From 6332f10593972303176b2e72c6183f9e949010da Mon Sep 17 00:00:00 2001 From: Sukchan Lee Date: Thu, 30 Jun 2022 09:11:31 +0900 Subject: [PATCH] Revert "[GTP] context when TEID=0 (#1620, #1606, #1594)" This reverts commit 0d61f7a7f905a865bcd8be9382ffabeb817f8464. --- lib/gtp/xact.h | 3 - lib/pfcp/xact.h | 3 +- src/mme/mme-gtp-path.c | 7 -- src/mme/mme-s11-handler.c | 81 +++++++++--- src/mme/mme-sm.c | 14 --- src/sgwc/pfcp-sm.c | 14 ++- src/sgwc/s11-handler.c | 55 ++++++-- src/sgwc/s5c-handler.c | 258 +++++++++++++++++++++++--------------- src/sgwc/sgwc-sm.c | 29 +---- src/sgwc/sxa-handler.c | 4 - src/smf/binding.c | 2 - src/smf/gtp-path.c | 1 - src/smf/pfcp-path.c | 4 + src/smf/pfcp-sm.c | 14 ++- src/smf/s5c-handler.c | 32 ++++- src/smf/smf-sm.c | 17 +-- 16 files changed, 333 insertions(+), 205 deletions(-) diff --git a/lib/gtp/xact.h b/lib/gtp/xact.h index 9ff3f5cc4..89a453efe 100644 --- a/lib/gtp/xact.h +++ b/lib/gtp/xact.h @@ -86,9 +86,6 @@ typedef struct ogs_gtp_xact_s { ogs_timer_t *tm_holding; /**< Timer waiting for holding message */ uint8_t holding_rcount; - uint32_t local_teid; /**< Local TEID, - expected in reply from peer */ - void *assoc_xact; /**< Associated GTP transaction */ void *pfcp_xact; /**< Associated PFCP transaction */ diff --git a/lib/pfcp/xact.h b/lib/pfcp/xact.h index bd03a9ab1..3eaa3d07b 100644 --- a/lib/pfcp/xact.h +++ b/lib/pfcp/xact.h @@ -65,8 +65,7 @@ typedef struct ogs_pfcp_xact_s { ogs_timer_t *tm_delayed_commit; /**< Timer waiting for commit xact */ - uint64_t local_seid; /**< Local SEID, - expected in reply from peer */ + uint64_t local_seid; /**< Local SEID, expected in reply from peer */ void *assoc_xact; /**< Associated GTP transaction */ ogs_pkbuf_t *gtpbuf; /**< GTP packet buffer */ diff --git a/src/mme/mme-gtp-path.c b/src/mme/mme-gtp-path.c index 688a0aaac..581799352 100644 --- a/src/mme/mme-gtp-path.c +++ b/src/mme/mme-gtp-path.c @@ -228,7 +228,6 @@ int mme_gtp_send_create_session_request(mme_sess_t *sess, int create_action) xact = ogs_gtp_xact_local_create(sgw_ue->gnode, &h, pkbuf, timeout, sess); ogs_expect_or_return_val(xact, OGS_ERROR); xact->create_action = create_action; - xact->local_teid = mme_ue->mme_s11_teid; rv = ogs_gtp_xact_commit(xact); ogs_expect(rv == OGS_OK); @@ -261,7 +260,6 @@ int mme_gtp_send_modify_bearer_request( xact = ogs_gtp_xact_local_create(sgw_ue->gnode, &h, pkbuf, timeout, mme_ue); ogs_expect_or_return_val(xact, OGS_ERROR); xact->modify_action = modify_action; - xact->local_teid = mme_ue->mme_s11_teid; rv = ogs_gtp_xact_commit(xact); ogs_expect(rv == OGS_OK); @@ -294,7 +292,6 @@ int mme_gtp_send_delete_session_request( xact = ogs_gtp_xact_local_create(sgw_ue->gnode, &h, s11buf, timeout, sess); ogs_expect_or_return_val(xact, OGS_ERROR); xact->delete_action = action; - xact->local_teid = mme_ue->mme_s11_teid; rv = ogs_gtp_xact_commit(xact); ogs_expect(rv == OGS_OK); @@ -473,7 +470,6 @@ int mme_gtp_send_release_access_bearers_request(mme_ue_t *mme_ue, int action) xact = ogs_gtp_xact_local_create(sgw_ue->gnode, &h, pkbuf, timeout, mme_ue); ogs_expect_or_return_val(xact, OGS_ERROR); xact->release_action = action; - xact->local_teid = mme_ue->mme_s11_teid; rv = ogs_gtp_xact_commit(xact); ogs_expect(rv == OGS_OK); @@ -590,7 +586,6 @@ int mme_gtp_send_create_indirect_data_forwarding_tunnel_request( xact = ogs_gtp_xact_local_create(sgw_ue->gnode, &h, pkbuf, timeout, mme_ue); ogs_expect_or_return_val(xact, OGS_ERROR); - xact->local_teid = mme_ue->mme_s11_teid; rv = ogs_gtp_xact_commit(xact); ogs_expect(rv == OGS_OK); @@ -623,7 +618,6 @@ int mme_gtp_send_delete_indirect_data_forwarding_tunnel_request( xact = ogs_gtp_xact_local_create(sgw_ue->gnode, &h, pkbuf, timeout, mme_ue); ogs_expect_or_return_val(xact, OGS_ERROR); xact->delete_indirect_action = action; - xact->local_teid = mme_ue->mme_s11_teid; rv = ogs_gtp_xact_commit(xact); ogs_expect(rv == OGS_OK); @@ -658,7 +652,6 @@ int mme_gtp_send_bearer_resource_command( xact = ogs_gtp_xact_local_create(sgw_ue->gnode, &h, pkbuf, timeout, bearer); ogs_expect_or_return_val(xact, OGS_ERROR); xact->xid |= OGS_GTP_CMD_XACT_ID; - xact->local_teid = mme_ue->mme_s11_teid; rv = ogs_gtp_xact_commit(xact); ogs_expect(rv == OGS_OK); diff --git a/src/mme/mme-s11-handler.c b/src/mme/mme-s11-handler.c index f0ca12663..744757956 100644 --- a/src/mme/mme-s11-handler.c +++ b/src/mme/mme-s11-handler.c @@ -78,7 +78,7 @@ void mme_s11_handle_echo_response( } void mme_s11_handle_create_session_response( - ogs_gtp_xact_t *xact, mme_ue_t *mme_ue, + ogs_gtp_xact_t *xact, mme_ue_t *mme_ue_from_teid, ogs_gtp2_create_session_response_t *rsp) { int rv, i; @@ -91,6 +91,7 @@ void mme_s11_handle_create_session_response( mme_bearer_t *bearer = NULL; mme_sess_t *sess = NULL; + mme_ue_t *mme_ue = NULL; sgw_ue_t *source_ue = NULL, *target_ue = NULL; ogs_session_t *session = NULL; ogs_gtp2_bearer_qos_t bearer_qos; @@ -98,7 +99,6 @@ void mme_s11_handle_create_session_response( uint16_t decoded = 0; int create_action = 0; - ogs_assert(mme_ue); ogs_assert(rsp); ogs_debug("Create Session Response"); @@ -110,6 +110,8 @@ void mme_s11_handle_create_session_response( create_action = xact->create_action; sess = xact->data; ogs_assert(sess); + mme_ue = sess->mme_ue; + ogs_assert(mme_ue); source_ue = sgw_ue_cycle(mme_ue->sgw_ue); ogs_assert(source_ue); @@ -129,6 +131,11 @@ void mme_s11_handle_create_session_response( ************************/ cause_value = OGS_GTP2_CAUSE_REQUEST_ACCEPTED; + if (!mme_ue_from_teid) { + ogs_error("No Context in TEID"); + cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; + } + if (cause_value != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { if (create_action == OGS_GTP_CREATE_IN_ATTACH_REQUEST) { ogs_error("[%s] Attach reject", mme_ue->imsi_bcd); @@ -393,7 +400,7 @@ void mme_s11_handle_create_session_response( } void mme_s11_handle_modify_bearer_response( - ogs_gtp_xact_t *xact, mme_ue_t *mme_ue, + ogs_gtp_xact_t *xact, mme_ue_t *mme_ue_from_teid, ogs_gtp2_modify_bearer_response_t *rsp) { int rv; @@ -401,9 +408,9 @@ void mme_s11_handle_modify_bearer_response( int modify_action = 0; ogs_gtp2_cause_t *cause = NULL; + mme_ue_t *mme_ue = NULL; sgw_ue_t *sgw_ue = NULL; - ogs_assert(mme_ue); ogs_assert(rsp); ogs_debug("Modify Bearer Response"); @@ -413,6 +420,8 @@ void mme_s11_handle_modify_bearer_response( ********************/ ogs_assert(xact); modify_action = xact->modify_action; + mme_ue = xact->data; + ogs_assert(mme_ue); sgw_ue = sgw_ue_cycle(mme_ue->sgw_ue); ogs_assert(sgw_ue); @@ -424,6 +433,11 @@ void mme_s11_handle_modify_bearer_response( ************************/ cause_value = OGS_GTP2_CAUSE_REQUEST_ACCEPTED; + if (!mme_ue_from_teid) { + ogs_error("No Context in TEID"); + cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; + } + if (cause_value != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { mme_send_delete_session_or_mme_ue_context_release(mme_ue); return; @@ -480,7 +494,7 @@ void mme_s11_handle_modify_bearer_response( } void mme_s11_handle_delete_session_response( - ogs_gtp_xact_t *xact, mme_ue_t *mme_ue, + ogs_gtp_xact_t *xact, mme_ue_t *mme_ue_from_teid, ogs_gtp2_delete_session_response_t *rsp) { int rv; @@ -488,8 +502,8 @@ void mme_s11_handle_delete_session_response( int action = 0; sgw_ue_t *source_ue = NULL, *target_ue = NULL; mme_sess_t *sess = NULL; + mme_ue_t *mme_ue = NULL; - ogs_assert(mme_ue); ogs_assert(rsp); ogs_debug("Delete Session Response"); @@ -502,6 +516,8 @@ void mme_s11_handle_delete_session_response( ogs_assert(action); sess = xact->data; ogs_assert(sess); + mme_ue = sess->mme_ue; + ogs_assert(mme_ue); target_ue = sgw_ue_cycle(mme_ue->sgw_ue); ogs_assert(target_ue); @@ -516,6 +532,13 @@ void mme_s11_handle_delete_session_response( rv = ogs_gtp_xact_commit(xact); ogs_expect_or_return(rv == OGS_OK); + /************************ + * Check MME-UE Context + ************************/ + if (!mme_ue_from_teid) { + ogs_error("No Context in TEID"); + } + /******************** * Check Cause Value ********************/ @@ -1053,7 +1076,7 @@ void mme_s11_handle_delete_bearer_request( } void mme_s11_handle_release_access_bearers_response( - ogs_gtp_xact_t *xact, mme_ue_t *mme_ue, + ogs_gtp_xact_t *xact, mme_ue_t *mme_ue_from_teid, ogs_gtp2_release_access_bearers_response_t *rsp) { int rv; @@ -1062,10 +1085,10 @@ void mme_s11_handle_release_access_bearers_response( enb_ue_t *enb_ue = NULL; sgw_ue_t *sgw_ue = NULL;; + mme_ue_t *mme_ue = NULL; mme_sess_t *sess = NULL; mme_bearer_t *bearer = NULL; - ogs_assert(mme_ue); ogs_assert(rsp); ogs_debug("Release Access Bearers Response"); @@ -1076,12 +1099,21 @@ void mme_s11_handle_release_access_bearers_response( ogs_assert(xact); action = xact->release_action; ogs_assert(action); + mme_ue = xact->data; + ogs_assert(mme_ue); sgw_ue = sgw_ue_cycle(mme_ue->sgw_ue); ogs_assert(sgw_ue); rv = ogs_gtp_xact_commit(xact); ogs_expect_or_return(rv == OGS_OK); + /*********************** + * Check MME-UE Context + ***********************/ + if (!mme_ue_from_teid) { + ogs_error("No Context in TEID"); + } + /******************** * Check Cause Value ********************/ @@ -1333,7 +1365,7 @@ void mme_s11_handle_downlink_data_notification( } void mme_s11_handle_create_indirect_data_forwarding_tunnel_response( - ogs_gtp_xact_t *xact, mme_ue_t *mme_ue, + ogs_gtp_xact_t *xact, mme_ue_t *mme_ue_from_teid, ogs_gtp2_create_indirect_data_forwarding_tunnel_response_t *rsp) { int rv; @@ -1341,12 +1373,12 @@ void mme_s11_handle_create_indirect_data_forwarding_tunnel_response( ogs_gtp2_cause_t *cause = NULL; sgw_ue_t *sgw_ue = NULL; mme_bearer_t *bearer = NULL; + mme_ue_t *mme_ue = NULL; enb_ue_t *source_ue = NULL; int i; ogs_gtp2_f_teid_t *teid = NULL; - ogs_assert(mme_ue); ogs_assert(rsp); ogs_debug("Create Indirect Data Forwarding Tunnel Response"); @@ -1354,6 +1386,9 @@ void mme_s11_handle_create_indirect_data_forwarding_tunnel_response( /******************** * Check Transaction ********************/ + ogs_assert(xact); + mme_ue = xact->data; + ogs_assert(mme_ue); sgw_ue = sgw_ue_cycle(mme_ue->sgw_ue); ogs_assert(sgw_ue); @@ -1365,6 +1400,11 @@ void mme_s11_handle_create_indirect_data_forwarding_tunnel_response( ************************/ cause_value = OGS_GTP2_CAUSE_REQUEST_ACCEPTED; + if (!mme_ue_from_teid) { + ogs_error("No Context in TEID"); + cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; + } + if (cause_value != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { mme_send_delete_session_or_mme_ue_context_release(mme_ue); return; @@ -1443,16 +1483,16 @@ void mme_s11_handle_create_indirect_data_forwarding_tunnel_response( } void mme_s11_handle_delete_indirect_data_forwarding_tunnel_response( - ogs_gtp_xact_t *xact, mme_ue_t *mme_ue, + ogs_gtp_xact_t *xact, mme_ue_t *mme_ue_from_teid, ogs_gtp2_delete_indirect_data_forwarding_tunnel_response_t *rsp) { int rv; uint8_t cause_value = 0; ogs_gtp2_cause_t *cause = NULL; int action = 0; + mme_ue_t *mme_ue = NULL; sgw_ue_t *sgw_ue = NULL; - ogs_assert(mme_ue); ogs_assert(rsp); ogs_debug("Delete Indirect Data Forwarding Tunnel Response"); @@ -1463,6 +1503,8 @@ void mme_s11_handle_delete_indirect_data_forwarding_tunnel_response( ogs_assert(xact); action = xact->delete_indirect_action; ogs_assert(action); + mme_ue = xact->data; + ogs_assert(mme_ue); sgw_ue = sgw_ue_cycle(mme_ue->sgw_ue); ogs_assert(sgw_ue); @@ -1474,6 +1516,11 @@ void mme_s11_handle_delete_indirect_data_forwarding_tunnel_response( ************************/ cause_value = OGS_GTP2_CAUSE_REQUEST_ACCEPTED; + if (!mme_ue_from_teid) { + ogs_error("No Context in TEID"); + cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; + } + if (cause_value != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { mme_send_delete_session_or_mme_ue_context_release(mme_ue); return; @@ -1531,7 +1578,7 @@ void mme_s11_handle_delete_indirect_data_forwarding_tunnel_response( } void mme_s11_handle_bearer_resource_failure_indication( - ogs_gtp_xact_t *xact, mme_ue_t *mme_ue, + ogs_gtp_xact_t *xact, mme_ue_t *mme_ue_from_teid, ogs_gtp2_bearer_resource_failure_indication_t *ind) { int rv; @@ -1539,12 +1586,11 @@ void mme_s11_handle_bearer_resource_failure_indication( mme_bearer_t *bearer = NULL; mme_sess_t *sess = NULL; + mme_ue_t *mme_ue = NULL; sgw_ue_t *sgw_ue = NULL; ogs_debug("Bearer Resource Failure Indication"); - ogs_assert(mme_ue); - /******************** * Check Transaction ********************/ @@ -1553,12 +1599,17 @@ void mme_s11_handle_bearer_resource_failure_indication( ogs_assert(ind); sess = bearer->sess; ogs_assert(sess); + mme_ue = sess->mme_ue; + ogs_assert(mme_ue); sgw_ue = sgw_ue_cycle(mme_ue->sgw_ue); ogs_assert(sgw_ue); rv = ogs_gtp_xact_commit(xact); ogs_expect_or_return(rv == OGS_OK); + if (!mme_ue_from_teid) + ogs_error("No Context in TEID"); + /******************** * Check Cause Value ********************/ diff --git a/src/mme/mme-sm.c b/src/mme/mme-sm.c index 33bf3f913..799f51a74 100644 --- a/src/mme/mme-sm.c +++ b/src/mme/mme-sm.c @@ -562,13 +562,6 @@ void mme_state_operational(ogs_fsm_t *s, mme_event_t *e) if (gtp_message.h.teid_presence && gtp_message.h.teid != 0) { /* Cause is not "Context not found" */ mme_ue = mme_ue_find_by_teid(gtp_message.h.teid); - } else if (xact->local_teid) { /* rx no TEID or TEID=0 */ - /* 3GPP TS 29.274 5.5.2: we receive TEID=0 under some - * conditions, such as cause "Session context not found". In those - * cases, we still want to identify the local session which - * originated the message, so try harder by using the TEID we - * locally stored in xact when sending the original request: */ - mme_ue = mme_ue_find_by_teid(xact->local_teid); } switch (gtp_message.h.type) { @@ -579,17 +572,14 @@ void mme_state_operational(ogs_fsm_t *s, mme_event_t *e) mme_s11_handle_echo_response(xact, >p_message.echo_response); break; case OGS_GTP2_CREATE_SESSION_RESPONSE_TYPE: - if (!gtp_message.h.teid_presence) ogs_error("No TEID"); mme_s11_handle_create_session_response( xact, mme_ue, >p_message.create_session_response); break; case OGS_GTP2_MODIFY_BEARER_RESPONSE_TYPE: - if (!gtp_message.h.teid_presence) ogs_error("No TEID"); mme_s11_handle_modify_bearer_response( xact, mme_ue, >p_message.modify_bearer_response); break; case OGS_GTP2_DELETE_SESSION_RESPONSE_TYPE: - if (!gtp_message.h.teid_presence) ogs_error("No TEID"); mme_s11_handle_delete_session_response( xact, mme_ue, >p_message.delete_session_response); break; @@ -606,7 +596,6 @@ void mme_state_operational(ogs_fsm_t *s, mme_event_t *e) xact, mme_ue, >p_message.delete_bearer_request); break; case OGS_GTP2_RELEASE_ACCESS_BEARERS_RESPONSE_TYPE: - if (!gtp_message.h.teid_presence) ogs_error("No TEID"); mme_s11_handle_release_access_bearers_response( xact, mme_ue, >p_message.release_access_bearers_response); break; @@ -615,19 +604,16 @@ void mme_state_operational(ogs_fsm_t *s, mme_event_t *e) xact, mme_ue, >p_message.downlink_data_notification); break; case OGS_GTP2_CREATE_INDIRECT_DATA_FORWARDING_TUNNEL_RESPONSE_TYPE: - if (!gtp_message.h.teid_presence) ogs_error("No TEID"); mme_s11_handle_create_indirect_data_forwarding_tunnel_response( xact, mme_ue, >p_message.create_indirect_data_forwarding_tunnel_response); break; case OGS_GTP2_DELETE_INDIRECT_DATA_FORWARDING_TUNNEL_RESPONSE_TYPE: - if (!gtp_message.h.teid_presence) ogs_error("No TEID"); mme_s11_handle_delete_indirect_data_forwarding_tunnel_response( xact, mme_ue, >p_message.delete_indirect_data_forwarding_tunnel_response); break; case OGS_GTP2_BEARER_RESOURCE_FAILURE_INDICATION_TYPE: - if (!gtp_message.h.teid_presence) ogs_error("No TEID"); mme_s11_handle_bearer_resource_failure_indication( xact, mme_ue, >p_message.bearer_resource_failure_indication); diff --git a/src/sgwc/pfcp-sm.c b/src/sgwc/pfcp-sm.c index b46ad7f49..7e392c2eb 100644 --- a/src/sgwc/pfcp-sm.c +++ b/src/sgwc/pfcp-sm.c @@ -190,7 +190,7 @@ void sgwc_pfcp_state_associated(ogs_fsm_t *s, sgwc_event_t *e) * conditions, such as cause "Session context not found". In those * cases, we still want to identify the local session which * originated the message, so try harder by using the SEID we - * locally stored in xact when sending the original request: */ + * locacally stored in xact when sending the original request: */ sess = sgwc_sess_find_by_seid(xact->local_seid); } @@ -216,28 +216,32 @@ void sgwc_pfcp_state_associated(ogs_fsm_t *s, sgwc_event_t *e) &message->pfcp_association_setup_response); break; case OGS_PFCP_SESSION_ESTABLISHMENT_RESPONSE_TYPE: - if (!message->h.seid_presence) ogs_error("No SEID"); + if (!message->h.seid_presence) + ogs_error("No SEID"); sgwc_sxa_handle_session_establishment_response( sess, xact, e->gtp_message, &message->pfcp_session_establishment_response); break; case OGS_PFCP_SESSION_MODIFICATION_RESPONSE_TYPE: - if (!message->h.seid_presence) ogs_error("No SEID"); + if (!message->h.seid_presence) + ogs_error("No SEID"); sgwc_sxa_handle_session_modification_response( sess, xact, e->gtp_message, &message->pfcp_session_modification_response); break; case OGS_PFCP_SESSION_DELETION_RESPONSE_TYPE: - if (!message->h.seid_presence) ogs_error("No SEID"); + if (!message->h.seid_presence) + ogs_error("No SEID"); sgwc_sxa_handle_session_deletion_response( sess, xact, e->gtp_message, &message->pfcp_session_deletion_response); break; case OGS_PFCP_SESSION_REPORT_REQUEST_TYPE: - if (!message->h.seid_presence) ogs_error("No SEID"); + if (!message->h.seid_presence) + ogs_error("No SEID"); sgwc_sxa_handle_session_report_request( sess, xact, &message->pfcp_session_report_request); break; diff --git a/src/sgwc/s11-handler.c b/src/sgwc/s11-handler.c index 365ff5df4..1b580ed29 100644 --- a/src/sgwc/s11-handler.c +++ b/src/sgwc/s11-handler.c @@ -688,7 +688,6 @@ void sgwc_s11_handle_create_bearer_response( ogs_gtp2_f_teid_t *sgw_s1u_teid = NULL, *enb_s1u_teid = NULL; ogs_gtp2_uli_t uli; - ogs_assert(sgwc_ue); ogs_assert(message); rsp = &message->create_bearer_response; ogs_assert(rsp); @@ -715,10 +714,30 @@ void sgwc_s11_handle_create_bearer_response( rv = ogs_gtp_xact_commit(s11_xact); ogs_expect(rv == OGS_OK); + /************************ + * Check SGWC-UE Context + ************************/ + cause_value = OGS_GTP2_CAUSE_REQUEST_ACCEPTED; + + if (!sgwc_ue) { + ogs_error("No Context in TEID"); + cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; + } + + if (cause_value != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { + ogs_assert(OGS_OK == + sgwc_pfcp_send_bearer_modification_request( + bearer, NULL, NULL, + OGS_PFCP_MODIFY_UL_ONLY|OGS_PFCP_MODIFY_REMOVE)); + ogs_gtp_send_error_message(s5c_xact, sess ? sess->pgw_s5c_teid : 0, + OGS_GTP2_CREATE_BEARER_RESPONSE_TYPE, cause_value); + return; + } + /***************************************** * Check Mandatory/Conditional IE Missing *****************************************/ - cause_value = OGS_GTP2_CAUSE_REQUEST_ACCEPTED; + ogs_assert(cause_value == OGS_GTP2_CAUSE_REQUEST_ACCEPTED); if (rsp->bearer_contexts.presence == 0) { ogs_error("No Bearer"); @@ -853,7 +872,6 @@ void sgwc_s11_handle_update_bearer_response( sgwc_bearer_t *bearer = NULL; ogs_gtp2_update_bearer_response_t *rsp = NULL; - ogs_assert(sgwc_ue); ogs_assert(message); rsp = &message->update_bearer_response; ogs_assert(rsp); @@ -880,10 +898,26 @@ void sgwc_s11_handle_update_bearer_response( rv = ogs_gtp_xact_commit(s11_xact); ogs_expect(rv == OGS_OK); + /************************ + * Check SGWC-UE Context + ************************/ + cause_value = OGS_GTP2_CAUSE_REQUEST_ACCEPTED; + + if (!sgwc_ue) { + ogs_error("No Context in TEID"); + cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; + } + + if (cause_value != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { + ogs_gtp_send_error_message(s5c_xact, sess ? sess->pgw_s5c_teid : 0, + OGS_GTP2_UPDATE_BEARER_RESPONSE_TYPE, cause_value); + return; + } + /***************************************** * Check Mandatory/Conditional IE Missing *****************************************/ - cause_value = OGS_GTP2_CAUSE_REQUEST_ACCEPTED; + ogs_assert(cause_value == OGS_GTP2_CAUSE_REQUEST_ACCEPTED); if (rsp->bearer_contexts.presence == 0) { ogs_error("No Bearer"); @@ -970,7 +1004,6 @@ void sgwc_s11_handle_delete_bearer_response( sgwc_bearer_t *bearer = NULL; ogs_gtp2_delete_bearer_response_t *rsp = NULL; - ogs_assert(sgwc_ue); ogs_assert(message); rsp = &message->delete_bearer_response; ogs_assert(rsp); @@ -1002,6 +1035,11 @@ void sgwc_s11_handle_delete_bearer_response( ************************/ cause_value = OGS_GTP2_CAUSE_REQUEST_ACCEPTED; + if (!sgwc_ue) { + ogs_error("No Context in TEID"); + cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; + } + if (rsp->linked_eps_bearer_id.presence) { /* * << Linked EPS Bearer ID >> @@ -1073,8 +1111,10 @@ void sgwc_s11_handle_delete_bearer_response( ogs_error("No Cause"); } - ogs_debug(" MME_S11_TEID[%d] SGW_S11_TEID[%d]", - sgwc_ue->mme_s11_teid, sgwc_ue->sgw_s11_teid); + if (sgwc_ue) { + ogs_debug(" MME_S11_TEID[%d] SGW_S11_TEID[%d]", + sgwc_ue->mme_s11_teid, sgwc_ue->sgw_s11_teid); + } ogs_debug(" SGW_S5C_TEID[0x%x] PGW_S5C_TEID[0x%x]", sess->sgw_s5c_teid, sess->pgw_s5c_teid); @@ -1473,7 +1513,6 @@ void sgwc_s11_handle_bearer_resource_command( s5c_xact = ogs_gtp_xact_local_create( sess->gnode, &message->h, pkbuf, gtp_bearer_timeout, bearer); ogs_expect_or_return(s5c_xact); - s5c_xact->local_teid = sess->sgw_s5c_teid; ogs_gtp_xact_associate(s11_xact, s5c_xact); diff --git a/src/sgwc/s5c-handler.c b/src/sgwc/s5c-handler.c index 63f88e128..b76440a9b 100644 --- a/src/sgwc/s5c-handler.c +++ b/src/sgwc/s5c-handler.c @@ -79,9 +79,6 @@ void sgwc_s5c_handle_create_session_response( ogs_gtp_xact_t *s11_xact = NULL; ogs_gtp_node_t *pgw = NULL; - ogs_assert(sess); - sgwc_ue = sess->sgwc_ue; - ogs_assert(sgwc_ue); ogs_assert(gtpbuf); ogs_assert(message); rsp = &message->create_session_response; @@ -99,10 +96,30 @@ void sgwc_s5c_handle_create_session_response( rv = ogs_gtp_xact_commit(s5c_xact); ogs_expect(rv == OGS_OK); + /************************ + * Check Session Context + ************************/ + cause_value = OGS_GTP2_CAUSE_REQUEST_ACCEPTED; + + if (!sess) { + ogs_error("No Context in TEID"); + cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; + } else { + sgwc_ue = sess->sgwc_ue; + ogs_assert(sgwc_ue); + } + + if (cause_value != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { + ogs_gtp_send_error_message( + s11_xact, sgwc_ue ? sgwc_ue->mme_s11_teid : 0, + OGS_GTP2_CREATE_SESSION_RESPONSE_TYPE, cause_value); + return; + } + /***************************************** * Check Mandatory/Conditional IE Missing *****************************************/ - cause_value = OGS_GTP2_CAUSE_REQUEST_ACCEPTED; + ogs_assert(cause_value == OGS_GTP2_CAUSE_REQUEST_ACCEPTED); if (rsp->pgw_s5_s8__s2a_s2b_f_teid_for_pmip_based_interface_or_for_gtp_based_control_plane_interface.presence == 0) { ogs_error("No GTP TEID"); @@ -265,6 +282,108 @@ void sgwc_s5c_handle_create_session_response( OGS_PFCP_MODIFY_UL_ONLY|OGS_PFCP_MODIFY_ACTIVATE)); } +void sgwc_s5c_handle_delete_session_response( + sgwc_sess_t *sess, ogs_gtp_xact_t *s5c_xact, + ogs_pkbuf_t *gtpbuf, ogs_gtp2_message_t *message) +{ + int rv; + ogs_gtp2_cause_t *cause = NULL; + uint8_t cause_value; + + sgwc_ue_t *sgwc_ue = NULL; + + ogs_gtp_xact_t *s11_xact = NULL; + ogs_gtp2_delete_session_response_t *rsp = NULL; + + ogs_assert(message); + rsp = &message->delete_session_response; + ogs_assert(rsp); + + ogs_debug("Delete Session Response"); + + /******************** + * Check Transaction + ********************/ + ogs_assert(s5c_xact); + s11_xact = s5c_xact->assoc_xact; + ogs_assert(s11_xact); + + rv = ogs_gtp_xact_commit(s5c_xact); + ogs_expect(rv == OGS_OK); + + /************************ + * Check Session Context + ************************/ + cause_value = OGS_GTP2_CAUSE_REQUEST_ACCEPTED; + + if (!sess) { + ogs_error("No Context in TEID"); + cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; + } else { + sgwc_ue = sess->sgwc_ue; + ogs_assert(sgwc_ue); + } + + if (cause_value != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { + ogs_gtp_send_error_message( + s11_xact, sgwc_ue ? sgwc_ue->mme_s11_teid : 0, + OGS_GTP2_DELETE_SESSION_RESPONSE_TYPE, cause_value); + return; + } + + /***************************************** + * Check Mandatory/Conditional IE Missing + *****************************************/ + ogs_assert(cause_value == OGS_GTP2_CAUSE_REQUEST_ACCEPTED); + + if (rsp->cause.presence == 0) { + ogs_error("No Cause"); + cause_value = OGS_GTP2_CAUSE_MANDATORY_IE_MISSING; + } + + if (cause_value != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { + ogs_gtp_send_error_message( + s11_xact, sgwc_ue ? sgwc_ue->mme_s11_teid : 0, + OGS_GTP2_DELETE_SESSION_RESPONSE_TYPE, cause_value); + return; + } + + /******************** + * Check Cause Value + ********************/ + ogs_assert(cause_value == OGS_GTP2_CAUSE_REQUEST_ACCEPTED); + + cause = rsp->cause.data; + ogs_assert(cause); + cause_value = cause->value; + if (cause_value != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { + ogs_error("GTP Failed [CAUSE:%d]", cause_value); + ogs_gtp_send_error_message( + s11_xact, sgwc_ue ? sgwc_ue->mme_s11_teid : 0, + OGS_GTP2_DELETE_SESSION_RESPONSE_TYPE, cause_value); + return; + } + + /******************** + * Check ALL Context + ********************/ + ogs_assert(sess); + ogs_assert(sgwc_ue); + + /* Remove a pgw session */ + ogs_debug(" MME_S11_TEID[%d] SGW_S11_TEID[%d]", + sgwc_ue->mme_s11_teid, sgwc_ue->sgw_s11_teid); + ogs_debug(" SGW_S5C_TEID[0x%x] PGW_S5C_TEID[0x%x]", + sess->sgw_s5c_teid, sess->pgw_s5c_teid); + + /* + * 1. MME sends Delete Session Request to SGW/SMF. + * 2. SMF sends Delete Session Response to SGW/MME. + */ + ogs_assert(OGS_OK == + sgwc_pfcp_send_session_deletion_request(sess, s11_xact, gtpbuf)); +} + void sgwc_s5c_handle_modify_bearer_response( sgwc_sess_t *sess, ogs_gtp_xact_t *s5c_xact, ogs_pkbuf_t *gtpbuf, ogs_gtp2_message_t *message) @@ -280,9 +399,6 @@ void sgwc_s5c_handle_modify_bearer_response( ogs_gtp_xact_t *s11_xact = NULL; ogs_gtp2_modify_bearer_response_t *rsp = NULL; - ogs_assert(sess); - sgwc_ue = sess->sgwc_ue; - ogs_assert(sgwc_ue); ogs_assert(message); rsp = &message->modify_bearer_response; ogs_assert(rsp); @@ -300,10 +416,35 @@ void sgwc_s5c_handle_modify_bearer_response( rv = ogs_gtp_xact_commit(s5c_xact); ogs_expect(rv == OGS_OK); + /************************ + * Check Session Context + ************************/ + cause_value = OGS_GTP2_CAUSE_REQUEST_ACCEPTED; + + if (!sess) { + ogs_error("No Context in TEID"); + cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; + } else { + sgwc_ue = sess->sgwc_ue; + ogs_assert(sgwc_ue); + } + + if (cause_value != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { + if (modify_action == OGS_GTP_MODIFY_IN_PATH_SWITCH_REQUEST) + ogs_gtp_send_error_message( + s11_xact, sgwc_ue ? sgwc_ue->mme_s11_teid : 0, + OGS_GTP2_CREATE_SESSION_RESPONSE_TYPE, cause_value); + else + ogs_gtp_send_error_message( + s11_xact, sgwc_ue ? sgwc_ue->mme_s11_teid : 0, + OGS_GTP2_MODIFY_BEARER_RESPONSE_TYPE, cause_value); + return; + } + /***************************************** * Check Mandatory/Conditional IE Missing *****************************************/ - cause_value = OGS_GTP2_CAUSE_REQUEST_ACCEPTED; + ogs_assert(cause_value == OGS_GTP2_CAUSE_REQUEST_ACCEPTED); if (rsp->cause.presence == 0) { ogs_error("No Cause"); @@ -372,91 +513,6 @@ void sgwc_s5c_handle_modify_bearer_response( } } -void sgwc_s5c_handle_delete_session_response( - sgwc_sess_t *sess, ogs_gtp_xact_t *s5c_xact, - ogs_pkbuf_t *gtpbuf, ogs_gtp2_message_t *message) -{ - int rv; - ogs_gtp2_cause_t *cause = NULL; - uint8_t cause_value; - - sgwc_ue_t *sgwc_ue = NULL; - - ogs_gtp_xact_t *s11_xact = NULL; - ogs_gtp2_delete_session_response_t *rsp = NULL; - - ogs_assert(sess); - sgwc_ue = sess->sgwc_ue; - ogs_assert(sgwc_ue); - ogs_assert(message); - rsp = &message->delete_session_response; - ogs_assert(rsp); - - ogs_debug("Delete Session Response"); - - /******************** - * Check Transaction - ********************/ - ogs_assert(s5c_xact); - s11_xact = s5c_xact->assoc_xact; - ogs_assert(s11_xact); - - rv = ogs_gtp_xact_commit(s5c_xact); - ogs_expect(rv == OGS_OK); - - /***************************************** - * Check Mandatory/Conditional IE Missing - *****************************************/ - cause_value = OGS_GTP2_CAUSE_REQUEST_ACCEPTED; - - if (rsp->cause.presence == 0) { - ogs_error("No Cause"); - cause_value = OGS_GTP2_CAUSE_MANDATORY_IE_MISSING; - } - - if (cause_value != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { - ogs_gtp_send_error_message( - s11_xact, sgwc_ue ? sgwc_ue->mme_s11_teid : 0, - OGS_GTP2_DELETE_SESSION_RESPONSE_TYPE, cause_value); - return; - } - - /******************** - * Check Cause Value - ********************/ - ogs_assert(cause_value == OGS_GTP2_CAUSE_REQUEST_ACCEPTED); - - cause = rsp->cause.data; - ogs_assert(cause); - cause_value = cause->value; - if (cause_value != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { - ogs_error("GTP Failed [CAUSE:%d]", cause_value); - ogs_gtp_send_error_message( - s11_xact, sgwc_ue ? sgwc_ue->mme_s11_teid : 0, - OGS_GTP2_DELETE_SESSION_RESPONSE_TYPE, cause_value); - return; - } - - /******************** - * Check ALL Context - ********************/ - ogs_assert(sess); - ogs_assert(sgwc_ue); - - /* Remove a pgw session */ - ogs_debug(" MME_S11_TEID[%d] SGW_S11_TEID[%d]", - sgwc_ue->mme_s11_teid, sgwc_ue->sgw_s11_teid); - ogs_debug(" SGW_S5C_TEID[0x%x] PGW_S5C_TEID[0x%x]", - sess->sgw_s5c_teid, sess->pgw_s5c_teid); - - /* - * 1. MME sends Delete Session Request to SGW/SMF. - * 2. SMF sends Delete Session Response to SGW/MME. - */ - ogs_assert(OGS_OK == - sgwc_pfcp_send_session_deletion_request(sess, s11_xact, gtpbuf)); -} - void sgwc_s5c_handle_create_bearer_request( sgwc_sess_t *sess, ogs_gtp_xact_t *s5c_xact, ogs_pkbuf_t *gtpbuf, ogs_gtp2_message_t *message) @@ -669,7 +725,6 @@ void sgwc_s5c_handle_update_bearer_request( rv = ogs_gtp_xact_update_tx(s11_xact, &message->h, pkbuf); ogs_expect_or_return(rv == OGS_OK); } - s11_xact->local_teid = sgwc_ue->sgw_s11_teid; rv = ogs_gtp_xact_commit(s11_xact); ogs_expect(rv == OGS_OK); @@ -819,7 +874,6 @@ void sgwc_s5c_handle_delete_bearer_request( rv = ogs_gtp_xact_update_tx(s11_xact, &message->h, pkbuf); ogs_expect_or_return(rv == OGS_OK); } - s11_xact->local_teid = sgwc_ue->sgw_s11_teid; rv = ogs_gtp_xact_commit(s11_xact); ogs_expect(rv == OGS_OK); @@ -835,9 +889,6 @@ void sgwc_s5c_handle_bearer_resource_failure_indication( sgwc_ue_t *sgwc_ue = NULL; - ogs_assert(sess); - sgwc_ue = sess->sgwc_ue; - ogs_assert(sgwc_ue); ogs_assert(message); ind = &message->bearer_resource_failure_indication; ogs_assert(ind); @@ -851,6 +902,17 @@ void sgwc_s5c_handle_bearer_resource_failure_indication( s11_xact = s5c_xact->assoc_xact; ogs_assert(s11_xact); + /************************ + * Check Session Context + ************************/ + if (!sess) { + ogs_error("No Context in TEID"); + cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; + } else { + sgwc_ue = sess->sgwc_ue; + ogs_assert(sgwc_ue); + } + /******************** * Check Cause Value ********************/ diff --git a/src/sgwc/sgwc-sm.c b/src/sgwc/sgwc-sm.c index b6e1d4a63..2dc8ab197 100644 --- a/src/sgwc/sgwc-sm.c +++ b/src/sgwc/sgwc-sm.c @@ -157,13 +157,6 @@ void sgwc_state_operational(ogs_fsm_t *s, sgwc_event_t *e) if (gtp_message.h.teid_presence && gtp_message.h.teid != 0) { /* Cause is not "Context not found" */ sgwc_ue = sgwc_ue_find_by_teid(gtp_message.h.teid); - } else if (gtp_xact->local_teid) { /* rx no TEID or TEID=0 */ - /* 3GPP TS 29.274 5.5.2: we receive TEID=0 under some - * conditions, such as cause "Session context not found". In those - * cases, we still want to identify the local session which - * originated the message, so try harder by using the TEID we - * locally stored in xact when sending the original request: */ - sgwc_ue = sgwc_ue_find_by_teid(gtp_xact->local_teid); } switch(gtp_message.h.type) { @@ -192,17 +185,14 @@ void sgwc_state_operational(ogs_fsm_t *s, sgwc_event_t *e) sgwc_ue, gtp_xact, recvbuf, >p_message); break; case OGS_GTP2_CREATE_BEARER_RESPONSE_TYPE: - if (!gtp_message.h.teid_presence) ogs_error("No TEID"); sgwc_s11_handle_create_bearer_response( sgwc_ue, gtp_xact, recvbuf, >p_message); break; case OGS_GTP2_UPDATE_BEARER_RESPONSE_TYPE: - if (!gtp_message.h.teid_presence) ogs_error("No TEID"); sgwc_s11_handle_update_bearer_response( sgwc_ue, gtp_xact, recvbuf, >p_message); break; case OGS_GTP2_DELETE_BEARER_RESPONSE_TYPE: - if (!gtp_message.h.teid_presence) ogs_error("No TEID"); sgwc_s11_handle_delete_bearer_response( sgwc_ue, gtp_xact, recvbuf, >p_message); break; @@ -255,13 +245,6 @@ void sgwc_state_operational(ogs_fsm_t *s, sgwc_event_t *e) if (gtp_message.h.teid_presence && gtp_message.h.teid != 0) { sess = sgwc_sess_find_by_teid(gtp_message.h.teid); - } else if (gtp_xact->local_teid) { /* rx no TEID or TEID=0 */ - /* 3GPP TS 29.274 5.5.2: we receive TEID=0 under some - * conditions, such as cause "Session context not found". In those - * cases, we still want to identify the local session which - * originated the message, so try harder by using the TEID we - * locally stored in xact when sending the original request: */ - sess = sgwc_sess_find_by_teid(gtp_xact->local_teid); } switch(gtp_message.h.type) { @@ -272,18 +255,15 @@ void sgwc_state_operational(ogs_fsm_t *s, sgwc_event_t *e) sgwc_handle_echo_response(gtp_xact, >p_message.echo_response); break; case OGS_GTP2_CREATE_SESSION_RESPONSE_TYPE: - if (!gtp_message.h.teid_presence) ogs_error("No TEID"); sgwc_s5c_handle_create_session_response( sess, gtp_xact, recvbuf, >p_message); break; - case OGS_GTP2_MODIFY_BEARER_RESPONSE_TYPE: - if (!gtp_message.h.teid_presence) ogs_error("No TEID"); - sgwc_s5c_handle_modify_bearer_response( + case OGS_GTP2_DELETE_SESSION_RESPONSE_TYPE: + sgwc_s5c_handle_delete_session_response( sess, gtp_xact, recvbuf, >p_message); break; - case OGS_GTP2_DELETE_SESSION_RESPONSE_TYPE: - if (!gtp_message.h.teid_presence) ogs_error("No TEID"); - sgwc_s5c_handle_delete_session_response( + case OGS_GTP2_MODIFY_BEARER_RESPONSE_TYPE: + sgwc_s5c_handle_modify_bearer_response( sess, gtp_xact, recvbuf, >p_message); break; case OGS_GTP2_CREATE_BEARER_REQUEST_TYPE: @@ -299,7 +279,6 @@ void sgwc_state_operational(ogs_fsm_t *s, sgwc_event_t *e) sess, gtp_xact, recvbuf, >p_message); break; case OGS_GTP2_BEARER_RESOURCE_FAILURE_INDICATION_TYPE: - if (!gtp_message.h.teid_presence) ogs_error("No TEID"); sgwc_s5c_handle_bearer_resource_failure_indication( sess, gtp_xact, recvbuf, >p_message); break; diff --git a/src/sgwc/sxa-handler.c b/src/sgwc/sxa-handler.c index a4f5ca277..8b3308902 100644 --- a/src/sgwc/sxa-handler.c +++ b/src/sgwc/sxa-handler.c @@ -378,7 +378,6 @@ void sgwc_sxa_handle_session_establishment_response( s5c_xact = ogs_gtp_xact_local_create( sess->gnode, &send_message.h, pkbuf, sess_timeout, sess); ogs_expect_or_return(s5c_xact); - s5c_xact->local_teid = sess->sgw_s5c_teid; s5c_xact->modify_action = OGS_GTP_MODIFY_IN_PATH_SWITCH_REQUEST; @@ -416,7 +415,6 @@ void sgwc_sxa_handle_session_establishment_response( s5c_xact = ogs_gtp_xact_local_create( sess->gnode, &recv_message->h, pkbuf, sess_timeout, sess); ogs_expect_or_return(s5c_xact); - s5c_xact->local_teid = sess->sgw_s5c_teid; } ogs_gtp_xact_associate(s11_xact, s5c_xact); @@ -733,7 +731,6 @@ void sgwc_sxa_handle_session_modification_response( s11_xact = ogs_gtp_xact_local_create(sgwc_ue->gnode, &recv_message->h, pkbuf, bearer_timeout, bearer); ogs_expect_or_return(s11_xact); - s11_xact->local_teid = sgwc_ue->sgw_s11_teid; ogs_gtp_xact_associate(s5c_xact, s11_xact); @@ -1023,7 +1020,6 @@ void sgwc_sxa_handle_session_modification_response( sess->gnode, &recv_message->h, pkbuf, sess_timeout, sess); ogs_expect_or_return(s5c_xact); - s5c_xact->local_teid = sess->sgw_s5c_teid; ogs_gtp_xact_associate(s11_xact, s5c_xact); diff --git a/src/smf/binding.c b/src/smf/binding.c index 9b3260b7d..ef3922b07 100644 --- a/src/smf/binding.c +++ b/src/smf/binding.c @@ -369,7 +369,6 @@ void smf_bearer_binding(smf_sess_t *sess) xact = ogs_gtp_xact_local_create( sess->gnode, &h, pkbuf, gtp_bearer_timeout, bearer); ogs_expect_or_return(xact); - xact->local_teid = sess->smf_n4_teid; if (ogs_list_count(&bearer->pf_to_add_list) > 0) xact->update_flags |= OGS_GTP_MODIFY_TFT_UPDATE; @@ -439,7 +438,6 @@ int smf_gtp2_send_create_bearer_request(smf_bearer_t *bearer) xact = ogs_gtp_xact_local_create( sess->gnode, &h, pkbuf, gtp_bearer_timeout, bearer); ogs_expect_or_return_val(xact, OGS_ERROR); - xact->local_teid = sess->smf_n4_teid; rv = ogs_gtp_xact_commit(xact); ogs_expect(rv == OGS_OK); diff --git a/src/smf/gtp-path.c b/src/smf/gtp-path.c index f5b35d7a7..f4ef18e49 100644 --- a/src/smf/gtp-path.c +++ b/src/smf/gtp-path.c @@ -542,7 +542,6 @@ int smf_gtp2_send_delete_bearer_request( xact = ogs_gtp_xact_local_create( sess->gnode, &h, pkbuf, bearer_timeout, bearer); ogs_expect_or_return_val(xact, OGS_ERROR); - xact->local_teid = sess->smf_n4_teid; rv = ogs_gtp_xact_commit(xact); ogs_expect(rv == OGS_OK); diff --git a/src/smf/pfcp-path.c b/src/smf/pfcp-path.c index 1eb2021af..e2b9e1c0f 100644 --- a/src/smf/pfcp-path.c +++ b/src/smf/pfcp-path.c @@ -402,6 +402,7 @@ int smf_5gc_pfcp_send_all_pdr_modification_request( ogs_expect_or_return_val(xact, OGS_ERROR); xact->assoc_stream = stream; + xact->local_seid = sess->smf_n4_seid; xact->modify_flags = flags | OGS_PFCP_MODIFY_SESSION; ogs_list_init(&sess->pdr_to_modify_list); @@ -428,6 +429,7 @@ int smf_5gc_pfcp_send_qos_flow_list_modification_request( ogs_expect_or_return_val(xact, OGS_ERROR); xact->assoc_stream = stream; + xact->local_seid = sess->smf_n4_seid; xact->modify_flags = flags | OGS_PFCP_MODIFY_SESSION; rv = smf_pfcp_send_modify_list( @@ -519,6 +521,7 @@ int smf_epc_pfcp_send_all_pdr_modification_request( xact->epc = true; /* EPC PFCP transaction */ xact->assoc_xact = gtp_xact; + xact->local_seid = sess->smf_n4_seid; xact->modify_flags = flags | OGS_PFCP_MODIFY_SESSION; xact->gtp_pti = gtp_pti; @@ -557,6 +560,7 @@ int smf_epc_pfcp_send_one_bearer_modification_request( xact->epc = true; /* EPC PFCP transaction */ xact->assoc_xact = gtp_xact; + xact->local_seid = sess->smf_n4_seid; xact->modify_flags = flags; xact->gtp_pti = gtp_pti; diff --git a/src/smf/pfcp-sm.c b/src/smf/pfcp-sm.c index e30f682c1..b2bc35da6 100644 --- a/src/smf/pfcp-sm.c +++ b/src/smf/pfcp-sm.c @@ -192,7 +192,7 @@ void smf_pfcp_state_associated(ogs_fsm_t *s, smf_event_t *e) * conditions, such as cause "Session context not found". In those * cases, we still want to identify the local session which * originated the message, so try harder by using the SEID we - * locally stored in xact when sending the original request: */ + * locacally stored in xact when sending the original request: */ sess = smf_sess_find_by_seid(xact->local_seid); } if (sess) @@ -220,13 +220,15 @@ void smf_pfcp_state_associated(ogs_fsm_t *s, smf_event_t *e) &message->pfcp_association_setup_response); break; case OGS_PFCP_SESSION_ESTABLISHMENT_RESPONSE_TYPE: - if (!message->h.seid_presence) ogs_error("No SEID"); + if (!message->h.seid_presence) + ogs_error("No SEID"); ogs_assert(sess); ogs_fsm_dispatch(&sess->sm, e); break; case OGS_PFCP_SESSION_MODIFICATION_RESPONSE_TYPE: - if (!message->h.seid_presence) ogs_error("No SEID"); + if (!message->h.seid_presence) + ogs_error("No SEID"); if (xact->epc) smf_epc_n4_handle_session_modification_response( sess, xact, e->gtp2_message, @@ -237,13 +239,15 @@ void smf_pfcp_state_associated(ogs_fsm_t *s, smf_event_t *e) break; case OGS_PFCP_SESSION_DELETION_RESPONSE_TYPE: - if (!message->h.seid_presence) ogs_error("No SEID"); + if (!message->h.seid_presence) + ogs_error("No SEID"); ogs_assert(sess); ogs_fsm_dispatch(&sess->sm, e); break; case OGS_PFCP_SESSION_REPORT_REQUEST_TYPE: - if (!message->h.seid_presence) ogs_error("No SEID"); + if (!message->h.seid_presence) + ogs_error("No SEID"); smf_n4_handle_session_report_request( sess, xact, &message->pfcp_session_report_request); break; diff --git a/src/smf/s5c-handler.c b/src/smf/s5c-handler.c index e98130ad7..a7b30c979 100644 --- a/src/smf/s5c-handler.c +++ b/src/smf/s5c-handler.c @@ -595,7 +595,6 @@ void smf_s5c_handle_create_bearer_response( smf_bearer_t *bearer = NULL; ogs_pfcp_far_t *dl_far = NULL; - ogs_assert(sess); ogs_assert(rsp); ogs_debug("Create Bearer Response"); @@ -615,6 +614,11 @@ void smf_s5c_handle_create_bearer_response( ************************/ cause_value = OGS_GTP2_CAUSE_REQUEST_ACCEPTED; + if (!sess) { + ogs_error("No Context in TEID"); + cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; + } + if (cause_value != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { ogs_assert(OGS_OK == smf_epc_pfcp_send_one_bearer_modification_request( @@ -766,7 +770,6 @@ void smf_s5c_handle_update_bearer_response( uint64_t pfcp_flags = 0; smf_bearer_t *bearer = NULL; - ogs_assert(sess); ogs_assert(rsp); ogs_debug("Update Bearer Response"); @@ -783,10 +786,24 @@ void smf_s5c_handle_update_bearer_response( rv = ogs_gtp_xact_commit(xact); ogs_expect(rv == OGS_OK); + /************************ + * Check Session Context + ************************/ + cause_value = OGS_GTP2_CAUSE_REQUEST_ACCEPTED; + + if (!sess) { + ogs_error("No Context in TEID"); + cause_value = OGS_GTP2_CAUSE_CONTEXT_NOT_FOUND; + } + + if (cause_value != OGS_GTP2_CAUSE_REQUEST_ACCEPTED) { + return; + } + /***************************************** * Check Mandatory/Conditional IE Missing *****************************************/ - cause_value = OGS_GTP2_CAUSE_REQUEST_ACCEPTED; + ogs_assert(cause_value == OGS_GTP2_CAUSE_REQUEST_ACCEPTED); if (rsp->bearer_contexts.presence == 0) { ogs_error("No Bearer"); @@ -870,7 +887,6 @@ bool smf_s5c_handle_delete_bearer_response( uint8_t cause_value; smf_bearer_t *bearer = NULL; - ogs_assert(sess); ogs_assert(rsp); ogs_debug("Delete Bearer Response"); @@ -885,10 +901,18 @@ bool smf_s5c_handle_delete_bearer_response( rv = ogs_gtp_xact_commit(xact); ogs_expect(rv == OGS_OK); + /************************ + * Check Session Context + ************************/ + if (!sess) + ogs_error("No Context in TEID"); + /******************** * Check ALL Context ********************/ ogs_assert(bearer); + sess = bearer->sess; + ogs_assert(sess); if (rsp->linked_eps_bearer_id.presence) { /* diff --git a/src/smf/smf-sm.c b/src/smf/smf-sm.c index 19fd8e249..a7d0e5232 100644 --- a/src/smf/smf-sm.c +++ b/src/smf/smf-sm.c @@ -115,15 +115,8 @@ void smf_state_operational(ogs_fsm_t *s, smf_event_t *e) } e->gtp_xact = gtp_xact; - if (gtp2_message.h.teid_presence && gtp2_message.h.teid != 0) { + if (gtp2_message.h.teid != 0) { sess = smf_sess_find_by_teid(gtp2_message.h.teid); - } else if (gtp_xact->local_teid) { /* rx no TEID or TEID=0 */ - /* 3GPP TS 29.274 5.5.2: we receive TEID=0 under some - * conditions, such as cause "Session context not found". In those - * cases, we still want to identify the local session which - * originated the message, so try harder by using the TEID we - * locally stored in xact when sending the original request: */ - sess = smf_sess_find_by_teid(gtp_xact->local_teid); } switch(gtp2_message.h.type) { @@ -168,18 +161,18 @@ void smf_state_operational(ogs_fsm_t *s, smf_event_t *e) sess, gtp_xact, recvbuf, >p2_message.modify_bearer_request); break; case OGS_GTP2_CREATE_BEARER_RESPONSE_TYPE: - if (!gtp2_message.h.teid_presence) ogs_error("No TEID"); smf_s5c_handle_create_bearer_response( sess, gtp_xact, >p2_message.create_bearer_response); break; case OGS_GTP2_UPDATE_BEARER_RESPONSE_TYPE: - if (!gtp2_message.h.teid_presence) ogs_error("No TEID"); smf_s5c_handle_update_bearer_response( sess, gtp_xact, >p2_message.update_bearer_response); break; case OGS_GTP2_DELETE_BEARER_RESPONSE_TYPE: - if (!gtp2_message.h.teid_presence) ogs_error("No TEID"); - ogs_assert(sess); + if (!sess) { + /* TODO: NACK the message */ + break; + } e->sess = sess; ogs_fsm_dispatch(&sess->sm, e); break;