193004cdcb241cefabb44c12db93120
In lua osmo.ms():name() will print the name/number of the MS. This
can be used by scripting code to use in events and then be analyzed.
Change-Id: I881d3e87daa19f4e6f4f5bd30fe95906129e60ef
We need continuation to avoid printing the logging category
again. E.g. when print(one, two, three) is called.
Change-Id: Id8491fa949768f170a8c74ab554cb1166afda1b7
Make the MS the script is associated with accessible to lua. Provide
access to IMSI and IMEI. The IMSI might not be available at the given
time and just return an empty string.
Example lua usage:
print(osmo.ms():imsi());
print(osmo.ms():imei());
print(osmo.ms():shutdown_state())
print(osmo.ms():started())
function ms_started_cb(started)
print("MS started", started)
end
function ms_shutdown_cb(old_state, new_state)
print("MS shutdown", old_state, "->", new_state)
end
function sms_cb(sms, cause, valid)
print("SMS data cb", sms, cause, valid)
for i, v in pairs(sms) do
print(i, v)
end
end
function mm_cb(new_state, new_substate, old_substate)
if new_state == 19 and new_substate == 1 then
osmo.ms():sms_send_simple("1234", "21321324", "fooooooo", 23)
end
end
local cbs = {
Started=ms_started_cb,
Shutdown=ms_shutdown_cb,
Sms=sms_cb,
Mm=mm_cb
}
timer = osmo.timeout(20, function()
print("Timeout occurred after 20s")
end)
osmo.ms():register(cbs)
# Can fail. Best to wait for state changes...
print(osmo.ms().start())
print(osmo.ms().stop(true))
Change-Id: Ia3ace33d6ba4e904b1ff8e271a02d67777334a58
Allow to callback into lua code after a user configured timeout. Make
it only work on seconds (truncate double to int).
Change-Id: I355d2f8d15aeaa13abb1c5e4a8e0c958e5faf7f3
Right now the script will be executed once it is loaded. Make sure
to write it into the config file last. Expose various log commands
for logging. Jump through some hoops and get the filename and line
number from lua.
Change-Id: I456f6b6b5e1a14ed6c8cb0dcc5140093d3c61ef6
Vadim Yanitskiy