Commit 3e32fa7e authored by Robert Schmidt's avatar Robert Schmidt

Merge remote-tracking branch 'origin/NR_UE_security_flag' into integration_2023_w24

parents 96aacd58 49117486
...@@ -404,6 +404,7 @@ NR_UE_RRC_INST_t* openair_rrc_top_init_ue_nr(char* uecap_file, char* rrc_config_ ...@@ -404,6 +404,7 @@ NR_UE_RRC_INST_t* openair_rrc_top_init_ue_nr(char* uecap_file, char* rrc_config_
rrc->bwpd = NULL; rrc->bwpd = NULL;
rrc->ubwpd = NULL; rrc->ubwpd = NULL;
rrc->as_security_activated = false;
// TODO: Put the appropriate list of SIBs // TODO: Put the appropriate list of SIBs
rrc->requested_SI_List.buf = CALLOC(1,4); rrc->requested_SI_List.buf = CALLOC(1,4);
...@@ -1485,15 +1486,10 @@ int8_t nr_rrc_ue_decode_ccch( const protocol_ctxt_t *const ctxt_pP, const NR_SRB ...@@ -1485,15 +1486,10 @@ int8_t nr_rrc_ue_decode_ccch( const protocol_ctxt_t *const ctxt_pP, const NR_SRB
} }
//----------------------------------------------------------------------------- void nr_rrc_ue_process_securityModeCommand(const protocol_ctxt_t *const ctxt_pP,
void
nr_rrc_ue_process_securityModeCommand(
const protocol_ctxt_t *const ctxt_pP,
NR_SecurityModeCommand_t *const securityModeCommand, NR_SecurityModeCommand_t *const securityModeCommand,
const uint8_t gNB_index const uint8_t gNB_index)
) {
//-----------------------------------------------------------------------------
{
asn_enc_rval_t enc_rval; asn_enc_rval_t enc_rval;
NR_UL_DCCH_Message_t ul_dcch_msg; NR_UL_DCCH_Message_t ul_dcch_msg;
uint8_t buffer[200]; uint8_t buffer[200];
...@@ -1501,7 +1497,10 @@ int8_t nr_rrc_ue_decode_ccch( const protocol_ctxt_t *const ctxt_pP, const NR_SRB ...@@ -1501,7 +1497,10 @@ int8_t nr_rrc_ue_decode_ccch( const protocol_ctxt_t *const ctxt_pP, const NR_SRB
LOG_I(NR_RRC,"[UE %d] SFN/SF %d/%d: Receiving from SRB1 (DL-DCCH), Processing securityModeCommand (eNB %d)\n", LOG_I(NR_RRC,"[UE %d] SFN/SF %d/%d: Receiving from SRB1 (DL-DCCH), Processing securityModeCommand (eNB %d)\n",
ctxt_pP->module_id,ctxt_pP->frame, ctxt_pP->subframe, gNB_index); ctxt_pP->module_id,ctxt_pP->frame, ctxt_pP->subframe, gNB_index);
switch (securityModeCommand->criticalExtensions.choice.securityModeCommand->securityConfigSMC.securityAlgorithmConfig.cipheringAlgorithm) { NR_SecurityConfigSMC_t *securityConfigSMC = &securityModeCommand->criticalExtensions.choice.securityModeCommand->securityConfigSMC;
NR_UE_RRC_INST_t *ue_rrc = &NR_UE_rrc_inst[ctxt_pP->module_id];
switch (securityConfigSMC->securityAlgorithmConfig.cipheringAlgorithm) {
case NR_CipheringAlgorithm_nea0: case NR_CipheringAlgorithm_nea0:
LOG_I(NR_RRC,"[UE %d] Security algorithm is set to nea0\n", LOG_I(NR_RRC,"[UE %d] Security algorithm is set to nea0\n",
ctxt_pP->module_id); ctxt_pP->module_id);
...@@ -1524,12 +1523,10 @@ int8_t nr_rrc_ue_decode_ccch( const protocol_ctxt_t *const ctxt_pP, const NR_SRB ...@@ -1524,12 +1523,10 @@ int8_t nr_rrc_ue_decode_ccch( const protocol_ctxt_t *const ctxt_pP, const NR_SRB
securityMode = NR_CipheringAlgorithm_spare1; securityMode = NR_CipheringAlgorithm_spare1;
break; break;
} }
NR_UE_rrc_inst[ctxt_pP->module_id].cipheringAlgorithm = ue_rrc->cipheringAlgorithm = securityConfigSMC->securityAlgorithmConfig.cipheringAlgorithm;
securityModeCommand->criticalExtensions.choice.securityModeCommand->securityConfigSMC.securityAlgorithmConfig.cipheringAlgorithm;
if (securityModeCommand->criticalExtensions.choice.securityModeCommand->securityConfigSMC.securityAlgorithmConfig.integrityProtAlgorithm != NULL) if (securityConfigSMC->securityAlgorithmConfig.integrityProtAlgorithm != NULL) {
{ switch (*securityConfigSMC->securityAlgorithmConfig.integrityProtAlgorithm) {
switch (*securityModeCommand->criticalExtensions.choice.securityModeCommand->securityConfigSMC.securityAlgorithmConfig.integrityProtAlgorithm) {
case NR_IntegrityProtAlgorithm_nia1: case NR_IntegrityProtAlgorithm_nia1:
LOG_I(NR_RRC,"[UE %d] Integrity protection algorithm is set to nia1\n",ctxt_pP->module_id); LOG_I(NR_RRC,"[UE %d] Integrity protection algorithm is set to nia1\n",ctxt_pP->module_id);
securityMode |= 1 << 5; securityMode |= 1 << 5;
...@@ -1546,9 +1543,7 @@ int8_t nr_rrc_ue_decode_ccch( const protocol_ctxt_t *const ctxt_pP, const NR_SRB ...@@ -1546,9 +1543,7 @@ int8_t nr_rrc_ue_decode_ccch( const protocol_ctxt_t *const ctxt_pP, const NR_SRB
break; break;
} }
NR_UE_rrc_inst[ctxt_pP->module_id].integrityProtAlgorithm = ue_rrc->integrityProtAlgorithm = *securityConfigSMC->securityAlgorithmConfig.integrityProtAlgorithm;
*securityModeCommand->criticalExtensions.choice.securityModeCommand->securityConfigSMC.securityAlgorithmConfig.integrityProtAlgorithm;
} }
LOG_D(NR_RRC,"[UE %d] security mode is %x \n",ctxt_pP->module_id, securityMode); LOG_D(NR_RRC,"[UE %d] security mode is %x \n",ctxt_pP->module_id, securityMode);
...@@ -1570,16 +1565,16 @@ int8_t nr_rrc_ue_decode_ccch( const protocol_ctxt_t *const ctxt_pP, const NR_SRB ...@@ -1570,16 +1565,16 @@ int8_t nr_rrc_ue_decode_ccch( const protocol_ctxt_t *const ctxt_pP, const NR_SRB
uint8_t kUPenc[16] = {0}; uint8_t kUPenc[16] = {0};
uint8_t kRRCint[16] = {0}; uint8_t kRRCint[16] = {0};
nr_derive_key(UP_ENC_ALG, nr_derive_key(UP_ENC_ALG,
NR_UE_rrc_inst[ctxt_pP->module_id].cipheringAlgorithm, ue_rrc->cipheringAlgorithm,
NR_UE_rrc_inst[ctxt_pP->module_id].kgnb, ue_rrc->kgnb,
kUPenc); kUPenc);
nr_derive_key(RRC_ENC_ALG, nr_derive_key(RRC_ENC_ALG,
NR_UE_rrc_inst[ctxt_pP->module_id].cipheringAlgorithm, ue_rrc->cipheringAlgorithm,
NR_UE_rrc_inst[ctxt_pP->module_id].kgnb, ue_rrc->kgnb,
kRRCenc); kRRCenc);
nr_derive_key(RRC_INT_ALG, nr_derive_key(RRC_INT_ALG,
NR_UE_rrc_inst[ctxt_pP->module_id].integrityProtAlgorithm, ue_rrc->integrityProtAlgorithm,
NR_UE_rrc_inst[ctxt_pP->module_id].kgnb, ue_rrc->kgnb,
kRRCint); kRRCint);
LOG_I(NR_RRC, "driving kRRCenc, kRRCint and kUPenc from KgNB=" LOG_I(NR_RRC, "driving kRRCenc, kRRCint and kUPenc from KgNB="
...@@ -1591,18 +1586,17 @@ int8_t nr_rrc_ue_decode_ccch( const protocol_ctxt_t *const ctxt_pP, const NR_SRB ...@@ -1591,18 +1586,17 @@ int8_t nr_rrc_ue_decode_ccch( const protocol_ctxt_t *const ctxt_pP, const NR_SRB
"%02x%02x%02x%02x" "%02x%02x%02x%02x"
"%02x%02x%02x%02x" "%02x%02x%02x%02x"
"%02x%02x%02x%02x\n", "%02x%02x%02x%02x\n",
NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[0], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[1], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[2], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[3], ue_rrc->kgnb[0], ue_rrc->kgnb[1], ue_rrc->kgnb[2], ue_rrc->kgnb[3],
NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[4], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[5], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[6], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[7], ue_rrc->kgnb[4], ue_rrc->kgnb[5], ue_rrc->kgnb[6], ue_rrc->kgnb[7],
NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[8], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[9], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[10], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[11], ue_rrc->kgnb[8], ue_rrc->kgnb[9], ue_rrc->kgnb[10], ue_rrc->kgnb[11],
NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[12], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[13], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[14], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[15], ue_rrc->kgnb[12], ue_rrc->kgnb[13], ue_rrc->kgnb[14], ue_rrc->kgnb[15],
NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[16], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[17], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[18], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[19], ue_rrc->kgnb[16], ue_rrc->kgnb[17], ue_rrc->kgnb[18], ue_rrc->kgnb[19],
NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[20], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[21], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[22], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[23], ue_rrc->kgnb[20], ue_rrc->kgnb[21], ue_rrc->kgnb[22], ue_rrc->kgnb[23],
NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[24], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[25], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[26], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[27], ue_rrc->kgnb[24], ue_rrc->kgnb[25], ue_rrc->kgnb[26], ue_rrc->kgnb[27],
NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[28], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[29], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[30], NR_UE_rrc_inst[ctxt_pP->module_id].kgnb[31]); ue_rrc->kgnb[28], ue_rrc->kgnb[29], ue_rrc->kgnb[30], ue_rrc->kgnb[31]);
if (securityMode != 0xff) { if (securityMode != 0xff) {
uint8_t security_mode = uint8_t security_mode = ue_rrc->cipheringAlgorithm | (ue_rrc->integrityProtAlgorithm << 4);
NR_UE_rrc_inst[ctxt_pP->module_id].cipheringAlgorithm | (NR_UE_rrc_inst[ctxt_pP->module_id].integrityProtAlgorithm << 4);
nr_pdcp_config_set_security(ctxt_pP->rntiMaybeUEid, DCCH, security_mode, kRRCenc, kRRCint, kUPenc); nr_pdcp_config_set_security(ctxt_pP->rntiMaybeUEid, DCCH, security_mode, kRRCenc, kRRCint, kUPenc);
} else { } else {
LOG_I(NR_RRC, "skipped pdcp_config_set_security() as securityMode == 0x%02x", securityMode); LOG_I(NR_RRC, "skipped pdcp_config_set_security() as securityMode == 0x%02x", securityMode);
...@@ -1621,25 +1615,29 @@ int8_t nr_rrc_ue_decode_ccch( const protocol_ctxt_t *const ctxt_pP, const NR_SRB ...@@ -1621,25 +1615,29 @@ int8_t nr_rrc_ue_decode_ccch( const protocol_ctxt_t *const ctxt_pP, const NR_SRB
(void *)&ul_dcch_msg, (void *)&ul_dcch_msg,
buffer, buffer,
100); 100);
AssertFatal (enc_rval.encoded > 0, "ASN1 message encoding failed (%s, %jd)!\n", AssertFatal(enc_rval.encoded > 0, "ASN1 message encoding failed (%s, %jd)!\n",
enc_rval.failed_type->name, enc_rval.encoded); enc_rval.failed_type->name, enc_rval.encoded);
if ( LOG_DEBUGFLAG(DEBUG_ASN1) ) { if (LOG_DEBUGFLAG(DEBUG_ASN1)) {
xer_fprint(stdout, &asn_DEF_NR_UL_DCCH_Message, (void *)&ul_dcch_msg); xer_fprint(stdout, &asn_DEF_NR_UL_DCCH_Message, (void *)&ul_dcch_msg);
} }
log_dump(MAC, buffer, 16, LOG_DUMP_CHAR, "securityModeComplete payload: "); log_dump(NR_RRC, buffer, 16, LOG_DUMP_CHAR, "securityModeComplete payload: ");
LOG_D(NR_RRC, "securityModeComplete Encoded %zd bits (%zd bytes)\n", enc_rval.encoded, (enc_rval.encoded+7)/8); LOG_D(NR_RRC, "securityModeComplete Encoded %zd bits (%zd bytes)\n", enc_rval.encoded, (enc_rval.encoded+7)/8);
for (i = 0; i < (enc_rval.encoded + 7) / 8; i++) { for (i = 0; i < (enc_rval.encoded + 7) / 8; i++) {
LOG_T(NR_RRC, "%02x.", buffer[i]); LOG_T(NR_RRC, "%02x.", buffer[i]);
} }
LOG_T(NR_RRC, "\n"); LOG_T(NR_RRC, "\n");
//TODO the SecurityModeCommand message needs to pass the integrity protection check
// for the UE to declare AS security to be activated
ue_rrc->as_security_activated = true;
nr_pdcp_data_req_srb(ctxt_pP->rntiMaybeUEid, DCCH, nr_rrc_mui++, (enc_rval.encoded + 7) / 8, buffer, deliver_pdu_srb_rlc, NULL); nr_pdcp_data_req_srb(ctxt_pP->rntiMaybeUEid, DCCH, nr_rrc_mui++, (enc_rval.encoded + 7) / 8, buffer, deliver_pdu_srb_rlc, NULL);
} else } else
LOG_W(NR_RRC,"securityModeCommand->criticalExtensions.present (%d) != NR_SecurityModeCommand__criticalExtensions_PR_securityModeCommand\n", LOG_W(NR_RRC,"securityModeCommand->criticalExtensions.present (%d) != NR_SecurityModeCommand__criticalExtensions_PR_securityModeCommand\n",
securityModeCommand->criticalExtensions.present); securityModeCommand->criticalExtensions.present);
} }
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
void nr_rrc_ue_generate_RRCSetupRequest(module_id_t module_id, const uint8_t gNB_index) { void nr_rrc_ue_generate_RRCSetupRequest(module_id_t module_id, const uint8_t gNB_index) {
...@@ -1698,15 +1696,10 @@ nr_rrc_ue_establish_srb1( ...@@ -1698,15 +1696,10 @@ nr_rrc_ue_establish_srb1(
return(0); return(0);
} }
//----------------------------------------------------------------------------- int32_t nr_rrc_ue_establish_srb2(module_id_t ue_mod_idP,
int32_t
nr_rrc_ue_establish_srb2(
module_id_t ue_mod_idP,
frame_t frameP, frame_t frameP,
uint8_t gNB_index, uint8_t gNB_index,
NR_SRB_ToAddMod_t *SRB_config NR_SRB_ToAddMod_t *SRB_config)
)
//-----------------------------------------------------------------------------
{ {
// add descriptor from RRC PDU // add descriptor from RRC PDU
NR_UE_rrc_inst[ue_mod_idP].Srb2[gNB_index].Active = 1; NR_UE_rrc_inst[ue_mod_idP].Srb2[gNB_index].Active = 1;
...@@ -1715,16 +1708,11 @@ nr_rrc_ue_establish_srb2( ...@@ -1715,16 +1708,11 @@ nr_rrc_ue_establish_srb2(
return(0); return(0);
} }
//----------------------------------------------------------------------------- int32_t nr_rrc_ue_establish_drb(module_id_t ue_mod_idP,
int32_t
nr_rrc_ue_establish_drb(
module_id_t ue_mod_idP,
frame_t frameP, frame_t frameP,
uint8_t gNB_index, uint8_t gNB_index,
NR_DRB_ToAddMod_t *DRB_config NR_DRB_ToAddMod_t *DRB_config)
) {
//-----------------------------------------------------------------------------
{
// add descriptor from RRC PDU // add descriptor from RRC PDU
int oip_ifup = 0, ip_addr_offset3 = 0, ip_addr_offset4 = 0; int oip_ifup = 0, ip_addr_offset3 = 0, ip_addr_offset4 = 0;
/* avoid gcc warnings */ /* avoid gcc warnings */
...@@ -1759,9 +1747,8 @@ nr_rrc_ue_establish_srb2( ...@@ -1759,9 +1747,8 @@ nr_rrc_ue_establish_srb2(
LOG_D(NR_RRC,"[UE %d] State = Attached (gNB %d)\n",ue_mod_idP,gNB_index); LOG_D(NR_RRC,"[UE %d] State = Attached (gNB %d)\n",ue_mod_idP,gNB_index);
} }
} }
return(0); return(0);
} }
//----------------------------------------------------------------------------- //-----------------------------------------------------------------------------
void void
...@@ -2253,11 +2240,9 @@ nr_rrc_ue_establish_srb2( ...@@ -2253,11 +2240,9 @@ nr_rrc_ue_establish_srb2(
case NR_DL_DCCH_MessageType__c1_PR_securityModeCommand: case NR_DL_DCCH_MessageType__c1_PR_securityModeCommand:
LOG_I(NR_RRC, "[UE %d] Received securityModeCommand (gNB %d)\n", LOG_I(NR_RRC, "[UE %d] Received securityModeCommand (gNB %d)\n",
ctxt_pP->module_id, gNB_indexP); ctxt_pP->module_id, gNB_indexP);
nr_rrc_ue_process_securityModeCommand( nr_rrc_ue_process_securityModeCommand(ctxt_pP,
ctxt_pP,
dl_dcch_msg->message.choice.c1->choice.securityModeCommand, dl_dcch_msg->message.choice.c1->choice.securityModeCommand,
gNB_indexP); gNB_indexP);
break; break;
} }
} }
......
...@@ -183,7 +183,6 @@ typedef struct NR_UE_Timers_Constants_s { ...@@ -183,7 +183,6 @@ typedef struct NR_UE_Timers_Constants_s {
} NR_UE_Timers_Constants_t; } NR_UE_Timers_Constants_t;
typedef struct NR_UE_RRC_INST_s { typedef struct NR_UE_RRC_INST_s {
NR_MeasConfig_t *meas_config; NR_MeasConfig_t *meas_config;
NR_CellGroupConfig_t *cell_group_config; NR_CellGroupConfig_t *cell_group_config;
NR_ServingCellConfigCommonSIB_t *servingCellConfigCommonSIB; NR_ServingCellConfigCommonSIB_t *servingCellConfigCommonSIB;
...@@ -234,6 +233,7 @@ typedef struct NR_UE_RRC_INST_s { ...@@ -234,6 +233,7 @@ typedef struct NR_UE_RRC_INST_s {
//RRC_LIST_TYPE(NR_SecurityAlgorithmConfig_t, NR_SecurityAlgorithmConfig) SecurityAlgorithmConfig_list; //RRC_LIST_TYPE(NR_SecurityAlgorithmConfig_t, NR_SecurityAlgorithmConfig) SecurityAlgorithmConfig_list;
NR_CipheringAlgorithm_t cipheringAlgorithm; NR_CipheringAlgorithm_t cipheringAlgorithm;
e_NR_IntegrityProtAlgorithm integrityProtAlgorithm; e_NR_IntegrityProtAlgorithm integrityProtAlgorithm;
bool as_security_activated;
long selected_plmn_identity; long selected_plmn_identity;
Rrc_State_NR_t nrRrcState; Rrc_State_NR_t nrRrcState;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment