src/gsm/gsm48.c

   1 /* GSM Mobile Radio Interface Layer 3 messages
   2  * 3GPP TS 04.08 version 7.21.0 Release 1998 / ETSI TS 100 940 V7.21.0 */
   3
   4 /* (C) 2008-2010 by Harald Welte <laforge@gnumonks.org>
   5  * (C) 2008, 2009 by Holger Hans Peter Freyther <zecke@selfish.org>
   6  *
   7  * All Rights Reserved
   8  *
   9  * This program is free software; you can redistribute it and/or modify
  10  * it under the terms of the GNU General Public License as published by
  11  * the Free Software Foundation; either version 2 of the License, or
  12  * (at your option) any later version.
  13  *
  14  * This program is distributed in the hope that it will be useful,
  15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17  * GNU General Public License for more details.
  18  *
  19  * You should have received a copy of the GNU General Public License along
  20  * with this program; if not, write to the Free Software Foundation, Inc.,
  21  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  22  *
  23  */
  24
  25 #include <stdint.h>
  26 #include <stdio.h>
  27 #include <string.h>
  28
  29 #include <arpa/inet.h>
  30
  31 #include <osmocom/core/utils.h>
  32 #include <osmocom/gsm/tlv.h>
  33 #include <osmocom/gsm/gsm48.h>
  34 #include <osmocom/gsm/gsm0502.h>
  35
  36 #include <osmocom/gsm/protocol/gsm_04_08.h>
  37 #include <osmocom/gsm/protocol/gsm_08_58.h>
  38
  39 const struct tlv_definition gsm48_att_tlvdef = {
  40         .def = {
  41                 [GSM48_IE_MOBILE_ID]    = { TLV_TYPE_TLV },
  42                 [GSM48_IE_NAME_LONG]    = { TLV_TYPE_TLV },
  43                 [GSM48_IE_NAME_SHORT]   = { TLV_TYPE_TLV },
  44                 [GSM48_IE_UTC]          = { TLV_TYPE_TV },
  45                 [GSM48_IE_NET_TIME_TZ]  = { TLV_TYPE_FIXED, 7 },
  46                 [GSM48_IE_LSA_IDENT]    = { TLV_TYPE_TLV },
  47
  48                 [GSM48_IE_BEARER_CAP]   = { TLV_TYPE_TLV },
  49                 [GSM48_IE_CAUSE]        = { TLV_TYPE_TLV },
  50                 [GSM48_IE_CC_CAP]       = { TLV_TYPE_TLV },
  51                 [GSM48_IE_ALERT]        = { TLV_TYPE_TLV },
  52                 [GSM48_IE_FACILITY]     = { TLV_TYPE_TLV },
  53                 [GSM48_IE_PROGR_IND]    = { TLV_TYPE_TLV },
  54                 [GSM48_IE_AUX_STATUS]   = { TLV_TYPE_TLV },
  55                 [GSM48_IE_NOTIFY]       = { TLV_TYPE_TV },
  56                 [GSM48_IE_KPD_FACILITY] = { TLV_TYPE_TV },
  57                 [GSM48_IE_SIGNAL]       = { TLV_TYPE_TV },
  58                 [GSM48_IE_CONN_BCD]     = { TLV_TYPE_TLV },
  59                 [GSM48_IE_CONN_SUB]     = { TLV_TYPE_TLV },
  60                 [GSM48_IE_CALLING_BCD]  = { TLV_TYPE_TLV },
  61                 [GSM48_IE_CALLING_SUB]  = { TLV_TYPE_TLV },
  62                 [GSM48_IE_CALLED_BCD]   = { TLV_TYPE_TLV },
  63                 [GSM48_IE_CALLED_SUB]   = { TLV_TYPE_TLV },
  64                 [GSM48_IE_REDIR_BCD]    = { TLV_TYPE_TLV },
  65                 [GSM48_IE_REDIR_SUB]    = { TLV_TYPE_TLV },
  66                 [GSM48_IE_LOWL_COMPAT]  = { TLV_TYPE_TLV },
  67                 [GSM48_IE_HIGHL_COMPAT] = { TLV_TYPE_TLV },
  68                 [GSM48_IE_USER_USER]    = { TLV_TYPE_TLV },
  69                 [GSM48_IE_SS_VERS]      = { TLV_TYPE_TLV },
  70                 [GSM48_IE_MORE_DATA]    = { TLV_TYPE_T },
  71                 [GSM48_IE_CLIR_SUPP]    = { TLV_TYPE_T },
  72                 [GSM48_IE_CLIR_INVOC]   = { TLV_TYPE_T },
  73                 [GSM48_IE_REV_C_SETUP]  = { TLV_TYPE_T },
  74                 [GSM48_IE_REPEAT_CIR]   = { TLV_TYPE_T },
  75                 [GSM48_IE_REPEAT_SEQ]   = { TLV_TYPE_T },
  76                 /* FIXME: more elements */
  77         },
  78 };
  79
  80 /* RR elements */
  81 const struct tlv_definition gsm48_rr_att_tlvdef = {
  82         .def = {
  83                 /* NOTE: Don't add IE 17 = MOBILE_ID here, it already used. */
  84                 [GSM48_IE_VGCS_TARGET]          = { TLV_TYPE_TLV },
  85                 [GSM48_IE_FRQSHORT_AFTER]       = { TLV_TYPE_FIXED, 9 },
  86                 [GSM48_IE_MUL_RATE_CFG]         = { TLV_TYPE_TLV },
  87                 [GSM48_IE_FREQ_L_AFTER]         = { TLV_TYPE_TLV },
  88                 [GSM48_IE_MSLOT_DESC]           = { TLV_TYPE_TLV },
  89                 [GSM48_IE_CHANMODE_2]           = { TLV_TYPE_TV },
  90                 [GSM48_IE_FRQSHORT_BEFORE]      = { TLV_TYPE_FIXED, 9 },
  91                 [GSM48_IE_CHANMODE_3]           = { TLV_TYPE_TV },
  92                 [GSM48_IE_CHANMODE_4]           = { TLV_TYPE_TV },
  93                 [GSM48_IE_CHANMODE_5]           = { TLV_TYPE_TV },
  94                 [GSM48_IE_CHANMODE_6]           = { TLV_TYPE_TV },
  95                 [GSM48_IE_CHANMODE_7]           = { TLV_TYPE_TV },
  96                 [GSM48_IE_CHANMODE_8]           = { TLV_TYPE_TV },
  97                 [GSM48_IE_FREQ_L_BEFORE]        = { TLV_TYPE_TLV },
  98                 [GSM48_IE_CH_DESC_1_BEFORE]     = { TLV_TYPE_FIXED, 3 },
  99                 [GSM48_IE_CH_DESC_2_BEFORE]     = { TLV_TYPE_FIXED, 3 },
 100                 [GSM48_IE_F_CH_SEQ_BEFORE]      = { TLV_TYPE_FIXED, 9 },
 101                 [GSM48_IE_CLASSMARK3]           = { TLV_TYPE_TLV },
 102                 [GSM48_IE_MA_BEFORE]            = { TLV_TYPE_TLV },
 103                 [GSM48_IE_RR_PACKET_UL]         = { TLV_TYPE_TLV },
 104                 [GSM48_IE_RR_PACKET_DL]         = { TLV_TYPE_TLV },
 105                 [GSM48_IE_CELL_CH_DESC]         = { TLV_TYPE_FIXED, 16 },
 106                 [GSM48_IE_CHANMODE_1]           = { TLV_TYPE_TV },
 107                 [GSM48_IE_CHDES_2_AFTER]        = { TLV_TYPE_FIXED, 3 },
 108                 [GSM48_IE_MODE_SEC_CH]          = { TLV_TYPE_TV },
 109                 [GSM48_IE_F_CH_SEQ_AFTER]               = { TLV_TYPE_FIXED, 9 },
 110                 [GSM48_IE_MA_AFTER]             = { TLV_TYPE_TLV },
 111                 [GSM48_IE_BA_RANGE]             = { TLV_TYPE_TLV },
 112                 [GSM48_IE_GROUP_CHDES]          = { TLV_TYPE_TLV },
 113                 [GSM48_IE_BA_LIST_PREF]         = { TLV_TYPE_TLV },
 114                 [GSM48_IE_MOB_OVSERV_DIF]       = { TLV_TYPE_TLV },
 115                 [GSM48_IE_REALTIME_DIFF]        = { TLV_TYPE_TLV },
 116                 [GSM48_IE_START_TIME]           = { TLV_TYPE_FIXED, 2 },
 117                 [GSM48_IE_TIMING_ADVANCE]       = { TLV_TYPE_TV },
 118                 [GSM48_IE_GROUP_CIP_SEQ]        = { TLV_TYPE_SINGLE_TV },
 119                 [GSM48_IE_CIP_MODE_SET]         = { TLV_TYPE_SINGLE_TV },
 120                 [GSM48_IE_GPRS_RESUMPT]         = { TLV_TYPE_SINGLE_TV },
 121                 [GSM48_IE_SYNC_IND]             = { TLV_TYPE_SINGLE_TV },
 122         },
 123 };
 124
 125 /* MM elements */
 126 const struct tlv_definition gsm48_mm_att_tlvdef = {
 127         .def = {
 128                 [GSM48_IE_MOBILE_ID]            = { TLV_TYPE_TLV },
 129                 [GSM48_IE_NAME_LONG]            = { TLV_TYPE_TLV },
 130                 [GSM48_IE_NAME_SHORT]           = { TLV_TYPE_TLV },
 131                 [GSM48_IE_UTC]                  = { TLV_TYPE_TV },
 132                 [GSM48_IE_NET_TIME_TZ]          = { TLV_TYPE_FIXED, 7 },
 133                 [GSM48_IE_LSA_IDENT]            = { TLV_TYPE_TLV },
 134
 135                 [GSM48_IE_LOCATION_AREA]        = { TLV_TYPE_FIXED, 5 },
 136                 [GSM48_IE_PRIORITY_LEV]         = { TLV_TYPE_SINGLE_TV },
 137                 [GSM48_IE_FOLLOW_ON_PROC]       = { TLV_TYPE_T },
 138                 [GSM48_IE_CTS_PERMISSION]       = { TLV_TYPE_T },
 139         },
 140 };
 141
 142 static const struct value_string rr_cause_names[] = {
 143         { GSM48_RR_CAUSE_NORMAL,                "Normal event" },
 144         { GSM48_RR_CAUSE_ABNORMAL_UNSPEC,       "Abnormal release, unspecified" },
 145         { GSM48_RR_CAUSE_ABNORMAL_UNACCT,       "Abnormal release, channel unacceptable" },
 146         { GSM48_RR_CAUSE_ABNORMAL_TIMER,        "Abnormal release, timer expired" },
 147         { GSM48_RR_CAUSE_ABNORMAL_NOACT,        "Abnormal release, no activity on radio path" },
 148         { GSM48_RR_CAUSE_PREMPTIVE_REL,         "Preemptive release" },
 149         { GSM48_RR_CAUSE_HNDOVER_IMP,           "Handover impossible, timing advance out of range" },
 150         { GSM48_RR_CAUSE_CHAN_MODE_UNACCT,      "Channel mode unacceptable" },
 151         { GSM48_RR_CAUSE_FREQ_NOT_IMPL,         "Frequency not implemented" },
 152         { GSM48_RR_CAUSE_CALL_CLEARED,          "Call already cleared" },
 153         { GSM48_RR_CAUSE_SEMANT_INCORR,         "Semantically incorrect message" },
 154         { GSM48_RR_CAUSE_INVALID_MAND_INF,      "Invalid mandatory information" },
 155         { GSM48_RR_CAUSE_MSG_TYPE_N,            "Message type non-existant or not implemented" },
 156         { GSM48_RR_CAUSE_MSG_TYPE_N_COMPAT,     "Message type not compatible with protocol state" },
 157         { GSM48_RR_CAUSE_COND_IE_ERROR,         "Conditional IE error" },
 158         { GSM48_RR_CAUSE_NO_CELL_ALLOC_A,       "No cell allocation available" },
 159         { GSM48_RR_CAUSE_PROT_ERROR_UNSPC,      "Protocol error unspecified" },
 160         { 0,                                    NULL },
 161 };
 162
 163 /* FIXME: convert to value_string */
 164 static const char *cc_state_names[32] = {
 165         "NULL",
 166         "INITIATED",
 167         "MM_CONNECTION_PEND",
 168         "MO_CALL_PROC",
 169         "CALL_DELIVERED",
 170         "illegal state 5",
 171         "CALL_PRESENT",
 172         "CALL_RECEIVED",
 173         "CONNECT_REQUEST",
 174         "MO_TERM_CALL_CONF",
 175         "ACTIVE",
 176         "DISCONNECT_REQ",
 177         "DISCONNECT_IND",
 178         "illegal state 13",
 179         "illegal state 14",
 180         "illegal state 15",
 181         "illegal state 16",
 182         "illegal state 17",
 183         "illegal state 18",
 184         "RELEASE_REQ",
 185         "illegal state 20",
 186         "illegal state 21",
 187         "illegal state 22",
 188         "illegal state 23",
 189         "illegal state 24",
 190         "illegal state 25",
 191         "MO_ORIG_MODIFY",
 192         "MO_TERM_MODIFY",
 193         "CONNECT_IND",
 194         "illegal state 29",
 195         "illegal state 30",
 196         "illegal state 31",
 197 };
 198
 199 const char *gsm48_cc_state_name(uint8_t state)
 200 {
 201         if (state < ARRAY_SIZE(cc_state_names))
 202                 return cc_state_names[state];
 203
 204         return "invalid";
 205 }
 206
 207 static const struct value_string cc_msg_names[] = {
 208         { GSM48_MT_CC_ALERTING,         "ALERTING" },
 209         { GSM48_MT_CC_CALL_PROC,        "CALL_PROC" },
 210         { GSM48_MT_CC_PROGRESS,         "PROGRESS" },
 211         { GSM48_MT_CC_ESTAB,            "ESTAB" },
 212         { GSM48_MT_CC_SETUP,            "SETUP" },
 213         { GSM48_MT_CC_ESTAB_CONF,       "ESTAB_CONF" },
 214         { GSM48_MT_CC_CONNECT,          "CONNECT" },
 215         { GSM48_MT_CC_CALL_CONF,        "CALL_CONF" },
 216         { GSM48_MT_CC_START_CC,         "START_CC" },
 217         { GSM48_MT_CC_RECALL,           "RECALL" },
 218         { GSM48_MT_CC_EMERG_SETUP,      "EMERG_SETUP" },
 219         { GSM48_MT_CC_CONNECT_ACK,      "CONNECT_ACK" },
 220         { GSM48_MT_CC_USER_INFO,        "USER_INFO" },
 221         { GSM48_MT_CC_MODIFY_REJECT,    "MODIFY_REJECT" },
 222         { GSM48_MT_CC_MODIFY,           "MODIFY" },
 223         { GSM48_MT_CC_HOLD,             "HOLD" },
 224         { GSM48_MT_CC_HOLD_ACK,         "HOLD_ACK" },
 225         { GSM48_MT_CC_HOLD_REJ,         "HOLD_REJ" },
 226         { GSM48_MT_CC_RETR,             "RETR" },
 227         { GSM48_MT_CC_RETR_ACK,         "RETR_ACK" },
 228         { GSM48_MT_CC_RETR_REJ,         "RETR_REJ" },
 229         { GSM48_MT_CC_MODIFY_COMPL,     "MODIFY_COMPL" },
 230         { GSM48_MT_CC_DISCONNECT,       "DISCONNECT" },
 231         { GSM48_MT_CC_RELEASE_COMPL,    "RELEASE_COMPL" },
 232         { GSM48_MT_CC_RELEASE,          "RELEASE" },
 233         { GSM48_MT_CC_STOP_DTMF,        "STOP_DTMF" },
 234         { GSM48_MT_CC_STOP_DTMF_ACK,    "STOP_DTMF_ACK" },
 235         { GSM48_MT_CC_STATUS_ENQ,       "STATUS_ENQ" },
 236         { GSM48_MT_CC_START_DTMF,       "START_DTMF" },
 237         { GSM48_MT_CC_START_DTMF_ACK,   "START_DTMF_ACK" },
 238         { GSM48_MT_CC_START_DTMF_REJ,   "START_DTMF_REJ" },
 239         { GSM48_MT_CC_CONG_CTRL,        "CONG_CTRL" },
 240         { GSM48_MT_CC_FACILITY,         "FACILITY" },
 241         { GSM48_MT_CC_STATUS,           "STATUS" },
 242         { GSM48_MT_CC_NOTIFY,           "NOTFIY" },
 243         { 0,                            NULL }
 244 };
 245
 246 const char *gsm48_cc_msg_name(uint8_t msgtype)
 247 {
 248         return get_value_string(cc_msg_names, msgtype);
 249 }
 250
 251 const char *rr_cause_name(uint8_t cause)
 252 {
 253         return get_value_string(rr_cause_names, cause);
 254 }
 255
 256 static void to_bcd(uint8_t *bcd, uint16_t val)
 257 {
 258         bcd[2] = val % 10;
 259         val = val / 10;
 260         bcd[1] = val % 10;
 261         val = val / 10;
 262         bcd[0] = val % 10;
 263         val = val / 10;
 264 }
 265
 266 void gsm48_generate_lai(struct gsm48_loc_area_id *lai48, uint16_t mcc,
 267                         uint16_t mnc, uint16_t lac)
 268 {
 269         uint8_t bcd[3];
 270
 271         to_bcd(bcd, mcc);
 272         lai48->digits[0] = bcd[0] | (bcd[1] << 4);
 273         lai48->digits[1] = bcd[2];
 274
 275         to_bcd(bcd, mnc);
 276         /* FIXME: do we need three-digit MNC? See Table 10.5.3 */
 277         if (mnc > 99) {
 278                 lai48->digits[1] |= bcd[2] << 4;
 279                 lai48->digits[2] = bcd[0] | (bcd[1] << 4);
 280         } else {
 281                 lai48->digits[1] |= 0xf << 4;
 282                 lai48->digits[2] = bcd[1] | (bcd[2] << 4);
 283         }
 284
 285         lai48->lac = htons(lac);
 286 }
 287
 288 int gsm48_generate_mid_from_tmsi(uint8_t *buf, uint32_t tmsi)
 289 {
 290         uint32_t *tptr = (uint32_t *) &buf[3];
 291
 292         buf[0] = GSM48_IE_MOBILE_ID;
 293         buf[1] = GSM48_TMSI_LEN;
 294         buf[2] = 0xf0 | GSM_MI_TYPE_TMSI;
 295         *tptr = htonl(tmsi);
 296
 297         return 7;
 298 }
 299
 300 int gsm48_generate_mid_from_imsi(uint8_t *buf, const char *imsi)
 301 {
 302         unsigned int length = strlen(imsi), i, off = 0;
 303         uint8_t odd = (length & 0x1) == 1;
 304
 305         buf[0] = GSM48_IE_MOBILE_ID;
 306         buf[2] = osmo_char2bcd(imsi[0]) << 4 | GSM_MI_TYPE_IMSI | (odd << 3);
 307
 308         /* if the length is even we will fill half of the last octet */
 309         if (odd)
 310                 buf[1] = (length + 1) >> 1;
 311         else
 312                 buf[1] = (length + 2) >> 1;
 313
 314         for (i = 1; i < buf[1]; ++i) {
 315                 uint8_t lower, upper;
 316
 317                 lower = osmo_char2bcd(imsi[++off]);
 318                 if (!odd && off + 1 == length)
 319                         upper = 0x0f;
 320                 else
 321                         upper = osmo_char2bcd(imsi[++off]) & 0x0f;
 322
 323                 buf[2 + i] = (upper << 4) | lower;
 324         }
 325
 326         return 2 + buf[1];
 327 }
 328
 329 /* Convert Mobile Identity (10.5.1.4) to string */
 330 int gsm48_mi_to_string(char *string, const int str_len, const uint8_t *mi,
 331                        const int mi_len)
 332 {
 333         int i;
 334         uint8_t mi_type;
 335         char *str_cur = string;
 336         uint32_t tmsi;
 337
 338         mi_type = mi[0] & GSM_MI_TYPE_MASK;
 339
 340         switch (mi_type) {
 341         case GSM_MI_TYPE_NONE:
 342                 break;
 343         case GSM_MI_TYPE_TMSI:
 344                 /* Table 10.5.4.3, reverse generate_mid_from_tmsi */
 345                 if (mi_len == GSM48_TMSI_LEN && mi[0] == (0xf0 | GSM_MI_TYPE_TMSI)) {
 346                         memcpy(&tmsi, &mi[1], 4);
 347                         tmsi = ntohl(tmsi);
 348                         return snprintf(string, str_len, "%u", tmsi);
 349                 }
 350                 break;
 351         case GSM_MI_TYPE_IMSI:
 352         case GSM_MI_TYPE_IMEI:
 353         case GSM_MI_TYPE_IMEISV:
 354                 *str_cur++ = osmo_bcd2char(mi[0] >> 4);
 355
 356                 for (i = 1; i < mi_len; i++) {
 357                         if (str_cur + 2 >= string + str_len)
 358                                 return str_cur - string;
 359                         *str_cur++ = osmo_bcd2char(mi[i] & 0xf);
 360                         /* skip last nibble in last input byte when GSM_EVEN */
 361                         if( (i != mi_len-1) || (mi[0] & GSM_MI_ODD))
 362                                 *str_cur++ = osmo_bcd2char(mi[i] >> 4);
 363                 }
 364                 break;
 365         default:
 366                 break;
 367         }
 368         *str_cur++ = '\0';
 369
 370         return str_cur - string;
 371 }
 372
 373 void gsm48_parse_ra(struct gprs_ra_id *raid, const uint8_t *buf)
 374 {
 375         raid->mcc = (buf[0] & 0xf) * 100;
 376         raid->mcc += (buf[0] >> 4) * 10;
 377         raid->mcc += (buf[1] & 0xf) * 1;
 378
 379         /* I wonder who came up with the stupidity of encoding the MNC
 380          * differently depending on how many digits its decimal number has! */
 381         if ((buf[1] >> 4) == 0xf) {
 382                 raid->mnc = (buf[2] & 0xf) * 10;
 383                 raid->mnc += (buf[2] >> 4) * 1;
 384         } else {
 385                 raid->mnc = (buf[2] & 0xf) * 100;
 386                 raid->mnc += (buf[2] >> 4) * 10;
 387                 raid->mnc += (buf[1] >> 4) * 1;
 388         }
 389
 390         raid->lac = ntohs(*(uint16_t *)(buf + 3));
 391         raid->rac = buf[5];
 392 }
 393
 394 int gsm48_construct_ra(uint8_t *buf, const struct gprs_ra_id *raid)
 395 {
 396         uint16_t mcc = raid->mcc;
 397         uint16_t mnc = raid->mnc;
 398
 399         buf[0] = ((mcc / 100) % 10) | (((mcc / 10) % 10) << 4);
 400         buf[1] = (mcc % 10);
 401
 402         /* I wonder who came up with the stupidity of encoding the MNC
 403          * differently depending on how many digits its decimal number has! */
 404         if (mnc < 100) {
 405                 buf[1] |= 0xf0;
 406                 buf[2] = ((mnc / 10) % 10) | ((mnc % 10) << 4);
 407         } else {
 408                 buf[1] |= (mnc % 10) << 4;
 409                 buf[2] = ((mnc / 100) % 10) | (((mcc / 10) % 10) << 4);
 410         }
 411
 412         *(uint16_t *)(buf+3) = htons(raid->lac);
 413
 414         buf[5] = raid->rac;
 415
 416         return 6;
 417 }
 418
 419 /* From Table 10.5.33 of GSM 04.08 */
 420 int gsm48_number_of_paging_subchannels(struct gsm48_control_channel_descr *chan_desc)
 421 {
 422         unsigned int n_pag_blocks = gsm0502_get_n_pag_blocks(chan_desc);
 423
 424         if (chan_desc->ccch_conf == RSL_BCCH_CCCH_CONF_1_C)
 425                 return OSMO_MAX(1, n_pag_blocks) * (chan_desc->bs_pa_mfrms + 2);
 426         else
 427                 return n_pag_blocks * (chan_desc->bs_pa_mfrms + 2);
 428 }