* [CORE] tlv: Store mode in ogs_tlv_t
This allows specifying the format of the IE for each individual IE,
hence allowing messages containing IEs formatted in different ways.
This is needed in order to support parsing GTPv1-C, since messages
contain IEs with different structure (TLV vs TV). Hence, this is a
preparation patch to add support for parsing TVs in ogs-tlv.c/.h.
* [CORE] tlv: Support parsing msg with both TLV and TV in it
IEs of type TV are sometimes used in GTPv1-C. Current tlv parser/builder
doesn't provide with ways to parse messages which contain TV formatted
IEs. This patch adds the relevant types and ways to encode/decode them.
Furthermore, the current parser/builder allows parsing/building messages
containing the exact same format in all its IEs. A new parser function
is added which allows parsing messages of different types (TV, TLV)
mixed in the same message. In order to be able to do so, it uses the
general msg_mode passed to it in order to know the general TLV format
(in essence, the length of the Tag field, and also the length of the
Length field if applicable each IE).
Looking up the instance in the TLV description is left undone and
hadcoded to 0, since the only user so far requiring this API is GTPv1-C,
which has no instances.
* [CORE] tlv: Support repeated tag+instance parsing TLV message
In GTPv2C, repeated IEs (same tag) are easily differentiated by the
Instance byte, which provides info to match different decoded
structures. In GTPv1C though, there's no Instance byte, and we still
encounter repeated IEs (like GSN Address in Create PDP Context Request).
Hence, the TLV decoder needs to be updated to track count of IEs found
(identified by tag+instance, where instance is always 0 in GTPv1C) and
get the proper description index + offset into the decoded structure.
* [GTP]: Move GTPv2-C specifics to its own libgtp subdir
This will allow adding GTPv1-C code by the side. Most GTPv2 code is left
in this patch as "gtp" instead of renaming it to "gtp2" in order to
avoid massive changes. It can be done at a later stage if wanted.
* [GTP] Support generating GTPv1-C messages
* [SMF] Add Gn interface support
This patch introduces GTPv1C support to open5gs-smfd. With it,
open5gs-becomes a GGSN too, where SGSN can connect to, hence supporting
GERAN and UTRAN networks.
The network access mode of HSS has been changed to 0 (Packet and Circuit).
Versions of MME prior to v2.4.2 did not use this value. Open5GS set
the attach result of Attach Complete message as it is by looking
at the attach type of the Attach Request message.
Now, if the network access mode of HSS is set to 2 (Only Packet),
this value is affected by MME from v2.4.3. Regardless of the attach type
of the Attach Request, the MME will set EPS Only to the attach result
of Attach Complete.
3GPP TS 24.501 version 16.6.0 Release 16
4.4 NAS security
4.4.6 Protection of initial NAS signalling messages
1) the UE needs to send non-cleartext IEs in a REGISTRATION REQUEST
or SERVICE REQUEST message, the UE includes the entire REGISTRATION
REQUEST or SERVICE REQUEST message (i.e. containing both cleartext IEs
and non-cleartext IEs) in the NAS message container IE and shall cipher
the value part of the NAS message container IE. The UE shall then send
a REGISTRATION REQUEST or SERVICE REQUEST message containing
the cleartext IEs and the NAS message container IE;
During PDU Session Establishment,
if gNB sends PDUSessionResourceReleaseResponse,
AMF was crashed.
In this case, AMF/SMF remove Session Context and sends ErrorIndication.
When connecting to the UPF port for the PFCP protocol (8805) and sending
an association setup request followed by a session establishment request
with a PDI Network Instance set to ‘internet’, it causes a stack corruption
to occur.
So, ogs_fqdn_parse() fixed.
Confirmation for non-cleartext IE should only be applied
to the initial NAS message. Registration requests and Service requests
with UplinkNASTransport do not have to.
1. If UE does not use a NAS container for Non-cleartext IEs,
Open5GS AMF will send Registration reject message.
2. If UE sends Non-cleartext IEs without Integrity-protected,
Open5GS AMF will send Registration reject message.
3. If UE does not send NAS container in Security mode complete message,
Open5GS AMF will send Registration reject message.
The AMF shall assign a new 5G-GUTI for a particular UE:
a) during a successful initial registration procedure;
b) during a successful registration procedure
for mobility registration update; and
c) after a successful service request procedure invoked as a response
to a paging request from the network and before the release
of the N1 NAS signalling connection as specified in subclause 5.4.4.1.
The AMF should assign a new 5G-GUTI for a particular UE
during a successful registration procedure
for periodic registration update. The AMF may assign a new 5G-GUTI
at any time for a particular UE by performing
the generic UE configuration update procedure.
AMF checks whether it can serve all the S-NSSAI(s) from
the Requested NSSAI present in the Subscribed S-NSSAIs
(potentially using configuration for mapping S-NSSAI values
between HPLMN and Serving PLMN), or all the S-NSSAI(s) marked
as default in the Subscribed S-NSSAIs in the case that
no Requested NSSAI was provided or none of the S-NSSAIs
in the Requested NSSAI are permitted,
i.e. do not match any of the Subscribed S-NSSAIs or not available
at the current UE's Tracking Area (see clause 5.15.3).
If both Delete-Session-Request/Response and
UEContextReleaseCommand/UEContextReleaseComplete are failed at the same time,
UE cannot attach to the EPC infinitely.
So, I've add the protection code
if timer expires when MME does not receive Delete-Session-Response.
Previously, AMF would sends PDUSessionResourceSetupRequest
when the following conditions were met:
- gNB didn't send UE Context Request IE of InitialUEMessage
- AMF should send SMF generated TRANSFER message(PDU_RES_SETUP_REQ)
to the gNB
However, in issues #771, the gNB did not accept
PDUSessionResourceSetupRequest. Perhaps the gNB engineer thought
that if gNB needs to send data traffic to the UE, AMF should send
an InitialContextSetupRequest regardless of UE Context Request IE.
This is because gNB requires the kgNB security context
for data connection.
So, in this case, Open5GS-AMF decided to send
an InitialContexSetupRequest regardless of
whether it received UE Context Request IE of InitialUEMessage.
* Flow-Description use 'to assigned' in Gx Interface
* Support SDF Filter ID
* Support F-TEID's Choose
* BAR(Buffering) is added in PFCP session
* Default Apply Action uses NOCP|BUFF
So far, no operation was performed when Error Indication was received
from eNodeB. For that reason, I solved #568 issues by controlling
the MME to prevent this from happening.
Now, when GTP-U Error Indication is received, MME and SGW are implemented
to do what they have to do. I hope that the network can be restored
by responding appropriately even if Error Indication occurs.
Pau Espin
Sukchan Lee
Julian Lemmerich