1 /* GSM LAPDm (TS 04.06) implementation */
3 /* (C) 2010 by Harald Welte <laforge@gnumonks.org>
4 * (C) 2010 by Andreas Eversberg <jolly@eversberg.eu>
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License along
19 * with this program; if not, write to the Free Software Foundation, Inc.,
20 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 /* Notes on Buffering: rcv_buffer, tx_queue, tx_hist, send_buffer, send_queue
26 * RX data is stored in the rcv_buffer (pointer). If the message is complete, it
27 * is removed from rcv_buffer pointer and forwarded to L3. If the RX data is
28 * received while there is an incomplete rcv_buffer, it is appended to it.
30 * TX data is stored in the send_queue first. When transmitting a frame,
31 * the first message in the send_queue is moved to the send_buffer. There it
32 * resides until all fragments are acknowledged. Fragments to be sent by I
33 * frames are stored in the tx_hist buffer for resend, if required. Also the
34 * current fragment is copied into the tx_queue. There it resides until it is
35 * forwarded to layer 1.
37 * In case we have SAPI 0, we only have a window size of 1, so the unack-
38 * nowledged message resides always in the send_buffer. In case of a suspend,
39 * it can be written back to the first position of the send_queue.
41 * The layer 1 normally sends a PH-READY-TO-SEND. But because we use
42 * asynchronous transfer between layer 1 and layer 2 (serial link), we must
43 * send a frame before layer 1 reaches the right timeslot to send it. So we
44 * move the tx_queue to layer 1 when there is not already a pending frame, and
45 * wait until acknowledge after the frame has been sent. If we receive an
46 * acknowledge, we can send the next frame from the buffer, if any.
48 * The moving of tx_queue to layer 1 may also trigger T200, if desired. Also it
49 * will trigger next I frame, if possible.
58 #include <osmocore/logging.h>
59 #include <osmocore/timer.h>
60 #include <osmocore/msgb.h>
61 #include <osmocore/tlv.h>
62 #include <osmocore/utils.h>
63 #include <osmocore/rsl.h>
64 #include <osmocore/protocol/gsm_04_08.h>
65 #include <osmocore/protocol/gsm_08_58.h>
67 #include <osmocom/osmocom_data.h>
68 #include <osmocom/l1ctl.h>
69 #include <osmocom/lapdm.h>
70 #include <osmocom/logging.h>
72 #include <l1a_l23_interface.h>
74 /* TS 04.06 Figure 4 / Section 3.2 */
75 #define LAPDm_LPD_NORMAL 0
76 #define LAPDm_LPD_SMSCB 1
77 #define LAPDm_SAPI_NORMAL 0
78 #define LAPDm_SAPI_SMS 3
79 #define LAPDm_ADDR(lpd, sapi, cr) ((((lpd) & 0x3) << 5) | (((sapi) & 0x7) << 2) | (((cr) & 0x1) << 1) | 0x1)
81 #define LAPDm_ADDR_SAPI(addr) (((addr) >> 2) & 0x7)
82 #define LAPDm_ADDR_CR(addr) (((addr) >> 1) & 0x1)
83 #define LAPDm_ADDR_EA(addr) ((addr) & 0x1)
85 /* TS 04.06 Table 3 / Section 3.4.3 */
86 #define LAPDm_CTRL_I(nr, ns, p) ((((nr) & 0x7) << 5) | (((p) & 0x1) << 4) | (((ns) & 0x7) << 1))
87 #define LAPDm_CTRL_S(nr, s, p) ((((nr) & 0x7) << 5) | (((p) & 0x1) << 4) | (((s) & 0x3) << 2) | 0x1)
88 #define LAPDm_CTRL_U(u, p) ((((u) & 0x1c) << (5-2)) | (((p) & 0x1) << 4) | (((u) & 0x3) << 2) | 0x3)
90 #define LAPDm_CTRL_is_I(ctrl) (((ctrl) & 0x1) == 0)
91 #define LAPDm_CTRL_is_S(ctrl) (((ctrl) & 0x3) == 1)
92 #define LAPDm_CTRL_is_U(ctrl) (((ctrl) & 0x3) == 3)
94 #define LAPDm_CTRL_U_BITS(ctrl) ((((ctrl) & 0xC) >> 2) | ((ctrl) & 0xE0) >> 3)
95 #define LAPDm_CTRL_PF_BIT(ctrl) (((ctrl) >> 4) & 0x1)
97 #define LAPDm_CTRL_S_BITS(ctrl) (((ctrl) & 0xC) >> 2)
99 #define LAPDm_CTRL_I_Ns(ctrl) (((ctrl) & 0xE) >> 1)
100 #define LAPDm_CTRL_Nr(ctrl) (((ctrl) & 0xE0) >> 5)
102 /* TS 04.06 Table 4 / Section 3.8.1 */
103 #define LAPDm_U_SABM 0x7
104 #define LAPDm_U_DM 0x3
105 #define LAPDm_U_UI 0x0
106 #define LAPDm_U_DISC 0x8
107 #define LAPDm_U_UA 0xC
109 #define LAPDm_S_RR 0x0
110 #define LAPDm_S_RNR 0x1
111 #define LAPDm_S_REJ 0x2
113 #define LAPDm_LEN(len) ((len << 2) | 0x1)
114 #define LAPDm_MORE 0x2
116 /* TS 04.06 Section 5.8.3 */
117 #define N201_AB_SACCH 18
118 #define N201_AB_SDCCH 20
119 #define N201_AB_FACCH 20
121 #define N201_Bter_SACCH 21
122 #define N201_Bter_SDCCH 23
123 #define N201_Bter_FACCH 23
126 /* 5.8.2.1 N200 during establish and release */
127 #define N200_EST_REL 5
128 /* 5.8.2.1 N200 during timer recovery state */
129 #define N200_TR_SACCH 5
130 #define N200_TR_SDCCH 23
131 #define N200_TR_FACCH_FR 34
132 #define N200_TR_EFACCH_FR 48
133 #define N200_TR_FACCH_HR 29
134 /* FIXME: this depends on chan type */
135 #define N200 N200_TR_SACCH
137 #define CR_MS2BS_CMD 0
138 #define CR_MS2BS_RESP 1
139 #define CR_BS2MS_CMD 1
140 #define CR_BS2MS_RESP 0
142 /* Set T200 to 1 Second (OpenBTS uses 900ms) */
145 /* k value for each SAPI */
146 static uint8_t k_sapi[] = {1, 1, 1, 1, 1, 1, 1, 1};
156 static void lapdm_t200_cb(void *data);
157 static int rslms_send_i(struct lapdm_msg_ctx *mctx);
159 /* UTILITY FUNCTIONS */
161 static inline uint8_t inc_mod8(uint8_t x)
166 static inline uint8_t add_mod8(uint8_t x, uint8_t y)
171 static inline uint8_t sub_mod8(uint8_t x, uint8_t y)
173 return (x - y) & 7; /* handle negative results correctly */
176 static void lapdm_dl_init(struct lapdm_datalink *dl,
177 struct lapdm_entity *entity)
179 memset(dl, 0, sizeof(*dl));
180 INIT_LLIST_HEAD(&dl->send_queue);
181 INIT_LLIST_HEAD(&dl->tx_queue);
182 dl->state = LAPDm_STATE_IDLE;
184 dl->t200.cb = &lapdm_t200_cb;
188 void lapdm_init(struct lapdm_entity *le, struct osmocom_ms *ms)
192 for (i = 0; i < ARRAY_SIZE(le->datalink); i++)
193 lapdm_dl_init(&le->datalink[i], le);
198 static void lapdm_dl_flush_send(struct lapdm_datalink *dl)
202 /* Flush send-queue */
203 while ((msg = msgb_dequeue(&dl->send_queue)))
206 /* Clear send-buffer */
207 if (dl->send_buffer) {
208 msgb_free(dl->send_buffer);
209 dl->send_buffer = NULL;
213 static void lapdm_dl_flush_tx(struct lapdm_datalink *dl)
218 while ((msg = msgb_dequeue(&dl->tx_queue)))
220 for (i = 0; i < 8; i++)
221 dl->tx_length[i] = 0;
224 void lapdm_exit(struct lapdm_entity *le)
227 struct lapdm_datalink *dl;
229 for (i = 0; i < ARRAY_SIZE(le->datalink); i++) {
230 dl = &le->datalink[i];
231 lapdm_dl_flush_tx(dl);
232 lapdm_dl_flush_send(dl);
234 msgb_free(dl->rcv_buffer);
238 static void lapdm_dl_newstate(struct lapdm_datalink *dl, uint32_t state)
240 LOGP(DLAPDM, LOGL_INFO, "new state %s -> %s\n",
241 lapdm_state_names[dl->state], lapdm_state_names[state]);
246 static struct lapdm_datalink *datalink_for_sapi(struct lapdm_entity *le, uint8_t sapi)
249 case LAPDm_SAPI_NORMAL:
250 return &le->datalink[0];
252 return &le->datalink[1];
258 /* remove the L2 header from a MSGB */
259 static inline unsigned char *msgb_pull_l2h(struct msgb *msg)
261 unsigned char *ret = msgb_pull(msg, msg->l3h - msg->l2h);
266 /* Append padding (if required) */
267 static void lapdm_pad_msgb(struct msgb *msg, uint8_t n201)
269 int pad_len = n201 - msgb_l2len(msg);
273 LOGP(DLAPDM, LOGL_ERROR,
274 "cannot pad message that is already too big!\n");
278 data = msgb_put(msg, pad_len);
279 memset(data, 0x2B, pad_len);
282 /* write a frame into the tx queue */
283 static int tx_ph_data_enqueue(struct lapdm_datalink *dl, struct msgb *msg,
284 uint8_t chan_nr, uint8_t link_id, uint8_t n201)
286 struct lapdm_entity *le = dl->entity;
287 struct osmocom_ms *ms = le->ms;
289 /* if there is a pending message, queue it */
290 if (le->tx_pending) {
291 *msgb_push(msg, 1) = n201;
292 *msgb_push(msg, 1) = link_id;
293 *msgb_push(msg, 1) = chan_nr;
294 msgb_enqueue(&dl->tx_queue, msg);
298 /* send the frame now */
300 #warning HACK: no confirm yet! (queue is always empty now)
302 printf("-> tx chan_nr 0x%x link_id 0x%x len %d data", chan_nr, link_id, msgb_l2len(msg));
304 for (i = 0; i < msgb_l2len(msg); i++)
305 printf(" %02x", msg->l2h[i]);
308 lapdm_pad_msgb(msg, n201);
309 return tx_ph_data_req(ms, msg, chan_nr, link_id);
312 /* get next frame from the tx queue. because the ms has multiple datalinks,
313 * each datalink's queue is read round-robin.
315 static int tx_ph_data_dequeue(struct lapdm_entity *le)
317 struct osmocom_ms *ms = le->ms;
318 struct lapdm_datalink *dl;
319 int last = le->last_tx_dequeue;
320 int i = last, n = ARRAY_SIZE(le->datalink);
322 uint8_t chan_nr, link_id, n201;
324 /* round-robin dequeue */
328 dl = &le->datalink[i];
329 if ((msg = msgb_dequeue(&dl->tx_queue)))
333 /* no message in all queues */
337 /* Pull chan_nr and link_id */
338 chan_nr = *msg->data;
340 link_id = *msg->data;
345 /* Set last dequeue position */
346 le->last_tx_dequeue = i;
348 /* Pad the frame, we can transmit now */
350 lapdm_pad_msgb(msg, n201);
351 return tx_ph_data_req(ms, msg, chan_nr, link_id);
354 /* Take a Bbis format message from L1 and create RSLms UNIT DATA IND */
355 static int send_rslms_rll_l3(uint8_t msg_type, struct lapdm_msg_ctx *mctx,
358 /* Add the RSL + RLL header */
359 rsl_rll_push_l3(msg, msg_type, mctx->chan_nr, mctx->link_id, 1);
361 /* send off the RSLms message to L3 */
362 return rslms_sendmsg(msg, mctx->dl->entity->ms);
365 static int send_rll_simple(uint8_t msg_type, struct lapdm_msg_ctx *mctx)
369 msg = rsl_rll_simple(msg_type, mctx->chan_nr, mctx->link_id, 1);
371 /* send off the RSLms message to L3 */
372 return rslms_sendmsg(msg, mctx->dl->entity->ms);
375 static int rsl_rll_error(uint8_t cause, struct lapdm_msg_ctx *mctx)
379 LOGP(DLAPDM, LOGL_NOTICE, "sending MDL-ERROR-IND %d\n", cause);
380 msg = rsl_rll_simple(RSL_MT_ERROR_IND, mctx->chan_nr, mctx->link_id, 1);
381 msg->l2h = msgb_put(msg, sizeof(struct abis_rsl_rll_hdr) + 1);
383 return rslms_sendmsg(msg, mctx->dl->entity->ms);
386 static int check_length_ind(struct lapdm_msg_ctx *mctx, uint8_t length_ind)
388 if (!(length_ind & 0x01)) {
389 /* G.4.1 If the EL bit is set to "0", an MDL-ERROR-INDICATION
390 * primitive with cause "frame not implemented" is sent to the
391 * mobile management entity. */
392 LOGP(DLAPDM, LOGL_NOTICE,
393 "we don't support multi-octet length\n");
394 rsl_rll_error(RLL_CAUSE_FRM_UNIMPL, mctx);
400 static int lapdm_send_resend(struct lapdm_datalink *dl)
402 struct msgb *msg = msgb_alloc_headroom(23+10, 10, "LAPDm resend");
405 /* Resend SABM/DISC from tx_hist */
406 length = dl->tx_length[0];
407 msg->l2h = msgb_put(msg, length);
408 memcpy(msg->l2h, dl->tx_hist[dl->V_send], length);
410 return tx_ph_data_enqueue(dl, msg, dl->mctx.chan_nr, dl->mctx.link_id,
414 static int lapdm_send_ua(struct lapdm_msg_ctx *mctx, uint8_t len, uint8_t *data)
416 uint8_t sapi = mctx->link_id & 7;
417 uint8_t f_bit = LAPDm_CTRL_PF_BIT(mctx->ctrl);
418 struct msgb *msg = msgb_alloc_headroom(23+10, 10, "LAPDm UA");
419 msg->l2h = msgb_put(msg, 3 + len);
421 msg->l2h[0] = LAPDm_ADDR(LAPDm_LPD_NORMAL, sapi, CR_MS2BS_RESP);
422 msg->l2h[1] = LAPDm_CTRL_U(LAPDm_U_UA, f_bit);
423 msg->l2h[2] = LAPDm_LEN(len);
425 memcpy(msg->l2h + 3, data, len);
427 return tx_ph_data_enqueue(mctx->dl, msg, mctx->chan_nr, mctx->link_id,
431 static int lapdm_send_dm(struct lapdm_msg_ctx *mctx)
433 uint8_t sapi = mctx->link_id & 7;
434 uint8_t f_bit = LAPDm_CTRL_PF_BIT(mctx->ctrl);
435 struct msgb *msg = msgb_alloc_headroom(23+10, 10, "LAPDm DM");
436 msg->l2h = msgb_put(msg, 3);
438 msg->l2h[0] = LAPDm_ADDR(LAPDm_LPD_NORMAL, sapi, CR_MS2BS_RESP);
439 msg->l2h[1] = LAPDm_CTRL_U(LAPDm_U_DM, f_bit);
442 return tx_ph_data_enqueue(mctx->dl, msg, mctx->chan_nr, mctx->link_id,
446 static int lapdm_send_rr(struct lapdm_msg_ctx *mctx, uint8_t f_bit)
448 uint8_t sapi = mctx->link_id & 7;
449 struct msgb *msg = msgb_alloc_headroom(23+10, 10, "LAPDm RR");
450 msg->l2h = msgb_put(msg, 3);
452 msg->l2h[0] = LAPDm_ADDR(LAPDm_LPD_NORMAL, sapi, CR_MS2BS_RESP);
453 msg->l2h[1] = LAPDm_CTRL_S(mctx->dl->V_recv, LAPDm_S_RR, f_bit);
454 msg->l2h[2] = LAPDm_LEN(0);
456 return tx_ph_data_enqueue(mctx->dl, msg, mctx->chan_nr, mctx->link_id,
460 static int lapdm_send_rnr(struct lapdm_msg_ctx *mctx, uint8_t f_bit)
462 uint8_t sapi = mctx->link_id & 7;
463 struct msgb *msg = msgb_alloc_headroom(23+10, 10, "LAPDm RNR");
464 msg->l2h = msgb_put(msg, 3);
466 msg->l2h[0] = LAPDm_ADDR(LAPDm_LPD_NORMAL, sapi, CR_MS2BS_RESP);
467 msg->l2h[1] = LAPDm_CTRL_S(mctx->dl->V_recv, LAPDm_S_RNR, f_bit);
468 msg->l2h[2] = LAPDm_LEN(0);
470 return tx_ph_data_enqueue(mctx->dl, msg, mctx->chan_nr, mctx->link_id,
474 static int lapdm_send_rej(struct lapdm_msg_ctx *mctx, uint8_t f_bit)
476 uint8_t sapi = mctx->link_id & 7;
477 struct msgb *msg = msgb_alloc_headroom(23+10, 10, "LAPDm REJ");
478 msg->l2h = msgb_put(msg, 3);
480 msg->l2h[0] = LAPDm_ADDR(LAPDm_LPD_NORMAL, sapi, CR_MS2BS_RESP);
481 msg->l2h[1] = LAPDm_CTRL_S(mctx->dl->V_recv, LAPDm_S_REJ, f_bit);
482 msg->l2h[2] = LAPDm_LEN(0);
484 return tx_ph_data_enqueue(mctx->dl, msg, mctx->chan_nr, mctx->link_id,
488 /* Timer callback on T200 expiry */
489 static void lapdm_t200_cb(void *data)
491 struct lapdm_datalink *dl = data;
493 LOGP(DLAPDM, LOGL_INFO, "lapdm_t200_cb(%p) state=%u\n", dl, dl->state);
496 case LAPDm_STATE_SABM_SENT:
498 if (dl->retrans_ctr + 1 >= N200_EST_REL + 1) {
499 /* send RELEASE INDICATION to L3 */
500 send_rll_simple(RSL_MT_REL_IND, &dl->mctx);
501 /* send MDL ERROR INIDCATION to L3 */
502 rsl_rll_error(RLL_CAUSE_T200_EXPIRED, &dl->mctx);
503 /* go back to idle state */
504 lapdm_dl_newstate(dl, LAPDm_STATE_IDLE);
505 /* NOTE: we must not change any other states or buffers
506 * and queues, since we may reconnect after handover
507 * failure. the buffered messages is replaced there */
510 /* retransmit SABM command */
511 lapdm_send_resend(dl);
512 /* increment re-transmission counter */
514 /* restart T200 (PH-READY-TO-SEND) */
515 bsc_schedule_timer(&dl->t200, T200);
517 case LAPDm_STATE_DISC_SENT:
519 if (dl->retrans_ctr + 1 >= N200_EST_REL + 1) {
520 /* send RELEASE INDICATION to L3 */
521 send_rll_simple(RSL_MT_REL_CONF, &dl->mctx);
522 /* send MDL ERROR INIDCATION to L3 */
523 rsl_rll_error(RLL_CAUSE_T200_EXPIRED, &dl->mctx);
524 /* go back to idle state */
525 lapdm_dl_newstate(dl, LAPDm_STATE_IDLE);
526 /* NOTE: we must not change any other states or buffers
527 * and queues, since we may reconnect after handover
528 * failure. the buffered messages is replaced there */
531 /* retransmit DISC command */
532 lapdm_send_resend(dl);
533 /* increment re-transmission counter */
535 /* restart T200 (PH-READY-TO-SEND) */
536 bsc_schedule_timer(&dl->t200, T200);
538 case LAPDm_STATE_MF_EST:
541 lapdm_dl_newstate(dl, LAPDm_STATE_TIMER_RECOV);
543 case LAPDm_STATE_TIMER_RECOV:
545 if (dl->retrans_ctr < N200) {
546 /* retransmit I frame (V_s-1) with P=1, if any */
547 if (dl->tx_length[dl->V_send - 1]) {
551 LOGP(DLAPDM, LOGL_INFO, "retransmit last frame "
552 "V(S)=%d\n", dl->V_send - 1);
553 /* Create I frame (segment) from tx_hist */
554 length = dl->tx_length[dl->V_send - 1];
555 msg = msgb_alloc_headroom(23+10, 10, "LAPDm I");
556 msg->l2h = msgb_put(msg, length);
557 memcpy(msg->l2h, dl->tx_hist[dl->V_send - 1],
559 msg->l2h[1] = LAPDm_CTRL_I(dl->V_recv,
560 dl->V_send - 1, 1); /* P=1 */
561 tx_ph_data_enqueue(dl, msg, dl->mctx.chan_nr,
562 dl->mctx.link_id, dl->mctx.n201);
564 /* OR send appropriate supervision frame with P=1 */
565 if (!dl->own_busy && !dl->seq_err_cond) {
566 lapdm_send_rr(&dl->mctx, 1);
567 /* NOTE: In case of sequence error
568 * condition, the REJ frame has been
569 * transmitted when entering the
570 * condition, so it has not be done
573 } else if (dl->own_busy) {
574 lapdm_send_rnr(&dl->mctx, 1);
576 LOGP(DLAPDM, LOGL_INFO, "unhandled, "
580 /* restart T200 (PH-READY-TO-SEND) */
581 bsc_schedule_timer(&dl->t200, T200);
583 /* send MDL ERROR INIDCATION to L3 */
584 rsl_rll_error(RLL_CAUSE_T200_EXPIRED, &dl->mctx);
588 LOGP(DLAPDM, LOGL_INFO, "T200 expired in unexpected "
589 "dl->state %u\n", dl->state);
593 /* 5.5.3.1: Common function to acknowlege frames up to the given N(R) value */
594 static void lapdm_acknowledge(struct lapdm_msg_ctx *mctx)
596 struct lapdm_datalink *dl = mctx->dl;
597 uint8_t nr = LAPDm_CTRL_Nr(mctx->ctrl);
598 int s = 0, rej = 0, t200_reset = 0;
601 /* supervisory frame ? */
602 if (LAPDm_CTRL_is_S(mctx->ctrl))
605 if (s && LAPDm_CTRL_S_BITS(mctx->ctrl) == LAPDm_S_REJ)
608 /* Flush all transmit buffers of acknowledged frames */
609 for (i = dl->V_ack; i != nr; i = inc_mod8(i)) {
610 if (dl->tx_length[i]) {
611 dl->tx_length[i] = 0;
612 LOGP(DLAPDM, LOGL_INFO, "ack frame %d\n", i);
616 if (dl->state != LAPDm_STATE_TIMER_RECOV) {
617 /* When not in the timer recovery condition, the data
618 * link layer entity shall reset the timer T200 on
619 * receipt of a valid I frame with N(R) higher than V(A),
620 * or an REJ with an N(R) equal to V(A). */
621 if ((!rej && nr != dl->V_ack)
622 || (rej && nr == dl->V_ack)) {
623 LOGP(DLAPDM, LOGL_INFO, "reset t200\n");
625 bsc_del_timer(&dl->t200);
626 /* 5.5.3.1 Note 1 + 2 imply timer recovery cond. */
628 /* 5.7.4: N(R) sequence error
629 * N(R) is called valid, if and only if
630 * (N(R)-V(A)) mod 8 <= (V(S)-V(A)) mod 8.
632 if (sub_mod8(nr, dl->V_ack) > sub_mod8(dl->V_send, dl->V_ack)) {
633 LOGP(DLAPDM, LOGL_NOTICE, "N(R) sequence error\n");
634 rsl_rll_error(RLL_CAUSE_SEQ_ERR, mctx);
638 /* V(A) shall be set to the value of N(R) */
641 /* If T200 has been reset by the receipt of an I, RR or RNR frame,
642 * and if there are outstanding I frames, restart T200 */
643 if (t200_reset && !rej) {
644 if (dl->tx_length[dl->V_send - 1]) {
645 LOGP(DLAPDM, LOGL_INFO, "start T200, due to unacked I "
647 bsc_schedule_timer(&dl->t200, T200);
654 /* Receive a LAPDm U (Unnumbered) message from L1 */
655 static int lapdm_rx_u(struct msgb *msg, struct lapdm_msg_ctx *mctx)
657 struct lapdm_datalink *dl = mctx->dl;
662 switch (LAPDm_CTRL_U_BITS(mctx->ctrl)) {
664 rsl_msg = RSL_MT_EST_IND;
666 LOGP(DLAPDM, LOGL_INFO, "SABM received\n");
668 dl->seq_err_cond = 0;
669 /* G.2.2 Wrong value of the C/R bit */
670 if (LAPDm_ADDR_CR(mctx->addr) == CR_BS2MS_RESP) {
671 LOGP(DLAPDM, LOGL_NOTICE, "SABM response error\n");
673 rsl_rll_error(RLL_CAUSE_FRM_UNIMPL, mctx);
677 length = msg->l2h[2] >> 2;
678 /* G.4.5 If SABM is received with L>N201 or with M bit
679 * set, AN MDL-ERROR-INDICATION is sent to MM.
681 if ((msg->l2h[2] & LAPDm_MORE) || length + 3 > mctx->n201) {
682 LOGP(DLAPDM, LOGL_NOTICE, "SABM too large error\n");
684 rsl_rll_error(RLL_CAUSE_UFRM_INC_PARAM, mctx);
688 /* Must be Format B */
689 rc = check_length_ind(mctx, msg->l2h[2]);
695 case LAPDm_STATE_IDLE:
696 /* Set chan_nr and link_id for established connection */
697 memset(&dl->mctx, 0, sizeof(dl->mctx));
699 dl->mctx.chan_nr = mctx->chan_nr;
700 dl->mctx.link_id = mctx->link_id;
702 case LAPDm_STATE_MF_EST:
704 rsl_msg = RSL_MT_EST_CONF;
707 LOGP(DLAPDM, LOGL_INFO, "SABM command, multiple "
708 "frame established state\n");
709 /* check for contention resoultion */
710 if (dl->tx_hist[0][2] >> 2) {
711 LOGP(DLAPDM, LOGL_NOTICE, "SABM not allowed "
712 "during contention resolution\n");
713 rsl_rll_error(RLL_CAUSE_SABM_INFO_NOTALL, mctx);
717 case LAPDm_STATE_DISC_SENT:
718 /* 5.4.6.2 send DM with F=P */
720 /* reset Timer T200 */
721 bsc_del_timer(&dl->t200);
723 return send_rll_simple(RSL_MT_REL_CONF, mctx);
725 lapdm_send_ua(mctx, length, msg->l2h + 3);
729 /* send UA response */
730 lapdm_send_ua(mctx, length, msg->l2h + 3);
731 /* set Vs, Vr and Va to 0 */
732 dl->V_send = dl->V_recv = dl->V_ack = 0;
734 dl->tx_length[0] = 0;
735 /* enter multiple-frame-established state */
736 lapdm_dl_newstate(dl, LAPDm_STATE_MF_EST);
737 /* send notification to L3 */
739 /* 5.4.1.2 Normal establishment procedures */
740 rc = send_rll_simple(rsl_msg, mctx);
743 /* 5.4.1.4 Contention resolution establishment */
744 msg->l3h = msg->l2h + 3;
746 rc = send_rslms_rll_l3(rsl_msg, mctx, msg);
750 LOGP(DLAPDM, LOGL_INFO, "DM received\n");
751 /* G.2.2 Wrong value of the C/R bit */
752 if (LAPDm_ADDR_CR(mctx->addr) == CR_BS2MS_CMD) {
753 LOGP(DLAPDM, LOGL_NOTICE, "DM command error\n");
755 rsl_rll_error(RLL_CAUSE_FRM_UNIMPL, mctx);
758 if (!LAPDm_CTRL_PF_BIT(mctx->ctrl)) {
759 /* 5.4.1.2 DM responses with the F bit set to "0"
766 case LAPDm_STATE_SABM_SENT:
768 case LAPDm_STATE_MF_EST:
769 if (LAPDm_CTRL_PF_BIT(mctx->ctrl) == 1) {
770 LOGP(DLAPDM, LOGL_INFO, "unsolicited DM "
772 rsl_rll_error(RLL_CAUSE_UNSOL_DM_RESP, mctx);
774 LOGP(DLAPDM, LOGL_INFO, "unsolicited DM "
775 "response, multiple frame established "
777 rsl_rll_error(RLL_CAUSE_UNSOL_DM_RESP_MF, mctx);
781 case LAPDm_STATE_TIMER_RECOV:
782 /* DM is normal in case PF = 1 */
783 if (LAPDm_CTRL_PF_BIT(mctx->ctrl) == 0) {
784 LOGP(DLAPDM, LOGL_INFO, "unsolicited DM "
785 "response, multiple frame established "
787 rsl_rll_error(RLL_CAUSE_UNSOL_DM_RESP_MF, mctx);
792 case LAPDm_STATE_DISC_SENT:
793 /* reset Timer T200 */
794 bsc_del_timer(&dl->t200);
795 /* go to idle state */
796 lapdm_dl_newstate(dl, LAPDm_STATE_IDLE);
797 rc = send_rll_simple(RSL_MT_REL_CONF, mctx);
800 case LAPDm_STATE_IDLE:
801 /* 5.4.5 all other frame types shall be discarded */
803 LOGP(DLAPDM, LOGL_INFO, "unsolicited DM response! "
809 bsc_del_timer(&dl->t200);
810 rc = send_rll_simple(RSL_MT_REL_IND, mctx);
814 LOGP(DLAPDM, LOGL_INFO, "UI received\n");
815 /* G.2.2 Wrong value of the C/R bit */
816 if (LAPDm_ADDR_CR(mctx->addr) == CR_BS2MS_RESP) {
817 LOGP(DLAPDM, LOGL_NOTICE, "UI indicates response "
820 rsl_rll_error(RLL_CAUSE_FRM_UNIMPL, mctx);
824 length = msg->l2h[2] >> 2;
825 /* FIXME: G.4.5 If UI is received with L>N201 or with M bit
826 * set, AN MDL-ERROR-INDICATION is sent to MM.
829 if (mctx->lapdm_fmt == LAPDm_FMT_B4) {
831 msg->l3h = msg->l2h + 2;
833 rc = check_length_ind(mctx, msg->l2h[2]);
838 length = msg->l2h[2] >> 2;
839 msg->l3h = msg->l2h + 3;
841 /* do some length checks */
843 /* 5.3.3 UI frames received with the length indicator
844 * set to "0" shall be ignored
846 LOGP(DLAPDM, LOGL_INFO, "length=0 (discarding)\n");
850 switch (LAPDm_ADDR_SAPI(mctx->addr)) {
851 case LAPDm_SAPI_NORMAL:
855 /* 5.3.3 UI frames with invalid SAPI values shall be
858 LOGP(DLAPDM, LOGL_INFO, "sapi=%u (discarding)\n",
859 LAPDm_ADDR_SAPI(mctx->addr));
864 rc = send_rslms_rll_l3(RSL_MT_UNIT_DATA_IND, mctx, msg);
867 rsl_msg = RSL_MT_REL_IND;
869 LOGP(DLAPDM, LOGL_INFO, "DISC received\n");
871 lapdm_dl_flush_tx(dl);
872 lapdm_dl_flush_send(dl);
874 dl->seq_err_cond = 0;
875 /* G.2.2 Wrong value of the C/R bit */
876 if (LAPDm_ADDR_CR(mctx->addr) == CR_BS2MS_RESP) {
877 LOGP(DLAPDM, LOGL_NOTICE, "DISC response error\n");
879 rsl_rll_error(RLL_CAUSE_FRM_UNIMPL, mctx);
882 length = msg->l2h[2] >> 2;
883 if (length > 0 || msg->l2h[2] & 0x02) {
884 /* G.4.4 If a DISC or DM frame is received with L>0 or
885 * with the M bit set to "1", an MDL-ERROR-INDICATION
886 * primitive with cause "U frame with incorrect
887 * parameters" is sent to the mobile management entity. */
888 LOGP(DLAPDM, LOGL_NOTICE,
889 "U frame iwth incorrect parameters ");
891 rsl_rll_error(RLL_CAUSE_UFRM_INC_PARAM, mctx);
896 case LAPDm_STATE_IDLE:
897 LOGP(DLAPDM, LOGL_INFO, "DISC in idle state\n");
898 /* send DM with F=P */
899 return lapdm_send_dm(mctx);
900 case LAPDm_STATE_SABM_SENT:
901 LOGP(DLAPDM, LOGL_INFO, "DISC in SABM state\n");
902 /* 5.4.6.2 send DM with F=P */
904 /* reset Timer T200 */
905 bsc_del_timer(&dl->t200);
906 return send_rll_simple(RSL_MT_REL_IND, mctx);
907 case LAPDm_STATE_MF_EST:
908 case LAPDm_STATE_TIMER_RECOV:
909 LOGP(DLAPDM, LOGL_INFO, "DISC in est state\n");
911 case LAPDm_STATE_DISC_SENT:
912 LOGP(DLAPDM, LOGL_INFO, "DISC in disc state\n");
913 rsl_msg = RSL_MT_REL_CONF;
916 lapdm_send_ua(mctx, length, msg->l2h + 3);
919 /* send UA response */
920 lapdm_send_ua(mctx, length, msg->l2h + 3);
921 /* reset Timer T200 */
922 bsc_del_timer(&dl->t200);
923 /* enter idle state */
924 lapdm_dl_newstate(dl, LAPDm_STATE_IDLE);
925 /* send notification to L3 */
926 rc = send_rll_simple(rsl_msg, mctx);
929 LOGP(DLAPDM, LOGL_INFO, "UA received\n");
930 /* G.2.2 Wrong value of the C/R bit */
931 if (LAPDm_ADDR_CR(mctx->addr) == CR_BS2MS_CMD) {
932 LOGP(DLAPDM, LOGL_NOTICE, "UA indicates command "
935 rsl_rll_error(RLL_CAUSE_FRM_UNIMPL, mctx);
939 length = msg->l2h[2] >> 2;
940 /* G.4.5 If UA is received with L>N201 or with M bit
941 * set, AN MDL-ERROR-INDICATION is sent to MM.
943 if ((msg->l2h[2] & LAPDm_MORE) || length + 3 > mctx->n201) {
944 LOGP(DLAPDM, LOGL_NOTICE, "UA too large error\n");
946 rsl_rll_error(RLL_CAUSE_UFRM_INC_PARAM, mctx);
950 if (!LAPDm_CTRL_PF_BIT(mctx->ctrl)) {
951 /* 5.4.1.2 A UA response with the F bit set to "0"
954 LOGP(DLAPDM, LOGL_INFO, "F=0 (discarding)\n");
959 case LAPDm_STATE_SABM_SENT:
961 case LAPDm_STATE_MF_EST:
962 case LAPDm_STATE_TIMER_RECOV:
963 LOGP(DLAPDM, LOGL_INFO, "unsolicited UA response! "
965 rsl_rll_error(RLL_CAUSE_UNSOL_UA_RESP, mctx);
968 case LAPDm_STATE_DISC_SENT:
969 LOGP(DLAPDM, LOGL_INFO, "UA in disconnect state\n");
970 /* reset Timer T200 */
971 bsc_del_timer(&dl->t200);
972 /* go to idle state */
973 lapdm_dl_newstate(dl, LAPDm_STATE_IDLE);
974 rc = send_rll_simple(RSL_MT_REL_CONF, mctx);
977 case LAPDm_STATE_IDLE:
978 /* 5.4.5 all other frame types shall be discarded */
980 LOGP(DLAPDM, LOGL_INFO, "unsolicited UA response! "
985 LOGP(DLAPDM, LOGL_INFO, "UA in SABM state\n");
986 /* reset Timer T200 */
987 bsc_del_timer(&dl->t200);
988 /* compare UA with SABME if contention resolution is applied */
989 if (dl->tx_hist[0][2] >> 2) {
990 rc = check_length_ind(mctx, msg->l2h[2]);
992 rc = send_rll_simple(RSL_MT_REL_IND, mctx);
994 /* go to idle state */
995 lapdm_dl_newstate(dl, LAPDm_STATE_IDLE);
998 length = msg->l2h[2] >> 2;
999 if (length != (dl->tx_hist[0][2] >> 2)
1000 || !!memcmp(dl->tx_hist[0] + 3, msg->l2h + 3,
1002 LOGP(DLAPDM, LOGL_INFO, "UA response "
1004 rc = send_rll_simple(RSL_MT_REL_IND, mctx);
1006 /* go to idle state */
1007 lapdm_dl_newstate(dl, LAPDm_STATE_IDLE);
1011 /* set Vs, Vr and Va to 0 */
1012 dl->V_send = dl->V_recv = dl->V_ack = 0;
1014 dl->tx_length[0] = 0;
1015 /* enter multiple-frame-established state */
1016 lapdm_dl_newstate(dl, LAPDm_STATE_MF_EST);
1017 /* send outstanding frames, if any (resume / reconnect) */
1019 /* send notification to L3 */
1020 rc = send_rll_simple(RSL_MT_EST_CONF, mctx);
1025 LOGP(DLAPDM, LOGL_NOTICE, "Unnumbered frame not allowed.\n");
1027 rsl_rll_error(RLL_CAUSE_FRM_UNIMPL, mctx);
1033 /* Receive a LAPDm S (Supervisory) message from L1 */
1034 static int lapdm_rx_s(struct msgb *msg, struct lapdm_msg_ctx *mctx)
1036 struct lapdm_datalink *dl = mctx->dl;
1039 length = msg->l2h[2] >> 2;
1040 if (length > 0 || msg->l2h[2] & 0x02) {
1041 /* G.4.3 If a supervisory frame is received with L>0 or
1042 * with the M bit set to "1", an MDL-ERROR-INDICATION
1043 * primitive with cause "S frame with incorrect
1044 * parameters" is sent to the mobile management entity. */
1045 LOGP(DLAPDM, LOGL_NOTICE,
1046 "S frame with incorrect parameters\n");
1048 rsl_rll_error(RLL_CAUSE_SFRM_INC_PARAM, mctx);
1051 /* 5.4.2.2: Inidcate error on supervisory reponse F=1 */
1052 if (LAPDm_ADDR_CR(mctx->addr) == CR_BS2MS_RESP
1053 && LAPDm_CTRL_PF_BIT(mctx->ctrl)) {
1054 LOGP(DLAPDM, LOGL_NOTICE, "S frame response with F=1 error\n");
1055 rsl_rll_error(RLL_CAUSE_UNSOL_SPRV_RESP, mctx);
1058 switch (dl->state) {
1059 case LAPDm_STATE_IDLE:
1060 /* if P=1, respond DM with F=1 (5.2.2) */
1061 /* 5.4.5 all other frame types shall be discarded */
1062 if (LAPDm_CTRL_PF_BIT(mctx->ctrl))
1063 lapdm_send_dm(mctx); /* F=P */
1065 case LAPDm_STATE_SABM_SENT:
1066 case LAPDm_STATE_DISC_SENT:
1067 LOGP(DLAPDM, LOGL_NOTICE, "S frame ignored in this state\n");
1071 switch (LAPDm_CTRL_S_BITS(mctx->ctrl)) {
1073 LOGP(DLAPDM, LOGL_INFO, "RR received\n");
1074 /* 5.5.3.1: Acknowlege all tx frames up the the N(R)-1 */
1075 lapdm_acknowledge(mctx);
1078 if (LAPDm_ADDR_CR(mctx->addr) == CR_BS2MS_CMD
1079 && LAPDm_CTRL_PF_BIT(mctx->ctrl)) {
1080 if (!dl->own_busy && !dl->seq_err_cond) {
1081 LOGP(DLAPDM, LOGL_NOTICE, "RR frame command with polling bit set and we are not busy, so we reply with RR frame\n");
1082 lapdm_send_rr(mctx, 1);
1083 /* NOTE: In case of sequence error condition,
1084 * the REJ frame has been transmitted when
1085 * entering the condition, so it has not be
1088 } else if (dl->own_busy) {
1089 LOGP(DLAPDM, LOGL_NOTICE, "RR frame command with polling bit set and we are busy, so we reply with RR frame\n");
1090 lapdm_send_rnr(mctx, 1);
1093 /* Send message, if possible due to acknowledged data */
1098 LOGP(DLAPDM, LOGL_INFO, "RNR received\n");
1099 /* 5.5.3.1: Acknowlege all tx frames up the the N(R)-1 */
1100 lapdm_acknowledge(mctx);
1103 /* Set peer receiver busy condition */
1106 if (LAPDm_CTRL_PF_BIT(mctx->ctrl)) {
1107 if (LAPDm_ADDR_CR(mctx->addr) == CR_BS2MS_CMD) {
1108 if (!dl->own_busy) {
1109 LOGP(DLAPDM, LOGL_INFO, "RNR poll "
1110 "command and we are not busy, "
1111 "so we reply with RR final "
1113 /* Send RR with F=1 */
1114 lapdm_send_rr(mctx, 1);
1116 LOGP(DLAPDM, LOGL_INFO, "RNR poll "
1117 "command and we are busy, so "
1118 "we reply with RNR final "
1120 /* Send RNR with F=1 */
1121 lapdm_send_rnr(mctx, 1);
1123 } else if (dl->state == LAPDm_STATE_TIMER_RECOV) {
1124 LOGP(DLAPDM, LOGL_INFO, "RNR poll response "
1125 "and we in timer recovery state, so "
1126 "we leave that state\n");
1127 /* Clear timer recovery condition */
1128 lapdm_dl_newstate(dl, LAPDm_STATE_MF_EST);
1129 /* V(S) to the N(R) in the RNR frame */
1130 dl->V_send = LAPDm_CTRL_Nr(mctx->ctrl);
1133 LOGP(DLAPDM, LOGL_INFO, "RNR not polling/final state "
1136 /* Send message, if possible due to acknowledged data */
1141 LOGP(DLAPDM, LOGL_INFO, "REJ received\n");
1142 /* 5.5.3.1: Acknowlege all tx frames up the the N(R)-1 */
1143 lapdm_acknowledge(mctx);
1146 if (dl->state != LAPDm_STATE_TIMER_RECOV) {
1147 /* Clear an existing peer receiver busy condition */
1149 /* V(S) and V(A) to the N(R) in the REJ frame */
1150 dl->V_send = dl->V_ack = LAPDm_CTRL_Nr(mctx->ctrl);
1151 /* reset Timer T200 */
1152 bsc_del_timer(&dl->t200);
1154 if (LAPDm_ADDR_CR(mctx->addr) == CR_BS2MS_CMD
1155 && LAPDm_CTRL_PF_BIT(mctx->ctrl)) {
1156 if (!dl->own_busy && !dl->seq_err_cond) {
1157 LOGP(DLAPDM, LOGL_INFO, "REJ poll "
1158 "command not in timer recovery "
1159 "state and not in own busy "
1160 "condition received, so we "
1161 "respond with RR final "
1163 lapdm_send_rr(mctx, 1);
1164 /* NOTE: In case of sequence error
1165 * condition, the REJ frame has been
1166 * transmitted when entering the
1167 * condition, so it has not be done
1170 } else if (dl->own_busy) {
1171 LOGP(DLAPDM, LOGL_INFO, "REJ poll "
1172 "command not in timer recovery "
1173 "state and in own busy "
1174 "condition received, so we "
1175 "respond with RNR final "
1177 lapdm_send_rnr(mctx, 1);
1180 LOGP(DLAPDM, LOGL_INFO, "REJ response or not "
1181 "polling command not in timer recovery "
1182 "state received\n");
1183 /* send MDL ERROR INIDCATION to L3 */
1184 if (LAPDm_ADDR_CR(mctx->addr) == CR_BS2MS_RESP
1185 && LAPDm_CTRL_PF_BIT(mctx->ctrl)) {
1186 rsl_rll_error(RLL_CAUSE_UNSOL_SPRV_RESP, mctx);
1189 } else if (LAPDm_ADDR_CR(mctx->addr) == CR_BS2MS_RESP
1190 && LAPDm_CTRL_PF_BIT(mctx->ctrl)) {
1191 LOGP(DLAPDM, LOGL_INFO, "REJ poll response in timer "
1192 "recovery state received\n");
1193 /* Clear an existing peer receiver busy condition */
1195 /* Clear timer recovery condition */
1196 lapdm_dl_newstate(dl, LAPDm_STATE_MF_EST);
1197 /* V(S) and V(A) to the N(R) in the REJ frame */
1198 dl->V_send = dl->V_ack = LAPDm_CTRL_Nr(mctx->ctrl);
1199 /* reset Timer T200 */
1200 bsc_del_timer(&dl->t200);
1202 /* Clear an existing peer receiver busy condition */
1204 /* V(S) and V(A) to the N(R) in the REJ frame */
1205 dl->V_send = dl->V_ack = LAPDm_CTRL_Nr(mctx->ctrl);
1207 if (LAPDm_ADDR_CR(mctx->addr) == CR_BS2MS_CMD
1208 && LAPDm_CTRL_PF_BIT(mctx->ctrl)) {
1209 if (!dl->own_busy && !dl->seq_err_cond) {
1210 LOGP(DLAPDM, LOGL_INFO, "REJ poll "
1211 "command in timer recovery "
1212 "state and not in own busy "
1213 "condition received, so we "
1214 "respond with RR final "
1216 lapdm_send_rr(mctx, 1);
1217 /* NOTE: In case of sequence error
1218 * condition, the REJ frame has been
1219 * transmitted when entering the
1220 * condition, so it has not be done
1223 } else if (dl->own_busy) {
1224 LOGP(DLAPDM, LOGL_INFO, "REJ poll "
1225 "command in timer recovery "
1226 "state and in own busy "
1227 "condition received, so we "
1228 "respond with RNR final "
1230 lapdm_send_rnr(mctx, 1);
1233 LOGP(DLAPDM, LOGL_INFO, "REJ response or not "
1234 "polling command in timer recovery "
1235 "state received\n");
1238 /* FIXME: 5.5.4.2 2) */
1240 /* Send message, if possible due to acknowledged data */
1246 LOGP(DLAPDM, LOGL_NOTICE, "Supervisory frame not allowed.\n");
1248 rsl_rll_error(RLL_CAUSE_FRM_UNIMPL, mctx);
1255 /* Receive a LAPDm I (Information) message from L1 */
1256 static int lapdm_rx_i(struct msgb *msg, struct lapdm_msg_ctx *mctx)
1258 struct lapdm_datalink *dl = mctx->dl;
1259 //uint8_t nr = LAPDm_CTRL_Nr(mctx->ctrl);
1260 uint8_t ns = LAPDm_CTRL_I_Ns(mctx->ctrl);
1264 LOGP(DLAPDM, LOGL_NOTICE, "I received\n");
1266 /* G.2.2 Wrong value of the C/R bit */
1267 if (LAPDm_ADDR_CR(mctx->addr) == CR_BS2MS_RESP) {
1268 LOGP(DLAPDM, LOGL_NOTICE, "I frame response not allowed\n");
1270 rsl_rll_error(RLL_CAUSE_FRM_UNIMPL, mctx);
1274 length = msg->l2h[2] >> 2;
1275 if (length == 0 || length + 3 > mctx->n201) {
1276 /* G.4.2 If the length indicator of an I frame is set
1277 * to a numerical value L>N201 or L=0, an MDL-ERROR-INDICATION
1278 * primitive with cause "I frame with incorrect length"
1279 * is sent to the mobile management entity. */
1280 LOGP(DLAPDM, LOGL_NOTICE, "I frame length not allowed\n");
1282 rsl_rll_error(RLL_CAUSE_IFRM_INC_LEN, mctx);
1286 /* G.4.2 If the numerical value of L is L<N201 and the M
1287 * bit is set to "1", then an MDL-ERROR-INDICATION primitive with
1288 * cause "I frame with incorrect use of M bit" is sent to the
1289 * mobile management entity. */
1290 if ((msg->l2h[2] & LAPDm_MORE) && length + 3 < mctx->n201) {
1291 LOGP(DLAPDM, LOGL_NOTICE, "I frame with M bit too short\n");
1293 rsl_rll_error(RLL_CAUSE_IFRM_INC_MBITS, mctx);
1297 switch (dl->state) {
1298 case LAPDm_STATE_IDLE:
1299 /* if P=1, respond DM with F=1 (5.2.2) */
1300 /* 5.4.5 all other frame types shall be discarded */
1301 if (LAPDm_CTRL_PF_BIT(mctx->ctrl))
1302 lapdm_send_dm(mctx); /* F=P */
1304 case LAPDm_STATE_SABM_SENT:
1305 case LAPDm_STATE_DISC_SENT:
1306 LOGP(DLAPDM, LOGL_NOTICE, "I frame ignored in this state\n");
1311 /* 5.7.1: N(s) sequence error */
1312 if (ns != dl->V_recv) {
1313 LOGP(DLAPDM, LOGL_NOTICE, "N(S) sequence error: N(S)=%u, "
1314 "V(R)=%u\n", ns, dl->V_recv);
1317 if (!dl->seq_err_cond) {
1318 /* FIXME: help me understand what exactly todo here
1319 dl->seq_err_cond = 1;
1321 lapdm_send_rej(mctx, LAPDm_CTRL_PF_BIT(mctx->ctrl));
1326 dl->seq_err_cond = 0;
1328 /* Increment receiver state */
1329 dl->V_recv = inc_mod8(dl->V_recv);
1330 LOGP(DLAPDM, LOGL_NOTICE, "incrementing V(R) to %u\n", dl->V_recv);
1332 /* 5.5.3.1: Acknowlege all transmitted frames up the the N(R)-1 */
1333 lapdm_acknowledge(mctx); /* V(A) is also set here */
1335 /* Only if we are not in own receiver busy condition */
1336 if (!dl->own_busy) {
1337 /* if the frame carries a complete segment */
1338 if (!(msg->l2h[2] & LAPDm_MORE)
1339 && !dl->rcv_buffer) {
1340 LOGP(DLAPDM, LOGL_INFO, "message in single I frame\n");
1341 /* send a DATA INDICATION to L3 */
1342 msg->l3h = msg->l2h + 3;
1344 rc = send_rslms_rll_l3(RSL_MT_DATA_IND, mctx, msg);
1346 /* create rcv_buffer */
1347 if (!dl->rcv_buffer) {
1348 LOGP(DLAPDM, LOGL_INFO, "message in multiple I "
1349 "frames (first message)\n");
1350 dl->rcv_buffer = msgb_alloc_headroom(200+10, 10,
1352 dl->rcv_buffer->l3h = dl->rcv_buffer->data;
1354 /* concat. rcv_buffer */
1355 if (msgb_l3len(dl->rcv_buffer) + length > 200) {
1356 LOGP(DLAPDM, LOGL_NOTICE, "Received frame "
1359 memcpy(msgb_put(dl->rcv_buffer, length),
1360 msg->l2h + 3, length);
1362 /* if the last segment was received */
1363 if (!(msg->l2h[2] & LAPDm_MORE)) {
1364 LOGP(DLAPDM, LOGL_INFO, "message in multiple I "
1365 "frames (next message)\n");
1366 rc = send_rslms_rll_l3(RSL_MT_DATA_IND, mctx,
1368 dl->rcv_buffer = NULL;
1370 LOGP(DLAPDM, LOGL_INFO, "message in multiple I "
1371 "frames (last message)\n");
1376 LOGP(DLAPDM, LOGL_INFO, "I frame ignored during own receiver "
1377 "busy condition\n");
1379 /* Check for P bit */
1380 if (LAPDm_CTRL_PF_BIT(mctx->ctrl)) {
1382 /* check if we are not in own receiver busy */
1383 if (!dl->own_busy) {
1384 LOGP(DLAPDM, LOGL_INFO, "we are not busy, send RR\n");
1385 /* Send RR with F=1 */
1386 rc = lapdm_send_rr(mctx, 1);
1388 LOGP(DLAPDM, LOGL_INFO, "we are busy, send RNR\n");
1389 /* Send RNR with F=1 */
1390 rc = lapdm_send_rnr(mctx, 1);
1394 /* check if we are not in own receiver busy */
1395 if (!dl->own_busy) {
1396 /* NOTE: V(R) is already set above */
1397 rc = rslms_send_i(mctx);
1399 LOGP(DLAPDM, LOGL_INFO, "we are not busy and "
1400 "have no pending data, send RR\n");
1401 /* Send RR with F=0 */
1402 return lapdm_send_rr(mctx, 0);
1405 LOGP(DLAPDM, LOGL_INFO, "we are busy, send RNR\n");
1406 /* Send RNR with F=0 */
1407 rc = lapdm_send_rnr(mctx, 0);
1411 /* Send message, if possible due to acknowledged data */
1417 /* Receive a LAPDm message from L1 */
1418 static int lapdm_ph_data_ind(struct msgb *msg, struct lapdm_msg_ctx *mctx)
1422 /* G.2.3 EA bit set to "0" is not allowed in GSM */
1423 if (!LAPDm_ADDR_EA(mctx->addr)) {
1424 LOGP(DLAPDM, LOGL_NOTICE, "EA bit 0 is not allowed in GSM\n");
1426 rsl_rll_error(RLL_CAUSE_FRM_UNIMPL, mctx);
1430 if (LAPDm_CTRL_is_U(mctx->ctrl))
1431 rc = lapdm_rx_u(msg, mctx);
1432 else if (LAPDm_CTRL_is_S(mctx->ctrl))
1433 rc = lapdm_rx_s(msg, mctx);
1434 else if (LAPDm_CTRL_is_I(mctx->ctrl))
1435 rc = lapdm_rx_i(msg, mctx);
1437 LOGP(DLAPDM, LOGL_NOTICE, "unknown LAPDm format\n");
1444 /* input into layer2 (from layer 1) */
1445 int l2_ph_data_ind(struct msgb *msg, struct lapdm_entity *le, struct l1ctl_info_dl *l1i)
1447 uint8_t cbits = l1i->chan_nr >> 3;
1448 uint8_t sapi = l1i->link_id & 7;
1449 struct lapdm_msg_ctx mctx;
1452 /* when we reach here, we have a msgb with l2h pointing to the raw
1453 * 23byte mac block. The l1h has already been purged. */
1455 mctx.dl = datalink_for_sapi(le, sapi);
1456 mctx.chan_nr = l1i->chan_nr;
1457 mctx.link_id = l1i->link_id;
1458 mctx.addr = mctx.ctrl = 0;
1460 /* G.2.1 No action schall be taken on frames containing an unallocated
1464 LOGP(DLAPDM, LOGL_NOTICE, "Received frame for unsupported "
1465 "SAPI %d!\n", sapi);
1471 /* check for L1 chan_nr/link_id and determine LAPDm hdr format */
1472 if (cbits == 0x10 || cbits == 0x12) {
1473 /* Format Bbis is used on BCCH and CCCH(PCH, NCH and AGCH) */
1474 mctx.lapdm_fmt = LAPDm_FMT_Bbis;
1475 mctx.n201 = N201_Bbis;
1477 if (mctx.link_id & 0x40) {
1478 /* It was received from network on SACCH, thus
1479 * lapdm_fmt must be B4 */
1480 mctx.lapdm_fmt = LAPDm_FMT_B4;
1481 mctx.n201 = N201_B4;
1482 LOGP(DLAPDM, LOGL_INFO, "fmt=B4\n");
1483 /* SACCH frames have a two-byte L1 header that
1484 * OsmocomBB L1 doesn't strip */
1487 mctx.lapdm_fmt = LAPDm_FMT_B;
1488 LOGP(DLAPDM, LOGL_INFO, "fmt=B\n");
1489 mctx.n201 = 23; // FIXME: select correct size by chan.
1493 switch (mctx.lapdm_fmt) {
1497 mctx.addr = msg->l2h[0];
1498 if (!(mctx.addr & 0x01)) {
1499 LOGP(DLAPDM, LOGL_ERROR, "we don't support "
1500 "multibyte addresses (discarding)\n");
1504 mctx.ctrl = msg->l2h[1];
1505 /* obtain SAPI from address field */
1506 mctx.link_id |= LAPDm_ADDR_SAPI(mctx.addr);
1507 rc = lapdm_ph_data_ind(msg, &mctx);
1509 case LAPDm_FMT_Bter:
1513 case LAPDm_FMT_Bbis:
1514 /* directly pass up to layer3 */
1515 LOGP(DLAPDM, LOGL_INFO, "fmt=Bbis UI\n");
1516 msg->l3h = msg->l2h;
1518 rc = send_rslms_rll_l3(RSL_MT_UNIT_DATA_IND, &mctx, msg);
1527 /* L3 -> L2 / RSLMS -> LAPDm */
1529 /* L3 requests establishment of data link */
1530 static int rslms_rx_rll_est_req(struct msgb *msg, struct lapdm_datalink *dl)
1532 struct abis_rsl_rll_hdr *rllh = msgb_l2(msg);
1533 uint8_t chan_nr = rllh->chan_nr;
1534 uint8_t link_id = rllh->link_id;
1535 uint8_t sapi = rllh->link_id & 7;
1536 struct tlv_parsed tv;
1538 uint8_t n201 = 23; //FIXME
1540 /* Set chan_nr and link_id for established connection */
1541 memset(&dl->mctx, 0, sizeof(dl->mctx));
1543 dl->mctx.n201 = n201;
1544 dl->mctx.chan_nr = chan_nr;
1545 dl->mctx.link_id = link_id;
1547 rsl_tlv_parse(&tv, rllh->data, msgb_l2len(msg)-sizeof(*rllh));
1548 if (TLVP_PRESENT(&tv, RSL_IE_L3_INFO)) {
1549 /* contention resolution establishment procedure */
1551 /* According to clause 6, the contention resolution
1552 * procedure is only permitted with SAPI value 0 */
1553 LOGP(DLAPDM, LOGL_ERROR, "SAPI != 0 but contention"
1554 "resolution (discarding)\n");
1556 return send_rll_simple(RSL_MT_REL_IND, &dl->mctx);
1558 /* transmit a SABM command with the P bit set to "1". The SABM
1559 * command shall contain the layer 3 message unit */
1560 length = TLVP_LEN(&tv, RSL_IE_L3_INFO);
1561 LOGP(DLAPDM, LOGL_INFO, "perform establishment with content "
1564 /* normal establishment procedure */
1566 LOGP(DLAPDM, LOGL_INFO, "perform normal establishm. (SAMB)\n");
1569 /* check if the layer3 message length exceeds N201 */
1570 if (length + 3 > 21) { /* FIXME: do we know the channel N201? */
1571 LOGP(DLAPDM, LOGL_ERROR, "frame too large: %d > N201(%d) "
1572 "(discarding)\n", length + 3, 21);
1574 return send_rll_simple(RSL_MT_REL_IND, &dl->mctx);
1577 /* Flush send-queue */
1578 /* Clear send-buffer */
1579 lapdm_dl_flush_send(dl);
1581 /* Discard partly received L3 message */
1582 if (dl->rcv_buffer) {
1583 msgb_free(dl->rcv_buffer);
1584 dl->rcv_buffer = NULL;
1587 /* Remove RLL header from msgb */
1590 /* Push LAPDm header on msgb */
1591 msg->l2h = msgb_push(msg, 3);
1592 msg->l2h[0] = LAPDm_ADDR(LAPDm_LPD_NORMAL, sapi, CR_MS2BS_CMD);
1593 msg->l2h[1] = LAPDm_CTRL_U(LAPDm_U_SABM, 1);
1594 msg->l2h[2] = LAPDm_LEN(length);
1595 /* Transmit-buffer carries exactly one segment */
1596 memcpy(dl->tx_hist[0], msg->l2h, 3 + length);
1597 dl->tx_length[0] = 3 + length;
1600 dl->own_busy = dl->peer_busy = 0;
1601 dl->retrans_ctr = 0;
1602 lapdm_dl_newstate(dl, LAPDm_STATE_SABM_SENT);
1604 /* Tramsmit and start T200 */
1605 bsc_schedule_timer(&dl->t200, T200);
1606 return tx_ph_data_enqueue(dl, msg, chan_nr, link_id, n201);
1609 /* L3 requests transfer of unnumbered information */
1610 static int rslms_rx_rll_udata_req(struct msgb *msg, struct lapdm_datalink *dl)
1612 struct abis_rsl_rll_hdr *rllh = msgb_l2(msg);
1613 uint8_t chan_nr = rllh->chan_nr;
1614 uint8_t link_id = rllh->link_id;
1615 uint8_t sapi = link_id & 7;
1616 struct tlv_parsed tv;
1618 uint8_t n201 = 23; //FIXME
1620 /* check if the layer3 message length exceeds N201 */
1622 rsl_tlv_parse(&tv, rllh->data, msgb_l2len(msg)-sizeof(*rllh));
1624 length = TLVP_LEN(&tv, RSL_IE_L3_INFO);
1625 /* check if the layer3 message length exceeds N201 */
1626 if (length + 3 > 18) { /* FIXME: do we know the channel N201? */
1627 LOGP(DLAPDM, LOGL_ERROR, "frame too large: %d > N201(%d) "
1628 "(discarding)\n", length + 3, 18);
1633 LOGP(DLAPDM, LOGL_INFO, "sending unit data\n");
1635 /* Remove RLL header from msgb */
1638 /* Push LAPDm header on msgb */
1639 msg->l2h = msgb_push(msg, 3);
1640 msg->l2h[0] = LAPDm_ADDR(LAPDm_LPD_NORMAL, sapi, CR_MS2BS_CMD);
1641 msg->l2h[1] = LAPDm_CTRL_U(LAPDm_U_UI, 0);
1642 msg->l2h[2] = LAPDm_LEN(length);
1643 // FIXME: short L2 header support
1646 return tx_ph_data_enqueue(dl, msg, chan_nr, link_id, n201);
1649 /* L3 requests transfer of acknowledged information */
1650 static int rslms_rx_rll_data_req(struct msgb *msg, struct lapdm_datalink *dl)
1652 struct abis_rsl_rll_hdr *rllh = msgb_l2(msg);
1653 struct tlv_parsed tv;
1655 rsl_tlv_parse(&tv, rllh->data, msgb_l2len(msg)-sizeof(*rllh));
1656 if (!TLVP_PRESENT(&tv, RSL_IE_L3_INFO)) {
1657 LOGP(DLAPDM, LOGL_ERROR, "data request without message error\n");
1662 LOGP(DLAPDM, LOGL_INFO, "writing message to send-queue\n");
1664 /* Remove the RSL/RLL header */
1667 /* Write data into the send queue */
1668 msgb_enqueue(&dl->send_queue, msg);
1670 /* Send message, if possible */
1671 rslms_send_i(&dl->mctx);
1675 /* Send next I frame from queued/buffered data */
1676 static int rslms_send_i(struct lapdm_msg_ctx *mctx)
1678 struct lapdm_datalink *dl = mctx->dl;
1679 uint8_t chan_nr = mctx->chan_nr;
1680 uint8_t link_id = mctx->link_id;
1681 uint8_t sapi = link_id & 7;
1682 int k = k_sapi[sapi];
1685 int rc = -1; /* we sent nothing */
1689 if (dl->peer_busy) {
1690 LOGP(DLAPDM, LOGL_INFO, "peer busy, not sending\n");
1694 if (dl->state == LAPDm_STATE_TIMER_RECOV) {
1695 LOGP(DLAPDM, LOGL_INFO, "timer recovery, not sending\n");
1699 /* If the send state variable V(S) is equal to V(A) plus k
1700 * (where k is the maximum number of outstanding I frames - see
1701 * subclause 5.8.4), the data link layer entity shall not transmit any
1702 * new I frames, but shall retransmit an I frame as a result
1703 * of the error recovery procedures as described in subclauses 5.5.4 and
1705 if (dl->V_send == add_mod8(dl->V_ack, k)) {
1706 LOGP(DLAPDM, LOGL_INFO, "k frames outstanding, not sending "
1707 "more (k=%u V(S)=%u V(A)=%u)\n", k, dl->V_send,
1712 /* if we have no tx_hist yet, we create it */
1713 if (!dl->tx_length[dl->V_send]) {
1714 /* Get next message into send-buffer, if any */
1715 if (!dl->send_buffer) {
1718 dl->send_buffer = msgb_dequeue(&dl->send_queue);
1719 /* No more data to be sent */
1720 if (!dl->send_buffer)
1722 LOGP(DLAPDM, LOGL_INFO, "get message from "
1726 /* How much is left in the send-buffer? */
1727 left = msgb_l3len(dl->send_buffer) - dl->send_out;
1728 /* Segment, if data exceeds N201 */
1730 if (length > mctx->n201 - 3)
1731 length = mctx->n201 - 3;
1732 printf("msg-len %d sent %d left %d N201 %d length %d first byte %02x\n", msgb_l3len(dl->send_buffer), dl->send_out, left, mctx->n201, length, dl->send_buffer->l3h[0]);
1733 /* If message in send-buffer is completely sent */
1735 msgb_free(dl->send_buffer);
1736 dl->send_buffer = NULL;
1740 LOGP(DLAPDM, LOGL_INFO, "send I frame %sV(S)=%d\n",
1741 (left > length) ? "segment " : "", dl->V_send);
1743 /* Create I frame (segment) and transmit-buffer content */
1744 msg = msgb_alloc_headroom(23+10, 10, "LAPDm I");
1745 msg->l2h = msgb_put(msg, 3 + length);
1746 msg->l2h[0] = LAPDm_ADDR(LAPDm_LPD_NORMAL, sapi, CR_MS2BS_CMD);
1747 msg->l2h[1] = LAPDm_CTRL_I(dl->V_recv, dl->V_send, 0);
1748 msg->l2h[2] = LAPDm_LEN(length);
1750 msg->l2h[2] |= LAPDm_MORE;
1751 memcpy(msg->l2h + 3, dl->send_buffer->l3h + dl->send_out,
1753 memcpy(dl->tx_hist[dl->V_send], msg->l2h, 3 + length);
1754 dl->tx_length[dl->V_send] = 3 + length;
1755 /* Add length to track how much is already in the tx buffer */
1756 dl->send_out += length;
1758 LOGP(DLAPDM, LOGL_INFO, "resend I frame from tx buffer "
1759 "V(S)=%d\n", dl->V_send);
1761 /* Create I frame (segment) from tx_hist */
1762 length = dl->tx_length[dl->V_send];
1763 msg = msgb_alloc_headroom(23+10, 10, "LAPDm I");
1764 msg->l2h = msgb_put(msg, length);
1765 memcpy(msg->l2h, dl->tx_hist[dl->V_send], length);
1766 msg->l2h[1] = LAPDm_CTRL_I(dl->V_recv, dl->V_send, 0);
1769 /* The value of the send state variable V(S) shall be incremented by 1
1770 * at the end of the transmission of the I frame */
1771 dl->V_send = inc_mod8(dl->V_send);
1773 /* If timer T200 is not running at the time right before transmitting a
1774 * frame, when the PH-READY-TO-SEND primitive is received from the
1775 * physical layer., it shall be set. */
1776 if (!bsc_timer_pending(&dl->t200))
1777 bsc_schedule_timer(&dl->t200, T200);
1779 tx_ph_data_enqueue(dl, msg, chan_nr, link_id, mctx->n201);
1781 rc = 0; /* we sent something */
1785 /* L3 requests suspension of data link */
1786 static int rslms_rx_rll_susp_req(struct msgb *msg, struct lapdm_datalink *dl)
1788 struct abis_rsl_rll_hdr *rllh = msgb_l2(msg);
1789 uint8_t sapi = rllh->link_id & 7;
1792 LOGP(DLAPDM, LOGL_ERROR, "SAPI != 0 while suspending\n");
1797 LOGP(DLAPDM, LOGL_INFO, "perform suspension\n");
1799 /* put back the send-buffer to the send-queue (first position) */
1800 if (dl->send_buffer) {
1801 llist_add(&dl->send_buffer->list, &dl->send_queue);
1802 dl->send_buffer = NULL;
1805 /* Clear transmit and send buffer, if any */
1806 lapdm_dl_flush_tx(dl);
1807 lapdm_dl_flush_send(dl);
1811 return send_rll_simple(RSL_MT_SUSP_CONF, &dl->mctx);
1814 /* L3 requests resume of data link */
1815 static int rslms_rx_rll_res_req(struct msgb *msg, struct lapdm_datalink *dl)
1817 struct abis_rsl_rll_hdr *rllh = msgb_l2(msg);
1818 uint8_t chan_nr = rllh->chan_nr;
1819 uint8_t link_id = rllh->link_id;
1820 uint8_t sapi = rllh->link_id & 7;
1821 struct tlv_parsed tv;
1823 uint8_t n201 = 23; //FIXME
1825 /* Set chan_nr and link_id for established connection */
1826 memset(&dl->mctx, 0, sizeof(dl->mctx));
1828 dl->mctx.n201 = n201;
1829 dl->mctx.chan_nr = chan_nr;
1830 dl->mctx.link_id = link_id;
1832 rsl_tlv_parse(&tv, rllh->data, msgb_l2len(msg)-sizeof(*rllh));
1833 if (!TLVP_PRESENT(&tv, RSL_IE_L3_INFO)) {
1834 LOGP(DLAPDM, LOGL_ERROR, "resume without message error\n");
1836 return send_rll_simple(RSL_MT_REL_IND, &dl->mctx);
1838 length = TLVP_LEN(&tv, RSL_IE_L3_INFO);
1840 LOGP(DLAPDM, LOGL_INFO, "perform re-establishment (SAMB)\n");
1842 /* Replace message in the send-buffer (reconnect) */
1843 if (dl->send_buffer)
1844 msgb_free(dl->send_buffer);
1845 dl->send_buffer = msg;
1847 /* Discard partly received L3 message */
1848 if (dl->rcv_buffer) {
1849 msgb_free(dl->rcv_buffer);
1850 dl->rcv_buffer = NULL;
1853 /* Create new msgb (old one is now free) */
1854 msg = msgb_alloc_headroom(23+10, 10, "LAPDm SABM");
1855 msg->l2h = msgb_put(msg, 3);
1856 msg->l2h[0] = LAPDm_ADDR(LAPDm_LPD_NORMAL, sapi, CR_MS2BS_CMD);
1857 msg->l2h[1] = LAPDm_CTRL_U(LAPDm_U_SABM, 1);
1858 msg->l2h[2] = LAPDm_LEN(0);
1859 /* Transmit-buffer carries exactly one segment */
1860 memcpy(dl->tx_hist[0], msg->l2h, 3);
1861 dl->tx_length[0] = 3;
1864 dl->own_busy = dl->peer_busy = 0;
1865 dl->retrans_ctr = 0;
1866 lapdm_dl_newstate(dl, LAPDm_STATE_SABM_SENT);
1868 /* Tramsmit and start T200 */
1869 bsc_schedule_timer(&dl->t200, T200);
1870 return tx_ph_data_enqueue(dl, msg, chan_nr, link_id, n201);
1873 /* L3 requests release of data link */
1874 static int rslms_rx_rll_rel_req(struct msgb *msg, struct lapdm_datalink *dl)
1876 struct abis_rsl_rll_hdr *rllh = msgb_l2(msg);
1877 uint8_t chan_nr = rllh->chan_nr;
1878 uint8_t link_id = rllh->link_id;
1879 uint8_t sapi = rllh->link_id & 7;
1882 /* get release mode */
1883 if (rllh->data[0] == RSL_IE_RELEASE_MODE)
1884 mode = rllh->data[1] & 1;
1888 LOGP(DLAPDM, LOGL_INFO, "perform local release\n");
1890 /* reset Timer T200 */
1891 bsc_del_timer(&dl->t200);
1892 /* enter idle state */
1893 lapdm_dl_newstate(dl, LAPDm_STATE_IDLE);
1894 /* send notification to L3 */
1895 return send_rll_simple(RSL_MT_REL_CONF, &dl->mctx);
1897 LOGP(DLAPDM, LOGL_INFO, "perform normal release (DISC)\n");
1899 /* Create new msgb */
1902 /* Push LAPDm header on msgb */
1903 msg->l2h = msgb_push(msg, 3);
1904 msg->l2h[0] = LAPDm_ADDR(LAPDm_LPD_NORMAL, sapi, CR_MS2BS_CMD);
1905 msg->l2h[1] = LAPDm_CTRL_U(LAPDm_U_DISC, 1);
1906 msg->l2h[2] = LAPDm_LEN(0);
1907 /* Transmit-buffer carries exactly one segment */
1908 memcpy(dl->tx_hist[0], msg->l2h, 3);
1909 dl->tx_length[0] = 3;
1912 dl->own_busy = dl->peer_busy = 0;
1913 dl->retrans_ctr = 0;
1914 lapdm_dl_newstate(dl, LAPDm_STATE_DISC_SENT);
1916 /* Tramsmit and start T200 */
1917 bsc_schedule_timer(&dl->t200, T200);
1918 return tx_ph_data_enqueue(dl, msg, chan_nr, link_id, dl->mctx.n201);
1921 /* L3 requests release in idle state */
1922 static int rslms_rx_rll_rel_req_idle(struct msgb *msg, struct lapdm_datalink *dl)
1926 /* send notification to L3 */
1927 return send_rll_simple(RSL_MT_REL_CONF, &dl->mctx);
1930 /* Names for Radio Link Layer Management */
1931 static const struct value_string rsl_msg_names[] = {
1932 { RSL_MT_DATA_REQ, "RSL_MT_DATA_REQ" },
1933 { RSL_MT_DATA_IND, "RSL_MT_DATA_IND" },
1934 { RSL_MT_ERROR_IND, "RSL_MT_ERROR_IND" },
1935 { RSL_MT_EST_REQ, "RSL_MT_EST_REQ" },
1936 { RSL_MT_EST_CONF, "RSL_MT_EST_CONF" },
1937 { RSL_MT_EST_IND, "RSL_MT_EST_IND" },
1938 { RSL_MT_EST_IND, "RSL_MT_REL_REQ" },
1939 { RSL_MT_REL_REQ, "RSL_MT_REL_REQ" },
1940 { RSL_MT_REL_CONF, "RSL_MT_REL_CONF" },
1941 { RSL_MT_REL_IND, "RSL_MT_REL_IND" },
1942 { RSL_MT_UNIT_DATA_REQ, "RSL_MT_UNIT_DATA_REQ" },
1943 { RSL_MT_UNIT_DATA_IND, "RSL_MT_UNIT_DATA_IND" },
1944 { RSL_MT_SUSP_REQ, "RSL_MT_SUSP_REQ" },
1945 { RSL_MT_SUSP_CONF, "RSL_MT_SUSP_CONF" },
1946 { RSL_MT_RES_REQ, "RSL_MT_RES_REQ" },
1947 { RSL_MT_RECON_REQ, "RSL_MT_RECON_REQ" },
1951 const char *get_rsl_name(int value)
1953 return get_value_string(rsl_msg_names, value);
1956 const char *lapdm_state_names[] = {
1959 "LAPDm_STATE_SABM_SENT",
1960 "LAPDm_STATE_MF_EST",
1961 "LAPDm_STATE_TIMER_RECOV",
1962 "LAPDm_STATE_OWN_RCVR_BUSY"
1965 /* statefull handling for RSLms RLL messages from L3 */
1966 static struct l2downstate {
1969 int (*rout) (struct msgb *msg, struct lapdm_datalink *dl);
1970 } l2downstatelist[] = {
1971 /* create and send UI command */
1973 RSL_MT_UNIT_DATA_REQ, rslms_rx_rll_udata_req},
1975 /* create and send SABM command */
1976 {SBIT(LAPDm_STATE_IDLE),
1977 RSL_MT_EST_REQ, rslms_rx_rll_est_req},
1979 /* create and send I command */
1980 {SBIT(LAPDm_STATE_MF_EST) |
1981 SBIT(LAPDm_STATE_TIMER_RECOV),
1982 RSL_MT_DATA_REQ, rslms_rx_rll_data_req},
1984 /* suspend datalink */
1985 {SBIT(LAPDm_STATE_MF_EST) |
1986 SBIT(LAPDm_STATE_TIMER_RECOV),
1987 RSL_MT_SUSP_REQ, rslms_rx_rll_susp_req},
1989 /* create and send SABM command (resume) */
1990 {SBIT(LAPDm_STATE_MF_EST) |
1991 SBIT(LAPDm_STATE_TIMER_RECOV),
1992 RSL_MT_RES_REQ, rslms_rx_rll_res_req},
1994 /* create and send SABM command (reconnect) */
1995 {SBIT(LAPDm_STATE_MF_EST) |
1996 SBIT(LAPDm_STATE_TIMER_RECOV),
1997 RSL_MT_RECON_REQ, rslms_rx_rll_res_req},
1999 /* create and send DISC command */
2000 {SBIT(LAPDm_STATE_SABM_SENT) |
2001 SBIT(LAPDm_STATE_MF_EST) |
2002 SBIT(LAPDm_STATE_TIMER_RECOV),
2003 RSL_MT_REL_REQ, rslms_rx_rll_rel_req},
2005 /* release in idle state */
2006 {SBIT(LAPDm_STATE_IDLE),
2007 RSL_MT_REL_REQ, rslms_rx_rll_rel_req_idle},
2009 /* FIXME: create and send DISC command */
2012 #define L2DOWNSLLEN \
2013 (sizeof(l2downstatelist) / sizeof(struct l2downstate))
2015 /* incoming RSLms RLL message from L3 */
2016 static int rslms_rx_rll(struct msgb *msg, struct osmocom_ms *ms)
2018 struct abis_rsl_rll_hdr *rllh = msgb_l2(msg);
2019 int msg_type = rllh->c.msg_type;
2020 uint8_t sapi = rllh->link_id & 7;
2021 struct lapdm_entity *le;
2022 struct lapdm_datalink *dl;
2023 int i, supported = 0;
2026 if (rllh->link_id & 0x40)
2027 le = &ms->l2_entity.lapdm_acch;
2029 le = &ms->l2_entity.lapdm_dcch;
2031 /* G.2.1 No action schall be taken on frames containing an unallocated
2034 dl = datalink_for_sapi(le, sapi);
2036 LOGP(DRSL, LOGL_ERROR, "No instance for SAPI %d!\n", sapi);
2040 LOGP(DRSL, LOGL_INFO, "(ms %s) RLL Message '%s' received in state %s\n",
2041 ms->name, get_rsl_name(msg_type), lapdm_state_names[dl->state]);
2043 /* find function for current state and message */
2044 for (i = 0; i < L2DOWNSLLEN; i++) {
2045 if (msg_type == l2downstatelist[i].type)
2047 if ((msg_type == l2downstatelist[i].type)
2048 && ((1 << dl->state) & l2downstatelist[i].states))
2052 LOGP(DRSL, LOGL_NOTICE, "Message unsupported.\n");
2056 if (i == L2DOWNSLLEN) {
2057 LOGP(DRSL, LOGL_NOTICE, "Message unhandled at this state.\n");
2062 rc = l2downstatelist[i].rout(msg, dl);
2067 /* input into layer2 (from layer 3) */
2068 int rslms_recvmsg(struct msgb *msg, struct osmocom_ms *ms)
2070 struct abis_rsl_common_hdr *rslh = msgb_l2(msg);
2073 switch (rslh->msg_discr & 0xfe) {
2074 case ABIS_RSL_MDISC_RLL:
2075 rc = rslms_rx_rll(msg, ms);
2078 LOGP(DRSL, LOGL_ERROR, "unknown RSLms message "
2079 "discriminator 0x%02x", rslh->msg_discr);
2087 /* input function that L2 calls when sending messages up to L3 */
2088 int rslms_sendmsg(struct msgb *msg, struct osmocom_ms *ms)
2090 if (!ms->l2_entity.msg_handler) {
2095 /* call the layer2 message handler that is registered */
2096 return ms->l2_entity.msg_handler(msg, ms);
2099 /* register message handler for messages that are sent from L2->L3 */
2100 int osmol2_register_handler(struct osmocom_ms *ms, osmol2_cb_t cb)
2102 ms->l2_entity.msg_handler = cb;
projects / osmocom-bb.git / blob