In both gsm48_mm.c and gsm48_rr.c we put / push 'gsm48_rr_hdr'
structure into the message buffers, so then it's retrieved by
the message receivers. The AddressSanitizer complains about
unaligned pointer access and potentially unexpected behaviour.
Change-Id: I8aa2c0074b405afd0e76044ef076b6819fe1083b
In gsm322_l1_signal(), if S_L1CTL_FBSB_ERR is received, we free
stored System Information of the current cell, but cs->si may
still point to it. Let's set it to NULL.
Found with AddressSanitizer:
DL1C ERROR l1ctl.c:96 FBSB RESP: result=255
DCS INFO gsm322.c:2995 Channel sync error, try again
DCS INFO gsm322.c:467 Sync to ARFCN=860(DCS) rxlev=-106
DRR INFO gsm48_rr.c:665 MON: no cell info
DRR INFO gsm48_rr.c:665 MON: no cell info
DRR INFO gsm48_rr.c:665 MON: no cell info
DRR INFO gsm48_rr.c:665 MON: no cell info
DL1C ERROR l1ctl.c:96 FBSB RESP: result=255
DCS INFO gsm322.c:3008 Channel sync error.
DCS DEBUG gsm322.c:3013 free sysinfo ARFCN=860(DCS)
DCS INFO gsm322.c:3020 Unselect cell due to sync error!
DCS INFO gsm322.c:509 Unselecting serving cell.
=================================================================
==6014==ERROR: AddressSanitizer: heap-use-after-free on address
0x61b0000000e6 at pc 0x00000050d6dd
bp 0x7fff7f84aa60 sp 0x7fff7f84aa58
Change-Id: I9cc526c18d69695d810de98703579818408de011
This change fixes the following compiler warning:
sim.c: In function ‘gsm_sim_reply’:
sim.c:149:11: warning: variable ‘payload’ set but not used
[-Wunused-but-set-variable]
uint8_t *payload;
Change-Id: I3767b23bb1b28d3f4bb515d399bce160ba2eee09
As we do iterate over all entities in the BA list, it makes more
sense to print each one separately instead of printing the last
one. Moreover, as soon as the iteration is finished, *ba points
to some zero-initialized part of memory:
gsm322.c:5170 Write stored BA list (mcc=000 mnc=000 Marshall Islands, 000)
After this patch:
gsm322.c:5162 Write stored BA list (mcc=250 mnc=99 Russian Federation, Beeline)
gsm322.c:5162 Write stored BA list (mcc=250 mnc=01 Russian Federation, MegaFon)
gsm322.c:5162 Write stored BA list (mcc=250 mnc=02 Russian Federation, MTS)
gsm322.c:5162 Write stored BA list (mcc=544 mnc=31 Serbia, Telenor)
Change-Id: I5160492e6125401c6a1765f54d129b1f1cd503fc
In If1e851ac605c8d2fde3da565b0bd674ea6350c2e, msgb_wrap_with_TL()
was renamed to msgb_push_tl(). Let's use the new symbol name.
Change-Id: Ief37424e0ca3cd696054518a0ffb07b7ef17a462
The (BT)SAP (Bluetooth SIM Access Profile) is a part of Bluetooth
specifications, that defines the protocol and procedures that
shall be used to access a smart card (usually GSM SIM) via
a Bluetooth link.
The profile defines two roles:
- Server - the side that has direct access to a smart card.
It acts as a SIM card reader, which assists the Client
in accessing and controlling the smart card.
- Client - the side that accesses and controls the smart card
inside the Server through the connection with Server.
Typical examples of a Server are a simple SIM card holder or
a portable phone in the car environment. A typical example of
a Client is a car phone, which uses a subscription module in
the Server for a connection to the cellular network.
OsmocomBB implements the Client role providing abstract SAP
interface API to the higher layers. Instead of Bluetooth,
a UNIX socket is used to communicate with a Server.
The previous implementation of (BT)SAP interface was incomplete
and hard to maintain. This change (re)implements it almost from
scratch on top of the Osmocom FSM framework.
Besides that, the most significant changes are:
- The implementation is separated into three parts:
- sap_interface.{c|h} - public SAP interface API,
- sap_proto.{c|h} - SAP protocol definition,
- sap_fsm.{c|h} - SAP FSM implementation.
- Both 'sap_message' and 'sap_param' structures follow the
SAP message format definition according to 5.1 and 5.2.
- The message parsing is done more carefully in order to
prevent buffer overflow and NULL-pointer dereference.
- Introduced public API for getting / adding message
parameters, and checking the ResultCode.
- Introduced public API for opening / closing a connection
with the server, powering on / off and resetting the SIM
card, sending ATR and APDU.
- Introduced a call-back for handling the response message.
- Card reader state is also a part of the public API.
The new implementation was tested against softsim [1]. The
only limitation is Server-initiated Release, that allows the
Server to 'ask' a Client to release connection as soon as
communication with the smart card is finished. This is not
implemented (yet), and leads to immediate release.
[1] https://git.osmocom.org/softsim/
Change-Id: I77bb108615bb2c94c441568f195b04e0a5421643
Passing NULL to sap_msg_free() is not only meaningless, but also
would result in NULL pointer dereference. We should call it in
successful case only, so let's fix this.
Change-Id: Icf868c4299e292a17c4b7aad1f9e728ea3653494
There are several SIM card interfaces, two of which:
- GSM_SIM_TYPE_L1PHY (using built-in SIM reader of the L1 PHY),
- GSM_SIM_TYPE_SAP (using remote reader via (BT)SAP protocol),
can actually deal with a physical SIM card. But, for some reason,
only GSM_SIM_TYPE_L1PHY was considered as such. Let's also get
along with GSM_SIM_TYPE_SAP for the following procedures:
- PIN management and verification,
- FPLMN / LOCI updating,
- A3 authentication.
Change-Id: I4b3080fa7a5332467a449a314ba3cc3a07a9b7df
Since we have two ways to interact with a physical SIM:
- using built-in SIM reader of the L1 PHY (via L1CTL),
- using remote reader via (BT)SAP protocol,
name 'GSM_SIM_TYPE_READER' looks quite confusing. Let's rename it
in order to explicitly indicate the role of L1 PHY.
Change-Id: I0f83f365ed50cfd658fdd3a9d6866ed76c8c4009
Almost all layer23 applications, excluding mobile, have nothing
to do with SAP interface. Moreover, the current implementation
does initialize SAP connection automatically, as soon as the
first message is sent.
Change-Id: I62cc69c06fa15468a55bb0a9d408267d0745174c
This change revives the main idea of:
Change-Id: I32517567847fd5c54b1742f18bf409ff81e316fa
to stop ignoring the VTY bind address from the config file.
Furthermore, it deprecates (and disables) both 'u' and 'v'
command line options, because they are redundant.
Change-Id: I99e0ec1717edd29b3be231be86616cc7effe5d95
The process should be aborted if a non-existing command line
option or an incorrect parameter value is passed.
Change-Id: Ib656ad12f12429ed15dc2a1554901ffa51148ff6
The VTY requisites are always being printed by libosmovty,
there is no need to duplicate this information.
Change-Id: I688f66175ea67d4c6a46819bee7d300ad9ce7cc7
This reverts commit c8de8cb1e1
(Change-Id I32517567847fd5c54b1742f18bf409ff81e316fa by Max),
because several problems were introduced, in particular:
a) Help message of mobile application is broken:
"The VTY IP to telnet to. (default (null))",
"The VTY port number to telnet to. (default 127.0.0.1)".
b) Default VTY bind addres != parsed from the config file.
c) The (vty_ip == NULL) is resolved only when an external
MNCC handler is used, otherwise NULL is passed to
l23_app_init().
Change-Id: Ic63a4eb828ff32d3744886b4f5f6f5019c798620
Previously the vty bind config parameter was always ignored. Fix this by using proper
default value from the config unless it's explicitly set via command-line parameter.
Change-Id: I32517567847fd5c54b1742f18bf409ff81e316fa
Log via LOGP() like the rest of the file instead of fprintf() for
consistency. While at it, also print error cause.
Change-Id: Id205bcd9bdb7c3e4b96493d50be8381a6fa80ac6
Fixes following ASan warning:
git/osmocom-bb/src/host/layer23/src/misc/../common/main.c:146:2: runtime error: null pointer passed as argument 2, which is declared to never be null
The warning however is harmless since in that case, app_len = 0 and thus
size to copy is 0.
Change-Id: I009a5b53f1e5be72ce347d64d3a7cb1d95d37ea3
Unlike the DATA messages, traffic frames may have different length.
Instead of having fixed payload (i.e. TCH frame) length, let's
introduce a flexible array member. This would allow one to
calculate the frame length using the MSGB API.
Change-Id: I119fa36c84e95c3003d57c19e25f8146ed45c3c6
L1CTL implementation (i.e. l1ctl.c) is not a good place for the
SIM specific stuff. Let's move it to the proper place (i.e. sim.c).
As a bonus, this change fixes a possible problem of loosing the
cached APDUs if two or more L2&3 applications are using a single
LAPDm connection. The APDU buffer is dedicated per MS now.
Change-Id: I564c610e45aa3b630ca5d1ec6bc1cace0dc9c566
Almost all handlers for received L1CTL messages are also affected
by the bug fixed in I7fe2e00bb45ba07c9bb7438445eededfa09c96f3. In
short, they do verify the length of 'msg->l2h' or 'msg->l3h', but
not the 'msg->l1h'. Let's fix this, and also add missing checks.
Change-Id: I866bb5d97a1cc1b6cb887877bb444b9e3dca977a
As we assign the payload following L1CTL header to 'msg->l1h',
it makes sense to avoid possible naming confusion.
Change-Id: I5d21ca8664b3445f472d3ffde90d0e11805dcb16
The actual L1CTL header is pointed by 'msg->l1h', not 'l2h'!
Since msg->l2h is NULL (because nobody set it), the result of
msgb_l2len() would always be bigger than size of L1CTL header,
as it is calculated in the following way:
return msgb->tail - (uint8_t *)msgb_l2(msgb);
So, in case if 'msg->l2h' is NULL, it turns into:
return msgb->tail - 0;
Change-Id: I7fe2e00bb45ba07c9bb7438445eededfa09c96f3
In l1ctl_recv() we actually expect to 'see' the L1CTL header
instead of the DL info header. Let's fix this.
Change-Id: Ic7d017bef04f3c186565d5dade36959df1019bd8
There is no need to keep the L1CTL header in messages being sent
towards the upper layers, but the L1 info header can be used by
L2&3 to obtain some information, e.g. TDMA frame number.
Change-Id: Id64249f1b7a1c2be578263ba62aa195c452ab7e8
In some conditions it's required to maintain continuous burst
transmission (e.g. on C0). If there is nothing to transmit at
a given moment, either a LAPDm func=UI fill frame,
or a "dummy" Paging Request is used.
In case of 'ccch_scan' application, they are useless.
Let's detect and omit them.
Change-Id: I6ccecb1a78bdac3e467bdc14b7a01afbe17aa53c
By definition, 'ccch_scan' application is intended to be used for
monitoring of CCCH channels on C0/TS0. There is no need to send
RACH requests, therefore there is no need to care about the
mobile allocation from SI1 message.
Most likely, this "dead" code was copy-pasted from mobile
application. Let's clean it up!
Change-Id: I7c2f47cbc825a5e5a50863d842729d3d8408b9dd
Despite the correct range of Timing Advance value is [0..63],
there is a special feature in OsmocomBB which allows one to
simulate the distance between both MS and a BTS by playing
with the signal delay.
It was discovered that l1ctl_tx_param_req() is using an unsigned
'uint8_t' type for Timing Advance value, while other code and
L1CTL protocol is using signed 'int8_t'. This may result in
distortion of negative values, so let's fix this!
Change-Id: I6ee42b5fa2ca9ebe187f0b933465c49f840a55c2
We don't need to hand-code unix domain socket initialization but
can simply use our library function for it. As an added benefit,
the library code already contains corner case handling for non-NUL
terminated unix domain socket path.
Change-Id: I57c724c78dbbbce0546ebe914e370f32c8c89703
To have bi-directional communication we can pass credentials to the
registry server and now we can register a callback when the registry
is sending data to us.
The callback needs to return if the fd should continue to be selected
as I found no way to push the userdata as parameter on the stack. Lua
code will look like:
local host, port = "www.osmocom.org", 80
local tcp = socket.tcp()
tcp:connect(host, port);
tcp:send("GET / HTTP/1.0\r\n\r\n");
local cb = function()
local s, status, partial = tcp:receive()
print(s)
if status == 'closed' then
tcp:close()
return 0
end
return 1
end
local foo = osmo.register_fd(tcp:getfd(), cb)
Change-Id: I8254bdda1df2f8fe0a5eac894b931e7de5b426df
settings.c: In function ‘gsm_random_imei’:
settings.c:188:26: warning: ‘sprintf’ may write a terminating nul past the end of the destination [-Wformat-overflow=]
sprintf(rand + 8, "%07ld", random() % 10000000);
^
settings.c:188:2: note: ‘sprintf’ output between 8 and 9 bytes into a destination of size 8
sprintf(rand + 8, "%07ld", random() % 10000000);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Change-Id: Id949487111235cd4af5ff068f1dce2f4b0801480
settings.c:191:2: warning: ‘strncpy’ output may be truncated copying 15 bytes from a string of length 15 -Wstringop-truncation]
strncpy(set->imeisv, set->imei, 15);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CC subscriber.o
CC support.o
CC transaction.o
CC vty_interface.o
CC voice.o
CC mncc_sock.o
CC primitives.o
mncc_sock.c: In function ‘osmo_unixsock_listen’:
mncc_sock.c:318:2: warning: ‘strncpy’ specified bound 108 equals destination size [-Wstringop-truncation]
strncpy(local.sun_path, path, sizeof(local.sun_path));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CC script_lua.o
vty_interface.c: In function ‘cfg_gps_device’:
vty_interface.c:1144:2: warning: ‘strncpy’ specified bound 32 equals destination size [-Wstringop-truncation]
strncpy(g.device, argv[0], sizeof(g.device));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
AR libmobile.a
Change-Id: Id52978f3bf7a8abea62237d7c32f8f87e1bb34a1
gsm322.c:366:22: warning: ‘sprintf’ may write a terminating nul past the end of the destination [-Wformat-overflow=]
sprintf(string, "-%d", 110 - rxlev);
^
gsm322.c:366:2: note: ‘sprintf’ output between 3 and 6 bytes into a destination of size 5
sprintf(string, "-%d", 110 - rxlev);
Change-Id: I7b19fef89ba0cb0c1edbdd62c46ad8395e44145b
We use this in the network-side Osmocom projects (CNI) and it's
useful to have the same flags also for the OsmocomBB host software.
Change-Id: I45800c937d665fdbd2dd6b0cee38408f587f1a9f
When starting multiple mobile in the same second, the libc random number
generator will be seeded to exactly the same value.
The random bits inside the RACH request(s) will be exactly the same
across multiple mobile and when the channel fails they all pick the same
randomized back-off timing.
Use stronger random numbers and replace all calls to random(2) with
osmo_get_rand_id. Add a fallback to try random().
[v2: Add helper to make sure the result is int and between 0 and
RAND_MAX]
Change-Id: Icdd4be88c62bba1e9d954568e48f0c12a67ac182
It was decided to migrate to osmo_get_rand_id() and use random()
as a fall-back. But there is a critical difference between both
functions: osmo_get_rand_id() fills an input buffer with random
bytes (0x00 - 0xff), while *random() returns a value in range
between 0 and RAND_MAX.
osmo_get_rand_id() was used in a wrong way, so in some cases we
could get a negative value (how about IMEI starting from '-'?),
what isn't expected in many cases and could lead to unexpected
behaviour and segmentation faults...
This reverts commit 6d49b049ee.
Change-Id: I7b2a8a5c63cf64360a824926a2219fd7e419b1bb
When starting multiple mobile in the same second, the libc random number
generator will be seeded to exactly the same value.
The random bits inside the RACH request(s) will be exactly the same
across multiple mobile and when the channel fails they all pick the same
randomized back-off timing.
Use stronger random numbers and replace all calls to random(2) with
osmo_get_rand_id. Add a fallback to try random().
Change-Id: Ie0cc64663cd4b90c027b79545dc5d3ac9d87b9dd
This can be useful to have bidirectional communication between the
mobile lua script an external control script.
Change-Id: Ib4a5eef611f524f5d21cb6a7f4eace22b8ba60d0
Disable storing the SMS on disk. This is useful when scripting mobile.
Keep the default of attempting to store it to disk.
Change-Id: I6353447343d98ebaa5e12ab63f995750f81c8500
It seems the original code didn't allocate \0 for the string. Just use
talloc_asprintf and get a new string...
Change-Id: I8ffb50b04d2d6196caf0231711f3467abc8c5ea5
When no cell was found during the PLMN search the camp on any cell
state will be entered. LUs are prevented in this state and it will be
left after the start_any_timer has timedout. Even if camping on the
home network the state will not be left before the expiry of the timer.
For systematic tests this is producing a too high upper bound. Make it
configurable so we can succeed with a UL more quickly.
Change-Id: I25bc985cd4360d5e37d05a7b16b39eefb75ce20f
Previously, TCH frames coming from L1 were reordered to the RTP
format. Moreover, the implementation had a few problems:
- L1CTL is not the best place for such manipulations;
- payloads with other than FR codec were corrupted.
Let's use RTP-ordered payloads on the L1CTL interface,
performing TCH frame reordering at the firmware.
Please note, that actual FR reordering was moved to the firmware
as is, without any codec determination. This could be fixed in
a separate change.
Change-Id: I81ec8ed3c9e72a62b22c1720c299cdc68b733cf1
Previously, the L1CTL_CRYPTO_REQ message contained only a ciphering
algorithm and actual Kc key to be used. The key length was
calculated manually using the MSGB API.
Let's avoid manual calculations here, as it may cause unexpected
behavior if the message structure is changed. Also, let's fill
the UL header with minimal information about a channel, which
is going to be encrypted.
Change-Id: I5fab079907c5276322d3ec2b46cab81f10c7ed09
The primitives are still allocated and dispatched but there was
no script handler to delete them. Change the ownership to delete
it at the end of the dispatch.
Change-Id: I510af13bcbb46f73a0a289f26a4921cc90bd986a
Fixes: OS#2925
The recent LUA integration code introduced the following
compiler warnings (on GCC 4.8.5):
primitives.c: In function ‘create_timer’:
primitives.c:90:2: warning: format ‘%llu’ expects argument of
type ‘long long unsigned int’,
but argument 7 has type ‘uint64_t’ [-Wformat=]
primitives.c: In function ‘cancel_timer’:
primitives.c:166:3: warning: format ‘%llu’ expects argument of
type ‘long long unsigned int’,
but argument 7 has type ‘uint64_t’ [-Wformat=]
The recommended and portable way of printing an 'uint64_t'
is to use the corresponding macros 'PRIu64'.
Change-Id: Ic7f54063a35a89ad54dfa63868f43009cbe469bb
When '/var/log/osmocom.log' does not exist the cell_log
app cannot start normally, because it has no permissions
to create a new file. Furthermore, logfile is optional now.
Change-Id: I2a9982f221871c78c5c9a73b7b7a1787ff07a86c
If we fail to initialize the VTY, print an error mesage instead of
failing silently. For example:
"Cannot init VTY on 127.0.0.1 port 4247: Address already in use"
Change-Id: I24161f53fa621ae1c8b1916bd0c8055c494b531e
When reloading a script go through script_lua_close. Get the
primitive first. Then destruct the lua environment which will
lead to GC (e.g. cancellation of timers) and then delete the
primitive code.
Change-Id: I5bb4fa9e7c5010f3ad50b258dcb14956eea8822a
Make this symmetric and send the SMS through the primitive
interface. Construct and copy the sms into the prim, store
the SCA in the prim as well. In 04.11 we see we can store
2*10 digits in the destination address and a NUL.
Change-Id: I91d7537f4f6ce5ba00218c58f3456947ec7bc662
According to GSM 04.08, the System Information messages, such as
SI5, SI5ter, SI5bis and SI6 (described in sections 9.1.37-40),
have no the 'L2 Pseudo Length' (10.5.2.19) field, unlike others.
So, previously the ACCH SI messages were ignored due to an
implementation error - the gsm48_system_information_type_header
struct isn't applicable here, because it assumes the 'l2_plen'.
Since there is no (yet?) equivalent struct for the ACCH SI, this
change replaces the wrong struct by the 'gsm48_hdr', which
satisfies described requirements.
Moreover, this change cleans up some gsm48_rr_rx_sysinfo*
functions, getting rid of meaningless pionter shifting.
Change-Id: I9166996f146af7973bf02a8a1c965581dc58a4a5
In lua osmo.ms():name() will print the name/number of the MS. This
can be used by scripting code to use in events and then be analyzed.
Change-Id: I881d3e87daa19f4e6f4f5bd30fe95906129e60ef
We need continuation to avoid printing the logging category
again. E.g. when print(one, two, three) is called.
Change-Id: Id8491fa949768f170a8c74ab554cb1166afda1b7
Make the MS the script is associated with accessible to lua. Provide
access to IMSI and IMEI. The IMSI might not be available at the given
time and just return an empty string.
Example lua usage:
print(osmo.ms():imsi());
print(osmo.ms():imei());
print(osmo.ms():shutdown_state())
print(osmo.ms():started())
function ms_started_cb(started)
print("MS started", started)
end
function ms_shutdown_cb(old_state, new_state)
print("MS shutdown", old_state, "->", new_state)
end
function sms_cb(sms, cause, valid)
print("SMS data cb", sms, cause, valid)
for i, v in pairs(sms) do
print(i, v)
end
end
function mm_cb(new_state, new_substate, old_substate)
if new_state == 19 and new_substate == 1 then
osmo.ms():sms_send_simple("1234", "21321324", "fooooooo", 23)
end
end
local cbs = {
Started=ms_started_cb,
Shutdown=ms_shutdown_cb,
Sms=sms_cb,
Mm=mm_cb
}
timer = osmo.timeout(20, function()
print("Timeout occurred after 20s")
end)
osmo.ms():register(cbs)
# Can fail. Best to wait for state changes...
print(osmo.ms().start())
print(osmo.ms().stop(true))
Change-Id: Ia3ace33d6ba4e904b1ff8e271a02d67777334a58
Allow to callback into lua code after a user configured timeout. Make
it only work on seconds (truncate double to int).
Change-Id: I355d2f8d15aeaa13abb1c5e4a8e0c958e5faf7f3
Right now the script will be executed once it is loaded. Make sure
to write it into the config file last. Expose various log commands
for logging. Jump through some hoops and get the filename and line
number from lua.
Change-Id: I456f6b6b5e1a14ed6c8cb0dcc5140093d3c61ef6
I will be adding a high-level async scripting interface to the
mobile application. The initial implementation will use Lua 5.3.
This version was released in January 2015 and is the latest version
at the time the commit was made. Lua as extension and extensible
language seems well suited for scripting.
The plan is to attach a script to a ms and be able to trigger high
level operations (send SMS, attach to network, detach).
Change-Id: Ic649e49a22c878585a6c20b5b80108909f2374eb
Notify once the mm state has been changed. Unfortunaley one state
transition can immediately trigger more transitions (recursively).
In the mid-term it might be best to force all primitives to be
async to avoid unpredictable behavior (e.g. make a shutdown while
being a recursion down?)
Change-Id: I8e9dcf7fd9116985aa060ba027ba74107a19223a
Forward started/shutdown changes to the primitive layer which will
turn them into indications. The other option might be to use the
signals but it seems primitives are a superset of the signals.
The notify will be done per MS and then the right primitive
instance will be searched and the indication be sent. The approach
will be applied to other systems as well.
The signal framework might be seen as
a subset of the primitives A signal mostly being a different form
of an indication.
Change-Id: I5df20a4ab79c06b515780675b6df2929aa976f0d
We want the script interface to interface through a primitive
interface. This will allow to move it to a different thread or
a process in the future. The script interface will just use the
primitives.
It is not clear how "sap" will be used here. I am keeping it
at 0 right now. The first primitive is starting a timer with a
request and then getting an indication as a response.
Change-Id: Id2456b7fae35546553c4805f12a40c0812d9255c
Move the check if within the mobile app there is no other active
MS using the same L1 socket. This way we can call this function
from the primitive code as well.
Change-Id: Ib4aa5ff212fa6bead8f620abaecc6a0b51a99fec
In file included from settings.c:27:0:
../../include/osmocom/bb/mobile/app_mobile.h:10:42: warning: ‘struct osmocom_ms’ declared inside parameter list will not be visible outside of this definition or declaration
int l23_app_init(int (*mncc_recv)(struct osmocom_ms *ms, int, void *),
^~~~~~~~~~
../../include/osmocom/bb/mobile/app_mobile.h:14:26: warning: ‘struct osmocom_ms’ declared inside parameter list will not be visible outside of this definition or declaration
int mobile_delete(struct osmocom_ms *ms, int force);
Change-Id: I9348b3ed71a8490c03edda954402ab954f645b7c
The "msg->tail - msg->l4h" subtract two unsigned char*
pointers and should result in a ptrdiff_t. Fix the
compiler warning by using "%ti" in the printf.
Fixes:
gsm411_sms.c: In function ‘gsm411_rx_rp_ud’:
gsm411_sms.c:382:25: warning: format ‘%li’ expects argument of type ‘long int’, but argument 7 has type ‘int’ [-Wformat=]
LOGP(DLSMS, LOGL_INFO, "TPDU(%li,%s)\n", msg->tail-msg->l4h,
^
/home/ich/install/openbsc/include/osmocom/core/logging.h:93:54: note: in definition of macro ‘LOGPSRCC’
logp2(ss, level, caller_file, caller_line, cont, fmt, ##args); \
^~~
/home/ich/install/openbsc/include/osmocom/core/logging.h:47:2: note: in expansion of macro ‘LOGPSRC’
LOGPSRC(ss, level, NULL, 0, fmt, ## args)
^~~~~~~
gsm411_sms.c:382:2: note: in expansion of macro ‘LOGP’
LOGP(DLSMS, LOGL_INFO, "TPDU(%li,%s)\n", msg->tail-msg->l4h,
^~~~
gsm411_sms.c:382:25: warning: format ‘%li’ expects argument of type ‘long int’, but argument 7 has type ‘int’ [-Wformat=]
LOGP(DLSMS, LOGL_INFO, "TPDU(%li,%s)\n", msg->tail-msg->l4h,
^
/home/ich/install/openbsc/include/osmocom/core/logging.h:95:53: note: in definition of macro ‘LOGPSRCC’
logp2(ss, level, __BASE_FILE__, __LINE__, cont, fmt, ##args); \
^~~
/home/ich/install/openbsc/include/osmocom/core/logging.h:47:2: note: in expansion of macro ‘LOGPSRC’
LOGPSRC(ss, level, NULL, 0, fmt, ## args)
^~~~~~~
gsm411_sms.c:382:2: note: in expansion of macro ‘LOGP’
LOGP(DLSMS, LOGL_INFO, "TPDU(%li,%s)\n", msg->tail-msg->l4h,
Change-Id: Ia574fc7849bd00a94cf6651eb0d26fdc91ef1443
In I4bac5f06921b5fd85a98d97770d42d4858ca1c42 I have removed the
msg_ref field. But in case we delete a transaction with a pending
SMS we need to get the msg_ref from somewhere. This is a partial
revert but for RX SMS it makes sure that msg_ref will be set (it
wasn't set before).
Change-Id: I9b0f90f875de5f072565878861d38b0bb3bfbded
ms->shutdown is ms->shutdown != 0 which should have been
converted to ms->shutdown != MS_SHUTDOWN_NONE. This is fixing
sending SMS.
This was introduced in Iee1140e4848923c7270495c381bf87b7e3fddee1.
Change-Id: Ia74374dd9c0dd0ba9cf5725d66f4d2f2a2cfe9ef
The SIs are kept per ARFCN and for the current cell the
cs->si alias will be assigned[1]. On mobile_exit all SIs
will be freed but the alias will not be set to NULL.
This is a speculative fix but it doesn't seem to make
things worse.
Related: OS#2690
[1] cs->si = cs->list[cs->arfci].sysinfo;
Change-Id: Icf20f9aa03dd26d4bee78772b7f3da034bb34b99
It seemed like msg_ref could go out of sync. In some places we are
using sms->msg_ref in other cases we pass it as parameter (e.g. when
sending the SMS) or we get it out of the gsm411_rp_hdr.
Instead of hardcoding 42 for all messages make it configurable and
pass the parameter from the caller.
Change-Id: I4bac5f06921b5fd85a98d97770d42d4858ca1c42
Instead of changing the field all over the place, do the state
change in a function. This will allow us to emit a notification
when things change. It is similar to the lchan_state.
Change-Id: I6a0591bb2785232681b23e41368323f16d3c960c
The enum was created to understand the different states during
the shutdown and find places where it is used. The normal
transitions are like.
Idle -> Imsi Detach -> L1 Reset -> Done
Idle -> L1 Reset -> Done
The shutdown can get stuck in case:
* Out of memory situation while handling IMSI detach (timeout)
* Never receiving l1 reset acknnowledgment.
The code could benefit from the move to osmo fsm to deal with
proper timeouts.
Change-Id: Iee1140e4848923c7270495c381bf87b7e3fddee1
The state handling is complicated and maybe it gets better by
moving started to bool and then the rest to an enum.
Change-Id: I6aef22e7bf954a8a4ecda980c2c558eb8c9180b7
Add a mobile application logging category and replace printf with
a LOGP. The code is sadly still using exit in the middle of handling.
Change-Id: I71e7f6e6375a485b45bad76ada2be17b0901577d
"All" our VTY prompts have a space after the prompt.
Also do that for '(ms)', '(test-sim)' and '(support)' prompts.
Change
OsmocomBB(ms)#exit
to
OsmocomBB(ms)# exit
Change-Id: Id437279e0fa9845630a306958b404efa3b94b492
So far logging_vty_add_cmds wasn't called. The main.c might be
shared with other apps so place it into the routine that is
setting up the VTY.
Change-Id: I3db9cf288bce12f51e36caad44e9bc34094638f4
This change prevents a possibility of calling memset()
with constant zero length parameter, and the corresponding
compiler warning.
Change-Id: I2d8d78474614939659a7f24d5007b1c890776b1a
I don't remember why we parse the categories like this. First if
the mobile doesn't use a subsystem there is no harm to have it
enabled, second the default levels can be adjusted for all apps
and third we have the VTY to reconfigure these logging targets.
Change-Id: Ia874b7ed127026b8395072a3bac2aed9944b1cce
vty_install_default() and install_default() will soon be deprecated.
Depends: I5021c64a787b63314e0f2f1cba0b8fc7bff4f09b
Change-Id: I300a4b34a2031fd09d110ef18375d140a6dca7ba
As we use talloc, it's absurdly not to use the main feature of
the library - hierarchical memory management. This change sets
talloc context of all sub-allocated objects to related osmocom_ms
instance. So, as soon as osmocom_ms instance is destroyed, all
sub-allocated chunks are getting destroyed too.
Change-Id: I6e3467ff739f3e6dc8dd60cc6d1fcd3f8e490ce9
Since some 'gsm_7bit_*' functions were deprecated and replaced by
more secure ones with the '_n_' postfix in names, it's better to
use the updated functions.
Change-Id: I58150e9b74699e5f54b9a83416ad8efcb2eccd8e
Since some 'gsm_7bit_*' functions were deprecated and replaced by
more secure ones with the '_n_' postfix in names, it's better to
use the updated functions.
Change-Id: I4499b592a0dfea71462aed19fe641419d79b3cbd
Since some 'gsm_7bit_*' functions were deprecated and replaced by
more secure ones with the '_n_' suffix in names, it's better to
use the updated functions.
Change-Id: If8a1983592f5800e3981f29962eb333ac9473f40
According to the vty_app_info struct definition, the go_parent_cb()
should return an integer, but not enum. So, this change fixes the
following compiler warning:
> warning: initialization from incompatible pointer type
> .go_parent_cb = ms_vty_go_parent,
Change-Id: Ib55e43eaaebdd9fe0d74a030b1057ae82804a77e
The usage of msgb_set_talloc_ctx() was deprecated many days ago,
so it's time to use the proper replacement.
Change-Id: I56440d8e2152c4bb2e5ad677f88c61742d2ad9ca
This change registers the command, which is now implemented in
libosmocore since the 463deef8c209dd7eb023ac70bf41fa9893ad35ed
and allows to introspect mobile application's talloc context
directly from the VTY interface.
Change-Id: I979d64ae63d385f4fd082a4e3f981cbf5ab28338
Since we use indenting as means to implicitly exit child nodes,
no need to write 'exit' at the end of each child node.
Change-Id: I73b0f3926d766d21ca68c8e01b7fc70b2b4636c9
Since in recent version of libosmocore default commands (such as
'exit' and 'end') are being installed by default, no need to
install them twice. This will crash the program.
Change-Id: I82c8d04ccc7dc3f19589a79b859a2c993bd1d39c
The 903e2515 introduced the following problems:
- The home variable is allocated dynamically by talloc,
but not being freed. There is no need for dynamical
memory allocation, as the getenv() returns a pointer
to a value in the environment or NULL.
- In case of custom configuration file, a pointer to
a part of stack (not heap) is passed to talloc_free().
This may cause unexpected behaviour of segfault.
Let's fix both of them.
Change-Id: I79cc3b954c3018b7e780f6351c3030c3062470b5
All other Osmocom projects use '-c' command line option to specify the
location of config file. Let's do the same with fallback to existing
implicit config file name logic.
Also print config file path and vty host on startup.
Change-Id: Idaac3ff8d1f8541e00c45290db948a67bb899311
Previously, when testcard was attached via VTY interface, the
initial values were used for MCC / MNC, LAC and TMSI, even if
correct RPLMN settings were set.
Change-Id: Ic70889cdb6be95f06d0c2df710524b4128b5f72b
The approach of talloc memory management reduces memory usage,
and prevents some buffer overflows, which were possible before.
Change-Id: Icd6706117fdd7f1b3481b0e3817bbb3b31f12f60
Harald Welte
Vadim Yanitskiy
Pau Espin