From steve at steve-m.de Tue Feb 19 03:27:38 2013 From: steve at steve-m.de (Steve Markgraf) Date: Tue, 19 Feb 2013 04:27:38 +0100 Subject: Invalid decoding of some PACKET_RESOURCE_REQUESTs Message-ID: <5122F12A.7020700@steve-m.de> Hi, I noticed a bug in the dissector, which seems to happen when then Exist_A5_bits field is set to 0, and results in the following fields (Exist_Multislot_capability/Exist_GPRS_multislot_class) being decoded incorrectly. Thus, get_ms_class_by_capability() is returning NULL instead of the GPRS_multislot_class, which is interestingly dissected correctly. This is one of the messages where this happens: 4017dfb83a3f628a7045500898f28109100297e0080b2b If I add it to the RLCMACTest it fails, so I propose it should be added ;) My quite recent version of Wireshark (1.8.2) is decoding this message fine, see the attachment. I've gone through the recent changes on packet-gsm_rlcmac.c and packet-csn1.c in Wireshark, but couldn't spot the commit that fixed it so far. Regards, Steve -------------- next part -------------- raw bytes: 4017dfb83a3f628a7045500898f28109100297e0080b2b GSM RLC/MAC: PACKET_RESOURCE_REQUEST (Uplink) 01.. .... = PayloadType: 1 ..00 000. = spare: 0 .... ...0 = R: 0 0001 01.. = MESSAGE_TYPE: 5 .... ..1. Exist_ACCESS_TYPE .... ...1 1... .... = ACCESS_TYPE: 3 ID .1.. .... Choice: PacketResourceRequestID (1) PacketResourceRequestID ..01 1111 1011 1000 0011 1010 0011 1111 01.. .... = TLLI: 2128668925 ..1. .... Exist_MS_Radio_Access_capability MS_Radio_Access_capability MS_RA_capability_value[0] ...0 001. Choice: MS_RA_capability_value_Choice (1) MS_RA_capability_value_Choice .... ...0 1000 10.. u.Content length: 34 u.Content .... ..10 0... .... = RF_Power_Capability: 4 .1.. .... Exist_A5_bits ..11 0000 0... .... = A5_bits: 96 .1.. .... = ES_IND: 1 ..0. .... = PS: 0 ...0 .... = VGCS: 0 .... 0... = VBS: 0 .... .1.. Exist_Multislot_capability Multislot_capability .... ..0. Exist_HSCSD_multislot_class .... ...1 Exist_GPRS_multislot_class 0101 0... = GPRS_multislot_class: 10 .... .0.. = GPRS_Extended_Dynamic_Allocation_Capability: 0 .... ..0. Exist_SM .... ...0 Exist_ECSD_multislot_class 0... .... Exist_EGPRS_multislot_class .0.. .... Exist_DTM_GPRS_multislot_class ..0. .... Exist_Eight_PSK_Power_Capability ...0 .... = COMPACT_Interference_Measurement_Capability: 0 .... 1... = Revision_Level_Indicator: 1 .... .0.. = UMTS_FDD_Radio_Access_Technology_Capability: 0 .... ..0. = UMTS_384_TDD_Radio_Access_Technology_Capability: 0 .... ...0 = CDMA2000_Radio_Access_Technology_Capability: 0 [NULL data]: UMTS_128_TDD_Radio_Access_Technology_Capability Not Present [NULL data]: GERAN_Feature_Package_1 Not Present [NULL data]: Modulation_based_multislot_class_support Not Present [NULL data]: GMSK_MultislotPowerProfile Not Present [NULL data]: EightPSK_MultislotProfile Not Present [NULL data]: MultipleTBF_Capability Not Present [NULL data]: DownlinkAdvancedReceiverPerformance Not Present [NULL data]: ExtendedRLC_MAC_ControlMessageSegmentionsCapability Not Present [NULL data]: DTM_EnhancementsCapability Not Present [NULL data]: PS_HandoverCapability Not Present 1... .... Exist:MS_RA_capability_value[1] MS_RA_capability_value[1] .001 1... Choice: MS_RA_capability_value_Choice (3) MS_RA_capability_value_Choice .... .000 1111 .... u.Content length: 15 u.Content .... 001. = RF_Power_Capability: 1 .... ...0 Exist_A5_bits 1... .... = ES_IND: 1 .0.. .... = PS: 0 ..0. .... = VGCS: 0 ...0 .... = VBS: 0 .... 0... Exist_Multislot_capability .... .0.. Exist_Eight_PSK_Power_Capability .... ..0. = COMPACT_Interference_Measurement_Capability: 0 .... ...1 = Revision_Level_Indicator: 1 0... .... = UMTS_FDD_Radio_Access_Technology_Capability: 0 .0.. .... = UMTS_384_TDD_Radio_Access_Technology_Capability: 0 ..0. .... = CDMA2000_Radio_Access_Technology_Capability: 0 [NULL data]: UMTS_128_TDD_Radio_Access_Technology_Capability Not Present [NULL data]: GERAN_Feature_Package_1 Not Present [NULL data]: Modulation_based_multislot_class_support Not Present [NULL data]: GMSK_MultislotPowerProfile Not Present [NULL data]: EightPSK_MultislotProfile Not Present [NULL data]: MultipleTBF_Capability Not Present [NULL data]: DownlinkAdvancedReceiverPerformance Not Present [NULL data]: ExtendedRLC_MAC_ControlMessageSegmentionsCapability Not Present [NULL data]: DTM_EnhancementsCapability Not Present [NULL data]: PS_HandoverCapability Not Present ...0 .... Exist:MS_RA_capability_value[2] Channel_Request_Description .... 1001 = PEAK_THROUGHPUT_CLASS: 9 00.. .... = RADIO_PRIORITY: 0 ..0. .... RLC_MODE ...1 .... LLC_PDU_TYPE .... 0000 0000 0010 1001 .... = RLC_OCTET_COUNT: 41 .... 0... Exist_CHANGE_MARK .... .111 111. .... = C_VALUE: 63 ...0 .... Exist_SIGN_VAR Slot[0] .... 0... Exist Slot[1] .... .0.. Exist Slot[2] .... ..0. Exist Slot[3] .... ...0 Exist Slot[4] 0... .... Exist Slot[5] .0.. .... Exist Slot[6] ..0. .... Exist Slot[7] ...0 .... Exist .... 1... Exist_AdditionsR99 AdditionsR99 .... .0.. Exist_EGPRS_BEP_LinkQualityMeasurements .... ..0. Exist_EGPRS_TimeslotLinkQualityMeasurements .... ...0 Exist_PFI 0... .... = MS_RAC_AdditionalInformationAvailable: 0 .0.. .... = RetransmissionOfPRR: 0 Padding Bits ..00 1011 Padding From andreas at eversberg.eu Tue Feb 19 11:28:09 2013 From: andreas at eversberg.eu (jolly) Date: Tue, 19 Feb 2013 12:28:09 +0100 Subject: problems with dissecting Message-ID: <512361C9.5060506@eversberg.eu> hi, steve and me experienced a problem with dissecting a "packet resource request" at pcu. the patch i attached will show the following output: $ make && src/osmo-pcu PayloadType = 1 | spare = 0 | R = 0 | MESSAGE_TYPE = 5 | Exist_ACCESS_TYPE = 1 | ACCESS_TYPE = 3 | : ID | Choice PacketResourceRequestID = 1 | u.TLLI = 0x7ee0e8fd | : End ID | Exist_MS_Radio_Access_capability = 1 | : MS_Radio_Access_capability | MS_RA_capability_value { | Choice MS_RA_capability_value_Choice = 1 | u.Content length = 34 | RF_Power_Capability = 4 | Exist_A5_bits = 1 | A5_bits = 96 | ES_IND = 1 | PS = 0 | VGCS = 0 | VBS = 0 | Exist_Multislot_capability = 1 | : Multislot_capability | Exist_HSCSD_multislot_class = 0 | Exist_GPRS_multislot_class = 1 | GPRS_multislot_class = 10 .... this is all correct, but then i patched the get_ms_class_by_capability() function at grps_rlcmac_data.c: ... printf("we have = %d\n", cap->Count_MS_RA_capability_value); for (i = 0; i < cap->Count_MS_RA_capability_value; i++) { printf("index=%d\n", cap->MS_RA_capability_value[i].IndexOfAccTech); printf("exists multislot capability %d\n", cap->MS_RA_capability_value[i].u.Content.Exist_Multislot_capability); printf("exists class %d\n", cap->MS_RA_capability_value[i].u.Content.Multislot_capability.Exist_GPRS_multislot_class); printf("class %d\n", cap->MS_RA_capability_value[i].u.Content.Multislot_capability.GPRS_multislot_class); ... the output continues as this: we have = 2 index=2 exists multislot capability 0 exists class 1 class 10 index=0 exists multislot capability 0 exists class 0 class 0 the "class 10" is correct, also it is correct that the class only exists in the first entry of the capability array. the output of the dissector states that multislot capability exists (Exist_Multislot_capability = 1), but if i look at the structure, this field is not set. i looked at the dissector code, but don't really understand why CSN_NEXT_EXIST works for some elements and not for others. any ideas? regards, andreas -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: dissector_test.patch URL: From laforge at gnumonks.org Tue Feb 26 20:30:28 2013 From: laforge at gnumonks.org (Harald Welte) Date: Tue, 26 Feb 2013 21:30:28 +0100 Subject: [ANNOUNCE] OsmoDevCon 2013-04-04 till 2013-04-07, Berlin Message-ID: <20130226203028.GK1262@prithivi.gnumonks.org> Dear fellow Osmcoom developers, it is my pleasure to finally announce the date + venue of OsmoDevCon 2013: Date: April 04 through April 07, 2013 Place: IN-Berlin, Lehrter Str. 53, Berlin Like last year, this is an event for developers of the various Osmocom proejects. Reservation and confirmation of reservation is required. The event is free of charge. The Room is made available by IN-Berlin e.V., an Internet related non-profit organization. Lunch catering will be sponsored (so far by sysmocom GmbH, but if any other sponsors come up, we are happy to share the cost). So all you have to cover is your own travel + accomodation costs, as well as breakfast and dinner. If you are an active developer and cannot afford travel/accomodation, please let me know and I'll see if we can do something about it. If you would like to attend, please send a message to laforge at gnumonks.org applying for registration of the event. The registration deadline is March 5, i.e. one week from now. There is no detailed schedule of talks yet. I will start a separate discussion suggesting / collecting topics in the next couple of days. More information is (and will be made) available at http://openbsc.osmocom.org/trac/wiki/OsmoDevCon2013 Further discussion regarding the event should be directed at the osmocom-event-orga at lists.osmocom.org mailing list, to avoid cross-posting over the various project-specific lists. Best regards and happy hacking, Harald -- - Harald Welte http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 190 bytes Desc: Digital signature URL: From Ivan.Kluchnikov at fairwaves.ru Thu Feb 28 23:02:51 2013 From: Ivan.Kluchnikov at fairwaves.ru (Ivan Kluchnikov) Date: Fri, 1 Mar 2013 02:02:51 +0300 Subject: problems with dissecting In-Reply-To: <512361C9.5060506@eversberg.eu> References: <512361C9.5060506@eversberg.eu> Message-ID: hi, andreas and steve! I fixed this problem, now decoding should work, you can check the last commit of master branch. There were problems with decoding and encoding of CSN_RECURSIVE_TARRAY, CSN_RECURSIVE_TARRAY_1, CSN_RECURSIVE_TARRAY_2. 2013/2/19 jolly : > hi, > > steve and me experienced a problem with dissecting a "packet resource > request" at pcu. the patch i attached will show the following output: > > $ make && src/osmo-pcu > > PayloadType = 1 | spare = 0 | R = 0 | MESSAGE_TYPE = 5 | Exist_ACCESS_TYPE = > 1 | ACCESS_TYPE = 3 | : ID | Choice PacketResourceRequestID = 1 | u.TLLI = > 0x7ee0e8fd | : End ID | Exist_MS_Radio_Access_capability = 1 | : > MS_Radio_Access_capability | MS_RA_capability_value { | Choice > MS_RA_capability_value_Choice = 1 | u.Content length = 34 | > RF_Power_Capability = 4 | Exist_A5_bits = 1 | A5_bits = 96 | ES_IND = 1 | PS > = 0 | VGCS = 0 | VBS = 0 | Exist_Multislot_capability = 1 | : > Multislot_capability | Exist_HSCSD_multislot_class = 0 | > Exist_GPRS_multislot_class = 1 | GPRS_multislot_class = 10 .... > > this is all correct, but then i patched the get_ms_class_by_capability() > function at grps_rlcmac_data.c: > > ... > printf("we have = %d\n", cap->Count_MS_RA_capability_value); > for (i = 0; i < cap->Count_MS_RA_capability_value; i++) { > printf("index=%d\n", cap->MS_RA_capability_value[i].IndexOfAccTech); > printf("exists multislot capability %d\n", > cap->MS_RA_capability_value[i].u.Content.Exist_Multislot_capability); > printf("exists class %d\n", > cap->MS_RA_capability_value[i].u.Content.Multislot_capability.Exist_GPRS_multislot_class); > printf("class %d\n", > cap->MS_RA_capability_value[i].u.Content.Multislot_capability.GPRS_multislot_class); > ... > > the output continues as this: > > we have = 2 > index=2 > exists multislot capability 0 > exists class 1 > class 10 > index=0 > exists multislot capability 0 > exists class 0 > class 0 > > the "class 10" is correct, also it is correct that the class only exists in > the first entry of the capability array. the output of the dissector states > that multislot capability exists (Exist_Multislot_capability = 1), but if i > look at the structure, this field is not set. > > i looked at the dissector code, but don't really understand why > CSN_NEXT_EXIST works for some elements and not for others. > > any ideas? > > regards, > > andreas > -- Regards, Ivan Kluchnikov. http://fairwaves.ru