New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[GTP] Avoid abort if ogs_gtp_node_new() returns NULL #1633
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
pespin
changed the title
GTP] Avoid abort if ogs_gtp_node_new() returns NULL
[GTP] Avoid abort if ogs_gtp_node_new() returns NULL
Jun 28, 2022
acetcom
added a commit
that referenced
this pull request
Jun 29, 2022
acetcom
added a commit
that referenced
this pull request
Jul 9, 2022
commit fce0eb4 Author: Sukchan Lee <acetcom@gmail.com> Date: Fri Jul 8 21:36:52 2022 +0900 [SBI] fixed wrong request-nf-type (#1650) commit fe11ee1 Author: Oliver Smith <osmith@sysmocom.de> Date: Mon Jul 4 15:16:54 2022 +0200 d/open5gs-upf.postinst: don't restart service in chroot Don't attempt to restart systemd-networkd if systemd is not running (e.g. installing open5gs inside a chroot). Fix for: System has not been booted with systemd as init system (PID 1). Can't operate. Failed to connect to bus: Host is down dpkg: error processing package open5gs-upf:amd64 (--configure): installed open5gs-upf:amd64 package post-installation script subprocess returned error exit status 1 commit eabe8df Author: Sukchan Lee <acetcom@gmail.com> Date: Mon Jul 4 17:37:00 2022 +0900 [PFCP] Added UE IP address in the EPC (#1642) commit 29525b2 Author: Networkmama <networkmama12@gmail.com> Date: Fri Jul 1 22:44:58 2022 +0530 [SMF] copy UE ip address to uplink PDR rules. This helps UPF to add ACL based on src ip Signed-off-by: Networkmama <networkmama12@gmail.com> commit af4021b Author: Sukchan Lee <acetcom@gmail.com> Date: Mon Jul 4 17:30:19 2022 +0900 [PFCP] Fixed a endianness Apply Action (#1640) commit 318fc25 Author: Sukchan Lee <acetcom@gmail.com> Date: Fri Jul 1 21:49:31 2022 +0900 [CORE] Added memory check (#1638) commit 6adf541 Author: Bostjan Meglic <b.meglic@iskratel.si> Date: Wed Jun 29 12:58:05 2022 +0000 [CORE] Fix detection of a failed memory allocation commit ab11220 Author: Bostjan Meglic <b.meglic@iskratel.si> Date: Wed Jun 29 12:15:51 2022 +0000 [ALL] Fix differences in function parameter names between definition and declaration commit 114f783 Author: Bostjan Meglic <b.meglic@iskratel.si> Date: Thu Jun 30 05:55:19 2022 +0000 [MISC] Add support for static code analysis Static code analysis can be executed with following commands: meson build ninja -C build analyze-cppcheck ninja -C build analyze-clang-tidy These commands are available only if additional tools are installed: - cppcheck - clang-tidy - clang-tools is optional if you want to paralelize the clang-tidy In case of cppcheck analysis, a file called build/cppchecklog.log is created with the analysis results. In case of clang-tidy analysis, some checks are disabled. See file .clang-tidy, and reenable them if you see fit. Also it does not scan all the files in the project, since some of them are imported from other sources. It does not scan any sources under: - subprojects/ - lib/asn1c/ - lib/ipfw/ commit 50be661 Author: Sukchan Lee <acetcom@gmail.com> Date: Thu Jun 30 13:33:16 2022 +0900 Fixed a crash when slice/session overflow (#1637) commit ad159d1 Author: Sukchan Lee <acetcom@gmail.com> Date: Thu Jun 30 10:53:19 2022 +0900 [GTP] Refine error code path without assertion Refer to #1635, #1620, #1606, #1594 commit b1d982a Author: Sukchan Lee <acetcom@gmail.com> Date: Thu Jun 30 10:35:03 2022 +0900 [PFCP] Refine error code path without assertion Refer to #1635, #1620 commit 0be5e76 Author: Sukchan Lee <acetcom@gmail.com> Date: Thu Jun 30 09:11:38 2022 +0900 Revert "[SGWC] pfcp: Retrieve sess when SEID=0 (#1620)" This reverts commit 9700563. commit 6332f10 Author: Sukchan Lee <acetcom@gmail.com> Date: Thu Jun 30 09:11:31 2022 +0900 Revert "[GTP] context when TEID=0 (#1620, #1606, #1594)" This reverts commit 0d61f7a. commit 051c19b Author: Sukchan Lee <acetcom@gmail.com> Date: Wed Jun 29 14:35:01 2022 +0900 Changes MAX TLV MORE to 16 OGS_MAX_NUM_OF_PDR is 16, but OGS_TLV_MAX_MORE is 8. To match the size of two macros, increased OGS_TLV_MAX_MORE to 16. commit b5956e5 Author: Pau Espin Pedrol <pespin@sysmocom.de> Date: Wed Jun 29 04:10:43 2022 +0200 [UPF] N4: Remove unnecessary assert (#1634) commit 52d5c61 Author: Sukchan Lee <acetcom@gmail.com> Date: Wed Jun 29 11:07:44 2022 +0900 [GTP] avoid abort for ogs_gtp_node_new() (#1633) commit c5a5450 Author: Pau Espin Pedrol <pespin@sysmocom.de> Date: Wed Jun 29 03:28:18 2022 +0200 [GTP] Avoid abort if ogs_gtp_node_new() returns NULL (#1633) * [GTP] Avoid abort if ogs_gtp_node_new() returns NULL * [SGWC] Avoid abort if ogs_gtp_node_add_by_addr() returns NULL commit 2dd577f Author: Sukchan Lee <acetcom@gmail.com> Date: Tue Jun 28 16:58:15 2022 +0900 [SCTP] Add protection code jumbo frame (#1632) commit 0d61f7a Author: Sukchan Lee <acetcom@gmail.com> Date: Tue Jun 28 15:32:14 2022 +0900 [GTP] context when TEID=0 (#1620, #1606, #1594) commit 9700563 Author: Sukchan Lee <acetcom@gmail.com> Date: Tue Jun 28 13:20:46 2022 +0900 [SGWC] pfcp: Retrieve sess when SEID=0 (#1620) commit 5eaf662 Author: Pau Espin Pedrol <pespin@sysmocom.de> Date: Tue Jun 28 04:19:57 2022 +0200 [SMF] pfcp: Retrieve sess when response with SEID=0 is received (#1620) 3GPP TS 29.244 7.2.2.4.2 documents that the peer will set SEID=0 in the response when we request something for a session not existing at the peer. If that's the case, we still want to locate the local session which originated the request, so let's store the local SEID in the xact when submitting the message, so that we can retrieve the related SEID and find the session if we receive SEID=0. commit a3593c6 Author: Pau Espin Pedrol <pespin@sysmocom.de> Date: Mon Jun 27 14:51:14 2022 +0200 [SMF] Gn: QoS Profile and PCO IE improvements (#1631)
acetcom
added a commit
that referenced
this pull request
Jul 12, 2022
commit aa3cded Author: Bostjan Meglic <b.meglic@iskratel.si> Date: Tue Jun 21 11:55:37 2022 +0000 [AMF] Handle namf-callback DeregNotify message from UDM UDM may send a Deregistration Notification to AMF, to deregister specific UE from the network - Network-Initiated Deregistration. Deregistration procedure includes sending Deregistration Request to UE, starting a timer T3522, releasing PDU sessions from SMF, releasing PCF policies from PCF, and waiting for Deregistration Accept from UE. Not yet implemented is: - to prevent deregistration of UE in case it has any emergency sessions, - page UE when UE is in IDLE mode. commit 0633774 Author: Bostjan Meglic <b.meglic@iskratel.si> Date: Tue Jun 21 11:55:03 2022 +0000 [SBI] Add support for DeregistrationData in SBI messages commit d1a2971 Author: Bostjan Meglic <b.meglic@iskratel.si> Date: Tue Jun 21 11:39:55 2022 +0000 [NAS] modify library to include both directions of deregistration requests Definitions in NAS library now include both directions of deregistration requests/accepts - from UE and from network. commit babc309 Author: Bostjan Meglic <b.meglic@iskratel.si> Date: Thu Jun 23 08:46:10 2022 +0000 [AMF] Do not send Deregistration Event to UDM when UE deregisters According to TS 23.502, 4.2.2.2.2, AMF sends Registration event to UDM in the following cases: - If the AMF has changed since the last Registration procedure, or - if the UE provides a SUPI which doesn't refer to a valid context in the AMF, - or if the UE registers to the same AMF it has already registered to a non- 3GPP access (i.e. the UE is registered over a non-3GPP access and initiates this Registration procedure to add a 3GPP access). In case that UE re-registers to the network with a GUTI, it bypasses authentication check to the AUSF. In this case, AMF does not send Registration event to UDM. Consequently, when UE deregisters again, AMF would send a Deregistration Event to a UDM, which does not have a context for it. 3GPP standard does not say when AMF sends Deregistration Event to UDM, only that it is optional. These (De-)Registration events are for (de-)registering AMF to the UDM for serving the UE. And not for (de-)registering UE itself for purpose of tracking when UE is registered on the network. This partially reverts commit 7be7029 commit fce0eb4 Author: Sukchan Lee <acetcom@gmail.com> Date: Fri Jul 8 21:36:52 2022 +0900 [SBI] fixed wrong request-nf-type (#1650) commit fe11ee1 Author: Oliver Smith <osmith@sysmocom.de> Date: Mon Jul 4 15:16:54 2022 +0200 d/open5gs-upf.postinst: don't restart service in chroot Don't attempt to restart systemd-networkd if systemd is not running (e.g. installing open5gs inside a chroot). Fix for: System has not been booted with systemd as init system (PID 1). Can't operate. Failed to connect to bus: Host is down dpkg: error processing package open5gs-upf:amd64 (--configure): installed open5gs-upf:amd64 package post-installation script subprocess returned error exit status 1 commit eabe8df Author: Sukchan Lee <acetcom@gmail.com> Date: Mon Jul 4 17:37:00 2022 +0900 [PFCP] Added UE IP address in the EPC (#1642) commit 29525b2 Author: Networkmama <networkmama12@gmail.com> Date: Fri Jul 1 22:44:58 2022 +0530 [SMF] copy UE ip address to uplink PDR rules. This helps UPF to add ACL based on src ip Signed-off-by: Networkmama <networkmama12@gmail.com> commit af4021b Author: Sukchan Lee <acetcom@gmail.com> Date: Mon Jul 4 17:30:19 2022 +0900 [PFCP] Fixed a endianness Apply Action (#1640) commit 318fc25 Author: Sukchan Lee <acetcom@gmail.com> Date: Fri Jul 1 21:49:31 2022 +0900 [CORE] Added memory check (#1638) commit 6adf541 Author: Bostjan Meglic <b.meglic@iskratel.si> Date: Wed Jun 29 12:58:05 2022 +0000 [CORE] Fix detection of a failed memory allocation commit ab11220 Author: Bostjan Meglic <b.meglic@iskratel.si> Date: Wed Jun 29 12:15:51 2022 +0000 [ALL] Fix differences in function parameter names between definition and declaration commit 114f783 Author: Bostjan Meglic <b.meglic@iskratel.si> Date: Thu Jun 30 05:55:19 2022 +0000 [MISC] Add support for static code analysis Static code analysis can be executed with following commands: meson build ninja -C build analyze-cppcheck ninja -C build analyze-clang-tidy These commands are available only if additional tools are installed: - cppcheck - clang-tidy - clang-tools is optional if you want to paralelize the clang-tidy In case of cppcheck analysis, a file called build/cppchecklog.log is created with the analysis results. In case of clang-tidy analysis, some checks are disabled. See file .clang-tidy, and reenable them if you see fit. Also it does not scan all the files in the project, since some of them are imported from other sources. It does not scan any sources under: - subprojects/ - lib/asn1c/ - lib/ipfw/ commit 50be661 Author: Sukchan Lee <acetcom@gmail.com> Date: Thu Jun 30 13:33:16 2022 +0900 Fixed a crash when slice/session overflow (#1637) commit ad159d1 Author: Sukchan Lee <acetcom@gmail.com> Date: Thu Jun 30 10:53:19 2022 +0900 [GTP] Refine error code path without assertion Refer to #1635, #1620, #1606, #1594 commit b1d982a Author: Sukchan Lee <acetcom@gmail.com> Date: Thu Jun 30 10:35:03 2022 +0900 [PFCP] Refine error code path without assertion Refer to #1635, #1620 commit 0be5e76 Author: Sukchan Lee <acetcom@gmail.com> Date: Thu Jun 30 09:11:38 2022 +0900 Revert "[SGWC] pfcp: Retrieve sess when SEID=0 (#1620)" This reverts commit 9700563. commit 6332f10 Author: Sukchan Lee <acetcom@gmail.com> Date: Thu Jun 30 09:11:31 2022 +0900 Revert "[GTP] context when TEID=0 (#1620, #1606, #1594)" This reverts commit 0d61f7a. commit 051c19b Author: Sukchan Lee <acetcom@gmail.com> Date: Wed Jun 29 14:35:01 2022 +0900 Changes MAX TLV MORE to 16 OGS_MAX_NUM_OF_PDR is 16, but OGS_TLV_MAX_MORE is 8. To match the size of two macros, increased OGS_TLV_MAX_MORE to 16. commit b5956e5 Author: Pau Espin Pedrol <pespin@sysmocom.de> Date: Wed Jun 29 04:10:43 2022 +0200 [UPF] N4: Remove unnecessary assert (#1634) commit 52d5c61 Author: Sukchan Lee <acetcom@gmail.com> Date: Wed Jun 29 11:07:44 2022 +0900 [GTP] avoid abort for ogs_gtp_node_new() (#1633) commit c5a5450 Author: Pau Espin Pedrol <pespin@sysmocom.de> Date: Wed Jun 29 03:28:18 2022 +0200 [GTP] Avoid abort if ogs_gtp_node_new() returns NULL (#1633) * [GTP] Avoid abort if ogs_gtp_node_new() returns NULL * [SGWC] Avoid abort if ogs_gtp_node_add_by_addr() returns NULL commit 2dd577f Author: Sukchan Lee <acetcom@gmail.com> Date: Tue Jun 28 16:58:15 2022 +0900 [SCTP] Add protection code jumbo frame (#1632) commit 0d61f7a Author: Sukchan Lee <acetcom@gmail.com> Date: Tue Jun 28 15:32:14 2022 +0900 [GTP] context when TEID=0 (#1620, #1606, #1594) commit 9700563 Author: Sukchan Lee <acetcom@gmail.com> Date: Tue Jun 28 13:20:46 2022 +0900 [SGWC] pfcp: Retrieve sess when SEID=0 (#1620) commit 5eaf662 Author: Pau Espin Pedrol <pespin@sysmocom.de> Date: Tue Jun 28 04:19:57 2022 +0200 [SMF] pfcp: Retrieve sess when response with SEID=0 is received (#1620) 3GPP TS 29.244 7.2.2.4.2 documents that the peer will set SEID=0 in the response when we request something for a session not existing at the peer. If that's the case, we still want to locate the local session which originated the request, so let's store the local SEID in the xact when submitting the message, so that we can retrieve the related SEID and find the session if we receive SEID=0. commit a3593c6 Author: Pau Espin Pedrol <pespin@sysmocom.de> Date: Mon Jun 27 14:51:14 2022 +0200 [SMF] Gn: QoS Profile and PCO IE improvements (#1631)
NLag
added a commit
to securitylab-repository/open5gs_ciot
that referenced
this pull request
Oct 19, 2022
* Initialize pgw_s5u_teid (open5gs#1559) * [SMF] Gy: Send Multiple-Services-Indicator AVP only during Initial CCR (open5gs#1616) Gy (3GPP TS 32.299 ) refers to AVP in DCCA (RFC4006). RFC4006 5.1.2: "[...] by including the Multiple-Services-Indicator AVP in the first interrogation." Nokia's infocenter documentation also states it's sent during Initial CCR only: "(CCR-I only)". * [SBI] Fix memory leak for nghttp2 session (open5gs#1618) Delete nghttp2 session to prevent memory leaks. The issue was detected using valgrind. * [CORE] fsm: Add asserts to validate ogs_fsm_t is not null (open5gs#1619) * Change Default MCC/MNC 901/70 -> 999/70 (open5gs#1331) * [SMF] track and fix scenario where gtp node mempool becomes full (open5gs#1622) * [SMF] Avoid abort() if gtp_node mempool becomes full Related: open5gs#1621 * [SMF] metrics: Add new ctr tracking gtp_node allocation failures This metrics is useful to track whether at some point the mempool went full, so that config needs to be updated to increase the mempool size. * [SGWC,SMF] Add specific config opt max.gtp_peer to set gtp_node mempool size (open5gs#1623) This is needed specially for SMFs handling a pool of SGWs. * [UPF] Avoid crash if no default subnet configured (open5gs#1624) In that case, ogs_pfcp_ue_ip_alloc() will fail with the error message "CHECK CONFIGURATION: Cannot find subnet [...]" and the assert will make upf crash. That's not desirable, let's keep it running and simply reject the request. The error log is big enoguh to find out. * [SMF] pfcp-sm: Fix ogs_fsm_dispatch() on NULL sess (open5gs#1628) It was spotted that if DeleteSessionReq sent by SMF is answered by UPF with cause="Session context not found", then it contains SEID=0 (this is correct as per specs). Hence, since SEID=0 session is not looked up, so sess=NULL. A follow up commit improves the situation by looking up the SEID in the originating request message in that case. * [SMF] Set v4/6 flag in F-TEID IE request type (open5gs#1625) Signed-off-by: Networkmama <networkmama12@gmail.com> * Set v4/v6 flags in local F-TEID (open5gs#1625) * [PFCP] Added DNN/APN in FAR (open5gs#1629, open5gs#1630) * [PFCP] Added Network Instance to CP-UP FAR (open5gs#1630) * [SMF] Gn: QoS Profile and PCO IE improvements (open5gs#1631) * [SMF] pfcp: Retrieve sess when response with SEID=0 is received (open5gs#1620) 3GPP TS 29.244 7.2.2.4.2 documents that the peer will set SEID=0 in the response when we request something for a session not existing at the peer. If that's the case, we still want to locate the local session which originated the request, so let's store the local SEID in the xact when submitting the message, so that we can retrieve the related SEID and find the session if we receive SEID=0. * [SGWC] pfcp: Retrieve sess when SEID=0 (open5gs#1620) * [GTP] context when TEID=0 (open5gs#1620, open5gs#1606, open5gs#1594) * [SCTP] Add protection code jumbo frame (open5gs#1632) * [GTP] Avoid abort if ogs_gtp_node_new() returns NULL (open5gs#1633) * [GTP] Avoid abort if ogs_gtp_node_new() returns NULL * [SGWC] Avoid abort if ogs_gtp_node_add_by_addr() returns NULL * [GTP] avoid abort for ogs_gtp_node_new() (open5gs#1633) * [UPF] N4: Remove unnecessary assert (open5gs#1634) * Changes MAX TLV MORE to 16 OGS_MAX_NUM_OF_PDR is 16, but OGS_TLV_MAX_MORE is 8. To match the size of two macros, increased OGS_TLV_MAX_MORE to 16. * Revert "[GTP] context when TEID=0 (open5gs#1620, open5gs#1606, open5gs#1594)" This reverts commit 0d61f7a. * Revert "[SGWC] pfcp: Retrieve sess when SEID=0 (open5gs#1620)" This reverts commit 9700563. * [PFCP] Refine error code path without assertion Refer to open5gs#1635, open5gs#1620 * [GTP] Refine error code path without assertion Refer to open5gs#1635, open5gs#1620, open5gs#1606, open5gs#1594 * Fixed a crash when slice/session overflow (open5gs#1637) * [MISC] Add support for static code analysis Static code analysis can be executed with following commands: meson build ninja -C build analyze-cppcheck ninja -C build analyze-clang-tidy These commands are available only if additional tools are installed: - cppcheck - clang-tidy - clang-tools is optional if you want to paralelize the clang-tidy In case of cppcheck analysis, a file called build/cppchecklog.log is created with the analysis results. In case of clang-tidy analysis, some checks are disabled. See file .clang-tidy, and reenable them if you see fit. Also it does not scan all the files in the project, since some of them are imported from other sources. It does not scan any sources under: - subprojects/ - lib/asn1c/ - lib/ipfw/ * [ALL] Fix differences in function parameter names between definition and declaration * [CORE] Fix detection of a failed memory allocation * [CORE] Added memory check (open5gs#1638) * [PFCP] Fixed a endianness Apply Action (open5gs#1640) * [SMF] copy UE ip address to uplink PDR rules. This helps UPF to add ACL based on src ip Signed-off-by: Networkmama <networkmama12@gmail.com> * [PFCP] Added UE IP address in the EPC (open5gs#1642) * d/open5gs-upf.postinst: don't restart service in chroot Don't attempt to restart systemd-networkd if systemd is not running (e.g. installing open5gs inside a chroot). Fix for: System has not been booted with systemd as init system (PID 1). Can't operate. Failed to connect to bus: Host is down dpkg: error processing package open5gs-upf:amd64 (--configure): installed open5gs-upf:amd64 package post-installation script subprocess returned error exit status 1 * [SBI] fixed wrong request-nf-type (open5gs#1650) * [AMF] Do not send Deregistration Event to UDM when UE deregisters According to TS 23.502, 4.2.2.2.2, AMF sends Registration event to UDM in the following cases: - If the AMF has changed since the last Registration procedure, or - if the UE provides a SUPI which doesn't refer to a valid context in the AMF, - or if the UE registers to the same AMF it has already registered to a non- 3GPP access (i.e. the UE is registered over a non-3GPP access and initiates this Registration procedure to add a 3GPP access). In case that UE re-registers to the network with a GUTI, it bypasses authentication check to the AUSF. In this case, AMF does not send Registration event to UDM. Consequently, when UE deregisters again, AMF would send a Deregistration Event to a UDM, which does not have a context for it. 3GPP standard does not say when AMF sends Deregistration Event to UDM, only that it is optional. These (De-)Registration events are for (de-)registering AMF to the UDM for serving the UE. And not for (de-)registering UE itself for purpose of tracking when UE is registered on the network. This partially reverts commit 7be7029 * [NAS] modify library to include both directions of deregistration requests Definitions in NAS library now include both directions of deregistration requests/accepts - from UE and from network. * [SBI] Add support for DeregistrationData in SBI messages * [AMF] Handle namf-callback DeregNotify message from UDM UDM may send a Deregistration Notification to AMF, to deregister specific UE from the network - Network-Initiated Deregistration. Deregistration procedure includes sending Deregistration Request to UE, starting a timer T3522, releasing PDU sessions from SMF, releasing PCF policies from PCF, and waiting for Deregistration Accept from UE. Not yet implemented is: - to prevent deregistration of UE in case it has any emergency sessions, - page UE when UE is in IDLE mode. * [SBI] incrased session pool of server (open5gs#1652) * [CORE] Increased memory pool for poll (open5gs#1652) * [SCP] Support of Indirect Communication * [asn1c] rework aper from mouse07410/asn1c#94 Merge @pespin the following work - mouse07410/asn1c#93 - mouse07410/asn1c#100 * [AMF] Fixed 5GMM cause in Reject message (open5gs#1660) When a UE that requests slices tries to connect and there are no slices configured, the reject message is: 5GMM cause = 0x7 (5GS Services not allowed) however it should be: 5GMM cause = 0x3e (No network slices available) All 5GMM cause value in reject message is reviewed in this commit * Fixed ASSERT when context has already been removed * fixed the memory leak in test program * Fixed the crash in UERANSIM 500 test (open5gs#1652) * Oops! Redundant code is removed (open5gs#1652) * Add missing pkbuf_free() (open5gs#1652) * Refactor for the UERANSIM 500 test (open5gs#1652) * Add more protection code for (open5gs#1652) * [tests] Fix running unit tests inside docker environment The issue was introduced with the commit, which builds Open5GS from local sources instead of downloading them each time from Github. Fixes: d2cbcf7 ("[build] Use local sources to build applications (open5gs#1583)") * [SBI] Add function to request NF Instance from NRF by providing it's Instance Id * [SMF] Send PDU Session Establish Accept to serving AMF In case there are multiple AMF registered to NRF, SMF would pick only the first AMF from the list. In the case of sending PDU Session Establishment Accept from SMF to AMF, this would mean a high chance of failure since the AMF might be different than the original requester, and would not know about a particular UE. Modify SMF to use ServingNfId field from original request SmContextCreateData from AMF to determine to which AMF should it send PDU Session Establishment Accept message. * Set default Network-Access-Mode to 0 For HSS's which do not include the NAM, the MME should not treat this as a fatal error. MME should just assume PACKET_AND_CIRCUIT (0), as was decided in a previous PR. * [MME] Handle Charging Characteristics Found no support for HSS provided charging characteristics. Following TS32.251 A.4: - Use PDN level CC, if one wasn't provided then use subscription level CC - Don't send CC in S11 if it wasn't included * Moving handling of assigning sub level cc into the pdn to s11. * Support Discovery Optional Parameter (open5gs#1671) To support target-nf-instance-id in the discovery, Discovery optional parameter is implemeted * Oops! Warning removed! * Refine code of discovery option param (open5gs#1671) * Release v2.4.9 * [MME] Introduce support for S6a Cancel Location Request - Added diameter dictionary definitions for Cancel Location - Cancel Location will completely remove UE from MME, allow for a fresh IMSI attach to occur on next attempt. - T3422 is used for detach request. - Added new handling for s6a events in mme-sm, as not all s6a messages are at attach now. Maybe there's something in a state machine I should've been using here instead of a new flag? - Testing was completed with UE in idle and connected. With CLR flags indicating re-attach required and without. Also sending CLR after UE detach. And then sending again when mme_ue is empty. * Refact paging module (open5gs#1676) * [MME] Changed S1AP_Cause in S1AP Release (open5gs#1676) S1AP_CauseNas_detach -> S1AP_CauseNas_normal_release * [SBI] Fixed nf_instance memory leak - Rollback commit ed3444e - Do not modify reference count when REGISTER/DEREGISTER notified from NRF * [PFCP] Revert Changes 5e18b2b * [MME+HSS] AVP Occurring Too Many Times Do not Set Origin-Hosts with fd_msg_rescode_set before potential use of ogs_diam_message_experimental_rescode_set. This results in multiple Origin-Host/Realm AVPs. * [Diameter] Fixed Coding convention (open5gs#1680) * [NRF] Fixed the nfInstanceUri (open5gs#1683) * [PFCP] Revert Changes 5e18b2b and d21e9aa To protect malicious or buggy, we need to check that session context is NULL. * Changed configuration name from gnb to peer And restored gtp_peer configuration * [GTP] gtp_peer override the pool size of GTP node * [MME] Changed CauseNas_detach in DETACH (open5gs#1676) * [SBI] Increased the max stream number * [SBI] CLIENT max concurrent streams to 16384 * Move src/../nf-sm.[ch] to lib/sbi/nf-sm.[ch] * [PFCP] Fixed security protection Check the length to prevent buffer overflow attacks. * Lower Linux version cannot change HTTP2 max stream CURLMOPT_MAX_CONCURRENT_STREAMS can be supported as of curl 7.67.0 * [SMF]: Update stored PCO IE requested in GTPv2 over S5c in SMF context As per 3GPP TS 29.274 version 10.5.0, section 7.2.9 and 7.2.10, Only if PCO IE is included in Delete Session Request then it must be present in Delete Session Response. In order to reflect on whether the request contained PCO IE or not the SMF context containing the GTP request needs to be updated i.e. update if present else clear the contents * [SMF]: Update stored PCO IE requested over Gn in SMF context As per 3GPP TS 29.060 version 15.3.0, section 7.3.3, 7.3.4, 7.3.5 and 7.3.6 Only if PCO IE is included in Update/Delete PDP Context Request then it must be present in Update/Delete PDP Context Response. In order to reflect on whether the request contained PCO IE or not the SMF context containing the GTP request needs to be updated i.e. update if present else clear the contents * Update docs @nickvsnetworking and @@s5uishida * Update docs @s5uishida * Removed duplicated document link * Fixed Defects reported by Coverity Scan * [DOCS] Updated if subscribers changed [open5gs#1694] * [PFCP] security vulnerability continued in d99491a * [MME] Cancel Location Handling (open5gs#1698) * CLR while idle is broken after open5gs@7031856 Cancel Location Request arriving while UE is idle will not proceed to paging due to this check for S1 connection. Using new flag "isAnswer" to bypass this check to allow paging to occur when we are not doing a AIA/ULA related procedure. * No Context Setup is required when sending the detach request. If the paging was due to wanting to send a Detach Request to the UE, then we fast track to sending the detach request. * emm-sm.c: In the case of MME initiated detach while UE is idle, there is no initial conext setup. We go right from the service request after paging into sending the detach request. TS23.401 mme-path.c: Using nas_eps.type in the case of MME Initiated Detach while UE is idle does not work. nas_eps.type would represent the service request. mme-s11-handler.c: After S11 action, no action should be taken. We want to wait for the detach accept from the UE before proceeding with the S1 release (detach). * InitialContextSetup should occur for detach. * [MME] Follow-up Cancel Location Handling (open5gs#1698) * [MME] Fixed GTP transaction crash (open5gs#1696) * [SGsAP] Changed message if Paging failed (open5gs#1701) The problem occurred in the following scenario: 1. VLR sent PAGING-REQUEST to the MME 2. MME sent S1-Paging to the UE 3. Paging failed 4. MME responded SERVICE-REQUEST to the VLR 5. VLR sent DOWNLINK-UNITDATA to the MME 6. Even though there is no S1 Context, MME try to sent DownlinkNASTransport message to the UE. 7. So, the problem occurred. I've changed the number 4 PAGING-REJECT instead of SERVICE-REQUEST. * [MME] Detach removed MME-UE context (open5gs#1698) * [MME] UE-initiated detach removes S1 only (open5gs#1698) * [SMF] Fix abort on app exit when no Diameter configuration In case that SMF was configured to run without Diameter, it would crash on application exit due to uninitialized variables/pointers. ERROR pid:unnamed in fd_sess_handler_destroy@sessions.c:324: ERROR: Invalid parameter '(handler && ( ((*handler) != ((void *)0)) && ( ((struct session_handler *)(*handler))->eyec == 0x53554AD1) ))', 22 [smf] FATAL: smf_gx_final: Assertion `ret == 0' failed. (../src/smf/gx-path.c:1353) * [MME] Dictionary Updates and IDR Support (open5gs#1714) * Add Diameter Dictionary Elements * Initial IDR Framework * Resolve Compile Issues * Moving Closer * Compile error * Somewhat Working stuffing Code * Add Timestamp Changes * Cleanup some of this code. mme_s6a_handle_idr in s6a-handler.c removed for now, since it will only come in handy when IDR flag is set to request current location, which would involve breaking out into paging. I think there's a few other things we can do just within fd-path first. * further removal of mme_s6a_handle_idr * Follow up on open5gs#1714 * Changed sprintf to ogs_snprintf * Limited to 80 column * [NRF] Fixed library load error * [metrics] Fix double-free on application exit (open5gs#1717) * [SBI] Support service-names in discovery option * [SBI] Added config for service-names discovery * diameter: Gx: add AVP 3GPP-Charging-Characteristics The 3GPP-Charging-Characteristics is an operator specific AVP (optional). The 3GPP-Charging-Characteristics can be filled by the HSS and pass through to the Gx interface. See ETSI 29.212 5.4.0.1 for further details. * [SMF] send 3GPP-Charging-Characteristics on Gx if received on S5/8c The 3GPP-Charging-Characteristics is an operator specific AVP (optional). The 3GPP-Charging-Characteristics can be filled by the HSS and forwarded by the MME towards the SMF. * Follow up on open5gs#1715 * Changed <TAB> to <SPACE>*4 * Changed snprintf to ogs_snprintf * [Conf] Changed MTU size from 1500 to 1400 * [SMF] fixup send 3GPP-Charging-Characteristics on Gx if received on S5/8c - Gy instead of Gx AVP was used. - Use correct avp position and avp variables. Fixes: 657eef9 ("[SMF] send 3GPP-Charging-Characteristics on Gx if received on S5/8c") * Added Service-based NF discovery == Known limitation == Placing npcf-smpolicycontrol and pcf-policyauthorization in different NFs is not supported. Both npcf-smpolicycontrol and pcf-policyauthorization should be placed in the same NF. * [ALL] Removing trailing whitespace and tab * [MME] Fixed buffer overflow (open5gs#1728) * Added simple test program ./tests/registration/registration simple-test ./tests/vonr/vonr simple-test ./tests/attach/attach simple-test ./tests/volte/volte simple-test * [SMF] Handle upCnxState=ACTIVATING by replying with 200 instead of 204 According to TS 29.502 5.2.2.3.2.2., we should reply with a 200 response including the upCnxState attribute. * Follow-up on open5gs#1729 * [SBI] Send NF discovery query with service-names delimited with comma OpenAPI specification for sending NF discovery query with "service-names" parameter is defined as folowing: - name: service-names ... style: form explode: false According to OpenAPI specification, this means array items should be delimited with a comma character (example: /users?id=3,4,5). * [PCF] Check NF service configuration * npcf-smpolicycontrol - enabled or disabled * npcf-policyauthorization - enabled or disabled Only one of npcf-smpolicycontrol and npcf-policyauthorization cannot be enabled. (../src/pcf/sbi-path.c:151) They can be enabled or disabled together. * [CORE] Check if timer is double free in SBI module * removing extra lines I did not find the purpose of their use * [AMF] Accept Deregistration Notification from UDM only for registered UE (open5gs#1737) Add additional check when receiving Deregistration Notification from UDM. UE should already be in registered state before accepting the request and deregistering the UE. Also add additional check that PCF association policy exists before sending a delete request to PCF. * When using longer APN name, it is obscured due to short field. * Also format for pcc_rule. UE and SMF look okay as medium_data as first section. * Minor typo fix * Support service-based NF subscription * [AMF] Handle APN/DNN names as case-insensitive In case that APN name sent from UE does not case-match with the one configured in the database, AMF would reject the registration with the message: [gmm] WARNING: [imsi-xxx] DNN Not Supported OR Not Subscribed in the Slice (../src/amf/gmm-handler.c:1051) * Follow-up on open5gs#1747 * Release v2.4.10 * Added Release Notes for v2.4.10 * Introduce Cancel Location and Insert Subscriber Data features to HSS. (open5gs#1744) * Introduce Cancel Location and Insert Subscriber Data features to HSS. * HSS database will keep track of last known MME and Update Time * Purged UE flag is established in HSS for future PUR handling * HSS Thread will connect to database and watch change stream mongoDB must be configured with a Replica Set to use this * HSS will send IDR if subscription data changes * HSS will send CLR to old MME if MME host or realm changes * Function created to allow ULA and IDR to generate Subscription-Data AVP * MME Hostname and Realm shown in WebUI * Resolve freeDiameter errors During a ULR, if database does not contain a last known MME, a CLR is being sent to a Null destination. This will ensure that a destination is available in the database before sending the CLR. * Removed change streams. Added PUR handling. * newline needed at end of file. * Removed temp variable. * * Change WebUI to 2x2 display * Including UE Purged indicator * Using pointers in ogs_subscription_data_t * better memory mangement with pointers * Tweak to Destination used by hss_s6a_send_idr to use last known MME * Check for null mme_host and mme_realms Do this before trying to compare the strings. * Follow-up on open5gs#1744 * [SMF] Wait for both N1&N2 release signals before releasing session When UE would send a request to release PDU session, AMF would eventually send "PDU Session Resource Release Command" downlink to both UE (N1) and gNB (N2). Each UE and gNB would then reply with "PDU Session Resource Release Response" indicating they released their own resources. Usually the first one to respond would be gNB. SMF made an assumption that this would always be the case. And it would wait for signal that UE resources were freed, before releasing session resources. But occasionally the situation is that UE responds first, and SMF releases resources prematurely. This situation does not normally occur. But under high stress (100's of UE PDU releases at the same time) this happens occasionally. According to the standard, this situation is perfectly normal. 3GPP TS 23.502 Rel. 16 4.3.4.2 UE or network requested PDU Session Release for Non-Roaming and Roaming with Local Breakout ... Steps 8-10 may happen before steps 6-7. ... * Added commercial 5G * Add tested Ericsson gNodeBs and eNodeBs * [DOC] Fixed alphabet order * Sponsors logo updated to be dark-mode friendly * Updated favicon.ico in Document * [GTP/PFCP] TLV length more acceptable (open5gs#1780) Acceptable even if the TLV length is smaller than expected * [AMF] Add amfInfoList to NFProfile The actual configured GUAMIs and TAIs are used to form NF profile. Comparing to SMF the "info" section is not introduced into amf.yaml! Each amf_id (region, set) produces a separate Info in the InfoList. Guami list consists of all GUAMIs of particular Info. taiList consists of all TAIs for all PLMNs of particular Info. Examle: amf.yaml: guami: - plmn_id: mcc: 999 mnc: 70 amf_id: region: 2 set: 2 pointer: 4 - plmn_id: mcc: 001 mnc: 01 amf_id: region: 2 set: 1 - plmn_id: mcc: 001 mnc: 02 amf_id: region: 2 set: 2 tai: - plmn_id: mcc: 001 mnc: 01 tac: [1, 2, 3] tai: - plmn_id: mcc: 002 mnc: 02 tac: 4 - plmn_id: mcc: 001 mnc: 02 tac: 10 tai: - plmn_id: mcc: 004 mnc: 04 tac: [6, 7] - plmn_id: mcc: 005 mnc: 05 tac: 8 - plmn_id: mcc: 999 mnc: 70 tac: [9, 10] "amfInfoList": { "1": { "amfSetId": "002", "amfRegionId": "02", "guamiList": [{ "plmnId": { "mcc": "999", "mnc": "70" }, "amfId": "020084" }, { "plmnId": { "mcc": "001", "mnc": "02" }, "amfId": "020080" }], "taiList": [{ "plmnId": { "mcc": "001", "mnc": "02" }, "tac": "00000a" }, { "plmnId": { "mcc": "999", "mnc": "70" }, "tac": "000009" }, { "plmnId": { "mcc": "999", "mnc": "70" }, "tac": "00000a" }] }, "2": { "amfSetId": "001", "amfRegionId": "02", "guamiList": [{ "plmnId": { "mcc": "001", "mnc": "01" }, "amfId": "020040" }], "taiList": [{ "plmnId": { "mcc": "001", "mnc": "01" }, "tac": "000001" }, { "plmnId": { "mcc": "001", "mnc": "01" }, "tac": "000002" }, { "plmnId": { "mcc": "001", "mnc": "01" }, "tac": "000003" }] } } * Follow-up on open5gs#1757 * [HSS] Enable Change Streams (open5gs#1758) * [HSS] Enable Change Streams * Enable Events and Timers in HSS * Integrate change streams in dbi * mongodb should be configured with replica sets enabled to use feature * Change streams are optional in HSS * Timer will poll change stream for changes in the database * As changes are detected, event is created to perform the correct action * Changes made as suggested * Follow-up on open5gs#1758 * Update document * [TLV] Added more debug information (open5gs#1767) * Fixed HTTP2 crashes for random JSON data (open5gs#1769) * [core] fix timer overflow on 32bit systems (open5gs#16) must cast ts.tv_sec to 64bits before we multiply it to prevent 32bit math and overflow * Follow-up on open5gs#1770 * [SGWC] Fixed a crash (open5gs#1765) Session context could be deleted before a response message is not received from SMF * add addr/port to pfcp assoc/de-assoc logs (open5gs#40) pfcp association log adds addr/port * [GTP] Changes the print message (open5gs#1772) * [config,metrics] Move metrics configuration section under respective NF section Without this change, using metrics with core setup configurations (configs/vonr.yaml for example) would not be possible. Having one metrics section for whole config file causes every NF to start metrics server on same port causing an abort. * Follow-on up open5gs#1754 * [DOC] iptable setting for security (open5gs#1768) * [MME] Added protection code if no PDN-Type (open5gs#1756) * Changes new GA4 in Google Analytics * Commercial Term by NeoPlane - https://neoplane.io/ * Fix UL and DL URR Usage Report * Follow-on up open5gs#1793 * [AMF] Fix for switching state when sending Deregistration Request fails Provide pointer to state machine, instead of pointer to timer structure. Bug was noticed when switching compiler optimization to -O2. * [5GC] Fixed session deletion in a BSF (open5gs#1725) * [UPF] test code for unspecified address (open5gs#1776) * [Security] Fixed a crash for port scanning (open5gs#1767) * Release v2.4.11 * Added Release Notes for v2.4.11 * [MME] Support for Insert Subscriber Data (open5gs#1794) * [MME] Support for Insert Subscriber Data * Supported AVPs in IDR will overwrite existing subscription information * Provide error on partial APN updates * IDR and ULA use same function to process AVPs * Move subdatamask values into s6a, so both HSS and MME can use them * Updates are not actioned at this time. A Re-attach is required for most changes to take effect * Memory issue on IDR exceptions * Remove of handling MSIDSN change until DSR is used * Follow-on up open5gs#1794 * [SBI] Client Request timeout TS29.500 Ch 6.11 Detection and handling of late arriving requests In Open5GS, this part was hard-corded. HTTP2 Client sends a request and waits for 10 seconds. If no response is received from the HTTP2 Server, HTTP2 Client performs the exception handling. In this commit, HTTP2 client sends Header with setting Max-Rsp-Time to 10 seconds. However, HTTP2 server has not yet been implemented to process this value. The server is still processing using hard-corded values (10 seconds). * [MME] Cancel Location while Idle (open5gs#1797) * Cancel Location while Idle Fix * Forgot about SGSAP on MME Change. Added "action" to sgsap_send_detach.. * Make handle_clr uniform with other handlers * Added Robustness for Any Detach Type * Memory wasn't freed upon CLR for unknown IMSIs * Moving MME Detach to new PR * Follow-up on open5gs#1797 * ogs_info swaps CP and UP SEIDs * Follow-up on open5gs#1797 * fix dropped_dl_traffic_threshold ie. * [AMF,UDM] Add support to subscribe to SDM changes AMF subscribes to UDM for each registered UE. At the moment, UDM does not send callback to AMF when any of the UE's properties in the database changes. At the moment, AMF does properly parse the ModificationNotification, but does not do anything useful. * [SMF] Update PFCP report error situation (open5gs#1819) * Revert the previous commit on open5gs#1797 * Updated SBI module - Introduced NF_INSTANCE_ID/NF_INSTANCE_TYPE - Skip SCP in configuration validation * [AMF] Increase size of TMSI pool Each UE context has 'current' and 'next' TMSI values. AMF first allocates the 'next' value, before confirming it and releasing the 'previous'. This means that we potentially need pool size of 2x the amount of maximum configured UE. Without this change, AMF would crash in case that there are 'x' configured maximum amount of UE, and there are already 'x' registered UE. [gmm] INFO: Registration request (../src/amf/gmm-sm.c:135) [gmm] INFO: [suci-0-001-01-1234-0-1-1000000000] SUCI (../src/amf/gmm-handler.c:149) [gmm] DEBUG: OLD TSC[UE:0,AMF:0] KSI[UE:7,AMF:0] (../src/amf/gmm-handler.c:179) [gmm] DEBUG: NEW TSC[UE:0,AMF:0] KSI[UE:7,AMF:0] (../src/amf/gmm-handler.c:186) [amf] FATAL: amf_m_tmsi_alloc: Assertion `m_tmsi' failed. (../src/amf/context.c:2160) [core] FATAL: backtrace() returned 13 addresses (../lib/core/ogs-abort.c:37) * [AMF] Reject registration requests when pool for UE contexts is empty AMF does not crash anymore when a new UE registration request arrives, and there is no available space left in UE context pool. Now it just rejects the request with an error. * Follow-up on open5gs#1828 * Follow-up on open5gs#1827 * [DBI] Disable Change Streams with mongo Version Support for change stream is only available in mongoc >=1.9.0 - Disabled related functions in dbi. Support for bson to json used in debug statement only in libbson >=1.7.0 - Simple debug message in lower versions * Follow-up on open5gs#1827 * Update README.md Signed-off-by: Networkmama <networkmama12@gmail.com> Co-authored-by: Sukchan Lee <acetcom@gmail.com> Co-authored-by: Pau Espin Pedrol <pespin@sysmocom.de> Co-authored-by: Bostjan Meglic <103102696+bmeglicit@users.noreply.github.com> Co-authored-by: Networkmama <networkmama12@gmail.com> Co-authored-by: Bostjan Meglic <b.meglic@iskratel.si> Co-authored-by: Oliver Smith <osmith@sysmocom.de> Co-authored-by: jmasterfunk84 <48972964+jmasterfunk84@users.noreply.github.com> Co-authored-by: herlesupreeth <herlesupreeth@gmail.com> Co-authored-by: Alexander Couzens <lynxis@fe80.eu> Co-authored-by: mitmitmitm <m.rihtarsic@iskratel.si> Co-authored-by: EugeneBogush <eugeneb2008@gmail.com> Co-authored-by: neg2led <4232981+neg2led@users.noreply.github.com> Co-authored-by: Gaber Stare <g.stare@iskratel.si> Co-authored-by: Spencer Sevilla <spencer.builds.networks@gmail.com> Co-authored-by: Dibas Das <dibasdas02@gmail.com> Co-authored-by: safaorhann <safa.orhan@b-ulltech.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.