Commit 8e890ebe authored by Cedric Roux's avatar Cedric Roux

bugfix: fix PDCP sequence management (plus some cleanup)

With the introduction of X2AP into develop, the UEs now have to regularly
send measurement reports.

In the logs of the eNB, we see:

[OSA]   Mismatch found in integrity for algorithm 2,
        got e0.a0.c2.66, expecting a5.9c.cb.57
[PDCP]   [OSA][RB 1] eNB failed to validate MAC-I of incoming PDU

This is a bug in the PDCP layer that uses wrong parameters to compute the
integrity.

This commit fixes this bug.

The function pdcp_is_rx_seq_number_valid was removed. Its processing
has been directly integrated into the function pdcp_data_ind.

The function pdcp_mark_current_pdu_as_received is not called anymore.
Its processing was not used later on, so as of today, not calling it does
not introduce any functional change.

The function pdcp_validate_security takes now as parameters both
SN and HFN. Same for the function pdcp_get_next_count_rx.

Useless constants PDCP_SN_5BIT, PDCP_SN_7BIT and PDCP_SN_12BIT have been
removed.

The compilation option ENABLE_SECURITY has been removed. It's now always
on. (This may impact some use cases.)

The PDCP for DRB using RLC AM is not correct. It was not correct before
this commit (apart from the integrity bug). We should deal with a list
of PDUs and transmit packets to upper layers as detailed in the specs.
Today we transmit the PDU as soon as we get it. We don't care about
duplicates, in-order delivery, timeouts.

Also, we don't deal with "PDCP re-establishment". Not sure how that impacts
the software.

And, last but not least, there is still no ROHC.
parent d155c212
...@@ -595,7 +595,6 @@ Message("CPU_Affinity flag is ${CPU_AFFINITY}") ...@@ -595,7 +595,6 @@ Message("CPU_Affinity flag is ${CPU_AFFINITY}")
############################################################## ##############################################################
# ???!!! TO BE DOCUMENTED OPTIONS !!!??? # ???!!! TO BE DOCUMENTED OPTIONS !!!???
############################################################## ##############################################################
add_boolean_option(ENABLE_SECURITY True "Enable LTE integrity and ciphering between RRC UE and eNB")
add_boolean_option(ENABLE_USE_MME True "eNB connected to MME (INTERFACE S1-C), not standalone eNB") add_boolean_option(ENABLE_USE_MME True "eNB connected to MME (INTERFACE S1-C), not standalone eNB")
add_boolean_option(NO_RRM True "DO WE HAVE A RADIO RESSOURCE MANAGER: NO") add_boolean_option(NO_RRM True "DO WE HAVE A RADIO RESSOURCE MANAGER: NO")
add_boolean_option(RRC_DEFAULT_RAB_IS_AM False "set the RLC mode to AM for the default bearer") add_boolean_option(RRC_DEFAULT_RAB_IS_AM False "set the RLC mode to AM for the default bearer")
......
...@@ -9,7 +9,6 @@ set ( EMIT_ASN_DEBUG False ) ...@@ -9,7 +9,6 @@ set ( EMIT_ASN_DEBUG False )
set ( ENABLE_ITTI True ) set ( ENABLE_ITTI True )
set ( ENABLE_NAS_UE_LOGGING True ) set ( ENABLE_NAS_UE_LOGGING True )
set ( ENABLE_NEW_MULTICAST True ) set ( ENABLE_NEW_MULTICAST True )
set ( ENABLE_SECURITY True )
set ( ENABLE_STANDALONE_EPC False) set ( ENABLE_STANDALONE_EPC False)
set ( ENABLE_USE_CPU_EXECUTION_TIME True ) set ( ENABLE_USE_CPU_EXECUTION_TIME True )
set ( ENABLE_USE_MME True ) set ( ENABLE_USE_MME True )
......
...@@ -8,7 +8,6 @@ set ( ENABLE_ITTI True ) ...@@ -8,7 +8,6 @@ set ( ENABLE_ITTI True )
set ( ENABLE_NAS_UE_LOGGING True ) set ( ENABLE_NAS_UE_LOGGING True )
set ( ENABLE_NEW_MULTICAST True ) set ( ENABLE_NEW_MULTICAST True )
set ( ENABLE_RAL False ) set ( ENABLE_RAL False )
set ( ENABLE_SECURITY True )
set ( ENABLE_STANDALONE_EPC False) set ( ENABLE_STANDALONE_EPC False)
set ( ENABLE_USE_CPU_EXECUTION_TIME True ) set ( ENABLE_USE_CPU_EXECUTION_TIME True )
set ( ENABLE_USE_MME True ) set ( ENABLE_USE_MME True )
......
...@@ -8,7 +8,6 @@ set ( ENABLE_ITTI True ) ...@@ -8,7 +8,6 @@ set ( ENABLE_ITTI True )
set ( ENABLE_NAS_UE_LOGGING False ) set ( ENABLE_NAS_UE_LOGGING False )
set ( ENABLE_NEW_MULTICAST False ) set ( ENABLE_NEW_MULTICAST False )
set ( ENABLE_RAL False ) set ( ENABLE_RAL False )
set ( ENABLE_SECURITY False )
set ( ENABLE_STANDALONE_EPC False ) set ( ENABLE_STANDALONE_EPC False )
set ( ENABLE_USE_CPU_EXECUTION_TIME False ) set ( ENABLE_USE_CPU_EXECUTION_TIME False )
set ( ENABLE_USE_MME False ) set ( ENABLE_USE_MME False )
......
...@@ -7,7 +7,6 @@ set ( ENABLE_ITTI True ) ...@@ -7,7 +7,6 @@ set ( ENABLE_ITTI True )
set ( ENABLE_NAS_UE_LOGGING False ) set ( ENABLE_NAS_UE_LOGGING False )
set ( ENABLE_NEW_MULTICAST True ) set ( ENABLE_NEW_MULTICAST True )
set ( ENABLE_RAL False ) set ( ENABLE_RAL False )
set ( ENABLE_SECURITY False )
set ( ENABLE_STANDALONE_EPC False) set ( ENABLE_STANDALONE_EPC False)
set ( ENABLE_USE_CPU_EXECUTION_TIME True ) set ( ENABLE_USE_CPU_EXECUTION_TIME True )
set ( ENABLE_USE_MME False ) set ( ENABLE_USE_MME False )
......
...@@ -9,7 +9,6 @@ set ( ENABLE_NAS_UE_LOGGING True ) ...@@ -9,7 +9,6 @@ set ( ENABLE_NAS_UE_LOGGING True )
set ( ENABLE_NEW_MULTICAST True ) set ( ENABLE_NEW_MULTICAST True )
set ( ENABLE_PDCP_NETLINK_FIFO False ) set ( ENABLE_PDCP_NETLINK_FIFO False )
set ( ENABLE_RAL False ) set ( ENABLE_RAL False )
set ( ENABLE_SECURITY True )
set ( ENABLE_STANDALONE_EPC False) set ( ENABLE_STANDALONE_EPC False)
set ( ENABLE_USE_CPU_EXECUTION_TIME True ) set ( ENABLE_USE_CPU_EXECUTION_TIME True )
set ( ENABLE_USE_MME True ) set ( ENABLE_USE_MME True )
......
This diff is collapsed.
...@@ -164,13 +164,12 @@ typedef struct pdcp_s { ...@@ -164,13 +164,12 @@ typedef struct pdcp_s {
*/ */
pdcp_sn_t next_pdcp_tx_sn; pdcp_sn_t next_pdcp_tx_sn;
pdcp_sn_t next_pdcp_rx_sn; pdcp_sn_t next_pdcp_rx_sn;
pdcp_sn_t next_pdcp_rx_sn_before_integrity; pdcp_sn_t maximum_pdcp_rx_sn;
/* /*
* TX and RX Hyper Frame Numbers * TX and RX Hyper Frame Numbers
*/ */
pdcp_hfn_t tx_hfn; pdcp_hfn_t tx_hfn;
pdcp_hfn_t rx_hfn; pdcp_hfn_t rx_hfn;
pdcp_hfn_offset_t rx_hfn_offset; // related to sn mismatch
/* /*
* SN of the last PDCP SDU delivered to upper layers * SN of the last PDCP SDU delivered to upper layers
...@@ -479,14 +478,6 @@ typedef struct { ...@@ -479,14 +478,6 @@ typedef struct {
#define REORDERING_WINDOW_SN_7BIT 64 #define REORDERING_WINDOW_SN_7BIT 64
#define REORDERING_WINDOW_SN_12BIT 2048 #define REORDERING_WINDOW_SN_12BIT 2048
/*
* SN size
*/
#define PDCP_SN_5BIT 5
#define PDCP_SN_7BIT 7
#define PDCP_SN_12BIT 12
signed int pdcp_2_nas_irq; signed int pdcp_2_nas_irq;
pdcp_stats_t UE_pdcp_stats[MAX_MOBILES_PER_ENB]; pdcp_stats_t UE_pdcp_stats[MAX_MOBILES_PER_ENB];
pdcp_stats_t eNB_pdcp_stats[NUMBER_OF_eNB_MAX]; pdcp_stats_t eNB_pdcp_stats[NUMBER_OF_eNB_MAX];
......
...@@ -173,7 +173,6 @@ int pdcp_netlink_dequeue_element(const protocol_ctxt_t* const ctxt_pP, ...@@ -173,7 +173,6 @@ int pdcp_netlink_dequeue_element(const protocol_ctxt_t* const ctxt_pP,
void pdcp_config_set_security(const protocol_ctxt_t* const ctxt_pP, pdcp_t *pdcp_pP, rb_id_t rb_idP, void pdcp_config_set_security(const protocol_ctxt_t* const ctxt_pP, pdcp_t *pdcp_pP, rb_id_t rb_idP,
uint16_t lc_idP, uint8_t security_modeP, uint8_t *kRRCenc_pP, uint8_t *kRRCint_pP, uint8_t *kUPenc_pP); uint16_t lc_idP, uint8_t security_modeP, uint8_t *kRRCenc_pP, uint8_t *kRRCint_pP, uint8_t *kUPenc_pP);
#if defined(ENABLE_SECURITY)
int pdcp_apply_security(const protocol_ctxt_t* const ctxt_pP, int pdcp_apply_security(const protocol_ctxt_t* const ctxt_pP,
pdcp_t *pdcp_entity, pdcp_t *pdcp_entity,
srb_flag_t srb_flagP, srb_flag_t srb_flagP,
...@@ -188,10 +187,10 @@ int pdcp_validate_security(const protocol_ctxt_t* const ctxt_pP, ...@@ -188,10 +187,10 @@ int pdcp_validate_security(const protocol_ctxt_t* const ctxt_pP,
srb_flag_t srb_flagP, srb_flag_t srb_flagP,
rb_id_t rb_id, rb_id_t rb_id,
uint8_t pdcp_header_len, uint8_t pdcp_header_len,
uint16_t current_sn, uint32_t hfn,
int sn,
uint8_t *pdcp_pdu_buffer, uint8_t *pdcp_pdu_buffer,
uint16_t sdu_buffer_size); uint16_t sdu_buffer_size);
#endif /* defined(ENABLE_SECURITY) */
#endif #endif
/** @}*/ /** @}*/
...@@ -40,13 +40,6 @@ ...@@ -40,13 +40,6 @@
#include "msc.h" #include "msc.h"
#include "pdcp_primitives.h" #include "pdcp_primitives.h"
#if defined(ENABLE_SECURITY)
static
uint32_t pdcp_get_next_count_tx(pdcp_t *const pdcp_pP, const srb_flag_t srb_flagP, const uint16_t pdcp_sn);
static
uint32_t pdcp_get_next_count_rx(pdcp_t *const pdcp_pP, const srb_flag_t srb_flagP, const uint16_t pdcp_sn);
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
static static
uint32_t pdcp_get_next_count_tx( uint32_t pdcp_get_next_count_tx(
...@@ -79,26 +72,25 @@ static ...@@ -79,26 +72,25 @@ static
uint32_t pdcp_get_next_count_rx( uint32_t pdcp_get_next_count_rx(
pdcp_t * const pdcp_pP, pdcp_t * const pdcp_pP,
const srb_flag_t srb_flagP, const srb_flag_t srb_flagP,
const uint16_t pdcp_sn) const uint32_t hfn,
const int sn)
{ {
uint32_t count; uint32_t count;
/* For RX COUNT = RX_HFN << length of SN | pdcp SN of received PDU */ /* For RX COUNT = RX_HFN << length of SN | pdcp SN of received PDU */
if (srb_flagP) { if (srb_flagP) {
/* 5 bits length SN */ /* 5 bits length SN */
count = (((pdcp_pP->rx_hfn + pdcp_pP->rx_hfn_offset) << 5) | (pdcp_sn & 0x001F)); count = (hfn << 5) | (sn & 0x001F);
} else { } else {
if (pdcp_pP->seq_num_size == LTE_PDCP_Config__rlc_UM__pdcp_SN_Size_len7bits) { if (pdcp_pP->seq_num_size == 7) {
/* 7 bits length SN */ /* 7 bits length SN */
count = (((pdcp_pP->rx_hfn + pdcp_pP->rx_hfn_offset) << 7) | (pdcp_sn & 0x007F)); count = (hfn << 7) | (sn & 0x007F);
} else { // default } else { // default
/* 12 bits length SN */ /* 12 bits length SN */
count = (((pdcp_pP->rx_hfn + pdcp_pP->rx_hfn_offset) << 12) | (pdcp_sn & 0x0FFF)); count = (hfn << 12) | (sn & 0x0FFF);
} }
} }
// reset the hfn offset
pdcp_pP->rx_hfn_offset =0;
LOG_D(PDCP, "[OSA] RX COUNT = 0x%08x\n", count); LOG_D(PDCP, "[OSA] RX COUNT = 0x%08x\n", count);
return count; return count;
...@@ -182,7 +174,8 @@ pdcp_validate_security( ...@@ -182,7 +174,8 @@ pdcp_validate_security(
const srb_flag_t srb_flagP, const srb_flag_t srb_flagP,
const rb_id_t rb_id, const rb_id_t rb_id,
const uint8_t pdcp_header_len, const uint8_t pdcp_header_len,
const uint16_t current_sn, const uint32_t hfn,
const int sn,
uint8_t *const pdcp_pdu_buffer, uint8_t *const pdcp_pdu_buffer,
const uint16_t sdu_buffer_size const uint16_t sdu_buffer_size
) )
...@@ -201,7 +194,7 @@ pdcp_validate_security( ...@@ -201,7 +194,7 @@ pdcp_validate_security(
decrypt_params.direction = (pdcp_pP->is_ue == 1) ? SECU_DIRECTION_DOWNLINK : SECU_DIRECTION_UPLINK ; decrypt_params.direction = (pdcp_pP->is_ue == 1) ? SECU_DIRECTION_DOWNLINK : SECU_DIRECTION_UPLINK ;
decrypt_params.bearer = rb_id - 1; decrypt_params.bearer = rb_id - 1;
decrypt_params.count = pdcp_get_next_count_rx(pdcp_pP, srb_flagP, current_sn); decrypt_params.count = pdcp_get_next_count_rx(pdcp_pP, srb_flagP, hfn, sn);
decrypt_params.message = &pdcp_pdu_buffer[pdcp_header_len]; decrypt_params.message = &pdcp_pdu_buffer[pdcp_header_len];
decrypt_params.blength = (sdu_buffer_size - pdcp_header_len) << 3; decrypt_params.blength = (sdu_buffer_size - pdcp_header_len) << 3;
decrypt_params.key_length = 16; decrypt_params.key_length = 16;
...@@ -246,5 +239,3 @@ pdcp_validate_security( ...@@ -246,5 +239,3 @@ pdcp_validate_security(
return 0; return 0;
} }
#endif /* ENABLE_SECURITY */
...@@ -140,152 +140,6 @@ boolean_t pdcp_advance_rx_window(pdcp_t* pdcp_entity) ...@@ -140,152 +140,6 @@ boolean_t pdcp_advance_rx_window(pdcp_t* pdcp_entity)
return TRUE; return TRUE;
} }
/**
* Checks if incoming PDU has a sequence number in accordance with the RX window
* @return 1 if SN is okay, 0 otherwise
* XXX Reordering window should also be handled here
*/
boolean_t pdcp_is_rx_seq_number_valid(uint16_t seq_num, pdcp_t* pdcp_entity,srb_flag_t srb_flagP)
{
uint16_t reordering_window = 0;
LOG_D(PDCP, "Incoming RX Sequence number is %04d\n", seq_num);
if (pdcp_is_seq_num_size_valid(pdcp_entity) == FALSE || pdcp_is_seq_num_valid(seq_num, pdcp_entity->seq_num_size) == FALSE) {
return FALSE;
}
/*
* Mark received sequence numbers to keep track of missing ones
* (and to build PDCP Control PDU for PDCP status report)
*/
if (pdcp_mark_current_pdu_as_received(seq_num, pdcp_entity) == TRUE) {
LOG_D(PDCP, "Received sequence number successfuly marked\n");
} else {
LOG_W(PDCP, "Cannot mark received sequence number on the bitmap!\n");
}
/*
* RX Procedures for SRB and DRBs as described in sec 5.1.2 of 36.323
*/
if (srb_flagP) { // SRB
if (seq_num < pdcp_entity->next_pdcp_rx_sn) {
// decipher and verify the integrity of the PDU (if applicable) using COUNT based on RX_HFN + 1 and the received PDCP SN
pdcp_entity->rx_hfn++;
pdcp_entity->rx_hfn_offset = 0;
} else {
// decipher and verify the integrity of the PDU (if applicable) using COUNT based using COUNT based on RX_HFN and the received PDCP SN
pdcp_entity->rx_hfn_offset = 0;
}
// Assume that integrity verification is applicable and the integrity verification is passed successfully;
// or assume that integrity verification is not applicable:
// same the old next_pdcp_rx_sn to revert otherwise
pdcp_entity->next_pdcp_rx_sn_before_integrity = pdcp_entity->next_pdcp_rx_sn;
if (seq_num != pdcp_entity->next_pdcp_rx_sn) {
LOG_D(PDCP,"Re-adjusting the sequence number to %d\n", seq_num);
}
//set Next_PDCP_RX_SN to the received PDCP SN +1 ;
pdcp_entity->next_pdcp_rx_sn = seq_num;
pdcp_advance_rx_window(pdcp_entity); // + 1, and check if it is larger than Maximum_PDCP_SN:
} else { // DRB
if (pdcp_entity->seq_num_size == PDCP_SN_7BIT) {
reordering_window = REORDERING_WINDOW_SN_7BIT;
} else {
reordering_window = REORDERING_WINDOW_SN_12BIT;
}
switch (pdcp_entity->rlc_mode) {
case RLC_MODE_AM:
if ((seq_num - pdcp_entity->last_submitted_pdcp_rx_sn > reordering_window) ||
((0 <= pdcp_entity->last_submitted_pdcp_rx_sn - seq_num) &&
(pdcp_entity->last_submitted_pdcp_rx_sn - seq_num < reordering_window) )) {
if (seq_num > pdcp_entity->next_pdcp_rx_sn) {
/*
* decipher the PDCP PDU as specified in the subclause 5.6, using COUNT based on RX_HFN - 1 and the received PDCP SN;
*/
pdcp_entity->rx_hfn_offset = -1;
} else {
/*
* decipher the PDCP PDU as specified in the subclause 5.6, using COUNT based on RX_HFN and the received PDCP SN;
*/
pdcp_entity->rx_hfn_offset = 0;
}
// discard this PDCP SDU;
LOG_W(PDCP, "Out of the reordering window (Incoming SN:%d, Expected SN:%d): discard this PDCP SDU\n",
seq_num, pdcp_entity->next_pdcp_rx_sn);
return FALSE;
} else if (pdcp_entity->next_pdcp_rx_sn - seq_num > reordering_window) {
pdcp_entity->rx_hfn++;
// use COUNT based on RX_HFN and the received PDCP SN for deciphering the PDCP PDU;
pdcp_entity->rx_hfn_offset = 0;
pdcp_entity->next_pdcp_rx_sn++;
} else if (seq_num - pdcp_entity->next_pdcp_rx_sn >= reordering_window ) {
// use COUNT based on RX_HFN – 1 and the received PDCP SN for deciphering the PDCP PDU;
pdcp_entity->rx_hfn_offset = -1;
} else if (seq_num >= pdcp_entity->next_pdcp_rx_sn ) {
// use COUNT based on RX_HFN and the received PDCP SN for deciphering the PDCP PDU;
pdcp_entity->rx_hfn_offset = 0;
//set Next_PDCP_RX_SN to the received PDCP SN +1 ;
pdcp_entity->next_pdcp_rx_sn = seq_num;
pdcp_advance_rx_window(pdcp_entity); // + 1, anc check if it is larger than Maximum_PDCP_SN:
LOG_D(PDCP,"Re-adjusting the sequence number to %d\n", seq_num);
} else if (seq_num < pdcp_entity->next_pdcp_rx_sn) {
// use COUNT based on RX_HFN and the received PDCP SN for deciphering the PDCP PDU;
pdcp_entity->rx_hfn_offset = 0;
}
break;
case RLC_MODE_UM :
if (seq_num < pdcp_entity->next_pdcp_rx_sn) {
pdcp_entity->rx_hfn++;
}
// decipher the PDCP Data PDU using COUNT based on RX_HFN and the received PDCP SN as specified in the subclause 5.6;
//set Next_PDCP_RX_SN to the received PDCP SN +1 ;
pdcp_entity->next_pdcp_rx_sn = seq_num;
pdcp_advance_rx_window(pdcp_entity); // + 1, and check if it is larger than Maximum_PDCP_SN:
break;
case RLC_MODE_TM :
default:
LOG_W(PDCP,"RLC mode %d not supported\n",pdcp_entity->rlc_mode);
return FALSE;
}
}
/*
if (seq_num == pdcp_entity->next_pdcp_rx_sn) {
LOG_I(PDCP, "Next expected SN (%d) arrived, advancing RX window\n", seq_num);
return pdcp_advance_rx_window(pdcp_entity);
} else {
LOG_E(PDCP, "Incoming SN is not the one we expected to receive! (Incoming:%d, Expected:%d)\n", \
seq_num, pdcp_entity->next_pdcp_rx_sn);
// Update first missing PDU (used in PDCP Control PDU for PDCP status report, see 6.2.6)
if (pdcp_entity->first_missing_pdu != -1)
pdcp_entity->first_missing_pdu = pdcp_entity->next_pdcp_rx_sn;
return FALSE;
}
*/
return TRUE;
}
boolean_t pdcp_mark_current_pdu_as_received(uint16_t seq_num, pdcp_t* pdcp_entity) boolean_t pdcp_mark_current_pdu_as_received(uint16_t seq_num, pdcp_t* pdcp_entity)
{ {
/* /*
......
...@@ -59,11 +59,6 @@ uint16_t pdcp_get_next_tx_seq_number(pdcp_t* pdcp_entity); ...@@ -59,11 +59,6 @@ uint16_t pdcp_get_next_tx_seq_number(pdcp_t* pdcp_entity);
* Advances the RX window state of given PDCP entity upon successfull receipt of a SDU * Advances the RX window state of given PDCP entity upon successfull receipt of a SDU
*/ */
boolean_t pdcp_advance_rx_window(pdcp_t* pdcp_entity); boolean_t pdcp_advance_rx_window(pdcp_t* pdcp_entity);
/**
* Checks if incoming PDU has a sequence number in accordance with the RX window
* @return TRUE if it is valid, FALSE otherwise
*/
boolean_t pdcp_is_rx_seq_number_valid(uint16_t seq_num, pdcp_t* pdcp_entity,srb_flag_t srb_flagP);
/** /**
* Updates missing PDU bitmap with incoming sequence number * Updates missing PDU bitmap with incoming sequence number
* @return TRUE if successful, FALSE otherwise * @return TRUE if successful, FALSE otherwise
......
...@@ -3724,7 +3724,6 @@ do_RRCConnectionReestablishment( ...@@ -3724,7 +3724,6 @@ do_RRCConnectionReestablishment(
rrc->carrier[CC_id].dl_CarrierFreq, rrc->carrier[CC_id].dl_CarrierFreq,
earfcn_dl, earfcn_dl,
is_rel8_only == true ? "true": "false"); is_rel8_only == true ? "true": "false");
#if defined(ENABLE_SECURITY)
if (ue_context_pP->ue_context.nh_ncc >= 0) { if (ue_context_pP->ue_context.nh_ncc >= 0) {
derive_keNB_star(ue_context_pP->ue_context.nh, pci, earfcn_dl, is_rel8_only, KeNB_star); derive_keNB_star(ue_context_pP->ue_context.nh, pci, earfcn_dl, is_rel8_only, KeNB_star);
...@@ -3738,9 +3737,6 @@ do_RRCConnectionReestablishment( ...@@ -3738,9 +3737,6 @@ do_RRCConnectionReestablishment(
// copy KeNB_star to ue_context_pP->ue_context.kenb // copy KeNB_star to ue_context_pP->ue_context.kenb
memcpy (ue_context_pP->ue_context.kenb, KeNB_star, 32); memcpy (ue_context_pP->ue_context.kenb, KeNB_star, 32);
ue_context_pP->ue_context.kenb_ncc = 0; ue_context_pP->ue_context.kenb_ncc = 0;
#else
rrcConnectionReestablishment->criticalExtensions.choice.c1.choice.rrcConnectionReestablishment_r8.nextHopChainingCount = 0;
#endif
rrcConnectionReestablishment->criticalExtensions.choice.c1.choice.rrcConnectionReestablishment_r8.nonCriticalExtension = NULL; rrcConnectionReestablishment->criticalExtensions.choice.c1.choice.rrcConnectionReestablishment_r8.nonCriticalExtension = NULL;
if ( LOG_DEBUGFLAG(DEBUG_ASN1) ) { if ( LOG_DEBUGFLAG(DEBUG_ASN1) ) {
......
...@@ -273,10 +273,8 @@ typedef struct eNB_RRC_UE_NB_IoT_s { ...@@ -273,10 +273,8 @@ typedef struct eNB_RRC_UE_NB_IoT_s {
SRB_INFO_TABLE_ENTRY_NB_IoT Srb1; SRB_INFO_TABLE_ENTRY_NB_IoT Srb1;
SRB_INFO_TABLE_ENTRY_NB_IoT Srb1bis; SRB_INFO_TABLE_ENTRY_NB_IoT Srb1bis;
#if defined(ENABLE_SECURITY)
/* KeNB as derived from KASME received from EPC */ /* KeNB as derived from KASME received from EPC */
uint8_t kenb[32]; uint8_t kenb[32];
#endif
/* Used integrity/ciphering algorithms--> maintained the same for NB-IoT */ /* Used integrity/ciphering algorithms--> maintained the same for NB-IoT */
e_LTE_CipheringAlgorithm_r12 ciphering_algorithm; //Specs. TS 36.331 V14.1.0 pag 432 Change position of chipering enumerative w.r.t previous version e_LTE_CipheringAlgorithm_r12 ciphering_algorithm; //Specs. TS 36.331 V14.1.0 pag 432 Change position of chipering enumerative w.r.t previous version
...@@ -555,10 +553,8 @@ typedef struct UE_RRC_INST_NB_IoT_s { ...@@ -555,10 +553,8 @@ typedef struct UE_RRC_INST_NB_IoT_s {
obj_hash_table_t *ral_meas_thresholds; obj_hash_table_t *ral_meas_thresholds;
ral_transaction_id_t scan_transaction_id; ral_transaction_id_t scan_transaction_id;
#endif #endif
#if defined(ENABLE_SECURITY)
// KeNB as computed from parameters within USIM card // // KeNB as computed from parameters within USIM card //
uint8_t kenb[32]; uint8_t kenb[32];
#endif
// Used integrity/ciphering algorithms // // Used integrity/ciphering algorithms //
CipheringAlgorithm_r12_t ciphering_algorithm; CipheringAlgorithm_r12_t ciphering_algorithm;
......
...@@ -69,9 +69,7 @@ ...@@ -69,9 +69,7 @@
#include "rrc_UE_ral.h" #include "rrc_UE_ral.h"
#endif #endif
#if defined(ENABLE_SECURITY) #include "UTIL/OSA/osa_defs.h"
#include "UTIL/OSA/osa_defs.h"
#endif
#include "pdcp.h" #include "pdcp.h"
#include "plmn_data.h" #include "plmn_data.h"
...@@ -428,7 +426,6 @@ void init_SL_preconfig(UE_RRC_INST *UE, const uint8_t eNB_index ) { ...@@ -428,7 +426,6 @@ void init_SL_preconfig(UE_RRC_INST *UE, const uint8_t eNB_index ) {
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
void openair_rrc_ue_init_security( const protocol_ctxt_t *const ctxt_pP ) { void openair_rrc_ue_init_security( const protocol_ctxt_t *const ctxt_pP ) {
#if defined(ENABLE_SECURITY)
// uint8_t *kRRCenc; // uint8_t *kRRCenc;
// uint8_t *kRRCint; // uint8_t *kRRCint;
char ascii_buffer[65]; char ascii_buffer[65];
...@@ -442,7 +439,6 @@ void openair_rrc_ue_init_security( const protocol_ctxt_t *const ctxt_pP ) { ...@@ -442,7 +439,6 @@ void openair_rrc_ue_init_security( const protocol_ctxt_t *const ctxt_pP ) {
LOG_T(RRC, PROTOCOL_RRC_CTXT_FMT"[OSA] kenb = %s\n", LOG_T(RRC, PROTOCOL_RRC_CTXT_FMT"[OSA] kenb = %s\n",
PROTOCOL_RRC_CTXT_ARGS(ctxt_pP), PROTOCOL_RRC_CTXT_ARGS(ctxt_pP),
ascii_buffer); ascii_buffer);
#endif
} }
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
...@@ -1309,12 +1305,10 @@ rrc_ue_process_radioResourceConfigDedicated( ...@@ -1309,12 +1305,10 @@ rrc_ue_process_radioResourceConfigDedicated(
if (radioResourceConfigDedicated->srb_ToAddModList) { if (radioResourceConfigDedicated->srb_ToAddModList) {
uint8_t *kRRCenc = NULL; uint8_t *kRRCenc = NULL;
uint8_t *kRRCint = NULL; uint8_t *kRRCint = NULL;
#if defined(ENABLE_SECURITY)
derive_key_rrc_enc(UE_rrc_inst[ctxt_pP->module_id].ciphering_algorithm, derive_key_rrc_enc(UE_rrc_inst[ctxt_pP->module_id].ciphering_algorithm,
UE_rrc_inst[ctxt_pP->module_id].kenb, &kRRCenc); UE_rrc_inst[ctxt_pP->module_id].kenb, &kRRCenc);
derive_key_rrc_int(UE_rrc_inst[ctxt_pP->module_id].integrity_algorithm, derive_key_rrc_int(UE_rrc_inst[ctxt_pP->module_id].integrity_algorithm,
UE_rrc_inst[ctxt_pP->module_id].kenb, &kRRCint); UE_rrc_inst[ctxt_pP->module_id].kenb, &kRRCint);
#endif
// Refresh SRBs // Refresh SRBs
rrc_pdcp_config_asn1_req(ctxt_pP, rrc_pdcp_config_asn1_req(ctxt_pP,
radioResourceConfigDedicated->srb_ToAddModList, radioResourceConfigDedicated->srb_ToAddModList,
...@@ -1487,10 +1481,8 @@ rrc_ue_process_radioResourceConfigDedicated( ...@@ -1487,10 +1481,8 @@ rrc_ue_process_radioResourceConfigDedicated(
} }
uint8_t *kUPenc = NULL; uint8_t *kUPenc = NULL;
#if defined(ENABLE_SECURITY)
derive_key_up_enc(UE_rrc_inst[ctxt_pP->module_id].integrity_algorithm, derive_key_up_enc(UE_rrc_inst[ctxt_pP->module_id].integrity_algorithm,
UE_rrc_inst[ctxt_pP->module_id].kenb, &kUPenc); UE_rrc_inst[ctxt_pP->module_id].kenb, &kUPenc);
#endif
MSC_LOG_TX_MESSAGE( MSC_LOG_TX_MESSAGE(
MSC_RRC_UE, MSC_RRC_UE,
MSC_PDCP_UE, MSC_PDCP_UE,
...@@ -1665,7 +1657,6 @@ rrc_ue_process_securityModeCommand( ...@@ -1665,7 +1657,6 @@ rrc_ue_process_securityModeCommand(
ul_dcch_msg.message.choice.c1.present = LTE_UL_DCCH_MessageType__c1_PR_securityModeFailure; ul_dcch_msg.message.choice.c1.present = LTE_UL_DCCH_MessageType__c1_PR_securityModeFailure;
} }
#if defined(ENABLE_SECURITY)
uint8_t *kRRCenc = NULL; uint8_t *kRRCenc = NULL;
uint8_t *kUPenc = NULL; uint8_t *kUPenc = NULL;
uint8_t *kRRCint = NULL; uint8_t *kRRCint = NULL;
...@@ -1715,8 +1706,6 @@ rrc_ue_process_securityModeCommand( ...@@ -1715,8 +1706,6 @@ rrc_ue_process_securityModeCommand(
LOG_I(RRC, "Could not get PDCP instance where key=0x%ld\n", key); LOG_I(RRC, "Could not get PDCP instance where key=0x%ld\n", key);
} }
#endif //#if defined(ENABLE_SECURITY)
if (securityModeCommand->criticalExtensions.present == LTE_SecurityModeCommand__criticalExtensions_PR_c1) { if (securityModeCommand->criticalExtensions.present == LTE_SecurityModeCommand__criticalExtensions_PR_c1) {
if (securityModeCommand->criticalExtensions.choice.c1.present != LTE_SecurityModeCommand__criticalExtensions__c1_PR_securityModeCommand_r8) if (securityModeCommand->criticalExtensions.choice.c1.present != LTE_SecurityModeCommand__criticalExtensions__c1_PR_securityModeCommand_r8)
LOG_W(RRC,"securityModeCommand->criticalExtensions.choice.c1.present (%d) != SecurityModeCommand__criticalExtensions__c1_PR_securityModeCommand_r8\n", LOG_W(RRC,"securityModeCommand->criticalExtensions.choice.c1.present (%d) != SecurityModeCommand__criticalExtensions__c1_PR_securityModeCommand_r8\n",
......
...@@ -554,13 +554,11 @@ typedef struct eNB_RRC_UE_s { ...@@ -554,13 +554,11 @@ typedef struct eNB_RRC_UE_s {
int UE_Capability_size; int UE_Capability_size;
ImsiMobileIdentity_t imsi; ImsiMobileIdentity_t imsi;
#if defined(ENABLE_SECURITY)
/* KeNB as derived from KASME received from EPC */ /* KeNB as derived from KASME received from EPC */
uint8_t kenb[32]; uint8_t kenb[32];
int8_t kenb_ncc; int8_t kenb_ncc;
uint8_t nh[32]; uint8_t nh[32];
int8_t nh_ncc; int8_t nh_ncc;
#endif
/* Used integrity/ciphering algorithms */ /* Used integrity/ciphering algorithms */
LTE_CipheringAlgorithm_r12_t ciphering_algorithm; LTE_CipheringAlgorithm_r12_t ciphering_algorithm;
e_LTE_SecurityAlgorithmConfig__integrityProtAlgorithm integrity_algorithm; e_LTE_SecurityAlgorithmConfig__integrityProtAlgorithm integrity_algorithm;
...@@ -838,12 +836,10 @@ typedef struct UE_RRC_INST_s { ...@@ -838,12 +836,10 @@ typedef struct UE_RRC_INST_s {
float rsrq_db[7]; float rsrq_db[7];
float rsrp_db_filtered[7]; float rsrp_db_filtered[7];
float rsrq_db_filtered[7]; float rsrq_db_filtered[7];
#if defined(ENABLE_SECURITY)
/* KeNB as computed from parameters within USIM card */ /* KeNB as computed from parameters within USIM card */
uint8_t kenb[32]; uint8_t kenb[32];
uint8_t nh[32]; uint8_t nh[32];
int8_t nh_ncc; int8_t nh_ncc;
#endif
/* Used integrity/ciphering algorithms */ /* Used integrity/ciphering algorithms */
LTE_CipheringAlgorithm_r12_t ciphering_algorithm; LTE_CipheringAlgorithm_r12_t ciphering_algorithm;
......
...@@ -75,9 +75,7 @@ ...@@ -75,9 +75,7 @@
#include "OCG.h" #include "OCG.h"
#include "OCG_extern.h" #include "OCG_extern.h"
#if defined(ENABLE_SECURITY) #include "UTIL/OSA/osa_defs.h"
#include "UTIL/OSA/osa_defs.h"
#endif
#if defined(ENABLE_USE_MME) #if defined(ENABLE_USE_MME)
#include "rrc_eNB_S1AP.h" #include "rrc_eNB_S1AP.h"
...@@ -844,9 +842,7 @@ rrc_eNB_free_mem_UE_context( ...@@ -844,9 +842,7 @@ rrc_eNB_free_mem_UE_context(
} }
//HANDOVER_INFO *handover_info; //HANDOVER_INFO *handover_info;
#if defined(ENABLE_SECURITY)
//uint8_t kenb[32]; //uint8_t kenb[32];
#endif
//e_SecurityAlgorithmConfig__cipheringAlgorithm ciphering_algorithm; //e_SecurityAlgorithmConfig__cipheringAlgorithm ciphering_algorithm;
//e_SecurityAlgorithmConfig__integrityProtAlgorithm integrity_algorithm; //e_SecurityAlgorithmConfig__integrityProtAlgorithm integrity_algorithm;
//uint8_t Status; //uint8_t Status;
...@@ -6312,7 +6308,6 @@ rrc_eNB_process_RRCConnectionReconfigurationComplete( ...@@ -6312,7 +6308,6 @@ rrc_eNB_process_RRCConnectionReconfigurationComplete(
LTE_DRB_Identity_t *drb_id_p = NULL; LTE_DRB_Identity_t *drb_id_p = NULL;
T(T_ENB_RRC_CONNECTION_RECONFIGURATION_COMPLETE, T_INT(ctxt_pP->module_id), T_INT(ctxt_pP->frame), T(T_ENB_RRC_CONNECTION_RECONFIGURATION_COMPLETE, T_INT(ctxt_pP->module_id), T_INT(ctxt_pP->frame),
T_INT(ctxt_pP->subframe), T_INT(ctxt_pP->rnti)); T_INT(ctxt_pP->subframe), T_INT(ctxt_pP->rnti));
#if defined(ENABLE_SECURITY)
/* Derive the keys from kenb */ /* Derive the keys from kenb */
if (DRB_configList != NULL) { if (DRB_configList != NULL) {
...@@ -6324,7 +6319,6 @@ rrc_eNB_process_RRCConnectionReconfigurationComplete( ...@@ -6324,7 +6319,6 @@ rrc_eNB_process_RRCConnectionReconfigurationComplete(
ue_context_pP->ue_context.kenb, &kRRCenc); ue_context_pP->ue_context.kenb, &kRRCenc);
derive_key_rrc_int(ue_context_pP->ue_context.integrity_algorithm, derive_key_rrc_int(ue_context_pP->ue_context.integrity_algorithm,
ue_context_pP->ue_context.kenb, &kRRCint); ue_context_pP->ue_context.kenb, &kRRCint);
#endif
// Refresh SRBs/DRBs // Refresh SRBs/DRBs
MSC_LOG_TX_MESSAGE( MSC_LOG_TX_MESSAGE(
MSC_RRC_ENB, MSC_RRC_ENB,
......
...@@ -52,9 +52,7 @@ ...@@ -52,9 +52,7 @@
#include "../../S1AP/s1ap_eNB.h" #include "../../S1AP/s1ap_eNB.h"
#endif #endif
#if defined(ENABLE_SECURITY) #include "UTIL/OSA/osa_defs.h"
#include "UTIL/OSA/osa_defs.h"
#endif
#include "msc.h" #include "msc.h"
#include "LTE_UERadioAccessCapabilityInformation.h" #include "LTE_UERadioAccessCapabilityInformation.h"
...@@ -493,7 +491,6 @@ static void process_eNB_security_key ( ...@@ -493,7 +491,6 @@ static void process_eNB_security_key (
) )
//------------------------------------------------------------------------------ //------------------------------------------------------------------------------
{ {
#if defined(ENABLE_SECURITY)
char ascii_buffer[65]; char ascii_buffer[65];
uint8_t i; uint8_t i;
/* Saves the security key */ /* Saves the security key */
...@@ -507,7 +504,6 @@ static void process_eNB_security_key ( ...@@ -507,7 +504,6 @@ static void process_eNB_security_key (
ascii_buffer[2 * i] = '\0'; ascii_buffer[2 * i] = '\0';
LOG_I (RRC, "[eNB %d][UE %x] Saved security key %s\n", ctxt_pP->module_id, ue_context_pP->ue_context.rnti, ascii_buffer); LOG_I (RRC, "[eNB %d][UE %x] Saved security key %s\n", ctxt_pP->module_id, ue_context_pP->ue_context.rnti, ascii_buffer);
#endif
} }
...@@ -520,7 +516,6 @@ rrc_pdcp_config_security( ...@@ -520,7 +516,6 @@ rrc_pdcp_config_security(
) )
//------------------------------------------------------------------------------ //------------------------------------------------------------------------------
{ {
#if defined(ENABLE_SECURITY)
LTE_SRB_ToAddModList_t *SRB_configList = ue_context_pP->ue_context.SRB_configList; LTE_SRB_ToAddModList_t *SRB_configList = ue_context_pP->ue_context.SRB_configList;
uint8_t *kRRCenc = NULL; uint8_t *kRRCenc = NULL;
uint8_t *kRRCint = NULL; uint8_t *kRRCint = NULL;
...@@ -578,8 +573,6 @@ rrc_pdcp_config_security( ...@@ -578,8 +573,6 @@ rrc_pdcp_config_security(
PROTOCOL_RRC_CTXT_UE_ARGS(ctxt_pP), PROTOCOL_RRC_CTXT_UE_ARGS(ctxt_pP),
DCCH); DCCH);
} }
#endif
} }
//------------------------------------------------------------------------------ //------------------------------------------------------------------------------
......
...@@ -45,7 +45,6 @@ ifeq ($(OPENSSL_FOUND), 0) ...@@ -45,7 +45,6 @@ ifeq ($(OPENSSL_FOUND), 0)
@(warning "openssl library is not installed on your system, openssl lib needed, continuing with security disabled") @(warning "openssl library is not installed on your system, openssl lib needed, continuing with security disabled")
SECU=0 SECU=0
else else
CFLAGS += -DENABLE_SECURITY
LIBS += $(OPENSSL_LIBS) $(NETTLE_LIBS) LIBS += $(OPENSSL_LIBS) $(NETTLE_LIBS)
endif endif
endif endif
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment