The radio ressource layer uses RSL messages to perform RACH requests now.
TX power and timing advance is controlled before RACH request, after IMM.ASS,
and during dedicated mode. (Note that TX power control is not yet supported
by layer 1.)
In dedicated mode a frame is sent to layer 1. Subsequent frames are queued
inside lapdm.c until a confirm from layer 1 is received. Since not all
pending frames are sent rapidly at once, the layer 1 does not crash anymore.
Also included in this commit: handling of reset confirm (maybe required
in the future after dedicated mode)
Now layer23 supports selecting TS 0-4 with SDCCH/8 channels.
But some tests showed me that it doesn't work. Please help debugging.
Added DM release function to l1ctl.c and gsm48_rr.c.
We introduce the concept of CCCH mode. It can be either
- NONE: receive BCCCH only
- COMBINED: CCCH on a BCCH/CCCH+SDDCH/4
- NON_COMBINED: CCCH on a BCCH/CCCH
There is also a new command to change the mode without having
to do the resync.
Currently, we keep the previous default behavior of requesting
a combined CCCH by default
Signed-off-by: Sylvain Munaut <tnt@246tNt.com>
Instead of handling numerical MCC and MNC, they are now stored and handled
hexadecimal, like they are received by the network. This makes it possible
to correctly handle 2 and 3 digits MNC. Internally 2 digit MNCs are stored
as 0xXXf, and 3 digits MNC are stored as 0xXXX, where X is the digit 0..9.
The length of MNC in the IMSI (2 or 3 digits) depend on the MNC length
trying to match. Anyway that MNC name can be printed even without knowing the
actual length. This is done by matching the IMSI against list of networks.
PLEASE REMOVE "/etc/osmocom/*.ba", because the MCC and MNC stored there is
not valid anymore.
First of all I cleaned up the VTY commands. Instead of something like
"barred-access (yes|no)", I use now "barred-access" and "no barred-access".
Your stored configuration file will not load, because config format has
changed. Just remove the lines that cannot be parsed by VTY from your
config. Then the default values are used on next startup. Modify these as
desired via VTY using the new commands.
Use "rplmn <mcc> <mnc>" or "no rplmn" to set the initial behaviour of
network search. If RPLMN is set, this network is selected. If it is not
found, it will be displayed, then it is time to do a search
"network search 1".
If you have set "no rplmn" the search is started automatically on power on.
After the search you can see available networks and show the cells using
"show cell 1" or the detailed information "show cell 1 <arfcn>".
For testing all that be sure to set the "sim" to "test" and the
"network-search" to "manual". Do "show run" to see all commands to be set.
Only the known BA (band allocation) is used to check for the cell to camp
on. If there is no BA or if nothing is found, the process triggers normal
cell selection.
After location update (for example), the mobile switches to the strongest
cell in the current band allocation.
Now location update reject works. The rejected network/cell is stored in
an appropriate list. The lists can be dumped from the VTY.
A fake authentication response is generated until the SIM interface is
available. If the network rejects the test SIM, due to authentication
failure, it is removed and limited service state is entered. This currenlty
works on networks with SDCCH on the TS0 only.
The "BA range" is used for cell re-selection.
Due to layer 1 issues, the process gets stuck very often or looses
synchronization.
After location update, I can now make a call via VTY on SDCCH:
Call control sends SETUP request after requesting an MM connection.
My phone on the network side rang!! Call control fails and requires
further debugging...
The location update is now performed after the channel is assigned.
In dedicated mode the network receives the LOCATION UPDATING REQUEST.
The reply (IDENTITY REQUEST and LOCATION UPDATING REJECT) is received.
But subsequent message like the IDENTITY RESPONSE is not transmitted
by lapdm.c.
I hope that it fixes the crash issues. If a sysinfo was received when no cell is
selected, it was written to a NULL-pointer.
Also after selecting a cell (dedicated mode), it was not good to "continue"
an already stopped search process, if the sync fails.
* port 'mobile' application to new l1ctl_tx_fbsb_req()
* make sure we have a proper downlinke header in front of l1ctl_fbsb_resp
* remove duplicate band_arfcn member of struct l1ctl_fbsb_resp
* reset the AFC to its default value when starting new FBSB task
* remove bogus l1s.sb.{synced.count} variables
* allocate msg and send l1ctl_fbsb_resp() only from process context, not FIQ
* properly report SNR and BSIC in fbsb_resp
* introduce arbitrary SNR thresholds for FB0->FB1 and FB1->SB switching
We really want to have those two as distinct operations - and we
want proper state machines in L1 to quickly return if they've
managed to acquire a FB or SB or not. Otherwise scanning will
take ages...
This code now introduces a new l1ctl_fbsb_req that is sent via
L1CTL to ask for a bitmask of FB0/FB1/SB operations. The actual
FB0/FB1 detection now no longer runs for 500 TDMA interrupts
but completes as soon as we either know there is no FCCH,
or that our frequency error is smaller than a caller-specified
threshold.
FB0/FB1 are already working, SB is not yet, sorry.
- Load and save of config now works.
- Network search is displayed on VTY and the result can be selected there.
- Manual/auto mode can be selected via VTY and saved.
It is now possible to show informations about:
- mobile
- subscriber
- received cell informations
Later it can be used to do configurations (phone's menu)
and trigger events, like dialing a phone number.
- Fixes on PLMN search and cell selection process.
- Fixes on radio ressource.
- ^C will cause IMSI detach when pressed the first time.
Pressing ^C again will cause termination of process at any time.
- Fixed reference to system informations. (did crash when re-selecting).
- Fix in cell selection state machine. (any re-selection).
- MCC, MNC, LAC change of cell now triggers re-selection.
- Fixed some paging issues. Empty pagings are not displayed anymore. Also paging is now possible when 'camping on any cell'.
The current code will scan frequencies, select a cell and camps on it.
No SIM is inserted. Paging requests and Immediate assginments can be seen.
When inserting a SIM card (uncomment it in app_mobile.c), location update
is triggered after selecting a cell. The RACH request is sent, an
Immediate assignment is received, the dedicated mode is requested.
Nothing happens then, because no confirm / abort of layer 2 is received.
This is the current status of the layer 3 protocols. Everything compiles,
radio ressource layer is partly complete. Everything is untested, so don't
expect that it runs and does something usefull. The next step for me is
running and debugging it.
Here is the list of files that are added / modified:
new file: ../include/osmocom/gsm322.h
new file: ../include/osmocom/gsm48_cc.h
new file: ../include/osmocom/gsm48_mm.h
new file: ../include/osmocom/gsm48_rr.h
modified: ../include/osmocom/l23_app.h
modified: ../include/osmocom/logging.h
new file: ../include/osmocom/mncc.h
modified: ../include/osmocom/osmocom_data.h
new file: ../include/osmocom/subscriber.h
new file: ../include/osmocom/support.h
new file: ../include/osmocom/sysinfo.h
new file: ../include/osmocom/transaction.h
modified: Makefile.am
new file: app_mobile.c
new file: gsm322.c
new file: gsm48_cc.c
new file: gsm48_mm.c
new file: gsm48_rr.c
modified: main.c
new file: mnccms.c
new file: subscriber.c
new file: support.c
new file: sysinfo.c
new file: transaction.c