static int oml_router_read_cb(struct osmo_fd *fd, unsigned int what)
{
struct msgb *msg;
int rc;
msg = oml_msgb_alloc();
if (!msg) {
LOGP(DL1C, LOGL_ERROR, "Failed to allocate oml msgb.\n");
return -1;
}
rc = recv(fd->fd, msg->tail, msg->data_len, 0);
if (rc <= 0) {
close(fd->fd);
osmo_fd_unregister(fd);
fd->fd = -1;
goto err;
}
msg->l1h = msgb_put(msg, rc);
rc = msg_verify_ipa_structure(msg);
if (rc < 0) {
LOGP(DL1C, LOGL_ERROR,
"OML Router: Invalid IPA message rc(%d)\n", rc);
goto err;
}
rc = msg_verify_oml_structure(msg);
if (rc < 0) {
LOGP(DL1C, LOGL_ERROR,
"OML Router: Invalid OML message rc(%d)\n", rc);
goto err;
}
/* todo dispatch message */
err:
msgb_free(msg);
return -1;
}
static int hsl_bts_connect(struct ipa_client_conn *link)
{
struct msgb *msg;
uint8_t *serno;
char serno_buf[16];
struct hsl_unit *unit = link->line->ops->cfg.ipa.dev;
struct e1inp_sign_link *sign_link;
/* send the minimal message to identify this BTS. */
msg = ipa_msg_alloc(0);
if (!msg)
return -ENOMEM;
*msgb_put(msg, 1) = 0x80;
*msgb_put(msg, 1) = 0x80;
*msgb_put(msg, 1) = unit->swversion;
snprintf(serno_buf, sizeof(serno_buf), "%"PRIx64, unit->serno);
serno = msgb_put(msg, strlen(serno_buf)+1);
memcpy(serno, serno_buf, strlen(serno_buf));
ipa_msg_push_header(msg, 0);
send(link->ofd->fd, msg->data, msg->len, 0);
msgb_free(msg);
/* ... and enable the signalling link. */
if (!link->line->ops->sign_link_up) {
LOGP(DLINP, LOGL_ERROR,
"Unable to set signal link, closing socket.\n");
ipa_client_conn_close(link);
return -EINVAL;
}
sign_link = link->line->ops->sign_link_up(&unit,
link->line, E1INP_SIGN_NONE);
if (sign_link == NULL) {
LOGP(DLINP, LOGL_ERROR,
"Unable to set signal link, closing socket.\n");
ipa_client_conn_close(link);
return -EINVAL;
}
return 0;
}
static void
loader_do_memload() {
uint32_t rembytes = osmoload.memlen - osmoload.memoff;
if(!rembytes) {
puts("done.");
osmoload.quit = 1;
return;
}
osmo_timer_schedule(&osmoload.timeout, 0, 500000);
uint8_t reqbytes = (rembytes < MEM_MSG_MAX) ? rembytes : MEM_MSG_MAX;
osmoload.memcrc = osmo_crc16(0, (uint8_t *) osmoload.binbuf + osmoload.memoff, reqbytes);
osmoload.memreq = reqbytes;
struct msgb *msg = msgb_alloc(MSGB_MAX, "loader");
msgb_put_u8(msg, LOADER_MEM_WRITE);
msgb_put_u8(msg, reqbytes);
msgb_put_u16(msg, osmoload.memcrc);
msgb_put_u32(msg, osmoload.membase + osmoload.memoff);
unsigned char *p = msgb_put(msg, reqbytes);
memcpy(p, osmoload.binbuf + osmoload.memoff, reqbytes);
#if 0
printf("Sending %u bytes at offset %u to address %x with crc %x\n",
reqbytes, osmoload.memoff, osmoload.membase + osmoload.memoff,
osmoload.memcrc);
#endif
loader_send_request(msg);
msgb_free(msg);
osmoload.memoff += reqbytes;
}
/*! \brief call-back from LAPD code, called when it wants to Tx data */
static void misdn_write_msg(struct msgb *msg, void *cbdata)
{
struct osmo_fd *bfd = cbdata;
// struct e1inp_line *line = bfd->data;
// unsigned int ts_nr = bfd->priv_nr;
// struct e1inp_ts *e1i_ts = &line->ts[ts_nr-1];
struct mISDNhead *hh;
int ret;
DEBUGP(DLMI, "PH_DATA_REQ: len=%d %s\n", msg->len,
osmo_hexdump(msg->data, msg->len));
hh = (struct mISDNhead *) msgb_push(msg, MISDN_HEADER_LEN);
hh->prim = PH_DATA_REQ;
hh->id = 0;
ret = write(bfd->fd, msg->data, msg->len);
if (ret < 0)
LOGP(DLMI, LOGL_NOTICE, "write failed %d\n", ret);
msgb_free(msg);
}
/* XXX: recvmsg is overwritten when multiple msg arrive! */
static ssize_t sc_console_read(file_t *filep, FAR char *buffer, size_t buflen)
{
size_t len;
struct msgb *tmp;
/* Wait until data is received */
while(recvmsg == NULL) {
sem_wait(&readdev->recvsem);
}
len = recvmsg->len > buflen ? buflen : recvmsg->len;
memcpy(buffer, msgb_get(recvmsg, len), len);
if(recvmsg->len == 0) {
/* prevent inconsistent msg by first invalidating it, then free it */
tmp = recvmsg;
recvmsg = NULL;
msgb_free(tmp);
}
return len;
}
/*! \brief Send a given xUA message via a given M3UA Application Server
* \param[in] as Application Server through which to send \ref xua
* \param[in] xua xUA message to be sent
* \return 0 on success; negative on error */
int m3ua_tx_xua_as(struct osmo_ss7_as *as, struct xua_msg *xua)
{
struct msgb *msg;
int rc;
OSMO_ASSERT(as->cfg.proto == OSMO_SS7_ASP_PROT_M3UA);
/* Add RC for this AS */
if (as->cfg.routing_key.context)
xua_msg_add_u32(xua, M3UA_IEI_ROUTE_CTX, as->cfg.routing_key.context);
msg = m3ua_to_msg(xua);
if (!msg)
return -1;
/* send the msg to the AS for transmission. The AS FSM might
* (depending on its state) enqueue it before trnsmission */
rc = osmo_fsm_inst_dispatch(as->fi, XUA_AS_E_TRANSFER_REQ, msg);
if (rc < 0)
msgb_free(msg);
return rc;
}
static void connection_loss(struct bsc_msc_connection *con)
{
struct osmo_fd *fd;
fd = &con->write_queue.bfd;
if (con->pending_msg) {
LOGP(DMSC, LOGL_ERROR,
"MSC(%s) dropping incomplete message.\n", con->name);
msgb_free(con->pending_msg);
con->pending_msg = NULL;
}
close(fd->fd);
fd->fd = -1;
fd->cb = osmo_wqueue_bfd_cb;
fd->when = 0;
con->is_connected = 0;
con->first_contact = 0;
con->connection_loss(con);
}
static int rslms_rx_rll(struct msgb *msg, struct osmocom_ms *ms)
{
struct abis_rsl_rll_hdr *rllh = msgb_l2(msg);
int rc = 0;
switch (rllh->c.msg_type) {
case RSL_MT_DATA_IND:
DEBUGP(DRSL, "RSLms DATA IND\n");
/* FIXME: implement this */
break;
case RSL_MT_UNIT_DATA_IND:
rc = rslms_rx_udata_ind(msg, ms);
break;
case RSL_MT_EST_IND:
DEBUGP(DRSL, "RSLms EST IND\n");
/* FIXME: implement this */
break;
case RSL_MT_EST_CONF:
DEBUGP(DRSL, "RSLms EST CONF\n");
/* FIXME: implement this */
break;
case RSL_MT_REL_CONF:
DEBUGP(DRSL, "RSLms REL CONF\n");
/* FIXME: implement this */
break;
case RSL_MT_ERROR_IND:
DEBUGP(DRSL, "RSLms ERR IND\n");
/* FIXME: implement this */
break;
default:
LOGP(DRSL, LOGL_NOTICE, "unknown RSLms message type "
"0x%02x\n", rllh->c.msg_type);
rc = -EINVAL;
break;
}
msgb_free(msg);
return rc;
}
static int rcv_rsl(struct msgb *msg, struct lapdm_entity *le, void *l3ctx)
{
struct osmocom_ms *ms = l3ctx;
struct abis_rsl_common_hdr *rslh = msgb_l2(msg);
int rc = 0;
switch (rslh->msg_discr & 0xfe) {
case ABIS_RSL_MDISC_RLL:
rc = rcv_rll(ms, msg);
break;
case ABIS_RSL_MDISC_COM_CHAN:
rc = rcv_cch(ms, msg);
break;
default:
LOGP(DRSL, LOGL_NOTICE, "unknown RSLms msg_discr 0x%02x\n",
rslh->msg_discr);
msgb_free(msg);
rc = -EINVAL;
break;
}
return rc;
}
/*! \brief Send a \ref msgb through a GSMTAP source
* \param[in] gti GSMTAP instance
* \param[in] msg message buffer
*/
int gsmtap_sendmsg(struct gsmtap_inst *gti, struct msgb *msg)
{
if (!gti)
return -ENODEV;
if (gti->ofd_wq_mode)
return osmo_wqueue_enqueue(>i->wq, msg);
else {
/* try immediate send and return error if any */
int rc;
rc = write(gsmtap_inst_fd(gti), msg->data, msg->len);
if (rc <= 0) {
return rc;
} else if (rc >= msg->len) {
msgb_free(msg);
return 0;
} else {
/* short write */
return -EIO;
}
}
}
static void pcu_sock_close(struct pcu_sock_state *state, int lost)
{
struct osmo_fd *bfd = &state->conn_bfd;
struct gprs_rlcmac_bts *bts = bts_main_data();
uint8_t trx, ts;
LOGP(DL1IF, LOGL_NOTICE, "PCU socket has %s connection\n",
(lost) ? "LOST" : "closed");
close(bfd->fd);
bfd->fd = -1;
osmo_fd_unregister(bfd);
/* flush the queue */
while (!llist_empty(&state->upqueue)) {
struct msgb *msg = msgb_dequeue(&state->upqueue);
msgb_free(msg);
}
/* disable all slots, kick all TBFs */
for (trx = 0; trx < 8; trx++) {
#ifdef ENABLE_DIRECT_PHY
if (bts->trx[trx].fl1h) {
l1if_close_pdch(bts->trx[trx].fl1h);
bts->trx[trx].fl1h = NULL;
}
#endif
for (ts = 0; ts < 8; ts++)
bts->trx[trx].pdch[ts].disable();
/* FIXME: NOT ALL RESOURCES are freed in this case... inconsistent with the other code. Share the code with pcu_l1if.c
for the reset. */
gprs_rlcmac_tbf::free_all(&bts->trx[trx]);
}
gprs_bssgp_destroy();
exit(0);
}
static void rll_ind_cb(struct gsm_lchan *lchan, uint8_t link_id, void *_data, enum bsc_rllr_ind rllr_ind)
{
struct msgb *msg = _data;
/*
* There seems to be a small window that the RLL timer can
* fire after a lchan_release call and before the S_CHALLOC_FREED
* is called. Check if a conn is set before proceeding.
*/
if (!lchan->conn)
return;
switch (rllr_ind) {
case BSC_RLLR_IND_EST_CONF:
rsl_data_request(msg, OBSC_LINKID_CB(msg));
break;
case BSC_RLLR_IND_REL_IND:
case BSC_RLLR_IND_ERR_IND:
case BSC_RLLR_IND_TIMEOUT:
send_sapi_reject(lchan->conn, OBSC_LINKID_CB(msg));
msgb_free(msg);
break;
}
}
struct msgb *rua_new_conn(int is_ps, uint32_t context_id, struct msgb *inmsg)
{
RUA_Connect_t out;
RUA_ConnectIEs_t ies;
struct msgb *msg;
uint32_t ctxidbuf;
int rc;
memset(&ies, 0, sizeof(ies));
if (is_ps)
ies.cN_DomainIndicator = RUA_CN_DomainIndicator_ps_domain;
else
ies.cN_DomainIndicator = RUA_CN_DomainIndicator_cs_domain;
asn1_u24_to_bitstring(&ies.context_ID, &ctxidbuf, context_id);
ies.establishment_Cause = RUA_Establishment_Cause_normal_call;
OCTET_STRING_fromBuf(&ies.ranaP_Message, inmsg->data, msgb_length(inmsg));
msgb_free(inmsg);
memset(&out, 0, sizeof(out));
rc = rua_encode_connecties(&out, &ies);
if (rc < 0)
return NULL;
msg = rua_generate_initiating_message(RUA_ProcedureCode_id_Connect,
RUA_Criticality_reject,
&asn_DEF_RUA_Connect,
&out);
ASN_STRUCT_FREE_CONTENTS_ONLY(asn_DEF_RUA_Connect, &out);
DEBUGP(DMAIN, "transmitting RUA payload of %u bytes\n", msgb_length(msg));
msgb_sctp_ppid(msg) = IUH_PPI_RUA;
return msg;
}
static void test_rqnt_cb(void)
{
struct mgcp_config *cfg;
struct msgb *inp, *msg;
cfg = mgcp_config_alloc();
cfg->rqnt_cb = rqnt_cb;
cfg->trunk.number_endpoints = 64;
mgcp_endpoints_allocate(&cfg->trunk);
mgcp_endpoints_allocate(mgcp_trunk_alloc(cfg, 1));
inp = create_msg(CRCX);
msgb_free(mgcp_handle_message(cfg, inp));
msgb_free(inp);
/* send the RQNT and check for the CB */
inp = create_msg(RQNT);
msg = mgcp_handle_message(cfg, inp);
if (strncmp((const char *) msg->l2h, "200", 3) != 0) {
printf("FAILED: message is not 200. '%s'\n", msg->l2h);
abort();
}
if (cfg->data != (void *) '9') {
printf("FAILED: callback not called: %p\n", cfg->data);
abort();
}
msgb_free(msg);
msgb_free(inp);
inp = create_msg(DLCX);
msgb_free(mgcp_handle_message(cfg, inp));
msgb_free(inp);
talloc_free(cfg);
}
static int handle_ts1_read(struct osmo_fd *bfd)
{
struct e1inp_line *line = bfd->data;
unsigned int ts_nr = bfd->priv_nr;
struct e1inp_ts *e1i_ts = &line->ts[ts_nr-1];
struct e1inp_sign_link *link;
struct ipaccess_head *hh;
struct msgb *msg;
int ret = 0, error;
error = ipa_msg_recv(bfd->fd, &msg);
if (error < 0)
return error;
else if (error == 0) {
hsl_drop(e1i_ts->line, bfd);
LOGP(DLINP, LOGL_NOTICE, "Sign link vanished, dead socket\n");
return error;
}
DEBUGP(DLMI, "RX %u: %s\n", ts_nr, osmo_hexdump(msgb_l2(msg), msgb_l2len(msg)));
hh = (struct ipaccess_head *) msg->data;
if (hh->proto == HSL_PROTO_DEBUG) {
LOGP(DLINP, LOGL_NOTICE, "HSL debug: %s\n", msg->data + sizeof(*hh));
msgb_free(msg);
return ret;
}
/* HSL proprietary RSL extension */
if (hh->proto == 0 && (msg->l2h[0] == 0x81 || msg->l2h[0] == 0x80)) {
ret = process_hsl_rsl(msg, line, bfd);
if (ret < 0) {
hsl_drop(e1i_ts->line, bfd);
return ret;
} else if (ret == 1)
return 0;
/* else: continue... */
}
#ifdef HSL_SR_1_0
/* HSL for whatever reason chose to use 0x81 instead of 0x80 for FOM */
if (hh->proto == 255 && msg->l2h[0] == (ABIS_OM_MDISC_FOM | 0x01))
msg->l2h[0] = ABIS_OM_MDISC_FOM;
#endif
link = e1inp_lookup_sign_link(e1i_ts, hh->proto, 0);
if (!link) {
LOGP(DLINP, LOGL_ERROR, "no matching signalling link for "
"hh->proto=0x%02x\n", hh->proto);
msgb_free(msg);
return -EIO;
}
msg->dst = link;
/* XXX: better use e1inp_ts_rx? */
if (!e1i_ts->line->ops->sign_link) {
LOGP(DLINP, LOGL_ERROR, "Fix your application, "
"no action set for signalling messages.\n");
return -ENOENT;
}
e1i_ts->line->ops->sign_link(msg);
return ret;
}
static void test_oap_api(void)
{
printf("Testing OAP API\n - Config parsing\n");
struct oap_config _config;
struct oap_config *config = &_config;
struct oap_state _state;
struct oap_state *state = &_state;
memset(config, 0, sizeof(*config));
memset(state, 0, sizeof(*state));
OSMO_ASSERT(osmo_hexparse("0102030405060708090a0b0c0d0e0f10", config->secret_k, 16) == 16);
OSMO_ASSERT(osmo_hexparse("1112131415161718191a1b1c1d1e1f20", config->secret_opc, 16) == 16);
/* make sure filling with zeros means uninitialized */
OSMO_ASSERT(state->state == OAP_UNINITIALIZED);
/* invalid client_id and shared secret */
config->client_id = 0;
config->secret_k_present = 0;
config->secret_opc_present = 0;
OSMO_ASSERT( oap_init(config, state) == 0 );
OSMO_ASSERT(state->state == OAP_DISABLED);
/* reset state */
memset(state, 0, sizeof(*state));
/* only client_id is invalid */
config->client_id = 0;
config->secret_k_present = 1;
config->secret_opc_present = 1;
OSMO_ASSERT( oap_init(config, state) == 0 );
OSMO_ASSERT(state->state == OAP_DISABLED);
memset(state, 0, sizeof(*state));
/* valid id, but omitted shared_secret (1/2) */
config->client_id = 12345;
config->secret_k_present = 0;
config->secret_opc_present = 1;
OSMO_ASSERT( oap_init(config, state) == 0 );
OSMO_ASSERT(state->state == OAP_DISABLED);
memset(state, 0, sizeof(*state));
/* valid id, but omitted shared_secret (2/2) */
config->client_id = 12345;
config->secret_k_present = 1;
config->secret_opc_present = 0;
OSMO_ASSERT( oap_init(config, state) == 0 );
OSMO_ASSERT(state->state == OAP_DISABLED);
memset(state, 0, sizeof(*state));
/* mint configuration */
config->client_id = 12345;
config->secret_k_present = 1;
config->secret_opc_present = 1;
/*config->secret_* buffers are still set from the top */
OSMO_ASSERT( oap_init(config, state) == 0 );
OSMO_ASSERT(state->state == OAP_INITIALIZED);
printf(" - AUTN failures\n");
struct oap_message oap_rx;
struct oap_message oap_tx;
struct msgb *msg_rx;
struct msgb *msg_tx;
memset(&oap_rx, 0, sizeof(oap_rx));
/* Missing challenge data */
oap_rx.message_type = OAP_MSGT_CHALLENGE_REQUEST;
oap_rx.rand_present = 0;
oap_rx.autn_present = 0;
msg_rx = oap_encoded(&oap_rx);
OSMO_ASSERT(oap_handle(state, msg_rx, &msg_tx) == -2);
msgb_free(msg_rx);
OSMO_ASSERT(!msg_tx);
/* AUTN missing */
osmo_hexparse("0102030405060708090a0b0c0d0e0f10",
oap_rx.rand, 16);
oap_rx.rand_present = 1;
msg_rx = oap_encoded(&oap_rx);
OSMO_ASSERT(oap_handle(state, msg_rx, &msg_tx) == -2);
msgb_free(msg_rx);
OSMO_ASSERT(!msg_tx);
/* RAND missing */
oap_rx.rand_present = 0;
osmo_hexparse("cec4e3848a33000086781158ca40f136",
oap_rx.autn, 16);
oap_rx.autn_present = 1;
msg_rx = oap_encoded(&oap_rx);
OSMO_ASSERT(oap_handle(state, msg_rx, &msg_tx) == -2);
msgb_free(msg_rx);
OSMO_ASSERT(!msg_tx);
/* wrong autn (by one bit) */
osmo_hexparse("0102030405060708090a0b0c0d0e0f10",
oap_rx.rand, 16);
osmo_hexparse("dec4e3848a33000086781158ca40f136",
oap_rx.autn, 16);
oap_rx.rand_present = 1;
oap_rx.autn_present = 1;
msg_rx = oap_encoded(&oap_rx);
OSMO_ASSERT(oap_handle(state, msg_rx, &msg_tx) == -2);
msgb_free(msg_rx);
OSMO_ASSERT(!msg_tx);
/* all data correct */
osmo_hexparse("cec4e3848a33000086781158ca40f136",
oap_rx.autn, 16);
msg_rx = oap_encoded(&oap_rx);
/* but refuse to evaluate in uninitialized state */
OSMO_ASSERT(state->state == OAP_INITIALIZED);
state->state = OAP_UNINITIALIZED;
OSMO_ASSERT(oap_handle(state, msg_rx, &msg_tx) == -1);
OSMO_ASSERT(!msg_tx);
state->state = OAP_DISABLED;
OSMO_ASSERT(oap_handle(state, msg_rx, &msg_tx) == -1);
OSMO_ASSERT(!msg_tx);
state->state = OAP_INITIALIZED;
/* now everything is correct */
printf(" - AUTN success\n");
/* a successful return value here indicates correct autn */
OSMO_ASSERT(oap_handle(state, msg_rx, &msg_tx) == 0);
msgb_free(msg_rx);
/* Expect the challenge response in msg_tx */
OSMO_ASSERT(msg_tx);
OSMO_ASSERT(oap_decode(msg_tx->data, msg_tx->len, &oap_tx) == 0);
OSMO_ASSERT(oap_tx.message_type == OAP_MSGT_CHALLENGE_RESULT);
OSMO_ASSERT(strcmp("e2d05b598c61d9ba",
osmo_hexdump_nospc(oap_tx.xres, sizeof(oap_tx.xres)))
== 0);
OSMO_ASSERT(state->state == OAP_SENT_CHALLENGE_RESULT);
msgb_free(msg_tx);
msg_tx = 0;
struct oap_state saved_state = _state;
printf(" - Registration failure\n");
memset(&oap_rx, 0, sizeof(oap_rx));
oap_rx.message_type = OAP_MSGT_REGISTER_ERROR;
oap_rx.cause = GMM_CAUSE_PROTO_ERR_UNSPEC;
msg_rx = oap_encoded(&oap_rx);
/* Receive registration error for the first time. */
OSMO_ASSERT(state->registration_failures == 0);
OSMO_ASSERT(oap_handle(state, msg_rx, &msg_tx) == 0);
OSMO_ASSERT(state->registration_failures == 1);
OSMO_ASSERT(msg_tx);
OSMO_ASSERT(oap_decode(msg_tx->data, msg_tx->len, &oap_tx) == 0);
OSMO_ASSERT(oap_tx.message_type == OAP_MSGT_REGISTER_REQUEST);
OSMO_ASSERT(state->state == OAP_REQUESTED_CHALLENGE);
msgb_free(msg_tx);
msg_tx = 0;
/* Receive registration error for the Nth time. */
state->registration_failures = 999;
OSMO_ASSERT(oap_handle(state, msg_rx, &msg_tx) == -11);
OSMO_ASSERT(!msg_tx);
OSMO_ASSERT(state->state == OAP_INITIALIZED);
msgb_free(msg_tx);
msg_tx = 0;
msgb_free(msg_rx);
printf(" - Registration success\n");
_state = saved_state;
memset(&oap_rx, 0, sizeof(oap_rx));
oap_rx.message_type = OAP_MSGT_REGISTER_RESULT;
msg_rx = oap_encoded(&oap_rx);
OSMO_ASSERT(oap_handle(state, msg_rx, &msg_tx) == 0);
OSMO_ASSERT(!msg_tx);
OSMO_ASSERT(state->state == OAP_REGISTERED);
msgb_free(msg_rx);
}
static void test_lapdm_polling()
{
printf("I do some very simple LAPDm test.\n");
int rc;
struct lapdm_polling_state test_state;
struct osmo_phsap_prim pp;
/* Configure LAPDm on both sides */
struct lapdm_channel bts_to_ms_channel;
struct lapdm_channel ms_to_bts_channel;
memset(&bts_to_ms_channel, 0, sizeof(bts_to_ms_channel));
memset(&ms_to_bts_channel, 0, sizeof(ms_to_bts_channel));
memset(&test_state, 0, sizeof(test_state));
test_state.bts = &bts_to_ms_channel;
test_state.ms = &ms_to_bts_channel;
/* BTS to MS in polling mode */
lapdm_channel_init(&bts_to_ms_channel, LAPDM_MODE_BTS);
lapdm_channel_set_flags(&bts_to_ms_channel, LAPDM_ENT_F_POLLING_ONLY);
lapdm_channel_set_l1(&bts_to_ms_channel, NULL, &test_state);
lapdm_channel_set_l3(&bts_to_ms_channel, bts_to_ms_tx_cb, &test_state);
/* MS to BTS in direct mode */
lapdm_channel_init(&ms_to_bts_channel, LAPDM_MODE_MS);
lapdm_channel_set_l1(&ms_to_bts_channel, ms_to_bts_l1_cb, &test_state);
lapdm_channel_set_l3(&ms_to_bts_channel, ms_to_bts_tx_cb, &test_state);
/*
* We try to send messages from the MS to the BTS to the MS..
*/
/* 1. Start with MS -> BTS, BTS should have a pending message */
printf("Establishing link.\n");
lapdm_rslms_recvmsg(create_cm_serv_req(), &ms_to_bts_channel);
/* 2. Poll on the BTS for sending out a confirmation */
printf("\nConfirming\n");
ASSERT(test_state.bts_read == 1)
rc = lapdm_phsap_dequeue_prim(&bts_to_ms_channel.lapdm_dcch, &pp);
CHECK_RC(rc);
ASSERT(pp.oph.msg->data == pp.oph.msg->l2h);
send(pp.oph.msg, &ms_to_bts_channel);
msgb_free(pp.oph.msg);
ASSERT(test_state.ms_read == 1);
/* 3. Send some data to the MS */
printf("\nSending back to MS\n");
lapdm_rslms_recvmsg(create_mm_id_req(), &bts_to_ms_channel);
rc = lapdm_phsap_dequeue_prim(&bts_to_ms_channel.lapdm_dcch, &pp);
CHECK_RC(rc);
send(pp.oph.msg, &ms_to_bts_channel);
msgb_free(pp.oph.msg);
ASSERT(test_state.ms_read == 2);
/* verify that there is nothing more to poll */
rc = lapdm_phsap_dequeue_prim(&bts_to_ms_channel.lapdm_dcch, &pp);
ASSERT(rc < 0);
/* 3. And back to the BTS */
printf("\nSending back to BTS\n");
ASSERT(test_state.ms_read == 2);
lapdm_rslms_recvmsg(create_dummy_data_req(), &ms_to_bts_channel);
/* 4. And back to the MS, but let's move data/l2h apart */
ASSERT(test_state.bts_read == 2)
ASSERT(test_state.ms_read == 2);
rc = lapdm_phsap_dequeue_prim(&bts_to_ms_channel.lapdm_dcch, &pp);
CHECK_RC(rc);
send(pp.oph.msg, &ms_to_bts_channel);
ASSERT(test_state.ms_read == 2);
msgb_free(pp.oph.msg);
/* verify that there is nothing more to poll */
rc = lapdm_phsap_dequeue_prim(&bts_to_ms_channel.lapdm_dcch, &pp);
ASSERT(rc < 0);
/* check sending an empty L3 message fails */
rc = lapdm_rslms_recvmsg(create_empty_msg(), &bts_to_ms_channel);
ASSERT(rc == -1);
ASSERT(test_state.ms_read == 2);
/* clean up */
lapdm_channel_exit(&bts_to_ms_channel);
lapdm_channel_exit(&ms_to_bts_channel);
}
static int _l1if_req_compl(struct lc15l1_hdl *fl1h, struct msgb *msg,
int is_system_prim, l1if_compl_cb *cb, void *data)
{
struct wait_l1_conf *wlc;
struct osmo_wqueue *wqueue;
unsigned int timeout_secs;
/* allocate new wsc and store reference to mutex and conf_id */
wlc = talloc_zero(fl1h, struct wait_l1_conf);
wlc->cb = cb;
wlc->cb_data = data;
/* Make sure we actually have received a REQUEST type primitive */
if (is_system_prim == 0) {
GsmL1_Prim_t *l1p = msgb_l1prim(msg);
LOGP(DL1P, LOGL_INFO, "Tx L1 prim %s\n",
get_value_string(lc15bts_l1prim_names, l1p->id));
if (lc15bts_get_l1prim_type(l1p->id) != L1P_T_REQ) {
LOGP(DL1C, LOGL_ERROR, "L1 Prim %s is not a Request!\n",
get_value_string(lc15bts_l1prim_names, l1p->id));
talloc_free(wlc);
return -EINVAL;
}
wlc->is_sys_prim = 0;
wlc->conf_prim_id = lc15bts_get_l1prim_conf(l1p->id);
wlc->conf_hLayer3 = l1p_get_hLayer3(l1p);
wqueue = &fl1h->write_q[MQ_L1_WRITE];
timeout_secs = 30;
} else {
Litecell15_Prim_t *sysp = msgb_sysprim(msg);
LOGP(DL1C, LOGL_INFO, "Tx SYS prim %s\n",
get_value_string(lc15bts_sysprim_names, sysp->id));
if (lc15bts_get_sysprim_type(sysp->id) != L1P_T_REQ) {
LOGP(DL1C, LOGL_ERROR, "SYS Prim %s is not a Request!\n",
get_value_string(lc15bts_sysprim_names, sysp->id));
talloc_free(wlc);
return -EINVAL;
}
wlc->is_sys_prim = 1;
wlc->conf_prim_id = lc15bts_get_sysprim_conf(sysp->id);
wqueue = &fl1h->write_q[MQ_SYS_WRITE];
timeout_secs = 30;
}
/* enqueue the message in the queue and add wsc to list */
if (osmo_wqueue_enqueue(wqueue, msg) != 0) {
/* So we will get a timeout but the log message might help */
LOGP(DL1C, LOGL_ERROR, "Write queue for %s full. dropping msg.\n",
is_system_prim ? "system primitive" : "gsm");
msgb_free(msg);
}
llist_add(&wlc->list, &fl1h->wlc_list);
/* schedule a timer for timeout_secs seconds. If DSP fails to respond, we terminate */
wlc->timer.data = wlc;
wlc->timer.cb = l1if_req_timeout;
osmo_timer_schedule(&wlc->timer, timeout_secs, 0);
return 0;
}
static int handle_ts1_read(struct osmo_fd *bfd)
{
struct e1inp_line *line = bfd->data;
struct misdn_line *mline = line->driver_data;
unsigned int ts_nr = bfd->priv_nr;
struct e1inp_ts *e1i_ts = &line->ts[ts_nr-1];
struct e1inp_sign_link *link;
struct msgb *msg = msgb_alloc(TS1_ALLOC_SIZE, "mISDN TS1");
struct sockaddr_mISDN l2addr;
struct mISDNhead *hh;
socklen_t alen;
int ret;
if (!msg)
return -ENOMEM;
hh = (struct mISDNhead *) msg->data;
alen = sizeof(l2addr);
ret = recvfrom(bfd->fd, msg->data, 300, 0,
(struct sockaddr *) &l2addr, &alen);
if (ret < 0) {
fprintf(stderr, "recvfrom error %s\n", strerror(errno));
msgb_free(msg);
return ret;
}
if (alen != sizeof(l2addr)) {
fprintf(stderr, "%s error len\n", __func__);
msgb_free(msg);
return -EINVAL;
}
msgb_put(msg, ret);
DEBUGP(DLMI, "alen =%d, dev(%d) channel(%d) sapi(%d) tei(%d)\n",
alen, l2addr.dev, l2addr.channel, l2addr.sapi, l2addr.tei);
DEBUGP(DLMI, "<= len = %d, prim(0x%x) id(0x%x): %s\n",
ret, hh->prim, hh->id, get_value_string(prim_names, hh->prim));
switch (hh->prim) {
case DL_INFORMATION_IND:
/* mISDN tells us which channel number is allocated for this
* tuple of (SAPI, TEI). */
DEBUGP(DLMI, "DL_INFORMATION_IND: use channel(%d) sapi(%d) tei(%d) for now\n",
l2addr.channel, l2addr.sapi, l2addr.tei);
link = e1inp_lookup_sign_link(e1i_ts, l2addr.tei, l2addr.sapi);
if (!link) {
DEBUGPC(DLMI, "mISDN message for unknown sign_link\n");
msgb_free(msg);
return -EINVAL;
}
/* save the channel number in the driver private struct */
link->driver.misdn.channel = l2addr.channel;
msgb_free(msg);
break;
case DL_ESTABLISH_IND:
DEBUGP(DLMI, "DL_ESTABLISH_IND: channel(%d) sapi(%d) tei(%d)\n",
l2addr.channel, l2addr.sapi, l2addr.tei);
/* For some strange reason, sometimes the DL_INFORMATION_IND tells
* us the wrong channel, and we only get the real channel number
* during the DL_ESTABLISH_IND */
link = e1inp_lookup_sign_link(e1i_ts, l2addr.tei, l2addr.sapi);
if (!link) {
DEBUGPC(DLMI, "mISDN message for unknown sign_link\n");
msgb_free(msg);
return -EINVAL;
}
/* save the channel number in the driver private struct */
link->driver.misdn.channel = l2addr.channel;
ret = e1inp_event(e1i_ts, S_L_INP_TEI_UP, l2addr.tei, l2addr.sapi);
msgb_free(msg);
break;
case DL_RELEASE_IND:
DEBUGP(DLMI, "DL_RELEASE_IND: channel(%d) sapi(%d) tei(%d)\n",
l2addr.channel, l2addr.sapi, l2addr.tei);
ret = e1inp_event(e1i_ts, S_L_INP_TEI_DN, l2addr.tei, l2addr.sapi);
msgb_free(msg);
break;
case DL_DATA_IND:
case DL_UNITDATA_IND:
msg->l2h = msg->data + MISDN_HEADER_LEN;
DEBUGP(DLMI, "RX: %s\n", osmo_hexdump(msgb_l2(msg), ret - MISDN_HEADER_LEN));
if (mline->use_userspace_lapd) {
LOGP(DLMI, LOGL_ERROR, "DL_DATA_IND but userspace LAPD ?!?\n");
msgb_free(msg);
return -EIO;
}
ret = e1inp_rx_ts(e1i_ts, msg, l2addr.tei, l2addr.sapi);
break;
case PH_ACTIVATE_IND:
DEBUGP(DLMI, "PH_ACTIVATE_IND: channel(%d) sapi(%d) tei(%d)\n",
l2addr.channel, l2addr.sapi, l2addr.tei);
msgb_free(msg);
break;
case PH_DEACTIVATE_IND:
DEBUGP(DLMI, "PH_DEACTIVATE_IND: channel(%d) sapi(%d) tei(%d)\n",
l2addr.channel, l2addr.sapi, l2addr.tei);
msgb_free(msg);
break;
case PH_DATA_IND:
if (!mline->use_userspace_lapd) {
LOGP(DLMI, LOGL_ERROR, "PH_DATA_IND but kernel LAPD ?!?\n");
return -EIO;
}
/* remove the Misdn Header */
msgb_pull(msg, MISDN_HEADER_LEN);
/* hand into the LAPD code */
DEBUGP(DLMI, "RX: %s\n", osmo_hexdump(msg->data, msg->len));
ret = e1inp_rx_ts_lapd(e1i_ts, msg);
break;
default:
msgb_free(msg);
break;
}
return ret;
}
static void cmd_handler(uint8_t dlci, struct msgb *msg)
{
if (msg->data_len < 1) {
return;
}
uint8_t command = msgb_pull_u8(msg);
int res = 0;
flash_lock_t lock;
void *data;
uint8_t chip;
uint8_t nbytes;
uint16_t crc, mycrc;
uint32_t address;
struct msgb *reply = sercomm_alloc_msgb(256); // XXX
if (!reply) {
printf("Failed to allocate reply buffer!\n");
goto out;
}
switch (command) {
case LOADER_PING:
loader_send_simple(reply, dlci, LOADER_PING);
break;
case LOADER_RESET:
loader_send_simple(reply, dlci, LOADER_RESET);
device_reset();
break;
case LOADER_POWEROFF:
loader_send_simple(reply, dlci, LOADER_POWEROFF);
device_poweroff();
break;
case LOADER_ENTER_ROM_LOADER:
loader_send_simple(reply, dlci, LOADER_ENTER_ROM_LOADER);
device_enter_loader(1);
break;
case LOADER_ENTER_FLASH_LOADER:
loader_send_simple(reply, dlci, LOADER_ENTER_FLASH_LOADER);
device_enter_loader(0);
break;
case LOADER_MEM_READ:
nbytes = msgb_pull_u8(msg);
address = msgb_pull_u32(msg);
crc = osmo_crc16(0, (void *)address, nbytes);
msgb_put_u8(reply, LOADER_MEM_READ);
msgb_put_u8(reply, nbytes);
msgb_put_u16(reply, crc);
msgb_put_u32(reply, address);
memcpy(msgb_put(reply, nbytes), (void *)address, nbytes);
sercomm_sendmsg(dlci, reply);
break;
case LOADER_MEM_WRITE:
nbytes = msgb_pull_u8(msg);
crc = msgb_pull_u16(msg);
address = msgb_pull_u32(msg);
data = msgb_pull(msg, nbytes) - nbytes;
mycrc = osmo_crc16(0, data, nbytes);
if (mycrc == crc) {
memcpy((void *)address, data, nbytes);
}
msgb_put_u8(reply, LOADER_MEM_WRITE);
msgb_put_u8(reply, nbytes);
msgb_put_u16(reply, mycrc);
msgb_put_u32(reply, address);
sercomm_sendmsg(dlci, reply);
break;
case LOADER_JUMP:
address = msgb_pull_u32(msg);
msgb_put_u8(reply, LOADER_JUMP);
msgb_put_u32(reply, address);
sercomm_sendmsg(dlci, reply);
device_jump((void *)address);
break;
case LOADER_FLASH_INFO:
msgb_put_u8(reply, LOADER_FLASH_INFO);
msgb_put_u8(reply, 1); // nchips
// chip 1
msgb_put_u32(reply, (uint32_t)the_flash.f_base);
msgb_put_u32(reply, the_flash.f_size);
msgb_put_u8(reply, the_flash.f_nregions);
unsigned i;
for (i = 0; i < the_flash.f_nregions; i++) {
msgb_put_u32(reply, the_flash.f_regions[i].fr_bnum);
msgb_put_u32(reply, the_flash.f_regions[i].fr_bsize);
}
sercomm_sendmsg(dlci, reply);
break;
case LOADER_FLASH_ERASE:
case LOADER_FLASH_UNLOCK:
case LOADER_FLASH_LOCK:
case LOADER_FLASH_LOCKDOWN:
chip = msgb_pull_u8(msg);
address = msgb_pull_u32(msg);
if (command == LOADER_FLASH_ERASE) {
res = flash_block_erase(&the_flash, address);
}
if (command == LOADER_FLASH_UNLOCK) {
res = flash_block_unlock(&the_flash, address);
}
if (command == LOADER_FLASH_LOCK) {
res = flash_block_lock(&the_flash, address);
}
if (command == LOADER_FLASH_LOCKDOWN) {
res = flash_block_lockdown(&the_flash, address);
}
msgb_put_u8(reply, command);
msgb_put_u8(reply, chip);
msgb_put_u32(reply, address);
msgb_put_u32(reply, (res != 0));
sercomm_sendmsg(dlci, reply);
break;
case LOADER_FLASH_GETLOCK:
chip = msgb_pull_u8(msg);
address = msgb_pull_u32(msg);
lock = flash_block_getlock(&the_flash, address);
msgb_put_u8(reply, command);
msgb_put_u8(reply, chip);
msgb_put_u32(reply, address);
switch (lock) {
case FLASH_UNLOCKED:
msgb_put_u32(reply, LOADER_FLASH_UNLOCKED);
break;
case FLASH_LOCKED:
msgb_put_u32(reply, LOADER_FLASH_LOCKED);
break;
case FLASH_LOCKED_DOWN:
msgb_put_u32(reply, LOADER_FLASH_LOCKED_DOWN);
break;
default:
msgb_put_u32(reply, 0xFFFFFFFF);
break;
}
sercomm_sendmsg(dlci, reply);
break;
case LOADER_FLASH_PROGRAM:
nbytes = msgb_pull_u8(msg);
crc = msgb_pull_u16(msg);
msgb_pull_u8(msg); // XXX align
chip = msgb_pull_u8(msg);
address = msgb_pull_u32(msg);
data = msgb_pull(msg, nbytes) - nbytes;
mycrc = osmo_crc16(0, data, nbytes);
if (mycrc == crc) {
res = flash_program(&the_flash, address, data, nbytes);
}
msgb_put_u8(reply, LOADER_FLASH_PROGRAM);
msgb_put_u8(reply, nbytes);
msgb_put_u16(reply, mycrc);
msgb_put_u8(reply, 0); // XXX align
msgb_put_u8(reply, chip);
msgb_put_u32(reply, address);
msgb_put_u32(reply, (uint32_t) res); // XXX
sercomm_sendmsg(dlci, reply);
break;
default:
printf("unknown command %d\n", command);
msgb_free(reply);
break;
}
out:
msgb_free(msg);
}
int ipa_msg_recv_buffered(int fd, struct msgb **rmsg, struct msgb **tmp_msg)
{
struct msgb *msg = tmp_msg ? *tmp_msg : NULL;
struct ipaccess_head *hh;
int len, ret;
int needed;
if (msg == NULL) {
msg = ipa_msg_alloc(0);
if (msg == NULL) {
ret = -ENOMEM;
goto discard_msg;
}
msg->l1h = msg->tail;
}
if (msg->l2h == NULL) {
/* first read our 3-byte header */
needed = sizeof(*hh) - msg->len;
ret = recv(fd, msg->tail, needed, 0);
if (ret == 0)
goto discard_msg;
if (ret < 0) {
if (errno == EAGAIN || errno == EINTR)
ret = 0;
else {
ret = -errno;
goto discard_msg;
}
}
msgb_put(msg, ret);
if (ret < needed) {
if (msg->len == 0) {
ret = -EAGAIN;
goto discard_msg;
}
LOGP(DLINP, LOGL_INFO,
"Received part of IPA message header (%d/%zu)\n",
msg->len, sizeof(*hh));
if (!tmp_msg) {
ret = -EIO;
goto discard_msg;
}
*tmp_msg = msg;
return -EAGAIN;
}
msg->l2h = msg->tail;
}
hh = (struct ipaccess_head *) msg->data;
/* then read the length as specified in header */
len = ntohs(hh->len);
if (len < 0 || IPA_ALLOC_SIZE < len + sizeof(*hh)) {
LOGP(DLINP, LOGL_ERROR, "bad message length of %d bytes, "
"received %d bytes\n", len, msg->len);
ret = -EIO;
goto discard_msg;
}
needed = len - msgb_l2len(msg);
if (needed > 0) {
ret = recv(fd, msg->tail, needed, 0);
if (ret == 0)
goto discard_msg;
if (ret < 0) {
if (errno == EAGAIN || errno == EINTR)
ret = 0;
else {
ret = -errno;
goto discard_msg;
}
}
msgb_put(msg, ret);
if (ret < needed) {
LOGP(DLINP, LOGL_INFO,
"Received part of IPA message L2 data (%d/%d)\n",
msgb_l2len(msg), len);
if (!tmp_msg) {
ret = -EIO;
goto discard_msg;
}
*tmp_msg = msg;
return -EAGAIN;
}
}
ret = msgb_l2len(msg);
if (ret == 0) {
LOGP(DLINP, LOGL_INFO,
"Discarding IPA message without payload\n");
ret = -EAGAIN;
goto discard_msg;
}
if (tmp_msg)
*tmp_msg = NULL;
*rmsg = msg;
return ret;
discard_msg:
if (tmp_msg)
*tmp_msg = NULL;
msgb_free(msg);
return ret;
}
static void test_bssgp_flow_control_bvc(void)
{
struct bssgp_bvc_ctx bctx = {
.nsei = 0x1234,
.bvci = 0x5678,
};
const uint8_t tag = 42;
const uint32_t bmax = 0x1022 * 100;
const uint32_t rate = 0xc040 / 8 * 100;
const uint32_t bmax_ms = bmax / 2;
const uint32_t rate_ms = rate / 2;
uint8_t ratio = 0x78;
uint32_t qdelay = 0x1144 * 10;
int rc;
static uint8_t expected_simple_msg[] = {
0x26,
0x1e, 0x81, 0x2a, /* tag */
0x05, 0x82, 0x10, 0x22, /* Bmax */
0x03, 0x82, 0xc0, 0x40, /* R */
0x01, 0x82, 0x08, 0x11, /* Bmax_MS */
0x1c, 0x82, 0x60, 0x20, /* R_MS */
};
static uint8_t expected_ext_msg[] = {
0x26,
0x1e, 0x81, 0x2a, /* tag */
0x05, 0x82, 0x10, 0x22, /* Bmax */
0x03, 0x82, 0xc0, 0x40, /* R */
0x01, 0x82, 0x08, 0x11, /* Bmax_MS */
0x1c, 0x82, 0x60, 0x20, /* R_MS */
0x3c, 0x81, 0x78, /* ratio */
0x06, 0x82, 0x11, 0x44, /* Qdelay */
};
printf("----- %s START\n", __func__);
rc = bssgp_tx_fc_bvc(&bctx, tag, bmax, rate, bmax_ms, rate_ms,
NULL, NULL);
OSMO_ASSERT(rc >= 0);
OSMO_ASSERT(last_ns_tx_msg != NULL);
printf("Got message: %s\n", msgb_hexdump(last_ns_tx_msg));
OSMO_ASSERT(msgb_length(last_ns_tx_msg) == sizeof(expected_simple_msg));
OSMO_ASSERT(0 == memcmp(msgb_data(last_ns_tx_msg),
expected_simple_msg, sizeof(expected_simple_msg)));
rc = bssgp_tx_fc_bvc(&bctx, tag, bmax, rate, bmax_ms, rate_ms,
&ratio, &qdelay);
OSMO_ASSERT(rc >= 0);
OSMO_ASSERT(last_ns_tx_msg != NULL);
printf("Got message: %s\n", msgb_hexdump(last_ns_tx_msg));
OSMO_ASSERT(msgb_length(last_ns_tx_msg) == sizeof(expected_ext_msg));
OSMO_ASSERT(0 == memcmp(msgb_data(last_ns_tx_msg),
expected_ext_msg, sizeof(expected_ext_msg)));
msgb_free(last_ns_tx_msg);
last_ns_tx_msg = NULL;
printf("----- %s END\n", __func__);
}
static struct log_info info = {};
int main(int argc, char **argv)
{
struct sockaddr_in bss_peer= {0};
osmo_init_logging(&info);
log_set_use_color(osmo_stderr_target, 0);
log_set_print_filename(osmo_stderr_target, 0);
bssgp_nsi = gprs_ns_instantiate(gprs_ns_callback, NULL);
bss_peer.sin_family = AF_INET;
bss_peer.sin_port = htons(32000);
bss_peer.sin_addr.s_addr = htonl(0x7f0000ff);
gprs_ns_nsip_connect(bssgp_nsi, &bss_peer, BSS_NSEI, BSS_NSEI+1);
printf("===== BSSGP test START\n");
test_bssgp_suspend_resume();
test_bssgp_status();
test_bssgp_bad_reset();
test_bssgp_flow_control_bvc();
printf("===== BSSGP test END\n\n");
exit(EXIT_SUCCESS);
}
/**
* @brief General handler for incoming L1CTL messages from layer 2/3.
*
* This handler will call the specific routine dependent on the L1CTL message type.
*/
void l1ctl_sap_handler(struct l1_model_ms *ms, struct msgb *msg)
{
struct l1ctl_hdr *l1h;
int log_subsys;
if (!msg)
return;
l1h = (struct l1ctl_hdr *) msg->data;
if (sizeof(*l1h) > msg->len) {
LOGPMS(DL1C, LOGL_NOTICE, ms, "Malformed message: too short. %u\n", msg->len);
goto exit_msgbfree;
}
if (is_l1ctl_control(l1h->msg_type))
log_subsys = DL1C;
else
log_subsys = DL1P;
DEBUGPMS(log_subsys, ms, "Rx RAW from MS: %s\n", msgb_hexdump(msg));
switch (l1h->msg_type) {
case L1CTL_FBSB_REQ:
l1ctl_rx_fbsb_req(ms, msg);
break;
case L1CTL_DM_EST_REQ:
l1ctl_rx_dm_est_req(ms, msg);
break;
case L1CTL_DM_REL_REQ:
l1ctl_rx_dm_rel_req(ms, msg);
break;
case L1CTL_PARAM_REQ:
l1ctl_rx_param_req(ms, msg);
break;
case L1CTL_DM_FREQ_REQ:
l1ctl_rx_dm_freq_req(ms,msg);
break;
case L1CTL_CRYPTO_REQ:
l1ctl_rx_crypto_req(ms, msg);
break;
case L1CTL_RACH_REQ:
l1ctl_rx_rach_req(ms, msg);
goto exit_nofree;
case L1CTL_DATA_REQ:
l1ctl_rx_data_req(ms, msg);
goto exit_nofree;
case L1CTL_PM_REQ:
l1ctl_rx_pm_req(ms, msg);
break;
case L1CTL_RESET_REQ:
l1ctl_rx_reset_req(ms, msg);
break;
case L1CTL_CCCH_MODE_REQ:
l1ctl_rx_ccch_mode_req(ms, msg);
break;
case L1CTL_TCH_MODE_REQ:
l1ctl_rx_tch_mode_req(ms, msg);
break;
case L1CTL_NEIGH_PM_REQ:
l1ctl_rx_neigh_pm_req(ms, msg);
break;
case L1CTL_TRAFFIC_REQ:
l1ctl_rx_traffic_req(ms, msg);
goto exit_nofree;
case L1CTL_SIM_REQ:
l1ctl_rx_sim_req(ms, msg);
break;
case L1CTL_TBF_CFG_REQ:
l1ctl_rx_tbf_cfg_req(ms, msg);
break;
case L1CTL_DATA_TBF_REQ:
l1ctl_rx_data_tbf_req(ms, msg);
goto exit_nofree;
}
exit_msgbfree:
msgb_free(msg);
exit_nofree:
return; /* msg is scheduled for uplink and mustn't be freed here */
}
static int handle_ts1_read(struct bsc_fd *bfd)
{
struct e1inp_line *line = bfd->data;
unsigned int ts_nr = bfd->priv_nr;
struct e1inp_ts *e1i_ts = &line->ts[ts_nr-1];
struct e1inp_sign_link *link;
struct msgb *msg = msgb_alloc(TS1_ALLOC_SIZE, "mISDN TS1");
struct sockaddr_mISDN l2addr;
struct mISDNhead *hh;
socklen_t alen;
int ret;
if (!msg)
return -ENOMEM;
hh = (struct mISDNhead *) msg->data;
alen = sizeof(l2addr);
ret = recvfrom(bfd->fd, msg->data, 300, 0,
(struct sockaddr *) &l2addr, &alen);
if (ret < 0) {
fprintf(stderr, "recvfrom error %s\n", strerror(errno));
return ret;
}
if (alen != sizeof(l2addr)) {
fprintf(stderr, "%s error len\n", __func__);
return -EINVAL;
}
msgb_put(msg, ret);
DEBUGP(DMI, "alen =%d, dev(%d) channel(%d) sapi(%d) tei(%d)\n",
alen, l2addr.dev, l2addr.channel, l2addr.sapi, l2addr.tei);
DEBUGP(DMI, "<= len = %d, prim(0x%x) id(0x%x): %s\n",
ret, hh->prim, hh->id, get_prim_name(hh->prim));
switch (hh->prim) {
case DL_INFORMATION_IND:
/* mISDN tells us which channel number is allocated for this
* tuple of (SAPI, TEI). */
DEBUGP(DMI, "DL_INFORMATION_IND: use channel(%d) sapi(%d) tei(%d) for now\n",
l2addr.channel, l2addr.sapi, l2addr.tei);
link = e1inp_lookup_sign_link(e1i_ts, l2addr.tei, l2addr.sapi);
if (!link) {
DEBUGPC(DMI, "mISDN message for unknown sign_link\n");
msgb_free(msg);
return -EINVAL;
}
/* save the channel number in the driver private struct */
link->driver.misdn.channel = l2addr.channel;
break;
case DL_ESTABLISH_IND:
DEBUGP(DMI, "DL_ESTABLISH_IND: channel(%d) sapi(%d) tei(%d)\n",
l2addr.channel, l2addr.sapi, l2addr.tei);
ret = e1inp_event(e1i_ts, EVT_E1_TEI_UP, l2addr.tei, l2addr.sapi);
break;
case DL_RELEASE_IND:
DEBUGP(DMI, "DL_RELEASE_IND: channel(%d) sapi(%d) tei(%d)\n",
l2addr.channel, l2addr.sapi, l2addr.tei);
ret = e1inp_event(e1i_ts, EVT_E1_TEI_DN, l2addr.tei, l2addr.sapi);
break;
case DL_DATA_IND:
case DL_UNITDATA_IND:
msg->l2h = msg->data + MISDN_HEADER_LEN;
DEBUGP(DMI, "RX: %s\n", hexdump(msgb_l2(msg), ret - MISDN_HEADER_LEN));
ret = e1inp_rx_ts(e1i_ts, msg, l2addr.tei, l2addr.sapi);
break;
case PH_ACTIVATE_IND:
DEBUGP(DMI, "PH_ACTIVATE_IND: channel(%d) sapi(%d) tei(%d)\n",
l2addr.channel, l2addr.sapi, l2addr.tei);
break;
case PH_DEACTIVATE_IND:
DEBUGP(DMI, "PH_DEACTIVATE_IND: channel(%d) sapi(%d) tei(%d)\n",
l2addr.channel, l2addr.sapi, l2addr.tei);
break;
default:
break;
}
return ret;
}
/* read from incoming RTP/RTCP socket */
static int rtp_socket_read(struct rtp_socket *rs, struct rtp_sub_socket *rss)
{
int rc;
struct msgb *msg = msgb_alloc(RTP_ALLOC_SIZE, "RTP/RTCP");
struct msgb *new_msg;
struct rtp_sub_socket *other_rss;
if (!msg)
return -ENOMEM;
rc = read(rss->bfd.fd, msg->data, RTP_ALLOC_SIZE);
if (rc <= 0) {
rss->bfd.when &= ~BSC_FD_READ;
return rc;
}
msgb_put(msg, rc);
switch (rs->rx_action) {
case RTP_PROXY:
if (!rs->proxy.other_sock) {
rc = -EIO;
goto out_free;
}
if (rss->bfd.priv_nr == RTP_PRIV_RTP)
other_rss = &rs->proxy.other_sock->rtp;
else if (rss->bfd.priv_nr == RTP_PRIV_RTCP) {
other_rss = &rs->proxy.other_sock->rtcp;
/* modify RTCP SDES CNAME */
rc = rtcp_mangle(msg, rs);
if (rc < 0)
goto out_free;
} else {
rc = -EINVAL;
goto out_free;
}
msgb_enqueue(&other_rss->tx_queue, msg);
other_rss->bfd.when |= BSC_FD_WRITE;
break;
case RTP_RECV_UPSTREAM:
if (!rs->receive.callref || !rs->receive.net) {
rc = -EIO;
goto out_free;
}
if (rss->bfd.priv_nr == RTP_PRIV_RTCP) {
if (!mangle_rtcp_cname) {
msgb_free(msg);
break;
}
/* modify RTCP SDES CNAME */
rc = rtcp_mangle(msg, rs);
if (rc < 0)
goto out_free;
msgb_enqueue(&rss->tx_queue, msg);
rss->bfd.when |= BSC_FD_WRITE;
break;
}
if (rss->bfd.priv_nr != RTP_PRIV_RTP) {
rc = -EINVAL;
goto out_free;
}
rc = rtp_decode(msg, rs->receive.callref, &new_msg);
if (rc < 0)
goto out_free;
msgb_free(msg);
msgb_enqueue(&rs->receive.net->upqueue, new_msg);
break;
case RTP_NONE: /* if socket exists, but disabled by app */
msgb_free(msg);
break;
}
return 0;
out_free:
msgb_free(msg);
return rc;
}
/* FIXME: merge with smpp_smsc.c */
static int esme_read_cb(struct osmo_fd *ofd)
{
struct esme *esme = ofd->data;
uint32_t len;
uint8_t *lenptr = (uint8_t *) &len;
uint8_t *cur;
struct msgb *msg;
int rdlen;
int rc;
switch (esme->read_state) {
case READ_ST_IN_LEN:
rdlen = sizeof(uint32_t) - esme->read_idx;
rc = read(ofd->fd, lenptr + esme->read_idx, rdlen);
if (rc < 0) {
LOGP(DSMPP, LOGL_ERROR, "[%s] read returned %d\n",
esme->system_id, rc);
} else if (rc == 0) {
goto dead_socket;
} else
esme->read_idx += rc;
if (esme->read_idx >= sizeof(uint32_t)) {
esme->read_len = ntohl(len);
msg = msgb_alloc(esme->read_len, "SMPP Rx");
if (!msg)
return -ENOMEM;
esme->read_msg = msg;
cur = msgb_put(msg, sizeof(uint32_t));
memcpy(cur, lenptr, sizeof(uint32_t));
esme->read_state = READ_ST_IN_MSG;
esme->read_idx = sizeof(uint32_t);
}
break;
case READ_ST_IN_MSG:
msg = esme->read_msg;
rdlen = esme->read_len - esme->read_idx;
rc = read(ofd->fd, msg->tail, OSMO_MIN(rdlen, msgb_tailroom(msg)));
if (rc < 0) {
LOGP(DSMPP, LOGL_ERROR, "[%s] read returned %d\n",
esme->system_id, rc);
} else if (rc == 0) {
goto dead_socket;
} else {
esme->read_idx += rc;
msgb_put(msg, rc);
}
if (esme->read_idx >= esme->read_len) {
rc = smpp_pdu_rx(esme, esme->read_msg);
esme->read_msg = NULL;
esme->read_idx = 0;
esme->read_len = 0;
esme->read_state = READ_ST_IN_LEN;
}
break;
}
return 0;
dead_socket:
msgb_free(esme->read_msg);
osmo_fd_unregister(&esme->wqueue.bfd);
close(esme->wqueue.bfd.fd);
esme->wqueue.bfd.fd = -1;
exit(2342);
return 0;
}
int bsc_msc_connect(struct bsc_msc_connection *con)
{
struct bsc_msc_dest *dest;
struct osmo_fd *fd;
struct sockaddr_in sin;
int on = 1, ret;
if (llist_empty(con->dests)) {
LOGP(DMSC, LOGL_ERROR,
"No MSC(%s) connections configured.\n",
con->name);
connection_loss(con);
return -1;
}
/* TODO: Why are we not using the libosmocore soecket
* abstraction, or libosmo-netif? */
/* move to the next connection */
dest = (struct bsc_msc_dest *) con->dests->next;
llist_del(&dest->list);
llist_add_tail(&dest->list, con->dests);
LOGP(DMSC, LOGL_NOTICE,
"Attempting to connect MSC(%s) at %s:%d\n",
con->name, dest->ip, dest->port);
con->is_connected = 0;
msgb_free(con->pending_msg);
con->pending_msg = NULL;
fd = &con->write_queue.bfd;
fd->fd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
fd->priv_nr = 1;
if (fd->fd < 0) {
perror("Creating TCP socket failed");
return fd->fd;
}
/* make it non blocking */
setnonblocking(fd);
/* set the socket priority */
ret = setsockopt(fd->fd, IPPROTO_IP, IP_TOS,
&dest->dscp, sizeof(dest->dscp));
if (ret != 0)
LOGP(DMSC, LOGL_ERROR,
"Failed to set DSCP to %d on MSC(%s). %s\n",
dest->dscp, con->name, strerror(errno));
memset(&sin, 0, sizeof(sin));
sin.sin_family = AF_INET;
sin.sin_port = htons(dest->port);
inet_aton(dest->ip, &sin.sin_addr);
ret = setsockopt(fd->fd, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on));
if (ret != 0)
LOGP(DMSC, LOGL_ERROR,
"Failed to set SO_REUSEADDR socket option\n");
ret = connect(fd->fd, (struct sockaddr *) &sin, sizeof(sin));
if (ret == -1 && errno == EINPROGRESS) {
LOGP(DMSC, LOGL_ERROR,
"MSC(%s) Connection in progress\n", con->name);
fd->when = BSC_FD_WRITE;
fd->cb = msc_connection_connect;
con->timeout_timer.cb = msc_con_timeout;
con->timeout_timer.data = con;
osmo_timer_schedule(&con->timeout_timer, 20, 0);
} else if (ret < 0) {
perror("Connection failed");
connection_loss(con);
return ret;
} else {
fd->when = BSC_FD_READ | BSC_FD_EXCEPT;
fd->cb = osmo_wqueue_bfd_cb;
con->is_connected = 1;
if (con->connected)
con->connected(con);
}
ret = osmo_fd_register(fd);
if (ret < 0) {
perror("Registering the fd failed");
close(fd->fd);
return ret;
}
return ret;
}
static int handle_ts1_write(struct osmo_fd *bfd)
{
struct e1inp_line *line = bfd->data;
struct misdn_line *mline = line->driver_data;
unsigned int ts_nr = bfd->priv_nr;
struct e1inp_ts *e1i_ts = &line->ts[ts_nr-1];
struct e1inp_sign_link *sign_link;
struct sockaddr_mISDN sa;
struct msgb *msg;
struct mISDNhead *hh;
uint8_t *l2_data;
int ret;
bfd->when &= ~BSC_FD_WRITE;
/* get the next msg for this timeslot */
msg = e1inp_tx_ts(e1i_ts, &sign_link);
if (!msg) {
/* no message after tx delay timer */
return 0;
}
if (mline->use_userspace_lapd) {
DEBUGP(DLMI, "TX %u/%u/%u: %s\n",
line->num, sign_link->tei, sign_link->sapi,
osmo_hexdump(msg->data, msg->len));
lapd_transmit(e1i_ts->lapd, sign_link->tei,
sign_link->sapi, msg);
} else {
l2_data = msg->data;
/* prepend the mISDNhead */
hh = (struct mISDNhead *) msgb_push(msg, sizeof(*hh));
hh->prim = DL_DATA_REQ;
DEBUGP(DLMI, "TX channel(%d) TEI(%d) SAPI(%d): %s\n",
sign_link->driver.misdn.channel, sign_link->tei,
sign_link->sapi, osmo_hexdump(l2_data, msg->len - MISDN_HEADER_LEN));
/* construct the sockaddr */
sa.family = AF_ISDN;
sa.sapi = sign_link->sapi;
sa.dev = sign_link->tei;
sa.channel = sign_link->driver.misdn.channel;
ret = sendto(bfd->fd, msg->data, msg->len, 0,
(struct sockaddr *)&sa, sizeof(sa));
if (ret < 0)
fprintf(stderr, "%s sendto failed %d\n", __func__, ret);
msgb_free(msg);
}
/* set tx delay timer for next event */
e1i_ts->sign.tx_timer.cb = timeout_ts1_write;
e1i_ts->sign.tx_timer.data = e1i_ts;
osmo_timer_schedule(&e1i_ts->sign.tx_timer, 0, e1i_ts->sign.delay);
return ret;
}
static int clock_setup_cb(struct gsm_bts_trx *trx, struct msgb *resp,
void *data)
{
msgb_free(resp);
return 0;
}
/* Called whenever we recive a DATA packet */
static int cb_data_ind(struct pdp_t *lib, void *packet, unsigned int len)
{
struct bssgp_paging_info pinfo;
struct sgsn_pdp_ctx *pdp;
struct sgsn_mm_ctx *mm;
struct msgb *msg;
uint8_t *ud;
int rc;
DEBUGP(DGPRS, "GTP DATA IND from GGSN, length=%u\n", len);
pdp = lib->priv;
if (!pdp) {
LOGP(DGPRS, LOGL_NOTICE,
"GTP DATA IND from GGSN for unknown PDP\n");
return -EIO;
}
mm = pdp->mm;
if (!mm) {
LOGP(DGPRS, LOGL_ERROR,
"PDP context (imsi=%s) without MM context!\n", mm->imsi);
return -EIO;
}
msg = msgb_alloc_headroom(len+256, 128, "GTP->SNDCP");
ud = msgb_put(msg, len);
memcpy(ud, packet, len);
msgb_tlli(msg) = mm->tlli;
msgb_bvci(msg) = mm->bvci;
msgb_nsei(msg) = mm->nsei;
switch (mm->mm_state) {
case GMM_REGISTERED_SUSPENDED:
/* initiate PS PAGING procedure */
memset(&pinfo, 0, sizeof(pinfo));
pinfo.mode = BSSGP_PAGING_PS;
pinfo.scope = BSSGP_PAGING_BVCI;
pinfo.bvci = mm->bvci;
pinfo.imsi = mm->imsi;
pinfo.ptmsi = &mm->p_tmsi;
pinfo.drx_params = mm->drx_parms;
pinfo.qos[0] = 0; // FIXME
rc = bssgp_tx_paging(mm->nsei, 0, &pinfo);
rate_ctr_inc(&mm->ctrg->ctr[GMM_CTR_PAGING_PS]);
/* FIXME: queue the packet we received from GTP */
break;
case GMM_REGISTERED_NORMAL:
break;
default:
LOGP(DGPRS, LOGL_ERROR, "GTP DATA IND for TLLI %08X in state "
"%u\n", mm->tlli, mm->mm_state);
msgb_free(msg);
return -1;
}
rate_ctr_inc(&pdp->ctrg->ctr[PDP_CTR_PKTS_UDATA_OUT]);
rate_ctr_add(&pdp->ctrg->ctr[PDP_CTR_BYTES_UDATA_OUT], len);
rate_ctr_inc(&mm->ctrg->ctr[GMM_CTR_PKTS_UDATA_OUT]);
rate_ctr_add(&mm->ctrg->ctr[GMM_CTR_BYTES_UDATA_OUT], len);
return sndcp_unitdata_req(msg, &mm->llme->lle[pdp->sapi],
pdp->nsapi, mm);
}