forked from acouzens/open5gs
3886891833
A race condition can occur in the following situations. In conclusion, we can use this situation to determine whether or not the UE Context has been removed and avoiding a crash. For example, suppose a UE Context is removed in the followings. 1. Attach Request 2. Authentication-Information-Request 3. Authentication-Information-Answer 4. Authentication Request 5. Authentication Response(MAC Failed) 6. Authentication Reject 7. UEContextReleaseCommand 8. UEContextReleaseComplete The MME then sends a Purge-UE-request to the HSS and deletes the UE context as soon as it receives a Purge-UE-Answer. Suppose an Attach Request is received from the same UE between Purge-UE-Request/Answer, then the MME and HSS start the Authentication-Information-Request/Answer process. This can lead to the following situations. 1. Purge-UE-Request 2. Attach Request 3. Authentication-Information-Request 4. Purge-UE-Answer 5. [UE Context Removed] 6. Authentication-Information-Answer Since the UE Context has already been deleted when the Authentication-Information-Answer is received, it cannot be processed properly. Therefore, mme_ue_cycle() is used to check whether the UE Context has been deleted and decide whether to process or ignore the Authentication-Information-Answer as shown below. |
||
---|---|---|
.. | ||
amf | ||
ausf | ||
bsf | ||
hss | ||
mme | ||
nrf | ||
nssf | ||
pcf | ||
pcrf | ||
scp | ||
sepp | ||
sgwc | ||
sgwu | ||
smf | ||
udm | ||
udr | ||
upf | ||
main.c | ||
meson.build |