gprs_llc_process_xid_ind() does not echo L3_PAR, breaks PDP activation for Motorola KRZR
(at the time of writing) http://cgit.osmocom.org/osmo-sgsn/tree/src/gprs/gprs_llc.c#n227
We check if (xid_field->type != GPRS_LLC_XID_T_L3_PAR)
before echoing the XID to the MS
The Motorola KRZR responds by sending the XID list again and repeats 4 times before giving up and sending PDP deactivate context, with a cause 25 "LLC or SNDCP Failure"
Removing the check for xid_field->type != GPRS_LLC_XID_T_L3_PAR and echoing the L3 parameter back results in PDP activation success and GPRS session works.
Why this check? Why do we not echo all the xid fields back? Did it break with some other phone?
#3 Updated by keith about 2 years ago
TS 04.06 [EDIT correction TS 04.64 126.96.36.199 ] is kind of confusing here.
On the one had it says:
As an optimisation, parameters confirming the requested values may be omitted from the XID response.
The responding side may respond with parameters that were not included in the XID command. A parameter that was
not included in the XID command shall in this case be treated as if the current value of the parameter was included in
the XID command. The responding side shall include such a parameter in every XID response until the parameter has
been explicitly negotiated, either by responding to an XID command that included the parameter, or by explicitly
including the parameter the next time an XID command is transmitted.
Negotiated XID parameters shall apply to the LLE identified by the DLCI of the XID frames used, except Version,
Reset, and IOV-UI that applies to an LLME (i.e., a TLLI), and except Layer-3 Parameters that apply to the layer 3
above the LLE.
So from that I understand that while we may not actually be applying this L3 param to the LLE identified by the DLCI (to be honest, I haven't even looked up what the dlci is), we still MUST include it in the response.
Maybe this is a mis understanding that is the origin of this
if (xid_field->type != GPRS_LLC_XID_T_L3_PAR)
in the code?
#6 Updated by laforge over 1 year ago
The point is that the L3 parameters are handled in SNDCP, and not in LLC. So the LLC code is correct to only handle the non-L3. The behavioral difference (and possible bug) hence is in the SNDCP XID handling.
What we need is a pcap file showing request and response for both the modified and the unmodified code.
#13 Updated by laforge about 5 hours ago
- Status changed from Feedback to In Progress
Hi laforge Was that test case ever merged? Maybe we can reference it and then close this.
commit 2aaac1b1d1655732055e6ad5da5965fe94af33e5 Author: Harald Welte <email@example.com> Date: Thu May 2 10:02:53 2019 +0200 sgsn: Add initial XID handshake related tests Change-Id: I5d4b3cba2fe05dffe10c843f16cfec343bc67b5f
That commit includes a case with empty L3: TC_xid_empty_l3