forked from acouzens/open5gs
458 lines
15 KiB
C
458 lines
15 KiB
C
#define TRACE_MODULE _mme_sm
|
|
#include "core_debug.h"
|
|
|
|
#include "s1ap_message.h"
|
|
#include "nas_message.h"
|
|
|
|
#include "mme_event.h"
|
|
|
|
#include "s1ap_handler.h"
|
|
#include "s1ap_path.h"
|
|
#include "mme_fd_path.h"
|
|
#include "nas_security.h"
|
|
#include "emm_handler.h"
|
|
#include "mme_s11_path.h"
|
|
#include "mme_s11_handler.h"
|
|
#include "emm_handler.h"
|
|
#include "esm_handler.h"
|
|
#include "fd_lib.h"
|
|
#include "mme_s6a_handler.h"
|
|
|
|
void mme_state_initial(fsm_t *s, event_t *e)
|
|
{
|
|
mme_sm_trace(3, e);
|
|
|
|
d_assert(s, return, "Null param");
|
|
|
|
FSM_TRAN(s, &mme_state_operational);
|
|
}
|
|
|
|
void mme_state_final(fsm_t *s, event_t *e)
|
|
{
|
|
mme_sm_trace(3, e);
|
|
|
|
d_assert(s, return, "Null param");
|
|
}
|
|
|
|
int test = 0;
|
|
|
|
void mme_state_operational(fsm_t *s, event_t *e)
|
|
{
|
|
status_t rv;
|
|
char buf[INET_ADDRSTRLEN];
|
|
|
|
mme_sm_trace(3, e);
|
|
|
|
d_assert(s, return, "Null param");
|
|
|
|
switch (event_get(e))
|
|
{
|
|
case FSM_ENTRY_SIG:
|
|
{
|
|
rv = mme_s11_listen();
|
|
if (rv != CORE_OK)
|
|
{
|
|
d_error("Can't establish S11 path");
|
|
break;
|
|
}
|
|
|
|
rv = s1ap_listen();
|
|
if (rv != CORE_OK)
|
|
{
|
|
d_error("Can't establish S1AP path");
|
|
break;
|
|
}
|
|
break;
|
|
}
|
|
case FSM_EXIT_SIG:
|
|
{
|
|
rv = mme_s11_close();
|
|
if (rv != CORE_OK)
|
|
{
|
|
d_error("Can't close S11 path");
|
|
break;
|
|
}
|
|
|
|
rv = s1ap_close();
|
|
if (rv != CORE_OK)
|
|
{
|
|
d_error("Can't close S1AP path");
|
|
break;
|
|
}
|
|
|
|
break;
|
|
}
|
|
case MME_EVT_S1AP_LO_ACCEPT:
|
|
{
|
|
int rc;
|
|
|
|
net_sock_t *sock = (net_sock_t *)event_get_param1(e);
|
|
d_assert(sock, break, "Null param");
|
|
|
|
d_trace(1, "eNB-S1 accepted[%s] in master_sm module\n",
|
|
INET_NTOP(&sock->remote.sin_addr.s_addr, buf));
|
|
|
|
mme_enb_t *enb = mme_enb_find_by_sock(sock);
|
|
if (!enb)
|
|
{
|
|
rc = net_register_sock(sock, _s1ap_recv_cb, NULL);
|
|
d_assert(rc == 0, break, "register _s1ap_recv_cb failed");
|
|
|
|
mme_enb_t *enb = mme_enb_add(sock);
|
|
d_assert(enb, break, "Null param");
|
|
}
|
|
else
|
|
{
|
|
d_warn("eNB context duplicated with IP-address [%s]!!!",
|
|
INET_NTOP(&sock->remote.sin_addr.s_addr, buf));
|
|
net_close(sock);
|
|
d_warn("S1 Socket Closed");
|
|
}
|
|
|
|
break;
|
|
}
|
|
case MME_EVT_S1AP_LO_CONNREFUSED:
|
|
{
|
|
index_t index = event_get_param1(e);
|
|
mme_enb_t *enb = NULL;
|
|
|
|
d_assert(index, break, "Null param");
|
|
enb = mme_enb_find(index);
|
|
if (enb)
|
|
{
|
|
d_trace(1, "eNB-S1[%x] connection refused!!!\n",
|
|
enb->enb_id);
|
|
mme_enb_remove(enb);
|
|
}
|
|
else
|
|
{
|
|
d_warn("Socket connection refused, Already Removed!");
|
|
}
|
|
|
|
break;
|
|
}
|
|
case MME_EVT_S1AP_MESSAGE:
|
|
{
|
|
s1ap_message_t message;
|
|
index_t index = event_get_param1(e);
|
|
mme_enb_t *enb = NULL;
|
|
pkbuf_t *pkbuf = NULL;
|
|
|
|
d_assert(index, break, "Null param");
|
|
d_assert(enb = mme_enb_find(index), break, "No eNB context");
|
|
d_assert(FSM_STATE(&enb->sm), break, "No S1AP State Machine");
|
|
|
|
pkbuf = (pkbuf_t *)event_get_param2(e);
|
|
d_assert(pkbuf, break, "Null param");
|
|
d_assert(s1ap_decode_pdu(&message, pkbuf) == CORE_OK,
|
|
pkbuf_free(pkbuf); break, "Can't decode S1AP_PDU");
|
|
event_set_param3(e, (c_uintptr_t)&message);
|
|
|
|
fsm_dispatch(&enb->sm, (fsm_event_t*)e);
|
|
|
|
s1ap_free_pdu(&message);
|
|
pkbuf_free(pkbuf);
|
|
break;
|
|
}
|
|
case MME_EVT_EMM_MESSAGE:
|
|
{
|
|
nas_message_t message;
|
|
index_t index = event_get_param1(e);
|
|
pkbuf_t *pkbuf = (pkbuf_t *)event_get_param3(e);
|
|
enb_ue_t *enb_ue = NULL;
|
|
mme_ue_t *mme_ue = NULL;
|
|
|
|
enb_ue = enb_ue_find(index);
|
|
d_assert(enb_ue, break, "No ENB UE context");
|
|
|
|
d_assert(pkbuf, break, "Null param");
|
|
d_assert(nas_emm_decode(&message, pkbuf) == CORE_OK,
|
|
pkbuf_free(pkbuf); break, "Can't decode NAS_EMM");
|
|
|
|
mme_ue = enb_ue->mme_ue;
|
|
if (!mme_ue)
|
|
{
|
|
mme_ue = mme_ue_find_by_message(&message);
|
|
if (!mme_ue)
|
|
{
|
|
mme_ue = mme_ue_add(enb_ue);
|
|
d_assert(mme_ue, break, "Null param");
|
|
}
|
|
else
|
|
{
|
|
/* Here, if the MME_UE Context is found,
|
|
* the integrity check is not performed
|
|
* For example, ATTACH_REQUEST,
|
|
* TRACKING_AREA_UPDATE_REQUEST message
|
|
*
|
|
* Now, We will check the MAC in the NAS message*/
|
|
nas_security_header_type_t h;
|
|
h.type = (c_uint8_t)event_get_param2(e);
|
|
if (h.integrity_protected)
|
|
{
|
|
/* Decryption was performed in S1AP handler.
|
|
* So, we disabled 'ciphered'
|
|
* not to decrypt NAS message */
|
|
h.ciphered = 0;
|
|
d_assert(
|
|
nas_security_decode(mme_ue, h, pkbuf) == CORE_OK,
|
|
pkbuf_free(pkbuf);return,
|
|
"nas_security_decode failed");
|
|
}
|
|
}
|
|
/* Set mme_ue */
|
|
mme_associate_ue_context(mme_ue, enb_ue);
|
|
}
|
|
|
|
d_assert(mme_ue, pkbuf_free(pkbuf);break, "No MME UE context");
|
|
d_assert(FSM_STATE(&mme_ue->sm), pkbuf_free(pkbuf);break,
|
|
"No EMM State Machine");
|
|
|
|
/* Set event */
|
|
event_set_param1(e, (c_uintptr_t)mme_ue->index);/* mme_ue index */
|
|
event_set_param4(e, (c_uintptr_t)&message);
|
|
|
|
fsm_dispatch(&mme_ue->sm, (fsm_event_t*)e);
|
|
|
|
pkbuf_free(pkbuf);
|
|
|
|
break;
|
|
}
|
|
case MME_EVT_EMM_T3413:
|
|
{
|
|
index_t index = event_get_param1(e);
|
|
mme_ue_t *mme_ue = NULL;
|
|
|
|
d_assert(index, break, "Null param");
|
|
mme_ue = mme_ue_find(index);
|
|
d_assert(mme_ue, break, "No UE context");
|
|
d_assert(FSM_STATE(&mme_ue->sm), break, "No EMM State Machine");
|
|
|
|
fsm_dispatch(&mme_ue->sm, (fsm_event_t*)e);
|
|
|
|
break;
|
|
}
|
|
case MME_EVT_ESM_MESSAGE:
|
|
{
|
|
nas_message_t message;
|
|
index_t index = event_get_param1(e);
|
|
mme_sess_t *sess = NULL;
|
|
mme_ue_t *mme_ue = NULL;
|
|
pkbuf_t *pkbuf = NULL;
|
|
|
|
d_assert(index, break, "Null param");
|
|
sess = mme_sess_find(index);
|
|
d_assert(sess, break, "No Session context");
|
|
d_assert(mme_ue = sess->mme_ue, break, "No UE context");
|
|
d_assert(FSM_STATE(&sess->sm), break, "No ESM State Machine");
|
|
|
|
pkbuf = (pkbuf_t *)event_get_param3(e);
|
|
d_assert(pkbuf, break, "Null param");
|
|
d_assert(nas_esm_decode(&message, pkbuf) == CORE_OK,
|
|
pkbuf_free(pkbuf); break, "Can't decode NAS_ESM");
|
|
|
|
event_set_param4(e, (c_uintptr_t)&message);
|
|
|
|
fsm_dispatch(&sess->sm, (fsm_event_t*)e);
|
|
|
|
pkbuf_free(pkbuf);
|
|
|
|
break;
|
|
}
|
|
case MME_EVT_S11_MESSAGE:
|
|
{
|
|
status_t rv;
|
|
net_sock_t *sock = (net_sock_t *)event_get_param1(e);
|
|
gtp_node_t *gnode = (gtp_node_t *)event_get_param2(e);
|
|
pkbuf_t *pkbuf = (pkbuf_t *)event_get_param3(e);
|
|
gtp_xact_t *xact = NULL;
|
|
c_uint8_t type;
|
|
c_uint32_t teid;
|
|
gtp_message_t gtp_message;
|
|
mme_sess_t *sess = NULL;
|
|
|
|
d_assert(pkbuf, break, "Null param");
|
|
d_assert(sock, pkbuf_free(pkbuf); break, "Null param");
|
|
d_assert(gnode, pkbuf_free(pkbuf); break, "Null param");
|
|
|
|
rv = gtp_xact_receive(
|
|
&mme_self()->gtp_xact_ctx, sock, gnode,
|
|
&xact, &type, &teid, >p_message, pkbuf);
|
|
if (rv != CORE_OK)
|
|
break;
|
|
|
|
sess = mme_sess_find_by_teid(teid);
|
|
d_assert(sess, pkbuf_free(pkbuf); break,
|
|
"No Session Context(TEID:%d)", teid);
|
|
switch(type)
|
|
{
|
|
case GTP_CREATE_SESSION_RESPONSE_TYPE:
|
|
{
|
|
mme_s11_handle_create_session_response(
|
|
sess, >p_message.create_session_response);
|
|
emm_handle_attach_accept(sess);
|
|
break;
|
|
}
|
|
case GTP_MODIFY_BEARER_RESPONSE_TYPE:
|
|
mme_s11_handle_modify_bearer_response(
|
|
sess, >p_message.modify_bearer_response);
|
|
break;
|
|
case GTP_DELETE_SESSION_RESPONSE_TYPE:
|
|
{
|
|
mme_ue_t *mme_ue = NULL;
|
|
nas_message_t *message = NULL;
|
|
|
|
d_assert(sess, break, "Null param");
|
|
mme_ue = sess->mme_ue;
|
|
d_assert(mme_ue, break, "Null param");
|
|
message = &mme_ue->last_emm_message;
|
|
d_assert(message, break, "Null param");
|
|
|
|
mme_s11_handle_delete_session_response(
|
|
sess, >p_message.delete_session_response);
|
|
|
|
switch(message->emm.h.message_type)
|
|
{
|
|
case NAS_DETACH_REQUEST:
|
|
{
|
|
emm_handle_detach_accept(mme_ue,
|
|
&message->emm.detach_request_from_ue);
|
|
break;
|
|
}
|
|
case NAS_ATTACH_REQUEST:
|
|
case NAS_IDENTITY_RESPONSE:
|
|
{
|
|
mme_s6a_send_air(mme_ue);
|
|
break;
|
|
}
|
|
default:
|
|
break;
|
|
}
|
|
break;
|
|
}
|
|
case GTP_RELEASE_ACCESS_BEARERS_RESPONSE_TYPE:
|
|
{
|
|
mme_ue_t *mme_ue = NULL;
|
|
enb_ue_t *enb_ue = NULL;
|
|
|
|
mme_s11_handle_release_access_bearers_response(
|
|
sess, >p_message.release_access_bearers_response);
|
|
|
|
mme_ue = sess->mme_ue;
|
|
d_assert(mme_ue, break, "Null param");
|
|
enb_ue = mme_ue->enb_ue;
|
|
d_assert(enb_ue, break, "Null param");
|
|
|
|
s1ap_handle_release_access_bearers_response(enb_ue);
|
|
break;
|
|
}
|
|
|
|
case GTP_DOWNLINK_DATA_NOTIFICATION_TYPE:
|
|
{
|
|
mme_ue_t *mme_ue = NULL;
|
|
|
|
mme_s11_handle_downlink_data_notification(
|
|
xact,
|
|
sess, >p_message.downlink_data_notification);
|
|
|
|
mme_ue = sess->mme_ue;
|
|
d_assert(mme_ue, break, "Null param");
|
|
|
|
s1ap_handle_paging(mme_ue);
|
|
/* Start T3413 */
|
|
tm_start(mme_ue->t3413);
|
|
break;
|
|
}
|
|
default:
|
|
d_warn("Not implmeneted(type:%d)", type);
|
|
break;
|
|
}
|
|
pkbuf_free(pkbuf);
|
|
break;
|
|
}
|
|
case MME_EVT_S11_T3:
|
|
{
|
|
gtp_xact_timeout(event_get_param1(e));
|
|
break;
|
|
}
|
|
case MME_EVT_S6A_MESSAGE:
|
|
{
|
|
index_t index = event_get_param1(e);
|
|
mme_ue_t *mme_ue = NULL;
|
|
pkbuf_t *s6abuf = (pkbuf_t *)event_get_param2(e);
|
|
s6a_message_t *s6a_message = NULL;
|
|
|
|
d_assert(index, return, "Null param");
|
|
mme_ue = mme_ue_find(index);
|
|
d_assert(mme_ue, return, "Null param");
|
|
|
|
d_assert(s6abuf, return, "Null param");
|
|
s6a_message = s6abuf->payload;
|
|
d_assert(s6a_message, return, "Null param");
|
|
|
|
switch(s6a_message->cmd_code)
|
|
{
|
|
case S6A_CMD_CODE_AUTHENTICATION_INFORMATION:
|
|
{
|
|
if (s6a_message->result_code != ER_DIAMETER_SUCCESS)
|
|
{
|
|
emm_handle_attach_reject(mme_ue);
|
|
break;
|
|
}
|
|
|
|
mme_s6a_handle_aia(mme_ue, &s6a_message->aia_message);
|
|
break;
|
|
}
|
|
case S6A_CMD_CODE_UPDATE_LOCATION:
|
|
{
|
|
mme_sess_t *sess = NULL;
|
|
mme_bearer_t *bearer = NULL;
|
|
|
|
if (s6a_message->result_code != ER_DIAMETER_SUCCESS)
|
|
{
|
|
d_error("Not impleneted");
|
|
break;
|
|
}
|
|
|
|
mme_s6a_handle_ula(mme_ue, &s6a_message->ula_message);
|
|
|
|
sess = mme_sess_find_by_last_esm_message(mme_ue);
|
|
d_assert(sess, break, "Null param");
|
|
bearer = mme_default_bearer_in_sess(sess);
|
|
d_assert(bearer, break, "Null param");
|
|
|
|
if (MME_SESSION_HAVE_APN(sess))
|
|
{
|
|
if (MME_SESSION_IS_VALID(sess))
|
|
{
|
|
emm_handle_attach_accept(sess);
|
|
}
|
|
else
|
|
{
|
|
mme_s11_handle_create_session_request(sess);
|
|
}
|
|
}
|
|
else
|
|
{
|
|
esm_handle_information_request(sess);
|
|
}
|
|
|
|
break;
|
|
}
|
|
default:
|
|
{
|
|
d_error("Invalid type(%d)", event_get_param2(e));
|
|
break;
|
|
}
|
|
}
|
|
pkbuf_free(s6abuf);
|
|
break;
|
|
}
|
|
default:
|
|
{
|
|
d_error("No handler for event %s", mme_event_get_name(e));
|
|
break;
|
|
}
|
|
}
|
|
}
|