acouzens
/
open5gs
1
0
Fork 1
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Fix the crash bug for #551

This commit is contained in:
Sukchan Lee 2020-09-22 14:03:45 -04:00
parent ede4282389
commit ff642e0f3a
8 changed files with 153 additions and 1175 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1109
src/amf/ngap-handler.c
View File

File diff suppressed because it is too large Load Diff

22
src/mme/esm-build.c
View File

@ -127,6 +127,17 @@ ogs_pkbuf_t *esm_build_activate_default_bearer_context_request(
return NULL;
}
/* CHECK PDN_TYPE */
if (pdn->paa.pdn_type == OGS_GTP_PDN_TYPE_IPV4) {
/* Nothing */
} else if (pdn->paa.pdn_type == OGS_GTP_PDN_TYPE_IPV6) {
/* Nothing */
} else if (pdn->paa.pdn_type == OGS_GTP_PDN_TYPE_IPV4V6) {
/* Nothing */
} else {
ogs_error("Unknown PDN Type %u", pdn->paa.pdn_type);
}
ogs_debug("[ESM] Activate default bearer context request");
ogs_debug(" IMSI[%s] PTI[%d] EBI[%d]",
mme_ue->imsi_bcd, sess->pti, bearer->ebi);
@ -168,6 +179,17 @@ ogs_pkbuf_t *esm_build_activate_default_bearer_context_request(
* included in the ACTIVATE DEFAULT EPS BEARER CONTEXT REQUEST message.
*/
/* CHECK PDN_TYPE */
if (pdn->paa.pdn_type == OGS_GTP_PDN_TYPE_IPV4) {
/* Nothing */
} else if (pdn->paa.pdn_type == OGS_GTP_PDN_TYPE_IPV6) {
/* Nothing */
} else if (pdn->paa.pdn_type == OGS_GTP_PDN_TYPE_IPV4V6) {
/* Nothing */
} else {
ogs_error("Unknown PDN Type %u", pdn->paa.pdn_type);
}
pdn_address->pdn_type = pdn->paa.pdn_type;
if (sess->request_type.type == OGS_NAS_EPS_PDN_TYPE_IPV4V6) {
if (pdn->paa.pdn_type == OGS_GTP_PDN_TYPE_IPV4) {

38
src/mme/mme-s11-handler.c
View File

@ -100,6 +100,7 @@ void mme_s11_handle_create_session_response(
cause_value = OGS_GTP_CAUSE_MANDATORY_IE_MISSING;
}
/* CHECK PDN_TYPE */
if (rsp->pdn_address_allocation.presence) {
ogs_paa_t paa;
@ -159,6 +160,17 @@ void mme_s11_handle_create_session_response(
pdn = sess->pdn;
ogs_assert(pdn);
/* CHECK PDN_TYPE */
if (pdn->paa.pdn_type == OGS_GTP_PDN_TYPE_IPV4) {
/* Nothing */
} else if (pdn->paa.pdn_type == OGS_GTP_PDN_TYPE_IPV6) {
/* Nothing */
} else if (pdn->paa.pdn_type == OGS_GTP_PDN_TYPE_IPV4V6) {
/* Nothing */
} else {
ogs_error("Unknown PDN Type %u", pdn->paa.pdn_type);
}
/* Control Plane(UL) : SGW-S11 */
sgw_s11_teid = rsp->sender_f_teid_for_control_plane.data;
mme_ue->sgw_s11_teid = ntohl(sgw_s11_teid->teid);
@ -166,6 +178,19 @@ void mme_s11_handle_create_session_response(
memcpy(&pdn->paa, rsp->pdn_address_allocation.data,
rsp->pdn_address_allocation.len);
/* CHECK PDN_TYPE */
if (pdn->paa.pdn_type == OGS_GTP_PDN_TYPE_IPV4) {
/* Nothing */
} else if (pdn->paa.pdn_type == OGS_GTP_PDN_TYPE_IPV6) {
/* Nothing */
} else if (pdn->paa.pdn_type == OGS_GTP_PDN_TYPE_IPV4V6) {
/* Nothing */
} else {
ogs_error("Unknown PDN Type %u", pdn->paa.pdn_type);
ogs_log_hexdump(OGS_LOG_ERROR,
rsp->pdn_address_allocation.data, rsp->pdn_address_allocation.len);
}
/* PCO */
if (rsp->protocol_configuration_options.presence) {
OGS_TLV_STORE_DATA(&sess->pgw_pco,
@ -205,6 +230,19 @@ void mme_s11_handle_create_session_response(
rv = ogs_gtp_f_teid_to_ip(sgw_s1u_teid, &bearer->sgw_s1u_ip);
ogs_assert(rv == OGS_OK);
/* CHECK PDN_TYPE */
if (pdn->paa.pdn_type == OGS_GTP_PDN_TYPE_IPV4) {
/* Nothing */
} else if (pdn->paa.pdn_type == OGS_GTP_PDN_TYPE_IPV6) {
/* Nothing */
} else if (pdn->paa.pdn_type == OGS_GTP_PDN_TYPE_IPV4V6) {
/* Nothing */
} else {
ogs_error("Unknown PDN Type %u", pdn->paa.pdn_type);
ogs_log_hexdump(OGS_LOG_ERROR,
rsp->pdn_address_allocation.data, rsp->pdn_address_allocation.len);
}
if (SESSION_CONTEXT_IN_ATTACH(sess)) {
mme_csmap_t *csmap = mme_csmap_find_by_tai(&mme_ue->tai);
mme_ue->csmap = csmap;

19
src/mme/mme-sm.c
View File

@ -341,25 +341,6 @@ void mme_state_operational(ogs_fsm_t *s, mme_event_t *e)
s1ap_send_ue_context_release_command(mme_ue->enb_ue,
S1AP_Cause_PR_nas, S1AP_CauseNas_normal_release,
S1AP_UE_CTX_REL_S1_CONTEXT_REMOVE, 0);
/*
* Pull #569 : State should be initialized again.
*
* However, we cannot initialize the state in all cases.
*
* In TS24.301 Ch 5.5.1.2.7 Abnormal cases on the network side
*
* d) ATTACH REQUEST received after the ATTACH ACCEPT message has been sent
* and before the ATTACH COMPLETE message is received
*
* Since, we have to do this special case, it is desirable
* to handle it directly inside the state(emm-sm.c).
*/
#if 0
mme_ue_fsm_fini(mme_ue);
mme_ue_fsm_init(mme_ue);
#endif
}
mme_ue_associate_enb_ue(mme_ue, enb_ue);
}

134
src/mme/s1ap-handler.c
View File

@ -245,10 +245,15 @@ void s1ap_handle_initial_ue_message(mme_enb_t *enb, ogs_s1ap_message_t *message)
}
}
ogs_debug(" IP[%s] ENB_ID[%d]",
OGS_ADDR(enb->addr, buf), enb->enb_id);
ogs_debug(" IP[%s] ENB_ID[%d]", OGS_ADDR(enb->addr, buf), enb->enb_id);
ogs_assert(ENB_UE_S1AP_ID);
if (!ENB_UE_S1AP_ID) {
ogs_error("No ENB_UE_S1AP_ID");
s1ap_send_error_indication(enb,
NULL, ENB_UE_S1AP_ID,
S1AP_Cause_PR_protocol, S1AP_CauseProtocol_semantic_error);
return;
}
enb_ue = enb_ue_find_by_enb_ue_s1ap_id(enb, *ENB_UE_S1AP_ID);
if (!enb_ue) {
enb_ue = enb_ue_add(enb, *ENB_UE_S1AP_ID);
@ -303,24 +308,6 @@ void s1ap_handle_initial_ue_message(mme_enb_t *enb, ogs_s1ap_message_t *message)
s1ap_send_ue_context_release_command(mme_ue->enb_ue,
S1AP_Cause_PR_nas, S1AP_CauseNas_normal_release,
S1AP_UE_CTX_REL_S1_CONTEXT_REMOVE, 0);
/*
* Pull #569 : State should be initialized again.
*
* However, we cannot initialize the state in all cases.
*
* In TS24.301 Ch 5.5.1.2.7 Abnormal cases on the network side
*
* d) ATTACH REQUEST received after the ATTACH ACCEPT message has been sent
* and before the ATTACH COMPLETE message is received
*
* Since, we have to do this special case, it is desirable
* to handle it directly inside the state(emm-sm.c).
*/
#if 0
mme_ue_fsm_fini(mme_ue);
mme_ue_fsm_init(mme_ue);
#endif
}
mme_ue_associate_enb_ue(mme_ue, enb_ue);
}
@ -396,12 +383,25 @@ void s1ap_handle_uplink_nas_transport(
}
}
ogs_debug(" IP[%s] ENB_ID[%d]",
OGS_ADDR(enb->addr, buf), enb->enb_id);
ogs_debug(" IP[%s] ENB_ID[%d]", OGS_ADDR(enb->addr, buf), enb->enb_id);
ogs_assert(ENB_UE_S1AP_ID);
if (!ENB_UE_S1AP_ID) {
ogs_error("No ENB_UE_S1AP_ID");
s1ap_send_error_indication(enb,
NULL, ENB_UE_S1AP_ID,
S1AP_Cause_PR_protocol, S1AP_CauseProtocol_semantic_error);
return;
}
enb_ue = enb_ue_find_by_enb_ue_s1ap_id(enb, *ENB_UE_S1AP_ID);
ogs_expect_or_return(enb_ue);
if (!enb_ue) {
ogs_error("No eNB UE Context : ENB_UE_S1AP_ID[%lld]",
(long long)*ENB_UE_S1AP_ID);
s1ap_send_error_indication(enb,
NULL, ENB_UE_S1AP_ID,
S1AP_Cause_PR_radioNetwork,
S1AP_CauseRadioNetwork_unknown_enb_ue_s1ap_id);
return;
}
ogs_debug(" ENB_UE_S1AP_ID[%d] MME_UE_S1AP_ID[%d]",
enb_ue->enb_ue_s1ap_id, enb_ue->mme_ue_s1ap_id);
@ -724,19 +724,32 @@ void s1ap_handle_ue_context_modification_response(
}
}
ogs_debug(" IP[%s] ENB_ID[%d]",
OGS_ADDR(enb->addr, buf), enb->enb_id);
ogs_debug(" IP[%s] ENB_ID[%d]", OGS_ADDR(enb->addr, buf), enb->enb_id);
ogs_assert(ENB_UE_S1AP_ID);
if (!ENB_UE_S1AP_ID) {
ogs_error("No ENB_UE_S1AP_ID");
s1ap_send_error_indication(enb,
NULL, ENB_UE_S1AP_ID,
S1AP_Cause_PR_protocol, S1AP_CauseProtocol_semantic_error);
return;
}
enb_ue = enb_ue_find_by_enb_ue_s1ap_id(enb, *ENB_UE_S1AP_ID);
ogs_assert(enb_ue);
mme_ue = enb_ue->mme_ue;
ogs_expect_or_return(mme_ue);
if (!enb_ue) {
ogs_error("No eNB UE Context : ENB_UE_S1AP_ID[%lld]",
(long long)*ENB_UE_S1AP_ID);
s1ap_send_error_indication(enb,
NULL, ENB_UE_S1AP_ID,
S1AP_Cause_PR_radioNetwork,
S1AP_CauseRadioNetwork_unknown_enb_ue_s1ap_id);
return;
}
ogs_debug(" ENB_UE_S1AP_ID[%d] MME_UE_S1AP_ID[%d]",
enb_ue->enb_ue_s1ap_id, enb_ue->mme_ue_s1ap_id);
mme_ue = enb_ue->mme_ue;
ogs_expect_or_return(mme_ue);
CLEAR_SERVICE_INDICATOR(mme_ue);
}
@ -782,25 +795,34 @@ void s1ap_handle_ue_context_modification_failure(
}
}
ogs_debug(" IP[%s] ENB_ID[%d]",
OGS_ADDR(enb->addr, buf), enb->enb_id);
ogs_assert(ENB_UE_S1AP_ID);
ogs_assert(Cause);
ogs_debug(" IP[%s] ENB_ID[%d]", OGS_ADDR(enb->addr, buf), enb->enb_id);
if (!ENB_UE_S1AP_ID) {
ogs_error("No ENB_UE_S1AP_ID");
s1ap_send_error_indication(enb,
NULL, ENB_UE_S1AP_ID,
S1AP_Cause_PR_protocol, S1AP_CauseProtocol_semantic_error);
return;
}
enb_ue = enb_ue_find_by_enb_ue_s1ap_id(enb, *ENB_UE_S1AP_ID);
if (enb_ue == NULL) {
ogs_warn("Initial context setup failure : "
"cannot find eNB-UE-S1AP-ID[%d]", (int)*ENB_UE_S1AP_ID);
goto cleanup;
if (!enb_ue) {
ogs_error("No eNB UE Context : ENB_UE_S1AP_ID[%lld]",
(long long)*ENB_UE_S1AP_ID);
s1ap_send_error_indication(enb,
NULL, ENB_UE_S1AP_ID,
S1AP_Cause_PR_radioNetwork,
S1AP_CauseRadioNetwork_unknown_enb_ue_s1ap_id);
return;
}
ogs_debug(" ENB_UE_S1AP_ID[%d] MME_UE_S1AP_ID[%d]",
enb_ue->enb_ue_s1ap_id, enb_ue->mme_ue_s1ap_id);
ogs_expect_or_return(Cause);
ogs_debug(" Cause[Group:%d Cause:%d]",
Cause->present, (int)Cause->choice.radioNetwork);
cleanup:
mme_ue = enb_ue->mme_ue;
ogs_expect_or_return(mme_ue);
CLEAR_SERVICE_INDICATOR(mme_ue);
@ -978,10 +1000,15 @@ void s1ap_handle_ue_context_release_request(
}
}
ogs_debug(" IP[%s] ENB_ID[%d]",
OGS_ADDR(enb->addr, buf), enb->enb_id);
ogs_debug(" IP[%s] ENB_ID[%d]", OGS_ADDR(enb->addr, buf), enb->enb_id);
ogs_assert(MME_UE_S1AP_ID);
if (!MME_UE_S1AP_ID) {
ogs_error("No MME_UE_S1AP_ID");
s1ap_send_error_indication(enb,
MME_UE_S1AP_ID, NULL,
S1AP_Cause_PR_protocol, S1AP_CauseProtocol_semantic_error);
return;
}
enb_ue = enb_ue_find_by_mme_ue_s1ap_id(*MME_UE_S1AP_ID);
if (!enb_ue) {
ogs_warn("No ENB UE Context : MME_UE_S1AP_ID[%d]",
@ -996,7 +1023,7 @@ void s1ap_handle_ue_context_release_request(
ogs_debug(" ENB_UE_S1AP_ID[%d] MME_UE_S1AP_ID[%d]",
enb_ue->enb_ue_s1ap_id, enb_ue->mme_ue_s1ap_id);
ogs_assert(Cause);
ogs_expect_or_return(Cause);
ogs_debug(" Cause[Group:%d Cause:%d]",
Cause->present, (int)Cause->choice.radioNetwork);
@ -1054,10 +1081,15 @@ void s1ap_handle_ue_context_release_complete(
}
}
ogs_debug(" IP[%s] ENB_ID[%d]",
OGS_ADDR(enb->addr, buf), enb->enb_id);
ogs_debug(" IP[%s] ENB_ID[%d]", OGS_ADDR(enb->addr, buf), enb->enb_id);
ogs_assert(MME_UE_S1AP_ID);
if (!MME_UE_S1AP_ID) {
ogs_error("No MME_UE_S1AP_ID");
s1ap_send_error_indication(enb,
MME_UE_S1AP_ID, NULL,
S1AP_Cause_PR_protocol, S1AP_CauseProtocol_semantic_error);
return;
}
enb_ue = enb_ue_find_by_mme_ue_s1ap_id(*MME_UE_S1AP_ID);
if (!enb_ue) {
ogs_warn("No ENB UE Context : MME_UE_S1AP_ID[%d]",
@ -1092,11 +1124,13 @@ void s1ap_handle_ue_context_release_action(enb_ue_t *enb_ue)
case S1AP_UE_CTX_REL_S1_REMOVE_AND_UNLINK:
ogs_debug(" Action: S1 normal release");
enb_ue_remove(enb_ue);
ogs_expect_or_return(mme_ue);
mme_ue_deassociate(mme_ue);
break;
case S1AP_UE_CTX_REL_UE_CONTEXT_REMOVE:
ogs_debug(" Action: UE context remove");
enb_ue_remove(enb_ue);
ogs_expect_or_return(mme_ue);
mme_ue_remove(mme_ue);
break;
case S1AP_UE_CTX_REL_DELETE_INDIRECT_TUNNEL:
@ -1105,7 +1139,7 @@ void s1ap_handle_ue_context_release_action(enb_ue_t *enb_ue)
source_ue_deassociate_target_ue(enb_ue);
enb_ue_remove(enb_ue);
ogs_assert(mme_ue);
ogs_expect_or_return(mme_ue);
if (mme_ue_have_indirect_tunnel(mme_ue)) {
mme_gtp_send_delete_indirect_data_forwarding_tunnel_request(
mme_ue);

2
src/sgwc/s11-handler.c
View File

@ -386,6 +386,7 @@ void sgwc_s11_handle_delete_session_request(
}
ogs_assert(sess);
ogs_assert(sess->gnode);
ogs_debug(" MME_S11_TEID[%d] SGW_S11_TEID[%d]",
sgwc_ue->mme_s11_teid, sgwc_ue->sgw_s11_teid);
ogs_debug(" SGW_S5C_TEID[0x%x] PGW_S5C_TEID[0x%x]",
@ -1070,6 +1071,7 @@ void sgwc_s11_handle_bearer_resource_command(
}
ogs_assert(sess);
ogs_assert(sess->gnode);
ogs_debug(" MME_S11_TEID[%d] SGW_S11_TEID[%d]",
sgwc_ue->mme_s11_teid, sgwc_ue->sgw_s11_teid);
ogs_debug(" SGW_S5C_TEID[0x%x] PGW_S5C_TEID[0x%x]",

2
src/sgwc/s5c-handler.c
View File

@ -405,6 +405,7 @@ void sgwc_s5c_handle_update_bearer_request(
sgwc_ue = sess->sgwc_ue;
ogs_assert(sgwc_ue);
ogs_assert(sgwc_ue->gnode);
ogs_debug(" MME_S11_TEID[%d] SGW_S11_TEID[%d]",
sgwc_ue->mme_s11_teid, sgwc_ue->sgw_s11_teid);
@ -474,6 +475,7 @@ void sgwc_s5c_handle_delete_bearer_request(
sgwc_ue = sess->sgwc_ue;
ogs_assert(sgwc_ue);
ogs_assert(sgwc_ue->gnode);
ogs_debug(" MME_S11_TEID[%d] SGW_S11_TEID[%d]",
sgwc_ue->mme_s11_teid, sgwc_ue->sgw_s11_teid);

2
src/sgwc/sxa-handler.c
View File

@ -209,6 +209,7 @@ void sgwc_sxa_handle_session_establishment_response(
pkbuf = ogs_gtp_build_msg(gtp_message);
ogs_expect_or_return(pkbuf);
ogs_assert(sess->gnode);
s5c_xact = ogs_gtp_xact_local_create(
sess->gnode, &gtp_message->h, pkbuf, timeout, sess);
ogs_expect_or_return(s5c_xact);
@ -366,6 +367,7 @@ void sgwc_sxa_handle_session_modification_response(
pkbuf = ogs_gtp_build_msg(recv_message);
ogs_expect_or_return(pkbuf);
ogs_assert(sgwc_ue->gnode);
s11_xact = ogs_gtp_xact_local_create(
sgwc_ue->gnode, &recv_message->h, pkbuf, timeout, sess);
ogs_expect_or_return(s11_xact);