When trying to re-create the header file I made the 'valid' member
of the channel request history a single-bit field, but we actually
assign values different than 0 and 1 to it. This has caused layer23
to consider the IMM ASS to our own channel requests as non-matching.
It seems one of the recent commits introduced build errors due
to missing commits for header file changes. Based on the code,
I reconstructed what I believe might have been the header files...
We introduce the concept of CCCH mode. It can be either
- NONE: receive BCCCH only
- COMBINED: CCCH on a BCCH/CCCH+SDDCH/4
- NON_COMBINED: CCCH on a BCCH/CCCH
There is also a new command to change the mode without having
to do the resync.
Currently, we keep the previous default behavior of requesting
a combined CCCH by default
Signed-off-by: Sylvain Munaut <tnt@246tNt.com>
Instead of handling numerical MCC and MNC, they are now stored and handled
hexadecimal, like they are received by the network. This makes it possible
to correctly handle 2 and 3 digits MNC. Internally 2 digit MNCs are stored
as 0xXXf, and 3 digits MNC are stored as 0xXXX, where X is the digit 0..9.
The length of MNC in the IMSI (2 or 3 digits) depend on the MNC length
trying to match. Anyway that MNC name can be printed even without knowing the
actual length. This is done by matching the IMSI against list of networks.
PLEASE REMOVE "/etc/osmocom/*.ba", because the MCC and MNC stored there is
not valid anymore.
While testing, you may find out that making an emergency call is rejected
with cause 5 (illegal ME), because emergency facilities in some countries
like to reject calls without knowing the subscriber.
An emergency IMSI can be defined via VTY, so it is possible to make calls
with that IMSI, even without the SIM, because authentication is not
applicable during emergency call establishment.
All the information above, I received from the freely available 3GPP TS 04.08.
See NOTE at sub clause 4.5.1.5.
Now location update reject works. The rejected network/cell is stored in
an appropriate list. The lists can be dumped from the VTY.
A fake authentication response is generated until the SIM interface is
available. If the network rejects the test SIM, due to authentication
failure, it is removed and limited service state is entered. This currenlty
works on networks with SDCCH on the TS0 only.
The "BA range" is used for cell re-selection.
Due to layer 1 issues, the process gets stuck very often or looses
synchronization.
After location update, I can now make a call via VTY on SDCCH:
Call control sends SETUP request after requesting an MM connection.
My phone on the network side rang!! Call control fails and requires
further debugging...
liblayer23. Other applications using liblayer23 don't need to re-implement it.
Messages from layer 1 are not freed in layer2_read() anymore. They will be
freed by the upper layers. The layers may also decide to queue or to forward
the messages. In general: A message is always discarded by the message handler
and not after calling the message handler.
We really want to have those two as distinct operations - and we
want proper state machines in L1 to quickly return if they've
managed to acquire a FB or SB or not. Otherwise scanning will
take ages...
This code now introduces a new l1ctl_fbsb_req that is sent via
L1CTL to ask for a bitmask of FB0/FB1/SB operations. The actual
FB0/FB1 detection now no longer runs for 500 TDMA interrupts
but completes as soon as we either know there is no FCCH,
or that our frequency error is smaller than a caller-specified
threshold.
FB0/FB1 are already working, SB is not yet, sorry.
- Load and save of config now works.
- Network search is displayed on VTY and the result can be selected there.
- Manual/auto mode can be selected via VTY and saved.
It is now possible to show informations about:
- mobile
- subscriber
- received cell informations
Later it can be used to do configurations (phone's menu)
and trigger events, like dialing a phone number.
- Fixes on PLMN search and cell selection process.
- Fixes on radio ressource.
- ^C will cause IMSI detach when pressed the first time.
Pressing ^C again will cause termination of process at any time.
- Fixed reference to system informations. (did crash when re-selecting).
- Fix in cell selection state machine. (any re-selection).
- MCC, MNC, LAC change of cell now triggers re-selection.
- Fixed some paging issues. Empty pagings are not displayed anymore. Also paging is now possible when 'camping on any cell'.
The current code will scan frequencies, select a cell and camps on it.
No SIM is inserted. Paging requests and Immediate assginments can be seen.
When inserting a SIM card (uncomment it in app_mobile.c), location update
is triggered after selecting a cell. The RACH request is sent, an
Immediate assignment is received, the dedicated mode is requested.
Nothing happens then, because no confirm / abort of layer 2 is received.
This is the current status of the layer 3 protocols. Everything compiles,
radio ressource layer is partly complete. Everything is untested, so don't
expect that it runs and does something usefull. The next step for me is
running and debugging it.
Here is the list of files that are added / modified:
new file: ../include/osmocom/gsm322.h
new file: ../include/osmocom/gsm48_cc.h
new file: ../include/osmocom/gsm48_mm.h
new file: ../include/osmocom/gsm48_rr.h
modified: ../include/osmocom/l23_app.h
modified: ../include/osmocom/logging.h
new file: ../include/osmocom/mncc.h
modified: ../include/osmocom/osmocom_data.h
new file: ../include/osmocom/subscriber.h
new file: ../include/osmocom/support.h
new file: ../include/osmocom/sysinfo.h
new file: ../include/osmocom/transaction.h
modified: Makefile.am
new file: app_mobile.c
new file: gsm322.c
new file: gsm48_cc.c
new file: gsm48_mm.c
new file: gsm48_rr.c
modified: main.c
new file: mnccms.c
new file: subscriber.c
new file: support.c
new file: sysinfo.c
new file: transaction.c
Added name to osmocom_ms structure.
l2_ctx is now named l23_ctx, because it is also used there.
A work-handler is usefull for applications that need to check queues.
The arfcn variable is renamed to test_arfcn.
I think that arfcn and other frequency parameters should be stored at
the process which sets it and using it when calling l1ctl_tx_ccch_req().
If file access is used to store network informations and user settings in the
/etc/ directory. Later it can be used to store them in the EEPROM of the
target.
similar to the concept of having 'apps' in the firmware build process,
I'm now building the common code as liblayer23 and we have three apps
that use this library:
layer23 - the old layer23 program
bcch_scan - a passive bcch scanner under development
echo_test - a test program sending large msgb's containing zero bytes
* added missing param in call to gsm48_rx_bcch
* added 'extern' to declarations of rsl_rlm_cause_strs and target_board
* added several 'const' for strings
* removed useless 'bufptr,' from hexdump
(From: itsme <itsme@xs4all.nl>)
* use GSMTAP for uplink frames (generated by layer23; sent to L1)
* only use GSMTAP if the user specifies the '-i dstip' arguments
* properly encode the GSMTAP channel type
* requires GSMTAP protocol version 0x02 (see next commit for wireshark patch)
Harald Welte
Sylvain Munaut
Andreas.Eversberg