Open Source Mobile Communications: Issueshttps://osmocom.org/https://osmocom.org/favicon.ico?16647414092016-02-19T22:51:57ZOpen Source Mobile Communications
Redmine Mobile (in)Security - Bug #1477 (New): RACH flood DoShttps://osmocom.org/issues/14772016-02-19T22:51:57Zlaforge
<p>On the RACH (part of the CCCH/BCCH), the number of RACH slots per unit of time is fixed. The maximum possible number of RACH slots with a single-timeslot CCCH is 200.</p>
<p>Furthermore, the number of available dedicated (control and traffic) channels is limited in any given cell.</p>
<p>As per the GSM specification, any newly-assigned dedicated channel has to stay assigned for 2 seconds, waiting for the MS to establish the radio link layer. Only after 2 seconds, the channel can be closed and re-used for other purposes.</p>
<p>If anyone can send more RACH requests (in 2 seconds) than the cell has dedicated channels, permanent resource exhaustion of dedicated channels will happen (in other words, a DoS).</p>
<p>As the RACH request can be hand-crafted by the attacker and sent at a timing chosen by the attacker, there is no possibility for the BTS to differentiate real from malicious RACH bursts.</p>
<p>This attack has been implemented in 2009 by Dieter Spaar, and has been publicly demonstrated at the Deepsec 2009 conference in Vienna.</p>
<p>Slides are available from <a class="external" href="http://www.mirider.com/GSM-DoS-Attack_Dieter_Spaar.pdf">http://www.mirider.com/GSM-DoS-Attack_Dieter_Spaar.pdf</a></p> Mobile (in)Security - Bug #1478 (New): IMSI DETACH DoShttps://osmocom.org/issues/14782016-02-19T22:51:57Zadmin
<p>In GSM networks that use the IMSI ATTACH/DETACH procedure, the IMSI DETACH message is not authenticated.</p>
<p>A malicious attacker knowing the IMSI or TMSI of a victim can thus send hand-crafted IMSI DETACH messages to a cell, causing the network to assume the MS is no longer present in the network.</p>
<p>This will effectively prevent the delivery of all mobile-terminated (MT) services, such as SMS, voice calls, CSD, ...</p>
<p>This flaw was first discovered in May 2010 by Sylvain Munaut.</p> SDR (Software Defined Radio) - Bug #1474 (New): USB Claim Interface Errorhttps://osmocom.org/issues/14742016-02-19T22:50:52Z
<p>Hello,</p>
<p>I have heard lots of good things about this code. I have currently tried it on Win7HP and <a class="wiki-page new" href="https://osmocom.org/projects/sdr/wiki/WinXPH">WinXPH</a> but in both cases I see the error below.</p>
<p>C:\SpectrumAnalyser>rtl_sdr /tmp/capture.bin -s 1.8e6 -f 392e6<br />Found 1 device(s):<br /> 0: ezcap USB 2.0 DVB-T/DAB/FM dongle</p>
<p>Using device 0: ezcap USB 2.0 DVB-T/DAB/FM dongle<br />usb_claim_interface error -12<br />Failed to open rtlsdr device #0.</p>
<p>C:\SpectrumAnalyser></p>
<p>----<br />Best regards, John.</p> SIMtrace 2 - Feature #1457 (New): Spacing between JTAG and JP1/JP2https://osmocom.org/issues/14572016-02-19T22:48:42Z
<p>On v1.0 and v1.1 the spacing between JTAG and JP1/JP2 (erase, test) could be higher. Right now the JTAGkey is a bit blocked by JP1/JP2.</p> OsmocomBB - Bug #1458 (New): AGC broken (strong cell cannot be syncedhttps://osmocom.org/issues/14582016-02-19T22:48:42Zlaforge
<p>There seems to be a problem when trying to sync to particularly strong cells, as we overload the input of the ADC.</p>
<p>As we're doing power measurements anyway, we need to use the received power level as input to the SCH and FCCH task and not start those with some default power level</p> SIMtrace 2 - Feature #1460 (New): include some version information / negotiation in the USB protocolhttps://osmocom.org/issues/14602016-02-19T22:48:42Zlaforge
<p>The host software needs a way to figure out the firmware version of the device.</p> OsmocomBB - Feature #1461 (Stalled): include some version information / negotiation in the L1CTL ...https://osmocom.org/issues/14612016-02-19T22:48:42Zlaforge
<p>The host software should have a way to determine the firmware build/version, as well as the enabled features (TX support or not, burst_ind, ...).</p> OsmocomBB - Bug #1462 (New): ../../src/utils.c:182:7: error: only weak aliases are supported in t...https://osmocom.org/issues/14622016-02-19T22:48:42Z
<p>Build fails on OSX Lion</p>
<p>bash-3.2# make<br />mkdir shared/libosmocore/build-target<br />cd shared/libosmocore/build-target && ../configure \<br /> --host=arm-elf --enable-embedded --disable-shared \<br /> --disable-tests ac_cv_header_sys_select_h=no \<br /> --disable-tests ac_cv_header_sys_socket_h=no \<br /> CFLAGS="-Os <del>ffunction-sections -I/Users/blombo/osmocom-bb/src/target/firmware/include -nostartfiles -nodefaultlibs" <br />configure: WARNING: if you wanted to set the --build type, don't use --host.<br /> If a cross compiler is detected then cross compile mode will be used<br />checking for a BSD-compatible install... /usr/bin/install -c<br />checking whether build environment is sane... yes<br />checking for arm-elf-strip... arm-elf-strip<br />checking for a thread-safe mkdir -p... ../install-sh -c -d<br />checking for gawk... no<br />checking for mawk... no<br />checking for nawk... no<br />checking for awk... awk<br />checking whether make sets $(MAKE)... yes<br />checking whether make sets $(MAKE)... (cached) yes<br />checking for arm-elf-gcc... arm-elf-gcc<br />checking whether the C compiler works... yes<br />checking for C compiler default output file name... a.out<br />checking for suffix of executables... <br />checking whether we are cross compiling... yes<br />checking for suffix of object files... o<br />checking whether we are using the GNU C compiler... yes<br />checking whether arm-elf-gcc accepts -g... yes<br />checking for arm-elf-gcc option to accept ISO C89... none needed<br />checking for style of include used by make... GNU<br />checking dependency style of arm-elf-gcc... gcc3<br />checking build system type... x86_64-apple-darwin11.2.0<br />checking host system type... arm-unknown-elf<br />checking how to print strings... printf<br />checking for a sed that does not truncate output... /usr/bin/sed<br />checking for grep that handles long lines and -e... /usr/bin/grep<br />checking for egrep... /usr/bin/grep -E<br />checking for fgrep... /usr/bin/grep -F<br />checking for ld used by arm-elf-gcc... /Volumes/Speicher/opt/local/arm-elf/bin/ld<br />checking if the linker (/Volumes/Speicher/opt/local/arm-elf/bin/ld) is GNU ld... yes<br />checking for BSD</del> or MS-compatible name lister (nm)... /opt/local/bin//arm-elf-nm <del>B<br />checking the name lister (/opt/local/bin//arm-elf-nm -B) interface... BSD nm<br />checking whether ln -s works... yes<br />checking the maximum length of command line arguments... 196608<br />checking whether the shell understands some XSI constructs... yes<br />checking whether the shell understands "+="... yes<br />checking how to convert x86_64-apple-darwin11.2.0 file names to arm-unknown-elf format... func_convert_file_noop<br />checking how to convert x86_64-apple-darwin11.2.0 file names to toolchain format... func_convert_file_noop<br />checking for /Volumes/Speicher/opt/local/arm-elf/bin/ld option to reload object files... -r<br />checking for arm-elf-objdump... arm-elf-objdump<br />checking how to recognize dependent libraries... unknown<br />checking for arm-elf-dlltool... no<br />checking for dlltool... no<br />checking how to associate runtime and link libraries... printf <span>s\n<br />checking for arm-elf-ar... arm-elf-ar<br />checking for archiver <code>FILE support... </code><br />checking for arm-elf-strip... (cached) arm-elf-strip<br />checking for arm-elf-ranlib... arm-elf-ranlib<br />checking command to parse /opt/local/bin//arm-elf-nm -B output from arm-elf-gcc object... ok<br />checking for sysroot... no<br />checking for arm-elf-mt... no<br />checking for mt... no<br />checking if : is a manifest tool... no<br />checking how to run the C preprocessor... arm-elf-gcc -E<br />checking for ANSI C header files... yes<br />checking for sys/types.h... yes<br />checking for sys/stat.h... yes<br />checking for stdlib.h... yes<br />checking for string.h... yes<br />checking for memory.h... yes<br />checking for strings.h... yes<br />checking for inttypes.h... yes<br />checking for stdint.h... yes<br />checking for unistd.h... yes<br />checking for dlfcn.h... no<br />checking for objdir... .libs<br />checking if arm-elf-gcc supports -fno-rtti -fno-exceptions... no<br />checking for arm-elf-gcc option to produce PIC... -fPIC -DPIC<br />checking if arm-elf-gcc PIC flag -fPIC -DPIC works... yes<br />checking if arm-elf-gcc static flag -static works... yes<br />checking if arm-elf-gcc supports -c -o file.o... yes<br />checking if arm-elf-gcc supports -c -o file.o... (cached) yes<br />checking whether the arm-elf-gcc linker (/Volumes/Speicher/opt/local/arm-elf/bin/ld) supports shared libraries... yes<br />checking dynamic linker characteristics... no<br />checking how to hardcode library paths into programs... immediate<br />checking whether stripping libraries is possible... yes<br />checking if libtool supports shared libraries... no<br />checking whether to build shared libraries... no<br />checking whether to build static libraries... yes<br />checking for ANSI C header files... (cached) yes<br />checking execinfo.h usability... no<br />checking execinfo.h presence... no<br />checking for execinfo.h... no<br />checking for sys/select.h... (cached) no<br />checking for sys/socket.h... (cached) no<br />checking syslog.h usability... no<br />checking syslog.h presence... no<br />checking for syslog.h... no<br />checking ctype.h usability... yes<br />checking ctype.h presence... yes<br />checking for ctype.h... yes<br />checking for size_t... yes<br />checking for working alloca.h... yes<br />checking for alloca... yes<br />checking for library containing dlopen... no<br />checking for doxygen... false<br />checking if arm-elf-gcc supports -fvisibility=hidden... yes<br />configure: creating ./config.status<br />config.status: creating libosmocore.pc<br />config.status: creating libosmocodec.pc<br />config.status: creating libosmovty.pc<br />config.status: creating libosmogsm.pc<br />config.status: creating include/osmocom/Makefile<br />config.status: creating include/osmocom/vty/Makefile<br />config.status: creating include/osmocom/codec/Makefile<br />config.status: creating include/osmocom/crypt/Makefile<br />config.status: creating include/osmocom/gsm/Makefile<br />config.status: creating include/osmocom/gsm/protocol/Makefile<br />config.status: creating include/osmocom/core/Makefile<br />config.status: creating include/Makefile<br />config.status: creating src/Makefile<br />config.status: creating src/vty/Makefile<br />config.status: creating src/codec/Makefile<br />config.status: creating src/gsm/Makefile<br />config.status: creating tests/Makefile<br />config.status: creating tests/timer/Makefile<br />config.status: creating tests/sms/Makefile<br />config.status: creating tests/msgfile/Makefile<br />config.status: creating tests/ussd/Makefile<br />config.status: creating tests/smscb/Makefile<br />config.status: creating tests/bits/Makefile<br />config.status: creating utils/Makefile<br />config.status: creating Doxyfile.core<br />config.status: creating Doxyfile.gsm<br />config.status: creating Doxyfile.vty<br />config.status: creating Doxyfile.codec<br />config.status: creating Makefile<br />config.status: creating config.h<br />config.status: executing depfiles commands<br />config.status: executing libtool commands<br />cd shared/libosmocore/build-target &x%x</span> make<br />make all-recursive<br />Making all in include<br />Making all in osmocom<br />Making all in codec<br />maker5: Nothing to be done for @all'.<br />Making all in crypt<br />maker5: Nothing to be done for @all'.<br />Making all in gsm<br />Making all in protocol<br />maker6: Nothing to be done for @all'.<br />maker6: Nothing to be done for @all-am'.<br />Making all in core<br /> SED ../../../../include/osmocom/core/crcXXgen.h.tpl -> crc8gen.h<br /> SED ../../../../include/osmocom/core/crcXXgen.h.tpl -> crc16gen.h<br /> SED ../../../../include/osmocom/core/crcXXgen.h.tpl -> crc32gen.h<br /> SED ../../../../include/osmocom/core/crcXXgen.h.tpl -> crc64gen.h<br />maker5: Nothing to be done for @all-am'.<br />maker4: Nothing to be done for @all-am'.<br />Making all in src<br />Making all in .<br /> CC timer.lo<br /> CC select.lo<br /> CC signal.lo<br /> CC msgb.lo<br /> CC bits.lo<br /> CC bitvec.lo<br /> CC statistics.lo<br />../../src/statistics.c: In function 'osmo_counter_get_by_name':<br />../../src/statistics.c:72:3: warning: implicit declaration of function 'strcmp' [-Wimplicit-function-declaration]<br /> CC write_queue.lo<br /> CC utils.lo<br />../../src/utils.c: In function 'get_value_string':<br />../../src/utils.c:33:2: warning: format '%x' expects argument of type 'unsigned int', but argument 4 has type 'uint32_t' [-Wformat]<br />../../src/utils.c: In function 'get_string_value':<br />../../src/utils.c:49:3: warning: implicit declaration of function 'strcasecmp' [-Wimplicit-function-declaration]<br /> CC socket.lo<br /> CC logging.lo<br />../../src/logging.c: In function 'log_parse_category_mask':<br />../../src/logging.c:168:2: warning: implicit declaration of function 'strdup' [-Wimplicit-function-declaration]<br />../../src/logging.c:168:15: warning: incompatible implicit declaration of built-in function 'strdup' [enabled by default]<br />../../src/logging.c:175:2: warning: implicit declaration of function 'strtok' [-Wimplicit-function-declaration]<br />../../src/logging.c:175:17: warning: assignment makes pointer from integer without a cast [enabled by default]<br />../../src/logging.c:178:4: warning: implicit declaration of function 'strstr' [-Wimplicit-function-declaration]<br />../../src/logging.c:178:18: warning: incompatible implicit declaration of built-in function 'strstr' [enabled by default]<br />../../src/logging.c:203:27: warning: assignment makes pointer from integer without a cast [enabled by default]<br />../../src/logging.c: In function '_file_output':<br />../../src/logging.c:433:2: warning: implicit declaration of function 'fprintf' [-Wimplicit-function-declaration]<br />../../src/logging.c:433:2: warning: incompatible implicit declaration of built-in function 'fprintf' [enabled by default]<br />../../src/logging.c:434:2: warning: implicit declaration of function 'fflush' [-Wimplicit-function-declaration]<br />../../src/logging.c: In function 'log_target_create_file':<br />../../src/logging.c:506:2: warning: implicit declaration of function 'fopen' [-Wimplicit-function-declaration]<br />../../src/logging.c:506:23: warning: assignment makes pointer from integer without a cast [enabled by default]<br />../../src/logging.c: In function 'log_target_find':<br />../../src/logging.c:530:4: warning: implicit declaration of function 'strcmp' [-Wimplicit-function-declaration]<br />../../src/logging.c: In function 'log_target_destroy':<br />../../src/logging.c:552:4: warning: implicit declaration of function 'fclose' [-Wimplicit-function-declaration]<br />../../src/logging.c: In function 'log_target_file_reopen':<br />../../src/logging.c:565:23: warning: assignment makes pointer from integer without a cast [enabled by default]<br /> CC logging_syslog.lo<br /> CC rate_ctr.lo<br />../../src/rate_ctr.c: In function 'rate_ctr_get_group_by_name_idx':<br />../../src/rate_ctr.c:153:3: warning: implicit declaration of function 'strcmp' [-Wimplicit-function-declaration]<br /> CC gsmtap_util.lo<br /> CC crc16.lo<br /> CC panic.lo<br /> CC backtrace.lo<br /> CC conv.lo<br /> CC application.lo<br /> CC rbtree.lo<br /> SED ../../src/crcXXgen.c.tpl -> crc8gen.c<br /> CC crc8gen.lo<br /> SED ../../src/crcXXgen.c.tpl -> crc16gen.c<br /> CC crc16gen.lo<br /> SED ../../src/crcXXgen.c.tpl -> crc32gen.c<br /> CC crc32gen.lo<br /> SED ../../src/crcXXgen.c.tpl -> crc64gen.c<br /> CC crc64gen.lo<br /> CCLD libosmocore.la<br />Making all in vty<br />maker4: Nothing to be done for @all'.<br />Making all in codec<br /> CC gsm610.lo<br /> CC gsm620.lo<br /> CC gsm660.lo<br /> CC gsm690.lo<br /> CCLD libosmocodec.la<br />Making all in gsm<br /> CC a5.lo<br /> CC rxlev_stat.lo<br /> CC tlv_parser.lo<br /> CC comp128.lo<br /> CC gsm_utils.lo<br />../../../src/gsm/gsm_utils.c: In function 'gsm_7bit_encode':<br />../../../src/gsm/gsm_utils.c:253:13: warning: variable 'z' set but not used [-Wunused-but-set-variable]<br /> CC rsl.lo<br /> CC gsm48.lo<br />../../../src/gsm/gsm48.c: In function 'gsm48_mi_to_string':<br />../../../src/gsm/gsm48.c:348:4: warning: format '%u' expects argument of type 'unsigned int', but argument 4 has type 'uint32_t' [-Wformat]<br /> CC gsm48_ie.lo<br /> CC gsm0808.lo<br /> CC sysinfo.lo<br /> CC gprs_cipher_core.lo<br /> CC gsm0480.lo<br />../../../src/gsm/gsm0480.c: In function 'parse_process_uss_req':<br />../../../src/gsm/gsm0480.c:405:7: warning: pointer targets in passing argument 1 of 'gsm_7bit_decode' differ in signedness [-Wpointer-sign]<br />../../../include/osmocom/gsm/gsm_utils.h:59:5: note: expected 'char <strong>' but argument is of type 'uint8_t *'<br /> CC abis_nm.lo<br /> CC gsm0502.lo<br /> CC gsm0411_utils.lo<br /> CC gsm0411_smc.lo<br /> CC gsm0411_smr.lo<br /> CC lapd_core.lo<br />../../../src/gsm/lapd_core.c: In function 'lapd_acknowledge':<br />../../../src/gsm/lapd_core.c:710:38: warning: variable 't200_start' set but not used [-Wunused-but-set-variable]<br />../../../src/gsm/lapd_core.c: In function 'lapd_rx_u':<br />../../../src/gsm/lapd_core.c:835:5: warning: implicit declaration of function 'memcmp' [-Wimplicit-function-declaration]<br /> CC lapdm.lo<br /> CCLD libosmogsm.la<br />Making all in tests<br />maker4: Nothing to be done for @all-am'.<br />Making all in utils<br />maker3: Nothing to be done for @all'.<br />maker3: Nothing to be done for @all-am'.<br />mkdir shared/libosmocore/build-host<br />cd shared/libosmocore/build-host && ../configure <br />checking for a BSD-compatible install... /usr/bin/install -c<br />checking whether build environment is sane... yes<br />checking for a thread-safe mkdir -p... ../install-sh -c -d<br />checking for gawk... no<br />checking for mawk... no<br />checking for nawk... no<br />checking for awk... awk<br />checking whether make sets $(MAKE)... yes<br />checking whether make sets $(MAKE)... (cached) yes<br />checking for gcc... gcc<br />checking whether the C compiler works... yes<br />checking for C compiler default output file name... a.out<br />checking for suffix of executables... <br />checking whether we are cross compiling... no<br />checking for suffix of object files... o<br />checking whether we are using the GNU C compiler... yes<br />checking whether gcc accepts -g... yes<br />checking for gcc option to accept ISO C89... none needed<br />checking for style of include used by make... GNU<br />checking dependency style of gcc... gcc3<br />checking build system type... x86_64-apple-darwin11.2.0<br />checking host system type... x86_64-apple-darwin11.2.0<br />checking how to print strings... printf<br />checking for a sed that does not truncate output... /usr/bin/sed<br />checking for grep that handles long lines and -e... /usr/bin/grep<br />checking for egrep... /usr/bin/grep -E<br />checking for fgrep... /usr/bin/grep -F<br />checking for ld used by gcc... /usr/bin/ld<br />checking if the linker (/usr/bin/ld) is GNU ld... no<br />checking for BSD</del> or MS-compatible name lister (nm)... /usr/bin/nm<br />checking the name lister (/usr/bin/nm) interface... BSD nm<br />checking whether ln -s works... yes<br />checking the maximum length of command line arguments... 196608<br />checking whether the shell understands some XSI constructs... yes<br />checking whether the shell understands "+="... yes<br />checking how to convert x86_64-apple-darwin11.2.0 file names to x86_64-apple-darwin11.2.0 format... func_convert_file_noop<br />checking how to convert x86_64-apple-darwin11.2.0 file names to toolchain format... func_convert_file_noop<br />checking for /usr/bin/ld option to reload object files... -r<br />checking for objdump... no<br />checking how to recognize dependent libraries... pass_all<br />checking for dlltool... no<br />checking how to associate runtime and link libraries... printf <span>s\n<br />checking for ar... ar<br />checking for archiver @FILE support... no<br />checking for strip... strip<br />checking for ranlib... ranlib<br />checking command to parse /usr/bin/nm output from gcc object... ok<br />checking for sysroot... no<br />checking for mt... no<br />checking if : is a manifest tool... no<br />checking for dsymutil... dsymutil<br />checking for nmedit... nmedit<br />checking for lipo... lipo<br />checking for otool... otool<br />checking for otool64... no<br />checking for -single_module linker flag... yes<br />checking for -exported_symbols_list linker flag... yes<br />checking for -force_load linker flag... yes<br />checking how to run the C preprocessor... gcc -E<br />checking for ANSI C header files... yes<br />checking for sys/types.h... yes<br />checking for sys/stat.h... yes<br />checking for stdlib.h... yes<br />checking for string.h... yes<br />checking for memory.h... yes<br />checking for strings.h... yes<br />checking for inttypes.h... yes<br />checking for stdint.h... yes<br />checking for unistd.h... yes<br />checking for dlfcn.h... yes<br />checking for objdir... .libs<br />checking if gcc supports -fno-rtti -fno-exceptions... no<br />checking for gcc option to produce PIC... -fno-common -DPIC<br />checking if gcc PIC flag -fno-common -DPIC works... yes<br />checking if gcc static flag -static works... no<br />checking if gcc supports -c -o file.o... yes<br />checking if gcc supports -c -o file.o... (cached) yes<br />checking whether the gcc linker (/usr/bin/ld) supports shared libraries... yes<br />checking dynamic linker characteristics... darwin11.2.0 dyld<br />checking how to hardcode library paths into programs... immediate<br />checking whether stripping libraries is possible... yes<br />checking if libtool supports shared libraries... yes<br />checking whether to build shared libraries... yes<br />checking whether to build static libraries... yes<br />checking for ANSI C header files... (cached) yes<br />checking execinfo.h usability... yes<br />checking execinfo.h presence... yes<br />checking for execinfo.h... yes<br />checking sys/select.h usability... yes<br />checking sys/select.h presence... yes<br />checking for sys/select.h... yes<br />checking sys/socket.h usability... yes<br />checking sys/socket.h presence... yes<br />checking for sys/socket.h... yes<br />checking syslog.h usability... yes<br />checking syslog.h presence... yes<br />checking for syslog.h... yes<br />checking ctype.h usability... yes<br />checking ctype.h presence... yes<br />checking for ctype.h... yes<br />checking for size_t... yes<br />checking for working alloca.h... yes<br />checking for alloca... yes<br />checking for library containing dlopen... none required<br />checking for doxygen... false<br />checking if gcc supports -fvisibility=hidden... yes<br />configure: creating ./config.status<br />config.status: creating libosmocore.pc<br />config.status: creating libosmocodec.pc<br />config.status: creating libosmovty.pc<br />config.status: creating libosmogsm.pc<br />config.status: creating include/osmocom/Makefile<br />config.status: creating include/osmocom/vty/Makefile<br />config.status: creating include/osmocom/codec/Makefile<br />config.status: creating include/osmocom/crypt/Makefile<br />config.status: creating include/osmocom/gsm/Makefile<br />config.status: creating include/osmocom/gsm/protocol/Makefile<br />config.status: creating include/osmocom/core/Makefile<br />config.status: creating include/Makefile<br />config.status: creating src/Makefile<br />config.status: creating src/vty/Makefile<br />config.status: creating src/codec/Makefile<br />config.status: creating src/gsm/Makefile<br />config.status: creating tests/Makefile<br />config.status: creating tests/timer/Makefile<br />config.status: creating tests/sms/Makefile<br />config.status: creating tests/msgfile/Makefile<br />config.status: creating tests/ussd/Makefile<br />config.status: creating tests/smscb/Makefile<br />config.status: creating tests/bits/Makefile<br />config.status: creating utils/Makefile<br />config.status: creating Doxyfile.core<br />config.status: creating Doxyfile.gsm<br />config.status: creating Doxyfile.vty<br />config.status: creating Doxyfile.codec<br />config.status: creating Makefile<br />config.status: creating config.h<br />config.status: executing depfiles commands<br />config.status: executing libtool commands<br />cd shared/libosmocore/build-host &x%x</span> make<br />make all-recursive<br />Making all in include<br />Making all in osmocom<br />Making all in vty<br />maker5: Nothing to be done for @all'.<br />Making all in codec<br />maker5: Nothing to be done for @all'.<br />Making all in crypt<br />maker5: Nothing to be done for @all'.<br />Making all in gsm<br />Making all in protocol<br />maker6: Nothing to be done for @all'.<br />maker6: Nothing to be done for @all-am'.<br />Making all in core<br /> SED ../../../../include/osmocom/core/crcXXgen.h.tpl -> crc8gen.h<br /> SED ../../../../include/osmocom/core/crcXXgen.h.tpl -> crc16gen.h<br /> SED ../../../../include/osmocom/core/crcXXgen.h.tpl -> crc32gen.h<br /> SED ../../../../include/osmocom/core/crcXXgen.h.tpl -> crc64gen.h<br />maker5: Nothing to be done for @all-am'.<br />maker4: Nothing to be done for @all-am'.<br />Making all in src<br />Making all in .<br /> CC timer.lo<br /> CC select.lo<br /> CC signal.lo<br /> CC msgb.lo<br /> CC bits.lo<br /> CC bitvec.lo<br /> CC statistics.lo<br /> CC write_queue.lo<br /> CC utils.lo<br />../../src/utils.c:182:7: error: only weak aliases are supported in this configuration<br />maker4: <b></strong> [utils.lo] Error 1<br />maker3: <strong></b> [all-recursive] Error 1<br />maker2: <b></strong> [all-recursive] Error 1<br />maker1: <strong></b> [all] Error 2<br />make: *</strong>* [shared/libosmocore/build-host/src/.libs/libosmocore.la] Error 2</p> SIMtrace 2 - Feature #1463 (New): Add VCC current sensing circuit for SPA & DPA attackshttps://osmocom.org/issues/14632016-02-19T22:48:42Z
<p>It would be pretty good to be able to sense current going to the SIM.</p>
<p>The simple idea is to measure current like this :</p>
<pre>
A B
o o
| |
pwr >----/\/\/\----> to SIM
|
=
|
#
</pre>
<ul>
<li>Ideally use a '4 wire' resistor to make sure you have precision measurement.</li>
<li>Choose value appropriately depending on a typical smart card power consumption.</li>
</ul>
<p>Now, I would include added circuitery to make measurements easier.<br />Because in the simple form there are a couple of issue:</p>
<p>First the signal is gonna be pretty small.<br />Second is that to measure the current across the resistor you can't just put the gnd of your probe on A and the tip on B. That's because the GND of the scope is connected to earth of the mains supply, which in turn is connected to the GND on the PC and so the GND of the simtrace ...</p>
<p>You can either:<br /> - Use two scope probe and use A - B function but this has often less functions that a single probe channel. Also if you only have a 2 channel scope you can't monitor anything else (like the clk line or something).<br /> - Simply probe one point: But then you have the supply noise added to your measurement noise and you don't have absolute values.<br /> - Use a differential probe: Great option ... if you have a couple more k$ to buy one.</p>
<p>So ... all of these suck.</p>
<p>We could have an difference amplifier onboard, however, finding one with multi-MHz bandwidth isn't trivial and they all need dual power rails.</p>
<p>(sorry for the rambling, I'm thinking while writing the ticket ...)</p>
<p>Note that since this feature in its more advanced form may involve expensive / complex components and only be used by very few people. so it could be mounted as a simple 0R with other pad left to be mounted manually by the interested parties.</p> Miscellaneous Projects - Bug #64 (New): osmo-bts-amp: 2.2uF capacitors next to PA need to be 0603...https://osmocom.org/issues/642016-02-19T22:47:33Zlaforge
<p>0805 capacitors are typically higher thant the PA module and would thus interfere with mounting it against a heatsink. Thus, we're using 0603 capacitors in 2.2uF, and the footprint can (and should) be shrinked from the current 0805</p> OsmoBSC - Bug #68 (New): ipaccess-config should work with -u ID -o IP -r BTS_IPhttps://osmocom.org/issues/682016-02-19T22:47:33Z
<p>Right now setting both the unit id and the OML address does not work. The BTS is restarted after the first ack. There should be some kind of job queue.. or at least an ACK counter.</p> OsmoBSC - Bug #69 (New): No timers for various callshttps://osmocom.org/issues/692016-02-19T22:47:33Z
<p>Testing with the <a class="wiki-page new" href="https://osmocom.org/projects/osmobsc/wiki/FakeBTS">FakeBTS</a> has shown various issues. This could be split into several tickets if we ever start to do something about it:</p>
<p>1.) It is possible to send MDCX without a CRCX (in case the bts/ms does not respond to the channel mode modify)</p>
<p>2.) Not sending mode modify ack from the BTS triggers T10 but the channel is not taken down.</p> OsmoNITB - Bug #70 (New): nitb crashes in the rtp_proxy when a phone on a MT-call sends a 'CONNEC...https://osmocom.org/issues/702016-02-19T22:47:33Z
<p>Using the <a class="wiki-page new" href="https://osmocom.org/projects/osmonitb/wiki/FakeBTS">FakeBTS</a> it is possible to crash nitb on a MT-call. It appears to that if the MS sends a CALL CONFIRMED and then a CONNECT the rtp_socket is not fully setup and when one attempts to bridge them we have a crash.</p> OsmoNITB - Bug #72 (New): struct gsm_call can leak..https://osmocom.org/issues/722016-02-19T22:47:33Z
<p>During BTS testing I saw that gsm_call appears to be leaked.</p>
<p>Setup:<br />sysmoBTS... configure the bind IP wrongly so the CRCX will be NACKED..</p>
<p>Place a call to an unattached subscriber. Hangup immediately after placing the call, sometimes wait for the network error indication. This was tested with a E71.</p>
<pre>
gsm_call contains 560 bytes in 29 blocks (ref 0) 0x865d318
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x87c7040
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x8711a90
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x87c7428
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x8781168
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x8716218
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x8711ea8
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x87c9d28
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x87aed50
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x87819e0
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x8711c28
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x8711f28
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x8713a20
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x87139d8
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x8713990
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x8713948
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x8716e88
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x8716e40
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x8716df8
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x8787668
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x872b1d8
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x8781da0
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x8716090
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x8713b90
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x872bf70
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x8713a98
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x8716048
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x87289c8
struct gsm_call contains 20 bytes in 1 blocks (ref 0) 0x8711fe8
</pre> OsmoBSC - Bug #73 (New): Kill the paging_init_if_needed method in paging.chttps://osmocom.org/issues/732016-02-19T22:47:33Z
<p>We should call this function after the bts is created. This needs to work even when adding BTS during the runtime of the application.</p> OsmoMSC - Bug #41 (New): Numbering Plan in OsmoMSChttps://osmocom.org/issues/412016-02-19T22:47:32Z
<p>What is the numbering for the extension? E.g. our subscriber code works with subscr_get_by_extension(...) but we treat all extensions the same. E.g. we ignore the Type of the Number and the Numbering Plan.</p>
<p>Also storing an extension number with '+' as subscriber 1 and then trying to send SMS will create a malformed SMS.</p> OsmoSGSN - Bug #44 (New): TLLI clash possiblehttps://osmocom.org/issues/442016-02-19T22:47:32Z
<p>When we look-up the LLC-LLE we will convert from Foreign to Local TLLI and this might cause a 'clash' (in case a public net has allocated the same P-TMSI as we allocate).</p>
<p>We should somehow use the 'full' TLLI for look-up and remember why/how we created the LLC-LLE (in case of different life-time) and maybe (if possible) assign a new TLLI (probably not possible).</p>
<p>The probability of this event to happen is quite low.</p> OsmoNITB - Bug #48 (New): Periodic timer and paginghttps://osmocom.org/issues/482016-02-19T22:47:32Z
<p>We set the lac to invalid in case paging fails but this should be co-ordinated with periodic LU. Right now we 'purge' it from the VLR.</p> OsmoNITB - Bug #54 (New): osmo-nitb keeps rtp-proxy socket open in case no DLCX_IND is senthttps://osmocom.org/issues/542016-02-19T22:47:32Z
<p>sysmobts was sending a wrong DLCX IND, this kept the rtp proxy socket open, on second call the code sends a MDCX early on.</p> OsmoBTS - Bug #57 (New): sysmobts L1 is not properly closed, DSP firmware reload is requiredhttps://osmocom.org/issues/572016-02-19T22:47:32Zlaforge
<p>We should investigate what is not properly closed and try to make it work again without requiring DSP firmware reload before osmo-bts restart</p> OsmoBTS - Feature #61 (New): osmo-bts: split TRAU/RTP frame handling into separate processhttps://osmocom.org/issues/612016-02-19T22:47:32Zlaforge
<p>it would be great to only deal with signalling inside the osmo-bts process, pushing all RTP/TCH handling into a separate process similar to a media gateway.</p>
<p>The main process then just sends control commands to the RTP/TCH process, particularly once the BSC instructs us to change/bind/connect the RTP socket related settings.</p>
<p>Our sysmobts L1 can already put the TCH related messages into a separate queue, keeping control with the main queue.</p> OsmoNITB - Bug #21 (New): we don't see CHANnel ReQireD from motorola EZX phones at call setuphttps://osmocom.org/issues/212016-02-19T22:47:31Zlaforge
<p>This is very weird. The EZX phones like E6, A1200, etc. can do a successful LOCATION UPDATING procedure, but after they are registered they can only process incoming calls.</p>
<p>so paging request is working, and the channel request procedure is working as part of the paging request and the location updating.</p>
<p>IF you want to start a MO call, we never see any channel required (i.e. RACH burst).</p> OsmoMSC - Feature #25 (New): Call HOLD / RETRIEVE support for internal MNCChttps://osmocom.org/issues/252016-02-19T22:47:31Zlaforge
<p>We don't do HOLD/RETRIEVE of calls so far.</p> OsmoNITB - Bug #28 (New): Old siemens phones cannot make voice calls (04.08 channel mode)https://osmocom.org/issues/282016-02-19T22:47:31Zlaforge
<p>Some older Siemens phones, notably the S11, implicitly reject the 04.08 CHANNEL MODE MODIFY from signalling to VOICE mode, thus all<br />voice calls fail.</p>
<p>Either they do not support very early assignment, or we are sending the mode modify a bit too soon for their state machines.</p> OsmoSGSN - Feature #33 (New): real LLC implementation with fragmentation and re-transmissionshttps://osmocom.org/issues/332016-02-19T22:47:31Zlaforge
<p>real LLC implementation with fragmentation and re-transmissions</p> OsmoBSC - Bug #34 (New): ipaccess init code needs proper state machineshttps://osmocom.org/issues/342016-02-19T22:47:31Z
<p>The BSC Init code should be changed from reacting to BTS events to actively driving the bring up and having a state (e.g. to know which message didn't arrive). Each ACK/NACK should trigger a state transition in the bringup.</p>
<p>The difficult part is to make it work across firmware versions and models.</p> OsmoNITB - Bug #37 (New): RTP Proxy dealing with SSRC change and sequence numbershttps://osmocom.org/issues/372016-02-19T22:47:31Z
<p>The rtp_proxy.c code should detect if the SSRC of the input is changing and only then determine the difference in sequence numbers. It should also not try to change the presentation time of one sample to make up the lost ones.</p> OsmoNITB - Bug #38 (New): subscr_update should sync database before dispatching the signalhttps://osmocom.org/issues/382016-02-19T22:47:31Z
<p>The subscr_update routine should synchronize the database before dispatching the signal. Right now the db code to find unset SMS will fail if a given subscriber is not attached and then re-attaches to the network.</p> OsmoBSC - Feature #39 (New): Logging filter on bts/trx or suchhttps://osmocom.org/issues/392016-02-19T22:47:31Z
<p>Be able to filter messages for a certain BTS/GSM/TRX...</p> OsmoNITB - Feature #18 (New): store last location identity to databasehttps://osmocom.org/issues/182016-02-19T22:47:30Zlaforge
for every location update request we get, we should store the info in the db:
<ul>
<li>the previous TMSI, if it is contained</li>
<li>the mnc/mcc/location area of the previous registration</li>
<li>a timestamp</li>
</ul>
<p>it would be great to introduce a new table for this, so we can store any number of those events<br />for any given IMEI and thus create a history.</p>